一、前言
关于roles的介绍
roles能够根据层次型结构自动装在变量文件、tasks以及handlers等。要使用roles只需要在playbook中使用 include指令即可。简单来讲,roles就是通过分别将变量、文件、任务、模板及处理器放置于单独的目录中,并可以便捷地include它们的一种 机制。角色一般用于基于主机构建服务的场景中,但也可以是用于构建守护进程等场景中。
在某些复杂的场景中建议使用roles,代码复用度高:
1. 变更指定主机或主机组
2. 如 命名不规范维护和传承成本大
3. 某些功能需多个Playbook,通过includes即可实现
上一篇博客是关于playbooks的使用以及练习,相信可以体会到playbooks中,将所有的操作于模块全放到一个文件中,显得很乱,此时就有了roles。
其实roles的作用就相当于将playbook拆分成一个个分开的文件,显示的更有结构化
roles目录结构及其作用
每个角色,以特定的层级目录结构进行组织
roles/project/ # 项目名称,有以下子目录
tasks/ # 定义task,role的基本元素,至少应该包含一个名为main.yml的文件;其它的文件需要在此文件中通过include进行包含
files/ # 存放由copy或script模块等调用的文件
vars/ # 定义变量,至少应该包含一个名为main.yml的文件;其它的文件需要在此文件中通过include进行包含
templates/ # template模块查找所需要模板文件的目录
handlers/ # 至少应该包含一个名为main.yml的文件;其它的文件需要在此文件中通过include进行包含
default/ # 设定默认变量时使用此目录中的main.yml文件
meta/ # 定义当前角色的特殊设定及其依赖关系,至少应该包含一个名为main.yml的文件,其它文件需在此文件中通过include进行包含main.yml主文件,是程序的入口文件
画外音~~~
vim 批量处理文本信息:
ctrl+v --> 大写i -->需要批量添加的内容 -->Esc二、roles的创建过程----以httpd为例子
碎碎念~~
.j2表示模板
src不用写路径,因为默认在template中存储
files中存放那个专门的静态文件
template存储模板
notify: restart httpd 触发器角色的优先级比playbook的高
1、准备工作,接ansible第一篇博客
扫描二维码关注公众号,回复:
8712591 查看本文章
2、创建角色目录
[devops@server1 ansible]$ cat hosts
[server]
172.25.28.1
[seb]
172.25.28.2
[db]
172.25.28.3
[devops@server1 ansible]$ mkdir roles #创建角色目录
[devops@server1 ansible]$ vim ansible.cfg #将目录放到默认读取路径下
[defaults]
inventory = ./hosts
roles_path =./roles #新添加这个目录
[privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=False可以展示列出的角色:
[devops@server1 ansible]$ pwd
/home/devops/ansible
[devops@server1 ansible]$ ansible-galaxy list #列出角色
# /home/devops/ansible/roles自动初始化生成角色以及文件(当然也可以自己创建)
[devops@server1 ansible]$ ls
ansible.cfg hosts roles
[devops@server1 ansible]$ cd roles/
[devops@server1 roles]$ ansible-galaxy init apache #自动初始化生成角色以及文件
- Role apache was created successfully
此时可以看到刚才创建的角色
[devops@server1 roles]$ cd ..
[devops@server1 ansible]$ ansible-galaxy list #查看角色
# /home/devops/ansible/roles
- apache, (unknown version)
[devops@server1 apache]$ ls
defaults files handlers meta README.md tasks templates vars
sudo的作用:root用户的操作时,又不想切换回去,此时使用sudo + 命令,可以使用root用户之后执行,并且不切换回去
查看树形结构
[devops@server1 apache]$ sudo yum install tree -y
接下来对创建的角色文件进行编辑:
1、先编辑task
[devops@server1 tasks]$ pwd
/home/devops/ansible/roles/apache/tasks
[devops@server1 tasks]$ ls
main.yml
[devops@server1 tasks]$ vim main.yml[devops@server1 roles]$ cat apache/tasks/main.yml
---
- name: install apache
yum:
name: httpd
state: present
- name: config apache
template:
src: httpd.conf
dest: /etc/httpd/conf/httpd.conf
notify: restart httpd
- name: start apache
service:
name: httpd
state: started
- name: copy index.html
copy:
src: index.html
dest: /var/www/html/index.html由于tasks文件里有写默认发布目录,所以在files中编写index.html
[devops@server1 files]$ pwd
/home/devops/ansible/roles/apache/files
[devops@server1 files]$ cat index.html
Hello world~~~~2、编写触发器:(关于触发器:其实就相当于一个函数,通过task 中的notify接口来调用触发器的内容)
[devops@server1 apache]$ cd handlers/
[devops@server1 handlers]$ ls
main.yml
[devops@server1 apache]$ cd handlers/
[devops@server1 handlers]$ ls
main.yml
[devops@server1 handlers]$ cat main.yml
---
# handlers file for apache
- name: restart httpd
service:
name: httpd
state: restarted
[devops@server1 handl3、编辑模板文件:
[devops@server1 ~]$ cd ansible/
[devops@server1 ansible]$ ls
ansible.cfg hosts roles
[devops@server1 ansible]$ cd roles/apache/templates/
#先从有httpd服务的主机上copy一个httpd的配置文件
[devops@server1 templates]$ scp 172.25.28.2:/etc/httpd/conf/httpd.conf .
httpd.conf 100% 11KB 5.9MB/s 00:00
[devops@server1 templates]$ ls
httpd.conf
#生成模板文件
[devops@server1 templates]$ cp httpd.conf httpd.conf.j2
[devops@server1 templates]$ ls
httpd.conf httpd.conf.j24、编写存放变量的文件:
[devops@server1 apache]$ cd vars/
[devops@server1 vars]$ ls
main.yml
[devops@server1 apache]$ cat vars/main.yml
---
# vars file for apache
http_host: "{{ ansible_hostname }}"
#注意:变量用双引号引起来 ,在这里主机引用变量,端口号,在playboos中定义~~~
查看创建好的角色:
[devops@server1 roles]$ ansible-galaxy list
# /usr/share/ansible/roles
# /etc/ansible/roles
[WARNING]: - the configured path /home/devops/.ansible/roles does not exist.失败~~
得在和roles同级别的目录上看,下边的成功~~~~
[devops@server1 roles]$ cd ..
[devops@server1 ansible]$ ansible-galaxy list #得在和roles同级别的目录上看
# /home/devops/ansible/roles
- apache, (unknown version)角色创建好后,今后针对不同的需要,进行编写playbook文件就行
[devops@server1 ansible]$ vim apache.yml
[devops@server1 ansible]$ cat apache.yml
---
- hosts: web
vars:
- http_port: 8080
roles:
- apache注意:在这里,端口号进行自己定义
执行playbook:
[devops@server1 ansible]$ ansible-playbook apache.yml
[WARNING]: Could not match supplied host pattern, ignoring: web
PLAY [web] *********************************************************************
skipping: no hosts matched
PLAY RECAP *********************************************************************
[devops@server1 ansible]$ ls
ansible.cfg apache.yml hosts roles
[devops@server1 ansible]$ vim hosts
[devops@server1 ansible]$ ansible-playbook apache.yml
PLAY [web] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [172.25.28.2]
TASK [apache : install apache] *************************************************
ok: [172.25.28.2]
TASK [apache : config apache] **************************************************
ok: [172.25.28.2]
TASK [apache : start apache] ***************************************************
ok: [172.25.28.2]
TASK [apache : copy index.html] ************************************************
changed: [172.25.28.2]
PLAY RECAP *********************************************************************
172.25.28.2 : ok=5 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 进行检测,默认发布目录,成功~~~~
三、部署zabbix
部署zabbix,由于由三部分组成,所以分为角色来创建。
hosts:
[devops@server1 ansible]$ cat hosts
[server]
172.25.28.2
[web]
172.25.28.3
[db]
172.25.28.1
[zabbix:children]
db
server
web
1、maridb角色的编写
[devops@server1 roles]$ ansible-galaxy init mariadb
- Role mariadb was created successfully
[devops@server1 roles]$ cd mariadb/
[devops@server1 mariadb]$ rm -rf tests/
[devops@server1 mariadb]$ ls
defaults files handlers meta README.md tasks templates vars
[devops@server1 mariadb]$ vim tasks/main.yml
tasks:
[devops@server1 mariadb]$ cat tasks/main.yml
---
- name: install mariadb
yum:
name: mariadb-server,MySQL-python
state: present
- name: config mariadb
copy:
src: my.cnf
dest: /etc/my.cnf
notify: restart mariadb
- name: start mariadb server
service:
name: mariadb
state: started
- name: create database
mysql_db:
name: zabbix
state: present
notify: import database
- name: create zabbix user
mysql_user:
name: zabbix
hosts: '%'
password: zabbix
privL 'zabbix.*:ALL'
state: present
触发器文件
[devops@server1 mariadb]$ cat handlers/main.yml
---
# handlers file for mariadb
- name: restart mariadb
service:
name: mariadb
state: restarted
- name: import database
mysql_db:
name: zabbix
state: import
target: /tmp/create.sql.gz
配置本地yum源,将zabbix-server-mysql的配置文件传到server上
[root@server2 yum.repos.d]# cat zabbix.repo
[zabbix]
name:zabbix 4.0
baseurl=http://172.25.28.250/4.0
gpgcheck=0
[root@server2 yum.repos.d]# cat yum.repo
[rhel7.5]
baseurl=http://172.25.28.250/iso
gpgcheck=0
name=rhel7.5
[root@server2 yum.repos.d]# yum install -y zabbix-server-mysql
[root@foundation28 4.0]# pwd
/var/www/html/4.0
[root@foundation28 4.0]# ls
fping-3.10-1.el7.x86_64.rpm
iksemel-1.4-2.el7.centos.x86_64.rpm
php-5.4.16-46.el7.x86_64.rpm
php-bcmath-5.4.16-42.el7.x86_64.rpm
php-bcmath-5.4.16-46.el7.x86_64.rpm
php-cli-5.4.16-46.el7.x86_64.rpm
php-common-5.4.16-46.el7.x86_64.rpm
php-gd-5.4.16-46.el7.x86_64.rpm
php-ldap-5.4.16-46.el7.x86_64.rpm
php-mbstring-5.4.16-42.el7.x86_64.rpm
php-mbstring-5.4.16-46.el7.x86_64.rpm
php-mysql-5.4.16-46.el7.x86_64.rpm
php-pdo-5.4.16-46.el7.x86_64.rpm
php-xml-5.4.16-46.el7.x86_64.rpm
repodata
zabbix-agent-4.0.5-1.el7.x86_64.rpm
zabbix-get-4.0.5-1.el7.x86_64.rpm
zabbix-java-gateway-4.0.5-1.el7.x86_64.rpm
zabbix-proxy-mysql-4.0.5-1.el7.x86_64.rpm
zabbix-sender-4.0.5-1.el7.x86_64.rpm
zabbix-server-mysql-4.0.5-1.el7.x86_64.rpm
zabbix-web-4.0.5-1.el7.noarch.rpm
zabbix-web-mysql-4.0.5-1.el7.noarch.rpm
[root@foundation28 4.0]# createrepo .
Spawning worker 0 with 6 pkgs
Spawning worker 1 with 6 pkgs
Spawning worker 2 with 5 pkgs
Spawning worker 3 with 5 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
[root@server2 yum.repos.d]# cd /usr/share/doc/
[root@server2 doc]# cd zabbix-server-mysql-4.0.5/
[root@server2 zabbix-server-mysql-4.0.5]# ls
AUTHORS ChangeLog COPYING create.sql.gz NEWS README
[root@server2 zabbix-server-mysql-4.0.5]# ll create.sql.gz
-rw-r--r-- 1 root root 1310611 Feb 25 2019 create.sql.gz
[root@server2 zabbix-server-mysql-4.0.5]# scp create.sql.gz 172.25.28./home/devops/ansible/roles/mariadb/files
[email protected]'s password:
create.sql.gz 100% 1280KB 3.3MB/s 00:00 配置数据库字符集:
[devops@server1 mariadb]$ cp /etc/my.cnf files/
[devops@server1 mariadb]$ cd files/
[devops@server1 files]$ ls
create.sql.gz my.cnf
[devops@server1 files]$ vim my.cnf
[devops@server1 files]$ cat my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
# Settings user and group are ignored when systemd is used.
# If you need to run mysqld under a different user or group,
# customize your systemd unit file for mariadb according to the
# instructions in http://fedoraproject.org/wiki/Systemd
character_set_server=utf8
[mysqld_safe]
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
#
# include all files from the config directory
#
!includedir /etc/my.cnf.d
mariadb写好后,可以先zabbix.yml文件测试一下:
[devops@server1 ansible]$ cat zabbix.yml
---
- hosts: zabbix
roles:
- role: mariadb
when: ansible_hostname == "server1"
