一、关于playbook
1、引入playbook的概念:
虽然ansible可以同时操作很多个主机,但是如果有些命令可以批量执行,而不用一条一条的打的话其实会更加理想,而ansible的playbook就提供了这样的功能,它其实也是一种类型的脚本,核心元素有这几个:
- 1、Tasks <wbr>: 任务
- 2、varibales :变量
- 3、Templates:模板
- 4、Handlers:触发器
- 5、Roles:规则
而它的代码组织格式为YAML,它是一种编程语言,诞生于2001年,类似于xml这种半结构化语句,但是它并不需要那么多标签,所以很适合用于配置。
2、playbook的语法
playbook由YMAL语言编写,以下为playbook常用到的YMAL格式:
(1)文件的第一行应该以"—"三个连字符开始,表明YMAL文件的开始。
(2)在同一行中,#之后的内容表示注释,类似于shell,python和ruby。
(3)YMAL中的列表元素以”-”开头然后紧跟着一个空格,同一个列表中的元素应该保持相同的缩进:
(4)一个字典是由一个简单的 键: 值 的形式组成(这个冒号后面必须是一个空格),字典也可以使用缩进形式来表示
3、Tasks 列表
Play的主体部分是task列表,task列表中的各任务按次序逐个在hosts中指定的主机上执行,
即在所有主机上完成第一个任务后再开始第二个任务。
如果一个host执行task失败,整个tasks都会回滚。
每一个task必须有一个名称name,这样在运行playbook时,从其输出的任务执行信息中可以很好的辨别出是属于哪一个task的。
tasks:
- name: install apache #定义任务名
4、执行.yml文件
# ansible-playbook apache.yml 直接执行
# ansible-playbook apache.yml --syntax-check #检查yaml文件的语法是否正确
# ansible-playbook apache.yml --list-task #检查tasks任务
# ansible-playbook apache.yml --list-hosts #检查生效的主机
# ansible-playbook a.yml --start-at-task="启动apache服务" #指定从某个task开始运行
二、设置在.yml文件中Tab键为两个空格
这是.yml文件的格式要求
[devops@server1 ~]# cat .vimrc #只在当前用户下设置tab为两个空格
autocmd filetype yaml setlocal ai ts=2 sw=2 et
或者在全局中设置tab为两个空格
[devops@server1 ~]# su
[su@server1 ~]# vim .vimrc
文件最后一行加上:
autocmd filetype yaml setlocal ai ts=2 sw=2 et三、playbook安装httpd服务
1、编辑剧本文件
[devops@server1 ansible]$ cat httpd.yml
---
- hosts: test #被控主机
tasks: #任务
- name: install apache #执行的操作
yum:
name: httpd
state: present
- name: start apache
service:
name: httpd
state: started
enabled: yes
- name: createa index.html #由于由copy模块,所以和改剧本一样的目录下,应有idex.html文件
copy:
src: index.html
dest: /var/www/html/index.html
- name: start firewalld
service:
name: firewalld
state: started
enabled: yes
- name: config firewalld
firewalld:
service: http
state: enabled
permanent: yes
immediate: yes查看剧本任务列表:
[devops@server1 ansible]$ ansible-playbook httpd.yml --list-tasks
playbook: httpd.yml
play #1 (test): test TAGS: []
tasks:
install apache TAGS: []
start apache TAGS: []
createa index.html TAGS: []
start firewalld TAGS: []
config firewalld TAGS: []
查看剧本hosts主机列表:
[devops@server1 ansible]$ ansible-playbook httpd.yml --list-hosts
playbook: httpd.yml
play #1 (test): test TAGS: []
pattern: [u'test']
hosts (1):
172.25.58.2
2、发布剧本文件
[devops@server1 ansible]$ ansible-playbook httpd.yml --syntax-check #进行语法检查
[devops@server1 ansible]$ ansible-playbook httpd.yml #进行发布看是否成功,没有成功看相应的模块是否正确,然后进行修改即可
[devops@server1 ansible]$ curl http://172.25.58.2
hi~~~~
3、进行修改
建立目录以及准备好配置文件:
[devops@server1 ansible]$ mkdir files
[devops@server1 ansible]$ cd files/
[devops@server1 files]$ scp [email protected]:/etc/httpd/conf/httpd.conf .
[email protected]'s password:
httpd.conf 100% 11KB 11.5KB/s 00:00
[devops@server1 files]$ ls
httpd.conf
[devops@server1 files]$ cd ..
[devops@server1 ansible]$ vim httpd.yml
[devops@server1 ansible]$ ansible-playbook httpd.yml --syntax-check
[devops@server1 ansible]$ ansible-playbook httpd.yml[devops@server1 ansible]$ cat httpd.yml
---
- hosts: test
tasks:
- name: install apache
yum:
name: httpd
state: present
- name: start apache
service:
name: httpd
state: started
enabled: yes
- name: createa index.html
copy:
src: index.html
dest: /var/www/html/index.html
- name: configure httpd #以files/目录下的文件为模板,给server3复制,并设置权限
copy:
src: files/httpd.conf
dest: /etc/httpd/conf/httpd.conf
owner: root
group: root
mode: 644
- name: start firewalld #开启防火墙
service:
name: firewalld
state: started
enabled: yes
- name: config firewalld #将httpd添加道防火墙中
firewalld:
service: http
state: enabled
permanent: yes
immediate: yes
handlers: #触发器
- name: restart httpd
service:
name: httpd
state: restarted
我们可以采用文件的md5码来判断是否是同样的内容:
[root@server2 ~]# md5sum /etc/httpd/conf/httpd.conf
f5e7449c0f17bc856e86011cb5d152ba /etc/httpd/conf/httpd.conf
[devops@server1 ansible]$ md5sum files/httpd.conf
f5e7449c0f17bc856e86011cb5d152ba files/httpd.conf4、编写触发器,实现文件更改则重启服务
其实触发器类似于c语言中函数的调用
添加handlers:
handlers:
- name: restart httpd
service:
name: httpd
state: restarted更改files目录下的httpd.conf文件,运行文件,在test主机上检测,是否生效
[devops@server1 ansible]$ vim files/httpd.conf
42 Listen 8080四、palybookes安装zabbix监控
1、基础配置
[devops@server1 ansible]$ pwd
/home/devops/ansible
[devops@server1 ansible]$ cat hosts
[db]
172.25.58.1
[server]
172.25.3.2
[web]
172.25.58.3
[agent:children]
web
server
[zabbix:children]
db
server
web
2、files的准备
[devops@server1 ansible]$ cd zabbix/
[devops@server1 zabbix]$ pwd
/home/devops/ansible/zabbix
[devops@server1 zabbix]$ ls
create.sql.gz my.cnf zabbix.conf
deplay.yml zabbix_agented.conf.j2 zabbix_server.conf
[devops@server1 zabbix]$ vim zabbix_agented.conf.j2
98 Server=172.25.58.2
139 ServerActive=172.25.58.2
150 Hostname={{ ansible_hostname }}
[devops@server1 zabbix]$ vim zabbix.conf
20 php_value date.timezone Asia/Shanghai
[devops@server1 zabbix]$ vim my.cnf #配置数据库的字符集
10 character_set_server=utf8
[devops@server1 zabbix]$ vim zabbix_server.conf
124 DBPassword=zabbix
3、yml文件的编辑
进行ynml文件编辑前,需要明确zabbix监控的安装需要几个部分组成:
分别是:数据库模块,zabbix-server,zabbix-web,以及zabbix-agent四个模块。
[devops@server1 zabbix]$ vim deplay.yml
[devops@server1 zabbix]$ cat deplay.yml
---
- hosts: db ##数据库服务器
tasks:
- name: install mariadb #安装mariadb
yum:
name: mariadb-server,MySQL-python
state: present
- name: config mariadb #配置数据库文件
copy:
src: my.cnf
dest: /etc/my.cnf
notify: restart mariadb
- name: start mariadb #启动数据库
service:
name: mariadb
state: started
- name: create database zabbix #创建数据库
mysql_db:
login_user: root
login_password: westos
name: zabbix
state: present
- name: create user #创建用户
mysql_user:
login_user: root
login_password: westos
name: zabbix
password: zabbix
host: "%"
priv: "zabbix.*:ALL"
state: present
- name: copy create.sql
copy:
src: create.sql.gz
dest: /tmp/create.sql.gz
- name: import create.sql
mysql_db:
login_user: root
login_password: westos
name: zabbix
state: import
target: /tmp/create.sql.gz
- hosts: server ##zabbix-server服务端
tasks:
- name: add zabbix repo
yum_repository:
name: zabbix
description: zabbix 4.0
baseurl: https://mirrors.aliyun.com/zabbix/zabbix/4.0/rhel/7/x86_64/
gpgcheck: no
- name: add update repo
yum_repository:
name: update
description: non-supported
baseurl: https://mirrors.aliyun.com/zabbix/non-supported/rhel/7/x86_64/
gpgcheck: no
- name: install zabbix-server
yum:
name: zabbix-server-mysql,zabbix-agent
state: present
- name: config zabbix-server
copy:
src: zabbix_server.conf
dest: /etc/zabbix/zabbix_server.conf
owner: root ##所有人
group: zabbix ##所有组
mode: 640 ##文件权限
notify: restart zabbix-server
- name: start zabbix-server
service:
name: "{{ item }}"
state: started
loop:
- zabbix-server
- zabbix-agent
handlers:
- name: restart zabbix-server
service:
name: zabbix-server
state: restarted
- hosts: web ##web前端页面
tasks:
- name: add zabbix repo
yum_repository:
name: zabbix
description: zabbix 4.0
baseurl: https://mirrors.aliyun.com/zabbix/zabbix/4.0/rhel/7/x86_64/
gpgcheck: no
- name: add update repo #更新仓库
yum_repository:
name: update
description: non-supported
baseurl: https://mirrors.aliyun.com/zabbix/non-supported/rhel/7/x86_64/
gpgcheck: no
- name: add centos repo #配置centos的镜像龙库
yum_repository:
name: centos
description: centos 7
baseurl: https://mirrors.aliyun.com/centos/7/os/x86_64/
gpgcheck: no
- name: install zabbix-web #安装zabbix的web界面
yum:
name: zabbix-web-mysql,httpd
state: present
- name: config zabbix-web #配置zabbix的web界面
copy:
src: zabbix.conf
dest: /etc/httpd/conf.d/zabbix.conf
notify: restart httpd
- name: start httpd
service:
name: httpd
state: started
handlers: #触发器,功能:重启httpd
- name: restart httpd
service:
name: httpd
state: restarted
- hosts: agent ##zabbix-agent代理端
tasks:
- name: add zabbix repo #创建镜像仓库
yum_repository:
name: zabbix
description: zabbix 4.0
baseurl: https://mirrors.aliyun.com/zabbix/zabbix/4.0/rhel/7/x86_64/
gpgcheck: no
- name: install zabbix-agent #安装zabbix-agent
yum:
name: zabbix-agent
state: present
- name: config zabbix-agent #配置zabbix的配置文件
template:
src: zabbix_agented.conf.j2
dest: /etc/zabbix/zabbix_agentd.conf
owner: root
group: root
mode: 644
notify: restart zabbix-agent
- name: start zabbix-agent
service:
name: zabbix-agent
state: started
handlers: #触发器,功能是重启zabbix代理
- name: restart zabbix-agent
service:
name: zabbix-agent
state: restarted
