Integrated Architecture batch management services --ansible
00. The introductory part
1) using the script features a simple one-click deployment complete service
2) Host List Configuration
3) extended configuration features screenplay
How 4) multiple scripts to integrate
5) plays the role of directory ???
01. Knowledge Review
1) All modules were explained explained
command 模块: 在远程主机上执行命令操作 默认模块
shell 模块: 在远程主机上执行命令操作 万能模块
PS: 有时剧本不能反复执行!!!
script 模块: 批量执行本地脚本
copy 模块: 用于批量分发传输数据信息
fetch 模块: 用于将远程主机数据进行拉取到本地管理主机
file 模块: 修改数据属性信息/创建数据信息
yum 模块: 用于安装和卸载软件包
service 模块: 用于管理服务的运行状态
user 模块: 用于批量创建用户并设置密码信息
mount 模块: 用于批量挂载操作
cron 模块: 批量部署定时任务信息
ping 模块: 远程管理测试模块
ansible 172.16.1.31 -m ping
2) ansible service script function
Part of the script:
Script syntax specification:
- Space specifications: achieve indentation
- Colon specification: to achieve key defined
- Horizontal line specification: Achieving list display
02. using the script to complete the service a key deployment -rsync:
rsync service deployment
nfs service deployment
sersync service deployment
The whole network backup project -rsync
rsync script writing service:
Ready to work:
- Familiar with software deployment process
- Familiar ansible software modules
- Familiar ansible screenplay written specification
ansible:
AD-hoc temporary management functions in batches (modules) --- command
playbook permanently achieved batch management (screenplay) --- script
[root@m01 ansible-playbook]# cat rsync_server.yaml
- hosts: rsync_server
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-push conf file
copy: src=/etc/ansible/server_file/rsync_server/rsyncd.conf dest=/etc/
- name: 03-create user
user: name=rsync create_home=no shell=/sbin/nologin
#shell: useradd rsync -M -s /sbin/nologin --shell在剧本中不能反复执行,rsync用户存在时会报错
- name: 04-create backup dir
file: path=/backup state=directory owner=rsync group=rsync
- name: 05-create password file
copy: content=rsync_backup:oldboy123 dest=/etc/rsync.password mode=600
- name: 06-start rsync server
service: name=rsyncd state=started enabled=yes
- hosts: rsync_clients
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-create password file
copy: content=oldboy123 dest=/etc/rsync.password mode=600
- name: 03-create test file
file: dest=/tmp/test.txt state=touch
- name: 04-check test
shell: rsync -avz /tmp/test.txt [email protected]::backup --password-file=/etc/rsync.password
Screenplay writing Common mistakes:
Script syntax specification compliance (space colon dash)
script module uses the correct
script a name to identify the following information can only write a module task
script Try not to use a large number of shell module
03. How to configure the host list
Host configuration list of official address:
https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html
Description: / etc / ansible / hosts file
[]representation[组名], easy to use batch label host ip address of
the initial configuration only the host ip addresscat /etc/ansible/hosts 172.16.1.31 172.16.1.41 172.16.1.7Invocation:
ansible all -a "hostname" 或者 ansible 172.16.1.31,172.16.1.41 -a "hostname"
The first embodiment: configuration host information packet
cat /etc/ansible/hosts
[web]
172.16.1.7
172.16.1.8
172.16.1.9
[data]
172.16.1.31
172.16.1.41
During operation
[root@m01 ansible-playbook]# ansible data -a "hostname"
172.16.1.31 | CHANGED | rc=0 >>
nfs01
172.16.1.41 | CHANGED | rc=0 >>
backup
[root@m01 ansible-playbook]# ansible web -a "hostname"
172.16.1.7 | CHANGED | rc=0 >>
web01
The second way: hostname symbol matching configuration
[web]
172.16.1.[7:9] ---表示7-9共3台主机
[web]
web[01:03] ---表示1-3共3台主机,但前提条件是/etc/hosts中已经配置好地址解析
The third way: to keep the non-standard remote port
[web]
web01:52113 或
172.16.1.7:52113
操作命令:ansible web01 -a "hostname"
The fourth way: the host with special variables
Such arrangement can not be distributed in advance to use ssh public key
[web] ---方法一
172.16.1.7 ansible_ssh_port=52113 ansible_ssh_user=root ansible_ssh_pass=123456
[web] ---方法二
web01 ansible_ssh_host=172.16.1.7 ansible_ssh_port=52113 ansible_ssh_user=root ansible_ssh_pass=123456
Fifth way: Host group name embedded profile
[rsync:children]--- 嵌入子组信息,rsync包含rsync_server组合rsync_client组,需要使用参数children
rsync_server
rsync_client
[rsync_server]
172.16.1.41
[rsync_client]
172.16.1.31
172.16.1.7
The following embedded variable way to configure the host, this way you can understand, the rest will follow-up with
[web:vars] --- 嵌入式变量信息
ansible_ssh_host=172.16.1.7
ansible_ssh_port=52113
ansible_ssh_user=root
ansible_ssh_pass=123456
[web]
web01
### 组web中web01主机会调用web:vars的变量值,功能同上述第四种方式方法二
04. configuration script extensions
Do variable information for the screenplay /etc/ansible/ansible_playbook/rsync_server.yaml optimization
cp rsync_server.yaml rsync_server_varinfo.yaml
a. Set the variable information in the script
Method 1: write directly in the script file
vars:
oldboy01: data01
oldboy02: data02Note that the variable references: use
{{ 变量 }}
Instructions:
[root@m01 ansible-playbook]# cat rsync_server_varinfo.yaml
- hosts: rsync_server
vars:
backupdir: /data
passfile: rsync-password
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-push conf file
copy: src=/etc/ansible/server_file/rsync_server/rsyncd.conf dest=/etc/
- name: 03-create user
user: name=rsync create_home=no shell=/sbin/nologin
#shell: useradd rsync -M -s /sbin/nologin
- name: 04-create backup dir
file: path={{ backupdir }} state=directory owner=rsync group=rsync
- name: 05-create password file
copy: content=rsync_backup:oldboy123 dest=/etc/{{ passfile }} mode=600
- name: 06-start rsync server
service: name=rsyncd state=started enabled=yes
- hosts: rsync_clients
vars:
passfile: rsync-password
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-push conf file
copy: src=/etc/ansible/server_file/rsync_server/rsyncd.conf dest=/etc/
- name: 03-create password file
copy: content=oldboy123 dest=/etc/{{ passfile }} owner=root group=root mode=600
- name: 04-start rsyncd server,set enabled.
service: name=rsyncd state=started enabled=yes
- name: 05-create test file
file: dest=/tmp/test.txt state=touch
- name: 06-check test data backup
shell: rsync -avz /tmp/test.txt [email protected]::data --password-file=/etc/{{ passfile }}
Second way: specified on the command line
ansible-playbook --extra-vars=oldboy01=data01
使用方法:可将上述变量定义部分注释掉,但剩下变量引用,这时引用的变量为临时变量,需要从命令行获取值
参数 --extra-vars 可用短格式 -e
[root@m01 ansible-playbook]# cat rsync_server_varinfo.yaml
- hosts: rsync_server
#vars:
# backupdir: /data
# passfile: rsync-password
tasks:
...
- hosts: rsync_clients
# vars:
# passfile: rsync-password
tasks:
...
命令执行前可先删除对应目录和密码文件再进行测试
[root@m01 ansible-playbook]# ansible-playbook --extra-var backupdir=/data -e passfile=/etc/rsync-password
Three ways: writing in the host list file
[oldboy]
oldboy01 = DATA01
oldboy02 = data02
## 配置信息vars部分
[root@m01 ansible-playbook]# cat /etc/ansible/hosts
[rsync:children]
rsync_server
rsync_clients
[rsync_server]
172.16.1.41
[rsync_server:vars]
backupdir=/data
passfile=rsync-password
[rsync_clients]
172.16.1.7
172.16.1.31
[rsync_clients:vars]
passfile=rsync-password
##执行
[root@m01 ansible-playbook]# ansible-playbook rsync_server_varinfo.yaml
Attention to the problem : If you have configured in three ways, three ways of effective priority are:
the highest priority: Command-line variable settings (rarely used)
secondary priority: the script variable settings (most used)
final: Host variable settings list (multi-use times)
It can be configured with different variables were tested in three ways priority
##剧本中: backupdir=/data01 passfile=/rsync-password01 ##主机清单文件中: backupdir=/data03 passfile=/rsync-password03 ##命令行执行:--检测出/data02文件夹生成,命令行设置最优先 [root@m01 ansible-playbook]#ansible-playbook --extra-var backupdir=/data02 -e passfile=/etc/rsync-password02 rsync_server_varinfo.yaml ##命令行执行:--检测出/data01文件夹生成,剧本中变量设置次优先 [root@m01 ansible-playbook]#ansible-playbook rsync_server_varinfo.yaml ##注释掉剧本中变量设置后,命令行执行:--检测出/data03文件夹生成,主机清单中变量设置最后 [root@m01 ansible-playbook]#ansible-playbook rsync_server_varinfo.yaml
More Reflection : How to Set Global variables (in the roles, plays an integral part of presentation)
b. Set the registration information in the script
Description: The registration information functions as the definition of a variable, then call variables
such as checking whether the rsync service is installed, by viewing port, but ansible the shell prompt module only ok, does not show specific port information, then you can use registration function, display information script execution
to use:
cd /etc/ansible/ansible-playbook/
cp rsync_server.yaml rsync_server_reginfo.yaml
cat rsync_server_reginfo.yaml
- hosts: rsync_server
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-push conf file
copy: src=/etc/ansible/server_file/rsync_server/rsyncd.conf dest=/etc/
- name: 03-create user
user: name=rsync create_home=no shell=/sbin/nologin
#shell: useradd rsync -M -s /sbin/nologin
- name: 04-create backup dir
file: path=/backup state=directory owner=rsync group=rsync
- name: 05-create password file
copy: content=rsync_backup:oldboy123 dest=/etc/rsync.password mode=600
- name: 06-start rsync server
service: name=rsyncd state=started enabled=yes
## 以下部分为register info
- name: 07-check server port info
shell: netstat -lntup|grep 873 ---端口信息
register: get_server_port ---定义保存端口信息的变量
- name display port name
debug: msg={{ get_server_port.stdout_lines }} ---debug调用变量输出信息,stdout_lines是标准输出格式显示的作用
## 执行结果
[root@m01 ansible-playbook]# ansible-playbook rsync_server_reginfo.yaml
...
TASK [07-check server port info] ****************************************************************************************
changed: [172.16.1.41]
TASK [display port name] ************************************************************************************************
ok: [172.16.1.41] => {
"msg": [
"tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 936/rsync ",
"tcp6 0 0 :::873 :::* LISTEN 936/rsync "
]
}
c. Set judgment information in the script
How to specify the condition is determined:
(ansible_hostname == "NFS")
details of the managed host system setup display module
Get built-in variables method:
ansible rsync_server -m setup -a "filter=ansible_hostname" -- ansible_hostname变量由setup模块提供
常见主机信息:
ansible_all_ipv4_addresses --显示ipv4信息
ansible_devices --仅显示磁盘信息
ansible_distribution --显示是什么系统,例如:centos,suse等
ansible_distribution_major_version --显示系统主版本
ansible_distribution_version --显示系统版本
ansible_machine --显示系统类型,32位,64位
ansible_eth0 --仅显示eth0的信息
ansible_hostname --显示主机名
ansible_kernel --显示内核版本
ansible_lvm --显示lvm相关信息
ansible_memtotal_mb --显示系统总内存
ansible_memfree_mb --显示系统可用内存
ansible_swaptotal_mb --显示总的swap内存
ansible_swapfree_mb --显示swap内存的可用内存
ansible_mounts --显示磁盘系统挂在情况
ansible_processor --显示CPU的个数(具体显示每个CPU的型号)
ansible_vcpus p p --显示总哦的CPU个数(只显示个数)
Obtain information about a child's method : get only eth0 in ipv4 information, but only play a role in the script, at the command line does not take effect
ansible rsync_server Setup -a -m "filter = ansible_eth0 [ipv4] "
to use:
[root@m01 ansible-playbook]# cp rsync_server.yaml rsync_server_when.yaml
[root@m01 ansible-playbook]# cat rsync_server_when.yaml
- hosts: rsync_server
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-push conf file
copy: src=/etc/ansible/server_file/rsync_server/rsyncd.conf dest=/etc/
- name: 03-create user
user: name=rsync create_home=no shell=/sbin/nologin
#shell: useradd rsync -M -s /sbin/nologin
- name: 04-create backup dir
file: path=/backup state=directory owner=rsync group=rsync
- name: 05-create password file
copy: content=rsync_backup:oldboy123 dest=/etc/rsync.password mode=600
- name: 06-start rsync server
service: name=rsyncd state=started enabled=yes
- hosts: rsync_clients
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-push conf file
copy: src=/etc/ansible/server_file/rsync_server/rsyncd.conf dest=/etc/
- name: 03-create password file
copy: content=oldboy123 dest=/etc/rsync.password owner=root group=root mode=600
- name: 04-start rsyncd server,set enabled.
service: name=rsyncd state=started enabled=yes
- name: 05-create test_nfs file
file: dest=/tmp/test_nfs.txt state=touch
when: (ansible_hostname == "nfs01") ##上一行执行的判断条件,ansible_hostname由setup模块提供
- name: 05-create test_web file
file: dest=/tmp/test_web.txt state=touch
when: (ansible_hostname == "web01") ##上一行执行的判断条件
- name: 06-check test nfs data backup
shell: rsync -avz /tmp/test_nfs.txt [email protected]::backup --password-file=/etc/rsync.password
when: (ansible_hostname == "nfs01") ##上一行执行的判断条件
- name: 07-check test web data backup
shell: rsync -avz /tmp/test_web.txt [email protected]::web --password-file=/etc/rsync.password
when: (ansible_hostname == "web01") ##上一行执行的判断条件
## 注意在/etc/ansible/server_file/rsync_server/rsyncd.conf中增加web模块,并在41上增加对应目录,修改数组为chown rsync.rsync /web
[root@m01 ansible-playbook]# ansible-playbook rsync_server_when.yaml
d. Set loop information in the script
Cycle function: yaml file has the same module, using combined cycle
cd / etc / ansible / ansible- playbook / && cp rsync_server.yaml rsync_server_loop.yaml
the module defined variables, call assignment using with_items#循环结束 BEGIN - name: 02-push conf file && password file copy: src=/etc/ansible/server_file/rsync_server/{{ item.src }} dest={{ item.dest }} mode={{ item.mode }} ##定义copy模块变量src,dest,mode with_items: ##变量赋值并引用 - { src: 'rsyncd.conf', dest: '/etc/', mode: '644' } - { src: 'rsync.password', dest: '/etc/', mode: '600' } # 循环结束 ENDInstructions:
[root@m01 ansible-playbook]# cat rsync_server_loop.yaml
- hosts: rsync_server
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
# 循环开始BEGIN
# 同一个name中有多个不同模块时直接报错,相同模块时会出现警告,只执行最后一个模块,此时使用循环功能
#- name: 02-push conf file && password file
# copy: src=/etc/ansible/server_file/rsync_server/rsyncd.conf dest=/etc/
# copy: content=rsync_backup:oldboy123 dest=/etc/rsync.password mode=600
# 将上述copy内容修改为格式大致相同
# copy: src=/etc/ansible/server_file/rsync_server/rsyncd.conf dest=/etc/ mode=644
# copy: src=/etc/ansible/server_file/rsync_server/rsync.password dest=/etc/ mode=600
- name: 02-push conf file && password file
copy: src=/etc/ansible/server_file/rsync_server/{{ item.src }} dest={{ item.dest }} mode={{ item.mode }} ##定义copy模块变量src,dest,mode
with_items: ##变量赋值并引用
- { src: 'rsyncd.conf', dest: '/etc/', mode: '644' }
- { src: 'rsync.password', dest: '/etc/', mode: '600' }
# 循环结束 END
- name: 03-create user
user: name=rsync create_home=no shell=/sbin/nologin
#shell: useradd rsync -M -s /sbin/nologin
- name: 04-create backup dir
file: path=/backup state=directory owner=rsync group=rsync
#copy 模块放到上面的copy模块部分
#- name: 05-create password file
# copy: content=rsync_backup:oldboy123 dest=/etc/rsync.password mode=600
- name: 06-start rsync server
service: name=rsyncd state=started enabled=yes
- hosts: rsync_client
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-push conf file
copy: src=/etc/ansible/server_file/rsync_server/rsyncd.conf dest=/etc/
- name: 03-create password file
copy: content=oldboy123 dest=/etc/rsync.password owner=root group=root mode=600
- name: 04-start rsyncd server,set enabled.
service: name=rsyncd state=started enabled=yes
- name: 05-create test file
file: dest=/tmp/test.txt state=touch
- name: 06-check test data backup
shell: rsync -avz /tmp/test.txt [email protected]::backup --password-file=/etc/rsync.password
[root@m01 ansible-playbook]# ansible-playbook rsync_server_loop.yaml
...
ansible format write:
- name: install software
yum: name=wget state=installed
saltstack format write:
- name: install software
yum:
name: ['rsync','tree','wget']
state: installed
e. Set to ignore error in the script
Features:
In the script, when an error occurs in the previous section, the script will not execute down
if you want to continue to the next execution, want to ignore the current error, then you can use the设置错误忽略feature
can be added toignore_errors: yesignore errors
Instructions:
- hosts: all
remote_user: root
tasks:
- name: Ignore False
command: /bin/false
ignore_errors: yes
- name: touch nowfile
file: path=/tmp/moox_ignore state=touch
f. tag information provided in the script
Features:
In the script, when executed just a module, block or skip a certain time, to the module can
设置标签
be added totags: tag1specify module
parameters when executing-tor--tags=tag1specified tags,
specifying which tags task execution: ansible-playbook --tags = tag1 test_tags.yaml
skipped tasks specified tags: ansible-playbook --skip-tags = tag1 test_tags.yaml
Instructions:
- hosts: all
remote_user: root
tasks:
- name: Ignore False
command: /bin/false
tags: tag1
- name: touch nowfile
file: path=/tmp/moox_ignore state=touch
g. in the script to set the trigger information
h. Set the script to integrate in the script
05. Knowledge summary
- rsync service a key deployment script
- Host inventory write method
5 ways - Extended screenplay writing method of
how to set up three kinds of variable information
on how to set debug register information
on how to set judgment setup information
operation:
-
One-click deployment of network-wide backup project
-
One-click deployment NFS Services
-
One-click deployment of real-time synchronization service