1. inventory file
1. Inventory file description:
The organization and arrangement of the target host, and the flexible delivery of ad-hoc or plays to different hosts.
There are few hosts and plays, just use the hosts file directly in the ansible root directory,
If it is more complicated, you can create an inventory folder and divide it into different inventory files:
inventory
- hosts01
- hosts02
- test
An example of writing an inventory file:
mail.example.com
[webservers]
foo.example.com
bar.example.com
[dbservers]
one.example.com
two.example.com
three.example.com
badwolf.example.com:5309
jumper ansible_ssh_port=5555 ansible_ssh_host=192.168.1.50
[webservers]
www[01:50].example.com
[databases]
db-[a:f].example.com
[targets]
localhost ansible_connection=local
other1.example.com ansible_connection=ssh ansible_ssh_user=mpdehaan
other2.example.com ansible_connection=ssh ansible_ssh_user=mdehaan
[atlanta]
host1 http_port=80 maxRequestsPerChild=808
host2 http_port=303 maxRequestsPerChild=909
[atlanta]
host1
host2
[atlanta:vars]
ntp_server=ntp.atlanta.example.com
proxy=proxy.atlanta.example.com
[atlanta]
host1
host2
[raleigh]
host2
host3
[southeast:children]
atlanta
raleigh
[southeast:vars]
some_server=foo.southeast.example.com
halon_system_timeout=30
self_destruct_countdown=60
escape_pods=2
[usa:children]
southeast
northeast
southwest
northwest
2. Variables in inventory
1. Defined in the inventory file
After host: key=value
Inventory file example:
some_host ansible_ssh_port=2222 ansible_ssh_user=manager
aws_host ansible_ssh_private_key_file=/home/example/.ssh/aws.pem
freebsd_host ansible_python_interpreter=/usr/local/bin/python
ruby_module_host ansible_ruby_interpreter=/usr/bin/ruby.1.9.3
Parameter Description:
ansible_ssh_host
将要连接的远程主机名.与你想要设定的主机的别名不同的话,可通过此变量设置.
ansible_ssh_port
ssh端口号.如果不是默认的端口号,通过此变量设置.
ansible_ssh_user
默认的 ssh 用户名
ansible_ssh_pass
ssh 密码(这种方式并不安全,我们强烈建议使用 --ask-pass 或 SSH 密钥)
ansible_sudo_pass
sudo 密码(这种方式并不安全,我们强烈建议使用 --ask-sudo-pass)
ansible_sudo_exe (new in version 1.8)
sudo 命令路径(适用于1.8及以上版本)
ansible_connection
与主机的连接类型.比如:local, ssh 或者 paramiko. Ansible 1.2 以前默认使用 paramiko.1.2 以后默认使用 'smart','smart' 方式会根据是否支持 ControlPersist, 来判断'ssh' 方式是否可行.
ansible_ssh_private_key_file
ssh 使用的私钥文件.适用于有多个密钥,而你不想使用 SSH 代理的情况.
ansible_shell_type
目标系统的shell类型.默认情况下,命令的执行使用 'sh' 语法,可设置为 'csh' 或 'fish'.
ansible_python_interpreter
目标主机的 python 路径.适用于的情况: 系统中有多个 Python, 或者命令路径不是"/usr/bin/python",比如 \*BSD, 或者 /usr/bin/python
不是 2.X 版本的 Python.我们不使用 "/usr/bin/env" 机制,因为这要求远程用户的路径设置正确,且要求 "python" 可执行程序名不可为 python以外的名字(实际有可能名为python26).
与 ansible_python_interpreter 的工作方式相同,可设定如 ruby 或 perl 的路径....
2. Reference variables in other files
It is not the best way to keep all variables in the main inventory file.
It can also be stored in separate files that remain associated with the inventory file.
Unlike
inventory files (INI format), these stand-alone files are in YAML format.
E.g:
/etc/ansible/group_vars/raleigh
/etc/ansible/group_vars/webservers
/etc/ansible/host_vars/foosball
#/etc/ansible/group_vars/raleigh
---
ntp_server: acme.example.org
database_server: storage.example.org
When variables become too many, it is more convenient for us to manage and organize variables by defining them in separate files:
For a host, or a group, create a directory, the directory name is the host name or group name.
Multiple files can be created in the directory, and the variables in the files will be read as host or group variables.
The following 'raleigh' group corresponds to the /etc/ansible/group_vars/raleigh/ directory,
There are two files db_settings and cluster_settings under it, which set different variables respectively:
/etc/ansible/group_vars/raleigh/db_settings
/etc/ansible/group_vars/raleigh/cluster_settings
2. Dynamic inventory
There is often a need to use a configuration management system to store your own inventory configuration information in other software systems.
Ansible itself records inventory configuration information in a text-based way, which was introduced earlier (see the inventory file for details ).
In addition, Ansible also supports other ways to save configuration information.
Examples of saving configuration information in other software systems are:
1, 从云端拉取 inventory
2, LDAP(Lightweight Directory Access Protocol,轻量级目录访问协议)
3, `Cobbler <http://cobbler.github.com>`_
4, 或者是一份昂贵的企业版的 CMDB(配置管理数据库) 软件.
3. Pattern and inventory
Example of pattern matching host in ad-hoc:
#命令格式如下:
ansible <pattern_goes_here> -m <module_name> -a <arguments>
ansible webservers -m service -a "name=httpd state=restarted"
#其中的<pattern_goes_here> 还可以有以下写法匹配
#所有主机
all
*
#ip,hostname
one.example.com
one.example.com:two.example.com
192.168.1.50
192.168.1.*
#组
webservers
webservers:dbservers
#非
webservers:!phoenix
#交集
webservers:dbservers:&staging:!phoenix
#传参数,使用变量
webservers:!{{excluded}}:&{{required}}
#单个host names, IPs , groups的通配
*.example.com
*.com
#host和group混合使用
one*.com:dbservers
#匹配组中的某些server
webservers[0]
webservers[0-25]
#正则匹配
~(web|db).*\.example\.com
Some skills of pattern:
Works with ansible and ansible-playbook
#通过 --limit 标记来添加排除条件
ansible-playbook site.yml --limit datacenter2
#从文件读取hosts,文件名以@为前缀
ansible-playbook site.yml --limit @retry_hosts.txt