Table of contents
2. Hosts on the deployment side
(2) View the short documentation of the module
(3) View the complete documentation of the module
(4) Specify additional module paths
(5) Display document information in JSON format
(3) ansible-playbook (command for executing Ansible Playbook)
(2) Specify the host list file
(3) Only run tasks with specified tags
(4) Overwrite the variable value in the variable file
(5) Check whether the syntax of the Playbook is correct
(6) List all tasks in Playbook
(7) Execute Playbook from the specified task
(8) Ask step by step whether each task is to be performed
(9) Increase the level of detail
(10) Simulate the execution of Playbook
3. Set SSH key pair authentication login
(2) You can also define range hosts
1. ansible 192.168.115.131 -m ping Edit
1、ansible webServer -m shell -a "ls -l /root"
2、ansible webServer -m shell -a "hostname"
(1) command (execute the command, but the command cannot contain "< > | &")
(3) raw (execute the command, no need to install the python environment on the remote host)
(6) file (file operations on remote hosts)
(7) copy (copy files to remote host)
2. Case: copy files and set permissions
(8) service (manage the service of the remote host)
(9) cron (planned tasks for managing remote hosts)
(10) yum (a software package for managing remote hosts)
(11) user and group (management of users and groups of remote hosts)
(12) synchronize (manage remote host data synchronization, call rsync)
(13) setup (view remote host information)
(14) get_url (make the remote host download files (http, https, ftp), similar to wget)
2. Case: Realized through the following steps
(15) unarchive (decompression)
(16) archive (archive compression)
8. Playbook (ansible variable)
3. Variables: Variables, there are four setting methods
4. Handlers: Tasks triggered by specific conditions.
5. Templates: a text file that contains the syntax of the module
(6) Batch create directory structure
I. Overview
(1) Features
1. The deployment is simple, there is no client, just deploy the Ansible environment on the master control end, and the controlled end does not need to do any operations;
2. Modularization: call a specific module to complete a specific task
3. By default, the SSH protocol is used to manage the device;
4. Master-slave centralized management;
5. Simple configuration, powerful functions and strong scalability;
6. Support API and custom modules, which can be easily extended through Python;
7. Customize powerful configuration and status management through Playbooks
8. Good support for cloud computing platform and big data;
9. Idempotent: the result of executing an operation once on a host is the same as executing N times
(2) Working characteristics
1. Connection plugins connection plugins: responsible for communicating with the monitored end;
2. Host inventory: The host for the specified operation is a host defined in a configuration file for monitoring;
3. Various modules core module, command module, custom module;
4. With the help of plug-ins, functions such as recording log emails can be completed;
5. playbook: When the script executes multiple tasks, it is not necessary to let the node run multiple tasks at one time
2. Operating mechanism
1. Ansible: the core module of ansible
2. Host Inventory: host list, which is the list of managed hosts
3. Playbooks: Ansible scripts can be imagined as placing multiple tasks together and executing them together
4. Core Modules: core modules of ansible
5. Custom Modules: custom modules
6. Connection Plugins: connection plug-ins, used to establish a connection relationship with the controlled host based on SSH
7. Plugins: Other plugins, including logging, mail, etc.
3. Installation
(1) Configuration source
Also:yum install -y epil-release
(2) Install ansible
Command: yum install -y ansible
(3) View related documents
Command: rpm -ql ansible
Installation directory: /etc/ansible
(4) Configuration file
1. Main configuration file
/etc/ansible/ansible.cfg
2. Hosts on the deployment side
/etc/ansible/hosts
3. Playbook-related
/etc/ansible/roles
4. Command related
(1) ansible
1. Parameters
(1) -v verbose mode, if the execution is successful, output detailed results
(2) -i specifies the host file path, the default is /etc/ansible/hosts
(3) -f, -forks=NUM NUM is an integer 5 by default, specify The number of synchronization processes enabled by fork
(4) -m specifies the module name used, the default command module
(5) -a specifies the parameters of the module
(6) -k prompts for the SSH password instead of using ssh key authentication
(7) ) -sudo Specifies to use sudo to obtain root privileges
(8) -K Prompts to enter the sudo password
(9) -u Specify the execution user of the mobile terminal
(10) -C Test command execution will change what content will not be actually executed
(11) all --list display hosts list
2. Grammar
ansibe -i [filePath] -m [moduleName] -a [arguments]
(2) ansible-doc
ansible-doc is the command for consulting Ansible module documentation. This command can be used to list all modules installed on the local system, and provides documentation and examples.
1. Options
(1) -l lists all module names
(2) -s View the specified module
(3) --help Display help information.
(4) --version Display version information
(5) -a Display the complete documentation of the module
(6) -M specifies additional module paths
(7) --json Display document information in JSON format
2. Examples
(1) List all module names
Command: ansible-doc -l
(2) View the short documentation of the module
Command: ansible-doc -s module_name
Where module_name is replaced by the name of the module to be queried.
(3) View the complete documentation of the module
Instruction: ansible-doc -a module_name
(4) Specify additional module paths
ansible-doc -M /path/to/extra/module_dir module_name
Where /path/to/extra/module_dir is replaced with the directory path containing the custom module, and module_name is replaced with the name of the module to be queried.
(5) Display document information in JSON format
Instruction: ansible-doc --json module_name
(3) ansible-playbook (command for executing Ansible Playbook)
1. Grammar
ansible-playbook [options] playbookName
2. Options
(1) -e : External variable transfer
(2) -i: Specify the host list file
(3) -l: Follow the list of hostnames separated by commas to limit the hosts
(4) -e: Overwrite the variable value in the variable file
(5) -t: Only run tasks with the specified label
(6) --skip-tags: Skip tasks with specified tags
(7) --syntax-check: Check whether the syntax of the Playbook is correct
(8) --list-tasks: List all tasks in Playbook
(9) --start-at-task: Execute Playbook from the specified task
(10) --step: Ask each task step by step whether to execute
(11) -v: increase the level of detail, can be used multiple times to increase the level
(12) --check: Run the simulation mode, only test whether the task needs to be executed, and will not actually execute the task
3. Example:
(1) Execute Playbook
Instructions: ansible-playbook playbook.yml
Where playbook.yml is replaced with the file name of the Playbook to be executed.
(2) Specify the host list file
Instruction: ansible-playbook -i inventory.ini playbook.yml
where inventory.ini is replaced with the path to the host inventory file to use. If this option is not specified, it defaults to /etc/ansible/hosts.
(3) Only run tasks with specified tags
命令:ansible-playbook -i inventory.ini playbook.yml -t task1,task2
Where task1, task2 are replaced with the label names of the tasks to be run.
(4) Overwrite the variable value in the variable file
命令:ansible-playbook -i inventory.ini playbook.yml -e "foo=bar"
where foo is replaced with the variable name to overwrite and bar is replaced with the new value to be set.
(5) Check whether the syntax of the Playbook is correct
命令:ansible-playbook --syntax-check playbook.yml
This command will check the Playbook for correct syntax and display any error messages.
(6) List all tasks in Playbook
命令:ansible-playbook --list-tasks playbook.yml
This command will list all tasks in the playbook.
(7) Execute Playbook from the specified task
命令:ansible-playbook -i inventory.ini playbook.yml --start-at-task="task3"
where task3 is replaced with the task name to start execution from.
(8) Ask step by step whether each task is to be performed
命令:ansible-playbook -i inventory.ini playbook.yml --step
The command will ask the user if they want to execute each task before running it.
(9) Increase the level of detail
命令:ansible-playbook -i inventory.ini playbook.yml -v
Use this option to increase the verbosity of the command. This option can be used multiple times to increase log verbosity.
(10) Simulate the execution of Playbook
命令:ansible-playbook -i inventory.ini playbook.yml --check
Use this option to do a mock run to test that all tasks need to be executed without actually executing the tasks.
5. Host group configuration
(1) Basic configuration
1、vim /etc/ansible/hosts
[webServers]
192.168.115.131
192.168.115.132
2. Configure /etc/hosts
vim /etc/hosts
192.168.115.131 server1
192.168.115.132 server2
3. Set SSH key pair authentication login
(2) You can also define range hosts
[webServers]
192.168.115.13[1:2]
6. Simple case
(1) Connectivity test
1、ansible 192.168.115.131 -m ping
2、ansible webServers -m ping
(2) Check host information
1、ansible webServer -m shell -a "ls -l /root"
2、ansible webServer -m shell -a "hostname"
(3) Installation service
ansible webServer -m shell -a "yum -y install vsftpd"
7. Common modules
(1) command ( execute the command, but the command cannot contain "< > | &" )
Case: ansible webServer -m command -a "netstat -anptul"
(2) shell (execute commands, based on /bin/sh, and also execute script files that already exist on the remote host)
Case: ansible webServer -m shell -a "netstat -anptul | grep vsftb"
(3) raw (execute the command, no need to install the python environment on the remote host)
Case: ansible webServer -m raw -a "ls -l"
(4) script (copy the shell script on the ansible side to the remote host and execute it, delete the script file of the remote host after execution)
Syntax: ansible all -m script -a "chdir=/opt scriptname"
chdir switches the directory of the script running results
(5) ping (test connectivity)
(6) file (file operations on remote hosts)
1. Parameters
(1) force (forcibly create a soft connection)
①yes|no
② Used to optimize commands after compiling and installing software using ansible
(2) group (file belongs to group)
(3) owner (file owner)
(4) mode (file permissions)
(5) path (file path)
(6) state (file type)
①directory (directory)
②link
③hard
④ touch (file)
⑤absent
2. Case:
ansible 192.168.115.131 -m file -a "path=/opt/t1 state=directory mode=0700 owner=juexing group=juexing"
(7) copy (copy files to remote host)
1. Parameters
(1)backup
If the target file exists, whether to make a backup before overwriting, yes|no
(2) content (equivalent to src)
(3)src
To copy the local path of the file, if copying a directory, you need to add / at the end of the directory name
(4)dest
The absolute path to copy the file to the remote host. If the copy source is a directory, the directory must also be a directory
(5) directory_mode (set directory permissions recursively)
(6) force (whether to perform mandatory coverage, yes|no)
2. Case: copy files and set permissions
命令:ansible webServer -m copy -a "src=/etc/yum.repos.d/epel.repo dest=/opt/epel.repo mode=0444 owner=juexing group=juexing "
(8) service (manage the service of the remote host)
1. Parameters
(1) enabled (boot self-start, yes|no)
(2) name (service name)
(3) parttern (definition mode)
(4) sleep (if restarted is executed, this time sets the interval from stop to start)
(5)state
①started (open)
②stopped (closed)
③restarted (restart)
④reloaded (smooth restart)
2. Case
ansible 192.168.115.131 -m service -a "name=httpd state=started"
(9) cron (planned tasks for managing remote hosts)
1. Parameters
(1) backup (backup conflict scheduled task, yes|no)
(2) cron_file (specify the scheduled task storage path, /etc/cron.d)
(3)minute(0~59,*,*/2)
(4)hour(0~23,*,*/2)
(5)day(1~31)
(6)mouth(1~12)
(7) weekly (0~7, 0 and 7 are both Sundays)
(8) job (executed task, relying on state=present)
(9)state
①present (create)
②absent (delete)
(10) name (descriptive information)
(11) user (the user who executes the job)
(12) special_time (specified execution time)
parameter:
①reboot (restart)
②annually (every year)
③ mouthly (monthly)
④weekly (weekly)
⑤daily (every day)
⑥hourly (hourly)
2. Case
命令:ansible 192.168.115.131 -m cron -a "name=backup state=present minute=10 hour=15 job=whoami"
Check in the file vim /var/spool/cron/root
(10) yum (a software package for managing remote hosts)
1. Parameters
(1) config_file (configuration file of yum source)
(2) disable_gpg_check (turn off gpgcheck)
(3) disablerepo (do not enable a source)
(4) enablerepo (enable a source)
(5) name (the name of the installed software)
(6)state
① present (installation)
②installed (installation)
③latest (install the latest version)
④absent (delete)
⑤removed (delete)
2. Case
ansible webServer -m yum -a "name=ftp state=present"
(11) user and group (management of users and groups of remote hosts)
1. Parameters
(1) name (specify user name)
(2) group (specify group name)
(3) groups (specify additional groups) Note: specify multiple additional groups separated by ","
(4) shell (specify login shell)
(5)state
①present (create)
②absent (delete)
(6) remove (recursively delete the user's home directory and email, state=absent)
(7) password (specified user password (md5 encrypted password))
(12) synchronize (manage remote host data synchronization, call rsync)
1. Parameters:
(1) archive (archive)
(2) checksum (data verification, off by default)
(3) compress (whether to compress, enabled by default)
(4) copy_links (copy link files, off by default)
(5) delete (delete files that do not exist, the default is no)
(6) src (source file)
(7) dest (target path)
(8) dest_port (destination port, default 22)
(9)mode
①push (push, file upload)
②pull (pull, file download)
(13) setup (view remote host information)
1. Parameters
file (specify what to view)
(1) ansible_all_ipv4_addresses: Only display ipv4 information.
(2) ansible_devices: Only display disk device information.
(3) ansible_distribution: Show what system it is, for example: centos, suse, etc.
(4) ansible_distribution_major_version: The display is the main version of the system.
(5) ansible_distribution_version: Only display the system version.
(6) ansible_machine: Display the system type, for example: 32-bit or 64-bit.
(7) ansible_eth0: Only display the information of eth0.
(8) ansible_hostname: Only display the host name.
(9) ansible_kernel: Only display the kernel version.
(10) ansible_lvm: display lvm related information.
(11) ansible_memtotal_mb: Displays the total system memory.
(12) ansible_memfree_mb: Display available system memory.
(13) ansible_memory_mb: Display the memory situation in detail.
(14) ansible_swaptotal_mb: Displays the total swap memory.
(15) ansible_swapfree_mb: Displays the available memory of swap memory.
(16) ansible_mounts: Displays the system disk mounts.
(17) ansible_processor: Display the number of cpus (specifically display the model of each cpu).
(18) ansible_processor_vcpus: Displays the number of cpus (only the total number is displayed).
2. Case
(1) Return all information of the remote host
ansible servers -m setup
(2)ansible servers -m setup -a "filter=ansible_all_ipv4_addresses"
(14) get_url (make the remote host download files (http, https, ftp), similar to wget)
1. Parameters
(1) url (specify the download path)
(2) dest (specify the download location)
(3) url_username (specify login user name)
(4) url_password (specify user password)
2. Case: Realized through the following steps
(1)ansible 192.168.115.131 -m service -a "name=httpd state=started"
(2)systemctl start httpd
(3)cd /var/www/html
(4)echo 111 >t2
(5)ansible 192.168.115.132 -m get_url -a "url=http://192.168.115.131/t2 dest=/opt"
(6)
(15) unarchive (decompression)
1. Parameters
(1)copy
Copy files from ansible server to remote host, default yes.
Set to no, you need to use src to specify where the package exists in the remote host
(2) src (specify the remote host software package location)
(3) dest (the software storage location after decompression)
(4) mode (file permissions after decompression)
2. Case
ansible all -m unarchive -a 'copy=no src=/mnt/etc.tar.gz dest=/mnt mode=777’
(16) archive (archive compression)
1. Parameters
(1) path package directory name
(2) dest claims the packaged file name
(3) format packaging format
(4) owner specifies the owner of the file
(5) mode specifies file permissions
2. Case
ansible all -m archive -a 'path=/etc dest=/mnt/etc.tar.gz format=gz owner=devops mode=777'
(17) template (Templat template is configured using jinjia2 language, and the suffix of the template file is .j2)
8. Playbook (ansible variable)
(1) Format
1. The first line of the file should start with "---" (three hyphens), indicating the beginning of the YAML file.
2. In the same line, the content after # indicates a comment, similar to shell, python and ruby.
3. List elements in YAML start with "-" followed by a space. followed by the element content.
4. The elements in the same list should keep the same indentation, otherwise it will be treated as an error.
Note: You cannot use the tab key for indentation
5. The representation methods of hosts, variables, roles, tasks and other objects in the playbook are separated by ":" in the middle of the key value, and a space should be added after ":".
(2) Return status
Green means the execution was successful and the system remains as it is. Yellow indicates that the system status has changed. Red means that the execution failed and an error output is displayed.
(3) Core elements
1. Hosts: host group
2. Tasks: task list
(1) name (task name)
(2) Module (module name)
(3) notify (trigger task, consistent with handlers name)
(4) tags (task execution tags)
3. Variables: Variables, there are four setting methods
(1)vars
(2) External delivery: ansible-playbook xxx.yml -e var=value
(3) Internal definition
4. Handlers: Tasks triggered by specific conditions.
5. Templates: a text file that contains the syntax of the module
(1)template
(2) Copy the template file
(4) Case
1、vim mariadb.yml
2. Run the script
Instruction: ansible-playbook mariadb.yml
(5) roles
1、roles/
2. mysql/: yml file of mysql service
3. httpd/: yml file of apached service
4. nginx/: yml file of nginx service
5. files/: store files or scripts called by modules such as copy or script;
6. tasks/: There should be at least one file named main.yml in this directory, which is used to define each task; other files need to be included and called by main.yml;
7. handlers/: There should be at least one file named main.yml in this directory, which is used to define each handler; other files need to be included and called by main.yml;
8. vars/: This directory should have at least one file named main.yml, which is used to define each variable (variable); other files need to be included and called by main.yml;
9. templates/: store template files called by the templates module;
10. meta/: There should be at least one file named main.yml in this directory, which defines the special settings and dependencies of the current role, and other files need to be included and called by main.yml;
11. defaults/: This directory should have at least one file named main.yml, which is used to set default variables;
(6) Batch create directory structure
mkdir -p {nginx,mysql,tomcat}/{tasks,files,hanlders,vars,templates,meta,defaults}