Table of contents
1. Brief description of playbooks
3. The components of playbooks
4. Playbooks startup and detection
5. Practical example of playbooks module 1
6. Practical example of vars module 2
7. Practical example of when module 3
8. Practical example of the with_items loop module 4
9. Practical example of template module 5
1. Playbooks
1. Brief description of playbooks
Playbooks are scripts used by ansible to configure, deploy, and manage controlled nodes. Through the detailed description of playbooks, executing the tasks in them can make the remote host reach the expected state. playbooks are lists of one or more "plays". When initializing the environment on a machine, it is often necessary to do more than one thing. At this time, it is more suitable to use playbooks. With playbooks you can execute multiple instructions on multiple machines at once. This pre-designed configuration keeps the configuration of the machine consistent and makes it easy to perform daily tasks.
Ansible implements corresponding management through different modules. The management method includes the ports managed by the defined list file (hosts) including the ports connected by authentication. All functions are implemented by calling different modules (modules). Whether it is executing a single command or a play-book is based on the manifest file.
2. playbooks script format
Playbooks are written in YMAL language, and the YMAL format is a file format similar to JSON. There are multiple plays in a file, only one task in a play, and multiple name tasks in a task.
Precautions:
①Case clearly
②Represent hierarchical relationship through indentation
③ does not support tabs for indentation, only spaces can be used for indentation
④The number of indented spaces is not important, as long as the same level is aligned left and right, usually 2 spaces are indented at the beginning
⑤# Note
⑥Symbol characters are indented with 1 space, such as colon: comma, horizontal bar - followed by a space
⑦If it contains special characters, it will be treated as a string if it is surrounded by single quotes and double quotes. Single quotes do not recognize variables, and double quotes recognize variables.
3. The components of playbooks
module name | effect |
tasks | Task, that is, the module that calls ansible through task organizes multiple operations to run in a playbooks |
variables | Variables, use { {}} to call, can be abbreviated as vars |
templates | template |
handlers | Processor, when the changed status bar is satisfied, notify triggers the execution of the operation, and the notify will not be executed immediately. The notify will not be executed until all the tasks in the playbooks are completed. The advantage is that the notify list can be triggered multiple times and only executed once at the end. handlers. |
roles | Role |
ignore_errors | If the return value of the execution command is not 0, an error will be reported. The tasks will stop by default. If you need to ignore the error, set it to false |
notify | If the above conditions are true, execute the contents of the handlers module |
whit_item | The content of the definition cycle is the list, and the value of each call is called with { {item}}, that is, the name is item. Iterate through the content until the end |
when | Conditional judgment, providing the only common conditional judgment, execute when true, otherwise not execute |
become | The parameter after version 2.6 is sudo before, which means to switch users to run |
tags | Define a label for one or some tasks. When executing playbooks, you can specify that only a certain label is executed. If the label is always, no matter which label executes this playbook, it will be executed together with the name of the always label. |
4. Playbooks startup and detection
ansible-playbook 文件名.yaml
ansible-playbook 文件.yaml --start-at-task='任务名/标签' #从某个task开始执行或只执行某个标签的name
#启动此文件
补充参数:-k(-ask-pass):用来交互式输入ssh密码
-K(-ask-become-pass):用来交互式输入sudo密码
-U:指定用户
ansible-playbook 文件.yaml --list-task #检查yml文件
ansible-playbook 文件.yaml --list-hosts #检测主机
ansible-playbook 文件.yaml --syntax-check #检测语法
5. Practical example of playbooks module 1
vim test1.yaml
#新建编辑yaml文件,内容如下
---
#ymal文件开头,可不写
- name: test
#定义play名称,可不写
gather_facts: false
#设置不进行facts信息收集,这可以加快执行速度,可省略默认开启
hosts: webservers
#要执行的组或者主机,webservers为组名需要在/etc/ansible/hosts中配置
remote_user: root
#执行时所使用的用户
tasks:
#定义任务列表,列表中任务按顺序执行
- name: test ping
#自定义name的任务名称
ping:
#第一个任务执行内容为使用ping模块ping,webservers组的主机
- name: test selinux
command: /sbin/setenforce 0
#第二个任务执行内容为使用command模块关闭selinux
ignore_errors: false
#若出现错误,忽略继续运行下面的任务,默认为true出错立即停止playbooks
- name: test stop firewalld
service: name=firewalld state=stopped
#第三个任务执行内容为使用service模块关闭firewalld防火墙
- name: test yum
yum: name=httpd state=latest
#第四个任务执行内容为使用yum模块安装httpd服务状态为latest
- name: test copy
copy: src=/opt/httpd.conf dest=/etc/httpd/conf/httpd.conf
#第五个任务为使用copy模块将ansible上的/etc/httpd.conf文件拷贝到指定组的主配置文件下替换,注意此处需要在ansible的/opt目录上有一个httpd.conf的模版否则会报错
notify: "restart httpd"
#如果上面的copy任务成功,则调用handlers模块的restart httpd,注意要与下面handlers的name名称相同
- name: test start httpd
service: enabled=yes name=httpd state=started
#第六个任务执行内容为使用service模块启动httpd服务并设置开机自启
handlers:
- name: restart httpd
service: name=httpd state=restarted
#handlers模块,若notify成立则执行此模块内容调用service模块重启httpd服务。注意使用name名称调用
6. Practical example of vars module 2
---
- name:
hosts: webservers
remote_user: root
ignore_errors: false
vars:
#使用变量模块
- groupname: testgroup
#定义变量groupname的值为testgroup
- username: testuser
#定义变量username的值为testuser
tasks:
- name: create group
group: name={
{groupname}} gid=111
#第一个任务使用group模块调用定义的groupname变量创建组
- name: create user
user: name={
{username}} uid=10086 group={
{groupname}}
#第二个任务使用user模块调用定义的username变量创建用户指定uid和组
7. Practical example of when module 3
---
- hosts: webservers
remote_user: root
tasks:
- name: test when
service: name=httpd state=stopped
when: ansible_default_ipv4.address == "192.168.30.12"
#当内置的变量ipv4.address等于192.168.30.12时调用service模块关闭httpd服务
8. Practical example of the with_items loop module 4
---
- name: test1
hosts: webservers
gather_facts: false
tasks:
- name: create directories
file:
path: "{
{item}}"
state: directory
#路径调用变量item,变量值为下面的with_items的内容,一次执行一个有几个值执行几次,state为创建类型为目录
with_items:
- /tmp/test1
- /tmp/test2
- name: create file
file:
path: "{
{item}}"
state: touch
#路径调用变量item,变量值为下面的with_items的内容,一次执行一个有几个值执行几次,state为创建类型为文件
with_items:
- /tmp/test1/a.txt
- /tmp/test2/b.txt
9. Practical example of template module 5
1.先准备一个以 .j2 为后缀的 template 模板文件,设置引用的变量
cp /etc/httpd/conf/httpd.conf /opt/httpd.conf.j2
#注意ansible本身要安装httpd,其他2台被控制的不能安装httpd
vim /opt/httpd.conf.j2
Listen {
{http_port}} #42行,修改
ServerName {
{server_name}} #95行,修改
DocumentRoot "{
{root_dir}}" #119行,修改
#修改template配置文件模块的端口和主机名、根目录为变量
2.修改主机清单文件,使用主机变量定义一个变量名相同,而值不同的变量
vim /etc/ansible/hosts
[webservers1]
192.168.30.12 http_port=192.168.30.12:80 server_name=www.lhj1.com:80 root_dir=/var/www/html
[webservers2]
192.168.30.13 http_port=192.168.30.13:80 server_name=www.lhj2.com:80 root_dir=/var/www/html
3.主机添加hosts
vim /etc/hosts
192.168.30.12 www.lhj1.com
192.168.30.13 www.lhj2.com
4.编写playbook文件
vim httpd.yaml
---
- hosts: all
remote_user: root
gather_facts: false
vars:
- package: httpd
- service: httpd
tasks:
- name: install httpd
yum: name={
{package}} state=latest
- name: con test
template: src=/opt/httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf
#配置文件模板拷贝到httpd的子配置文件中
notify:
- restart httpd
- name: start httpd
service: name={
{service}} state=started
handlers:
- name: restart httpd
service: name={
{service}} state=restarted
5.最后在ansible上curl访问2个域名验证
10. Tags module actual combat example 6
---
- hosts: webservers1
remote_user: root
gather_facts: false
tasks:
- name: copy hosts
copy: src=/etc/hosts dest=/opt/hosts
tags:
- tags1
#自定义标签名,可以在执行yaml文件时使用 --tag="tags1"只执行此任务,always标签任务除外
- name: touch file
file: path=/opt/testhost state=touch
tags:
- always
#always标签,无论执行那个标签都会将此标签的任务内容执行