1.Ansible Introduction
1) Ansible: Ansible core program
2) Host Lnventory: Record every Ansible by the host information management, information including ssh port, root account password, ip addresses, and so on. Can be loaded via file, can be loaded by CMDB
3) Playbooks: YAML format file, multiple tasks defined in a file, you can use a unified call "play" is used to define those who need to call the host module to complete the function.
4) Core Modules: Ansible perform any administrative tasks are not completed by the Ansible themselves, but to complete the core modules; before Ansible management server, the first call core Modules in the module, and then specify the management host Host Lnventory in, you can complete management host.
5) Custom Modules: custom modules, complete Ansible core module function can not be completed, this module supports any language.
6) Connection Plugins: connector plug, Ansible and Host communication uses
2.ansible three kinds of call mode
1) hoc: Command Line
2) playbooks: script / script
3) roles: the role of
3.ansible configure the client
1) Installation:
yum install epel-release
yum install anisble
2) Client Configuration
(1)server:ssh-keygen
scp id_rsa.pub [email protected]:/root/.ssh/authorized_keys
(2)vim /etc/ansible/hosts
ansible_ssh_user=root ansible_ssh_port=22 ansible_ssh_pass=root
The default number of concurrent 4.ansible: 5
ansible -f modification
5.ansible commonly used commands
ansible-doc -l # View supported modules
ansible-doc -s MODEL_NAME # View module usage
ansible application of basic commands
Are ansible all -m ping # view the client end through the normal ping
ansible webserver -m setup # view client information
ansible webserver -m copy -a 'src=/root/git_test/code.txt dest=/root/test' #copy文件到cient端
ansible webserver -m user -a "name = test state = present" # create a test user
ansible webserver -m user -a "name = test state = absent" # delete test user
ansible webserver -m yum -a ‘name=epel-relese state=latest‘ #yum安装
ansible webserver -m service -a ‘name=httpd state=stopped enabled=no‘ #停止httpd服务
ansible webserver -m script -a '/tmp/test.sh' # run script
ansible webserver -m command 'date' # View Time
6. Connect error to solve
Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this host's fingerprint to your known_hosts file to manage this host when you use the ansible connection to the host. Error put the / etc / ansible / ansible.cfg profile line comment open host_key_checking = False
7.playbooks
1)
If idempotent generally used in the form of modules, if no command or shell idempotent
playbooks equivalent shell script can be written to a file tasks to be performed which, once implemented, easy call
tasks: a task is the equivalent of a play
varibles: variable, certain definitions, many call
template: templates, you can distinguish the characteristics of different hosts
handlers: trigger, depending on the previous task, if you perform a task before change, it will trigger handlers
2) define the playbook task
- hosts: testhosts - There must be a space between the keyword
remote_user: root aligned with hosts
vars: define the variable
- file: httpd.conf
tasks: define the task
- name: copy httpd.conf task name
copy: src = / root / {{file}} dest = / etc / httpd / conf / {{file}} calls the copy module
- name: restart httpd define multiple tasks
service: name=httpd state=restarted
3) the definition of variables
Incoming variables in the template file which yaml
{{variable name}}
The first:
whose:
- file: httpd.conf
The second:
vim /etc/ansible/hosts
[Testhosts: whose]
file=httpd.conf
packages=tree
The third
When executed playbook file given variable --extra-vars
ansible-playbook test.yaml --extra-vars "touch_file=test.txt"
4) Registration variables:
register Register variables: the results of the date command output given to date_output
- hosts: 192.168.254.10
remote_user: root
tasks:
- name: get date
command: date
register: date_output
- name: echo date_output
shell: "echo {{date_output.stdout}}>/tmp/a.txt"
5) when the statement
when condition statement: The setup can show the client information is determined based on
- hosts: 192.168.254.12
remote_user: root
tasks:
- name: echo date_output
shell: "touch /tmp/a.txt"
when: ansible_distribution=='CentOS' and ansible_distribution_major_version=='8'
6) Exception Handling
ignore_errors: If the task wrong, skip, does not affect other tasks
- hosts: 192.168.254.12
remote_user: root
tasks:
- name: add several user
command: touch1 a.txt
ignore_errors: yes
7) loop:
The first:
{{Item}}: Create cycle
- hosts: 192.168.254.12
remote_user: root
tasks:
- name: add many users
user: name={{ item }} state=present
with_items:
- user1
- user2
- user3
- user4
The second:
- hosts: 192.168.254.12
remote_user: root
tasks:
- name: add several user
user: name={{item.name}} state=present groups={{item.groups}}
with_items:
- { name: 'testuser1', groups: 'wheel'}
- { name: 'testuser2', groups: 'root'}
8) Triggers:
handlers: If the task execution is changed then the task will trigger handlers
- hosts: testhosts
remote_user: root
tasks:
- name: copy httpd.conf
copy: src=/root/httpd.conf dest=/etc/httpd/conf/httpd.conf
notify:
- restarted httpd service
handlers:
- name: restarted httpd service
service: name=httpd state=restarted
9) copies of template:
template, to distinguish the different characteristics of the client
- hosts: testhosts
remote_user: root
tasks:
- name: copy httpd.conf
template: src=/root/httpd.conf dest=/etc/httpd/conf/httpd.conf 将copy改为template
notify:
- restarted httpd service
handlers:
- name: restarted httpd service
service: name=httpd state=restarted
The variables within the region to be modified files, such as the Listen 80 to Listen {{port}}
Add variable values in the group file
[testhosts]
192.168.52.234·······port=1111
192.168.52.235·······port=2222
To be continued