Ansible batch automated management tools (b)
1. Introduction tools and environment
About 1.1 ansible
- Batch management server tools
- No need to deploy the agent, managed by ssh
- Operation and maintenance of popular automation tool: https: //github.com/ansible/ansible
About 1.2 jenkins
- Visualization operation and maintenance (mainly used in the visualization deployment)
- Continuous build, and you can git, svn combination
- Ssh may be combined visualized O & M
- May be combined ansible visualized O & M
1.3 Check the environment
[root@server ~]# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
[root@server ~]# uname -m
x86_64
[root@server ~]# uname -r
3.10.0-862.el7.x86_642.Python3 and ansible installation
2.1 Source installation Python3.5
2.1.1 Installation Support Package
[root@Ansible ~]# yum -y install lrzsz gcc gcc-c++ ncurses ncurses-devel unzip zlib-devel zlib openssl-devel openssl
[root@Ansible ~]# rpm -qa lrzsz gcc gcc-c++ ncurses ncurses-devel unzip zlib-devel zlib openssl-devel openssl
gcc-c++-4.8.5-28.el7_5.1.x86_64
ncurses-devel-5.9-14.20130511.el7_4.x86_64
ncurses-5.9-14.20130511.el7_4.x86_64
openssl-1.0.2k-12.el7.x86_64
gcc-4.8.5-28.el7_5.1.x86_64
openssl-devel-1.0.2k-12.el7.x86_64
unzip-6.0-19.el7.x86_64
zlib-1.2.7-17.el7.x86_64
zlib-devel-1.2.7-17.el7.x86_64
lrzsz-0.12.20-36.el7.x86_642.1.2 source compiler Python3.5
[root@Ansible yang]# pwd
/yang
[root@Ansible yang]# ls
Python-3.5.2.tgz
[root@Ansible yang]# tar xf Python-3.5.2.tgz -C /usr/src/ #解压缩
[root@Ansible yang]# cd /usr/src/Python-3.5.2/
[root@Ansible Python-3.5.2]# ./configure --prefix=/usr/local/python/ #源码编译
#以下省略。。。
[root@Ansible Python-3.5.2]# make && make install
#以下省略。。。
[root@Ansible Python-3.5.2]# ln -s /usr/local/python/bin/python3 /usr/bin/python3 #建立软连接
[root@Ansible Python-3.5.2]# which python3
/usr/bin/python3
[root@Ansible Python-3.5.2]# python3 -V python的版本号
Python 3.5.22.2 pip3 installation ansible
2.2.1 install the latest version ansible
[root@Ansible Python-3.5.2]# /usr/local/python/bin/pip3 install ansible
#以下省略。。。2.2.2 Create a soft link
[root@Ansible Python-3.5.2]# ln -s /usr/local/python/bin/ansible /usr/local/bin/
[root@Ansible Python-3.5.2]# which ansible
/usr/local/bin/ansible
[root@Ansible Python-3.5.2]# ansible --version
ansible 2.6.4 #ansible版本
config file = None
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/python/lib/python3.5/site-packages/ansible
executable location = /usr/local/bin/ansible
python version = 3.5.2 (default, Sep 6 2018, 22:33:20) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]2.3 ansible View Help
[root@ansible ~]# /usr/local/python/bin/ansible-doc -l #查看总帮助
[root@ansible ~]# /usr/local/python/bin/ansible-doc -s shell #查看shell模块的帮助
[root@ansible ~]# /usr/local/python/bin/ansible-doc -s raw3. Use ssh implement public and private key without password
- ansible is no agent, the agent is not how batch management server? Mainly borrowed ssh to batch management server.
- ssh default login password is required, so that management is too much trouble, this lesson is to introduce the ssh without password.
- ssh without password realized later, using ansible batch management server becomes simple
| Host | IP |
|---|---|
| ansible | 192.168.200.73 |
| web01 | 192.168.200.74 |
| web02 | 192.168.200.75 |
3.1 generate a key pair
[root@Ansible ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P ""
Generating public/private rsa key pair.
Created directory '/root/.ssh'.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:AyXvTyhwFx6yOSXrzVUBcmGCzjmgoLjo51Yn+XVdmbk root@Ansible
The key's randomart image is:
+---[RSA 2048]----+
| +.B =oo. |
|. . .% B . |
|o. ..+B.+ . +|
|o . +=B o = |
|.. +.S . . . .|
|o + o = . . E |
|. . + . o |
| . o . |
| +. |
+----[SHA256]-----+3.2 distribute keys to Web01
[root@Ansible ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 192.168.200.74 #Web01的IP
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password: Web01的登录密码
Number of key(s) added: 1
Now try logging into the machine, with: "ssh -o ' StrictHostKeyChecking=no' '192.168.200.74'"
and check to make sure that only the key(s) you wanted were added.3.3 Free password test
[root@Ansible ~]# hostname -I
192.168.200.73
[root@Ansible ~]# ssh 192.168.200.74
Last login: Thu Sep 6 22:16:49 2018 from 192.168.200.1
[root@Web01 ~]# hostname -I
192.168.200.74
[root@Web01 ~]# exit
logout
Connection to 192.168.200.74 closed.Simple configuration and ping module 4.ansible
4.1 ansible profile
[root@Ansible ~]# mkdir -p /etc/ansible
[root@Ansible ~]# cat /etc/ansible/hosts #ansible主机管理配置文件
[nginx] #被管理的主机组名称
Web01 ansible_ssh_host=192.168.200.74 ansible_ssh_port=22 ansible_ssh_user=root #第一台主机
Web02 ansible_ssh_host=192.168.200.75 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass=111111 #第二台主机
特别提示:
Web01 ===> 主机名
ansible_ssh_host ===>主机IP
ansible_ssh_port ===>ssh的默认端口
ansible_ssh_user ===>ssh的用户名
ansible_ssh_pass ===>ssh的用户的连接密码If we have set up a ssh key free. Then there is no need to write password. For example: Web01
If we do not set free key, you will need to install sshpass tool and write the password on the connected host in the / etc / ansible / hosts file. For example Web02
#下载epel源安装sshpass
root@Ansibl ~]# yum -y install wget
[root@ansible ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
[root@ansible ~]# yum -y install sshpass
[root@ansible ~]# which sshpass
/usr/bin/sshpass#修改ssh配置文件
[root@ansible ~]# sed -n '35p' /etc/ssh/ssh_config
# StrictHostKeyChecking ask
[root@ansible ~]# vim /etc/ssh/ssh_config
[root@ansible ~]# sed -n '35p' /etc/ssh/ssh_config
StrictHostKeyChecking no #去掉注释,修改成这样
#重启ssh服务
[root@ansible ~]# systemctl reload sshd.service4.2 ansible execute commands remotely test
#进行ping模块的连接测试
[root@Ansible ~]# ansible nginx -m ping
Web01 | SUCCESS => {
"changed": false,
"ping": "pong"
}
Web02 | SUCCESS => {
"changed": false,
"ping": "pong"
}4.3ansible simple use
ansible -i /etc/ansible/hosts 主机或主机组 -m 指定模块 -a 命令
4.4 ping module to see if the server is connected properly, ping module does not need to specify parameter -a
ansible all -m ping
Host groups, hosts, all on behalf of all
4.4.1 hosts and host groups Note:
| Host group range | Explanation |
|---|---|
| all | On behalf of all hosts |
| Web01:Web02 | You can specify multiple hosts |
| all:!Web01 | But does not include all designated Web02, pay attention! Need to add before I turn symbol \ |
4.4.2 Operation test
[root@Ansible ~]# ansible Web01 -m ping
Web01 | SUCCESS => {
"changed": false,
"ping": "pong"
}
[root@Ansible ~]# ansible all -m ping
Web01 | SUCCESS => {
"changed": false,
"ping": "pong"
}
Web02 | SUCCESS => {
"changed": false,
"ping": "pong"
}
[root@Ansible ~]# ansible Web01:Web02 -m ping
Web01 | SUCCESS => {
"changed": false,
"ping": "pong"
}
Web02 | SUCCESS => {
"changed": false,
"ping": "pong"
}
[root@Ansible ~]# ansible all:\!Web01 -m ping
Web02 | SUCCESS => {
"changed": false,
"ping": "pong"
}
[root@Ansible ~]# ansible Web01:Web02 -m command -a 'uptime'
Web02 | SUCCESS | rc=0 >>
23:14:40 up 1:16, 3 users, load average: 0.05, 0.03, 0.05
Web01 | SUCCESS | rc=0 >>
23:14:40 up 1:16, 3 users, load average: 0.06, 0.03, 0.055.ansible three command module
5.1 ansible module command (does not support the pipeline, not recommended)
#command支持直接回显命令的执行结果
[root@ansible ~]# ansible all -m command -a "pwd"
Web01 | SUCCESS | rc=0 >>
/root
Web02 | SUCCESS | rc=0 >>
/root
#command模块不支持管道符操作
[root@ansible ~]# ansible all -m command -a "echo test | grep t"
Web01 | SUCCESS | rc=0 >>
test | grep t
Web02 | SUCCESS | rc=0 >>
test | grep t
#command模块不支持重定向操作
[root@ansible ~]# ansible all -m command -a "echo bb >> /tmp/testansible"
Web01 | SUCCESS | rc=0 >>
bb >> /tmp/testansible
Web02 | SUCCESS | rc=0 >>
bb >> /tmp/testansible5.2 ansible module shell (support pipes, support redirection)
#shell模块支持管道符
[root@ansible ~]# ansible all -m shell -a "echo testansible | grep a"
Web01 | SUCCESS | rc=0 >>
testansible
Web02 | SUCCESS | rc=0 >>
testansible
#shell支持重定向
[root@ansible ~]# ansible all -m shell -a "echo bb >> /tmp/testansible"
Web01 | SUCCESS | rc=0 >>
Web02 | SUCCESS | rc=0 >>
[root@Web01 tmp]# cat testansible
bb
[root@Web02 tmp]# cat testansible
bb
#如果遇到特殊符号需要加入\转义,这样子ansible才能正常运行
[root@Ansible ~]# ansible all -m shell -a "cat /etc/passwd | awk -F":" '{print \$1}'"
Web01 | SUCCESS | rc=0 >>
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
operator
games
ftp
nobody
systemd-network
dbus
polkitd
sshd
postfix
chrony
Web02 | SUCCESS | rc=0 >>
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
operator
games
ftp
nobody
systemd-network
dbus
polkitd
sshd
postfix
chrony5.3 ansible module raw, most primitive way to run command (not rely python, only be achieved by ssh)
5.3.1 Clear cache yum
[root@Ansible ~]# ansible all -m raw -a "yum -y clean all"
Web02 | SUCCESS | rc=0 >>
Loaded plugins: fastestmirror
Cleaning repos: base extras updates
Cleaning up everything
Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos
Cleaning up list of fastest mirrors
Shared connection to 192.168.200.75 closed.
Web01 | SUCCESS | rc=0 >>
Loaded plugins: fastestmirror
Cleaning repos: base extras updates
Cleaning up everything
Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos
Cleaning up list of fastest mirrors
Shared connection to 192.168.200.74 closed.5.3.2 establish yum cache
[root@Ansible ~]# ansible all -m raw -a "yum makecache"
Web02 | SUCCESS | rc=0 >>
Loaded plugins: fastestmirror
Determining fastest mirrors
#中间省略。。。
Metadata Cache Created
Shared connection to 192.168.200.75 closed.
Web01 | SUCCESS | rc=0 >>
Loaded plugins: fastestmirror
Determining fastest mirrors
#中间省略。。。
Metadata Cache Created
Shared connection to 192.168.200.74 closed.5.3.3yum nmap package installed
[root@Ansible ~]# ansible all -m raw -a "yum -y install nmap"
#以下省略。。。5.3.4 Review the installation results
[root@Web01 ~]# which nmap
/usr/bin/nmap
[root@Web02 ~]# which nmap
/usr/bin/nmap6.ansible the copy module batch issued a document or folder
6.1 copy Module Overview
6.1.1copy parameter module, ansible host group -m -a command module
- src: Specifies the source file or directory
- dest: Specifies the target server file or directory
- backup: Do you want to back up
- owner: After copied to the target server, the user belongs to a file or directory
- group: After copied to the target server, belongs to a group of files or directories
- Permissions on the file or directory: mode
6.1.2 Preparations
[root@Ansible ~]# mkdir yangwenbo
[root@Ansible ~]# cd yangwenbo
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# echo "welcome to yunjisuan161" > yunwei
[root@Ansible yangwenbo]# cat yunwei
welcome to yunjisuan1616.1.3 all end nodes managed libselinux-python package must be installed
[root@Web01 ~]# yum -y install libselinux-python
[root@Web01 ~]# rpm -qa libselinux-python
libselinux-python-2.5-12.el7.x86_64
[root@Web02 ~]# yum -y install libselinux-python
[root@Web02 ~]# rpm -qa libselinux-python
libselinux-python-2.5-12.el7.x86_646.2 copy module copies of documents
Special Note:
- If the target path does not exist will be created automatically
- src ===> dest = source file path to the target path position
#拷贝文件
[root@Ansible yangwenbo]# ansible all -m copy -a "src=/root/yangwenbo/yunwei dest=/root/yangwenbo/"
Web01 | SUCCESS => {
"changed": true,
"checksum": "4775b9cf454d1817e252f0678c06d64bc214da1c",
"dest": "/root/yangwenbo/yunwei",
"gid": 0,
"group": "root",
"md5sum": "38b35e7d3f5c75583ce5e1ee5838a396",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 24,
"src": "/root/.ansible/tmp/ansible-tmp-1536310826.228977-17143783285290/source",
"state": "file",
"uid": 0
}
Web02 | SUCCESS => {
"changed": true,
"checksum": "4775b9cf454d1817e252f0678c06d64bc214da1c",
"dest": "/root/yangwenbo/yunwei",
"gid": 0,
"group": "root",
"md5sum": "38b35e7d3f5c75583ce5e1ee5838a396",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 24,
"src": "/root/.ansible/tmp/ansible-tmp-1536310826.2419605-39881113399031/source",
"state": "file",
"uid": 0
}
#检查拷贝结果
[root@Web01 ~]# cd yangwenbo/
[root@Web01 yangwenbo]# pwd
/root/yangwenbo
[root@Web01 yangwenbo]# cat yunwei
welcome to yunjisuan161
[root@Web02 ~]# cd yangwenbo/
[root@Web02 yangwenbo]# pwd
/root/yangwenbo
[root@Web02 yangwenbo]# cat yunwei
welcome to yunjisuan1616.3 copy module copy folders
Special Note: If you have a file with the same name in the destination path and file I copied it, will direct overwrite files in the target path
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat yunwei
welcome to yunjisuan161
#拷贝文件
[root@Ansible yangwenbo]# ansible Web01 -m copy -a "src=/root/yangwenbo/ dest=/root/yangwenbo/"
Web01 | SUCCESS => {
"changed": false,
"checksum": "4775b9cf454d1817e252f0678c06d64bc214da1c",
"dest": "/root/yangwenbo/yunwei",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"path": "/root/yangwenbo/yunwei",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 24,
"state": "file",
"uid": 0
}
#检查拷贝结果
[root@Web01 yangwenbo]# pwd
/root/yangwenbo
[root@Web01 yangwenbo]# cat yunwei
welcome to yunjisuan1616.4 copy automatic backup module
Special Note: Parameter: backup = yes ===> means that if the next target path, but have different contents of the file with the same name as me, in front of coverage, the target files to be backed up.
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat yunwei
hello
#拷贝文件
[root@Ansible yangwenbo]# ansible Web01 -m copy -a "src=/root/yangwenbo/ dest=/root/yangwenbo/ backup=yes"
Web01 | SUCCESS => {
"backup_file": "/root/yangwenbo/yunwei.1990.2018-09-07@05:30:28~",
"changed": true,
"checksum": "f572d396fae9206628714fb2ce00f72e94f2258f",
"dest": "/root/yangwenbo/yunwei",
"gid": 0,
"group": "root",
"md5sum": "b1946ac92492d2347c6235b4d2611184",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 6,
"src": "/root/.ansible/tmp/ansible-tmp-1536312626.9388444-271698353874697/source",
"state": "file",
"uid": 0
}
#检查拷贝结果
[root@Web01 yangwenbo]# pwd
/root/yangwenbo
[root@Web01 yangwenbo]# ls
yunwei yunwei.1990.2018-09-07@05:30:28~
[root@Web01 yangwenbo]# cat yunwei
hello
[root@Web01 yangwenbo]# cat yunwei.1990.2018-09-07\@05\:30\:28~
welcome to yunjisuan1616.5 copy owner and the user module designation
#拷贝文件
[root@Ansible yangwenbo]# ansible Web02 -m copy -a "src=/root/yangwenbo/ dest=/root/yangwenbo/ owner=nobody group=nobody mode=0600"
Web02 | SUCCESS => {
"changed": true,
"checksum": "f572d396fae9206628714fb2ce00f72e94f2258f",
"dest": "/root/yangwenbo/yunwei",
"gid": 99,
"group": "nobody",
"md5sum": "b1946ac92492d2347c6235b4d2611184",
"mode": "0600",
"owner": "nobody",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 6,
"src": "/root/.ansible/tmp/ansible-tmp-1536312849.3372185-152360920901702/source",
"state": "file",
"uid": 99
}
#检查拷贝结果
[root@Web02 yangwenbo]# pwd
/root/yangwenbo
[root@Web02 yangwenbo]# ls
yunwei
[root@Web02 yangwenbo]# cat yunwei
hello
[root@Web02 yangwenbo]# ll
total 4
-rw-------. 1 nobody nobody 6 Sep 7 05:34 yunwei7.ansible run the script module batch script
ansible's script module enables remote operation of the local server batch of shell scripts.
#操作示例-->远程批量分发并自动部署nginx
#所有被管理端需要挂载光盘,并创建本地yum配置文件
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# ls | xargs -n1
auto_nginx.sh #自动安装nginx脚本
fenfa.sh #批量分发脚本
nginx-1.10.2.tar.gz #nginx源码包
[root@Ansible yangwenbo]# cat auto_nginx.sh #自动安装nginx脚本
#!/bin/sh
#nginx install shell scripts
test -d /media/cdrom || mkdir -p /media/cdrom
mount /dev/sr0 /media/cdrom &>/dev/null
yum -y install gcc gcc-c++ make pcre pcre-devel zlib zlib-devel openssl openssl-devel &>/dev/null
test -d /root/yangwenbo || exit 3
cd /root/yangwenbo/
tar xf nginx-1.10.2.tar.gz -C /usr/src/
cd /usr/src/nginx-1.10.2/
./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module &>/dev/null
make &>/dev/null
make install &>/dev/null
exit 0
[root@Ansible yangwenbo]# cat fenfa.sh #源码包和安装脚本的批量分发脚本
#!/bin/sh
#批量分发脚本
Group=$1
ansible $Group -m copy -a "src=/root/yangwenbo/ dest=/root/yangwenbo/"
ansible $Group -m script -a "/root/yangwenbo/auto_nginx.sh"#激活脚本
[root@Ansible yangwenbo]# sh fenfa.sh all
Web02 | SUCCESS => {
"changed": true,
"dest": "/root/yangwenbo/",
"src": "/root/yangwenbo/"
}
Web01 | SUCCESS => {
"changed": true,
"dest": "/root/yangwenbo/",
"src": "/root/yangwenbo/"
}
Web02 | SUCCESS => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.200.75 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.200.75 closed."
],
"stdout": "",
"stdout_lines": []
}
Web01 | SUCCESS => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.200.74 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.200.74 closed."
],
"stdout": "",
"stdout_lines": []
}#检查脚本执行结果
[root@Web01 ~]# ll -d /usr/local/nginx
drwxr-xr-x. 6 root root 54 Sep 7 06:00 /usr/local/nginx
[root@Web02 ~]# ll -d /usr/local/nginx
drwxr-xr-x. 6 root root 54 Sep 7 06:00 /usr/local/nginxThis script is just a demo, the work required to write a number as tightly as possible
The initial use 8.ansible-playbook
Using the playbook, playbook modules can be combined ansible
#设置ansible-playbook的软连接
[root@Ansible /]# ln -s /usr/local/python/bin/ansible-playbook /usr/local/bin/
[root@Ansible /]# which ansible-playbook
/usr/local/bin/ansible-playbookUsing a simple shell of the module 8.1 playbook
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_shell.yaml #playbook的执行模板
--- #开头三个小-开头
- hosts: Web01
tasks:
- name: test
shell: echo "welcome to yunjisaun" >> /tmp/username
- name: test2
shell: echo "welcome to yunjisuan" >> /tmp/username
模板说明:
--- #开头必须有三个小-,顶格写
- hosts: #正文配置代码的第一级,必须有两个空格(-占一个空格位)
- host: Web01 #Web01是host参数的值,值和hosts:之间要有一个空格
tasks: #tasks:表示接下来要执行的具体任务
- name: #相对于tasks再多缩进两个格(-占一个空格位),表示属于tasks的下一级
- name: test #test只是要执行的具体命令的名字可以随便写。name:后还是有一个空格要注意
shell: #表示调用shell模块执行命令相对于tasks仍旧要多缩进两个空格
shell: echo "xxx" >> xxx #shell:后边还是要有个空格,需要注意。#执行playbook配置文件
[root@Ansible yangwenbo]# ansible-playbook test_shell.yaml
PLAY [Web01] ***********************************************************************************
TASK [Gathering Facts] *************************************************************************
ok: [Web01]
TASK [test] ************************************************************************************
changed: [Web01]
TASK [test2] ***********************************************************************************
changed: [Web01]
PLAY RECAP *************************************************************************************
Web01 : ok=3 changed=2 unreachable=0 failed=0 #执行结果
[root@Web01 tmp]# pwd
/tmp
[root@Web01 tmp]# ls
username
[root@Web01 tmp]# cat username
welcome to yunjisaun
welcome to yunjisuanUsing a simple copy of the module 8.2 playbook
[root@Ansible yangwenbo]# echo "welcom to yunjisuan" >> /root/yangwenbo/test_copy
[root@Ansible yangwenbo]# cat test_copy
welcom to yunjisuan
[root@Ansible yangwenbo]# cat test_copy.yaml #playbook的执行模板
---
- hosts: Web02
tasks:
- name: test copy
copy: src=/root/yangwenbo/test_copy dest=/tmp/#执行playbook配置文件
[root@Ansible yangwenbo]# ansible-playbook test_copy.yaml
PLAY [Web02] ***********************************************************************************
TASK [Gathering Facts] *************************************************************************
ok: [Web02]
TASK [test copy] *******************************************************************************
changed: [Web02]
PLAY RECAP *************************************************************************************
Web02 : ok=2 changed=1 unreachable=0 failed=0 #执行结果
[root@Web02 tmp]# pwd
/tmp
[root@Web02 tmp]# ls
test_copy
[root@Web02 tmp]# cat test_copy
welcom to yunjisuan8.3 playbook using the output result of the command register
When we were ansible module operation with the playbook, and no execution of the command output, the default is to hide
our execution results can be most added output of the command by the module register
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_register.yaml #playbook的执行模板
---
- hosts: all
tasks:
- name: test register
shell: echo "hi Tom" >> /tmp/registers
register: print_result #将之前命令的输出结果保存在变量print_result里
- debug: var=print_result #将变量的值作为debug输出出来#执行playbook配置文件
[root@Ansible yangwenbo]# ansible-playbook test_register.yaml
PLAY [all] *************************************************************************************
TASK [Gathering Facts] *************************************************************************
ok: [Web01]
ok: [Web02]
TASK [test register] ***************************************************************************
changed: [Web02]
changed: [Web01]
TASK [debug] ***********************************************************************************
ok: [Web01] => {
"print_result": {
"changed": true,
"cmd": "echo \"hi Tom\" >> /tmp/registers",
"delta": "0:00:00.007286",
"end": "2018-09-07 23:43:38.967375",
"failed": false,
"rc": 0,
"start": "2018-09-07 23:43:38.960089",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
}
ok: [Web02] => {
"print_result": {
"changed": true,
"cmd": "echo \"hi Tom\" >> /tmp/registers",
"delta": "0:00:00.006651",
"end": "2018-09-07 23:43:38.957825",
"failed": false,
"rc": 0,
"start": "2018-09-07 23:43:38.951174",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
}
PLAY RECAP *************************************************************************************
Web01 : ok=3 changed=1 unreachable=0 failed=0
Web02 : ok=3 changed=1 unreachable=0 failed=0 #执行结果
[root@Web01 tmp]# pwd
/tmp
[root@Web01 tmp]# ls
registers
[root@Web01 tmp]# cat registers
hi Tom
[root@Web02 tmp]# pwd
/tmp
[root@Web02 tmp]# ls
registers
[root@Web02 tmp]# cat registers
hi Tom8.4 nginx configuration made and tested under
[root@Ansible tmp]# pwd
/tmp
[root@Ansible tmp]# ls
nginx.conf
[root@Ansible tmp]# cat nginx.conf #nginx的配置文件
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name www.yangwenbo.com;
location / {
root html;
index index.html index.htm;
}
}
}
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_nginx_conf.yaml #playbook的执行模板
---
- hosts: all
tasks:
- name: copy nginx.conf
copy: src=/tmp/nginx.conf dest=/usr/local/nginx/conf/ backup=yes
- name:
shell: /usr/local/nginx/sbin/nginx -t
register: nginx_result
- debug: var=nginx_result#执行playbook配置文件
[root@Ansible yangwenbo]# ansible-playbook test_nginx_conf.yaml
PLAY [all] *************************************************************************************
TASK [Gathering Facts] *************************************************************************
ok: [Web01]
ok: [Web02]
TASK [copy nginx.conf] *************************************************************************
changed: [Web02]
changed: [Web01]
TASK [shell] ***********************************************************************************
changed: [Web02]
changed: [Web01]
TASK [debug] ***********************************************************************************
ok: [Web01] => {
"nginx_result": {
"changed": true,
"cmd": "/usr/local/nginx/sbin/nginx -t",
"delta": "0:00:00.720120",
"end": "2018-09-07 23:14:53.043060",
"failed": false,
"rc": 0,
"start": "2018-09-07 23:14:52.322940",
"stderr": "nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok\nnginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful",
"stderr_lines": [
"nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok", #提示nginx配置文件正常
"nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful"
],
"stdout": "",
"stdout_lines": []
}
}
ok: [Web02] => {
"nginx_result": {
"changed": true,
"cmd": "/usr/local/nginx/sbin/nginx -t",
"delta": "0:00:00.628406",
"end": "2018-09-07 23:14:52.966781",
"failed": false,
"rc": 0,
"start": "2018-09-07 23:14:52.338375",
"stderr": "nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok\nnginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful",
"stderr_lines": [
"nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok", #提示nginx配置文件正常
"nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful"
],
"stdout": "",
"stdout_lines": []
}
}
PLAY RECAP *************************************************************************************
Web01 : ok=4 changed=2 unreachable=0 failed=0
Web02 : ok=4 changed=2 unreachable=0 failed=0 #执行结果
[root@Web01 /]# cat /usr/local/nginx/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name www.yangwenbo.com;
location / {
root html;
index index.html index.htm;
}
}
}
[root@Web02 /]# cat /usr/local/nginx/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name www.yangwenbo.com;
location / {
root html;
index index.html index.htm;
}
}
}9.playbook custom variables and built-in variables
9.1 Use custom variables in the Playbook
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_vars.yaml #playbook的执行模板
---
- hosts: all
vars: #定义变量
- names: "yunjisuan" #第一个name变量
age: "3" #第二个age变量
tasks:
- name: "{{ names }}" #{{}}两对大括号引用变量,变量名两头空格
shell: echo "myname {{ names }},myage {{ age }}" >> /tmp/bianliang
register: var_result
- debug: var=var_result
#特别提示:引用变量需要在双引号中引用。#执行playbook配置文件
[root@Ansible yangwenbo]# ansible-playbook test_vars.yaml
PLAY [all] **************************************************************************************
TASK [Gathering Facts] **************************************************************************
ok: [Web01]
ok: [Web02]
TASK [yunjisuan] ********************************************************************************
changed: [Web01]
changed: [Web02]
TASK [debug] ************************************************************************************
ok: [Web01] => {
"var_result": {
"changed": true,
"cmd": "echo \"myname yunjisuan,myage 3\" >> /tmp/bianliang",
"delta": "0:00:00.007237",
"end": "2018-09-07 23:37:10.839684",
"failed": false,
"rc": 0,
"start": "2018-09-07 23:37:10.832447",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
}
ok: [Web02] => {
"var_result": {
"changed": true,
"cmd": "echo \"myname yunjisuan,myage 3\" >> /tmp/bianliang",
"delta": "0:00:00.009848",
"end": "2018-09-07 23:37:10.859020",
"failed": false,
"rc": 0,
"start": "2018-09-07 23:37:10.849172",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
}
PLAY RECAP **************************************************************************************
Web01 : ok=3 changed=1 unreachable=0 failed=0
Web02 : ok=3 changed=1 unreachable=0 failed=0 #执行结果
[root@Web01 tmp]# pwd
/tmp
[root@Web01 tmp]# ls
bianliang
[root@Web01 tmp]# cat bianliang
myname yunjisuan,myage 3
[root@Web02 tmp]# pwd
/tmp
[root@Web02 tmp]# ls
bianliang
[root@Web02 tmp]# cat bianliang
myname yunjisuan,myage 39.2 ansible built-in variables in the playbook
We can use the ansible all -m setup | less View ansible built-in variables
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_setupvars.yaml #playbook的执行模板
---
- hosts: all
gather_facts: True #使用ansible内置变量
tasks:
- name: setup var
shell: echo "ip {{ ansible_all_ipv4_addresses[0] }} cpu {{ ansible_processor_count }}" >> /tmp/test
- name: setup var2
shell: echo "time {{ ansible_date_time["date"] }}" >> /tmp/test
register: var_result
- debug: var=var_result#执行playbook配置文件
[root@Ansible yangwenbo]# ansible-playbook test_setupvars.yaml
PLAY [all] *************************************************************************************
TASK [Gathering Facts] *************************************************************************
ok: [Web01]
ok: [Web02]
TASK [setup var] *******************************************************************************
changed: [Web02]
changed: [Web01]
TASK [setup var2] ******************************************************************************
changed: [Web01]
changed: [Web02]
TASK [debug] ***********************************************************************************
ok: [Web01] => {
"var_result": {
"changed": true,
"cmd": "echo \"time 2018-09-07\" >> /tmp/test",
"delta": "0:00:00.005305",
"end": "2018-09-07 23:49:33.178900",
"failed": false,
"rc": 0,
"start": "2018-09-07 23:49:33.173595",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
}
ok: [Web02] => {
"var_result": {
"changed": true,
"cmd": "echo \"time 2018-09-07\" >> /tmp/test",
"delta": "0:00:00.005363",
"end": "2018-09-07 23:49:33.230051",
"failed": false,
"rc": 0,
"start": "2018-09-07 23:49:33.224688",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
}
PLAY RECAP *************************************************************************************
Web01 : ok=4 changed=2 unreachable=0 failed=0
Web02 : ok=4 changed=2 unreachable=0 failed=0 #执行结果
[root@Web01 tmp]# pwd
/tmp
[root@Web01 tmp]# ls
test
[root@Web01 tmp]# cat test
ip 192.168.200.74 cpu 1
time 2018-09-07
[root@Web02 tmp]# pwd
/tmp
[root@Web02 tmp]# ls
test
[root@Web02 tmp]# cat test
ip 192.168.200.75 cpu 1
time 2018-09-07Send variable configuration file 10.Playbook
If a module configuration file to copy issued, then the configuration is the same;
if issued the configuration file with a variable configuration, need to use the template module.
10.1 showing variable profile by using the template module
[root@Ansible tmp]# pwd
/tmp
[root@Ansible tmp]# ls
test
[root@Ansible tmp]# cat test
my name is {{ myname }} #自定义变量
my name is {{ ansible_all_ipv4_addresses[0] }} #系统变量
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_filevars.yaml #playbook的执行模板
---
- hosts: all
gather_facts: True #开启系统变量
vars:
- myname: "yunjisuan" #自定义变量
tasks:
- name: template test
template: src=/tmp/test dest=/tmp/test #使用template下发可变配置文件#执行playbook配置文件
[root@Ansible yangwenbo]# ansible-playbook test_filevars.yaml
PLAY [all] *************************************************************************************
TASK [Gathering Facts] *************************************************************************
ok: [Web01]
ok: [Web02]
TASK [template test] ***************************************************************************
changed: [Web01]
changed: [Web02]
PLAY RECAP *************************************************************************************
Web01 : ok=2 changed=1 unreachable=0 failed=0
Web02 : ok=2 changed=1 unreachable=0 failed=0#执行结果
[root@Web01 tmp]# pwd
/tmp
[root@Web01 tmp]# ls
test
[root@Web01 tmp]# cat test
my name is yunjisuan
my name is 192.168.200.74
[root@Web02 tmp]# pwd
/tmp
[root@Web02 tmp]# ls
test
[root@Web02 tmp]# cat test
my name is yunjisuan
my name is 192.168.200.7510.2 issued configuration file which is determined using the syntax
10.2.1 PORT there is value
[root@Ansible tmp]# pwd
/tmp
[root@Ansible tmp]# ls
if.j2
[root@Ansible tmp]# cat if.j2
{% if PORT %} #if PORT存在
ip=0.0.0.0:{{ PORT }}
{% else %} #否则的话
ip=0.0.0.0:80
{% endif %} #结尾
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_ifvars.yaml #playbook的执行模板
---
- hosts: all
gather_facts: True #开启系统内置变量
vars:
- PORT: 90 #自定义变量
tasks:
- name: jinja2 if test
template: src=/tmp/if.j2 dest=/root/test#执行playbook配置文件
[root@Ansible yangwenbo]# ansible-playbook test_ifvars.yaml
PLAY [all] *************************************************************************************
TASK [Gathering Facts] *************************************************************************
ok: [Web02]
ok: [Web01]
TASK [jinja2 if test] **************************************************************************
changed: [Web01]
changed: [Web02]
PLAY RECAP *************************************************************************************
Web01 : ok=2 changed=1 unreachable=0 failed=0
Web02 : ok=2 changed=1 unreachable=0 failed=0#执行结果
[root@Web01 tmp]# pwd
/tmp
[root@Web01 tmp]# ls
test
[root@Web01 tmp]# cat test
ip=0.0.0.0:90
[root@Web02 tmp]# pwd
/tmp
[root@Web02 tmp]# ls
test
[root@Web02 tmp]# cat test
ip=0.0.0.0:90PORT 10.2.2 If the variable is empty, it would be another result
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_ifvars.yaml #playbook的执行模板
---
- hosts: all
gather_facts: True
vars:
- PORT: #置为空
tasks:
- name: jinja2 if test
template: src=/tmp/if.j2 dest=/root/test#执行playbook配置文件
[root@Ansible yangwenbo]# ansible-playbook test_ifvars.yaml
PLAY [all] *************************************************************************************
TASK [Gathering Facts] *************************************************************************
ok: [Web01]
ok: [Web02]
TASK [jinja2 if test] **************************************************************************
changed: [Web01]
changed: [Web02]
PLAY RECAP *************************************************************************************
Web01 : ok=2 changed=1 unreachable=0 failed=0
Web02 : ok=2 changed=1 unreachable=0 failed=0#执行结果
[root@Web01 tmp]# pwd
/tmp
[root@Web01 tmp]# ls
test
[root@Web01 tmp]# cat test
ip=0.0.0.0:80
[root@Web02 tmp]# pwd
/tmp
[root@Web02 tmp]# ls
test
[root@Web02 tmp]# cat test
ip=0.0.0.0:80notify and inform 11.Playbook issued nginx configuration (Profile)
#实战下发可执行动作的可变的nginx配置文件
[root@Ansible tmp]# pwd
/tmp
[root@Ansible tmp]# ls
nginx.j2
[root@Ansible tmp]# cat nginx.j2
worker_processes {{ ansible_processor_count }}; #可变的参数
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_nginxvars.yaml #playbook的执行模板
---
- hosts: all
gather_facts: True #开启系统内置变量
tasks:
- name: nginx conf
template: src=/tmp/nginx.j2 dest=/usr/local/nginx/conf/nginx.conf
notify:
- reload nginx #下发通知给handlers模块执行名字叫做reload nginx的动作
handlers: #定义动作
- name: reload nginx #动作的名字
shell: /usr/local/nginx/sbin/nginx -s reload