1 ansible-playbook task script
1.1 Script File concept
(1) playbook can be multiple batch operation module functional integration, complete thing.
Complexity (2) simplified operation and maintenance
(3) playbook recognition grammar described by yaml state file name extension is yaml
1.2 part of the script file
(1) play the role of (hosts) is defined host information
(2) script task (tasks) are defined by specific task information
(3) a script file composed of a plurality of hosts, a plurality of tasks can include tasks hosts
1.3 Script File Benefits Features
(1) automation is more comprehensive
(2) can better control logic
(3) Screenplay show more intuitive command syntax
(4) has the characteristics of enduring repeated
Write the script file specification 1.4
(1) indent Features: two spaces for an indent a relationship
(2) Use a colon: after the colon needs to have trailing spaces colon does not need a space
Host Information: 172.16.1.41 --- key: value (key wording)
( 3) a list of usage: use a dash spaces to build a list of list
Use script execution 1.5
(1) check the syntax of the script: ansible PlayBook --syntax-Check-test.yaml
(2) simulation execution script: ansible-test.yaml PlayBook -C
(. 3) plays a real run: ansible-playbook test.yaml
1.6 screenplay written extensions
(1) script variable write function
(2) script information notification function
(3) script information determination function
(4) script information circulatory function
(5) the scripting ignore errors
(6) script tag setting function
(7) script ignore acquisition function
( 8) script triggering feature information
Write feature script variables 1.6.1
The method set variables: Set variable parameter script execution command, the highest priority command
[root@m01 ansible_playbook]#ansible-playbook -e dir=/etc -e file=rsyncd.conf test_变量编写.yamlMethod two set variables: Variables provided in the script, the script variable priority followed by
[root@m01 ansible_playbook]#vim test_变量编写.yaml
- hosts: 172.16.1.41
vars:
dir: /etc
file: rsyncd.conf
tasks:
- name: copy file
copy: src={{ dir }}/{{ file }} dest={{ dir }}/
# {{}}调用变量Set variables Method Two: Set the variable in the list of hosts, the host variable list of the least priority
[root@m01 ansible_playbook]#vim /etc/ansible/hosts
[sersync_server]
172.16.1.31
[sersync_client]
172.16.1.41
[sersync_server:vars]
dir=/etc
file=rsyncd.conf
# 直接给主机组设置变量,这样主机组内的所有主机都可以调用变量了1.6.2 script information notification function
Edit the script
[root@m01 ansible_playbook]#vim test_通知功能.yaml
- hosts: 172.16.1.41
tasks:
- name: boot server
service: name=rsyncd state=started
- name: check server boot
shell: netstat -lntup|grep 873
register: oldboy
- debug: msg={{ oldboy.stdout_lines }}
# 将shell中命令执行结果通过register注册给oldboy,oldboy相当于一个变量,{{}}调取oldboy
# debug类似echo,输出信息
# stdout_lines 将输出的信息变得有格式Run the script
[root@m01 ansible_playbook]#ansible-playbook test_通知功能.yaml
PLAY [172.16.1.41] ***********************************************************************************
TASK [Gathering Facts] *******************************************************************************
ok: [172.16.1.41]
TASK [boot server] ***********************************************************************************
ok: [172.16.1.41]
TASK [check server boot] *****************************************************************************
changed: [172.16.1.41]
TASK [debug] *****************************************************************************************
ok: [172.16.1.41] => {
"msg": [
"tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 3708/rsync ",
"tcp6 0 0 :::873 :::* LISTEN 3708/rsync "
]
}
PLAY RECAP *******************************************************************************************
172.16.1.41 : ok=4 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 1.6.3 script information determination function
nfs service clients three hosts
centos7 10.0.0.7, centos6 10.0.0.8, centos7 10.0.0.9
At this point in time to start the batch needs to be judged, because centos6, centos7 start command is not the same
judge format
- hosts: nfs_client
tasks:
- name: boot centos7 nfs
shell: systemctl start nfs
判断: 如果是centos7 ???
- name: boot centos6 nfs
shell: /etc/init.d/nfs start
判断: 如果是centos6 ???setup module: remote host information collection
syntax:
[root@m01 ansible_playbook]#ansible 172.16.1.41 -m setup -a "filter=ansible_hostname"
172.16.1.41 | SUCCESS => {
"ansible_facts": {
"ansible_hostname": "backup",
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false
}
# filter 过滤 筛选Implementation of the information collection sub
问题: 获取主机信息,以及子信息
方法一:
- hosts: rsync
tasks:
- name: touch file
file: path=/etc/oldboy01.txt state=touch
when: (ansible_eth1.ipv4.address == "172.16.1.41")
方法二:
- hosts: rsync
tasks:
- name: touch file
file: path=/etc/oldboy01.txt state=touch
when: (ansible_eth1["ipv4"]["address"] == "172.16.1.41")setup module used to collect information
for determining the directory created in accordance with the address ip
[root@m01 ansible_playbook]#vim test_判断功能.yaml
- hosts: nfs_client
tasks:
- name: create file for 41 host
file: path=/tmp/172.16.1.41 state=directory
when: (ansible_hostname == "backup")
- name: create file for 7 host
file: path=/tmp/172.16.1.7 state=directory
when: (ansible_hostname == "web01")Run the script
root@m01 ansible_playbook]#ansible-playbook -C test_判断功能.yaml
PLAY [nfs_client] ************************************************************************************
TASK [Gathering Facts] *******************************************************************************
ok: [172.16.1.41]
ok: [172.16.1.7]
TASK [create file for 41 host] ***********************************************************************
skipping: [172.16.1.7]
changed: [172.16.1.41]
TASK [create file for 7 host] ************************************************************************
skipping: [172.16.1.41]
changed: [172.16.1.7]
PLAY RECAP *******************************************************************************************
172.16.1.41 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
172.16.1.7 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 1.6.4 script information circulation
Loop to create multiple users
[root@m01 ansible_playbook]#vim test_循环功能.yaml
- hosts: 172.16.1.41
tasks:
- name: create user
user: name={{ item }}
with_items:
- oldgirl01
- oldgirl02
- oldgirl03
- oldgirl04
- oldgirl05Cycle multiple users to create multiple user uid values are different
[root@m01 ansible_playbook]#vim test_循环功能.yaml
- hosts: 172.16.1.41
tasks:
- name: create user
user: name={{ item.name }} uid={{ item.uid }}
with_items:
- {name: "oldgirl06", uid: "3006"}
- {name: "oldgirl07", uid: "3007"}
- {name: "oldgirl08", uid: "3008"}
- {name: "oldgirl09", uid: "3009"}
- name: check create user info
shell: grep oldgirl0 /etc/passwd
register: user_info
- debug: msg={{ user_info.stdout_lines }}1.6.5 the scripting function to ignore the error
Ignore function is mainly used to debug script
[root@m01 ansible_playbook]#vim test_h忽略功能.yaml
- hosts: 172.16.1.41
tasks:
- name: create rsync user
shell: useradd rsync -M -s /sbin/nologin
ignore_errors: yes
- name: create backup dir
shell: mkdir /backup
ignore_errors: yes
- name: boot server
shell: systemctl start rsyncd
ignore_errors: yesWhen using the shell do something, when the result of shell generated already exists, will lead to the script can not continue, so using functions can effectively ignore the script to proceed.
1.6.6 script tag setting function
Tag function is used to debug the script
tags: Tags
[root@m01 ansible_playbook]#vim test_标签功能.yaml
- hosts: 172.16.1.41
tasks:
- name: 01:安装软件
yum: name=rsync state=installed
ignore_errors: yes
- name: 02:创建用户
user: name=rsync create_home=no shell=/sbin/nologin
ignore_errors: yes
tags: create_user
- name: 03:创建目录
file: path=/backup state=directoryRun the script
ansible-playbook -t create_user test_标签功能.yaml --- 执行剧本中标签任务
ansible-playbook --skip-tags create_user test_标签功能.yaml --- 跳过指定标签任务,执行其他任务
ansible-playbook -t create_user,create_dir test_标签功能.yaml --- 执行多个标签
# -t=tags1.6.7 script ignore collection feature
[root@m01 ansible_playbook]#vim test_忽略采集.yaml
- hosts: 172.16.1.41
gather_facts: no
tasks:
- name: 01:安装软件
yum: name=rsync state=installed
ignore_errors: yes
- name: 02:创建用户
user: name=rsync create_home=no shell=/sbin/nologin
ignore_errors: yes
tags: create_user
- name: 03:创建目录
file: path=/backup state=directory
tags: create_dir When the script collect a large number of host information, the card may become slow, affecting the efficiency of the back of the script to perform. So at this time, you can ignore the collection function, improve efficiency, add gather_facts hosts in the following: no
, if there is to determine the function of the script, you can not use this parameter, because the information will contrast with the interpretation of the information collection
1.6.8 script triggering feature information
Dramatize
[root@m01 ansible_playbook]#vim test_触发功能.yaml
- hosts: 172.16.1.41
tasks:
- name: 01:传输配置文件
copy: src=/etc/ansible/ansible_playbook/rsyncd.conf dest=/etc/
notify: rsync_restart
- name: 02:启动服务程序
service: name=rsyncd state=started
handlers:
- name: rsync_restart
service: name=rsyncd state=restartedhandlers: generally used to modify the configuration file, the function will be triggered, the service restart
notify: transmission profiles over, notify notify rsync_restart the trigger. Then handlers will restart the service
Description: The overall task is finished, will perform triggering
1.7 screenplay writing exercises
Requirements:
(1) on the host operating 172.16.1.41:
① task service stop timing
② create a / etc / directory generated in the flexible connection / opt directory
③ local / etc / hosts file distributed to the host 41 saved to / tmp directory
(2) on the host operating 172.16.1.31:
① firewall service to start automatically
② software will be installed on the host keepalived
practice:
writing the script file
[root@m01 ansible_playbook]#vim test.yaml
- hosts: 172.16.1.41
tasks:
- service: name=crond state=stopped
- file: src=/etc path=/opt/etc_link state=link
- copy: src=/etc/hosts dest=/tmp
- hosts: 172.16.1.31
tasks:
- service: name=firewalld enabled=yes
- yum: name=keepalived state=installedScript syntax check
# 语法检查剧本文件
[root@m01 ansible_playbook]#ansible-playbook --syntax-check test.yaml
playbook: test.yamlSimulation script execution
[root@m01 ansible_playbook]#ansible-playbook -C test.yaml
PLAY [172.16.1.41] ***********************************************************************************
TASK [Gathering Facts] *******************************************************************************
ok: [172.16.1.41]
TASK [service] ***************************************************************************************
ok: [172.16.1.41]
TASK [file] ******************************************************************************************
ok: [172.16.1.41]
TASK [copy] ******************************************************************************************
ok: [172.16.1.41]
PLAY [172.16.1.31] ***********************************************************************************
TASK [Gathering Facts] *******************************************************************************
ok: [172.16.1.31]
TASK [service] ***************************************************************************************
ok: [172.16.1.31]
TASK [yum] *******************************************************************************************
ok: [172.16.1.31]
PLAY RECAP *******************************************************************************************
172.16.1.31 : ok=3 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.41 : ok=4 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Screenplay real execution
[root@m01 ansible_playbook]#ansible-playbook test.yaml
PLAY [172.16.1.41] ***********************************************************************************
TASK [Gathering Facts] *******************************************************************************
ok: [172.16.1.41]
TASK [service] ***************************************************************************************
ok: [172.16.1.41]
TASK [file] ******************************************************************************************
ok: [172.16.1.41]
TASK [copy] ******************************************************************************************
ok: [172.16.1.41]
PLAY [172.16.1.31] ***********************************************************************************
TASK [Gathering Facts] *******************************************************************************
ok: [172.16.1.31]
TASK [service] ***************************************************************************************
ok: [172.16.1.31]
TASK [yum] *******************************************************************************************
ok: [172.16.1.31]
PLAY RECAP *******************************************************************************************
172.16.1.31 : ok=3 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.41 : ok=4 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 NOTE:
If the system is equipped with cowsay software, executing commands, will generate pattern information, the impact review results, it can be closed.
[root@m01 ansible]#vim ansible.cfg
# don't like cows? that's unfortunate.
# set to 1 if you don't want cowsay support or export ANSIBLE_NOCOWS=1
# nocows = 1
把# nocows = 1 中的 # 去掉即可。1.8 ansible rsync script to achieve a key deployment
The first course: The module of embodiment, each step to complete the service deployment
Step: Configuration server
# 安装软件程序
ansible rsync -m yum -a "name=rsync state=installed"
# 编写配置文件:要在批量管理主机上提前写好,然后推送给服务端
# 在管理端准备好服务配置文件
ansible rsync_server -m copy -a "src=/etc/ansible/conf_file/rsyncd.conf dest=/etc/"
# 创建虚拟用户
ansible rsync_server -m user -a "name=rsync create_home=no shell=/sbin/nologin"
# 创建密码文件 (授权600)
ansible rsync_server -m copy -a "content='rsync_backup:oldboy123' dest=/etc/rsync.password mode=600"
# 创建备份目录 (授权 属主 属组)
ansible rsync_server -m file -a "path=/backup state=directory owner=rsync group=rsync"
@ 启动程序服务
ansible rsync_server -m service -a "name=rsyncd state=started enabled=yes"Step Two: Client Configuration
# 创建密钥文件 (授权600)
ansible rsync_client -m copy -a "content='oldboy123' dest=/etc/rsync.password mode=600"
# 批量测试传输文件
ansible rsync_client -m shell -a "rsync -avz /etc/hosts [email protected]::backup --password-file=/etc/rsync.password"Second course: writing the script information
[root@m01 ansible_playbook]#vim rsync_auto.yaml
- hosts: rsync_server
tasks:
- name: 01:install rsync
yum: name=rsync state=installed
- name: 02:copy conf file
copy: src=/etc/ansible/conf_file/rsyncd.conf dest=/etc/
- name: 03:create rsync user
user: name=rsync create_home=no shell=/sbin/nologin
- name: 04:create password file
copy: content='rsync_backup:oldboy123' dest=/etc/rsync.password mode=600
- name: 05:create backup dir
file: path=/backup state=directory owner=rsync group=rsync
- name: 06:boot rsync server
service: name=rsyncd state=started enabled=yes
- hosts: rsync_client
tasks:
- name: 01:create password file
copy: content='oldboy123' dest=/etc/rsync.password mode=600Recovery Environment screenplay
[root@m01 ansible_playbook]#vim rsync_backup.yaml
- hosts: rsync_server
tasks:
- name: 01:delete conf file
file: path=/etc/rsyncd.conf state=absent
- name: 02:delete rsync user
user: name=rsync state=absent
- name: 03:delete password file
file: path=/etc/rsync.password state=absent
- name: 04:delete backup dir
file: path=/backup/ state=absent
- name: 05:boot rsync server
service: name=rsyncd state=stopped enabled=no
- hosts: rsync_client
tasks:
- name: 01:delete password file
file: path=/etc/rsync.password state=absent1.9 ansible play a key deployment achieved nfs
First course: according to a modular fashion, each step to complete the service deployment
服务端配置
01. 安装部署软件程序: rpcbind nfs-utile
ansible nfs_server -m yum -a "name=rpcbind state=installed"
ansible nfs_server -m yum -a "name=nfs-utile state=installed"
02. 编写配置文件:配置文件要提前写好
# 批量管理主机写好的配置文件推送给服务端/etc/ansible-playbook/nfs.conf
ansible nfs_server -m copy -a "src=/etc/ansible/ansible_playbook/nfs.conf dest=/etc/exports"
03. 创建共享目录:
ansible nfs_server -m file -a "path=/data/ state=directory owner=nfsnobody group=nfsnobody"
04. 启动程序服务:
ansible nfs_server -m service -a "name=rpcbind state=started enabled=yes"
ansible nfs_server -m service -a "name=nfs state=started enabled=yes"
客户端配置:
01. 安装部署软件
ansible nfs_client -m yum -a "name=nfs-utile state=installed"
02. 挂载共享目录
ansible nfs_client -m mount -a "src=172.16.1.31:/data/ path=/mnt fstype=nfs state=mounted"The second course of writing the script:
[root@m01 ansible_playbook]#vim nfs_auto.yaml
- hosts: nfs_server
tasks:
- name: 1:install rpcbind nsf-utils
yum:
name:
- rpcbind
- nfs-utils
state: installed
- name: 2:copy conf file
copy: src=/etc/ansible/ansible_playbook/nfs.conf dest=/etc/exports
- name: 3:create data dir
file: path=/data/ state=directory owner=nfsnobody group=nfsnobody
- name: 4:boot server rcbind
service: name=rpcbind state=started enabled=yes
- name: 4:boot server nfs
service: name=nfs state=restarted enabled=yes
- hosts: nfs_client
tasks:
- name: 1:install nfs
yum: name=nfs-utils state=installed
- name: 2:mount data dir
mount: src=172.16.1.31:/data/ path=/mnt fstype=nfs state=mountedRecovery Environment screenplay
[root@m01 ansible_playbook]#vim nfs_backup.yaml
- hosts: nfs_server
tasks:
- name: 01:install rpcbind nfs-utils
yum:
name:
- rpcbind
- nfs-utils
state: removed
- name: 02:copy conf file
shell: echo "" >/etc/exports
- name: 03:create data dir
file: path=/data/ state=absent
- hosts: nfs_client
tasks:
- name: 01:install nfs
yum: name=nfs-utils state=removed
- name: 02:mount data dir
mount: src=172.16.1.31:/data/ path=/mnt fstype=nfs state=unmountedOptimization script:
[root@m01 ansible_playbook]#vim nfs_auto.yaml
- hosts: nfs_server
vars:
conf_file: exports
data_dir: /data
tasks:
- name: 01:install nfs rpcbind
yum:
name: ['nfs-utils', 'rpcbind']
state: installed
- name: 02:copy conf file
copy: src=/etc/ansible/ansible_playbook/nfs.conf dest=/etc/{{ conf_file }}
notify:
- nfs_restart
- name: 03:create data dir
file: path={{ data_dir }} state=directory owner=nfsnobody group=nfsnobody
- name: 04:boot server rpcbind
service: name={{ item.name }} state={{ item.state }} enabled={{ item.enabled }}
with_items:
- {name: "rpcbind", state: "started", enabled: "yes"}
- {name: "nfs", state: "started", enabled: "yes"}
handlers:
- name: nfs_restart
service: name=nfs state=reloaded
- hosts: nfs_client
vars:
data_dir: /data
tasks:
- name: 01:install nfs
yum: name=nfs-utils state=installed
- name: 02:mount data dir
mount: src=172.16.1.31:{{ data_dir }} path=/mnt fstype=nfs state=mounted
- name: 03:check mount info
shell: df -h|grep mnt
register: mount_info
- debug: msg={{ mount_info.stdout_lines }}1.10 ansible play a key deployment to achieve sersync
First course: according to a modular fashion, each step to complete the service deployment
配置hosts主机清单
[server_server]
172.16.1.31
[server_client]
172.16.1.41
#安装rsync
ansible backup_server -m yum -a "name=rsync state=installed"
#在批量管理主机上下载sersync,解压发送给客户端
ansible backup_server -m file -a "src=/usr/local/sersync_installdir_64bit/sersync dest=/usr/local"
#在批量管理主机上写好sersync配置文件,发送给客户端
ansible backup_server -m copy -a "src=/usr/local/sersync_installdir_64bit/sersync/conf/confxml.xml dest=/usr/local/sersync/conf/"
#给sersync加上执行权限
ansible backup_server -m file -a "path=/usr/local/sersync/bin/sersync mode=a+x"
#给sersync创建软链接
ansible backup_server -m file -a "src=/usr/local/sersync/bin/sersync path=/usr/local/sbin/sersync state=link"
#启动sersync 测试实时同步
ansible backup_server -m shell -a "sersync -dro /usr/local/sersync/conf/confxml.xml"The second course, writing the script
[root@m01 ansible_playbook]#vim sersync_auto.yaml
- hosts: sersync_server
tasks:
- name: 安装rsync
yum: name=rsync state=installed
- name: 将sersync传输到客户端
file: src=/usr/local/sersync_installdir_64bit/sersync/ dest=/usr/local
- name: 将写好的配置文件传输到客户端
copy: src=/usr/local/sersync_installdir_64bit/sersync/conf/confxml.xml dest=/usr/local/sersync/conf/
- name: 加上执行权限
file: path=/usr/local/sersync/bin/sersync mode=a+x
- name: 创建软链接
file: src=/usr/local/sersync/bin/sersync path=/usr/local/sbin/sersync state=link
- name: 启动sersync 测试实时同步
shell: sersync -dro /usr/local/sersync/conf/confxml.xmlRecovery Environment screenplay
[root@m01 ansible_playbook]#cat sersync_backup.yaml
- hosts: sersync_server
tasks:
- name: 卸载rsync
yum: name=rsync state=removed
- name: 删除sersync
file: path=/usr/local/sersyncHow to integrate multiple script 2
First course: Make sure that each script is executed successfully
the second course: the script 's integrated
one: not recommended
[root@m01 ansible_playbook]#vim zhenghe.yaml # ---角色里使用
- hosts: all
remote_user: root
tasks:
- include_tasks: nfs_auto.yml
- include_tasks: rsync_auto.yml
# 不写hosts信息,只写任务信息Method two: After the ansible may be canceled include function
[root@m01 ansible_playbook]#vim zhenghe.yaml
- include:nfs_auto.yml
- include:rsync_auto.ymlMethod three: It is recommended to use this method
[root@m01 ansible_playbook]#vim zhenghe.yaml
- import_playbook: nfs_auto.yaml
- import_playbook: rsync_auto.yaml 3 ansible script written in a way: Role
(1) Specification ansible directory structure
(2) with a host information summary script defined
3.1 Role call flow diagram
Write 3.2 nfs service role
First course: create a role directory structure
cd roles/;mkdir {nfs,rsync,web,sersync}
cd nfs/{vars,tasks,templates,handlers,files}
# vars: 定义变量信息
# tasks: 定义任务信息
# templates: 定义模板文件(jinja2模板文件)
# handlers: 定义触发器信息
# files: 定义需要分发的文件Second course: write file information
tasks: task information written in a way:
nfs service writing
vim main.yaml
- name: 01:install nfs rpcbind
yum:
name: ['nfs-utils', 'rpcbind']
state: installed
- name: 02:copy conf file
copy: src=/etc/ansible/ansible_playbook/nfs.conf dest=/etc/{{ conf_file }}
notify:
- nfs_restart
- name: 03:create data dir
file: path={{ data_dir }} state=directory owner=nfsnobody group=nfsnobody
- name: 04:boot server rpcbind
service: name={{ item.name }} state={{ item.state }} enabled={{ item.enabled }}
with_items:
- {name: "rpcbind", state: "started", enabled: "yes"}
- {name: "nfs", state: "started", enabled: "yes"}
- name: 01:install nfs
yum: name=nfs-utils state=installed
- name: 02:mount data dir
mount: src=172.16.1.31:{{ data_dir }} path=/mnt fstype=nfs state=mounted
- name: 03:check mount info
shell: df -h|grep mnt
register: mount_info
- debug: msg={{ mount_info.stdout_lines }}tasks: task information write Second way:
tasks: define the task information
cd tasks
vim main.yaml
vim nfs_boot.yaml
vim nfs_conf.yaml
vim nfs_datadir.yaml
vim nfs_install.yaml
vim nfs_mount.yaml
#########################
vim main.yaml
- include_tasks: nfs_install.yaml
- include_tasks: nfs_conf.yaml
- include_tasks: nfs_datadir.yaml
- include_tasks: nfs_boot.yaml
- include_tasks: nfs_mount.yamlvars: definition of variable information
vim main.yaml
conf_file: exports
data_dir: /datafiles: file defines the need to distribute
[root@m01 files]# ll
total 4
-rw-r--r-- 1 root root 42 Jul 29 10:34 nfs.confhandlers: define the trigger information
vim main.yaml
- name: nfs_restart
service: name=nfs state=reloaded