ansible基本命令及剧本
阅读原文时间:2023年07月09日阅读:2

1. -v, –verbose 详细模式,如果命令执行成功,输出详细的结果(-vv –vvv -vvvv)

  1. -i, –inventory=PATH 指定host文件的路径,默认是在/etc/ansible/hosts(生产环境经常用到)
  2. -f NUM, –forks=NUNUM 接一个整数,默认是5,指定fork开启同步进程的个数。
  3. -m NAME, –module-name=NAME 指定使用的module名称,默认是command
  4. -a, MODULE_ARGS 指定module模块的参数
  5. -k, -ask-pass 提示输入ssh的密码,而不是使用基于ssh的密钥认证
  6. -sudo 指定使用sudo获得root权限(生产环境经常用到)
  7. -K, -ask-sudo-pass 提示输入sudo密码,与sudo一起使用 (生产环境经常用到)
  8. -u USERNAME,-user=USERNAME 指定移动端的执行用户
  9. -C, -check 测试此命令执行不会改变什么内容,不会真正的去执行

Ansible-playbook 基本命令

1. ansible-playbook // 查看帮助

  1. ansible-playbook a.yml --syntax-check //检查yaml文件的语法是否正确
  2. ansible-playbook a.yml --list-task //检查tasks任务
  3. ansible-playbook a.yml --list-hosts //检查生效的主机
  4. ansible-playbook a.yml --start-at-task='Copy Nginx.conf' //指定从某个task开始运行
  5. ansible-playbook --syntax-check -e "hosts=c7" xx.yml -s -k // 语法检查
  6. ansible-playbook -i hostslist ***.yml --limit 192.168.0.1 // 排除单个主机
  7. ansible-playbook -i hostslist ***.yml --limit @failed.txt // 排除多个主机
    9. ansible-playbook update-stg.yml -f 10 -s -k // 启用10个并行进程数执行

ansible-doc常用命令

1. ansible-doc -l #列出所有ansible支持的模块,重要,请自行记住

  1. ansible-doc -s copy # 获取模块简要使用说明(如需详细去掉-s)
    src= #源文件
    force= #是否覆盖
    dest= #目标文件

ansible-galaxy init /roles/tomcat-install 创建roles目录结构

inventory 主机源

  • playbooks 一组运行任务的命令集合
  • roles 角色
  • tasks 运行任务列表
  • handlers 运行任务后的触发动作
  • variables 定义的变量

inventor 目录结构

  • inventories/
    ├── group_vars
    │ └── all
    │ └── kubeadm.yml
    └── k8s-hosts

roles目录结构

tomcat-install/
├── defaults
│   └── main.yml
├── files
│   └── jdk-8u241-linux-x64.tar.gz
├── handlers
│   └── main.yml
├── meta
│   └── main.yml
├── README.md
├── tasks
│   ├── basics.yml
│   ├── copy.yml
│   ├── main.yml
│   └── tomcat.yml
├── templates
│   ├── jdk_path
│   ├── server.xml.j2
│   └── tomcat
├── tests
│   ├── inventory
│   └── test.yml
└── vars
└── main.yml

tomcat-install角色名称
files文件及软件目录
vars定义变量
templates模板文件 配置文件替换以.j2结尾
task剧本任务
README.md 说明文档
handlers执行触发动作(类似puppet消息通知)
tests文本
meta 目录表示 role角色的属性

ansible剧本常用参数:

registe:name (命令传参,或字集传参)

tags使用标记执行的模块的,可以选择单独执行某一个模块

template 和copy的模块的功能一样 ,都是向远程主机上传送文件的,可以copy是送的是原封不动的文件,template 可以将文件中的变量渲染出来 示例template: src=/etc/redis.conf dest=/etc/redis.conf

handlers执行操作 类似于puppet消息通知当触发时 执行操作 比如重启等  notify:handlersname 调用handlers操作

whene判断 可以判断数值 可以判断命令是否失败或成功 true或fales failed

item 循环 写法:user: name={{item}}  with_items: - 111

vars: 定义变量写法:- var1:111

facts:获取回传文件

ignore_errors:True_忽略命令返回结果_

tomcat-install剧本roles编写

创建执行文件

installtomcat.yml

创建rosle说明文件

用于批量安装jdk及tomcat服务并启动
自定义jdk版本号 例如jdk_version: 241
由于jdk1.8版本以后 下载需要验证信息等 需手动下载安装包并放置tomcat-install rosel下files
定义tomcat启动参数如tomcat_free: JAVA_OPTS="-server -Xms512m -Xmx2048m -XX:MaxNewSize=512m -XX:PermSize=128M -XX:MaxPermSize=256M"
定义tomcat下载版本例如tomcat_ver: 7.0.106
执行tomcat-install.yml即可全自动安装

README.md

创建vars目录下main.yml 变量

#定义tomcat变量
jdk_version: 241 #定义jdk的版本号于files文件中的软件名称相对应
jdk_PATH: /usr/local/jdk/ #定义安装jdk路径
softdir: /softdir1 #创建临时软件放置目录
tomcat_path: /soft/tomcat #定义tomcat目录
tomcat_port: 8088 #定义tomcat端口号
tomcat_free: JAVA_OPTS="-server -Xms512m -Xmx2048m -XX:MaxNewSize=512m -XX:PermSize=128M -XX:MaxPermSize=256M" #定义tomcat启动参数
tomcat_ver: 7.0.106 #定义tomcat下载版本
tomcat_ver_main: "{{ tomcat_ver.split('.')[0] }}" #截取定义tomcat版本路径的首数字 用于下载tomcat url确定
down_url: https://mirrors.tuna.tsinghua.edu.cn/apache/tomcat/tomcat-{{ tomcat_ver_main }}/v{{ tomcat_ver }}/bin/apache-tomcat-{{ tomcat_ver }}.tar.gz #tomcat下载地址

vars file for tomcat-install

main.yml

创建templates目录下模板文件 jdk环境变量 tomcat的sever文件 tomcat的启停脚本

JAVA_HOME={{ jdk_PATH }}
JAVA_BIN={{ jdk_PATH }}bin
JRE_HOME={{ jdk_PATH }}jre
PATH=$PATH:{{ jdk_PATH }}bin:{{ jdk_PATH }}jre/bin
CLASSPATH={{ jdk_PATH }}jre/lib:{{ jdk_PATH }}lib:{{ jdk_PATH }}jre/lib/charsets.jar

jdk_path









<!--The connectors can use a shared executor, you can define one or more named thread pools-->  
<!--  
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"  
    maxThreads="150" minSpareThreads="4"/>  
-->

<!-- A "Connector" represents an endpoint by which requests are received  
     and responses are returned. Documentation at :  
     Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)  
     Java AJP  Connector: /docs/config/ajp.html  
     APR (HTTP/AJP) Connector: /docs/apr.html  
     Define a non-SSL HTTP/1.1 Connector on port 8080  
-->  
<Connector  port="{{ tomcat\_port }}"  
                        protocol="HTTP/1.1"  
            connectionTimeout="20000"  
            redirectPort="8443"  
                        maxThreads="500"  
                        minSpareThreads="20"  
                        acceptCount="300"  
                        disableUploadTimeout="true"  
                        enableLookups="false"  
                        URIEncoding="UTF-8"  
                            keepAliveTimeout="10000"/>  
<!-- A "Connector" using the shared thread pool-->  
<!--  
<Connector executor="tomcatThreadPool"  
           port="8080" protocol="HTTP/1.1"  
           connectionTimeout="20000"  
           redirectPort="8443" />  
-->  
<!-- Define a SSL HTTP/1.1 Connector on port 8443  
     This connector uses the JSSE configuration, when using APR, the  
     connector should be using the OpenSSL style configuration  
     described in the APR documentation -->  
<!--  
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"  
           maxThreads="150" scheme="https" secure="true"  
           clientAuth="false" sslProtocol="TLS" />  
-->

<!-- Define an AJP 1.3 Connector on port 8009 -->  
<Connector port="8089" protocol="AJP/1.3" redirectPort="8443" />

<!-- An Engine represents the entry point (within Catalina) that processes  









<!--The connectors can use a shared executor, you can define one or more named thread pools-->  
<!--  
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"  
    maxThreads="150" minSpareThreads="4"/>  
-->

<!-- A "Connector" represents an endpoint by which requests are received  
     and responses are returned. Documentation at :  
     Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)  
     Java AJP  Connector: /docs/config/ajp.html  
     APR (HTTP/AJP) Connector: /docs/apr.html  
     Define a non-SSL HTTP/1.1 Connector on port 8080  
-->  
<Connector  port="{{ tomcat\_port }}"  
                        protocol="HTTP/1.1"  
            connectionTimeout="20000"  
            redirectPort="8443"  
                        maxThreads="500"  
                        minSpareThreads="20"  
                        acceptCount="300"  
                        disableUploadTimeout="true"  
                        enableLookups="false"  
                        URIEncoding="UTF-8"  
                            keepAliveTimeout="10000"/>  
<!-- A "Connector" using the shared thread pool-->  
<!--  
<Connector executor="tomcatThreadPool"  
           port="8080" protocol="HTTP/1.1"  
           connectionTimeout="20000"  
           redirectPort="8443" />  
-->  
<!-- Define a SSL HTTP/1.1 Connector on port 8443  
     This connector uses the JSSE configuration, when using APR, the  
     connector should be using the OpenSSL style configuration  
     described in the APR documentation -->  
<!--  
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"  
           maxThreads="150" scheme="https" secure="true"  
           clientAuth="false" sslProtocol="TLS" />  
-->

<!-- Define an AJP 1.3 Connector on port 8009 -->  
<Connector port="8089" protocol="AJP/1.3" redirectPort="8443" />

<!-- An Engine represents the entry point (within Catalina) that processes  
     every request.  The Engine implementation for Tomcat stand alone  
     analyzes the HTTP headers included with the request, and passes them  
     on to the appropriate Host (virtual host).  
     Documentation at /docs/config/engine.html -->

<!-- You should set jvmRoute to support load-balancing via AJP ie :  
<Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">  
-->  
<Engine name="Catalina" defaultHost="localhost">

  <!--For clustering, please take a look at documentation at:  
      /docs/cluster-howto.html  (simple how to)  
      /docs/config/cluster.html (reference documentation) -->  
  <!--  
  <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>  
  -->

  <!-- Use the LockOutRealm to prevent attempts to guess user passwords  
       via a brute-force attack -->  
  <Realm className="org.apache.catalina.realm.LockOutRealm">  
    <!-- This Realm uses the UserDatabase configured in the global JNDI  
         resources under the key "UserDatabase".  Any edits  
         that are performed against this UserDatabase are immediately  
         available for use by the Realm.  -->  
    <Realm className="org.apache.catalina.realm.UserDatabaseRealm"  
           resourceName="UserDatabase"/>  
  </Realm>

  <Host name="localhost"  appBase="webapps"  
        unpackWARs="true" autoDeploy="true">

    <!-- SingleSignOn valve, share authentication between web applications  
         Documentation at: /docs/config/valve.html -->  
    <!--  
    <Valve className="org.apache.catalina.authenticator.SingleSignOn" />  
    -->

    <!-- Access log processes all example.  
         Documentation at: /docs/config/valve.html  
         Note: The pattern used is equivalent to using pattern="common" -->  
    <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"  
           prefix="localhost\_access\_log." suffix=".txt"  
           pattern="%h %l %u %t &quot;%r&quot; %s %b" />  
  </Host>  
</Engine>  


server.xml.j2

#!/bin/sh

chkconfig: 345 99 10

description: Auto-starts tomcat

/etc/init.d/tomcatd

Tomcat auto-start

Source function library.

#. /etc/init.d/functions

source networking configuration.

#. /etc/sysconfig/network
prog="tomcat"
RETVAL=0

CATALINA_HOME={{ tomcat_path }}

start()
{
if [ -f $CATALINA_HOME/bin/startup.sh ];
then
echo $"Starting $prog"
$CATALINA_HOME/bin/startup.sh
RETVAL=$?
echo " OK"
return $RETVAL
fi
}
stop()
{
if [ -f $CATALINA_HOME/bin/shutdown.sh ];
then
echo $"Stopping $prog"
$CATALINA_HOME/bin/shutdown.sh
RETVAL=$?
#sleep 1
ps -ef |grep $CATALINA_HOME |grep -v grep |grep -v PID | awk '{print $2}'|xargs kill -9
echo " OK"
# [ $RETVAL -eq 0 ] && rm -f /var/lock/…
return $RETVAL
fi
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
echo $"Restaring $prog"
$0 stop && sleep 1 && $0 start
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
;;
esac
exit $RETVAL

tomcat

创建tasks下main.yml主文件(定义剧本执行顺序) basics.yml(基本环境配置) copy.yml(jdk安装) tomcat.yml(tomcat安装部署)

---

tasks file for tomcat-install

  • include: basics.yml
  • include: copy.yml
  • include: tomcat.yml

main.yml

- name: 关闭firewalld
service: name=firewalld state=stopped enabled=no

  • name: 临时关闭 selinux
    shell: "setenforce 0"
    failed_when: false

  • name: 永久关闭 selinux
    lineinfile:
    dest: /etc/selinux/config
    regexp: "^SELINUX="
    line: "SELINUX=disabled"

  • name: 添加EPEL仓库
    yum: name=epel-release state=latest

  • name: 安装常用软件包
    yum:
    name:

    • vim
    • lrzsz
    • net-tools
    • wget
    • curl
    • bash-completion
    • rsync
    • gcc
    • unzip
    • git
      state: latest

basics.yml

- name: crate soft dir #创建软件目录
file: path={{ softdir }} state=directory

  • name: jdk package
    unarchive: src={{ softdir }}/jdk-8u{{ jdk_version }}-linux-x64.tar.gz dest={{ softdir }} copy=yes mode=755
    #解压软件包到softdir目录
  • name: jdk dir rename
    shell: "if [ ! -d {{ jdk_PATH }} ]; then mv {{ softdir }}/jdk1.8.0_{{ jdk_version }}/ {{ jdk_PATH }}; fi"
    #判断目录下有无jdk目录 将jdk移动至指定目录
  • name: copy jdk_patg
    template: src=jdk_path dest={{ softdir }} owner=root group=root
    #将jdk模板环境变量文件放置指定目录
  • name: wirte profile
    shell: "if [ `grep {{ jdk_PATH }}/bin /etc/profile |wc -l` -eq 0 ]; then cat {{ softdir }}/jdk_path >> /etc/profile ; fi"
    #将环境变量模板文件写入环境变量中
  • name: source profile
    shell: "source /etc/profile"
    #重新加载环境变量

copy.yml

- name: tomcat pag
unarchive: src={{ softdir }}/apache-tomcat-{{ tomcat_ver }}.tar.gz dest={{ softdir }} copy=no owner=root group=root

  • name: dir rename
    shell: "if [ ! -d {{ tomcat_path }} ]; then mv {{ softdir }}/apache-tomcat-{{ tomcat_ver }}/ {{ tomcat_path }}; fi"

  • name: modify tomcat start parameter
    lineinfile:
    dest: "{{ tomcat_path }}/bin/catalina.sh"
    insertbefore: "cygwin=false"
    line: "{{ tomcat_free }}"

  • name: join variable_1
    lineinfile:
    dest: "{{ tomcat_path }}/bin/catalina.sh"
    insertbefore: "cygwin=false"
    line: "CATALINA_HOME={{ tomcat_path }}"

  • name: join variable_2
    lineinfile:
    dest: "{{ tomcat_path }}/bin/catalina.sh"
    insertbefore: "cygwin=false"
    line: "JAVA_HOME={{ jdk_PATH }}"

  • name: join variable_3
    lineinfile:
    dest: "{{ tomcat_path }}/bin/catalina.sh"
    insertbefore: "cygwin=false"
    line: "JRE_BIN={{ jdk_PATH }}bin"

  • name: join variable_4
    lineinfile:
    dest: "{{ tomcat_path }}/bin/catalina.sh"
    insertbefore: "cygwin=false"
    line: "JRE_HOME={{ jdk_PATH }}jre"

  • name: join variable_5
    lineinfile:
    dest: "{{ tomcat_path }}/bin/catalina.sh"
    insertbefore: "cygwin=false"
    line: "CLASSPATH={{ jdk_PATH }}jre/lib:{{ jdk_PATH }}lib:{{ jdk_PATH }}jre/lib/charsets.jar"

  • name: modifly tomcat file
    template: src=server.xml.j2 dest={{ tomcat_path }}/conf/server.xml owner=root group=root mode=0755

  • name: copy tomcat start
    template: src=tomcat dest=/usr/bin/ owner=root group=root mode=0755

  • name: copy tomcat system
    template: src=tomcat dest=/etc/init.d/ owner=root group=root mode=0755

  • name: start tomcat
    service: name=tomcat state=restarted enabled=yes

tomcat.yml

手机扫一扫

移动阅读更方便

阿里云服务器
腾讯云服务器
七牛云服务器

你可能感兴趣的文章