ansible基本命令及剧本
1. -v, –verbose 详细模式,如果命令执行成功,输出详细的结果(-vv –vvv -vvvv)
- -i, –inventory=PATH 指定host文件的路径,默认是在/etc/ansible/hosts(生产环境经常用到)
- -f NUM, –forks=NUNUM 接一个整数,默认是5,指定fork开启同步进程的个数。
- -m NAME, –module-name=NAME 指定使用的module名称,默认是command
- -a, MODULE_ARGS 指定module模块的参数
- -k, -ask-pass 提示输入ssh的密码,而不是使用基于ssh的密钥认证
- -sudo 指定使用sudo获得root权限(生产环境经常用到)
- -K, -ask-sudo-pass 提示输入sudo密码,与sudo一起使用 (生产环境经常用到)
- -u USERNAME,-user=USERNAME 指定移动端的执行用户
- -C, -check 测试此命令执行不会改变什么内容,不会真正的去执行
Ansible-playbook 基本命令
1. ansible-playbook // 查看帮助
- ansible-playbook a.yml --syntax-check //检查yaml文件的语法是否正确
- ansible-playbook a.yml --list-task //检查tasks任务
- ansible-playbook a.yml --list-hosts //检查生效的主机
- ansible-playbook a.yml --start-at-task='Copy Nginx.conf' //指定从某个task开始运行
- ansible-playbook --syntax-check -e "hosts=c7" xx.yml -s -k // 语法检查
- ansible-playbook -i hostslist ***.yml --limit 192.168.0.1 // 排除单个主机
- ansible-playbook -i hostslist ***.yml --limit @failed.txt // 排除多个主机
9. ansible-playbook update-stg.yml -f 10 -s -k // 启用10个并行进程数执行
ansible-doc常用命令
1. ansible-doc -l #列出所有ansible支持的模块,重要,请自行记住
- ansible-doc -s copy # 获取模块简要使用说明(如需详细去掉-s)
src= #源文件
force= #是否覆盖
dest= #目标文件
ansible-galaxy init /roles/tomcat-install 创建roles目录结构
inventory 主机源
- playbooks 一组运行任务的命令集合
- roles 角色
- tasks 运行任务列表
- handlers 运行任务后的触发动作
- variables 定义的变量
inventor 目录结构
- inventories/
├── group_vars
│ └── all
│ └── kubeadm.yml
└── k8s-hosts
roles目录结构
tomcat-install/
├── defaults
│ └── main.yml
├── files
│ └── jdk-8u241-linux-x64.tar.gz
├── handlers
│ └── main.yml
├── meta
│ └── main.yml
├── README.md
├── tasks
│ ├── basics.yml
│ ├── copy.yml
│ ├── main.yml
│ └── tomcat.yml
├── templates
│ ├── jdk_path
│ ├── server.xml.j2
│ └── tomcat
├── tests
│ ├── inventory
│ └── test.yml
└── vars
└── main.yml
tomcat-install角色名称
files文件及软件目录
vars定义变量
templates模板文件 配置文件替换以.j2结尾
task剧本任务
README.md 说明文档
handlers执行触发动作(类似puppet消息通知)
tests文本
meta 目录表示 role角色的属性
ansible剧本常用参数:
registe:name (命令传参,或字集传参)
tags使用标记执行的模块的,可以选择单独执行某一个模块
template 和copy的模块的功能一样 ,都是向远程主机上传送文件的,可以copy是送的是原封不动的文件,template 可以将文件中的变量渲染出来 示例template: src=/etc/redis.conf dest=/etc/redis.conf
handlers执行操作 类似于puppet消息通知当触发时 执行操作 比如重启等 notify:handlersname 调用handlers操作
whene判断 可以判断数值 可以判断命令是否失败或成功 true或fales failed
item 循环 写法:user: name={{item}} with_items: - 111
vars: 定义变量写法:- var1:111
facts:获取回传文件
ignore_errors:True_忽略命令返回结果_
tomcat-install剧本roles编写
创建执行文件
installtomcat.yml
创建rosle说明文件
用于批量安装jdk及tomcat服务并启动
自定义jdk版本号 例如jdk_version: 241
由于jdk1.8版本以后 下载需要验证信息等 需手动下载安装包并放置tomcat-install rosel下files
定义tomcat启动参数如tomcat_free: JAVA_OPTS="-server -Xms512m -Xmx2048m -XX:MaxNewSize=512m -XX:PermSize=128M -XX:MaxPermSize=256M"
定义tomcat下载版本例如tomcat_ver: 7.0.106
执行tomcat-install.yml即可全自动安装
README.md
创建vars目录下main.yml 变量
#定义tomcat变量
jdk_version: 241 #定义jdk的版本号于files文件中的软件名称相对应
jdk_PATH: /usr/local/jdk/ #定义安装jdk路径
softdir: /softdir1 #创建临时软件放置目录
tomcat_path: /soft/tomcat #定义tomcat目录
tomcat_port: 8088 #定义tomcat端口号
tomcat_free: JAVA_OPTS="-server -Xms512m -Xmx2048m -XX:MaxNewSize=512m -XX:PermSize=128M -XX:MaxPermSize=256M" #定义tomcat启动参数
tomcat_ver: 7.0.106 #定义tomcat下载版本
tomcat_ver_main: "{{ tomcat_ver.split('.')[0] }}" #截取定义tomcat版本路径的首数字 用于下载tomcat url确定
down_url: https://mirrors.tuna.tsinghua.edu.cn/apache/tomcat/tomcat-{{ tomcat_ver_main }}/v{{ tomcat_ver }}/bin/apache-tomcat-{{ tomcat_ver }}.tar.gz #tomcat下载地址
vars file for tomcat-install
main.yml
创建templates目录下模板文件 jdk环境变量 tomcat的sever文件 tomcat的启停脚本
JAVA_HOME={{ jdk_PATH }}
JAVA_BIN={{ jdk_PATH }}bin
JRE_HOME={{ jdk_PATH }}jre
PATH=$PATH:{{ jdk_PATH }}bin:{{ jdk_PATH }}jre/bin
CLASSPATH={{ jdk_PATH }}jre/lib:{{ jdk_PATH }}lib:{{ jdk_PATH }}jre/lib/charsets.jar
jdk_path
<!--The connectors can use a shared executor, you can define one or more named thread pools-->
<!--
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
maxThreads="150" minSpareThreads="4"/>
-->
<!-- A "Connector" represents an endpoint by which requests are received
and responses are returned. Documentation at :
Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
Java AJP Connector: /docs/config/ajp.html
APR (HTTP/AJP) Connector: /docs/apr.html
Define a non-SSL HTTP/1.1 Connector on port 8080
-->
<Connector port="{{ tomcat\_port }}"
protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443"
maxThreads="500"
minSpareThreads="20"
acceptCount="300"
disableUploadTimeout="true"
enableLookups="false"
URIEncoding="UTF-8"
keepAliveTimeout="10000"/>
<!-- A "Connector" using the shared thread pool-->
<!--
<Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
-->
<!-- Define a SSL HTTP/1.1 Connector on port 8443
This connector uses the JSSE configuration, when using APR, the
connector should be using the OpenSSL style configuration
described in the APR documentation -->
<!--
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8089" protocol="AJP/1.3" redirectPort="8443" />
<!-- An Engine represents the entry point (within Catalina) that processes
<!--The connectors can use a shared executor, you can define one or more named thread pools-->
<!--
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
maxThreads="150" minSpareThreads="4"/>
-->
<!-- A "Connector" represents an endpoint by which requests are received
and responses are returned. Documentation at :
Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
Java AJP Connector: /docs/config/ajp.html
APR (HTTP/AJP) Connector: /docs/apr.html
Define a non-SSL HTTP/1.1 Connector on port 8080
-->
<Connector port="{{ tomcat\_port }}"
protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443"
maxThreads="500"
minSpareThreads="20"
acceptCount="300"
disableUploadTimeout="true"
enableLookups="false"
URIEncoding="UTF-8"
keepAliveTimeout="10000"/>
<!-- A "Connector" using the shared thread pool-->
<!--
<Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
-->
<!-- Define a SSL HTTP/1.1 Connector on port 8443
This connector uses the JSSE configuration, when using APR, the
connector should be using the OpenSSL style configuration
described in the APR documentation -->
<!--
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8089" protocol="AJP/1.3" redirectPort="8443" />
<!-- An Engine represents the entry point (within Catalina) that processes
every request. The Engine implementation for Tomcat stand alone
analyzes the HTTP headers included with the request, and passes them
on to the appropriate Host (virtual host).
Documentation at /docs/config/engine.html -->
<!-- You should set jvmRoute to support load-balancing via AJP ie :
<Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
-->
<Engine name="Catalina" defaultHost="localhost">
<!--For clustering, please take a look at documentation at:
/docs/cluster-howto.html (simple how to)
/docs/config/cluster.html (reference documentation) -->
<!--
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
-->
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
via a brute-force attack -->
<Realm className="org.apache.catalina.realm.LockOutRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost\_access\_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
server.xml.j2
#!/bin/sh
chkconfig: 345 99 10
description: Auto-starts tomcat
/etc/init.d/tomcatd
Tomcat auto-start
Source function library.
#. /etc/init.d/functions
source networking configuration.
#. /etc/sysconfig/network
prog="tomcat"
RETVAL=0
CATALINA_HOME={{ tomcat_path }}
start()
{
if [ -f $CATALINA_HOME/bin/startup.sh ];
then
echo $"Starting $prog"
$CATALINA_HOME/bin/startup.sh
RETVAL=$?
echo " OK"
return $RETVAL
fi
}
stop()
{
if [ -f $CATALINA_HOME/bin/shutdown.sh ];
then
echo $"Stopping $prog"
$CATALINA_HOME/bin/shutdown.sh
RETVAL=$?
#sleep 1
ps -ef |grep $CATALINA_HOME |grep -v grep |grep -v PID | awk '{print $2}'|xargs kill -9
echo " OK"
# [ $RETVAL -eq 0 ] && rm -f /var/lock/…
return $RETVAL
fi
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
echo $"Restaring $prog"
$0 stop && sleep 1 && $0 start
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
;;
esac
exit $RETVAL
tomcat
创建tasks下main.yml主文件(定义剧本执行顺序) basics.yml(基本环境配置) copy.yml(jdk安装) tomcat.yml(tomcat安装部署)
---
tasks file for tomcat-install
- include: basics.yml
- include: copy.yml
- include: tomcat.yml
main.yml
- name: 关闭firewalld
service: name=firewalld state=stopped enabled=no
name: 临时关闭 selinux
shell: "setenforce 0"
failed_when: falsename: 永久关闭 selinux
lineinfile:
dest: /etc/selinux/config
regexp: "^SELINUX="
line: "SELINUX=disabled"name: 添加EPEL仓库
yum: name=epel-release state=latestname: 安装常用软件包
yum:
name:- vim
- lrzsz
- net-tools
- wget
- curl
- bash-completion
- rsync
- gcc
- unzip
- git
state: latest
basics.yml
- name: crate soft dir #创建软件目录
file: path={{ softdir }} state=directory
- name: jdk package
unarchive: src={{ softdir }}/jdk-8u{{ jdk_version }}-linux-x64.tar.gz dest={{ softdir }} copy=yes mode=755
#解压软件包到softdir目录 - name: jdk dir rename
shell: "if [ ! -d {{ jdk_PATH }} ]; then mv {{ softdir }}/jdk1.8.0_{{ jdk_version }}/ {{ jdk_PATH }}; fi"
#判断目录下有无jdk目录 将jdk移动至指定目录 - name: copy jdk_patg
template: src=jdk_path dest={{ softdir }} owner=root group=root
#将jdk模板环境变量文件放置指定目录 - name: wirte profile
shell: "if [ `grep {{ jdk_PATH }}/bin /etc/profile |wc -l` -eq 0 ]; then cat {{ softdir }}/jdk_path >> /etc/profile ; fi"
#将环境变量模板文件写入环境变量中 - name: source profile
shell: "source /etc/profile"
#重新加载环境变量
copy.yml
- name: tomcat pag
unarchive: src={{ softdir }}/apache-tomcat-{{ tomcat_ver }}.tar.gz dest={{ softdir }} copy=no owner=root group=root
name: dir rename
shell: "if [ ! -d {{ tomcat_path }} ]; then mv {{ softdir }}/apache-tomcat-{{ tomcat_ver }}/ {{ tomcat_path }}; fi"name: modify tomcat start parameter
lineinfile:
dest: "{{ tomcat_path }}/bin/catalina.sh"
insertbefore: "cygwin=false"
line: "{{ tomcat_free }}"name: join variable_1
lineinfile:
dest: "{{ tomcat_path }}/bin/catalina.sh"
insertbefore: "cygwin=false"
line: "CATALINA_HOME={{ tomcat_path }}"name: join variable_2
lineinfile:
dest: "{{ tomcat_path }}/bin/catalina.sh"
insertbefore: "cygwin=false"
line: "JAVA_HOME={{ jdk_PATH }}"name: join variable_3
lineinfile:
dest: "{{ tomcat_path }}/bin/catalina.sh"
insertbefore: "cygwin=false"
line: "JRE_BIN={{ jdk_PATH }}bin"name: join variable_4
lineinfile:
dest: "{{ tomcat_path }}/bin/catalina.sh"
insertbefore: "cygwin=false"
line: "JRE_HOME={{ jdk_PATH }}jre"name: join variable_5
lineinfile:
dest: "{{ tomcat_path }}/bin/catalina.sh"
insertbefore: "cygwin=false"
line: "CLASSPATH={{ jdk_PATH }}jre/lib:{{ jdk_PATH }}lib:{{ jdk_PATH }}jre/lib/charsets.jar"name: modifly tomcat file
template: src=server.xml.j2 dest={{ tomcat_path }}/conf/server.xml owner=root group=root mode=0755name: copy tomcat start
template: src=tomcat dest=/usr/bin/ owner=root group=root mode=0755name: copy tomcat system
template: src=tomcat dest=/etc/init.d/ owner=root group=root mode=0755name: start tomcat
service: name=tomcat state=restarted enabled=yes
tomcat.yml
手机扫一扫
移动阅读更方便
你可能感兴趣的文章