Ansible_playbook
阅读原文时间:2023年07月08日阅读:3

连接https://galaxy.ansible.com下载相应的roles

# 列出已安装的galaxy
ansible-galaxy list
# 安装galaxy
ansible-galaxy install geerlingguy.redis
# 删除galaxy
ansible-galaxy remove geerlingguy.redis

ansible-pull

推送命令至远程,效率无限提升,对运维要求较高,用的不多


ansible-playbook

意为:剧本,是yml/yaml格式

下面是简单的例子

touch hello.yml
vim hello.yml

内容如下

---
- hosts: all
  remote_user: root

  tasks:
    - name: hello
      command: hostname

保存后执行

ansible-playbook -C(检查防止错误) hello.yml

因为playbook中可能有敏感信息所以需要加密,加密之后就看不到内容了哦

# 加密
[root@mcw ~]# ansible-vault encrypt lbw.yml
New Vault password:123
Confirm New Vault password:123
Encryption successful
[root@mcw ~]# cat lbw.yml
$ANSIBLE_VAULT;1.1;AES256
38333666333665633363616532663434666239666166326537663562393461646266613863643134
6138636338346661643162386431626161613730363864660a353235323338343664623266653562
31386135633337383366633762656433393063386562343530613164373238663264633737313930
6334313732663465300a393033323466626237663833366133623638663532373334633264643834
39323130646232356233346430623966336464323331633032613931643137666331633437313937
38343265323731343961373636656665346666633061666263316533623737373735636133303565
30643063333936613565643236393463373839303537386536363662306464656562313334373638
66343366383266313830373438363466613264333063336361666533613164343966353465343938
3365

# 解密
[root@mcw ~]# ansible-vault decrypt(解密)/view(查看)/edit(编辑)/rekey(改密) lbw.yml
Vault password:123
Decryption successful
[root@mcw ~]# cat lbw.yml
---
- hosts: all
  remote_user: root

  tasks:
    - name: hello
      command: hostname



---
- hosts: all
  remote_user: root

  tasks:
    - name: create new file
      file: name=/data/newfile state=touch
    - name: creat new user
      user: name=test system=yes shell=/sbin/nologin
    - name: install package
      yum: name=httpd
      tags: inshttpd
    - name: copy html
      copy: src=/ dest=/
    - name: copy test html
      copy: src=/ dest=/
    - name: copy conf file
      copy: src=fiels/httpd.conf dest=/etc/httpd/conf backup=yes
      notify: restart service(这里调用触发器里面定义的触发事件)
    - name: start service
      service: name]httpd state=started enable=yes
      tags: rshttpd

  handlers:(触发器)
    - name: restart service
      service: name=httpd state=restarted

多个任务可以共用一个tags!!!比如inshttpd和rshttpd可用httpd来代替两个tags

任务后添加tags标签后,执行playbook时就可以单独执行指定tags的任务

ansible-playbook -t rshttpd(自定义的tags名,多tags可用逗号隔开) playbook.yml
  • ### 方法一

这里的变量为‘pkname1,pkname2’

#文件名为app.yml
---
- hosts: all
  remote_user: root

  tasks:
    - name: install package
      yum: name={{ pkname1 }}
    - name: install package
      yum: name={{ pkname2 }}
    - name: restart service
      service: name={{ pkname1 }} state=restarted
    - name: restart service
      service: name={{ pkname2 }} state=restarted

如何对变量赋值

# ==注意:命令中的参数赋值优先级最高哦==
ansible-playbook -e 'pkname1=*** pkname2=****' app.yml
  • ### 方法二

直接在yml文件中定义变量

#文件名为app.yml
---
- hosts: all
  remote_user: root

  vars:
    - pkname1: ***
    - pkname2: **

  tasks:
    - name: install package
      yum: name={{ pkname1 }}
    - name: install package
      yum: name={{ pkname2 }}
    - name: restart service
      service: name={{ pkname1 }} state=restarted
    - name: restart service
      service: name={{ pkname2 }} state=restarted

这边就无需再命令中赋值了

ansible-playbook app.yml
  • ### 方法三

主机清单中定义变量

# 中括号分组,主机名是自己定义的参数可以在playbook中使用
[wbservs]
192.168.1.101 http_port=81
192.168.1.102 http_port=82

playbook中使用主机清单中的变量

---
- hosts: all
  remote_user: root

  tasks:
    - name: set hostname
      hostname: name=www{{ http_port }}.lbwnb.com