Ansible Playbook 使用

发布时间: 更新时间: 总字数:1532 阅读时间:4m 作者: IP上海 分享 网址

Ansible Playbook剧本使用,Playbook文件以.yaml或者.yaml作为文件名后缀

介绍

  • hosts 文件:hosts.test
[testservers]
h-1 ansible_ssh_user="root"  ansible_ssh_host=172.17.0.3 ansible_ssh_port=22 ansible_ssh_pass="123456"
h-2 ansible_ssh_user="root"  ansible_ssh_host=172.17.0.4 ansible_ssh_port=22 ansible_ssh_pass="123456"
h-3 ansible_ssh_user="root"  ansible_ssh_host=172.17.0.5 ansible_ssh_port=22 ansible_ssh_pass="123456"

source repo / download raw

配置

并发连接数

默认情况下,ansible 的并发数是5,有两种修改方式:

  • 环境变量
export ANSIBLE_FORKS=10
  • 配置 /etc/ansible/ansible.cfg~/.ansible.cfg
[defaults]
forks = 10

library

  • 配置 /etc/ansible/ansible.cfg~/.ansible.cfg
[defaults]
...
library = /foo/bar:/foo/baz

配置 inventory

  • 配置 /etc/ansible/ansible.cfg~/.ansible.cfg
[defaults]
...
inventory = ../hosts

使用

ping demo

  • ping.yaml
---
- hosts: testservers
  # hosts: test1,test2  # 多个使用英文逗号隔开
  # hosts:  # 或下多个行缩进
  #   test1
  #   test2
  remote_user: root  # 远程的用户名
  tasks:  # 任务列表
  - name: Ping test  # 当省略 name 时,默认以调用的模块的名称作为任务的名称,不建议
    ping:  # ping 测试
  - name: make test directory
    file:  # file 模块,创建目录
      path: /tmp/test
      state: directory

- hosts:  # 过个任务
    testservers
  remote_user: root
  tasks:
  - name: create user t1
    user:
      name: t1

- hosts:
    testservers
  remote_user: root
  tasks:
  - name: touch file
    # 0.8 版本之前,使用 action 关键字调用模块
    # action: file path=/mp/t1 state=touch mode=0644
    file:
      path: /tmp/t1
      state: touch
      mode: 0644

source repo / download raw
  • 运行
apt install -y sshpass

# 检查 playbook 语法
ansible-playbook --syntax-check -i hosts.test ping.yaml

# 模拟执行 playbook
ansible-playbook --check -i hosts.test ping.yaml

# 运行 playbook
ansible-playbook -i hosts.test ping.yaml
  • 日志
ansible-playbook -i hosts.test ping.yaml ... 
$ ansible-playbook -i hosts.test ping.yaml

PLAY [testservers] ***************************************************************************************************

TASK [Gathering Facts] ***********************************************************************************************
ok: [h-2]
ok: [h-3]
ok: [h-1]

TASK [Ping test] *****************************************************************************************************
ok: [h-3]
ok: [h-1]
ok: [h-2]

TASK [make test directory] *******************************************************************************************
changed: [h-1]
changed: [h-3]
changed: [h-2]

...

PLAY RECAP ***********************************************************************************************************
h-1                        : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
h-2                        : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
h-3                        : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

说明:

  • PLAY [testservers] 当前 play 针对 testservers 主机组
  • TASK [Gathering Facts] 收集当前 playbook 对应的目标主机的相关信息
  • TASK [xxx] 运行的 task 信息
    • 绿色 成功
    • 黄色 有变更
  • PLAY RECAP 对所有目标主机的执行情况进行 回顾

debug 模块

  • debugs-test1.yaml
---
- hosts: testservers
  remote_user: root
  vars:
    testvar: value of test variable
  tasks:
  - name: debug info
    debug:
      msg: this is debug info, {{testvar}}
      # var: testvar
      # 获取 setup 获取的变量 {{ansible_memory_mb}}

source repo / download raw
  • 执行
ansible-playbook -i hosts.test debugs-test1.yaml
  • 结果
ansible-playbook -i hosts.test debugs-test1.yaml ... 
$ ansible-playbook -i hosts.test debugs-test1.yaml

PLAY [testservers] ***************************************************************************************************

TASK [Gathering Facts] ***********************************************************************************************
ok: [h-1]
ok: [h-3]
ok: [h-2]

TASK [debug info] ****************************************************************************************************
ok: [h-1] => {
    "msg": "this is debug info, value of test variable"
}
ok: [h-2] => {
    "msg": "this is debug info, value of test variable"
}
ok: [h-3] => {
    "msg": "this is debug info, value of test variable"
}

PLAY RECAP ***********************************************************************************************************
h-1                        : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
h-2                        : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
h-3                        : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

tags 模块

tags 用来对任务进行 打标签 操作,执行playbook时,通过标签指定执行哪些任务,或者指定不执行哪些任务

  • tags-test1.yaml
---
- hosts: testservers
  remote_user: root
  tasks:
  - name: task1
    file:
      path: /tmp/t1
      state: touch
    tags: t1
    # tags: t1,t2
  - name: task2
    file: path=/tmp/t2
          state=touch
    tags:
    - t2
    # tags:
    # - t1
    # - t2
  - name: task3
    file: path=/tmp/t3
          state=touch
    tags: ['t3']

source repo / download raw
  • 执行
# 查看有哪些 tags
ansible-playbook -i hosts.test --list-tags tags-test1.yaml

# 执行 tags: t2
ansible-playbook -i hosts.test --tags=t2 tags-test1.yaml
# 执行 tags: t1,t2
ansible-playbook -i hosts.test --tags=t1,t2 tags-test1.yaml

# 不执行 tags: t2
ansible-playbook -i hosts.test --skip-tags=t2 tags-test1.yaml
  • 说明:
    • 5个特殊tag
      • always 总是执行,除非你使用 --skip-tags
      • never 总不执行,除非指定,2.5版本中新加入
      • tagged 执行有标签的任务
        • ansible-playbook --tags tagged tags-test1.yaml
      • untagged 执行没有标签的任务
        • ansible-playbook --tags untagged tags-test1.yaml
      • all

handlers 模块

handlers 中定义的任务可以在 tasks 中的进行 调用,即 tasks 执行后才会调用,否则不执行

  • handlerstasks 是同级别的
  • 默认情况下,所有 tasks 执行完毕后,才会执行各个 handler,使用 - meta: flush_handlers 执行
    • meta任务是一种特殊的任务,可以影响ansible的内部运行方式
    • meta: flush_handlers 表示立即执行之前的 tasks 所对应 handler
---
- hosts: testservers
  remote_user: root
  tasks:
  - name: Modify the configuration
    lineinfile:
      path=/etc/nginx/conf.d/test.conf
      regexp="Listen 80"
      line="Listen 8088"
      backrefs=yes
      backup=yes
    notify:  # 使用 notify关键字调用 handlers 中的任务
      restart nginx

  # - meta: flush_handlers  # 执行 handlers
  # ... 其他任务

  handlers:
  - name: restart nginx
    service:
      name=nginx
      state=restarted

  handlers:
  - name: handler1
    listen: handler group1  # 定义 handlers 组,notify: handler group1 即可调用该组
    file: path=/testdir/ht1
          state=touch
  - name: handler2
    listen: handler group1
    file: path=/testdir/ht2
          state=touch

source repo / download raw

示例

push ssh key

  • ssh key
ssh-keygen -t rsa

  • hosts

  • push-ssh.yaml

# Using alternate directory locations:
- hosts: testservers
  user: root
  tasks:
    - name: ssh-copy
      authorized_key: user=root key="{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
      tags:
        - sshkey

source repo / download raw
  • run
ansible-playbook -i hosts push-ssh.yaml -v

Demo1

  • 配置host
$ cat hosts.nginx
10.0.0.2
10.0.0.3
  • 执行命令
$ ansible -i hosts.nginx all -m shell -a "nginx -s reload"
10.0.0.3 | CHANGED | rc=0 >>

10.0.0.2 | CHANGED | rc=0 >>
$ ansible -i hosts.nginx all -u root -m ping
$ ansible -i hosts.nginx all -a "systemctl status nginx.service"
$ ansible -i hosts.nginx all -m copy -a "src=resolv.conf backup=yes dest=/etc/resovl.conf"
$ ansible -i hosts.nginx all -m copy -a "src=hosts dest=/etc/hosts"

Demo2

  • hosts
[server]
192.168.179.20

[client]
192.168.179.21
192.168.179.22

# [client:vars]  # 与配置 vars_prompt 功能相同,一个是从配置文件读取,一个是从 console 获取
# cpus=12

source repo / download raw
  • demo2.yaml
---
# ansible-playbook -i hosts test.yaml -vv

- hosts: server
  gather_facts: false
  vars_prompt:
    - name: "cpus"
      prompt: "please input cpus"
      default: '1'
      private: no
  tasks:
    - name: Install NTP server
      yum:
        name: chronyd
        state: present
    - name: Start NTP server
      service:
        name: chronyd
        state: started
        enabled: yes
    - name: start-test-server
      shell: |
        for ((i=0; i<{{ cpus }}; i++ )); do
          echo $i
          date
        done
      args:
        executable: /bin/bash

- hosts: client
  gather_facts: false
  vars_prompt:
    - name: "cpus"
      prompt: "please input cpus"
      default: '1'
      private: yes
  tasks:
    - name: start-test-client
      shell: |
        echo {{ item }}
        date
        index="{{groups['client'].index(inventory_hostname)}}"
        port=$(expr $index + 1200)
        echo ${port}
        echo $(expr $port \* 2)
        echo ${key}
      with_items: "{{ groups['server'] }}"

source repo / download raw

删除文件

  • 删除指定目录下,对应规则的文件
- hosts: all
  tasks:

  - name: find to delete logs
    find:
      paths: /var/log/
      patterns: *.log
      # age: 3d 查找3天前的文件
    register: files_to_absent

  - name: absent logs
    file:
      path: "{{ item.path }}"
      state: absent
    with_items: "{{ files_to_absent.files }}"

source repo / download raw
  • 删除已知的文件
  - name: absent logs
    file:
      path: "{{ item }}"
      state: absent
    with_items:
      - /tmp/log1.log
      - /tmp/log1.log

source repo / download raw

删除进程

- hosts: all
  tasks:
    - name: find running processes
      ignore_errors: yes
      shell: "ps -ef | grep -v grep | grep sshd | awk '{print $2}'"
      register: running_processes

    - name: Kill running processes
      ignore_errors: yes
      shell: "kill {{ item }}"
      with_items: "{{ running_processes.stdout_lines }}"

source repo / download raw
最近更新
相关文章
最新评论
Home Archives Categories Tags Statistics
本文总阅读量 次 本站总访问量 次 本站总访客数