Ansible 使用

Ansible 使用

基本概念

• hosts 执行的远程主机列表
• tasks 任务集合
• varniables 内置变量或自定义变量，在playbook中调用
• templates 模板，可替换模板中的变量并实现一些简单的逻辑的文件
• tags 标签，制定某条任务执行，用户选择运行playbook中的部分代码

ad-hoc 模式运行

# ping
ansible -i hosts all -m ping

# 执行 shell
ansible -i hosts all -m shell "pwd"
ansible -i hosts all -m shell -a "cat /etc/hosts"

# sync file
ansible -i hosts all -m copy -a "src=/root/centos-7.repo dest=/etc/yum.repos.d/"

# 安装 nginx
ansible -i hosts all -m yum -a "name=nginx state=installed"
ansible -i hosts all -m shell -a "yum info nginx"

playbook 模式

push ssh key

• ssh key

ssh-keygen -t rsa

• hosts

[testservers]
ansible_ssh_user="root"  ansible_ssh_host=192.168.179.21 ansible_ssh_port=22 ansible_ssh_pass="<pwd>"
ansible_ssh_user="root"  ansible_ssh_host=192.168.179.22 ansible_ssh_port=22 ansible_ssh_pass="<pwd>"

• push-ssh.yaml

# Using alternate directory locations:
- hosts: testservers
  user: root
  tasks:
    - name: ssh-copy
      authorized_key: user=root key="{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
      tags:
        - sshkey

• run

ansible-playbook -i hosts push-ssh.yaml -v

并发连接数

默认情况下，ansible 的并发数是5，有两种修改方式：

• 环境变量

export ANSIBLE_FORKS=10

• 配置 /etc/ansible/ansible.cfg

[defaults]
forks = 10

Demo1

• 配置host

$ cat hosts.nginx
10.0.0.2
10.0.0.3

• 执行命令

$ ansible -i hosts.nginx all -m shell -a "nginx -s reload"
10.0.0.3 | CHANGED | rc=0 >>

10.0.0.2 | CHANGED | rc=0 >>
$ ansible -i hosts.nginx all -u root -m ping
$ ansible -i hosts.nginx all -a "systemctl status nginx.service"
$ ansible -i hosts.nginx all -m copy -a "src=resolv.conf backup=yes dest=/etc/resovl.conf"
$ ansible -i hosts.nginx all -m copy -a "src=hosts dest=/etc/hosts"

Demo2

• hosts

[server]
192.168.179.20

[client]
192.168.179.21
192.168.179.22

# [client:vars]  # 与配置 vars_prompt 功能相同，一个是从配置文件读取，一个是从 console 获取
# cpus=12

• test.yaml

---
# ansible-playbook -i hosts test.yaml -vv

- hosts: server
  gather_facts: false
  vars_prompt:
    - name: "cpus"
      prompt: "please input cpus"
      default: '1'
      private: no
  tasks:
    - name: start-test-server
      shell: |
        for ((i=0; i<{{ cpus }}; i++ )); do
          echo $i
          date
        done
      args:
        executable: /bin/bash

- hosts: client
  gather_facts: false
  vars_prompt:
    - name: "cpus"
      prompt: "please input cpus"
      default: '1'
      private: yes
  tasks:
    - name: start-test-client
      shell: |
        echo {{ item }}
        date
        index="{{groups['client'].index(inventory_hostname)}}"
        port=$(expr $index + 1200)
        echo ${port}
        echo $(expr $port \* 2)
        echo ${key}
      with_items: "{{ groups['server'] }}"

文件处理

删除文件

• 删除指定目录下，对应规则的文件

- hosts: all
  tasks:

  - name: find to delete logs
    find:
      paths: /var/log/
      patterns: *.log
      # age: 3d 查找3天前的文件
    register: files_to_absent

  - name: absent logs
    file:
      path: "{{ item.path }}"
      state: absent
    with_items: "{{ files_to_absent.files }}"

• 删除已知的文件

  - name: absent logs
    file:
      path: "{{ item }}"
      state: absent
    with_items:
      - /tmp/log1.log
      - /tmp/log1.log

删除进程

- hosts: all
  tasks:
    - name: find running processes
      ignore_errors: yes
      shell: "ps -ef | grep -v grep | grep sshd | awk '{print $2}'"
      register: running_processes

    - name: Kill running processes
      ignore_errors: yes
      shell: "kill {{ item }}"
      with_items: "{{ running_processes.stdout_lines }}"