一:
usage:
ansible hosts_list -m module_name -a "command or shell"
eg:
ansible webservers -m command -a "free -m"
ansible webservers -m script -a "/home/test.sh 12 34"
ansible webservers -m shell -a "/home/test.sh"
module_name:
copy
eg: ansible webservers -m copy -a "src=/home/test.sh dest=/tmp/ owner=root group=root mode=0755"
stat
eg: ansible webservers -m stat -a "path=/etc/sysctl.conf"
get_url
eg: ansible webservers -m get_url -a "url=http://www.baidu.com dest=/tmp/index.html mode=0440 force=yes"
yum
eg: ansible webservers -m apt -a "pkg=curl state=latest"
ansible webservers -m yum -a "name=curl state=latest"
cron
eg: ansible webservers -m cron -a "name='check dirs' hour='5,2' job='ls -alh > /dev/null'"
mount
eg: ansible webservers -m mount -a "name=/mnt/data src=/dev/sd0 fstype=ext4 opts=ro state=present"
service
eg: ansible webservers -m service -a "name=nginx state=stoped"
ansible webservers -m service -a "name=nginx state=restarted"
ansible webservers -m service -a "name=nginx state=reloaded"
user
eg: ansible webservers -m user -a "name=cui comment='yaru'"
ansible webservers -m user -a "name=cui state=absent remove=yes"
二.playbook
配置管理,可定制配置,按指定的操作步骤有序执行,支持同步及异步方式.通过YAM格式进行描述定义,实现多台主机的应用部署。
官方大量例子:https://github.com/ansible/ansible-examples
playbooks模块调用格式如下eg:
-name: reboot the servers
command: /sbin/reboot -t now
egs:
1./home/test/ansible/playbooks/nginx.yml
---
- hosts: webservers
vars:
worker_processes: 4
num_cpus: 4
max_open_file: 65506
root: /data
remote_user: root
tasks:
- name: ensure nginx is at the latest version
yum: pkg=nginx state=latest
- name: write the nginx config file
template: src=/home/test/ansible/nginx/nginx.conf dest=/etc/nginx/nginx.conf
notify:
- restart nginx
- name: ensure nginx is running
service: name=nginx state=restarted
2.定义主机与用户
- hosts: webservers
vars:
worker_processes: 4
num_cpus: 4
root: /data
remote_user: root
3.任务列表:
tasks:
- name: xxxxx
service: xxxxx xxxxx
tasks:
- name: xxxxx
template: src=xxxx dest=xxx
notify:
- restart xxx
执行 playbook:
ansible-playbook playbookfile(.yml) [参数]
eg:
ansible-playbook /home/test/ansible/playbooks/nginx.yml -f 10 #f:(10个进程数)并行
[参数]:
--list-hosts playbooks #-l"hosts"
-u REMOTE_USER
-syntax-check 语法检查
-T TIMEOUT
--step:以单任务步骤执行,方便每一步的确认工作
* ansible-playbook --help
3.playbook角色与包含声明:
(1)ansible支持写playbook时拆分成多个文件,通过包含(include)的形式引用,可根据多种维度进行封装,如定义变量、任务、处理程序等。
(2)目录结构:
group_vars --相当于全局变量定义
hosts --定义主机“组”
site.yml --全局配置文件,group_vars、hosts、role等都在这里引用
role --角色设定
eg:
/home/test/ansible/playbooks/nginx/
1. cat /home/test/ansible/playbooks/nginx/hosts
[servers1]
192.168.1.21
192.168.1.31
[servers2]
192.168.2.21
192.168.2.31
[webservers]
192.168.3.21
192.168.3.31
...
2. cat /home/test/ansible/playbooks/nginx/group_vars/all #all 对hosts里的全部主机组,相当于默认全局变量
---
#Varibles listed here are applicable to all host groups
ntpserver: ntp.sjtu.edu.cn
cat /home/test/ansible/playbooks/nginx/group_vars/servers1 #对单组主机的特殊制定变量,仅对servers1主机组有效
---
worker_processes: 4
num_cpus: 4
max_open_file: 65536
root: /data
3.角色可以根据复用情况定义,比较随意
(1)common roles
cat /home/test/ansible/playbooks/nginx/common/vars/main.yml #这里定义的变量优先级高于group_vars里定义的变量
---
#Varibles
ntpserver: 210.210.123.123
cat /home/test/ansible/playbooks/nginx/common/handlers/main.yml
- name: restart ntp
service: name=ntp state=restarted
cat /home/test/ansible/playbooks/nginx/common/tasks/main.yml
- name: Install ntp
yum: name=ntp state=present
- name: Config ntp file
template: src=ntp.conf.j2 dest=/etc/ntp.conf
notify: restarted ntp
- name: ...
cat /home/test/ansible/playbooks/nginx/common/templates/ntp.conf.j2
driftfile /var/lib/ntp/drift
restrict 127.0.0.1
restrict -6 ::1
server {{ ntpserver }} #此处将引用/home/test/ansible/playbooks/nginx/common/vars/main.yml 里定义的ntpserver变量
...
(2) ser1 roles
cat /home/test/ansible/playbooks/nginx/ser1/tasks/main.yml
cat /home/test/ansible/playbooks/nginx/ser1/handlers/main.yml
cat /home/test/ansible/playbooks/nginx/ser1/templates/main.yml
4. cat /home/test/ansible/playbooks/nginx/site.yml
---
- name: apply common config to all hosts
hosts: all
roles:
- common
- name: config and deploy only to servers1
hosts: servers1
roles:
- ser1
5. 运行角色
#cd /home/test/ansible/playbooks/nginx
#ansible-playbook -i hosts site.yml -f 10
三:
1.获取远程主机信息-Facts
ansible 192.168.1.66(hostname) -m setup
返回一些变量信息(主机名、ip地址、操作系统、硬件信息等)
2. 在模版中引用:
{{ ansible_hostname }}
{{ ansible_device.sda.mode1 }}
...
3. Jinja2过滤器:
使用格式: {{变量名|过滤方法}}
{{ path | basename }} 过滤出文件名
{{ path | dirname }} 过滤出目录名
eg:
---
- hosts: 192.168.1.66
vars:
filename: /etc/profile
tasks:
- name: "shell1"
shell: echo {{ filename | basename }} >> /tmp/testshell
4. 自定义facts模块:
需在目标主机上/etc/ansible/facts.d目录定义JSON、INI或可执行的JSON输出,文件扩展名使用.fact
eg:
在192.168.1.66上定义变量:
/etc/ansible/facts.d/preferences.fact
[general]
max_memory_size=32
max_user_processes=3730
open_files=65535
在主控端运行:
ansible 192.168.1.66 -m setup -a "filter=ansible_local" --> 返回层级结构
引用变量:
{{ ansible_local.preferences.general.open_files }}
注册变量: 变量的另一个用途是将一条命令的执行结果保存到变量中,供后面的playbook使用
eg:
- hosts: servers1
tasks:
- shell: /usr/bin/foo
register: foo_result
ignore_errors: True
- shell: /usr/bin/bar
when: foo_result.rc == 5 #foo_result.rc 为返回 /usr/bin/foo的返回码,当值为5时, /usr/bin/bar命令才会运行
条件语句when:
有时候我们想跳过某些主机的执行步骤,比如符合特定版本的操作系统将不安装某个软件包,或者磁盘空间满了进行清理等.
eg:
tasks:
- command: /bin/false
register: result
ignore_errors: True
- command: /bin/something
when: result|failed
- command: /bin/something_else #当result执行结果为成功时执行这个
when: result|success
- command: /bin/still/something_else
when: result|skipped
循环:
eg1:
- name: add serveral users #实现批量创建用户
user: name={{ item }} state=present groups=wheel
with_items:
- testuser1
- testuser2
eg2 Dict:
- name: add serveral users
user: name={{ item.name }} state=present groups={{ item.groups }}
with_items:
- { name: 'testuser1',groups:'wheel'}
- { name: 'testuser2',groups:'root'}
eg3 List:
---
# file: roles/fool/vars/main.yml
packages_base:
- [ 'foo-package', 'bar-package' ]
packages_apps:
- [ ['one-package', 'two-package'] ]
- [ ['red-[package', 'blue-package'] ]
引用:
- name: flattend loop demo
yum:name={{ item }} state=installed
with_flattened:
- package_base
- packages_apps