一、playbook剧本介绍
- 优势
- 便于功能的重用
- 本质上就是.yml结尾的文件
- 遵循YAML语法编写
1、YAML语法
- 一个键对应一个值时,冒号后面必须要有空格
- name: nginx
- 一个键对应多个值时,分行写
键:
- 值
- 值
- 值
- 同级别代码要有相同缩进,建议是4个空格
2、playbook大体结构
- hosts: 主机或主机组
user: 用户名 tasks:
- name: 任务名称
模块名称: 参数 参数 参数
- name: 任务名称
模块名称: 参数 参数 参数
- name: 任务名称
模块名称: 参数 参数 参数
二、playbook简单应用
1、在被管理机创建openstack用户,指定用户shell为/sbin/nologin
1) 编写剧本
[root@ansible ~]# cat /opt/work/userCreate.yml
- hosts: appserver
user: root
tasks:
- name: create openstack
user user: name=openstack shell=/sbin/nologin state=present
2) 执行剧本
[root@ansible ~]# ansible-playbook /opt/work/userCreate.yml
2、剧本在执行用户自定义的任务前,会自动执行一个名称为Gathering Facts的任务,即调用setup模块搜集被管理机的状态数据,可添加如下参数取消该行为
[root@ansible ~]# cat /opt/work/userCreate02.yml
- hosts: appserver
user: root
gather_facts: false
tasks:
- name: create hadoop user
user: name=hadoop shell=/sbin/nologin state=present
三、playbook中变量的使用
1、调用变量的语法
{{ 变量名称 }}
2、在playbook中直接定义变量
[root@ansible ~]# cat /opt/work/test1.yml
- hosts: appserver
user: root
gather_facts: false
vars:
- username: "user01"
- sh_name: "/sbin/nologin"
tasks:
- name: create user
user: name={{ username }} shell={{ sh_name }} state=present
3、在主机清单文件中为主机组定义变量
[appserver:vars]
username="user02"
sh_name="/sbin/nologin"
[root@ansible ~]# cat /opt/work/test1.yml
- hosts: appserver
user: root
ather_facts: false
tasks:
- name: create user
user: name={{ username }} shell={{ sh_name }} state=present
4、在主机清单文件中为单个主机定义变量
[appserver]
192.168.140.11 username="user03" sh_name="/sbin/nologin"
192.168.140.12 username="user003" sh_name="/bin/bash"
192.168.140.13 ansible_ssh_user="root" ansible_ssh_pass="redhat" ansible_ssh_port=22 username="user0003" sh_name="/bin/sync"
5、在外部文件中定义变量
[root@ansible ~]# cat /opt/work/userInfo
username: "user04"
sh_name: "/bin/false"
[root@ansible ~]# cat /opt/work/test1.yml
- hosts: appserver
user: root
gather_facts: false
vars_files:
- /opt/work/userInfo
tasks:
- name: create user user: name={{ username }} shell={{ sh_name }} state=present
1) 加密变量文件
[root@ansible ~]# ansible-vault encrypt /opt/work/userInfo
New Vault password:
Confirm New Vault password:
Encryption successful
[root@ansible ~]# cat /opt/work/userInfo
$ANSIBLE_VAULT;1.1;AES256 64343632653338376466326633373664333936646662386436333935623832333163316536366436 6631373063306364303332386533663764313633633836360a373364623431383063333233633130 63323066653237343863363564326165346436633165643763323366393038303534613734306538 3330623037656532370a623163363961353138376565366537613265353264336230353333343963 63373139306432353765336363306662366463396366386437383031303938323736626462333835 6335336664336631373830613866623930386336656438656263
2) 执行剧本时,添加--ask-vault参数
[root@ansible ~]# ansible-playbook --ask-vault /opt/work/test1.yml
Vault password:
3) 解密文件
[root@ansible ~]# ansible-vault decrypt /opt/work/userInfo
Vault password:
Decryption successful
[root@ansible ~]# cat /opt/work/userInfo
username: "user04"
sh_name: "/bin/false"
案例: 部署MySQL
1)、为不同的主机定义变量
[root@ansible ~]# grep -A 3 "appserver" /etc/ansible/hosts
[appserver]
192.168.140.11 server_id=11
192.168.140.12 server_id=12
192.168.140.13 ansible_ssh_user="root" ansible_ssh_pass="redhat" ansible_ssh_port=22 server_id=13
2)、准备MySQL配置文件模板
[root@ansible ~]# sed -n '1,3p' /opt/work/my.cnf
[mysqld]
server_id={{ server_id }}
log_bin=master
........
3)、编写剧本
[root@ansible ~]# cat /opt/work/installMySQL.yml
- hosts: appserver
user: root
gather_facts: false
tasks:
- name: install MySQL
yum: name=mariadb-server state=present
- name: push my.cnf
template: src=/opt/work/my.cnf dest=/etc/my.cnf
- name: start MySQL daemon
service: name=mariadb state=started enabled=yes
4)、执行剧本
[root@ansible ~]# ansible-playbook /opt/work/installMySQL.yml
5)、验证
[root@ansible ~]# ansible appserver -m shell -a 'netstat -antp | grep mysql'
扫一扫
2万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
