Ansible Role 详解
Roles介绍
-
ansible自1.2版本引入的新特性,用于层次性、结构化地组织playbook。roles能够根据层次型结构自动装载变量文件、tasks以及handlers等。要使用roles只需要在playbook中使用include指令引入即可。 - 简单来讲,
roles就是通过分别将变量、文件、任务、模板及处理器放置于单独的目录中,并可以便捷的include它们的一种机制。 - 角色一般用于基于主机构建服务的场景中,但也可以是用于构建守护进程等场景中。主要使用场景代码复用度较高的情况下。
1. Roles目录
1.1 roles 目录结构
1.2 roles 目录含义
roles: <--所有的角色必须放在roles目录下,这个目录可以自定义位置,默认的位置在/etc/ansible/roles
project: <---具体的角色项目名称,比如nginx、tomcat、php
files: <--用来存放由copy模块或script模块调用的文件。
templates: <--用来存放jinjia2模板,template模块会自动在此目录中寻找jinjia2模板文件。
tasks: <--此目录应当包含一个main.yml文件,用于定义此角色的任务列表,此文件可以使用include包含其它的位于此目录的task文件。
main.yml
handlers: <--此目录应当包含一个main.yml文件,用于定义此角色中触发条件时执行的动作。
main.yml
vars: <--此目录应当包含一个main.yml文件,用于定义此角色用到的变量。
main.yml
defaults: <--此目录应当包含一个main.yml文件,用于为当前角色设定默认变量。
main.yml
meta: <--此目录应当包含一个main.yml文件,用于定义此角色的特殊设定及其依赖关系。
main.yml
2. 创建httpd服务的roles(角色)
-
新建文件夹,具体文件夹如下:
[root@ansibleplaybook]# mkdir roles [root@ansibleplaybook]# mkdir roles/{httpd,nginx,mysql} [root@ansibleplaybook]# mkdir roles/{httpd,nginx,mysql}/{tasks,files,templates,handlers,vars} -
复制本地的httpd.conf文件,当做实验备用:
$ cp /etc/httpd/conf/httpd.conf files/ -
查看具体的文件结构:
[root@ansibleplaybook]#tree roles/ roles/ ├── httpd │ ├── files │ │ └── httpd.conf │ ├── handlers │ ├── tasks │ │ ├── config.yml │ │ ├── group.yml │ │ ├── install.yml │ │ ├── main.yml │ │ ├── service.yml │ │ └── user.yml │ ├── templates │ └── vars ├── mysql │ ├── files │ ├── handlers │ ├── tasks │ ├── templates │ └── vars └── nginx ├── files ├── handlers ├── tasks ├── templates └── vars -
编写httpd目录下tasks目录文件内容:
-
创建将文件复制到对方主机上的文件:
[root@ansibletasks]#vim config.yml - name: config file copy: src=httpd.conf dest=/etc/httpd/conf backup=yes -
创建用户:
[root@ansibletasks]#vim group.yml - name: create group group: name=apache system=yes gid=80 -
创建安装配置文件:
[root@ansibletasks]#vim install.yml - name: install package yum: name=httpd -
创建服务的文件:
[root@ansibletasks]#vim service.yml - name: service service: name=httpd state=started enabled=yes -
创建用户文件:
[root@ansibletasks]#cat user.yml - name: create user user: name=apache group=apache uid=80 shell=/sbin/nologin home=/usr/share/httpd system=yes -
将所有的文件关联起来,并按顺序排列:
[root@ansibletasks]#cat main.yml - include: group.yml - include: user.yml - include: install.yml - include: config.yml - include: service.yml -
将httpd.conf配置文件的端口修改为9527:
[root@ansibleroles]#vim httpd/files/httpd.conf Listen 9527 -
编写playbook剧本,用来调用httpd整个目录下的内容:
[root@ansibleplaybook]#vim httpd_roles.yml - hosts: webs remote_user: root roles: - role: httpd -
编写一个网站文件,并在屏幕上显示,验证当前的信息:
[root@ansibleroles]#vim httpd/files/index.html <h1>welcome to beijing!</h1> -
将创建的index.html数据复制到/var/www/html目录下,相当于是给页面准备一个文件:
[root@ansibleroles]#vim httpd/tasks/data.yml - name: data file copy: src=index.html dest=/var/www/html/ -
将创建的数据放到main.yml文件中,按顺序进行执行:
[root@ansibleroles]#vim httpd/tasks/main.yml - include: group.yml - include: user.yml - include: install.yml - include: config.yml - include: service.yml - include: data.yml -
查看当前创建的目录文件结构:
[root@ansibleplaybook]#tree roles/httpd roles/httpd ├── files │ ├── httpd.conf │ └── index.html ├── handlers ├── tasks │ ├── config.yml │ ├── data.yml │ ├── group.yml │ ├── install.yml │ ├── main.yml │ ├── service.yml │ └── user.yml ├── templates └── vars
-
-
执行playbook
[root@ansibleplaybook]#ansible-playbook httpd_roles.yml PLAY [webs] ********************************************************************************************************** TASK [Gathering Facts] *********************************************************************************************** ok: [192.168.34.103] TASK [httpd : create group] ****************************************************************************************** ok: [192.168.34.103] TASK [httpd : create user] ******************************************************************************************* ok: [192.168.34.103] TASK [httpd : install package] *************************************************************************************** ok: [192.168.34.103] TASK [httpd : config file] ******************************************************************************************* ok: [192.168.34.103] TASK [httpd : service] *********************************************************************************************** ok: [192.168.34.103] PLAY RECAP *********************************************************************************************************** 192.168.34.103 : ok=6 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 -
查看httpd端口开启情况:
[root@ansibleplaybook]#ansible webs -a "ss -nlt" 192.168.34.103 | CHANGED | rc=0 >> State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 50 *:139 *:* LISTEN 0 128 *:82 *:* LISTEN 0 128 *:22 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 50 *:445 *:* LISTEN 0 50 :::139 :::* LISTEN 0 128 :::80 :::* LISTEN 0 32 :::21 :::* LISTEN 0 128 :::22 :::* LISTEN 0 128 :::9527 :::* LISTEN 0 100 ::1:25 :::* LISTEN 0 50 :::445 :::* -
查看网页信息打开情况:
3. 创建nginx服务的roles(角色):
-
将之前httpd做实验的子目录文件都复制一份到nginx目录下:
[root@ansibleplaybook]#cd roles/ [root@ansibleroles]#ls httpd mysql [root@ansibleroles]#rm -rf nginx/ [root@ansibleroles]#cp -r httpd/ nginx -
将roles/nginx/tasks/main.yml文件顺序进行修改:
[root@ansibleplaybook]#vim roles/nginx/tasks/main.yml - include: install.yml - include: config.yml - include: service.yml -
删除多余的tasks目录下的文件:
[root@ansiblenginx]#cd tasks/ [root@ansibletasks]#ls config.yml data.yml group.yml install.yml main.yml service.yml user.yml [root@ansibletasks]#rm -rf group.yml user.yml -
修改config.yml配置文件,使用template模板形式进行修改:
[root@ansibletasks]#vim config.yml - name: config file template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf -
将本地已安装好的nginx的nginx.conf配置文件复制到template目录下,起名叫nginx.conf.j2
[root@ansiblenginx]#yum install nginx -y [root@ansiblenginx]#cp /etc/nginx/nginx.conf templates/nginx.conf.j2 -
修改nginx/templates/nginx.conf.j2配置文件的CPU内核:
[root@ansibletemplates]#vim nginx.conf.j2 # For more information on configuration, see: # * Official English Documentation: http://nginx.org/en/docs/ # * Official Russian Documentation: http://nginx.org/ru/docs/ user nginx; worker_processes {{ansible_processor_count**3}}; -
跨角色调用httpd服务文件内容:
[root@ansiblenginx]#vim tasks/data.yml - name: data copy: src=roles/httpd/files/index.html dest=/usr/share/nginx/html/ -
将data.yml放入到main.yml文件中、安装的nginx软件名称修改,以及要启动的服务名称修改:
[root@ansiblenginx]#vim tasks/main.yml - include: install.yml - include: config.yml - include: service.yml - include: data.yml [root@ansiblenginx]#vim tasks/install.yml 将安装的nginx文件名修改 - name: install package yum: name=nginx [root@ansiblenginx]#vim tasks/service.yml 将启动的服务名称修改 - name: service service: name=nginx state=started enabled=yes -
最后在playbook目录下创建nginx_rolee.yml配置文件(跟roles目录平级):
[root@ansibleplaybook]#vim nginx_roles.yml - hosts: webs remote_user: root roles: - role: nginx - role: httpd -
执行playbook
[root@ansibleplaybook]#ansible-playbook nginx_roles.yml 执行剧本 [root@ansibleplaybook]#ansible webs -a "ss -nlt" 查看当前的端口执行情况:80和9527端口都已打开 192.168.34.103 | CHANGED | rc=0 >> State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 50 *:139 *:* LISTEN 0 128 *:80 *:* LISTEN 0 128 *:22 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 50 *:445 *:* LISTEN 0 50 :::139 :::* LISTEN 0 128 :::80 :::* LISTEN 0 32 :::21 :::* LISTEN 0 128 :::22 :::* LISTEN 0 128 :::9527 :::* LISTEN 0 100 ::1:25 :::* LISTEN 0 50 :::445 :::* -
此时用nginx服务默认的80端口已经可以打开网页,已经实现了跨角色调用文件:
4. 如果触发notify和handlers两个角色,可以修改相关文件,具体如下:
[root@ansibleplaybook]#vim roles/nginx/tasks/config.yml
- name: config file
template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf
notify: restart 此处的名称要和handlers一致<br>
[root@ansibleplaybook]#vim roles/nginx/handlers/main.yml<br>
- name: restart
service: name=nginx state=restarted
-
为了验证重启效果,此时我们可以将nginx.conf.j2配置文件的端口修改为8080:
root@ansibleplaybook]#vim roles/nginx/templates/nginx.conf.j2 server { listen 8080 default_server; -
执行playbook
[root@ansibleplaybook]#ansible-playbook nginx_roles.yml PLAY [webs] ********************************************************************************************************** TASK [Gathering Facts] *********************************************************************************************** ok: [192.168.34.103] TASK [nginx : install package] *************************************************************************************** ok: [192.168.34.103] TASK [nginx : config file] ******************************************************************************************* changed: [192.168.34.103] TASK [nginx : service] *********************************************************************************************** ok: [192.168.34.103] TASK [nginx : data] ************************************************************************************************** ok: [192.168.34.103] TASK [httpd : create group] ****************************************************************************************** ok: [192.168.34.103] TASK [httpd : create user] ******************************************************************************************* ok: [192.168.34.103] TASK [httpd : install package] *************************************************************************************** ok: [192.168.34.103] TASK [httpd : config file] ******************************************************************************************* ok: [192.168.34.103] TASK [httpd : service] *********************************************************************************************** ok: [192.168.34.103] TASK [httpd : data file] ********************************************************************************************* ok: [192.168.34.103] RUNNING HANDLER [nginx : restart] ************************************************************************************ changed: [192.168.34.103] PLAY RECAP *********************************************************************************************************** 192.168.34.103 : ok=12 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 -
查看当前运行结果,此时的控制的机器nginx端口打开的是8080:
[root@ansibleplaybook]#ansible webs -a "ss -nlt" 192.168.34.103 | CHANGED | rc=0 >> State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 50 *:139 *:* LISTEN 0 128 *:8080 *:* LISTEN 0 128 *:22 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 50 *:445 *:* LISTEN 0 50 :::139 :::* LISTEN 0 128 :::80 :::* LISTEN 0 32 :::21 :::* LISTEN 0 128 :::22 :::* LISTEN 0 128 :::9527 :::* LISTEN 0 100 ::1:25 :::* LISTEN 0 50 :::445 :::* -
下来,我们添加变量格式:
[root@ansibleplaybook]#vim roles/nginx/vars/main.yml username: daemon -
将roles/nginx/templates/nginx.conf.j2配置文件的名称修改:
[root@ansibleplaybook]#vim roles/nginx/templates/nginx.conf.j2 # For more information on configuration, see: # * Official English Documentation: http://nginx.org/en/docs/ # * Official Russian Documentation: http://nginx.org/ru/docs/ user {{username}}; -
执行playbook
[root@ansibleplaybook]#ansible-playbook nginx_roles.yml PLAY [webs] ********************************************************************************************************** TASK [Gathering Facts] *********************************************************************************************** ok: [192.168.34.103] TASK [nginx : install package] *************************************************************************************** ok: [192.168.34.103] TASK [nginx : config file] ******************************************************************************************* changed: [192.168.34.103] TASK [nginx : service] *********************************************************************************************** ok: [192.168.34.103] TASK [nginx : data] ************************************************************************************************** ok: [192.168.34.103] TASK [httpd : create group] ****************************************************************************************** ok: [192.168.34.103] TASK [httpd : create user] ******************************************************************************************* ok: [192.168.34.103] TASK [httpd : install package] *************************************************************************************** ok: [192.168.34.103] TASK [httpd : config file] ******************************************************************************************* ok: [192.168.34.103] TASK [httpd : service] *********************************************************************************************** ok: [192.168.34.103] TASK [httpd : data file] ********************************************************************************************* ok: [192.168.34.103] RUNNING HANDLER [nginx : restart] ************************************************************************************ changed: [192.168.34.103] PLAY RECAP *********************************************************************************************************** 192.168.34.103 : ok=12 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 -
查看当前的nginx的名称,此时已经修改为daemon:
[root@ansibleplaybook]#ansible webs -a "ps aux | grep nginx" 192.168.34.103 | CHANGED | rc=0 >> root 25536 0.0 0.1 120796 2092 ? Ss 10:47 0:00 nginx: master process /usr/sbin/nginx daemon 25537 0.0 0.1 121180 3124 ? S 10:47 0:00 nginx: worker process root 25602 0.0 0.0 113176 1216 pts/1 S+ 10:48 0:00 /bin/sh -c ps aux | grep nginx root 25604 0.0 0.0 112708 960 pts/1 R+ 10:48 0:00 grep nginx
5. 实现条件判断调用角色:
[root@ansibleplaybook]#vim roles/httpd/tasks/config.yml
- name: config file1
template: src=httpd6.conf.j2 dest=/etc/httpd/conf/httpd.conf backup=yes
when: ansible_distribution_major_version=="6"
- name: config file2
template: src=httpd7.conf.j2 dest=/etc/httpd/conf/httpd.conf backup=yes
when: ansible_distribution_major_version=="7"
-
将安装好的centos6和centos7的httpd配置文件复制到roles/httpd/templates/目录下,文件名后缀都是以.j2结尾:
[root@centos6~]#scp /etc/httpd/conf/httpd.conf 192.168.34.101:/root/playbook/roles/httpd/templates/httpd6.conf.j2 root@192.168.34.101's password: httpd.conf 100% 34KB 33.6KB/s 00:00 -
将centos7的httpd.conf配置文件也放在roles/httpd/templates/目录下,起名以j2结尾:
[root@ansibleplaybook]#cp /etc/httpd/conf/httpd.conf roles/httpd/templates/httpd7.conf.j2 -
修改当前的http_roles.yml配置文件,里边的apps组才有centos6和7的版本:
[root@ansibleplaybook]#vim http_roles.yml - hosts: apps remote_user: root roles: - role: httpd -
执行playbook剧本:
[root@ansibleplaybook]#ansible-playbook http_roles.yml PLAY [apps] ********************************************************************************************************** TASK [Gathering Facts] *********************************************************************************************** ok: [192.168.34.103] ok: [192.168.34.105] TASK [httpd : create group] ****************************************************************************************** ok: [192.168.34.103] ok: [192.168.34.105] TASK [httpd : create user] ******************************************************************************************* ok: [192.168.34.103] ok: [192.168.34.105] TASK [httpd : install package] *************************************************************************************** changed: [192.168.34.105] changed: [192.168.34.103] TASK [httpd : config file1] ****************************************************************************************** skipping: [192.168.34.103] changed: [192.168.34.105] TASK [httpd : config file2] ****************************************************************************************** skipping: [192.168.34.105] changed: [192.168.34.103] TASK [httpd : service] *********************************************************************************************** changed: [192.168.34.103] changed: [192.168.34.105] TASK [httpd : data file] ********************************************************************************************* ok: [192.168.34.103] ok: [192.168.34.105] PLAY RECAP *********************************************************************************************************** 192.168.34.103 : ok=7 changed=3 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 192.168.34.105 : ok=7 changed=3 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 -
查看安装好后的httpd运行结果:
[root@ansibleplaybook]#ansible apps -a "ss -nltp" 192.168.34.103 | CHANGED | rc=0 >> State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 50 *:139 *:* users:(("smbd",pid=6721,fd=36)) LISTEN 0 128 *:80 *:* users:(("httpd",pid=27209,fd=3),("httpd",pid=27208,fd=3),("httpd",pid=27207,fd=3),("httpd",pid=27206,fd=3),("httpd",pid=27205,fd=3),("httpd",pid=27204,fd=3)) LISTEN 0 128 *:8080 *:* users:(("nginx",pid=25537,fd=6),("nginx",pid=25536,fd=6)) LISTEN 0 128 *:22 *:* users:(("sshd",pid=6719,fd=3)) LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=6818,fd=13)) LISTEN 0 50 *:445 *:* users:(("smbd",pid=6721,fd=35)) LISTEN 0 50 :::139 :::* users:(("smbd",pid=6721,fd=34)) LISTEN 0 128 :::80 :::* users:(("nginx",pid=25537,fd=7),("nginx",pid=25536,fd=7)) LISTEN 0 32 :::21 :::* users:(("vsftpd",pid=6718,fd=4)) LISTEN 0 128 :::22 :::* users:(("sshd",pid=6719,fd=4)) LISTEN 0 100 ::1:25 :::* users:(("master",pid=6818,fd=14)) LISTEN 0 50 :::445 :::* users:(("smbd",pid=6721,fd=33)) 192.168.34.105 | CHANGED | rc=0 >> State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 127.0.0.1:6010 *:* users:(("sshd",5804,7)) LISTEN 0 128 ::1:6010 :::* users:(("sshd",5804,6)) LISTEN 0 128 :::43999 :::* users:(("rpc.statd",1781,10)) LISTEN 0 128 :::111 :::* users:(("rpcbind",1674,11)) LISTEN 0 128 *:111 *:* users:(("rpcbind",1674,8)) LISTEN 0 128 *:58740 *:* users:(("rpc.statd",1781,8)) LISTEN 0 128 :::22 :::* users:(("sshd",2079,4)) LISTEN 0 128 *:22 *:* users:(("sshd",2079,3)) LISTEN 0 128 :::87 :::* users:(("httpd",8981,6),("httpd",9097,6),("httpd",9098,6),("httpd",9099,6),("httpd",9100,6),("httpd",9101,6),("httpd",9102,6),("httpd",9103,6),("httpd",9104,6)) LISTEN 0 64 :::23 :::* users:(("xinetd",2103,5)) LISTEN 0 128 127.0.0.1:631 *:* users:(("cupsd",1826,7)) LISTEN 0 128 ::1:631 :::* users:(("cupsd",1826,6)) LISTEN 0 100 ::1:25 :::* users:(("master",2209,13)) LISTEN 0 100 127.0.0.1:25 *:* users:(("master",2209,12))
6. 使用标签实现playbook角色调用:
[root@ansibleplaybook]#vim all_roles.yml
- hosts: all
remote_user: root
roles:
- {role: httpd,tags: ["httpd","web"]} 将两个服务整体作为一个字典,然后贴上标签:
- {role: nginx,tags: ["nginx","web"]}
- {role: mysql,tags: db}
-
执行标签的其中一个playbook内容:
[root@ansibleplaybook]#ansible-playbook -t httpd all_roles.yml PLAY [all] *********************************************************************************************************** TASK [Gathering Facts] *********************************************************************************************** ok: [192.168.34.103] ok: [192.168.34.105] TASK [httpd : create group] ****************************************************************************************** ok: [192.168.34.103] ok: [192.168.34.105] TASK [httpd : create user] ******************************************************************************************* ok: [192.168.34.103] ok: [192.168.34.105] TASK [httpd : install package] *************************************************************************************** changed: [192.168.34.103] changed: [192.168.34.105] TASK [httpd : config file1] ****************************************************************************************** skipping: [192.168.34.103] changed: [192.168.34.105] TASK [httpd : config file2] ****************************************************************************************** skipping: [192.168.34.105] changed: [192.168.34.103] TASK [httpd : service] *********************************************************************************************** changed: [192.168.34.103] changed: [192.168.34.105] TASK [httpd : data file] ********************************************************************************************* ok: [192.168.34.103] ok: [192.168.34.105] PLAY RECAP *********************************************************************************************************** 192.168.34.103 : ok=7 changed=3 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 192.168.34.105 : ok=7 changed=3 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 -
查看执行后的内容:
[root@ansibleplaybook]#ansible all -a "ss -nlt" 192.168.34.103 | CHANGED | rc=0 >> State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 50 *:139 *:* LISTEN 0 128 *:22 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 50 *:445 *:* LISTEN 0 50 :::139 :::* LISTEN 0 128 :::80 :::* LISTEN 0 32 :::21 :::* LISTEN 0 128 :::22 :::* LISTEN 0 100 ::1:25 :::* LISTEN 0 50 :::445 :::* 192.168.34.105 | CHANGED | rc=0 >> State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 127.0.0.1:6010 *:* LISTEN 0 128 ::1:6010 :::* LISTEN 0 128 :::43999 :::* LISTEN 0 128 :::111 :::* LISTEN 0 128 *:111 *:* LISTEN 0 128 *:58740 *:* LISTEN 0 128 :::22 :::* LISTEN 0 128 *:22 *:* LISTEN 0 128 :::87 :::* LISTEN 0 64 :::23 :::* LISTEN 0 128 127.0.0.1:631 *:* LISTEN 0 128 ::1:631 :::* LISTEN 0 100 ::1:25 :::* LISTEN 0 100 127.0.0.1:25 *:* -
执行web标签的playbook,就会将定义标签的httpd和nginx两个文件都执行:
[root@ansibleplaybook]#ansible-playbook -t web all_roles.yml PLAY [apps] ********************************************************************************************************** TASK [Gathering Facts] *********************************************************************************************** ok: [192.168.34.103] ok: [192.168.34.105] TASK [httpd : create group] ****************************************************************************************** ok: [192.168.34.103] ok: [192.168.34.105] TASK [httpd : create user] ******************************************************************************************* ok: [192.168.34.103] ok: [192.168.34.105] TASK [httpd : install package] *************************************************************************************** changed: [192.168.34.103] changed: [192.168.34.105] TASK [httpd : config file1] ****************************************************************************************** skipping: [192.168.34.103] changed: [192.168.34.105] TASK [httpd : config file2] ****************************************************************************************** skipping: [192.168.34.105] changed: [192.168.34.103] TASK [httpd : service] *********************************************************************************************** changed: [192.168.34.103] changed: [192.168.34.105] TASK [httpd : data file] ********************************************************************************************* ok: [192.168.34.103] ok: [192.168.34.105] TASK [nginx : install package] *************************************************************************************** changed: [192.168.34.105] changed: [192.168.34.103] TASK [nginx : config file] ******************************************************************************************* changed: [192.168.34.103] changed: [192.168.34.105] TASK [nginx : service] *********************************************************************************************** changed: [192.168.34.105] changed: [192.168.34.103] TASK [nginx : data] ************************************************************************************************** changed: [192.168.34.103] changed: [192.168.34.105] RUNNING HANDLER [nginx : restart] ************************************************************************************ changed: [192.168.34.103] changed: [192.168.34.105] PLAY RECAP *********************************************************************************************************** 192.168.34.103 : ok=12 changed=8 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 192.168.34.105 : ok=12 changed=8 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 -
查看执行结果的状态:
[root@ansibleplaybook]#ansible apps -a "ss -nlpt" 192.168.34.103 | CHANGED | rc=0 >> State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 50 *:139 *:* users:(("smbd",pid=6721,fd=36)) LISTEN 0 128 *:8080 *:* users:(("nginx",pid=38028,fd=6),("nginx",pid=38027,fd=6)) LISTEN 0 128 *:22 *:* users:(("sshd",pid=6719,fd=3)) LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=6818,fd=13)) LISTEN 0 50 *:445 *:* users:(("smbd",pid=6721,fd=35)) LISTEN 0 50 :::139 :::* users:(("smbd",pid=6721,fd=34)) LISTEN 0 32 :::21 :::* users:(("vsftpd",pid=6718,fd=4)) LISTEN 0 128 :::22 :::* users:(("sshd",pid=6719,fd=4)) LISTEN 0 100 ::1:25 :::* users:(("master",pid=6818,fd=14)) LISTEN 0 128 :::90 :::* users:(("nginx",pid=38028,fd=7),("nginx",pid=38027,fd=7)) LISTEN 0 50 :::445 :::* users:(("smbd",pid=6721,fd=33)) LISTEN 0 128 :::99 :::* users:(("httpd",pid=37535,fd=4),("httpd",pid=37534,fd=4),("httpd",pid=37533,fd=4),("httpd",pid=37532,fd=4),("httpd",pid=37531,fd=4),("httpd",pid=37530,fd=4)) 192.168.34.105 | CHANGED | rc=0 >> State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 127.0.0.1:6010 *:* users:(("sshd",5804,7)) LISTEN 0 128 ::1:6010 :::* users:(("sshd",5804,6)) LISTEN 0 128 :::43999 :::* users:(("rpc.statd",1781,10)) LISTEN 0 128 :::111 :::* users:(("rpcbind",1674,11)) LISTEN 0 128 *:111 *:* users:(("rpcbind",1674,8)) LISTEN 0 128 *:58740 *:* users:(("rpc.statd",1781,8)) LISTEN 0 128 :::8181 :::* users:(("httpd",20990,6),("httpd",21802,6),("httpd",21803,6),("httpd",21804,6),("httpd",21805,6),("httpd",21806,6),("httpd",21807,6),("httpd",21808,6),("httpd",21809,6)) LISTEN 0 128 :::22 :::* users:(("sshd",2079,4)) LISTEN 0 128 *:22 *:* users:(("sshd",2079,3)) LISTEN 0 64 :::23 :::* users:(("xinetd",2103,5)) LISTEN 0 128 127.0.0.1:631 *:* users:(("cupsd",1826,7)) LISTEN 0 128 ::1:631 :::* users:(("cupsd",1826,6)) LISTEN 0 100 ::1:25 :::* users:(("master",2209,13)) LISTEN 0 100 127.0.0.1:25 *:* users:(("master",2209,12))
7. 做一个memcached小实验:
目的:是为了定义当前缓存服务器在内存中占比,应该设置多大?
-
安装memcached:
[root@ansibleplaybook]#yum install memcached -y [root@ansibleplaybook]#cat /etc/sysconfig/memcached PORT="11211" USER="memcached" MAXCONN="1024" CACHESIZE="64" 当前的缓存大小 OPTIONS="" -
定义memcached角色:
[root@ansibleroles]#cd roles [root@ansibleroles]#cp httpd/ memcached -r 将httpd服务复制memcached,在里边进行修改 -
删除之前指定的httpd相关文件:
[root@ansibletasks]#cd roles/memcached/tasks [root@ansibletasks]#rm -f data.yml user.yml group.yml 删除不需要的文件 [root@ansiblememcached]#cp /etc/sysconfig/memcached templates/memcached.j2 复制memcached到templates目录下,起名叫memcached.j2 [root@ansiblememcached]#vim templates/memcache.j2 修改memcached相关配置 PORT="11211" USER="memcached" MAXCONN="1024" CACHESIZE="{{ansible_memtotal_mb//4}}" 将变量进行整除。 OPTIONS="" -
修改配置文件:
[root@ansiblememcached]#vim tasks/config.yml - name: config file1 template: src=memcached.j2 dest=/etc/sysconfig/memcached backup=yes -
修改main.yml配置文件:
[root@ansiblememcached]#vim tasks/main.yml - include: install.yml - include: config.yml - include: service.yml -
修改安装配置文件
[root@ansiblememcached]#vim tasks/install.yml - name: install package yum: name=memcached -
配置启动服务文件:
[root@ansiblememcached]#vim tasks/service.yml - name: service service: name=memcached state=started enabled=yes -
然后在playbook目录下创建一个roles角色playbook剧本:
[root@ansibleplaybook]#vim test_memcached.yml - hosts: apps remote_user: root roles: - role: memcached -
然后将centos6和centos7的内存大小分别调整为3G和2G,执行playbook:
[root@ansibleplaybook]#ansible-playbook test_memcached.yml PLAY [apps] ********************************************************************************************************** TASK [Gathering Facts] *********************************************************************************************** ok: [192.168.34.103] ok: [192.168.34.105] TASK [memcached : install package] *********************************************************************************** ok: [192.168.34.103] changed: [192.168.34.105] TASK [memcached : config file1] ************************************************************************************** changed: [192.168.34.103] changed: [192.168.34.105] TASK [memcached : service] ******************************************************************************************* changed: [192.168.34.105] changed: [192.168.34.103] PLAY RECAP *********************************************************************************************************** 192.168.34.103 : ok=4 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 192.168.34.105 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 -
查看对方的内存大小情况,可以看到,之前的内存大小默认是64,此时已经有所改变:
[root@ansibleplaybook]#ansible apps -a "cat /etc/sysconfig/memcached" 192.168.34.103 | CHANGED | rc=0 >> PORT="11211" USER="memcached" MAXCONN="1024" CACHESIZE="496" OPTIONS="" 192.168.34.105 | CHANGED | rc=0 >> PORT="11211" USER="memcached" MAXCONN="1024" CACHESIZE="244" OPTIONS=""
8. Ansible roles总结
1.编写任务(task)的时候,里面不需要写需要执行的主机,单纯的写某个任务是干什么的即可,装软件的就是装软件的,启动的就是启动的。单独做某一件事即可,最后通过main.yml将这些单独的任务安装执行顺序include进来即可,这样方便维护且一目了然。
2.定义变量时候直接安装k:v格式将变量写在vars/main.yml文件即可,然后task或者template直接调用即可,会自动去vars/main.yml文件里面去找。
3.定义handlers时候,直接在handlers/main.yml文件中写需要做什么事情即可,多可的话可以全部写在该文件里面,也可以像task那样分开来写,通过include引入一样的可以。在task调用notify时直接写与handlers名字对应即可(二者必须高度一直)。
4.模板文件一样放在templates目录下即可,task调用的时候直接写文件名字即可,会自动去到templates里面找。注意:如果是一个角色调用另外一个角色的单个task时候,那么task中如果有些模板或者文件,就得写绝对路径了。
=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
- 查看对方的内存大小情况,可以看到,之前的内存大小默认是64,此时已经有所改变:
```shell
[root@ansibleplaybook]#ansible apps -a "cat /etc/sysconfig/memcached"
192.168.34.103 | CHANGED | rc=0 >>
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="496"
OPTIONS=""
192.168.34.105 | CHANGED | rc=0 >>
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="244"
OPTIONS=""
8. Ansible roles总结
1.编写任务(task)的时候,里面不需要写需要执行的主机,单纯的写某个任务是干什么的即可,装软件的就是装软件的,启动的就是启动的。单独做某一件事即可,最后通过main.yml将这些单独的任务安装执行顺序include进来即可,这样方便维护且一目了然。
2.定义变量时候直接安装k:v格式将变量写在vars/main.yml文件即可,然后task或者template直接调用即可,会自动去vars/main.yml文件里面去找。
3.定义handlers时候,直接在handlers/main.yml文件中写需要做什么事情即可,多可的话可以全部写在该文件里面,也可以像task那样分开来写,通过include引入一样的可以。在task调用notify时直接写与handlers名字对应即可(二者必须高度一直)。
4.模板文件一样放在templates目录下即可,task调用的时候直接写文件名字即可,会自动去到templates里面找。注意:如果是一个角色调用另外一个角色的单个task时候,那么task中如果有些模板或者文件,就得写绝对路径了。