CentOS Ansible剧本playbook

Ansible剧本playbook

什么是playbook

playbook：剧本，兵书之意

playbook是由什么组成

• play：定义主机和角色(主角，配角定义)
• task：任务(角色的台词和动作)

在playbook中一个play可以由多个task组成

playbook语法：

yml语法

• 缩进：每一个层级，都要缩进两个空格
• 冒号：除了以冒号结尾的内容，冒号后面都要加一个空格
• 横杠：横杠后面要有空格(Python列表数据类型)

-hosts: web_group				## play部分,指定要执行的主机
  remote_user: root				## 以root身份执行(默认)
  tasks:						## 定义任务
  - name: install httpd and php	## 给任务起名
    yum:						## 模块
      - httpd					## 动作
      - php
  - name: configure httpd conf
    copy:
      src: /root/web/httpd.conf
      dest: /etc/httpd/conf

## ansible 写playbook后缀 .yml 或者 .yaml
## saltstack 写sls文件 后缀 .sls

playbook小练习

安装httpd

## 1.创建工作目录
[root@m01 ~]# mkdir /root/ansible

## 2.编写httpd剧本
[root@m01 ansible]# vim httpd.yml
- hosts: web_group
  tasks:
  - name: Install  httpd
    yum:
      name: httpd
      state: present

## 3.执行剧本
[root@m01 ansible]# ansible-playbook httpd.yml

## 4.检测剧本语法
[root@m01 ansible]# ansible-playbook --syntax-check httpd.yml

## 测试执行
[root@m01 ansible]# ansible-playbook -C httpd.yml

启动httpd并加入开机自启

[root@m01 ansible]# vim httpd.yml 
- hosts: web_group
  tasks:
  - name: Install  httpd
    yum:
      name: httpd
      state: present

  - name: Start httpd Service
    service:
      name: httpd
      state: started
      enabled: true

编写http前端页面

- hosts: web_group
  tasks:
  - name: Install  httpd
    yum:
      name: httpd
      state: present

  - name: Start httpd Service
    service:
      name: httpd
      state: started
      enabled: true

- hosts: web_group
  tasks:
  - name: Set Web Index
    copy: 
      content: "wsh_http_web"
      dest: /var/www/html/index.html

不同的主机配置不同的网站

目前来说，想要根据不同主机配置不同的网站，我们可以使用多个play的方式，但是在生产环境中，我们需要写循环，来满足我们的需求，多个play了解即可

[root@m01 ansible]# vim httpd.yml 
- hosts: web_group
  tasks:
  - name: Install  httpd
    yum:
      name: httpd
      state: present

  - name: Start httpd Service
    service:
      name: httpd
      state: started
      enabled: true

- hosts: web01
  tasks:
  - name: Set Web01 Index
    copy: 
      content: "wsh_http_web01"
      dest: /var/www/html/index.html

- hosts: web02
  tasks:
  - name: Set Web02 Index
    copy:
      content: "wsh_http_web02"
      dest: /var/www/html/index.html

playbook实战

1.部署nfs 2.部署rsync 3.nginx 要做共享存储 4.部署wordpress

环境

[root@m01 ansible]# cat wordpress.yml 
- hosts: web_group
  tasks:
  - name: stop firewalld
    service:
      name: firewalld

  - name: yum_repository nginx
    yum_repository:
      name: nginx-stble
      description: "nginx stable repo"
      baseurl: http://nginx.org/packages/centos/$releasever/$basearch/
      enabled: true
      gpgcheck: false 
      file: nginx
 
  - name: yum_repository php
    yum_repository:
      name: php-webtatic
      description: PHP Repository
      baseurl: http://us-east.repo.webtatic.com/yum/el7/x86_64/
      gpgcheck: false
      enabled: true
      file: php
 
  - name: remove php
    yum:
      name:
        - php-mysql-5.4
        - php
        - php-fpm
        - php-common
      state: absent

  - name: install nginx php
    yum:
      name:
        - nginx
        - php71w
        - php71w-cli
        - php71w-common
        - php71w-devel
        - php71w-embedded
        - php71w-gd
        - php71w-mcrypt
        - php71w-mbstring
        - php71w-pdo
        - php71w-xml
        - php71w-fpm
        - php71w-mysqlnd
        - php71w-opcache
        - php71w-pecl-memcached
        - php71w-pecl-redis
        - php71w-pecl-mongodb
      state: present

  - name : groupadd
    group:
      name: www
      gid: '666'

  - name: adduser
    user:
      name: www
      uid: '666'
      group: '666'
      shell: /sbin/nologin
      create_home: false

  - name: copy_file
    copy:
      src: /etc/nginx/conf.d/blog.wsh.com
      dest: /etc/nginx/conf.d/
  
  - name: copy_file2
    copy:
      src: /etc/php-fpm.d/www.conf
      dest: /etc/php-fpm.d/www.conf

  - name: copy_file3
    copy:
      src: /etc/nginx/nginx.conf
      dest: /etc/nginx/nginx.conf

  - name: directory_file
    file:
      path: /blog
      owner: www
      group: www
      state: directory

  - name: chown_shm
    file: 
      path: /dev/shm
      owner: www
      group: www 

  - name: servicer_php
    service:
      name: php-fpm
      state: started
        
  - name: servicer_nginx
    service:
      name: nginx 
      state: started

  - name: get_url
    get_url:
      url: https://cn.wordpress.org/latest-zh_CN.tar.gz
      dest: /blog

  - name: unarchive
    unarchive:
      remote_src: true
      src: /blog/wordpress-6.0-zh_CN.tar.gz
      dest: /blog
      owner: www
      group: www

  - name: servicer_php
    service:
      name: php-fpm
      state: restarted

  - name: servicer_nginx
    service:
      name: nginx
      state: restarted 

  - name: install_nfs
    yum:
      name: nfs-utils

- hosts: nfs_group
  tasks:
  - name: install_nfs
    yum:
      name: nfs-utils

  - name: copy_expores
    copy:
      dest: /etc/exports
      content: "/data 172.16.1.0/24(rw,sync,anonuid=666,anongid=666,all_squash)"

  - name: groupadd
    group:
      name: www
      gid: '666'

  - name: adduser
    user:
      name: www
      uid: '666'
      group: '666'

  - name: mkdir_directory
    file:
      path: /data
      owner: www
      group: www
      state: directory
      mode: 0755 

- hosts: web_group
  tasks:

  - name: mount_data
    mount:
      path: /blog/wordpress/wp-content/uploads/
      src: 172.16.1.31:/data
      fstype: nfs
      state: mounted 

- hosts: db_group
  tasks:
  - name: install mariadb
    yum:
      name:
        - mariadb-server
        - MySQL-python
      state: present  

  - name: service_mysql
    service:
      name: mariadb
      state: started
      enabled: true