1、playbook 介绍:

简单的说就是定义一个配置文件,文件中写入你需要安装的服务,配置文件,变量等信息,使他们可以按照事先定义好的机制完成一个任务。

Playbook使用YAML语法结构,所以配置阅读起来都比较简单。

2、playbook 的组成结构:

target section

定义将要执行playbook的远程主机组

variable section

定义playbook运行时需要使用的变量

task section

定义将要在远程主机上执行的任务列表

handler section

定义task执行完成以后需要调用的任务

Target section常用参数
  1. hosts:定义远程主机组
  2. remote_user:执行该任务的用户
  3. sudo: 设置为yes的时候,执行任务的时候使用root权限
  4. sudo_user 如果你设置用户为 lansgg ,那么你执行的时候会使用 lansgg 用户的权限
  5. connection 通过什么方式连接到远程主机,默认是ssh
  6. gather_facks 是否启用在远程主机执行setup模块,默认是会执行的,可用同setup模块获取远程主机的信息,在定义变量的时候使用


Variabler section常用参数
  1. vars  定义格式 变量名:变量值
  2. vars_files  指定变量文件
  3. vars_prompt  用户交互模式自定义变量
  4. setup 模块去远程主机的值


Task section
  1. name:输出到屏幕的信息
  2. action:定义执行的动作调用ansible的模块例如:yum name=http state=installed就是安装apache服务
  3. copy:复制本地文件到远程主机
  4. template:复制本地文件到远程主机但是他可以在本地文件中调用变量
  5. service :定义服务的状态


handler section


可以理解为处理器,已经为 task section 进行调用,为任务列表操作完毕后的后续动作当关注的资源发生变化时执行的操作


playbook 示例一:

编写一个 playbook 剧本文件,安装 httpd 服务,并将本地准备好的配置文件 copy 过去某一个位置,这里示例为 /tmp 下



[root@node1 ansible]# cat http.yml 
- hosts: testservers
  remote_user: root
  tasks:
  - name: instal httpd service
    yum: name=httpd state=present
  - name: copy httpd conf
    copy: src=/etc/httpd/conf/httpd.conf dest=/tmp/httpd.conf
[root@node1 ansible]#



开始执行:



[root@node1 ansible]# ansible-playbook http.yml 

PLAY [testservers] ************************************************************ 

GATHERING FACTS *************************************************************** 
ok: [192.168.100.131]
ok: [192.168.100.132]

TASK: [instal httpd service] ************************************************** 
changed: [192.168.100.131]
changed: [192.168.100.132]

TASK: [copy httpd conf] ******************************************************* 
changed: [192.168.100.131]
changed: [192.168.100.132]

PLAY RECAP ******************************************************************** 
192.168.100.131            : ok=3    changed=2    unreachable=0    failed=0   
192.168.100.132            : ok=3    changed=2    unreachable=0    failed=0   

[root@node1 ansible]# ansible testservers -m shell -a 'ls -l /tmp/httpd*'
192.168.100.132 | success | rc=0 >>
-rw-r--r-- 1 root root 34421 Mar  1 12:17 /tmp/httpd.conf

192.168.100.131 | success | rc=0 >>
-rw-r--r-- 1 root root 34421 Mar  1 12:18 /tmp/httpd.conf

[root@node1 ansible]#



示例 二、

安装 httpd 服务,将本地准备好的配置文件 copy 过去,并且启动服务



[root@node1 ansible]# cat http.yml 
- hosts: testservers
  remote_user: root
  tasks:
  - name: instal httpd service
    yum: name=httpd state=present
  - name: copy httpd conf
    copy: src=/etc/httpd/conf/httpd.conf dest=/etc/httpd/conf/httpd.conf
  - name: start httpd service
    service: name=httpd state=started
    
[root@node1 ansible]# ansible-playbook http.yml 

PLAY [testservers] ************************************************************ 

GATHERING FACTS *************************************************************** 
ok: [192.168.100.131]
ok: [192.168.100.132]

TASK: [instal httpd service] ************************************************** 
changed: [192.168.100.131]
changed: [192.168.100.132]

TASK: [copy httpd conf] ******************************************************* 
changed: [192.168.100.132]
changed: [192.168.100.131]

TASK: [start httpd service] *************************************************** 
changed: [192.168.100.131]
changed: [192.168.100.132]

PLAY RECAP ******************************************************************** 
192.168.100.131            : ok=4    changed=3    unreachable=0    failed=0   
192.168.100.132            : ok=4    changed=3    unreachable=0    failed=0   

[root@node1 ansible]# ansible testservers -m shell -a 'netstat -naptl |grep 8080'
192.168.100.131 | success | rc=0 >>
tcp        0      0 :::8080                     :::*                        LISTEN      4018/httpd          

192.168.100.132 | success | rc=0 >>
tcp        0      0 :::8080                     :::*                        LISTEN      35438/httpd         

[root@node1 ansible]#



示例 三 :

我们将 httpd.conf 监听的端口改为 8090 ,然后重新覆盖配置文件,当这个配置文件发生改变时,就触发 handler 进行服务重启


notify 这个 action可用于在每个play的最后被触发,这样可以避免多次有改变发生时每次都执行指定的操作,notify中列出的操作称为handler,


[root@node1 ansible]# cat http.yml 
- hosts: testservers
  remote_user: root
  tasks:
  - name: instal httpd service
    yum: name=httpd state=present
  - name: copy httpd conf
    copy: src=/etc/httpd/conf/httpd.conf dest=/etc/httpd/conf/httpd.conf
    notify: 
      - restart httpd service
  - name: start httpd service
    service: name=httpd state=started enabled=true
  handlers:
    - name: restart httpd service
      service: name=httpd state=restarted
      
[root@node1 ansible]# ansible-playbook http.yml 

PLAY [testservers] ************************************************************ 

GATHERING FACTS *************************************************************** 
ok: [192.168.100.131]
ok: [192.168.100.132]

TASK: [instal httpd service] ************************************************** 
ok: [192.168.100.131]
ok: [192.168.100.132]

TASK: [copy httpd conf] ******************************************************* 
changed: [192.168.100.132]
changed: [192.168.100.131]

TASK: [start httpd service] *************************************************** 
changed: [192.168.100.131]
changed: [192.168.100.132]

NOTIFIED: [restart httpd service] ********************************************* 
changed: [192.168.100.131]
changed: [192.168.100.132]

PLAY RECAP ******************************************************************** 
192.168.100.131            : ok=5    changed=3    unreachable=0    failed=0   
192.168.100.132            : ok=5    changed=3    unreachable=0    failed=0   

[root@node1 ansible]# ansible testservers -m shell -a 'netstat -nltp |grep 8090'
192.168.100.131 | success | rc=0 >>
tcp        0      0 :::8090                     :::*                        LISTEN      4216/httpd          

192.168.100.132 | success | rc=0 >>
tcp        0      0 :::8090                     :::*                        LISTEN      36215/httpd         

[root@node1 ansible]#




示例 四:

带有 vars 变量 



[root@node1 ansible]# cat http.yml 
- hosts: testservers
  vars:
    src_http_dir: "/etc/httpd"
    dest_http_dir: "/tmp"
  remote_user: root
  tasks:
  - name: copy httpd conf
    copy: src="`src_http_dir`/conf/httpd.conf" dest="`dest_http_dir`/http.conf.ansible"
    
[root@node1 ansible]# ansible-playbook http.yml 

PLAY [testservers] ************************************************************ 

GATHERING FACTS *************************************************************** 
ok: [192.168.100.131]
ok: [192.168.100.132]

TASK: [copy httpd conf] ******************************************************* 
changed: [192.168.100.131]
changed: [192.168.100.132]

PLAY RECAP ******************************************************************** 
192.168.100.131            : ok=2    changed=1    unreachable=0    failed=0   
192.168.100.132            : ok=2    changed=1    unreachable=0    failed=0

[root@node1 ansible]# ansible testservers -m shell -a 'ls -l /tmp/http*'
192.168.100.131 | success | rc=0 >>
-rw-r--r-- 1 root root 34421 Mar  1 13:25 /tmp/http.conf.ansible

192.168.100.132 | success | rc=0 >>
-rw-r--r-- 1 root root 34421 Mar  1 13:25 /tmp/http.conf.ansible

[root@node1 ansible]#




示例 五 :

结合 template 模板,从 setup 模块中获取 变量,替换到模板文件中,我们的模块文件中有两项使用了 setup 中的 facts ,还使用了 vars 设定的变量 分别是ServerName 和 Listen



[root@node1 ansible]# pwd
/etc/ansible
[root@node1 ansible]# grep Listen httpd.conf  |grep -v ^#
Listen `ansible_all_ipv4_addresses`.`0`:`http_port`
[root@node1 ansible]# grep ServerName httpd.conf  |grep -v ^#
ServerName `ansible_nodename`
[root@node1 ansible]#



我们的 yaml 文件



[root@node1 ansible]# cat http.yml 
- hosts: testservers
  vars:
    http_port: 8010
    http_dir: /etc/httpd/conf
  remote_user: root
  tasks:
  - name: copy httpd conf
    template: src=/etc/ansible/httpd.conf dest="`http_dir`/httpd.conf"
    notify:
     - restart httpd service
  handlers:
   - name: restart httpd service
     service: name=httpd state=restarted
[root@node1 ansible]#



执行 playbook



[root@node1 ansible]# ansible-playbook http.yml 

PLAY [testservers] ************************************************************ 

GATHERING FACTS *************************************************************** 
ok: [192.168.100.131]
ok: [192.168.100.132]

TASK: [copy httpd conf] ******************************************************* 
changed: [192.168.100.132]
changed: [192.168.100.131]

NOTIFIED: [restart httpd service] ********************************************* 
changed: [192.168.100.131]
changed: [192.168.100.132]

PLAY RECAP ******************************************************************** 
192.168.100.131            : ok=3    changed=2    unreachable=0    failed=0   
192.168.100.132            : ok=3    changed=2    unreachable=0    failed=0   

[root@node1 ansible]#



查看远程主机的配置文件及监听端口



[root@node1 ansible]# ansible testservers -m shell -a 'netstat -natpl |grep httpd'
192.168.100.131 | success | rc=0 >>
tcp        0      0 192.168.100.131:8010        0.0.0.0:*                   LISTEN      5777/httpd          

192.168.100.132 | success | rc=0 >>
tcp        0      0 192.168.100.132:8010        0.0.0.0:*                   LISTEN      40652/httpd         

[root@node1 ansible]# ansible testservers -m shell -a ' grep ServerName /etc/httpd/conf/httpd.conf |grep -v ^#'
192.168.100.132 | success | rc=0 >>
ServerName 

192.168.100.131 | success | rc=0 >>
ServerName 

[root@node1 ansible]# ansible testservers -m shell -a 'grep Listen /etc/httpd/conf/httpd.conf |grep -v ^#'
192.168.100.132 | success | rc=0 >>
Listen 192.168.100.132:8010

192.168.100.131 | success | rc=0 >>
Listen 192.168.100.131:8010

[root@node1 ansible]#



结果正确。



转载于:https://blog.51cto.com/lansgg/1746354