Ansible Role 详解
Roles介绍
-
ansible自1.2版本引入的新特性,用于层次性、结构化地组织playbook。roles能够根据层次型结构自动装载变量文件、tasks以及handlers等。要使用roles只需要在playbook中使用include指令引入即可。 - 简单来讲,
roles就是通过分别将变量、文件、任务、模板及处理器放置于单独的目录中,并可以便捷的include它们的一种机制。 - 角色一般用于基于主机构建服务的场景中,但也可以是用于构建守护进程等场景中。主要使用场景代码复用度较高的情况下。
1. Roles目录
1.1 roles 目录结构
1.2 roles 目录含义
roles: <--所有的角色必须放在roles目录下,这个目录可以自定义位置,默认的位置在/etc/ansible/roles
project: <---具体的角色项目名称,比如nginx、tomcat、php
files: <--用来存放由copy模块或script模块调用的文件。
templates: <--用来存放jinjia2模板,template模块会自动在此目录中寻找jinjia2模板文件。
tasks: <--此目录应当包含一个main.yml文件,用于定义此角色的任务列表,此文件可以使用include包含其它的位于此目录的task文件。
main.yml
handlers: <--此目录应当包含一个main.yml文件,用于定义此角色中触发条件时执行的动作。
main.yml
vars: <--此目录应当包含一个main.yml文件,用于定义此角色用到的变量。
main.yml
defaults: <--此目录应当包含一个main.yml文件,用于为当前角色设定默认变量。
main.yml
meta: <--此目录应当包含一个main.yml文件,用于定义此角色的特殊设定及其依赖关系。
main.yml2. 创建httpd服务的roles(角色)
- 新建文件夹,具体文件夹如下:
[root@ansibleplaybook]# mkdir roles
[root@ansibleplaybook]# mkdir roles/{httpd,nginx,mysql}
[root@ansibleplaybook]# mkdir roles/{httpd,nginx,mysql}/{tasks,files,templates,handlers,vars}- 复制本地的httpd.conf文件,当做实验备用:
$ cp /etc/httpd/conf/httpd.conf files/- 查看具体的文件结构:
[root@ansibleplaybook]#tree roles/
roles/
├── httpd
│ ├── files
│ │ └── httpd.conf
│ ├── handlers
│ ├── tasks
│ │ ├── config.yml
│ │ ├── group.yml
│ │ ├── install.yml
│ │ ├── main.yml
│ │ ├── service.yml
│ │ └── user.yml
│ ├── templates
│ └── vars
├── mysql
│ ├── files
│ ├── handlers
│ ├── tasks
│ ├── templates
│ └── vars
└── nginx
├── files
├── handlers
├── tasks
├── templates
└── vars- 编写httpd目录下tasks目录文件内容:
- 创建将文件复制到对方主机上的文件:
[root@ansibletasks]#vim config.yml
- name: config file
copy: src=httpd.conf dest=/etc/httpd/conf backup=yes- 创建用户:
[root@ansibletasks]#vim group.yml
- name: create group
group: name=apache system=yes gid=80- 创建安装配置文件:
[root@ansibletasks]#vim install.yml
- name: install package
yum: name=httpd- 创建服务的文件:
[root@ansibletasks]#vim service.yml
- name: service
service: name=httpd state=started enabled=yes- 创建用户文件:
[root@ansibletasks]#cat user.yml
- name: create user
user: name=apache group=apache uid=80 shell=/sbin/nologin home=/usr/share/httpd system=yes- 将所有的文件关联起来,并按顺序排列:
[root@ansibletasks]#cat main.yml
- include: group.yml
- include: user.yml
- include: install.yml
- include: config.yml
- include: service.yml- 将httpd.conf配置文件的端口修改为9527:
[root@ansibleroles]#vim httpd/files/httpd.conf
Listen 9527- 编写playbook剧本,用来调用httpd整个目录下的内容:
[root@ansibleplaybook]#vim httpd_roles.yml
- hosts: webs
remote_user: root
roles:
- role: httpd- 编写一个网站文件,并在屏幕上显示,验证当前的信息:
[root@ansibleroles]#vim httpd/files/index.html
<h1>welcome to beijing!</h1>- 将创建的index.html数据复制到/var/www/html目录下,相当于是给页面准备一个文件:
[root@ansibleroles]#vim httpd/tasks/data.yml
- name: data file
copy: src=index.html dest=/var/www/html/- 将创建的数据放到main.yml文件中,按顺序进行执行:
[root@ansibleroles]#vim httpd/tasks/main.yml
- include: group.yml
- include: user.yml
- include: install.yml
- include: config.yml
- include: service.yml
- include: data.yml- 查看当前创建的目录文件结构:
[root@ansibleplaybook]#tree roles/httpd
roles/httpd
├── files
│ ├── httpd.conf
│ └── index.html
├── handlers
├── tasks
│ ├── config.yml
│ ├── data.yml
│ ├── group.yml
│ ├── install.yml
│ ├── main.yml
│ ├── service.yml
│ └── user.yml
├── templates
└── vars- 执行playbook
[root@ansibleplaybook]#ansible-playbook httpd_roles.yml
PLAY [webs] **********************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************
ok: [192.168.34.103]
TASK [httpd : create group] ******************************************************************************************
ok: [192.168.34.103]
TASK [httpd : create user] *******************************************************************************************
ok: [192.168.34.103]
TASK [httpd : install package] ***************************************************************************************
ok: [192.168.34.103]
TASK [httpd : config file] *******************************************************************************************
ok: [192.168.34.103]
TASK [httpd : service] ***********************************************************************************************
ok: [192.168.34.103]
PLAY RECAP ***********************************************************************************************************
192.168.34.103 : ok=6 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0- 查看httpd端口开启情况:
[root@ansibleplaybook]#ansible webs -a "ss -nlt"
192.168.34.103 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 50 *:139 *:*
LISTEN 0 128 *:82 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 50 *:445 *:*
LISTEN 0 50 :::139 :::*
LISTEN 0 128 :::80 :::*
LISTEN 0 32 :::21 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 128 :::9527 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 50 :::445 :::*- 查看网页信息打开情况:
3. 创建nginx服务的roles(角色):
- 将之前httpd做实验的子目录文件都复制一份到nginx目录下:
[root@ansibleplaybook]#cd roles/
[root@ansibleroles]#ls
httpd mysql
[root@ansibleroles]#rm -rf nginx/
[root@ansibleroles]#cp -r httpd/ nginx- 将roles/nginx/tasks/main.yml文件顺序进行修改:
[root@ansibleplaybook]#vim roles/nginx/tasks/main.yml
- include: install.yml
- include: config.yml
- include: service.yml- 删除多余的tasks目录下的文件:
[root@ansiblenginx]#cd tasks/
[root@ansibletasks]#ls
config.yml data.yml group.yml install.yml main.yml service.yml user.yml
[root@ansibletasks]#rm -rf group.yml user.yml- 修改config.yml配置文件,使用template模板形式进行修改:
[root@ansibletasks]#vim config.yml
- name: config file
template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf- 将本地已安装好的nginx的nginx.conf配置文件复制到template目录下,起名叫nginx.conf.j2
[root@ansiblenginx]#yum install nginx -y
[root@ansiblenginx]#cp /etc/nginx/nginx.conf templates/nginx.conf.j2- 修改nginx/templates/nginx.conf.j2配置文件的CPU内核:
[root@ansibletemplates]#vim nginx.conf.j2
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes {{ansible_processor_count**3}};- 跨角色调用httpd服务文件内容:
[root@ansiblenginx]#vim tasks/data.yml
- name: data
copy: src=roles/httpd/files/index.html dest=/usr/share/nginx/html/- 将data.yml放入到main.yml文件中、安装的nginx软件名称修改,以及要启动的服务名称修改:
[root@ansiblenginx]#vim tasks/main.yml
- include: install.yml
- include: config.yml
- include: service.yml
- include: data.yml
[root@ansiblenginx]#vim tasks/install.yml 将安装的nginx文件名修改
- name: install package
yum: name=nginx
[root@ansiblenginx]#vim tasks/service.yml 将启动的服务名称修改
- name: service
service: name=nginx state=started enabled=yes- 最后在playbook目录下创建nginx_rolee.yml配置文件(跟roles目录平级):
[root@ansibleplaybook]#vim nginx_roles.yml
- hosts: webs
remote_user: root
roles:
- role: nginx
- role: httpd- 执行playbook
[root@ansibleplaybook]#ansible-playbook nginx_roles.yml 执行剧本
[root@ansibleplaybook]#ansible webs -a "ss -nlt" 查看当前的端口执行情况:80和9527端口都已打开
192.168.34.103 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 50 *:139 *:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 50 *:445 *:*
LISTEN 0 50 :::139 :::*
LISTEN 0 128 :::80 :::*
LISTEN 0 32 :::21 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 128 :::9527 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 50 :::445 :::*- 此时用nginx服务默认的80端口已经可以打开网页,已经实现了跨角色调用文件:
4. 如果触发notify和handlers两个角色,可以修改相关文件,具体如下:
[root@ansibleplaybook]#vim roles/nginx/tasks/config.yml
- name: config file
template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf
notify: restart 此处的名称要和handlers一致<br>
[root@ansibleplaybook]#vim roles/nginx/handlers/main.yml<br>
- name: restart
service: name=nginx state=restarted- 为了验证重启效果,此时我们可以将nginx.conf.j2配置文件的端口修改为8080:
root@ansibleplaybook]#vim roles/nginx/templates/nginx.conf.j2
server {
listen 8080 default_server;- 执行playbook
[root@ansibleplaybook]#ansible-playbook nginx_roles.yml
PLAY [webs] **********************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************
ok: [192.168.34.103]
TASK [nginx : install package] ***************************************************************************************
ok: [192.168.34.103]
TASK [nginx : config file] *******************************************************************************************
changed: [192.168.34.103]
TASK [nginx : service] ***********************************************************************************************
ok: [192.168.34.103]
TASK [nginx : data] **************************************************************************************************
ok: [192.168.34.103]
TASK [httpd : create group] ******************************************************************************************
ok: [192.168.34.103]
TASK [httpd : create user] *******************************************************************************************
ok: [192.168.34.103]
TASK [httpd : install package] ***************************************************************************************
ok: [192.168.34.103]
TASK [httpd : config file] *******************************************************************************************
ok: [192.168.34.103]
TASK [httpd : service] ***********************************************************************************************
ok: [192.168.34.103]
TASK [httpd : data file] *********************************************************************************************
ok: [192.168.34.103]
RUNNING HANDLER [nginx : restart] ************************************************************************************
changed: [192.168.34.103]
PLAY RECAP ***********************************************************************************************************
192.168.34.103 : ok=12 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0- 查看当前运行结果,此时的控制的机器nginx端口打开的是8080:
[root@ansibleplaybook]#ansible webs -a "ss -nlt"
192.168.34.103 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 50 *:139 *:*
LISTEN 0 128 *:8080 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 50 *:445 *:*
LISTEN 0 50 :::139 :::*
LISTEN 0 128 :::80 :::*
LISTEN 0 32 :::21 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 128 :::9527 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 50 :::445 :::*- 下来,我们添加变量格式:
[root@ansibleplaybook]#vim roles/nginx/vars/main.yml
username: daemon- 将roles/nginx/templates/nginx.conf.j2配置文件的名称修改:
[root@ansibleplaybook]#vim roles/nginx/templates/nginx.conf.j2
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user {{username}};- 执行playbook
[root@ansibleplaybook]#ansible-playbook nginx_roles.yml
PLAY [webs] **********************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************
ok: [192.168.34.103]
TASK [nginx : install package] ***************************************************************************************
ok: [192.168.34.103]
TASK [nginx : config file] *******************************************************************************************
changed: [192.168.34.103]
TASK [nginx : service] ***********************************************************************************************
ok: [192.168.34.103]
TASK [nginx : data] **************************************************************************************************
ok: [192.168.34.103]
TASK [httpd : create group] ******************************************************************************************
ok: [192.168.34.103]
TASK [httpd : create user] *******************************************************************************************
ok: [192.168.34.103]
TASK [httpd : install package] ***************************************************************************************
ok: [192.168.34.103]
TASK [httpd : config file] *******************************************************************************************
ok: [192.168.34.103]
TASK [httpd : service] ***********************************************************************************************
ok: [192.168.34.103]
TASK [httpd : data file] *********************************************************************************************
ok: [192.168.34.103]
RUNNING HANDLER [nginx : restart] ************************************************************************************
changed: [192.168.34.103]
PLAY RECAP ***********************************************************************************************************
192.168.34.103 : ok=12 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0- 查看当前的nginx的名称,此时已经修改为daemon:
[root@ansibleplaybook]#ansible webs -a "ps aux | grep nginx"
192.168.34.103 | CHANGED | rc=0 >>
root 25536 0.0 0.1 120796 2092 ? Ss 10:47 0:00 nginx: master process /usr/sbin/nginx
daemon 25537 0.0 0.1 121180 3124 ? S 10:47 0:00 nginx: worker process
root 25602 0.0 0.0 113176 1216 pts/1 S+ 10:48 0:00 /bin/sh -c ps aux | grep nginx
root 25604 0.0 0.0 112708 960 pts/1 R+ 10:48 0:00 grep nginx5. 实现条件判断调用角色:
[root@ansibleplaybook]#vim roles/httpd/tasks/config.yml
- name: config file1
template: src=httpd6.conf.j2 dest=/etc/httpd/conf/httpd.conf backup=yes
when: ansible_distribution_major_version=="6"
- name: config file2
template: src=httpd7.conf.j2 dest=/etc/httpd/conf/httpd.conf backup=yes
when: ansible_distribution_major_version=="7"- 将安装好的centos6和centos7的httpd配置文件复制到roles/httpd/templates/目录下,文件名后缀都是以.j2结尾:
[root@centos6~]#scp /etc/httpd/conf/httpd.conf 192.168.34.101:/root/playbook/roles/httpd/templates/httpd6.conf.j2
root@192.168.34.101's password:
httpd.conf 100% 34KB 33.6KB/s 00:00- 将centos7的httpd.conf配置文件也放在roles/httpd/templates/目录下,起名以j2结尾:
[root@ansibleplaybook]#cp /etc/httpd/conf/httpd.conf roles/httpd/templates/httpd7.conf.j2- 修改当前的http_roles.yml配置文件,里边的apps组才有centos6和7的版本:
[root@ansibleplaybook]#vim http_roles.yml
- hosts: apps
remote_user: root
roles:
- role: httpd- 执行playbook剧本:
[root@ansibleplaybook]#ansible-playbook http_roles.yml
PLAY [apps] **********************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************
ok: [192.168.34.103]
ok: [192.168.34.105]
TASK [httpd : create group] ******************************************************************************************
ok: [192.168.34.103]
ok: [192.168.34.105]
TASK [httpd : create user] *******************************************************************************************
ok: [192.168.34.103]
ok: [192.168.34.105]
TASK [httpd : install package] ***************************************************************************************
changed: [192.168.34.105]
changed: [192.168.34.103]
TASK [httpd : config file1] ******************************************************************************************
skipping: [192.168.34.103]
changed: [192.168.34.105]
TASK [httpd : config file2] ******************************************************************************************
skipping: [192.168.34.105]
changed: [192.168.34.103]
TASK [httpd : service] ***********************************************************************************************
changed: [192.168.34.103]
changed: [192.168.34.105]
TASK [httpd : data file] *********************************************************************************************
ok: [192.168.34.103]
ok: [192.168.34.105]
PLAY RECAP ***********************************************************************************************************
192.168.34.103 : ok=7 changed=3 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
192.168.34.105 : ok=7 changed=3 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0- 查看安装好后的httpd运行结果:
[root@ansibleplaybook]#ansible apps -a "ss -nltp"
192.168.34.103 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 50 *:139 *:* users:(("smbd",pid=6721,fd=36))
LISTEN 0 128 *:80 *:* users:(("httpd",pid=27209,fd=3),("httpd",pid=27208,fd=3),("httpd",pid=27207,fd=3),("httpd",pid=27206,fd=3),("httpd",pid=27205,fd=3),("httpd",pid=27204,fd=3))
LISTEN 0 128 *:8080 *:* users:(("nginx",pid=25537,fd=6),("nginx",pid=25536,fd=6))
LISTEN 0 128 *:22 *:* users:(("sshd",pid=6719,fd=3))
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=6818,fd=13))
LISTEN 0 50 *:445 *:* users:(("smbd",pid=6721,fd=35))
LISTEN 0 50 :::139 :::* users:(("smbd",pid=6721,fd=34))
LISTEN 0 128 :::80 :::* users:(("nginx",pid=25537,fd=7),("nginx",pid=25536,fd=7))
LISTEN 0 32 :::21 :::* users:(("vsftpd",pid=6718,fd=4))
LISTEN 0 128 :::22 :::* users:(("sshd",pid=6719,fd=4))
LISTEN 0 100 ::1:25 :::* users:(("master",pid=6818,fd=14))
LISTEN 0 50 :::445 :::* users:(("smbd",pid=6721,fd=33))
192.168.34.105 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:6010 *:* users:(("sshd",5804,7))
LISTEN 0 128 ::1:6010 :::* users:(("sshd",5804,6))
LISTEN 0 128 :::43999 :::* users:(("rpc.statd",1781,10))
LISTEN 0 128 :::111 :::* users:(("rpcbind",1674,11))
LISTEN 0 128 *:111 *:* users:(("rpcbind",1674,8))
LISTEN 0 128 *:58740 *:* users:(("rpc.statd",1781,8))
LISTEN 0 128 :::22 :::* users:(("sshd",2079,4))
LISTEN 0 128 *:22 *:* users:(("sshd",2079,3))
LISTEN 0 128 :::87 :::* users:(("httpd",8981,6),("httpd",9097,6),("httpd",9098,6),("httpd",9099,6),("httpd",9100,6),("httpd",9101,6),("httpd",9102,6),("httpd",9103,6),("httpd",9104,6))
LISTEN 0 64 :::23 :::* users:(("xinetd",2103,5))
LISTEN 0 128 127.0.0.1:631 *:* users:(("cupsd",1826,7))
LISTEN 0 128 ::1:631 :::* users:(("cupsd",1826,6))
LISTEN 0 100 ::1:25 :::* users:(("master",2209,13))
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",2209,12))6. 使用标签实现playbook角色调用:
[root@ansibleplaybook]#vim all_roles.yml
- hosts: all
remote_user: root
roles:
- {role: httpd,tags: ["httpd","web"]} 将两个服务整体作为一个字典,然后贴上标签:
- {role: nginx,tags: ["nginx","web"]}
- {role: mysql,tags: db}- 执行标签的其中一个playbook内容:
[root@ansibleplaybook]#ansible-playbook -t httpd all_roles.yml
PLAY [all] ***********************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************
ok: [192.168.34.103]
ok: [192.168.34.105]
TASK [httpd : create group] ******************************************************************************************
ok: [192.168.34.103]
ok: [192.168.34.105]
TASK [httpd : create user] *******************************************************************************************
ok: [192.168.34.103]
ok: [192.168.34.105]
TASK [httpd : install package] ***************************************************************************************
changed: [192.168.34.103]
changed: [192.168.34.105]
TASK [httpd : config file1] ******************************************************************************************
skipping: [192.168.34.103]
changed: [192.168.34.105]
TASK [httpd : config file2] ******************************************************************************************
skipping: [192.168.34.105]
changed: [192.168.34.103]
TASK [httpd : service] ***********************************************************************************************
changed: [192.168.34.103]
changed: [192.168.34.105]
TASK [httpd : data file] *********************************************************************************************
ok: [192.168.34.103]
ok: [192.168.34.105]
PLAY RECAP ***********************************************************************************************************
192.168.34.103 : ok=7 changed=3 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
192.168.34.105 : ok=7 changed=3 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0- 查看执行后的内容:
[root@ansibleplaybook]#ansible all -a "ss -nlt"
192.168.34.103 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 50 *:139 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 50 *:445 *:*
LISTEN 0 50 :::139 :::*
LISTEN 0 128 :::80 :::*
LISTEN 0 32 :::21 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 50 :::445 :::*
192.168.34.105 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:6010 *:*
LISTEN 0 128 ::1:6010 :::*
LISTEN 0 128 :::43999 :::*
LISTEN 0 128 :::111 :::*
LISTEN 0 128 *:111 *:*
LISTEN 0 128 *:58740 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 :::87 :::*
LISTEN 0 64 :::23 :::*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 128 ::1:631 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 100 127.0.0.1:25 *:*- 执行web标签的playbook,就会将定义标签的httpd和nginx两个文件都执行:
[root@ansibleplaybook]#ansible-playbook -t web all_roles.yml
PLAY [apps] **********************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************
ok: [192.168.34.103]
ok: [192.168.34.105]
TASK [httpd : create group] ******************************************************************************************
ok: [192.168.34.103]
ok: [192.168.34.105]
TASK [httpd : create user] *******************************************************************************************
ok: [192.168.34.103]
ok: [192.168.34.105]
TASK [httpd : install package] ***************************************************************************************
changed: [192.168.34.103]
changed: [192.168.34.105]
TASK [httpd : config file1] ******************************************************************************************
skipping: [192.168.34.103]
changed: [192.168.34.105]
TASK [httpd : config file2] ******************************************************************************************
skipping: [192.168.34.105]
changed: [192.168.34.103]
TASK [httpd : service] ***********************************************************************************************
changed: [192.168.34.103]
changed: [192.168.34.105]
TASK [httpd : data file] *********************************************************************************************
ok: [192.168.34.103]
ok: [192.168.34.105]
TASK [nginx : install package] ***************************************************************************************
changed: [192.168.34.105]
changed: [192.168.34.103]
TASK [nginx : config file] *******************************************************************************************
changed: [192.168.34.103]
changed: [192.168.34.105]
TASK [nginx : service] ***********************************************************************************************
changed: [192.168.34.105]
changed: [192.168.34.103]
TASK [nginx : data] **************************************************************************************************
changed: [192.168.34.103]
changed: [192.168.34.105]
RUNNING HANDLER [nginx : restart] ************************************************************************************
changed: [192.168.34.103]
changed: [192.168.34.105]
PLAY RECAP ***********************************************************************************************************
192.168.34.103 : ok=12 changed=8 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
192.168.34.105 : ok=12 changed=8 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0- 查看执行结果的状态:
[root@ansibleplaybook]#ansible apps -a "ss -nlpt"
192.168.34.103 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 50 *:139 *:* users:(("smbd",pid=6721,fd=36))
LISTEN 0 128 *:8080 *:* users:(("nginx",pid=38028,fd=6),("nginx",pid=38027,fd=6))
LISTEN 0 128 *:22 *:* users:(("sshd",pid=6719,fd=3))
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=6818,fd=13))
LISTEN 0 50 *:445 *:* users:(("smbd",pid=6721,fd=35))
LISTEN 0 50 :::139 :::* users:(("smbd",pid=6721,fd=34))
LISTEN 0 32 :::21 :::* users:(("vsftpd",pid=6718,fd=4))
LISTEN 0 128 :::22 :::* users:(("sshd",pid=6719,fd=4))
LISTEN 0 100 ::1:25 :::* users:(("master",pid=6818,fd=14))
LISTEN 0 128 :::90 :::* users:(("nginx",pid=38028,fd=7),("nginx",pid=38027,fd=7))
LISTEN 0 50 :::445 :::* users:(("smbd",pid=6721,fd=33))
LISTEN 0 128 :::99 :::* users:(("httpd",pid=37535,fd=4),("httpd",pid=37534,fd=4),("httpd",pid=37533,fd=4),("httpd",pid=37532,fd=4),("httpd",pid=37531,fd=4),("httpd",pid=37530,fd=4))
192.168.34.105 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:6010 *:* users:(("sshd",5804,7))
LISTEN 0 128 ::1:6010 :::* users:(("sshd",5804,6))
LISTEN 0 128 :::43999 :::* users:(("rpc.statd",1781,10))
LISTEN 0 128 :::111 :::* users:(("rpcbind",1674,11))
LISTEN 0 128 *:111 *:* users:(("rpcbind",1674,8))
LISTEN 0 128 *:58740 *:* users:(("rpc.statd",1781,8))
LISTEN 0 128 :::8181 :::* users:(("httpd",20990,6),("httpd",21802,6),("httpd",21803,6),("httpd",21804,6),("httpd",21805,6),("httpd",21806,6),("httpd",21807,6),("httpd",21808,6),("httpd",21809,6))
LISTEN 0 128 :::22 :::* users:(("sshd",2079,4))
LISTEN 0 128 *:22 *:* users:(("sshd",2079,3))
LISTEN 0 64 :::23 :::* users:(("xinetd",2103,5))
LISTEN 0 128 127.0.0.1:631 *:* users:(("cupsd",1826,7))
LISTEN 0 128 ::1:631 :::* users:(("cupsd",1826,6))
LISTEN 0 100 ::1:25 :::* users:(("master",2209,13))
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",2209,12))7. 做一个memcached小实验:
目的:是为了定义当前缓存服务器在内存中占比,应该设置多大?
- 安装memcached:
[root@ansibleplaybook]#yum install memcached -y
[root@ansibleplaybook]#cat /etc/sysconfig/memcached
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64" 当前的缓存大小
OPTIONS=""- 定义memcached角色:
[root@ansibleroles]#cd roles
[root@ansibleroles]#cp httpd/ memcached -r 将httpd服务复制memcached,在里边进行修改- 删除之前指定的httpd相关文件:
[root@ansibletasks]#cd roles/memcached/tasks
[root@ansibletasks]#rm -f data.yml user.yml group.yml 删除不需要的文件
[root@ansiblememcached]#cp /etc/sysconfig/memcached templates/memcached.j2 复制memcached到templates目录下,起名叫memcached.j2
[root@ansiblememcached]#vim templates/memcache.j2 修改memcached相关配置
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="{{ansible_memtotal_mb//4}}" 将变量进行整除。
OPTIONS=""- 修改配置文件:
[root@ansiblememcached]#vim tasks/config.yml
- name: config file1
template: src=memcached.j2 dest=/etc/sysconfig/memcached backup=yes- 修改main.yml配置文件:
[root@ansiblememcached]#vim tasks/main.yml
- include: install.yml
- include: config.yml
- include: service.yml- 修改安装配置文件
[root@ansiblememcached]#vim tasks/install.yml
- name: install package
yum: name=memcached- 配置启动服务文件:
[root@ansiblememcached]#vim tasks/service.yml
- name: service
service: name=memcached state=started enabled=yes- 然后在playbook目录下创建一个roles角色playbook剧本:
[root@ansibleplaybook]#vim test_memcached.yml
- hosts: apps
remote_user: root
roles:
- role: memcached- 然后将centos6和centos7的内存大小分别调整为3G和2G,执行playbook:
[root@ansibleplaybook]#ansible-playbook test_memcached.yml
PLAY [apps] **********************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************
ok: [192.168.34.103]
ok: [192.168.34.105]
TASK [memcached : install package] ***********************************************************************************
ok: [192.168.34.103]
changed: [192.168.34.105]
TASK [memcached : config file1] **************************************************************************************
changed: [192.168.34.103]
changed: [192.168.34.105]
TASK [memcached : service] *******************************************************************************************
changed: [192.168.34.105]
changed: [192.168.34.103]
PLAY RECAP ***********************************************************************************************************
192.168.34.103 : ok=4 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.34.105 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0- 查看对方的内存大小情况,可以看到,之前的内存大小默认是64,此时已经有所改变:
[root@ansibleplaybook]#ansible apps -a "cat /etc/sysconfig/memcached"
192.168.34.103 | CHANGED | rc=0 >>
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="496"
OPTIONS=""
192.168.34.105 | CHANGED | rc=0 >>
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="244"
OPTIONS=""8. Ansible roles总结
1.编写任务(task)的时候,里面不需要写需要执行的主机,单纯的写某个任务是干什么的即可,装软件的就是装软件的,启动的就是启动的。单独做某一件事即可,最后通过main.yml将这些单独的任务安装执行顺序include进来即可,这样方便维护且一目了然。
2.定义变量时候直接安装k:v格式将变量写在vars/main.yml文件即可,然后task或者template直接调用即可,会自动去vars/main.yml文件里面去找。
3.定义handlers时候,直接在handlers/main.yml文件中写需要做什么事情即可,多可的话可以全部写在该文件里面,也可以像task那样分开来写,通过include引入一样的可以。在task调用notify时直接写与handlers名字对应即可(二者必须高度一直)。
4.模板文件一样放在templates目录下即可,task调用的时候直接写文件名字即可,会自动去到templates里面找。注意:如果是一个角色调用另外一个角色的单个task时候,那么task中如果有些模板或者文件,就得写绝对路径了。
=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
- 查看对方的内存大小情况,可以看到,之前的内存大小默认是64,此时已经有所改变:
```shell
[root@ansibleplaybook]#ansible apps -a "cat /etc/sysconfig/memcached"
192.168.34.103 | CHANGED | rc=0 >>
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="496"
OPTIONS=""
192.168.34.105 | CHANGED | rc=0 >>
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="244"
OPTIONS=""8. Ansible roles总结
1.编写任务(task)的时候,里面不需要写需要执行的主机,单纯的写某个任务是干什么的即可,装软件的就是装软件的,启动的就是启动的。单独做某一件事即可,最后通过main.yml将这些单独的任务安装执行顺序include进来即可,这样方便维护且一目了然。
2.定义变量时候直接安装k:v格式将变量写在vars/main.yml文件即可,然后task或者template直接调用即可,会自动去vars/main.yml文件里面去找。
3.定义handlers时候,直接在handlers/main.yml文件中写需要做什么事情即可,多可的话可以全部写在该文件里面,也可以像task那样分开来写,通过include引入一样的可以。在task调用notify时直接写与handlers名字对应即可(二者必须高度一直)。
4.模板文件一样放在templates目录下即可,task调用的时候直接写文件名字即可,会自动去到templates里面找。注意:如果是一个角色调用另外一个角色的单个task时候,那么task中如果有些模板或者文件,就得写绝对路径了。
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
