ansible之setup及roles

setup

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
#查看所有参数
ansible web -m setup

#搜索
ansible web -m setup -a 'filter=*ip*'

#常用参数
ansible_all_ipv4_addresses #所有ipv4地址
ansible_default_ipv4 #默认ipv4地址
ansible_all_ipv6_addresses #所有ipv6地址
ansible_date_time #远程主机时间
ansible_distribution #系统版本
ansible_distribution_major_version #系统版本
ansible_env #系统环境变量
ansible_hostname #系统主机名
ansible_fqdn #系统全名
ansible_machine #系统架构
ansible_memory_mb #系统的内存信息
ansible_os_family #系统家族 Redhat
ansible_pkg_mgr #系统包管理工具 yum
ansible_processor_cores #系统每颗cpu的核数
ansible_processor_count #系统cpu的颗数

条件判断 when

1
2
3
4
5
6
7
8
9
10
11
12
13
#web分组下
#默认ipv4是192.168.7.222 在root目录下创建testipfile文件
#主机名是ebs-13 在root目录下创建test3dir文件夹
cat p1.yml
- hosts: web
  remote_user: root
  tasks:
  - name: touch2file
    file: path=/root/testipfile state=touch
    when: ansible_default_ipv4.address == "192.168.7.222"
  - name: touch3dir
    file: path=/root/test3dir state=directory
    when: ansible_hostname == "ebs-13"

tags 执行时通过-t 指定

1
2
3
4
5
6
7
8
9
10
11
12
13
#remote_user: root 指定运行用户,默认是root
cat p2.yml
- hosts: web
  remote_user: root
  tasks:
  - name: touch2file
    file: path=/root/testip2file state=touch
  - name: touch3dir
    file: path=/root/test3dir state=directory
    tags: touchdir

#执行
ansible-playbook -t touchdir p2.yml

循环 with_items

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
#批量创建用户
cat p3.yml
- hosts: web
  tasks: 
  - name: createuser
    user: name={{ item }}
    with_items:
    - ropon11
    - ropon12
    - ropon13
    - ropon14
 
#批量删除用户
cat p4.yml
- hosts: web
 tasks: 
 - name: createuser
   user: name={{ item }} state=absent
   with_items:
   - ropon11
   - ropon12
   - ropon13
   - ropon14

#嵌套循环 先创建用户组 再创建用户 通过字典
cat p5.yml
- hosts: web
 tasks: 
 - name: creategroup
   group: name={{ item }}
   with_items:
   - ropon11
   - ropon12
   - ropon13
   - ropon14
 - name: createuser
   user: name={{ item.name }} group={{item.group}}
   with_items:
   - {'name':ropon11,'group':ropon11}
   - {'name':ropon12,'group':ropon12}
   - {'name':ropon13,'group':ropon13}
   - {'name':ropon14,'group':ropon14}

#批量删除用户组和用户
cat p6.yml
- hosts: web
 tasks: 
 - name: creategroup
   group: name={{ item }} state=absent
   with_items:
   - ropon11
   - ropon12
   - ropon13
   - ropon14
 - name: createuser
   user: name={{ item.name }} group={{item.group}} state=absent
   tags: createuser 
   with_items:
   - {'name':ropon11,'group':ropon11}
   - {'name':ropon12,'group':ropon12}
   - {'name':ropon13,'group':ropon13}
   - {'name':ropon14,'group':ropon14}

template 语法jinja2 会替换其中变量

1
2
3
4
5
6
7
8
9
10
11
12
13
14
#安装redis 修改配置文件 启动服务
- hosts: db
  remote_user: root
  tasks:
  - name: install_redis
    yum: name=redis
    tags: install
  - name: copyconf
    template: dest=/etc/redis.conf src=redis.conf.j2
    tags: copy
  - name: start_redis
    service: name=redis
    tags: start

handlers 定义默认不会执行 通过notify 触发

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
- hosts: db
  remote_user: root
  tasks:
  - name: install_redis
    yum: name=redis
    tags: install
  - name: copyconf
    template: dest=/etc/redis.conf src=redis.conf.j2
    tags: copy
    notify: restart
  - name: start_redis
    service: name=redis
    tags: start
  handlers:
  - name: restart
    service: name=redis state=restarted

roles

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
#比如安装httpd服务
mkdir -p httpd/{handlers,tasks,templates,vars}
#handlers
	#main.yml
	- name: Reload Httpd
      service: name=httpd state=reloaded
#tasks
	#main.yml  include 具体yml文件
	- include: group.yml
    - include: user.yml
    - include: install.yml
    - include: config.yml
    - include: start.yml
	#group.yml
	- name: Create startup group
  	  group: name={{ GROUPNAME }} system=yes
	#user.yml
	- name: Create starup user
    user: name={{ USERNAME }} system=yes shell=/sbin/nologin
	#install.yml
	- name: Install Httpd
      yum: name=httpd
	#config.yml
	- name: Copy conf
      template: src=httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf
      tags: copyconf
      notify: Reload Httpd
	#start.yml
	- name: Start Httpd
      service: name=httpd enabled=yes
#templates
	#httpd.conf.j2
	Listen {{ ansible_default_ipv4.address }}:{{ PORT }}
	...
	User {{ USERNAME }}
	Group {{ GROUPNAME }}
	...
#vars
	#main.yml
	PORT: 80
    USERNAME: www
    GROUPNAME: www
#与httpd目录同级新建httpd_roles.yml文件
- hosts: web
  remote_user: root
  roles:
  - role: httpd

ansible-playbook http_roles.yml
#更新配置文件触发重载httpd服务
ansible-playbook -t copyconf http_roles.yml