- ansible playbook剧本介绍:
- playbook 是ansible用于配置,部署和管理被节点的剧本
- 由一个或多个模块组成,完成统一的目的,实现自动化操作
- 剧本编写需遵循yaml语法
- yaml的三要素:
- 缩进:两个字符,默认的tab键是四个字符,所以要使用tab键,需要修改/root/.vimrc文件。添加:set tabstop=2
- 冒号:冒号后面需要空格,除非以冒号结尾
- 短横杠:列表项,后面跟空格
- yaml的三要素:
- playbook的语法结构:
- ansible-playbook 选项 文件路径
- 选项:-C 模拟预运行
- –list-hosts:列出清单
- –list-tasks:列出任务
- –list-tags:列出标签
- –syntax-check:语法检查
- 选项:-C 模拟预运行
- ansible-playbook 选项 文件路径
- Ansible playbook使用场景:
- 执行一些简单的任务可以使用ad-hoc命令,过于复杂时就需要使用playbook剧本
- playbook剧本就像执行shell命令与写shell脚本一样,也可以理解为批量处理任务
- 使用playbook可以方便的重复使用这些代码,可以移植到不同机器上,像函数一样反复使用
- 实验场景:
- 拓扑:
- ansible:192.168.8.5
- web:192.168.8.6
- nfs:192.168.8.7
- rsync:192.168.8.8
- 实验说明:在第一台机器上部署ansible,编写playbook剧本,完成一键部署web,nfs,rsync架构的环境
- 实验步骤:
- 1.在ansible上修改hosts文件
- vim /etc/hosts
- 192.168.8.5 ansible
- 192.168.8.6 web
- 192.168.8.7 nfs
- 192.168.8.8 rsync
- vim /etc/hosts
- 2.将每台服务器的主机名称修改为对应的服务名:
- hostnamectl set-hostname ansible
- hostnamectl set-hostname web
- hostnamectl set-hostname nfs
- hostnamectl set-hostname rsync
- 3.在ansible服务器上修改tab键=2
- vim /root/.vimrc
- set tabstop=2
- vim /root/.vimrc
- 4.在8.5主机安装ansible和epel-release(提供额外软件包)
- ymm -y install ansible
- yum -y install epel-release
- 5.ssh免密登录8.6、8.7、8.8
- ssh-keygen -t rsa
- ssh-copy-id root@web
- ssh-copy-id root@nfs
- ssh-copy-id root@rsync
- 6.创建ansible剧本中所需的目录
- mkdir -p /etc/ansible/ansible_playbook/{conf,file,scripts,tools}
- 7.编辑ansible清单:
- vim /etc/ansible/hosts
- 添加:
- [web]
- 192.168.8.6
- [nfs]
- 192.168.8.7
- [rsync]
- 192.168.8.8
- 添加:
- vim /etc/ansible/hosts
- 8.使用ansible的copy模块 覆盖另外三台的hosts文件
- ansible all -m copy -a “src=/etc/hosts dest=/etc”
- 9.编写playbook剧本部署基本环境:
- 关闭防火墙
- 配置yum仓库
- 安装rsync、nfs-utils
- 创建组、用户
- 创建目录,修改权限
- 推送脚本
- 推送rsync客户端所需的密码文件,修改权限
- 计划任务
- vim /etc/ansible/ansible_playbook/base.yaml
- – hosts: all
- tasks:
- – name: stop firewalld
- shell: systemctl stop firewalld
- – name: stop selinux
- shell: setenforce 0
- – name: clear repos.d
- file: path=/etc/yum.repos.d/ state=absent
- – name: create repos.d
- file: path=/etc/yum.repos.d/ recurse=yes
- – name: install base repo
- get_url: url=http://mirrors.aliyun.com/repo/Centos-7.repo dest=/etc/yum.repos.d/CentOS-Base.repo
- – name: install epel repo
- get_url: url=http://mirrors.aliyun.com/repo/epel-7.repo dest=/etc/yum.repos.d/epel.repo
- – name: install rsync nfs-utils
- yum: name=rsync,nfs-utils state=installed
- – name: create group www
- group: name=www gid=666
- – name: create user www
- user: name=www uid=666 create_home=no shell=/sbin/nologin
- – name: create rsync client password
- copy: content=’1′ dest=/etc/rsync.pass mode=600
- – name: create scripts directory
- file: path=/server/scripts/ recurse=yes state=directory
- – name: push scripts
- copy: src=./scripts/rsync_backup.sh dest=/server/scripts
- – name: crontab
- cron: name=”backup scripts” hour=01 minute=00 job=”/usr/bin/bash /server/scripts/rsync_backup.sh &> /dev/null”
- – name: stop firewalld
- tasks:
- 进入到脚本目录,将需要的脚本拖拽至目录下
- cd /etc/ansible/ansible_playbook/scripts
- 预先运行脚本,检查语法有没有错误
- ansible-playbook -C base.yaml
- – hosts: all
- 10.编辑对rsync主机进行配置的剧本
- 剧本流程:
- 安装rsync
- 配置
- 启动
- 脚本
- 计划任务
- vim /etc/ansible/ansible_playbook/rsync.yaml
- – hosts: rsync
- tasks:
- – name: install rsync
- yum: name=rsync state=installed
- – name: config rsync
- copy: src=./conf/rsyncd.conf dest=/etc/rsyncd.conf
- notify: restart rsync
- – name: create rsync local user
- copy: content=’rsync_backup:1′ dest=/etc/rsync.password mode=600
- – name: create data
- file: path=/data state=directory recurse=yes owner=www group=www mode=755
- – name: create backup
- file: path=/backup state=directory recurse=yes owner=www group=www mode=755
- – name: start rsync
- service: name=rsyncd state=started enabled=yes
- – name: push check scripts
- copy: src=./scripts/rsync_check.sh dest=/server/scripts
- – name: crond check scripts
- cron: name=”check scripts” hour=05 minute=00 job=”/usr/bin/bash /server/scripts/rsync_check.sh &> /dev/null”
- handlers:
- – name: restart rsync
- service: name=rsyncd state=restarted
- 将所需配置文件拖至conf目录下
- cd /etc/ansible/ansible_playbook/conf
- 运行脚本,检查是否有错误
- ansible-playbook -C rsync.yaml
- 剧本流程:
- 11.编写部署nfs服务的剧本:
- vim nfs.yaml
- – hosts: nfs
- tasks:
- – name: install nfs
- yum: name=nfs-utils,rpcbind state=installed
- – name: config nfs
- copy: src=./conf/exports dest=/etc/exports
- notify: restart nfs
- – name: create data
- file: path=/data state=directory recurse=yes owner=www group=www mode=755
- – name: start nfs
- service: name=nfs-server state=started enabled=yes
- handlers:
- – name: restart nfs
- service: name=nfs-server state=restarted
- 预运行检查语法:
- ansible-playbook -C nfs.yaml
- vim nfs.yaml
- 12.部署sersync服务,实现及时监控
- 剧本流程:
- (1)在ansible服务器先下载sersync
- (2)解压到/etc/ansible/ansible_playbook/并修改配置文件
- (3)推送到nfs
- (4)启动sersync
- 进入tools目录 将存放及时监控的软件目录 拖拽至tools目录下
- cd /etc/ansible/ansible_playbook/tools
- 拖拽
- cd /etc/ansible/ansible_playbook/tools
- 编辑剧本:
- vim sersync.yaml
- – hosts: nfs
- tasks:
- – name: scp sersync
- copy: src=./tools/sersync/ dest=/usr/local/sersync owner=www group=www mode=755
- – name: start sersync
- shell: pgrep sersync;
- [ $? -eq 0 ] || /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml
- vim sersync.yaml
- 剧本流程:
- 13.编写部署web服务的剧本:
- 剧本流程:
- (1)本地安装httpd
- (2)修改配置文件,复制到/etc/ansible/ansible_playbook/conf
- (3)挂载
- (4)启动
- vim web.yaml
- – hosts: web
- tasks:
- – name: install httpd
- yum: name=httpd state=installed
- – name: mount nfs
- mount: src=nfs:/data path=/var/www/html fstype=nfs state=mounted
- – name: config httpd
- copy: src=./conf/httpd.conf dest=/etc/httpd/conf/httpd.conf
- notify: restart httpd
- – name: start httpd
- service: name=httpd state=started enabled=yes
- handlers:
- – name: restart httpd
- service: name=httpd state=restarted
- 预运行检查语法:
- ansible-playbook -C web.yaml
- 剧本流程:
- 至此所有剧本已编写好了,现在将这几个剧本依次汇总 集中来进行实际运行
- vim main.yaml
- – import_playbook: base.yaml
- – import_playbook: rsync.yaml
- – import_playbook: nfs.yaml
- – import_playbook: sersync.yaml
- – import_playbook: web.yaml
- 预检测:ansible-playbook -C main.yaml
- 执行:ansible-playbook main.yaml
- 1.在ansible上修改hosts文件
- 测试:在nfs的/data目录下编写一个网页 查看web服务器上的网页根目录是否同步到了网页
- 再查看及时同步:nfs服务器中的/data目录下的文件,是否及时的自动备份到了 rsync服务器的/backup目录下
- 拓扑:
- 易错的地方:
- 如果rsync服务器的rsync服务起不来,可能需要从新在nfs服务器执行一下此命令:
- /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml
- 或者是rsync服务器的配置文件没有修改:
- vim /etc/rsyncd.conf
- vim /etc/rsyncd.conf
- 也可能或是有了pid锁文件,导致服务被锁死
- rsyncd –daemon 此命令也可以启动rsync
- 如果rsync服务器的rsync服务起不来,可能需要从新在nfs服务器执行一下此命令:
