这篇文章给大家介绍下PlayBook,我们叫它剧本,它是以一种固定的格式,将多个ad-hoc放入yml文件中。在Ansible中,剧本文件是yml结尾的,在SaltStack中剧本文件是sls结尾的,但是两者语法都是使用的yaml语法。
PlayBook与ad-hoc区别
1、PlayBook功能比ad-hoc全,是对ad-hoc的一种编排
2、PlayBook能很好的控制先后执行顺序,以及依赖关系
3、PlayBook语法展现更加直观
4、PlayBook可以持久使用,ad-hoc无法持久使用
YAML语法
| 语法 | 描述 |
| 缩进 | YAML使用固定的缩进风格表示层级结构,每个缩进由两个空格组成,不能使用TAB |
| 冒号 | 以冒号结尾的除外,其他所有冒号后面所有空格 |
| 短横线 | 表示列表项,使用一个短横线加一个空格,多个项使用同样的缩进级别作为同一列表 |
PlayBook部署实战
1、部署httpd
1、安装httpd服务
2、启动httpd服务并加入开机自启动
3、编写网站页面并启动
4、开启防火墙端口
5、不同的主机配置不同的网站#创建剧本存放目录
[root@Ansible ~]# mkdir -p ansible/httpd
#编辑主机列表
[root@Ansible ~]# cat /etc/ansible/hosts
[web_group]
web01 ansible_ssh_host=10.0.0.7
web02 ansible_ssh_host=10.0.0.8
#编写剧本
[root@Ansible ~]# cat ansible/httpd/httpd.yml
- hosts: web_group
tasks:
- name: Install httpd Server #安装httpd
yum:
name: httpd
state: present
- name: Start httpd Server #开启httpd服务
systemd:
name: httpd
state: started
enabled: yes
- name: Start Firewalld Server #开启防火墙
systemd:
name: firewalld
state: started
enabled: yes
- name: Config Firewalld Server #配置防火墙服务
firewalld:
service: http
immediate: yes
permanent: yes
state: enabled
- hosts: web01
tasks:
- name: Config Httpd Server #增加Web01页面
copy:
content: Web01
dest: /var/www/html/index.html
- hosts: web02
tasks:
- name: Config Httpd Server #增加Web02页面
copy:
content: Web02
dest: /var/www/html/index.html
[root@Ansible ~]# ansible-playbook --syntax-check ansible/httpd/httpd.yml #检查语法
playbook: ansible/httpd/httpd.yml
[root@Ansible ~]# ansible-playbook ansible/httpd/httpd.yml #执行剧本
#浏览器访问10.0.0.7和10.0.0.8即可
2、Backup备份服务器和客户端的部署
#创建rsync剧本存放目录
[root@Ansible ~]# mkdir ansible/rsyncd
#编辑主机列表
[root@Ansible ~]# cat /etc/ansible/hosts
[web_group]
web01 ansible_ssh_host=10.0.0.7
web02 ansible_ssh_host=10.0.0.8
[backup_group]
backup ansible_ssh_host=10.0.0.41
#准备rsync配置文件
[root@Ansible ~]# cat ansible/rsyncd/rsyncd.conf #最好是与剧本放到同一目录
uid = rsync
gid = rsync
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
#####################################
[backup]
path = /backup
#编写剧本
[root@Ansible ~]# cat ansible/rsyncd/rsyncd.yml
- hosts: all
tasks:
- name: Install Rsyncd Server
yum:
name: rsync
state: present
- name: Create www Group
group:
name: www
gid: 666
- name: Create www User
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: false
- hosts: backup_group
tasks:
- name: Scp Rsync Config
copy:
src: /root/ansible/rsyncd/rsyncd.conf
dest: /etc/rsyncd.conf
owner: root
group: root
mode: 0644
- name: Create backup Directory
file:
path: /backup
state: directory
mode: 0755
owner: www
group: www
recurse: yes
- name: Start Rsyncd Server
systemd:
name: rsyncd
state: started
#检查剧本
[root@Ansible ~]# ansible-playbook --syntax-check ansible/rsyncd/rsyncd.yml
playbook: ansible/rsyncd/rsyncd.yml
#运行剧本
[root@Ansible ~]# ansible-playbook ansible/rsyncd/rsyncd.yml
完成后还可以尝试给客户端推送数据,加入crontab做备份等等操作。
3、NFS服务部署
#1、添加目标服务器到主机列表并做ssh免密钥
[root@Ansible ~]# cat /etc/ansible/hosts
[nfs_group]
nfs ansible_ssh_host=10.0.0.31
[web_group]
web01 ansible_ssh_host=10.0.0.7
web02 ansible_ssh_host=10.0.0.8
[backup_group]
backup ansible_ssh_host=10.0.0.41
[nfs_all:children]
nfs_group
web_group
[root@Ansible ~]# ssh-copy-id -i .ssh/id_rsa.pub root@10.0.0.31
#2、创建nfs的目录
[root@Ansible ~]# mkdir ansible/nfs/
#3、准备nfs配置文件添加到管理机中
[root@Ansible ~]# cat ansible/nfs/exports
/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
#4、编写nfs剧本
[root@Ansible ~]# cat ansible/nfs/nfs.yml
- hosts: nfs_all
tasks:
- name: Install nfs-utils
yum:
name: nfs-utils
state: present
- name: Create www Group
group:
name: www
gid: 666
- name: Create www user
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: false
- hosts: nfs_group
tasks:
- name: Scp NFS server exports
copy:
src: exports
dest: /etc/exports
owner: root
group: root
mode: 0644
- name: Create data Directory
file:
path: /data
state: directory
owner: www
group: www
mode: 0755
recurse: yes
- name: Start NFS server
systemd:
name: nfs-server
state: started
enabled: yes
- hosts: web_group
tasks:
- name: Mount NFS Server
mount:
path: /opt
src: 10.0.0.31:/data
fstype: nfs
opts: defaults
state: mounted
#5、检查语法
[root@Ansible ~]# ansible-playbook --syntax-check /root/ansible/nfs/nfs.yml
playbook: /root/ansible/nfs/nfs.yml
#6、执行剧本
[root@Ansible ~]# ansible-playbook ansible/nfs/nfs.yml
#7、查看web01、web02挂载情况
[root@Web01 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
10.0.0.31:/data 19G 2.0G 17G 11% /opt
[root@Web02 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
10.0.0.31:/data 19G 2.0G 17G 11% /opt4、Nginx服务部署
#1、添加目标服务器至主机列表并做免密钥
[root@Ansible ~]# cat /etc/ansible/hosts
[web_group]
web01 ansible_ssh_host=10.0.0.7
web02 ansible_ssh_host=10.0.0.8
[root@Ansible ~]# ssh-copy-id -i .ssh/id_rsa.pub root@10.0.0.7
[root@Ansible ~]# ssh-copy-id -i .ssh/id_rsa.pub root@10.0.0.8
#2、创建剧本存放目录
[root@Ansible ~]# mkdir ansible/nginx
#3、准备nginx配置文件与代码文件
[root@Web01 ~]# scp /etc/nginx/nginx.conf /etc/nginx/conf.d/* 10.0.0.61:/root/ansible/nginx
[root@Web01 ~]# tar zcvf code.tar.gz /code
[root@Web01 ~]# scp code.tar.gz 10.0.0.61:/root/ansible/nginx
#4、写剧本
[root@Ansible ~]# cat ansible/nginx/nginx.yml
- hosts: web_group
tasks:
- name: nginx.repo
copy:
src: nginx.repo
dest: /etc/yum.repos.d/nginx.repo
- name: install nginx
yum:
name: nginx
state: present
- name: start and enable nginx
systemd:
name: nginx
state: started
enabled: yes
- name: copy nginx.conf to nginx
copy:
src: nginx.conf
dest: /etc/nginx
- name: copy 'wecenter.conf' to nginx
copy:
src: wecenter.conf
dest: /etc/nginx/conf.d/wecenter.conf
- name: copy 'wordpress.conf' to nginx
copy:
src: wordpress.conf
dest: /etc/nginx/conf.d/wordpress.conf
- name: remove nginx defualt.conf
file:
path: /etc/nginx/conf.d/defualt.conf
state: absent
- name: tar xf code.tar.gz
unarchive:
src: code.tar.gz
dest: /
creates: /code
- name: Restart Nginx Server
systemd:
name: nginx
state: restarted
#5、检查剧本语法
[root@Ansible ~]# ansible-playbook --syntax-check ansible/nginx/nginx.yml
playbook: ansible/nginx/nginx.yml
#6、执行剧本
[root@Ansible ~]# ansible-playbook ansible/nginx/nginx.yml 5、PHP服务部署
#1、将目标主机添加至主机列表
[root@Ansible ~]# cat /etc/ansible/hosts
[web_group]
web01 ansible_ssh_host=10.0.0.7
web02 ansible_ssh_host=10.0.0.8
#2、创建剧本存放目录
[root@Ansible ~]# mkdir ansible/php
#3、准备必要文件:php71.tar.gz、php.ini、www.conf
[root@Ansible ~]# cd ansible/php/
[root@Ansible php]# rz -E
rz waiting to receive.
[root@Web01 ~]# scp /etc/php.ini /etc/php-fpm.d/www.conf 10.0.0.61:/root/ansible/php
root@10.0.0.61's password:
php.ini 100% 61KB 16.5MB/s 00:00
www.conf 100% 18KB 2.4MB/s 00:00
#4、写剧本
[root@Ansible php]# cat php.yml
- hosts: web_group
tasks:
- name: tar xf php to web_group
unarchive:
src: php71.tar.gz
dest: /root
- name: localinstall rpm
yum:
name:
- /root/autoconf-2.69-11.el7.noarch.rpm
- /root/automake-1.13.4-3.el7.noarch.rpm
- /root/libevent-2.0.21-4.el7.x86_64.rpm
- /root/libjpeg-turbo-1.2.90-8.el7.x86_64.rpm
- /root/libmcrypt-2.5.8-13.el7.x86_64.rpm
- /root/libmemcached-1.0.16-5.el7.x86_64.rpm
- /root/libtool-ltdl-2.4.2-22.el7_3.x86_64.rpm
- /root/libX11-1.6.7-3.el7_9.x86_64.rpm
- /root/libX11-common-1.6.7-3.el7_9.noarch.rpm
- /root/libXau-1.0.8-2.1.el7.x86_64.rpm
- /root/libxcb-1.13-1.el7.x86_64.rpm
- /root/libXpm-3.5.12-1.el7.x86_64.rpm
- /root/libxslt-1.1.28-6.el7.x86_64.rpm
- /root/mod_php71w-7.1.33-1.w7.x86_64.rpm
- /root/pcre-devel-8.32-17.el7.x86_64.rpm
- /root/perl-Data-Dumper-2.145-3.el7.x86_64.rpm
- /root/perl-Test-Harness-3.28-3.el7.noarch.rpm
- /root/perl-Thread-Queue-3.02-2.el7.noarch.rpm
- /root/php71w-cli-7.1.33-1.w7.x86_64.rpm
- /root/php71w-common-7.1.33-1.w7.x86_64.rpm
- /root/php71w-devel-7.1.33-1.w7.x86_64.rpm
- /root/php71w-embedded-7.1.33-1.w7.x86_64.rpm
- /root/php71w-fpm-7.1.33-1.w7.x86_64.rpm
- /root/php71w-gd-7.1.33-1.w7.x86_64.rpm
- /root/php71w-mbstring-7.1.33-1.w7.x86_64.rpm
- /root/php71w-mcrypt-7.1.33-1.w7.x86_64.rpm
- /root/php71w-mysqlnd-7.1.33-1.w7.x86_64.rpm
- /root/php71w-opcache-7.1.33-1.w7.x86_64.rpm
- /root/php71w-pdo-7.1.33-1.w7.x86_64.rpm
- /root/php71w-pear-1.10.4-1.w7.noarch.rpm
- /root/php71w-pecl-igbinary-2.0.5-1.w7.x86_64.rpm
- /root/php71w-pecl-memcached-3.0.4-1.w7.x86_64.rpm
- /root/php71w-pecl-mongodb-1.5.3-1.w7.x86_64.rpm
- /root/php71w-pecl-redis-3.1.6-1.w7.x86_64.rpm
- /root/php71w-process-7.1.33-1.w7.x86_64.rpm
- /root/php71w-xml-7.1.33-1.w7.x86_64.rpm
state: present
- name: create group
group:
name: www
gid: 666
- name: create user
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: false
- name: copy php.ini to web_group
copy:
src: php.ini
dest: /etc/php.ini
- name: copy www.conf to web_group
copy:
src: www.conf
dest: /etc/php-fpm.d/www.conf
- name: start and enable php
systemd:
name: php-fpm
state: started
enabled: yes
#5、剧本语法检查
[root@Ansible php]# ansible-playbook --syntax-check php.yml
playbook: php.yml
#6、执行剧本
[root@Ansible php]# ansible-playbook php.yml6、Mariadb服务部署
#1、添加服务器到我们的主机列表并做免密钥
[root@Ansible ~]# cat /etc/ansible/hosts
[mysql_group]
mysql ansible_ssh_host=10.0.0.51
[root@Ansible ~]# ssh-copy-id -i .ssh/id_rsa.pub root@10.0.0.51
#2、创建剧本目录
[root@Ansible ~]# mkdir ansible/mysql
#3、准备好数据库
[root@MySQL ~]# mysqldump -uroot -pkoten.vip -A > all.sql
[root@MySQL ~]# scp all.sql 10.0.0.61:/root/ansible/mysql
#4、写剧本
[root@Ansible ~]# cat ansible/mysql/mysql.yml
- hosts: mysql_group
tasks:
- name: Install mariadb
yum:
name:
- mariadb-server
- MySQL-python
state: present
- name: Start httpd Server
systemd:
name: mariadb
state: started
enabled: yes
- name: Copy all.sql to Mysql
copy:
src: all.sql
dest: /root/all.sql
- name: import all.sql
mysql_db:
login_host: localhost
login_port: 3306
login_user: root
name: all
state: import
target: /root/all.sql
- name: Restart MariaDB Server
systemd:
name: mariadb
state: restarted
#5、检查
[root@Ansible ~]# ansible-playbook --syntax-check ansible/mysql/mysql.yml
playbook: ansible/mysql/mysql.yml
#6、执行剧本
[root@Ansible ~]# ansible-playbook ansible/mysql/mysql.yml我是koten,10年运维经验,持续分享运维干货,感谢大家的阅读和关注!
