1.Ad-Hoc简介
1)ad-hoc命令
执行shell命令,或shell脚本。可以执行一些简单的命令,不需要将这些执行的命令特别保存下来。
适合执行简单的命令
2)Ansible playbook
可以解决比较复杂的任务,可以将命令保存下来。适合执行配置管理或部署客户机
2.Ansible playbook
playbook是由一个或多个模块组成的,使用多个不同的模块,完成一件事
playbook通过yaml语法识别描述的状态文件.扩展名是yaml
1).YAML三板斧
缩进
YAML使用一个固定的缩进风格表示层级结构,每个缩进由两个空格组成,不能使用tab(默认一个tab=4个空格)
解决方法:
[root@m01 ~]# cat .vimrc
set number
set tabstop=2
冒号
以冒号结尾的除外,其他所有冒号后面必须有空格
短横线
表示列表项,使用一个短横杠加一个空格。
多个项使用同样的缩进级别作为同一列表。
who
谁
what
事情
how
动作
ansible-playbook命令格式
ansible-playbook [option] filename
常用选项:
-C, --check 模拟运行
--list-hosts 列出剧本主机清单
[root@m01 ansible_playbook]# ansible-playbook --list-hosts apache.yaml
playbook: apache.yaml
play #1 (web): web TAGS: []
pattern: [u'web']
hosts (1):
172.16.1.7
--list-tags 列出剧本标记
--list-tasks 列出剧本任务
[root@m01 ansible_playbook]# ansible-playbook --list-tasks apache.yaml
playbook: apache.yaml
play #1 (web): web TAGS: []
tasks:
Install Apache TAGS: []
Start Apache TAGS: []
--syntax-check 检测语法
[root@m01 ansible_playbook]# ansible-playbook --list-tags apache.yaml
playbook: apache.yaml
案例:编写apache剧本
1)准备apache的配置文件
mkdir -p /etc/ansible/ansible_playbook/conf
scp root@172.16.1.7:/etc/httpd/conf/httpd.conf /etc/ansible/ansible_playbook/conf
sed -i "s#Listen 80#Listen 8080#g" conf/httpd.conf
2).写yaml剧本文件
[root@m01 ansible_playbook]# cat apache.yaml
- hosts: web
tasks:
- name: Install Apache
yum: name=httpd state=installed
- name: Configure Httpd.conf
copy: src=/etc/ansible/ansible_playbook/conf/httpd.conf dest=/etc/httpd/conf/httpd.conf
notify: Restart Http Service
- name: Start Apache
service: name=httpd state=started enabled=yes
handlers:
- name: Restart Http Service
service: name=httpd state=restarted
2).playbook的核心元素
hosts:主机清单
tasks:任务
vars:变量
handlers:特定条件触发的任务
template:包含横版语法的文本文件
3.Ansible项目案例
1.环境规划
角色 外网IP(NAT) 内网IP(LAN) 主机名 backup eth0:10.0.1.51 eth1:172.16.1.51 rsync nfs eth0:10.0.1.41 eth1:172.16.1.41 nfs、Sersync m01 eth0:10.0.1.71 eth1:172.16.1.71 ansible web01 eth0:10.0.1.7 eth1:172.16.1.7 httpd
实施步骤:(hosts:all)
m01的配置要求
1)保证ssh密钥认证生效
2)安装ansible
3)准备所有的配置文件
本地hosts
selinux配置文件
rsyncd.conf
exports
mail.rc
sersync
rsync备份脚本
rsync检测脚本
mkdir -p /etc/ansible/ansible_playbook/{conf,file,scripts,tools}
1.基础环境部署
1)网络环境(SELinux firewalld)
- name: Disable SELinux
copy: src=./conf/selinux.config dest=/etc/selinux/config
- name: Stop SElinux
shell: setenforce 0
- name: Disable Firewaldl
service: name=firewalld state=stopped enabled=no
2)epel仓库
- name: Create Epel Repo
get_url: url=http://mirrors.aliyun.com/repo/epel-7.repo dest=/etc/yum.repos.d/epel.repo
3)安装rsync,nfs-utils软件包
- name: Installed Rsync NFS
yum: name=rsync,nfs-utils state=installed
4)创建组
- name: Create Group
group: name=www gid=666
5)创建用户
- name: Create User
user: name=www uid=666 group=666 create_home=no shell=/sbin/nologin
6)创建目录,并修好所属和权限
- name: Create Directory /data
file: path=/data owner=666 group=666 recurse=yes state=directory
- name: Create Directory /backup
file: path=/backup owner=666 group=666 recurse=yes state=directory
- name: Create Scripts Directory
file: path=/server/scripts state=directory
7)推送Rsync客户端备份脚本
- name: Push Rsync Backup
copy: src=./scripts/rsync_backup.sh dest=/server/scripts/rsync_backup.sh
8)推送rsync客户端密码文件,并修改取消
- name: Create Rsync Client Pass File
copy: content="1" dest=/etc/rsync.pass mode=600
9)计划任务
- name: Create Rsync Client Crontab
cron: name="Rsync Backup" hour=1 minute=0 job="bin/sh /server/scripts/rsync_backup.sh &> /dev/null"
base.yaml剧本内容:
- hosts: all
tasks:
- name: Disable SELinux
copy: src=./conf/selinux.config dest=/etc/selinux/config
notify: Stop SElinux
- name: Disable Firewalld
service: name=firewalld state=stopped enabled=no
- name: Create Epel Repo
get_url: url=http://mirrors.aliyun.com/repo/epel-7.repo dest=/etc/yum.repos.d/epel.repo
- name: Installed Rsync NFS
yum: name=rsync,nfs-utils state=installed
- name: Create Group
group: name=www gid=666
- name: Create User
user: name=www uid=666 group=666 create_home=no shell=/sbin/nologin
- name: Create Directory /data
file: path=/data owner=666 group=666 recurse=yes state=directory
- name: Create Directory /backup
file: path=/backup owner=666 group=666 recurse=yes state=directory
- name: Create Scripts Directory
file: path=/server/scripts state=directory
- name: Push Rsync Backup
copy: src=./scripts/rsync_backup.sh dest=/server/scripts/rsync_backup.sh
- name: Push Hosts File
copy: src=./conf/hosts dest=/etc/hosts
- name: Create Rsync Client Pass File
copy: content="1" dest=/etc/rsync.pass mode=600
- name: Create Rsync Client Crontab
cron: name="Rsync Backup" hour=1 minute=0 job="/bin/sh /server/scripts/rsync_backup.sh &> /dev/null"
handlers:
- name: Stop SElinux
shell: setenforce 0
2.rsync部署
1)安装rsync,mailx
- name: Install Rsync Mailx
yum: name=rsync,mailx state=installed
2)配置
- name: Push Rsync Config File
copy: src=./conf/rsyncd.conf dest=/etc/rsyncd.conf
notify: Restart Rsyncd
- name: Create Rsync Auth File
copy: content='rsync_backup:1' dest=/etc/rsync.passwd mode=600
handlers:
- name: Restart Rsyncd
service: name=rsyncd state=restarted
3)启动
- name: Start Rsync Service
service: name=rsyncd state=started enabled=yes
- name: Push Mailx Config File
copy: src=./conf/mail.rc dest=/etc/mail.rc
4)脚本任务
- name: Push Rsync Check Script
copy: src=./scripts/rsync_check.sh dest=/server/scripts/rsync_check.sh
5)计划任务
- name: Create Rsync Check
cron: name='Rsync Check' hour=5 minute=0 job='/bin/sh /server/scripts/rsync_check.sh &>/dev/null'
rsync.yaml剧本内容:
- hosts: backup
tasks:
- name: Install Rsync Mailx
yum: name=rsync,mailx state=installed
- name: Push Rsync Config File
copy: src=./conf/rsyncd.conf dest=/etc/rsyncd.conf
notify: Restart Rsyncd
- name: Create Rsync Auth File
copy: content='rsync_backup:1' dest=/etc/rsync.passwd mode=600
- name: Start Rsync Service
service: name=rsyncd state=started enabled=yes
- name: Push Mailx Config File
copy: src=./conf/mail.rc dest=/etc/mail.rc
- name: Push Rsync Check Script
copy: src=./scripts/rsync_check.sh dest=/server/scripts/rsync_check.sh
- name: Create Rsync Check
cron: name='Rsync Check' hour=5 minute=0 job='/bin/sh /server/scripts/rsync_check.sh &>/dev/null'
handlers:
- name: Restart Rsyncd
service: name=rsyncd state=restarted
3.nfs部署
1)安装nfs-utils
- name: Install NFS
yum: name=nfs-utils state=installed
2)配置
- name: Push NFS Config File
copy: src=./conf/exports dest=/etc/exports
notify: Restart NFS
handlers:
- name: Restart NFS
service: name=nfs state=restarted
3)启动
- name: Start Rpcbind Server
service: name=rpcbind state=started
- name: Start NFS Server
service: name=nfs state=started enabled=yes
nfs.yaml剧本内容:
- hosts: nfs
tasks:
- name: Install NFS
yum: name=nfs-utils state=installed
- name: Push NFS Config File
copy: src=./conf/exports dest=/etc/exports
notify: Restart NFS
- name: Start Rpcbind Server
service: name=rpcbind state=started
- name: Start NFS Server
service: name=nfs state=started enabled=yes
handlers:
- name: Restart NFS
service: name=nfs state=restarted
4.sersync部署
1)在m01上下载sersync
wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/sersync/sersync2.5.4_64bit_binary_stable_final.tar.gz
2)解压并修改配置文件
3)推送至nfs
- name: Install Inotify_tools
yum: name=inotify-tools state=installed
- name: Push Sersync
copy: src=./tools/sersync dest=/usr/local/ mode=755
4)启动sersync
- name: start Sersync
shell: /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml
注意:多次执行该剧本,会启动多个sersync进程,如何解决?
sersync.yaml剧本内容:
- hosts: nfs
tasks:
- name: Install Inotify_tools
yum: name=inotify-tools state=installed
- name: Push Sersync
copy: src=./tools/sersync dest=/usr/local/ mode=755
- name: start Sersync
shell: /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml
5.web部署
1)安装httpd
- name: Install httpd
yum: name=httpd state=installed
2)启动
- name: Start httpd
service: name=httpd state=started
3)挂载
- name: Mount NFS Storage
mount: src=nfs:/data path=/var/www/html fstype=nfs state=mounted
web.yaml剧本内容:
- hosts: web
tasks:
- name: Install httpd
yum: name=httpd state=installed
- name: Start httpd
service: name=httpd state=started
- name: Mount NFS Storage
mount: src=nfs:/data path=/var/www/html fstype=nfs state=mounted
将所有编写好的yaml引入至一个文件中,这样便于一次执行 [root@m01 ansible_playbook]# cat main.yaml - import_playbook: base.yaml - import_playbook: rsync.yaml - import_playbook: nfs.yaml - import_playbook: sersync.yaml - import_playbook: web.yaml
来源:https://www.cnblogs.com/xmtxh/p/12249931.html