Ansible:
configuration、Command and Control
运维工具的分类:
agent:基于专用的agent程序完成管理功能,puppet,func,zabbix,...
agentless:基于ssh服务完成管理,ansilble,fabric,...
架构:
Ansible Core
Modules:
Core Modules
Customed Modules
Host Iventory
Files
CMDB
PlayBooks
Hosts
roles
Connection Plugins:
特性:
模块化:调用特定的模块,完成特定的任务;
基于Python语言研发,由Paramiko,PyYAML和jinja2三个核心库实现;
部署简单:agentless;
支持自定义模块,使用任意编程语言;
强大的playbook机制;
幂等性;
安装及程序环境:
程序:
ansible
ansible-playbook
ansible-doc
配置文件:
/etc/ansible/ansible.cfg
主机清单:
/etc/ansible/hosts
插件目录:
/usr/share/ansible_plugins/
基本使用入门:
ansible命令:
Usage:ansible<host-pattern> [options]
常用选项:
-m MOD_NAME -a MOD_ARGS配置Host Inventory:
/etc/ansible/hosts
[group_id]
HOST_PATERN1
HOST_PATERN2
模块:
获取模块列表:ansible-doc -l
获取指定模块的使用帮助:ansible-doc -s MOD_NAME
常用模块:
ping:探测目标主机是否存活
command:在远程主机执行命令
shell:在远程主机上调用shell解释器运行命令,支持shell的各种功能,例如管道
注意:command和shell模块的核心参数直接为命令本身;而其他模块的参数通常为"key=value"格式
copy:copies files to remote locations.
用法:
(1)复制文件
-a "src= dest="
(2)给丁内容生成文件
-a "content= dest="
其他参数:mode,owner,group,...
file:Sets attributes of files
用法:
(1)创建目录:
-a "path= state=directory"
(2)创建链接文件:
-a "path= src= state=link"
(3)删除文件:
-a "path= state=absent"
fetch:Fetches a file from remote nodes
cron:Manage cron.d and crontab entries
-a ""
minute=
hour=
day=
month=
weekday=
job=
name=
user=
state={present|absent}
hostname:Manage hostname
yum:Manages packages with the I(yum) package manager
-a ""
name= state={persent|latest}
name= state=absent
service:Manager services
-a""
name=
state=
started
stopped
restarted
enabled=
runlevel=
group:Add or remove groups
-a ""
name=
state=
system=
gid=
user:Manager user accounts
-a""
name=
group=
groups=
comment=
uid=
system=
shell=
expires=
home=
setup:Gathers facts about remote hosts
YAML:
YAML is a data seriallzation format disgned for human readability and interaction with scripting languages.
数据结构:
key-value
-item1
-item2
-item3
{name:jerry,age:21} Playbooks:
核心元素:
tasks:任务,由模块定义的操作的列表;
Variables:变量
Templates:模板,即使用了模板语法的文本文件;
Handlers:由特定条件出发的Tasks;
Roles:角色;
playbook的基础组件:
Hosts:运行指定任务的目标主机;
remote_user:在远程主机哪个用户身份执行;
sudo_user:非管理员需要拥有sudo权限;
task:任务列表
模块,模块参数
格式:
(1)action:module arguments
(2)module:arguments
运行playbook,使用ansible-playbook命令
(1)测试运行
ansible-playbook -C /path/to/playbook.yaml
--list-hosts
--list-tasks
--list-tags
(2)运行
ansible-playbook /path/to/playbook.yam;
-t TAGS,--tags=TAGS
--skip-tags=SKIP_TAGS
--start-at-task=START_AT
handlers:由特定条件触发的Tasks:
调用及定义方式:
tasks:
- name:TASK_NAME
module:arguments
notify:HANDLER_NAME
handlers:
- name:HANDLER_NAME
module:arguments
tags:给指定的任务定义一个调用标识;
- name:NAME
module:arguments
tags:TAG_ID
Variables:
类型:
内建:
(1)facts
自定义:
(1)命令行传递;
-e VAR=VALUE
(2)在hosts Inventory中为每个主机定义专用变量值
(a)向不同的主机传递不同的变量;
IP/HOSTNAME variable_name=value
(b)向组内的所有主机传递相同的变量;
[groupname:vars]
variable_name=value
(3)在playbook中定义
vars:
-var_name:value
-var_name:value
调用:
{{var_name}}node1:
yum info ansible
yum install ansible
rpm -ql ansible
cd /etc/ansible/
vim hosts
[websrvs]
10.1.0.68
10.1.0.69
[dbsrvs]
10.1.0.8
10.1.0.68
ansible-doc -l
ansible websrvs -m ping
ansible all -m ping
ansible-doc -s command
ansible all -m command -a "ifconfig"
ansible all -m command -a "useradd centos"
ansible all -m command -a "id centos"
ansible all -m command -a "echo 'mageedu' | passwd --stdin centos"
ansible-doc -s shell
ansible all -m shell -a "echo 'mageedu' | passwd --stdin centos"
ansibel-doc -s copy
ansible all -m copy -a "src=/etc/fstab dest=/tmp/fstab.ansible mode=640"
ansible all -m copy -a "conten="hello\nworld" dest=/tmp/fstab.ansible mode=640"
ansible all -m file -a "path=/tmp/fstab.ansible owner=centos"
ansible all -m file -a "path=/tmp/fstab.ansible state=absent"
ansible all -m file -a "path=/tmp/dir.ansible state=directory"
ansible all -m file -a "path=/tmptest.ansible.link src=/tmp/test.ansible state=link"
ansible all -m cron -a "minute='*/5' job='/usr/sbin/ntpdate 10.1.0.1 &> /dev/null' name=synctime"
ansible all -m cron -a "name=synctime state=absent"
ansible all -m yum -a "name=httpd"
ansible all -m yum -a "name=httpd state=absent"
ansible all -m service -a "name=htpd state=started enabled=true"
ansible 10.1.0.68 -m setup
vim group.yaml
- hosts:all
remote_user:root
tasks: - hosts:websrvs
remote_user:root
tasks:- name:install httpd package
yum:name=http - name:star httpd service
service:name=httpd state=started
- name:install httpd package
ansible-playbook --check group.yaml
ansible-playbook --check --list-hosts group.yaml
ansible-playbook --check --list-hosts group.yaml
ansible-playbook --Syntax-check group.yaml
ansible-playbook group.yaml
vim web.yaml
- hosts:websrvs
remote_user:root
tasks:- name:install httpd package
yum:name=httpd state=latest - name: install conf file
copy:src=/root/httpd.conf dest=/etc/httpd/conf/httpd.conf - name:start httpd service
service: name=httpd state=stated
- name:install httpd package
ansible-playbook group.yaml
vim web.yaml
- hosts:websrvs
remote_user:root
tasks:- name:install httpd package
yum:name=httpd state=latest - name: install conf file
copy:src=/root/httpd.conf dest=/etc/httpd/conf/httpd.conf
notify:restart httpd service - name:start httpd service
service: name=httpd state=stated
handlers:- name:restart httpd service
service: name=httpd state=restarted
- name:restart httpd service
- name:install httpd package
ansible-playbook group.yaml
vim web.yaml
- hosts:websrvs
remote_user:root
tasks:- name:install httpd package
yum:name=httpd state=latest - name: install conf file
copy:src=/root/httpd.conf dest=/etc/httpd/conf/httpd.conf
tags:instconf
notify:restart httpd service - name:start httpd service
service: name=httpd state=stated
handlers:- name:restart httpd service
service: name=httpd state=restarted
- name:restart httpd service
- name:install httpd package
ansible-playbook -t instconf group.yaml
vim pkg.yaml
- hosts:websrvs
remote_user:root
vars:- pkgname:memcahed
tasks:- name: install a package
yum:name={{ pkgname }} state=present
- name: install a package
- pkgname:memcahed
ansible-playbook -e pkgname=vsftpd pkg.yaml
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。