Ansible playbook

1.什么是playbook

• playbook :定义一个文本文件，以yml为后缀结尾，那playbook组成以下、
• play：定义的是主机的角色
• task: 定义的是具体执行的任务
• 总结：playbook是由一个或多个play组成，一个play能够包含多个task任务。
• 能够理解为：使用不一样的模块来共同完成一件事情

playbook 剧本 <---------文件 YAML

• play 找谁 <----------找那个主机 web01
• task 作什么 <----------- 干什么事情 yum copy service

2.playbook和AD-HOc区别

• playbook 是对AD-HOC 的一种编排方式
• playbook 能够持久运行，而AD-HOC 只能临时运行
• playbook 适合复杂任务，而AD-HOC适合作简单的任务
• playbook能控制任务执行的前后顺序

3.playbook 三板斧 ？ 缩进 冒号 短横线（语法格式）

语法	描述
缩进	YAML 使用固定的缩进风格表示层级结构，每一个缩进由两个空格组成，不能使用tabs
冒号	以冒号结尾的除外，其余全部冒号后面全部必须有空格
短横线	表示列表项，使用一个短横线加一个空格，多个项使用一样的缩进级别做为同一列表

• 示例 在/tmp 目录下建立123.txt 属主 root 属组 root 权限0600

- hosts: webservers
  tasks:
    - name: create New File
      file: path=/tmp/123.txt state=touch  owner=root group=root mode=0600
    - name: create New File2
      file:
        path: /tmp/789.txt
        state: touch
        owner: root
        group: root
        mode: 0666

[root@m01 project]# ansible-playbook  --syntax f1.yml  -i hosts
 测试代码是否正确

ansible-playbook -C f1.yml -i hosts
测试环境

4.playbook 写服务 （NFS HTTPD Nginx LAMP）

• 案列一 使用ansible playbook安装并配置nfs服务

#172.16.1.31  nfs
#172.16.1.7   server
#172.16.1.8   cliniet

 
#1. 新增一台nfs服务器
vim ./project/hosts
[webservers]
172.16.1.7
172.16.1.8

[nfsservers]
172.16.1.31
[root@m01 project]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.41

#2. 测试三台主机是否通
[root@m01 project]# ansible all -m ping -i hosts
#3.编写一个nfs-sever的yml
1. 安装nfs      yum
2. 配置nfs      copy
3.初始化环境     
        用户      group user 
        目录      file
        受权      file
4. 启动服务        systemd
[root@m01 project]# cat backup/nfs_server.yml 
- hosts:  nfsservers
  tasks:
    - name:  installed nfs server
      yum:
        name:  nfs-utils
        state:  present
        
    - name:  configure nfs server
      copy:  
        src:  ./file/exports.j2
        dest:  /etc/exports
        owner:  root
        group:  root
        mode:  0644
        backup:  yes
        
    - name:  create nfs group www
      group:  
        name:  www
        gid:  666

    - name:   create nfs user www  
      user:  
        name:  www
        group:  www
        uid:  666
        create_home:  no
        shell:  /sbin/nologin
        
    - name:  create  nfs directory 
      file:
        path:  /ansible_data
        state:  directory
        owner:  www
        group:  www
        mode:  0755
        recurse:  yes
        0
    - name:  systemd nfs server
      systemd:
        name:  nfs
        state:  restarted
        enabled:  yes       

scp -rp /etc/exports root@172.16.1.61 :/root/project/file/exports.j2
#4.编写一个nfs-client的yml
[root@m01 project]# vim backup/nfs_client.yml 

- hosts:  webservers
  tasks:
    - name:  mount nfs server server share directory
      mount:
        src:  172.16.1.31:/ansible_data
        path:  /mnt
        fstype:  nfs
        opts:  defaults
        state:  mounted

• 案列二 使用ansible playbook安装并配置nginx服务

1.安装                   yum

2.配置                   copy

3.启动                   systemd

[root@m01 project]# vim httpd_server.yml +17

- hosts: webservers
  tasks:
    - name: install nginx server
      yum:
        name: nginx
        state: present
    - name: cohfig nginx server
      copy:
        src: ./file/nginx.j2
        dest: /etc/nginx/nginx.conf
        owner: root
        grep:  root
        mode:  0644
        backup: yes
      notify: RESTATR NGINX SERVER
    - name: sytemd nginx server
      systemd:
        name: nginx
        state: started
  handlers:
    - name: RESTART NGINX SERVER
      systemd:
        name: nginx
        state: restarted
scp -rp /etc/nginx/nginx.conf root@172.16.1.61:/root/project/file/nginx.j2

• -案列三 使用Ansible playbook方式构建lap架构

1.使用yum 安装httpd php firewalld 

2.使用get_url 下载 http://fj.xuliangwei.com/public/index.php

3.启动httpd firewalld 等服务

4.添加防火墙规则 放行httpd的流量，并永久生效

[root@m01 project]# cat backup/kedao_server.yml 
- hosts:  web
  tasks:  
    - name:  install  php server
      yum:  
        name:  php
        state:  present
    - name:  install  http server
      yum:  
        name:  httpd
        state: present
    - name:  config http services
      get_url:
        url:  http://fj.xuliangwei.com/public/index.php
        dest:  /var/www/html/index.php
        mode:  0644
    - name:  systemd httpd server
      systemd:  
        name:  httpd
        state:  restarted
    - name:  systemd firewalld server
      systemd:
        name:  firewalld
        state:  restarted
    - name:  configure firewalld roule
      firewalld:
        service:  http
        state:  enabled

• 案列4 使用Ansible playbook方式构建可道云网盘 LAP 架构

- hosts: web
  tasks:
    - name: Installed Httpd Server
      yum:
        name: httpd
        state: present

    - name: Installed PHP Server
      yum:
        name: php
        state: present

    - name: Get kodcloud Code
      synchronize:
        src: ./file/kod
        dest: /var/www/html/kodcloud

    - name: Chomod kodcloud
      file:
        path: /var/www/html/
        owner: root
        group: root
        mode: 0777
        recurse: yes

    - name: Systemd Httpd Server
      systemd:
        name: httpd
        state: restarted

• 案列5 使用ansible playbook方式构建可道云网盘 LNP架构

  - hosts: web
    tasks:
  
       #1.配置yum源仓库 nginx php
      - name: Installed Nginx repo
        yum_repository:
          name: nginx
          description: nginx repos
          baseurl: http://nginx.org/packages/centos/$releasever/$basearch/
          gpgcheck: no
  
       #2.配置yum源仓库 php
      - name: Installed PHP repo
        yum_repository:
          name: webtatic-php
          description: php repos
          baseurl: http://us-east.repo.webtatic.com/yum/el7/x86_64/ 
          gpgcheck: no
  
      #3.安装nginx和php
      - name: Installed Nginx and PHP Packages
        yum:
          name: "{{ packages }}"
        vars:
          packages: 
            - nginx
            - php71w
            - php71w-cli
            - php71w-common
            - php71w-devel
            - php71w-gd
            - mod_php71w
            - php71w-fpm
            - php71w-opcache
  
      #4.建立程序启动的用户身份
      - name: Create Group www
        group:
          name: www
          gid: 666
  
      - name: Create User www
        user:
          name: www
          group: www
          uid: 666
          create_home: no
          shell: /sbin/nologin
  
       #5.管理nginx配置文件
      - name: Configure nginx.conf 
        copy:
          src: ./file/nginx.conf.j2
          dest: /etc/nginx/nginx.conf
        notify: Restart Nginx Server
  
       #6.管理php-fpm配置文件
      - name: Configure php-fpm.conf
        copy:
          src: ./file/php-www.conf.j2
          dest: /etc/php-fpm.d/www.conf
        notify: Restart PHP-FPM Server
  
       #6.添加kodcloud虚拟主机(检测语法)
      - name: Add Nginx VirtHost kod.oldxu.com
        copy:
          src: ./file/kold.oldxu.com.conf.j2
          dest: /etc/nginx/conf.d/kold.oldxu.com.conf
        notify: Restart Nginx Server
  
      - name: Init Nginx BseEnv
        file:
          path: /code
          state: directory
          owner: www
          group: www
          recurse: yes
  
      - name: Push KodCloud Code
        synchronize:
          src: ./file/kod
          dest: /code/
  
      - name: Chomod kodcloud
        file:
          path: /code
          owner: www
          group: www
          mode: 0777
          recurse: yes
  
      - name: Systemd Nginx Server
        systemd:
          name: nginx
          state: started
          enabled: yes
  
      - name: Systemd PHP-FPM Server
        systemd:
          name: php-fpm
          state: started
          enabled: yes
  
  
  #当nginx或php配置文件发生变动才会触发此操做
    handlers:
      - name: Restart Nginx Server
        systemd:
          name: nginx
          state: restarted
  
      - name: Restart PHP-FPM Server
        systemd:
          name: php-fpm
          state: restarted