天天看點
傳回

ansible 快速簡單應用背景說明playbook 劇本

ansible簡單應用

  • 背景
  • 說明
    • 安裝
      • 版本問題不大,因為隻是用來做環境配置的
    • 配置
      • 請先生成ssh key, 這裡不說明了
    • inventory 配置(host list)
      • 生成 inventory 預設配置檔案
      • 檔案内容
      • 測試一下
  • playbook 劇本
    • playbook是什麼
    • yml組成
    • run
    • 末尾

背景

說明

ansible 是由python編寫,輕量級的配置管理、配置工具、部署工具。本文章為安裝、部署應用。

需要用的時候,網上找資料,長篇大論的真的煩,并不是所有東西我都需要知道原理的,我隻是想達到這樣的效果,當我需要擴充或遇到問題的時候才需要知道他的實作吧?我隻要知道,他可以做到這樣的效果并且一些注意事項和最佳實踐。

安裝

版本問題不大,因為隻是用來做環境配置的

  1. pip 20.0.2
  2. python3.8 
pip install ansible

配置

請先生成ssh key, 這裡不說明了 

# 推送本機的ssh key到遠端伺服器 
# 192.0.0.1 為你遠端的伺服器ip
ssh-copy-id [email protected]

# 測試一下 是否能正常登陸
ssh [email protected]

inventory 配置(host list)

生成 inventory 預設配置檔案 

sudo mkdir /etc/ansible
sudo vi /etc/ansible/hosts

檔案内容 

[test]  # 分組
192.0.0.1 ansible_user=username # 遠端伺服器位址

測試一下 

ansible test -m ping
# 綠色成功
# 其他色失敗,如失敗請谷歌 msg 内的内容

一般這個時候我們需要執行 help:

# ansible --help

usage: ansible [-h] [--version] [-v] [-b] [--become-method BECOME_METHOD] [--become-user BECOME_USER] [-K] [-i INVENTORY] [--list-hosts] [-l SUBSET] [-P POLL_INTERVAL] [-B SECONDS] [-o] [-t TREE] [-k]
               [--private-key PRIVATE_KEY_FILE] [-u REMOTE_USER] [-c CONNECTION] [-T TIMEOUT] [--ssh-common-args SSH_COMMON_ARGS] [--sftp-extra-args SFTP_EXTRA_ARGS] [--scp-extra-args SCP_EXTRA_ARGS]
               [--ssh-extra-args SSH_EXTRA_ARGS] [-C] [--syntax-check] [-D] [-e EXTRA_VARS] [--vault-id VAULT_IDS] [--ask-vault-pass | --vault-password-file VAULT_PASSWORD_FILES] [-f FORKS]
               [-M MODULE_PATH] [--playbook-dir BASEDIR] [-a MODULE_ARGS] [-m MODULE_NAME]
               pattern

Define and run a single task 'playbook' against a set of hosts

positional arguments:
  pattern               host pattern

optional arguments:
  --ask-vault-pass      ask for vault password
  --list-hosts          outputs a list of matching hosts; does not execute anything else
  --playbook-dir BASEDIR
                        Since this tool does not use playbooks, use this as a substitute playbook directory.This sets the relative path for many features including roles/ group_vars/ etc.
  --syntax-check        perform a syntax check on the playbook, but do not execute it
  --vault-id VAULT_IDS  the vault identity to use
  --vault-password-file VAULT_PASSWORD_FILES
                        vault password file
  --version             show program's version number, config file location, configured module search path, module location, executable location and exit
  -B SECONDS, --background SECONDS
                        run asynchronously, failing after X seconds (default=N/A)
  -C, --check           don't make any changes; instead, try to predict some of the changes that may occur
  -D, --diff            when changing (small) files and templates, show the differences in those files; works great with --check
  -M MODULE_PATH, --module-path MODULE_PATH
                        prepend colon-separated path(s) to module library (default=~/.ansible/plugins/modules:/usr/share/ansible/plugins/modules)
  -P POLL_INTERVAL, --poll POLL_INTERVAL
                        set the poll interval if using -B (default=15)
  -a MODULE_ARGS, --args MODULE_ARGS
                        module arguments
  -e EXTRA_VARS, --extra-vars EXTRA_VARS
                        set additional variables as key=value or YAML/JSON, if filename prepend with @
  -f FORKS, --forks FORKS
                        specify number of parallel processes to use (default=5)
  -h, --help            show this help message and exit
  -i INVENTORY, --inventory INVENTORY, --inventory-file INVENTORY
                        specify inventory host path or comma separated host list. --inventory-file is deprecated
  -l SUBSET, --limit SUBSET
                        further limit selected hosts to an additional pattern
  -m MODULE_NAME, --module-name MODULE_NAME
                        module name to execute (default=command)
  -o, --one-line        condense output
  -t TREE, --tree TREE  log output to this directory
  -v, --verbose         verbose mode (-vvv for more, -vvvv to enable connection debugging)

Privilege Escalation Options:
  control how and which user you become as on target hosts

  --become-method BECOME_METHOD
                        privilege escalation method to use (default=sudo), use `ansible-doc -t become -l` to list valid choices.
  --become-user BECOME_USER
                        run operations as this user (default=root)
  -K, --ask-become-pass
                        ask for privilege escalation password
  -b, --become          run operations with become (does not imply password prompting)

Connection Options:
  control as whom and how to connect to hosts

  --private-key PRIVATE_KEY_FILE, --key-file PRIVATE_KEY_FILE
                        use this file to authenticate the connection
  --scp-extra-args SCP_EXTRA_ARGS
                        specify extra arguments to pass to scp only (e.g. -l)
  --sftp-extra-args SFTP_EXTRA_ARGS
                        specify extra arguments to pass to sftp only (e.g. -f, -l)
  --ssh-common-args SSH_COMMON_ARGS
                        specify common arguments to pass to sftp/scp/ssh (e.g. ProxyCommand)
  --ssh-extra-args SSH_EXTRA_ARGS
                        specify extra arguments to pass to ssh only (e.g. -R)
  -T TIMEOUT, --timeout TIMEOUT
                        override the connection timeout in seconds (default=10)
  -c CONNECTION, --connection CONNECTION
                        connection type to use (default=smart)
  -k, --ask-pass        ask for connection password
  -u REMOTE_USER, --user REMOTE_USER
                        connect as this user (default=None)

Some modules do not make sense in Ad-Hoc (include, meta, etc)

然後英文不好的,開始打開 https://translate.google.com/

# 由help我們得知
# -m module name to execute
# -a module arguments
# 于是我們可以試試

ansible all -a 'echo hello'
           
192.0.0.1 | CHANGED | rc=0 >>
hello

到現在我們就安裝好了ansible,并配置好了inventory hosts

playbook 劇本

playbook是什麼

Ansible的配置,部署,編排語言.他們可以被描述為一個需要希望遠端主機執行指令的方案,或者一組IT程式運作的指令集合.

yml組成 

---                       #固定格式
- hosts: 192.168.1.31     #定義需要執行主機
  remote_user: root       #遠端使用者
  vars:                   #定義變量
    http_port: 8088       #變量

  tasks:                             #定義一個任務的開始
    - name: create new file          #定義任務的名稱
      file: name=/tmp/test.txt state=touch   #調用子產品,具體要做的事情
    - name: create test user
      user: name=test system=yes shell=/sbin/nologin
    - name: install redis
      yum: name=httpd
    - name: config httpd
      template: src=./httpd.conf dest=/etc/httpd/conf/httpd.conf
      notify:                 #定義執行一個動作(action)讓handlers來引用執行,與handlers配合使用
        - restart apache      #notify要執行的動作,這裡必須與handlers中的name定義内容一緻
    - name: copy index.html
      copy: src=/var/www/html/index.html dest=/var/www/html/index.html
    - name: start httpd
      service: name=httpd state=started
  handlers:                                    #處理器:更加tasks中notify定義的action觸發執行相應的處理動作
    - name: restart apache                     #要與notify定義的内容相同
      service: name=httpd state=restarted      #觸發要執行的動作

run 

ansible-playbook file_name.yml ... [options]
--check  or -C    #隻檢測可能會發生的改變,但不真正執行操作
--list-hosts      #列出運作任務的主機
--list-tags       #列出playbook檔案中定義所有的tags
--list-tasks      #列出playbook檔案中定義的是以任務集
--limit           #主機清單 隻針對主機清單中的某個主機或者某個組執行
-f                #指定并發數,預設為5個
-t                #指定tags運作,運作某一個或者多個tags。(前提playbook中有定義tags)
-v                #顯示過程  -vv  -vvv更詳細

末尾

這隻是簡單的應用,如果需要項目化,還是要看看文檔的。個人用足夠了。
Python 運維
上一篇: ansible的進階應用-roles
下一篇: 【黑馬程式員】————Foundation架構02常用類—字元類

繼續閱讀