-i : 指定加载hosts文件,默认为/etc/ansible/hosts
-e : 定义变量
-f : 并发处理服务器数量,默认是5
-C : 测试
# vars定义
---
- hosts: test
remote_user: root
vars:
- pkg:
- lrzsz
- telnet
- tool: unzip
tasks:
- name: install pkg
yum: name={{ tool }} state=latest
tags: install
- name: uninstall pkg
yum: name={{ pkg }} state=absent
tags: uninstall
# vars_files定义
[root@node110 yml]# cat 1.yml
---
- hosts: test
remote_user: root
vars_files: /usr/local/src/ansible/yml/var.yml
tasks:
- name: install pkg
yum: name={{ pkg }} state=latest
tags: install
- name: uninstall pkg
yum: name={{ pkg }} state=absent
tags: uninstall
[root@node110 yml]# cat var.yml
pkg:
- lrzsz
- telnet
[root@node110 yml]# cat 3.yml
---
- hosts: test
remote_user: root
tasks:
- name: install pkg
yum: name={{ pkg1 }} state=latest
tags: install
- name: uninstall pkg
yum: name={{ pkg2 }} state=absent
tags: uninstall
# 执行play时,-e定义变量
[root@node110 yml]# ansible-playbook 3.yml -e "pkg1=lrzsz" -e "pkg2=telnet"
[root@manager ~]# cat /etc/ansible/hosts
[nfs]
10.0.0.20 file_name=file1
[nfs:vars]
file_name=file2
命令行 > vars_file > playbook vars > host_vars > group_vars
# 与when结合使用
- ansible_fqdn:主机名
- ansible_default_ipv4.address:ip地址
- ansible_date_time.date:系统日期
- ansible_distribution:发行版本
- ansible_distribution_major_version:大版本
- ansible_distribution_version:小版本
# hosts配置文件
- ansible_ssh_host: 访问ip地址,用于远程主机多ip场景
- ansible_ssh_user:访问用户
- ansible_ssh_pass:访问密码
- ansible_ssh_port: ssh端口
- ansible_become:是否进行提权操作,[true|false]
- ansible_become_pass:提权密码
- ansible_become_user: 提权用户
- ansible_sudo_pass:sudo密码
# 关闭信息收集
---
- hosts: websrv
remote_user: root
gather_facts: no //默认开启
# 示例
[root@node110 yml]# cat var.yml
pkg:
lnmp:
var1: lrzsz
var2: telnet
file_name:
lamp:
var1: test_vars_files
var2: localdir
[root@node110 yml]# cat 5.yml
---
- hosts: test
remote_user: root
vars_files: /usr/local/src/ansible/yml/var.yml
tasks:
- name: touch files
file: name=/tmp/{{ file_name.lamp.var2 }} state=directory
- name: check files
shell: ls -lrt /tmp
register: touch_result
- name: print result info
debug: msg={{ touch_result.stdout_lines }}
# 示例
[root@node110 yml]# cat 6.yml
---
- hosts: test
remote_user: root
tasks:
- name: one term
shell: date
when: ansible_default_ipv4.address == "192.168.1.103"
- name: or
shell: df -h
when: (ansible_fqdn == "node104") or (ansible_distribution_major_version == "6")
- name: and
shell: vmstat
when: (ansible_fqdn == "node104") and (ansible_distribution_major_version == "7")
- name: is match
shell: ls /tmp
when: ansible_fqdn is match ‘node*‘
[root@node110 yml]# ansible-playbook 6.yml
PLAY [test] *********************************************************************************************************
TASK [Gathering Facts] **********************************************************************************************
ok: [192.168.1.103]
ok: [192.168.1.104]
TASK [one term] *****************************************************************************************************
skipping: [192.168.1.104]
changed: [192.168.1.103]
TASK [or] ***********************************************************************************************************
changed: [192.168.1.103]
changed: [192.168.1.104]
TASK [and] **********************************************************************************************************
skipping: [192.168.1.103]
changed: [192.168.1.104]
TASK [is match] *****************************************************************************************************
changed: [192.168.1.103]
changed: [192.168.1.104]
PLAY RECAP **********************************************************************************************************
192.168.1.103 : ok=4 changed=3 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
192.168.1.104 : ok=4 changed=3 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
# 对注册变量进行返回值判断
[root@node110 yml]# cat 7.yml
---
- hosts: test
remote_user: root
tasks:
- name: check
shell: "rpm -qa | grep lrzsz"
ignore_errors: true
register: check_lrzsz
- name: install lrzsz
yum: name=lrzsz state=latest
when: check_lrzsz.rc != 0
# with_items变量
- name: start php and nginx
systemd: name={{ item }} state=started enable=yes
with_items:
- nginx
- php-fpm
# with_items字典
- name: copy conf and code
copy: src={{ item.src }} dest={{ item.dest }} mode={{ item.mode }}
with_items:
- { src: "./httpd.conf", dest: "/etc/httpd/conf/", mode: "0644" }
- { src: "./upload_file.php", dest: "/var/www/html/", mode: "0600" }
# vars
- name: install pkg
yum: name={{ packages }}
vars:
packages:
- smem
- http-tools
# 通过tags和任务对象进行捆绑,控制部分或者指定的task执行
-t: 执行指定的tag标签任务,多个tags用逗号分隔
--skip-tags: 执行--skip-tags之外的标签任务
[root@node110 yml]# cat 8.yml
---
- hosts: all
remote_user: root
tasks:
- name: Install Nfs Server
yum: name=nfs-utils state=present
tags:
- install_nfs
- install_nfs-server
- name: Service Nfs Server
service: name=nfs-server state=started enabled=yes
tags: start_nfs-server
[root@node110 yml]# ansible-playbook -t install_nfs 8.yml
[root@node110 yml]# ansible-playbook --skip-tags install_nfs-server 8.yml
# 普通执行
[root@node110 yml]# cat 9.yml
---
- hosts: test
remote_user: root
tasks:
- name: make testfile1
file: path=/testdir/testfile1
state=directory
notify: ht2
- name: make testfile2
file: path=/testdir/testfile2
state=directory
notify: ht1
handlers:
- name: ht1
file: path=/testdir/ht1
state=touch
- name: ht2
file: path=/testdir/ht2
state=touch
# 中途执行meta
[root@server4 ~]# cat mkdir2.yml
---
- hosts: test
remote_user: root
tasks:
- name: task1
file: path=/testdir/testfile
state=touch
notify: handler1
- name: task2
file: path=/testdir/testfile2
state=touch
notify: handler2
- meta: flush_handlers
- name: task3
file: path=/testdir/testfile3
state=touch
notify: handler3
handlers:
- name: handler1
file: path=/testdir/ht1
state=touch
- name: handler2
file: path=/testdir/ht2
state=touch
- name: handler3
file: path=/testdir/ht3
state=touch
# listen调用多个handler
[root@server4 ~]# cat mkdir3.yml
---
- hosts: test
remote_user: root
tasks:
- name: task1
file: path=/testdir/testfile
state=touch
notify: handler group1
handlers:
- name: handler1
listen: handler group1
file: path=/testdir/ht1
state=touch
- name: handler2
listen: handler group1
file: path=/testdir/ht2
state=touch
[root@mha ~]# cat main.yml
- hosts: all
remote_user: root
tasks:
- include_tasks: f20.yml
- include_tasks: f21.yml
[root@mha ~]# cat f20.yml
- name: create file1
shell: touch file1
[root@mha ~]# cat f21.yml
- name: create file2
shell: touch file2
# template与copy区别: template可以解析变量、执行流程控制语句
# 要想在配置文件中使用jinj2,playbook中的tasks必须使用template模块
# 模板配置文件里面使用变量,比如 {{ PORT }} 或使用 {{ facts 变量 }}
# 循环表达式
{% for i in EXPR %}
...
{% endfor %}
# 条件判断
{% if EXPR %}
...
{% elif EXPR %}
...
{% endif %}
# 判断
{% if ansible_fqdn == "web01" %}
echo 123
{% elif ansible_fqdn == "web02" %}
echo 456
{% else %}
echo 789
{% endif %}
# 循环
{% for i in range(1,10) %}
server 172.16.1.{{ i }};
{% endfor %}
[root@m01 ~]# cat keepalived.yml
- hosts: lb_group
tasks:
- name: copy file
template:
src: ./keepalived.j2
dest: /etc/keepalived/keepalived.conf
notify: restart keepalived
handlers:
- name: restart keepalived
systemd:
name: keepalived
state: restarted
[root@m01 ~]# vim keepalived.j2
global_defs {
router_id {{ ansible_fqdn }}
}
vrrp_instance VI_1 {
{% if ansible_fqdn == "lb01" %}
state MASTER
priority 150
{% else %}
state BACKUP
priority 100
{% endif %}
interface eth0
virtual_router_id 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
[root@netposa src]# cat nginx.yml
---
- hosts: test
remote_user: root
vars:
nginx_vhosts:
- web1:
listen: 8080
root: "/var/www/nginx/web1"
- web2:
listen: 8081
server_name: "web2"
root: "/var/www/nginx/web2"
- web3:
listen: 8082
server_name: "web3"
root: "/var/www/nginx/web3"
tasks:
- name: cy template
template: src=/usr/local/src/nginx.conf.j2 dest=/tmp/nginx.conf
[root@netposa src]# cat nginx.conf.j2
{% for vhost in nginx_vhosts %}
server {
listen {{ vhost.listen }}
{% if vhost.server_name is defined %}
server_name {{ vhost.server_name }}
{% endif %}
root {{ vhost.root }}
}
{% endfor %}
[root@netposa src]# ansible-playbook nginx.yml
原文:https://www.cnblogs.com/ly447742/p/14068685.html