#创建角色相关的目录 mkdir -pv /data/ansible/roles/httpd/{tasks,handlers,files} #创建角色相关的文件 cd /data/ansible/roles/httpd/ vim tasks/main.yml - include: group.yml - include: user.yml - include: install.yml - include: config.yml - include: index.yml - include: service.yml vim tasks/user.yml - name: create apache user user: name=apache system=yes shell=/sbin/nologin home=/var/www/ uid=80 group=apache vim tasks/group.yml - name: create apache group group: name=apache system=yes gid=80 vim tasks/install.yml - name: install httpd package yum: name=httpd vim tasks/config.yml - name: config file copy: src=httpd.conf dest=/etc/httpd/conf/ backup=yes notify: restart vim tasks/index.yml - name: index.html copy: src=index.html dest=/var/www/html/ vim tasks/service.yml - name: start service service: name=httpd state=started enabled=yes vim handlers/main.yml - name: restart service: name=httpd state=restarted #在files目录下准备两个文件 ls files/ httpd.conf index.html tree /data/ansible/roles/httpd/ /data/ansible/roles/httpd/ ├── files │ ├── httpd.conf │ └── index.html ├── handlers │ └── main.yml └── tasks ├── config.yml ├── group.yml ├── index.yml ├── install.yml ├── main.yml ├── service.yml └── user.yml 3 directories, 10 files #在playbook中调用角色 vim /data/ansible/role_httpd.yml --- # httpd role - hosts: websrvs remote_user: root roles: - httpd #运行playbook ansible-playbook /data/ansible/role_httpd.yml
mkdir -pv /data/ansible/roles/nginx/{tasks,handlers,templates,vars} #创建task文件 cd /data/ansible/roles/nginx/ vim tasks/main.yml - include: install.yml - include: config.yml - include: index.yml - include: service.yml vim tasks/install.yml - name: install yum: name=nginx vim tasks/config.yml - name: config file for centos7 template: src=nginx7.conf.j2 dest=/etc/nginx/nginx.conf when: ansible_distribution_major_version=="7" notify: restart - name: config file for centos8 template: src=nginx8.conf.j2 dest=/etc/nginx/nginx.conf when: ansible_distribution_major_version=="8" notify: restart vim tasks/index.yml - name: index.html copy: src=roles/httpd/files/index.html dest=/usr/share/nginx/html/ vim tasks/service.yml - name: start service service: name=nginx state=started enabled=yes #创建handler文件 cat handlers/main.yml - name: restart service: name=nginx state=restarted #创建两个template文件 cat templates/nginx7.conf.j2 ...省略... user {{user}}; worker_processes {{ansible_processor_vcpus+3}}; #修改此行 error_log /var/log/nginx/error.log; pid /run/nginx.pid; ...省略... cat templates/nginx8.conf.j2 ...省略... user nginx; worker_processes {{ansible_processor_vcpus**3}}; #修改此行 error_log /var/log/nginx/error.log; pid /run/nginx.pid; ...省略... #创建变量文件 vim vars/main.yml user: daemon #目录结构如下 tree /data/ansible/roles/nginx/ /data/ansible/roles/nginx/ ├── handlers │ └── main.yml ├── tasks │ ├── config.yml │ ├── file.yml │ ├── install.yml │ ├── main.yml │ └── service.yml ├── templates │ ├── nginx7.conf.j2 │ └── nginx8.conf.j2 └── vars └── main.yml 4 directories, 9 files #在playbook中调用角色 vim /data/ansible/role_nginx.yml --- #nginx role - hosts: websrvs roles: - role: nginx #运行playbook ansible-playbook /data/ansible/role_nginx.yml
mkdir -pv /data/ansible/roles/memcached/{tasks,templates} cd /data/ansible/roles/memcached vim tasks/main.yml - include: install.yml - include: config.yml - include: service.yml vim tasks/install.yml - name: install yum: name=memcached vim tasks/config.yml - name: config file template: src=memcached.j2 dest=/etc/sysconfig/memcached vim tasks/service.yml - name: service service: name=memcached state=started enabled=yes vim templates/memcached.j2 PORT="11211" USER="memcached" MAXCONN="1024" CACHESIZE="{{ansible_memtotal_mb//4}}" OPTIONS="" tree /data/ansible/roles/memcached/ /data/ansible/roles/memcached/ ├── tasks │ ├── config.yml │ ├── install.yml │ ├── main.yml │ └── service.yml └── templates └── memcached.j2 2 directories, 5 files vim /data/ansible/role_memcached.yml --- - hosts: appsrvs roles: - role: memcached ansible-play /data/ansible/role_memcached.yml
[root@ansible ~]#cat /data/ansible/roles/mysql/files/my.cnf [mysqld] socket=/tmp/mysql.sock user=mysql symbolic-links=0 datadir=/data/mysql innodb_file_per_table=1 log-bin pid-file=/data/mysql/mysqld.pid [client] port=3306 socket=/tmp/mysql.sock [mysqld_safe] log-error=/var/log/mysqld.log [root@ansible ~]#cat /data/ansible/roles/mysql/files/secure_mysql.sh #!/bin/bash /usr/local/mysql/bin/mysql_secure_installation <<EOF y magedu magedu y y y y EOF [root@ansible ~]#chmod +x /data/ansible/roles/mysql/files/secure_mysql.sh [root@ansible ~]#ls /data/ansible/roles/mysql/files/ my.cnf mysql-5.6.46-linux-glibc2.12-x86_64.tar.gz secure_mysql.sh [root@ansible ~]#cat /data/ansible/roles/mysql/tasks/main.yml - include: install.yml - include: group.yml - include: user.yml - include: unarchive.yml - include: link.yml - include: data.yml - include: config.yml - include: service.yml - include: path.yml - include: secure.yml [root@ansible ~]#cat /data/ansible/roles/mysql/tasks/install.yml - name: install packages yum: name=libaio,perl-Data-Dumper,perl-Getopt-Long [root@ansible ~]#cat /data/ansible/roles/mysql/tasks/group.yml - name: create mysql group group: name=mysql gid=306 [root@ansible ~]#cat /data/ansible/roles/mysql/tasks/user.yml - name: create mysql user user: name=mysql uid=306 group=mysql shell=/sbin/nologin system=yes create_home=no home=/data/mysql [root@ansible ~]#cat /data/ansible/roles/mysql/tasks/unarchive.yml - name: copy tar to remote host and file mode unarchive: src=mysql-5.6.46-linux-glibc2.12-x86_64.tar.gz dest=/usr/local/ owner=root group=root [root@ansible ~]#cat /data/ansible/roles/mysql/tasks/link.yml - name: mkdir /usr/local/mysql file: src=/usr/local/mysql-5.6.46-linux-glibc2.12-x86_64 dest=/usr/local/mysql state=link [root@ansible ~]#cat /data/ansible/roles/mysql/tasks/data.yml - name: data dir shell: chdir=/usr/local/mysql/ ./scripts/mysql_install_db --datadir=/data/mysql --user=mysql [root@ansible ~]#cat /data/ansible/roles/mysql/tasks/config.yml - name: config my.cnf copy: src=my.cnf dest=/etc/my.cnf [root@ansible ~]#cat /data/ansible/roles/mysql/tasks/service.yml - name: service script shell: /bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld;chkconfig --add mysqld;chkconfig mysqld on;/etc/init.d/mysqld start [root@ansible ~]#cat /data/ansible/roles/mysql/tasks/path.yml - name: PATH variable copy: content=‘PATH=/usr/local/mysql/bin:$PATH‘ dest=/etc/profile.d/mysql.sh [root@ansible ~]#cat /data/ansible/roles/mysql/tasks/secure.yml - name: secure script script: secure_mysql.sh [root@ansible ~]#tree /data/ansible/roles/mysql/ /data/ansible/roles/mysql/ ├── files │ ├── my.cnf │ ├── mysql-5.6.46-linux-glibc2.12-x86_64.tar.gz │ └── secure_mysql.sh └── tasks ├── config.yml ├── data.yml ├── group.yml ├── install.yml ├── link.yml ├── main.yml ├── path.yml ├── secure.yml ├── service.yml ├── unarchive.yml └── user.yml 2 directories, 14 files [root@ansible ~]#cat /data/ansible/mysql_roles.yml - hosts: dbsrvs remote_user: root roles: - {role: mysql,tags: ["mysql","db"]} - {role: nginx,tage: ["nginx","web"]} [root@ansible ~]#ansible-playbook -t mysql /data/ansible/mysql_roles.yml
vim /data/ansible/role_httpd_nginx.yml --- - hosts: websrvs roles: - {role: httpd,tags: [httpd,web], when: ansible_distribution_major_version=="7" } - {role: nginx,tags: [nginx,web], when: ansible_distribution_major_version=="8" } ansible-playbook -t nginx /data/ansible/role_httpd_nginx.yml
?
Ansible roles角色实战案例:httpd nginx memcached mysql
原文:https://blog.51cto.com/zhangxueliang/3332570