Ansible的Playbooks是Ansible用于配置,部署应用的结构化语言。Ansible的模块就好比shell命令,那么playbooks就好比shell脚本,在脚本中指定怎么使用哪些命令再加上一些判断语句等等。

Playbooks使用YAML文件来表示执行步骤。



---
- hosts: webservers
  vars:
    http_port: 80
    max_clients: 200
  remote_user: root
  tasks:
  - name: ensure apache is at the latest version
    yum: name=httpd state=latest
  - name: write the apache config file
    template: src=/srv/httpd.j2 dest=/etc/httpd.conf
    notify:
    - restart apache
  - name: ensure apache is running (and enable it at boot)
    service: name=httpd state=started enabled=yes
  handlers:
    - name: restart apache
      service: name=httpd state=restarted


也可以写成这样:

---
- hosts: webservers
  vars:
    http_port: 80
    max_clients: 200
  remote_user: root
  tasks:
  - name: ensure apache is at the latest version
    yum:
      name: httpd
      state: latest
  - name: write the apache config file
    template:
      src: /srv/httpd.j2
      dest: /etc/httpd.conf
    notify:
    - restart apache
  - name: ensure apache is running
    service:
      name: httpd
      state: started
  handlers:
    - name: restart apache
      service:
        name: httpd
        state: restarted


Playbooks中也可以包含多个plays。

---
- hosts: webservers
  remote_user: root

  tasks:
  - name: ensure apache is at the latest version
    yum: name=httpd state=latest
  - name: write the apache config file
    template: src=/srv/httpd.j2 dest=/etc/httpd.conf
    
    
- hosts: databases
  remote_user: root

  tasks:
  - name: ensure postgresql is at the latest version
    yum: name=postgresql state=latest
  - name: ensure that postgresql is started
    service: name=postgresql state=running


hosts 行指定匹配的主机组或者主机,以逗号","分隔

remote_user 指定远程执行task步骤的用户

       remote_user在Ansible1.4之前被叫做user

也可以为每个task单独指定远程执行用户

---
- hosts: webservers
  remote_user: root
  tasks:
    - name: test connection
      ping:
      remote_user: yourname


使用提权用户执行

---
- hosts: webservers
  remote_user: yourname
  become: yes


为单个task指定become

---
- hosts: webservers
  remote_user: yourname
  tasks:
    - service: name=nginx state=started
      become: yes
      become_method: sudo


以自身用户登录然后以root意外的用户执行


---
- hosts: webservers
  remote_user: yourname
  become: yes
  become_user: postgres



---
- hosts: webservers
  remote_user: yourname
  become: yes
  become_method: su



任务列表 Task lists

tasks:
  - name: make sure apache is running
    service: name=httpd state=running


每个play都包含了一系列tasks。command和shell模块可以只带几个参数,不必写成key=value的形式

tasks:
  - name: disable selinux
    command: /sbin/setenforce 0


每个需要执行的task都必须要有一个name用于表示执行步骤


command和shell模块关系返回码,如果有命令执行成功退出码不是0,可以这样:

tasks:
  - name: run this command and ignore the result
    shell: /usr/bin/somecommand || /bin/true


或者:

tasks:
  - name: run this command and ignore the result
    shell: /usr/bin/somecommand
    ignore_errors: True


如果执行行太长可以分行写:

tasks:
  - name: Copy ansible inventory file to client
    copy: src=/etc/ansible/hosts dest=/etc/ansible/hosts
            owner=root group=root mode=0644


执行可以使用变量。假设定义了一个vhost的变量:

tasks:
  - name: create a virtual host file for {{ vhost }}
    template: src=somefile.j2 dest=/etc/httpd/conf.d/{{ vhost }}



Handlers: Running Operations On Change

- name: template configuration file
  template: src=template.j2 dest=/etc/foo.conf
  notify:
     - restart memcached
     - restart apache


notify行列出的区域就叫做handlers

Handlers are lists of tasks,not really any different from regular tasks,that are refercenced by a globaly unique name.Handlers are what notifiers notify.

如果没有通知handler,notify区域将不会执行。

handlers:
    - name: restart memcached
      service: name=memcached state=restarted
    - name: restart apache
      service: name=apache state=restarted

Handlers最适用于重启服务和触发重启服务。


执行playbook

# ansible-playbook -i ansible_hosts install_apache.yml -f 10


执行playbook之前最好检查下有哪些主机会被执行,防止误操作

# ansible-playbook -i ansible_hosts install_apache.yml -f 10  --list-hosts




ansible-pull

ansible默认是以push的方式工作,即ansible主动推送执行任务给各个节点。也可以使用pull的方式,让各个节点从中心拉取配置然然后执行。



Playbooks Roles and Include Statements


假设想要在多个plays或者playbooks之间重用tasks,可以使用include


---# possibly saved as tasks/foo.yml
- name: placeholder foo
  command: /bin/foo
- name: placeholder bar
  command: /bin/bar


include 指令可以这样使用

tasks:

  - include: tasks/foo.yml



还可以给include传递参数

tasks:
  - include: wordpress.yml wp_user=timmy
  - include: wordpress.yml wp_user=alice
  - include: wordpress.yml wp_user=bob


也可以这样:

tasks:

  - include: wordpress.yml
    vars:
        wp_user: timmy
        ssh_keys:
          - keys/one.txt
          - keys/two.txt


传递的变量可以在被包含的文件中使用,使用变量的方式如下:

{{ wp_user }}









参考文档:

http://docs.ansible.com/ansible/playbooks.html

https://github.com/ansible/ansible-examples/blob/master/windows/deploy-site.yml

http://docs.ansible.com/ansible/intro_patterns.html