Ansible权威指南笔记（粗略）

在托管节点上安装

python

解释器

ansible myhost --sudo -m raw -a "yum install -y python2 python-simplejson"

各个平台上安装

ansible http://www.ansible.com.cn/docs/intro_installation.html

#python

多环境管理：

pyenv

和

virutalenv

etc/ansible: ansible.cfg hosts

#ansible.cfg

inventory

library

module_name

########################################

ansible all -m ping -u root --sudo

ansible all -m copy -a "src=/etc/fstab dest=/tmp/fstab owner=root group=root

mode=644 backup=yes"

ansible-galaxy init,install,list,remove

ansible-pull

定期执行任务

ansible-doc -l

ansible-doc ping

ansible-playbook playbook.yml

ansible-vault encrypt/decrypt xx.yml

加密解密

########hosts

192.168.1.1

ntp.mmm.com:222

[xxx]

xx[10:20].xx.com

[xxx:vars]

xx=aa

cc=bb

[webservers:children]

ansible_ssh_host

ansible_ssh_port

ansible_ssh_user

ansible_ssh_pass

ansible_ssh_private_key_file=

############################

ansible webs -m service -a "name=httpd state=restarted"

ansible "webs1:webs2"

ansible "webs1:!xxx"

ansible "webs1:&xx:!xxxx"

ansible ~web1* #

正则匹配主机

###################################

ansible -i inventory

-f

线程数

--private-key

-m

-M

模块路径

-k

认证密码

-K sudo

密码

-o

输出成一行

-s sudo

-T

时间

-B

后台执行命令的时间

-u

用户

-l

指定运行的主机

###################

ansible proxy -f 5 -m ping

ansible proyx -s -m command -a "hostname"

ansible proxy --list

time ansible 192.168.1.1 -B 5 -P 2 -T 2 -m command -a 'sleep 20' -u root ##

对

192.168.1.1

以用户

root

执行

sleep 20

，设置最大连接超时时长为

#2s

，且设置为后台运行模式，执行过程每

输出一次进度，如

还未执行完则终止该任务。

ansible apps -a "df -lh"

ansible apps -m shell -a "free -m"

ansible apps -m yum -a "name=redhat-lsb state=present"

ansible apps -m yum -a "name=ntp state=present"

ansible apps -m service -a "name=ntpd state=started enabled=yes"

ansible apps -m command -a "service ntpd status" --limit "192.168.1.22"

###################################

新增用户

ansible db -m user -a 'name=dba shell=/bin/bash groups=admins,dbagroup

append=yes home=/home/dba/ state=present'

ansible db -m user -a 'name=dba groups=ddd append=no' #

变更用户属性

ansible db -m user -a 'name=dba state=absent remove=yes' #

删除用户

ansible db -m user -a "name=tom shell=/bin/bash password=to32cxooiudsof

update_password=always" ##

变更密码，密码必须自己

sha-512

生成

ansible xx -m win_user -a "name=stanly password=xxxxxxx group=Administrators"

##win

用户

ansible xx -m mysql_user -a "login_host=localhost login_password=123456

login_user=root name=stanly password=123456 priv=zabbix.*:ALL state=present"

###

新增

mysql

用户

###########################################################

##yaml

语法

不要使用

tab

相同阶层的元素左对齐

##########

########playbook

语法

--- #

开头

- hosts: webservers

vars:

http_pot: 80

max_clients: 222

remote_user: root

tasks:

- name: ensdlfjsd

yum: pkg=httpd state=latest

- name: xx

template: src=/srv/httpd.j2 dest=/etc/httpd.conf

notify: restart apache

- name: xx

service: name=httpd state=started

handlers:

- name: restart apache

service: name=httpd state=restarted

#################################

############shellplaybook

---

- hosts: all

tasks:

- name: "setup apache"

command: yum install --quiet -y httpd httpd-devel

- name: "copy configure"

command: cp /tmp/httpd.conf /etc/httpd/conf/httpd.conf

command: cp /tmp/httpd-vhosts.conf /etc/httpd/conf/httpd-vhosts.conf

command: service httpd start

command: chkconfig httpd on

####################################################ansible-playbook

./playbook.yml

ansible-playbook --limit xx.com

ansible-playbook --list-hosts #

列出哪些主机受影响

--remote-user=tom

#########node.js

不全

---

- hosts: all

tasks:

- name: gpg

rpm_key: "key={{ item }} state=present"

with_items:

- "http://rpms.famillecollet.com/RPM-GPG-KEY-remi"

- name: install remi repo

command: "rpm -Uvh --force {{ item.href }} creates={{ item.creates }}"

with_items:

- href: "http://rpms.famillecollet.com/enterprise/remi-release-6.rpm"

- creates: "/etc/yum.repos.d/remi.repo"

yum: name=epel-release state=present

service: name=iptables state=stopped

service: name=firewalld state=stopped

yum: name=npm state=present enablerepo=epel

command: npm config set registry https://registry.npm.taobao.org

command: npm config set strict-ssl false

npm: name=forever global=yes state=latest

file: "path={{ node_apps_location }} state=directory"

copy: "src=app dest={{ node_apps_location }}"

npm: "path={{ node_apps_location }}/app"

########################################################ansible-playbook

--extra-vars="node_apps_location=/usr/local/opt/node"

###ansible

安装部署

drupal https://www.howtoing.com/how-to-create-an-ansible-

playbook-to-automate-drupal-installation-on-ubuntu-14-04/

###ansible

安装部署

tomcat https://www.cnblogs.com/Carr/p/7447309.html

http://blog.51cto.com/miaocbin/1893759

###ansible

安装部署

JDK https://www.cnblogs.com/guxiong/p/7241885.html

###handler

模块

handlers:

- name: restart apache

service: name=apache2 state=restarted

notify: restart memcached

- name: restart memcached

service: name=memcached state=restarted

notify:

- restart apache

- restart memcached

###################

ansible-playbook xx.yml --extra-vars "foo=bar"

ansible-playbook xx.yml --extra-vars "@xx.json"

主机变量

host1 xx=bar {{ hostvars['host1']['xx'] }}

#gather_facts: no

在远程主机上

/etc/ansible/xx.fact

，则

setu

模块将返回

fact

的内容

[users]

admin=xx

###

条件判断

- name:

[task xxx]

when: software_version.split('.')[0] == '4'

##register

- command: my-app --status

-command: do-something-to-my-app

when: "'ready' in myapp_result.stdout"

#myapp_result.stdout.find('xxx') == -1

####################

如果

PHP

为

，则降级

- shell: php --version

- shell: yum -y downgrade php*

when: "'7.0' in php_version.stdout"

#####

####

如果主机的

hosts

不存在，就传一个文件过去

- stat: path=/etc/hosts

- copy: src=path/local/file dest=/path/remote/file

when: hosts_file.stat.exists == false

################################

交互

hosts: all

vars_prompt:

- name: user

prompt: "what is your name"

#######confirm

为用户输入两次

#########wait_for

模块

delegate_to

模块

Ansible权威指南笔记（粗略）

你可能感兴趣的:(Ansible权威指南笔记（粗略）)