自动化运维工具ANSIBLE(六)

配置基于key的免密登陆远程主机

[ansible]# mkdir -pv /project/scripts/
[ansible]# vim /project/scripts/key.sh
#!/bin/bash
#
 ssh-keygen -P "" -t rsa -f /root/.ssh/id_rsa &> /dev/null
rpm -q expect &> /dev/null || yum install expect -y &> /dev/null
cat <<-EOF > host.pw
192.168.209.9 node1
192.168.209.49 node2
192.168.209.29 node3
192.168.209.39 node4
192.168.209.59 node5
EOF
while read IP PW;do
expect <<EOF
set timeout 20
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub root@$IP
expect {
"yes/no" { send "yes\n";exp_continue }
"password" { send "$PW\n" }
}
expect eof
EOF
done < host.pw

安装ansible，配置主机清单

[root@ansible ~]# yum-config-manager --enable sohu
[root@ansible ~]# yum-config-manager --enable epel
[root@ansible ~]# yum install ansible -y
[root@ansible ~]# ansible --version
[root@ansible ~]# vim /etc/ansible/hosts
[allnode]
192.168.209.9
192.168.209.29
192.168.209.39
192.168.209.49
192.168.209.59

[httpdsrvs]
192.168.209.9
192.168.209.49

[nginxsrvs]
192.168.209.39
192.168.209.59

ansible批量安装 mariadb-server(二进制)并启动

[root@ansible ~]# mkdir -pv /project/playbook/roles/mariadb/{vars,files,templates,handlers,tasks}
[root@ansible ~]# cd /project/playbook/roles/mariadb/files/
[root@ansible files]# rz
[root@ansible files]# ls
mariadb-10.2.25-linux-x86_64.tar.gz

[root@ansible files]# cd ../tasks/
[root@ansible tasks]# cat user.yml 
- name: create mysql
  user: name=mysql home=/data/mysql shell=/sbin/nologin system=yes create_home=no

[root@ansible tasks]# cat unarchive.yml 
- name: unarchive
  unarchive: src=mariadb-10.2.25-linux-x86_64.tar.gz dest=/usr/local/ copy=yes owner=root group=root

[root@ansible tasks]# cat link.yml 
- name: link
  file: src=/usr/local/mariadb-10.2.25-linux-x86_64 path=/usr/local/mysql state=link

[root@ansible tasks]# cat install_libaio.yml 
- name: install libiao-devel
  yum: name=libaio-devel state=present enablerepo=base
  when: ansible_distribution_major_version=="6"

[root@ansible tasks]# cat createdatadir.yml 
- name: createdatadir
  file: dest=/data/mysql state=directory owner=mysql group=mysql

[root@ansible tasks]# cat generatedata.yml 
- name: generatedata
  shell: chdir=/usr/local/mysql ./scripts/mysql_install_db --datadir=/data/mysql --user=mysql

[root@ansible tasks]# cat copyconfig.yml 
- name: copyconfig
  shell: cp /usr/local/mysql/support-files/my-huge.cnf /etc/my.cnf

[root@ansible tasks]# cat modifyconfig.yml 
- name: modifyconfig
  shell: sed -ri '/\[mysqld\]/a\datadir = /data/mysql' /etc/my.cnf

[root@ansible tasks]# cat copyscript.yml 
- name: copy script
  shell: cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld

[root@ansible tasks]# cat createpath.yml 
- name: create path
  copy: content='export PATH=/usr/local/mysql/bin:$PATH' dest=/etc/profile.d/mysql.sh

[root@ansible tasks]# cat start.yml 
- name: start mariadb-server
  shell: /etc/init.d/mysqld start

[root@ansible tasks]# cat main.yml 
- include: user.yml
- include: unarchive.yml
- include: link.yml
- include: install_libaio.yml
- include: createdatadir.yml
- include: generatedata.yml
- include: copyconfig.yml
- include: modifyconfig.yml
- include: copyscript.yml
- include: createpath.yml
- include: start.yml

[root@ansible playbook]# vim mariadb_role.yml
- hosts: allnode
  remote_user: root

  roles:
   - mariadb

[root@ansible playbook]# ansible-playbook mariadb_role.yml

ansible批量安装httpd服务并启动服务

[root@ansible roles]# mkdir -pv httpd/{files,handlers,templates,vars,tasks}
准备 centos6的 httpd6.conf.j2 ,centos7 的httpd7.conf.j2 放到 /project/playbook/roles/httpd/templates目录下

[root@ansible templates]# vim httpd6.conf.j2
136 Listen {
     {
     httpd6_port}}
276 ServerName www.example.com:80

[root@ansible templates]# vim httpd7.conf.j2
42 Listen {
     {
     httpd7_port}}
95 ServerName www.example.com:80


[root@ansible tasks]# cat install.yml 
- name: install httpd
  yum: name=httpd state=present

 
 [root@ansible tasks]# cat config6.yml 
- name: config6
  template: src=httpd6.conf.j2 dest=/etc/httpd/conf/httpd.conf
  when: ansible_distribution_major_version=="6"
  notify: 
   - restart
   - check
   
 [root@ansible tasks]# cat config7.yml 
- name: config7
  template: src=httpd7.conf.j2 dest=/etc/httpd/conf/httpd.conf
  when: ansible_distribution_major_version=="7"
  notify:
  - restart
  - check
  
 [root@ansible tasks]# cat service.yml 
- name: service
  service: name=httpd state=started
  
  
 [root@ansible tasks]# cat main.yml 
- include: install.yml
- include: config6.yml
- include: config7.yml
- include: service.yml

 [root@ansible tasks]# cat ../handlers/main.yml 
- name: restart
  service: name=httpd state=restarted
- name: check
  shell: killall -0 httpd > /tmp/httpd.log
  
  [root@ansible tasks]# cat ../../../httpd.role.yml 
- hosts: httpdsrvs
  remote_user: root
  
  roles:
   - httpd
   
[root@ansible playbook]# cat roles/httpd/vars/main.yml 
httpd6_port: 9999
httpd7_port: 7777 

  [root@ansible playbook]# ansible-playbook httpd.role.yml
  
  
  //添加默认页面
  [root@ansible tasks]# echo '
www.xuepeng.com
' > /project/playbook/roles/httpd/files/index.html
  //加载默认页面
[root@ansible tasks]# cat index.yml  
- name: default page
  copy: src=index.html dest=/var/www/html/
  //修改 tasks/main.yml文件为
- include: install.yml
- include: config6.yml
- include: config7.yml
- include: index.yml
- include: service.yml
//同步到远程主机上
[root@ansible playbook]# ansible-playbook httpd.role.yml

ansible批量安装nginx并启动

mkdir -pv roles/nginx/{
     files,templates,tasks,vars,handlers}
yum-config-manager --enable epel
yum install nginx -y
cp /etc/nginx/nginx.conf roles/nginx/templates/nginx.conf.j2
vim roles/nginx/templates/nginx.conf.j2
 6 worker_processes {
     {
     ansible_processor_vcpus}};
 

vim handlers/main.yml

vim playbook/nginx_role.yml
- hosts: nginxsrvs
  remote_user: root

  roles:
   - {
      role: nginx, when: ansible_distribution_major_version=="7" }

ansible-playbook nginx_role.yml

在被控端查看发现只有2个子进程

改变模板文件 templates/nginx.conf.j2 中的 ansible_processor_vcpus 变量
worker_processes { {ansible_processor_vcpus*3}};
重新运行 ansible-playbook nginx_role.yml
查看被控端的nginx进程

ansible批量安装memched并运行

mkdir -pv roles/memcached/{
     files,vars,handlers,tasks,templates}
yum install memcached -y
cp /etc/sysconfig/memcached roles/memcached/templates/memcached.j2
vim roles/memcached/templates/memcached.j2
	CACHESIZE="{
     {ansible_memtotal_mb//4}}" //舍去小数位
 cd roles/memcached/tasks/
 
vim install.yml
- name: install
  yum: name=memcached state=present enablerepo=base

vim config.yml
- name: config
  template: src=memcached.j2 dest=/etc/sysconfig/memcached
  notify:
   - restart
   - check

vim service.yml
- name: service
  service: name=memcached state=started

vim main.yml
- include: install.yml
- include: config.yml
- include: service.yml

cd ../handlers/
vim main.yml
- name: restart
  service: name=memcached state=restarted
- name: check
  shell: killall -0 memcached > /tmp/memcached.log

cd /project/playbook/
vim memcached_role.yml
- hosts: 192.168.209.29
  remote_user: root

  roles:
   - memcached

 ansible-playbook memcached_role.yml