ansible原理
简介
ansible是一款基于python开发的自动化运维工具,适用于中小型应用环境。可实现如下功能:
(1)自动化部署APP;
(2)自动化管理配置项;
(3)自动化的持续交互;
(4)自动化的(AWS)云服务管理;
从本质上来讲就是在一台或多台远程服务器上,执行一系列的命令。
ansible命令执行过程
(1) 加载自己的配置文件,默认为/etc/ansible/ansible.cfg
(2) 加载自己对应的模块文件,如command
(3) 通过ansible将模块或命令生成对应的临时py文件,并将该文件传输至远程服务器的对应执行用户$HOME/.ansible/tmp/ansible-tmp-数字/XXX.PY文件
(4)给文件+x执行
(5)执行并返回结果
(6)删除临时py文件,sleep 0退出
执行状态:
(1)绿色:执行成功并且不需要做改变的操作
(2)黄色:执行成功并且对目标主机做变更
(3)红色:执行失败
1.用ansible在多台机器上添加用户
[root@centos7 ansible]ansible nginxsrvs -m user -a 'name=user1 comment="test user" uid=11211 home=/home/user1 group=root'
192.168.48.131 | CHANGED => {
"changed": true,
"comment": "test user",
"create_home": true,
"group": 0,
"home": "/home/user1",
"name": "user1",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 11211
}
192.168.48.132 | CHANGED => {
"changed": true,
"comment": "test user",
"create_home": true,
"group": 0,
"home": "/home/user1",
"name": "user1",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 11211
}
[root@centos7 ansible]ansible nginxsrvs -m shell -a 'id user1'
192.168.48.131 | CHANGED | rc=0 >>
uid=11211(user1) gid=0(root) groups=0(root)
192.168.48.132 | CHANGED | rc=0 >>
uid=11211(user1) gid=0(root) groups=0(root)
2.用ansible安装nginx服务
1.安装ansible并配置主机清单
[root@centos7 ~]yum install -y ansible
[root@centos7 ~]vim /etc/ansible/hosts
······
[nginxsrvs]
192.168.48.131
192.168.48.132
2.简单搭建roles
搭建roles目录结构
[root@centos7 ~]mkdir /etc/ansible/roles/nginx
[root@centos7 ~]cd !$
cd /etc/ansible/roles/nginx
[root@centos7 nginx]mkdir {files,templates,tasks,handlers,vars,meta}
[root@centos7 nginx]ls
filrs handlers meta tasks templates vars
[root@centos7 nginx]cd tasks
group配置
[root@centos7 tasks]vim group.yml
- name: create group
group: name=nginx gid=80
user配置
[root@centos7 tasks]vim user.yml
- name: cerate user
user: name=nginx uid=80 group=nginx system=yes shell=/sbin/nologin
yum安装配置
[root@centos7 tasks]vim yum.yml
- name: install nginx
yum: name=nginx state=present
服务启动配置
[root@centos7 tasks]vim start.yml
- name: start service
service: name=nginx state=started
服务重启配置
[root@centos7 tasks]vim ../handlers/main.yml
- name: restart service
service: name=nginx state=restarted
复制nginx原版配置文件到templates目录并重命名作为模板
[root@centos7 tasks]cp /etc/nginx/nginx.conf ../templates/nginx.conf.j2
修改启动进程数是cpu数量的两倍
vim ../templates/nginx.conf.j2
work_processes {{ ansible_processor_vcpus * 2 }}
模板调用配置
[root@centos7 tasks]vim templ.yml
- name: copy conf
template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf
notify: restart service
nginx 总配置用于调用之前所有配置
[root@centos7 tasks]vim main.yml
- include: group.yml
- include: user.yml
- include: yum.yml
- include: templ.yml
- include: start.yml
编写nginx调用剧本
[root@centos7 tasks]cd /etc/ansible
[root@centos7 ansible]vim nginx_role.yml
- hosts: nginxsrvs
remote_user: root
roles:
- role: nginx
[root@centos7 ansible]tree roles/nginx
roles/nginx
├── filrs
├── handlers
│ └── main.yml
├── meta
├── tasks
│ ├── group.yml
│ ├── main.yml
│ ├── start.yml
│ ├── templ.yml
│ ├── user.yml
│ └── yum.yml
├── templates
│ └── nginx.conf.j2
└── vars
3.测试安装
[root@centos7 ansible]ansible-playbook nginxsrvs nginx_role.yml
[root@centos7 ansible]ansible-playbook nginx_role.yml
PLAY [nginxsrvs] ********************************************************************************************
TASK [Gathering Facts] **************************************************************************************
ok: [192.168.48.132]
ok: [192.168.48.131]
TASK [nginx : create group] *********************************************************************************
changed: [192.168.48.131]
changed: [192.168.48.132]
TASK [nginx : cerate user] **********************************************************************************
changed: [192.168.48.131]
changed: [192.168.48.132]
TASK [nginx : install nginx] ********************************************************************************
changed: [192.168.48.131]
changed: [192.168.48.132]
TASK [nginx : copy conf] ************************************************************************************
changed: [192.168.48.131]
changed: [192.168.48.132]
TASK [nginx : start service] ********************************************************************************
changed: [192.168.48.131]
changed: [192.168.48.132]
RUNNING HANDLER [nginx : restart service] *******************************************************************
changed: [192.168.48.131]
changed: [192.168.48.132]
PLAY RECAP **************************************************************************************************
192.168.48.131 : ok=7 changed=6 unreachable=0 failed=0
192.168.48.132 : ok=7 changed=6 unreachable=0 failed=0
[root@centos7 ansible]ansible nginxsrvs -m shell -a 'ps aux|grep nginx'
192.168.48.132 | CHANGED | rc=0 >>
root 5146 0.0 0.1 122908 2104 ? Ss 20:42 0:00 nginx: master process /usr/sbin/nginx
nginx 5147 0.0 0.2 125376 3564 ? S 20:42 0:00 nginx: worker process
nginx 5148 0.0 0.2 125376 3564 ? S 20:42 0:00 nginx: worker process
root 5257 0.0 0.0 113128 1204 pts/1 S+ 20:46 0:00 /bin/sh -c ps aux|grep nginx
root 5259 0.0 0.0 113128 188 pts/1 R+ 20:46 0:00 /bin/sh -c ps aux|grep nginx
192.168.48.131 | CHANGED | rc=0 >>
root 8298 0.0 0.1 122928 2104 ? Ss 20:42 0:00 nginx: master process /usr/sbin/nginx
nginx 8299 0.0 0.2 125472 3560 ? S 20:42 0:00 nginx: worker process
nginx 8300 0.0 0.2 125472 3560 ? S 20:42 0:00 nginx: worker process
root 8424 0.0 0.0 113128 1204 pts/1 S+ 20:46 0:00 /bin/sh -c ps aux|grep nginx
root 8426 0.0 0.0 113128 188 pts/1 R+ 20:46 0:00 /bin/sh -c ps aux|grep nginx
[root@centos7 ansible]ansible nginxsrvs -m shell -a 'lscpu | grep ^CPU\(s\)'
192.168.48.131 | CHANGED | rc=0 >>
CPU(s): 1
192.168.48.132 | CHANGED | rc=0 >>
CPU(s): 1