• 欢迎访问显哥博客,本网站纯属学习技术,绝无商业用途,欢迎小伙伴们共同学习!研究技术!QQ:52249909 加我QQ
  • 世界75亿人,这么小的概率,能认识你,是我一生的幸运,不妨加个QQ接触一下:52249909 加我QQ

Ansible自动化企业实战——Ansible Roles

Ansible lixian 5年前 (2020-03-30) 2296次浏览 1个评论 扫描二维码
文章目录[隐藏]

一、Ansible Roles 概述

roles不管是Ansible还是saltstack,我在写一键部署的时候,都不可能把所有的步骤全部写入到一个’剧本’文件当中,我们肯定需要把不同的工作模块,拆分开来,解耦,那么说到解耦,我们就需要用到roles官方推荐,因为roles的目录结构层次更加清晰。

例如:我们之前推荐大家写一个base.yml里面写所有基础优化的项目,其实把所有东西摞进去也是很鸡肋的,不如我们把这些功能全部拆分开,谁需要使用,就调用即可。

建议:每个roles最好只使用一个tasks这样方便我们去调用,能够很好的做到解耦。(SOA)

二、目录结构

Ansible自动化企业实战——Ansible Roles

production                # inventory file for production servers
staging                   # inventory file for staging environment

group_vars/
   group1.yml             # here we assign variables to particular groups
   group2.yml
host_vars/
   hostname1.yml          # here we assign variables to particular systems
   hostname2.yml

library/                  # if any custom modules, put them here (optional)
module_utils/             # if any custom module_utils to support modules, put them here (optional)
filter_plugins/           # if any custom filter plugins, put them here (optional)

site.yml                  # master playbook
webservers.yml            # playbook for webserver tier
dbservers.yml             # playbook for dbserver tier

roles/
    common/               # this hierarchy represents a "role"
        tasks/            #
            main.yml      #  <-- tasks file can include smaller files if warranted
        handlers/         #
            main.yml      #  <-- handlers file
        templates/        #  <-- files for use with the template resource
            ntp.conf.j2   #  <------- templates end in .j2
        files/            #
            bar.txt       #  <-- files for use with the copy resource
            foo.sh        #  <-- script files for use with the script resource
        vars/             #
            main.yml      #  <-- variables associated with this role
        defaults/         #
            main.yml      #  <-- default lower priority variables for this role
        meta/             #
            main.yml      #  <-- role dependencies
        library/          # roles can also include custom modules
        module_utils/     # roles can also include custom module_utils
        lookup_plugins/   # or other types of plugins, like lookup in this case

    webtier/              # same kind of structure as "common" was above, done for the webtier role
    monitoring/           # ""
    fooapp/               # ""

三、创建roles目录

#1.可以手动创建
[root@m01 roles]# mkdir nginx/{tasks,handlers,templates,files,vars,meta} -p

#2.使用命令创建
[root@m01 roles]# ansible-galaxy init base
- Role base was created successfully
[root@m01 roles]# tree base/
base/							#项目名称目录
├── defaults					#优先级很低的变量
│   └── main.yml
├── files						#存放文件,copy模块
├── handlers					#存放触发器的tasks
│   └── main.yml
├── meta						#依赖的服务,安装服务前先读取该文件
│   └── main.yml
├── README.md
├── tasks						#主playbook
│   └── main.yml
├── templates					#存放包含变量的jinja2模板
├── tests
│   ├── inventory
│   └── test.yml
└── vars						#存放变量
    └── main.yml

8 directories, 8 files

四、Ansible roles依赖

roles允许你再使用roles时自动引入其他的roles。role依赖关系存储在roles目录中meta/main.yml文件中。

例如:推送wordpress并解压,前提条件,必须要安装nginx和php,把服务跑起来,才能运行wordpress的页面,此时我们就可以在wordpress的roles中定义依赖nginx和php的roles

如果编写了meta目录下的main.yml文件,那么Ansible会自动先执行meta目录中main.yml文件中的dependencies文件,如上所示,就会先执行nginx和php的安装。

[root@m01 roles]# vim /etc/ansible/roles/wordpress/meta/main.yml
dependencies:
  - { role: nginx }
  - { role: php }

五、重构playbook

1.配置主机清单和hosts

[root@m01 ansible]# vim /etc/ansible/hosts 
[lb_group]
lb01 ansible_ssh_pass='1'
lb02 ansible_ssh_pass='1'

[web_group]
web01 ansible_ssh_pass='1'
web02 ansible_ssh_pass='1'

[db_group]
db01 ansible_ssh_pass='1'

[nfs_server]
nfs

[rsyncd_server]
backup

[rsyncd_client:children]
lb_group
web_group
db_group
nfs_server


[root@m01 ansible]# vim /etc/hosts
172.16.1.7 web01
172.16.1.8 web02
172.16.1.51 db01
172.16.1.5 lb01
172.16.1.6 lb02
172.16.1.31 nfs
172.16.1.41 backup

2.配置优化部分

[root@m01 ~]# vim /product/roles/base/tasks/stop_fire.yml 
- name: Stop Firewalld
  systemd:
    name: firewalld
    state: stopped

- name: Stop selinux
  selinux:
    state: disabled
    
[root@m01 ~]# vim /product/roles/base/tasks/create_user.yml 
- name: Create www Group
  group:
    name: www
    gid: 666
    state: present

- name: Create www User
  user:
    name: www
    uid: 666
    group: www
    shell: /sbin/nologin
    create_home: false
    state: present

[root@m01 ~]# vim /product/roles/base/tasks/main.yml 
- include_tasks: stop_fire.yml
- include_tasks: create_user.yml

3.安装nginx部分

#1.准备包和配置文件
[root@m01 ~]# ll /product/roles/nginx/files/
total 772
-rw-r--r-- 1 root root 784272 Mar 22 22:02 nginx-1.16.1-1.el7.ngx.x86_64.rpm
-rw-r--r-- 1 root root    640 Mar 27 10:37 nginx.conf

#2.编写安装nginx的playbook
[root@m01 ~]# vim /product/roles/nginx/tasks/main.yml 
- name: Copy Nginx rpm
  copy:
    src: nginx-1.16.1-1.el7.ngx.x86_64.rpm
    dest: /tmp

- name: Install Nginx Server
  yum:
    name: /tmp/nginx-1.16.1-1.el7.ngx.x86_64.rpm
    state: present

- name: Config Nginx Server
  copy:
    src: nginx.conf
    dest: /etc/nginx/
  notify: restart nginx

- name: Start Nginx Server
  systemd:
    name: nginx
    state: started
    enabled: yes
    
#3.编写触发器内容
[root@m01 ~]# vim /product/roles/nginx/handlers/main.yml 
- name: restart nginx
  systemd:
    name: nginx
    state: restarted

4.安装php

#1.准备文件
[root@m01 ~]# ll /product/roles/php/files/
total 19444
-rw-r--r-- 1 root root 19889622 Mar 22 21:58 php.tar.gz
-rw-r--r-- 1 root root    17962 Mar 23 17:35 www.conf

#2.编写安装php的playbook
[root@m01 product]# vim roles/php/tasks/main.yml 
- name: Tar php Package
  unarchive:
    src: php.tar.gz
    dest: /tmp/

- name: Get PHP Install Status
  stat:
    path: /etc/php-fpm.d
  register: get_php_install_status

- name: Install PHP Server
  shell: "yum localinstall -y /tmp/*.rpm"
  when: get_php_install_status.stat.exists == false

- name: Config PHP Server
  copy:
    src: www.conf
    dest: /etc/php-fpm.d/
  notify: restart_php

- name: Start PHP Server
  systemd:
    name: php-fpm
    state: started
    enabled: yes
    
#3.配置触发器
[root@m01 product]# vim roles/php/handlers/main.yml 
- name: restart_php
  systemd:
    name: php-fpm
    state: restarted

5.安装mariadb

[root@m01 product]# vim roles/mariadb/tasks/main.yml 
- name: Install Mariadb Server
  yum:
    name: "{{ item.name }}"
    state: present
  with_items:
    - { name: "mariadb-serevr" }
    - { name: "MySQL-python" }

- name: Start Mariadb Server
  systemd:
    name: maraidb
    state: started
    enabled: yes

6.搭建博客

#1.准备文件
[root@m01 files]# ll /product/roles/wordpress/files/
total 10848
-rw-r--r-- 1 root root      347 Mar 26 11:49 blog.conf
-rw-r--r-- 1 root root 11102857 Mar 25 08:57 blog.tar.gz

#2.编写搭建wordpress的playbook
[root@m01 ~]# vim /product/roles/wordpress/tasks/main.yml 
- name: Config wordpress Conf
  copy:
    src: blog.conf
    dest: /etc/nginx/conf.d/
  notify: restart_nginx

- name: Tar wordpress Package
  unarchive:
    src: blog.tar.gz
    dest: /

- name: Chown Code Dir
  file:
    path: /code
    state: directory
    owner: www
    group: www
    recurse: yes
    
#3.编写触发器
[root@m01 ~]# vim /product/roles/wordpress/handlers/main.yml 
- name: restart_nginx
  systemd:
    name: nginx
    state: restarted
    
#4.配置wordpress数据库
[root@m01 ~]# ll /product/roles/mariadb/files/
total 44
-rw-r--r-- 1 root root 43025 Mar 24 23:47 wordpress.sql

[root@m01 ~]# vim /product/roles/wordpress/tasks/main.yml 
- name: Config wordpress Conf
  copy:
    src: blog.conf
    dest: /etc/nginx/conf.d/
  notify: restart_nginx

- name: Tar wordpress Package
  unarchive:
    src: blog.tar.gz
    dest: /

- name: Chown Code Dir
  file:
    path: /code
    state: directory
    owner: www
    group: www
    recurse: yes

7.搭建负载均衡

#1.环境准备
[root@m01 ~]# ll /product/roles/upstream/templates/
total 4
-rw-r--r-- 1 root root 284 Mar 26 12:25 upstream.j2

#2.编写upstream的playbook
[root@m01 ~]# vim /product/roles/upstream/tasks/main.yml 
- name: Config Nginx Upstream Conf
  template:
    src: upstream.j2
    dest: /etc/nginx/conf.d/upstream.conf

- name: Restart Nginx Server
  systemd:
    name: nginx
    state: restarted
 
#3.配置依赖
[root@m01 ~]# vim /product/roles/upstream/meta/main.yml 
dependencies:
  - { role: nginx }

本站博主 , 版权所有丨如未注明 , 均为原创
转载请注明原文链接:Ansible自动化企业实战——Ansible Roles
喜欢 (0)

您必须 登录 才能发表评论!

(1)个小伙伴在吐槽
  1. cialis health facts offict https://ascialis.com/ - Cialis scussy Orlistat 60 Mg For Sale mugerervemup Cialis payday Propecia Kvinner
    匿名2020-08-05 04:51