Ansible权威指南笔记_第4章 Playbook快速入门

## 第4章 Playbook快速入门

yaml

1. 字串不一定要双引号标识
2. 在缩排中空白字符的数目并不重要，只要相同阶层的元素左侧对齐就可以了。（不能使用Tab字符）；
3. 允许在文件中加入选择性的空行，以增加可读性；
4. 选择性的符号“...”可以用来表示档案结尾（在利用串流的通信中，这非常有用）
5. 连续的项目使用“-”来表示，map结构里面的key/value对用冒号

playbook的语法

1. 需要以“---”（3个减号）开始，且需顶行首写

shell脚本与playbool的转换

```bash
############脚本

# !/bin/bash
# 安装Apache
yum install --quiet -y httpd httpd-devel
# 复制配置文件
cp /path/to/config/httpd.conf /etc/httpd/conf/httpd.conf
cp /path/to/config/httpd-vhosts.conf /etc/httpd/conf/httpd-vhosts.conf
# 启动Apache，并设置开机启动
service httpd start
chkconfig httpd on

###############playbook

---
- hosts: all
tasks:
- name: "安装Apache"
command:
- name: "复制配置文件"
command:
command:
- name: "启动Apache，并设置开机启动"
command:
command:

####################playbook----使用内置模块实现
---
- hosts: all
sudo: yes
tasks:
- name: 安装Apache
yum: name={{ item }} state=present
with_items:
- httpd
- httpd-devel
- name: 复制配置文件
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: root
group: root
mode: 0644
with_items:
- {
src: "/path/to/config/httpd.conf",
dest: "/etc/httpd/conf/httpd.conf",}
- {
src: "/path/to/config/httpd-vhosts.conf",
dest: "/etc/httpd/conf/httpd-vhosts.conf",}
- name: 检查Apache运行状态，并设置开机启动
service: name=https state=started enabled=yes
```

限定执行范围

```bash
ansible-playbook playbook.yml --limit webservers
ansible-playbook playbook.yml --list-hosts #列出受影响主机
```

其他参数

```
--remote-user
--sudo --sudo-user --ask-sudo-pass
--inventory=PATH(-i PATH):
--verbose(-v):
--extra-vars=VARS(-e VARS) "key=value,key=value"
--forks=NUM
--connection=TYPE 默认SSH,可设置为local
--check只检测

```

实战一：Ansible部署Node.js企业实战

```bash
---
- hosts: all
tasks:
- name: 导入 Remi GPG 密钥
rpm_key: "key={{ item }} state=present"
with_items:
- "http://rpms.faimllecollet.com/RPM-GPG-KEY-remi"
- name: INstall Remi repo.
command: "rpm -Uvh --force {{ item.href }} creates={{ item.creates }}"
with_items:
- href: "http://rpms.famillecollet.com/enterprise/remi-release-6.rpm"
creates: "/etc/yum.repos.d/remi.repo"

- name: 安装 Remi源
yum: name=epel-release state=present

- name: 关闭防火墙
service: name=iptables state=stopped

- name: 安装NodeJS和npm
yum: name=npm state=present enablerepo=epel

- name: 安装taobao的npm源
command: >
nmp config set registry https://registry.npm.taobao.org

- name: 关闭npm的https
command: >
nmp config set strict-ssl false

- name: 安装Forever（用于启动Node.js app）
nmp: name=forerver global=yes state=latest

#传输app目录并安装依赖文件
- name: 确保 Node.js app目录的存在
file: "paht={{ node_apps_location }} state=directory"

- name: 拷贝Node.js app整个目录到目标主机
copy: "src=app dest={{ node_app_location }}"

- name: 安装package.json 文件找定义的依赖关系
npm: "path={{ node_apps_location }}/app"

# 运行Node.js进程
- name: 获取正在运行的Node.js app列表
command: forever list
register: forerver_list
changed_when: false

- name: 启动Node.js app
command: "forever start {{ node_apps_location }}/app/app.js"
when: "forever_list.stdout.find(‘{{ node_apps_location }}/app/app.js‘)

总结：
#如下命令生效，并对playbook中的node_apps_location变量赋值
ansible-playbook --extra-vars="node_apps_location=/usr/local/opt/node"


```

实战二：Drupal基于LAMP的自动化部署

> Drupal是使用PHP语言编写的开源内容管理框架（CMF）

```bash
---
- hosts: all
# 变量的集中管理
vars_files:
- vars.yml

# 前置任务：使用apt更新APT缓存，同时设置缓存有效期为3600秒
pre_tasks:
- name: Update apt cache if needed.
apt: update_cache=yes cache_valid_time=3600

# 使用handlers来实现对apache2服务的启动管理，
# Handlers是playbook的一种特殊任务，在任务尾使用notify选项加Handlers名称来触发handler中定义的任务
handlers:
- name: restart apache
service: name=apache2 state=restarted

# php5.5版本的源和依赖
tasks:
- name: "安装用来管理APT源的工具"
apt: name={{ item }} state=present
with_items:
# apt-repository模块需要借助以下两个工具实现。
- python-apt
- python-pycurl

#ubunt12.04不含5.4以后版本，所以安装包含5.5的ondrej源
- name: "添加包含5.5版本的PHP的ondrej源"
apt_repository: repo=‘ppa:onderj/php5‘ update_cache=yes

- name: "安装Apache、Mysql，php，以及依赖关系"
apt: name={{ item }} state=present
with_items:
- git
- curl
- sendmail
- apache2
- php5
- php5-common
- php5-mysql
- php5-cli
- php5-curl
- php5-gd
- php5-dev
- php5-mcrypt
- php5-apc
- php5-pear
- python-mysqldb
- mysql-server

#生产要开通22,80和443端口
- name: "关闭防火墙"
service: name=ufw state=stopped

- name: "启动Apach、MySQL及PHP"
service: "name={{ item }} state=started enabled=yes"
with_items:
- apache2
- mysql

#配置Apache
# 使用apache2_module模块配置
- name: Enable Apache rewrite module(required for Drupal)
apache2_module: name=rewrite state=present
notify: restart apache

- name: "在Apache中为Drupal添加virtualhost"
template:
src: "templates/drupal.dev.conf.j2"
dest: "/etc/apache2/sites-available/{{ domain }}.dev.conf"
owner: root
group: root
mode: 0644
notify: restart apache

- name: "在sites-enabled目录中添加Drupal所需配置文件的符号链接"
file:
src: "/etc/apache2/sites-available/{{ domain }}.dev.conf"
dest: "/etc/apache2/sites-enabled/{{ domain }}.dev.conf"
state: link
notify: restart apache
#配置PHP
# lineinfile是自动化管理服务配置的文件的一大利器
- name: Enable upload progress via APC.
lineinfile:
dest:
regexp:
line:
state:
notify: restart apache
#配置MySQL
- name: 删除test数据库
mysql_db: db=test state=absent
- name: 为Durpal创建新库
mysql_db: "db={{ domain }} state=present"

#安装Drush 和Composer
- name: Download Composer installer.
get_url:
url: https://getcomposer.org/installer
dest: /tmp/composer-installer.php
mode: 0755

- name: Run Composer installer
command: >
php composer-install.php
chdir=/tmp
creates=/usr/local/bin/composer

- name: Move Composer into globally-accessible location.
shell: >
mv /tmp/composer.phar /usr/local/bin/composer
creates=/usr/local/bin/composer

# github下载安装drush
- name: 从GitHub中下载Drush代码
git:
repo: https://github.com/drush-ops/drush.git
dest: /opt/drush

- name: 使用Composer安装Drush
shell: >
/usr/local/bin/composer install
chdir=/opt/drush
creates=/opt/drush/vendor/autoload.php

- name: 创建Drush命令的符号连接
file:
src: /opt/drush/drush
dest: /usr/local/bin/drush
state: link

```

> 如果如论如何确保handler中任务都要执行，执行playbook命令时，使用--force-handler

实战三：Ansible部署tomcat企业实战

```bash
---
- hosts: all
# 相同目录下，变量文件
vars_files:
- vars.yml
# 使用handler触发式启动Tomcat，ubunut14.04
handlers:
- name:start tomcat
command: >
initctl start tomcat

tasks:
# 安装jdk8替换jdk7，用于solr
- name: 发送JDK软件包和Java配置文件到远程主机
copy: "src={{ item.src }} dest={{ item.dest }}"
with_item:
- src: "./jdk-8ull-linux-x64.tar.gz"
dest: "/tmp/"
- src: "./java.sh"
dest: "/etc/profile.d/"

- name: 创建Java安装目录
command: >
mkdri -p /opt/java

- name : 解压 JDK软件包
command: >
tar -C /opt/java -xvf {{ download_dir }}/jdk-8u11-linux-x64.tar.gz
--strip-components=1
- name: 为java命令更新alternatives
command: >
update-alternatives --install /usr/bin/java java /opt/java/bin/java 300

- name: 为javac更新新alternatives
command: >
update-alternatives --install /usr/bin/javac javac /opt/java/bin/javac 300

"java.h"
export JAVA_HOME="/opt/java"
export CLASSPATH=$JAVA_HOME/klib:$JAVA_HOME/jre/lib
export JRE_HOME=${JAVA_HOME}/JRE
export PATH=$PATH:$JAVA_HOME/bin

# 安装tomcat8
- name: 创建tomcat安装目录
command: >
mkdir -p {{ tomcat_dir }}

- name: 添加运行Tomcat所需普通用户tomcat
user: "name=tomcat shell=/sbin/nologin"

- name: 下载Tomcat软件包
get_url:
url: "http://apache.fayea.com/tomcat/tomcat-8/v{{ tomcat_version }}/bin/apache-tomcat-{{ tomcat_version }}.tar.gz"
dest: "{{ download_dir }}/apache-tomcat-{{ tomcat_version }}.tar.gz"

- name: 解压Tomcat软件包
command: >
tar -C {{ tomcat_dir }} -xvf {{ download_dir }}/apache-tomcat-{{ tomcat_version }}.tar.gz --strip-components=1
creates={{ tomcat_dir }}/conf/server.xml

- name: 发送Tomcat的Upstart配置文件到远程主机
copy: "src=./tomcat.conf dest=/etc/init/tomcat.conf"

- name: 重载Upstart配置文件
command: initctl reload-configuration

# 安装Apache solr
- name:

- name:
```

Ansible权威指南笔记_第4章 Playbook快速入门

原文：https://www.cnblogs.com/landerhu/p/12842252.html