{"id":1233,"date":"2023-08-23T23:03:30","date_gmt":"2023-08-23T15:03:30","guid":{"rendered":"https:\/\/www.qiangzhenshuai.com\/?p=1233"},"modified":"2023-08-24T15:11:27","modified_gmt":"2023-08-24T07:11:27","slug":"ansible-roles%e8%a7%92%e8%89%b2","status":"publish","type":"post","link":"https:\/\/www.qiangzhenshuai.com\/?p=1233","title":{"rendered":"Ansible roles\u89d2\u8272"},"content":{"rendered":"

1.Ansible roles\u6982\u8ff0<\/h1>\n

Ansible\u7684\u89d2\u8272\uff08roles\uff09\u662f\u4e00\u79cd\u7ec4\u7ec7\u548c\u590d\u7528Ansible\u4efb\u52a1\u548c\u53d8\u91cf\u7684\u673a\u5236\u3002\u89d2\u8272\u5141\u8bb8\u5c06\u76f8\u5173\u7684\u4efb\u52a1\u3001\u53d8\u91cf\u548c\u6587\u4ef6\u7ec4\u7ec7\u5728\u4e00\u8d77\uff0c\u4ee5\u4fbf\u5728\u591a\u4e2aPlaybook\u4e2d\u91cd\u590d\u4f7f\u7528\u3002<\/p>\n

\u89d2\u8272\u662fAnsible\u7684\u4e00\u79cd\u62bd\u8c61\u5c42\u7ea7\uff0c\u5b83\u5c06Playbook\u4e2d\u7684\u4efb\u52a1\u3001\u53d8\u91cf\u548c\u6587\u4ef6\u7ec4\u7ec7\u6210\u66f4\u9ad8\u7ea7\u522b\u7684\u6982\u5ff5\u3002\u901a\u8fc7\u4f7f\u7528\u89d2\u8272\uff0c\u53ef\u4ee5\u5c06\u590d\u6742\u7684\u4efb\u52a1\u548c\u914d\u7f6e\u903b\u8f91\u5206\u89e3\u4e3a\u66f4\u5c0f\u3001\u66f4\u53ef\u7ba1\u7406\u7684\u90e8\u5206\uff0c\u5e76\u4f7f\u4ee3\u7801\u66f4\u52a0\u6a21\u5757\u5316\u548c\u53ef\u91cd\u7528<\/p>\n

\u4e00\u4e2a\u89d2\u8272\u901a\u5e38\u5305\u542b\u4ee5\u4e0b\u76ee\u5f55\u7ed3\u6784\uff1a<\/p>\n

roles\/\r\n    myrole\/\r\n        tasks\/\r\n            main.yml\r\n        handlers\/\r\n            main.yml\r\n        templates\/\r\n            template.j2\r\n        files\/\r\n            myfile.txt\r\n        vars\/\r\n            main.yml\r\n        defaults\/\r\n            main.yml\r\n        meta\/\r\n            main.yml\r\n<\/pre>\n
tasks\/\u76ee\u5f55\uff1a\u5305\u542b\u89d2\u8272\u6267\u884c\u7684\u4efb\u52a1\u6587\u4ef6\uff0c\u901a\u5e38\u662fmain.yml\u3002\u8fd9\u4e9b\u4efb\u52a1\u5b9a\u4e49\u4e86\u89d2\u8272\u7684\u4e3b\u8981\u529f\u80fd\u3002<\/p>\n
handlers\/\u76ee\u5f55\uff1a\u5305\u542b\u89d2\u8272\u7684\u5904\u7406\u7a0b\u5e8f\u6587\u4ef6\uff0c\u901a\u5e38\u662fmain.yml\u3002\u5904\u7406\u7a0b\u5e8f\u662f\u5728\u7279\u5b9a\u4e8b\u4ef6\u89e6\u53d1\u65f6\u6267\u884c\u7684\u4efb\u52a1\uff0c\u4f8b\u5982\u670d\u52a1\u91cd\u542f\u6216\u914d\u7f6e\u6587\u4ef6\u91cd\u8f7d\u3002<\/p>\n
templates\/\u76ee\u5f55\uff1a\u5305\u542b\u89d2\u8272\u4f7f\u7528\u7684Jinja2\u6a21\u677f\u6587\u4ef6\u3002\u8fd9\u4e9b\u6a21\u677f\u53ef\u4ee5\u6839\u636e\u53d8\u91cf\u7684\u503c\u751f\u6210\u914d\u7f6e\u6587\u4ef6\u7b49\u3002<\/p>\n
files\/\u76ee\u5f55\uff1a\u5305\u542b\u89d2\u8272\u4f7f\u7528\u7684\u666e\u901a\u6587\u4ef6\uff0c\u4f8b\u5982\u811a\u672c\u6216\u914d\u7f6e\u6587\u4ef6\u3002<\/p>\n
vars\/\u76ee\u5f55\uff1a\u5305\u542b\u89d2\u8272\u4f7f\u7528\u7684\u53d8\u91cf\u6587\u4ef6\uff0c\u901a\u5e38\u662fmain.yml\u3002\u8fd9\u4e9b\u53d8\u91cf\u53ef\u4ee5\u5728\u4efb\u52a1\u548c\u6a21\u677f\u4e2d\u4f7f\u7528\u3002<\/p>\n
defaults\/\u76ee\u5f55\uff1a\u5305\u542b\u89d2\u8272\u7684\u9ed8\u8ba4\u53d8\u91cf\u6587\u4ef6\uff0c\u901a\u5e38\u662fmain.yml\u3002\u8fd9\u4e9b\u53d8\u91cf\u7684\u9ed8\u8ba4\u503c\u4f1a\u88ab\u5176\u4ed6\u53d8\u91cf\u8986\u76d6\u3002<\/p>\n
meta\/\u76ee\u5f55\uff1a\u5305\u542b\u89d2\u8272\u7684\u5143\u6570\u636e\u6587\u4ef6\uff0c\u901a\u5e38\u662fmain.yml\u3002\u5143\u6570\u636e\u6587\u4ef6\u53ef\u4ee5\u5305\u542b\u89d2\u8272\u7684\u4f9d\u8d56\u5173\u7cfb\u548c\u5176\u4ed6\u76f8\u5173\u4fe1\u606f\u3002<\/p>\n
\u4f7f\u7528\u89d2\u8272\u7684\u6b65\u9aa4\u5982\u4e0b\uff1a<\/p>\n
\u5728Ansible\u9879\u76ee\u7684roles\/\u76ee\u5f55\u4e0b\u521b\u5efa\u4e00\u4e2a\u65b0\u7684\u76ee\u5f55\uff0c\u4f8b\u5982myrole\/\u3002<\/p>\n
\u5728myrole\/\u76ee\u5f55\u4e0b\u521b\u5efa\u76f8\u5173\u7684\u5b50\u76ee\u5f55\u548c\u6587\u4ef6\uff0c\u6309\u7167\u4e0a\u8ff0\u76ee\u5f55\u7ed3\u6784\u7ec4\u7ec7\u89d2\u8272\u7684\u4efb\u52a1\u3001\u53d8\u91cf\u548c\u6587\u4ef6\u3002<\/p>\n
\u5728Playbook\u4e2d\u4f7f\u7528\u89d2\u8272\uff1a\u5728Playbook\u4e2d\u4f7f\u7528roles\u5173\u952e\u5b57\u6307\u5b9a\u8981\u4f7f\u7528\u7684\u89d2\u8272\u3002\u4f8b\u5982\uff1a<\/p>\n
- name: My Playbook\r\n  hosts: myhosts\r\n  roles:\r\n    - myrole\r\n<\/pre>\n
\u8fd9\u5c06\u4f7f\u7528\u540d\u4e3amyrole\u7684\u89d2\u8272\u6765\u6267\u884c\u4efb\u52a1\u3002<\/p>\n
\u89d2\u8272\u7684\u4f18\u70b9\u5305\u62ec\uff1a<\/p>\n
\u91cd\u7528\u6027\uff1a\u89d2\u8272\u53ef\u4ee5\u5728\u591a\u4e2aPlaybook\u4e2d\u91cd\u590d\u4f7f\u7528\uff0c\u63d0\u9ad8\u4e86\u4ee3\u7801\u7684\u53ef\u7ef4\u62a4\u6027\u548c\u53ef\u91cd\u7528\u6027\u3002<\/p>\n
\u7ec4\u7ec7\u6027\uff1a\u89d2\u8272\u63d0\u4f9b\u4e86\u4e00\u79cd\u7ec4\u7ec7\u4efb\u52a1\u3001\u53d8\u91cf\u548c\u6587\u4ef6\u7684\u7ed3\u6784\u5316\u65b9\u5f0f\uff0c\u4f7f\u4ee3\u7801\u66f4\u6613\u4e8e\u7406\u89e3\u548c\u7ef4\u62a4\u3002<\/p>\n
\u53ef\u6269\u5c55\u6027\uff1a\u89d2\u8272\u53ef\u4ee5\u5305\u542b\u5176\u4ed6\u89d2\u8272\u4f5c\u4e3a\u4f9d\u8d56\u9879\uff0c\u4f7f\u5f97\u6784\u5efa\u590d\u6742\u7684\u914d\u7f6e\u548c\u90e8\u7f72\u6d41\u7a0b\u53d8\u5f97\u66f4\u52a0\u7075\u6d3b\u548c\u53ef\u6269\u5c55\u3002<\/p>\n
\u603b\u4e4b\uff0cAnsible\u7684\u89d2\u8272\u662f\u4e00\u79cd\u7ec4\u7ec7\u548c\u590d\u7528Ansible\u4efb\u52a1\u548c\u53d8\u91cf\u7684\u673a\u5236\u3002\u901a\u8fc7\u521b\u5efa\u89d2\u8272\u5e76\u5728Playbook\u4e2d\u4f7f\u7528\u5b83\u4eec\uff0c\u53ef\u4ee5\u63d0\u9ad8Ansible\u4ee3\u7801\u7684\u53ef\u7ef4\u62a4\u6027\u548c\u53ef\u91cd\u7528\u6027\u3002<\/p>\n
2.Ansible Roles\u4f9d\u8d56\u5173\u7cfb<\/h1>\n
roles\u5141\u8bb8\u60a8\u5728\u4f7f\u7528role\u65f6\u81ea\u52a8\u5f15\u5165\u5176\u4ed6 role\u3002role\u4f9d\u8d56\u5173\u7cfb\u5b58\u50a8\u5728role\u76ee\u5f55\u4e2dmeta\/main.yml\u6587\u4ef6\u4e2d\u3002<\/p>\n
\u4f8b\u5982\uff1a\u5b89\u88c5wordpress\u9700\u8981\u5148\u786e\u4fddnginx\u4e0ePHP\u90fd\u80fd\u6b63\u5e38\u8fd0\u884c\uff0c\u6b64\u65f6\u53ef\u4ee5\u5728 wordpress\u7684role\u4e2d\u5b9a\u4e49\uff0c\u4f9d\u8d56Nginx\u4e0ePHP-fpm\u7684roles\u3002<\/p>\n
\n
[root@devops ~]# cat \/root\/roles\/wordpress\/meta\/main.yml<\/pre>\n<\/div>\n
—<\/div>\n
dependencies:<\/div>\n
  – { role: nginx }<\/div>\n
  – { role: [php-fpm }<\/div>\n
\u6b64\u65f6\u00a0wordpress \u7684role \u4f1a\u5148\u6267\u884c nginx\u7684role\u3001\u7136\u540e\u6267\u884cphp-fpm\u7684role\uff0c\u6700\u540e\u6267\u884cwordpress\u672c\u8eab\u7684role\u3002<\/div>\n
3.\u4f7f\u7528roles<\/h1>\n
\u521b\u5efa\u76ee\u5f55<\/h4>\n
[root@ansible \/server\/playbook]$ mkdir basic\/{tasks,templates,handlers,files} -p<\/pre>\n
[root@ansible \/server\/playbook]$ tree basic\/\r\nbasic\/\r\n\u251c\u2500\u2500 files\r\n\u251c\u2500\u2500 handlers\r\n\u251c\u2500\u2500 tasks\r\n\u2514\u2500\u2500 templates<\/pre>\n
\u8c03\u7528\u89d2\u8272<\/h4>\n
[root@ansible \/server\/playbook]$ cat top.yml\r\n---\r\n- hosts: all\r\n  roles:\r\n  - role: basic<\/pre>\n
\u5267\u672c<\/h4>\n
[root@ansible \/server\/playbook]$ cat  basic\/tasks\/main.yml\r\n- name: Base repo \r\n  yum_repository:\r\n    name: Base\r\n    description: Base\r\n    baseurl: http:\/\/mirrors.aliyun.com\/centos\/$releasever\/os\/$basearch\/\r\n    gpgcheck: yes\r\n    gpgkey: http:\/\/mirrors.aliyun.com\/centos\/RPM-GPG-KEY-CentOS-7\r\n- name: epel repo\r\n  yum_repository:\r\n    name: epel\r\n    description: epel\r\n    baseurl: http:\/\/mirrors.aliyun.com\/epel\/7\/$basearch\r\n    gpgcheck: no\r\n- name: released updates\r\n  yum_repository:\r\n    name: updates\r\n    description: updates\r\n    baseurl: http:\/\/mirrors.aliyun.com\/centos\/$releasever\/updates\/$basearch\/\r\n    gpgcheck: yes\r\n    gpgkey: http:\/\/mirrors.aliyun.com\/centos\/RPM-GPG-KEY-CentOS-7\r\n- name: extras repository\r\n  yum_repository:\r\n    name: extras\r\n    description: extras\r\n    baseurl: http:\/\/mirrors.aliyun.com\/centos\/$releasever\/extras\/$basearch\/\r\n    gpgcheck: yes\r\n    gpgkey: http:\/\/mirrors.aliyun.com\/centos\/RPM-GPG-KEY-CentOS-7\r\n- name:  nginx Repo\r\n  yum_repository:\r\n    name: nginx\r\n    description: nginx repo\r\n    baseurl: http:\/\/nginx.org\/packages\/centos\/$releasever\/$basearch\/\r\n    enabled: yes\r\n    gpgcheck: yes\r\n    gpgkey: https:\/\/nginx.org\/keys\/nginx_signing.key\r\n  when: ( ansible_hostname is match(\"web|lb\") )\r\n\r\n- name: php repo\r\n  yum_repository:\r\n    name: php\r\n    description: php\r\n    baseurl: http:\/\/us-east.repo.webtatic.com\/yum\/el7\/x86_64\/\r\n    enabled: yes\r\n    gpgcheck: yes\r\n  when: ( ansible_hostname is match(\"web\") )\r\n\r\n- name: Install Software\r\n  yum:\r\n    name: \r\n    - tree\r\n    - vim\r\n    - lrzsz\r\n    - iotop\r\n    - htop\r\n    - nc\r\n    - unzip\r\n    - nmap\r\n    - telnet\r\n    - wget\r\n    - zip\r\n    - psmisc\r\n    - ntpdate\r\n    state: present\r\n\r\n- name: Stop firewalld\r\n  systemd:\r\n    name: firewalld\r\n    state: stopped\r\n    enabled: no\r\n\r\n- name: disabled selinux\r\n  selinux:\r\n    state: disabled\r\n\r\n- name: groupadd\r\n  group:\r\n    name: dmxsp\r\n    gid: 789\r\n- name: useradd\r\n  user:\r\n    name: dmxsp\r\n    uid: 789\r\n    group: dmxsp\r\n    shell: \/sbin\/nologin\r\n    create_home: no\r\n\r\n- name: configure crond time\r\n  cron: \r\n    name: sync time\r\n    minute: \"*\/2\"\r\n    job: \"\/sbin\/ntpdate ntp1.aliyun.com &>>\/dev\/null\"\r\n\r\n- name: mkdir scripts dir\r\n  file: \r\n    path: \/server\/scripts\/\r\n    state: directory\r\n\r\n- name: push server backup scripts\r\n  copy:\r\n    src: files\/backup-conf.sh\r\n    dest: \/server\/scripts\/\r\n\r\n- name: configure crond backup\r\n  cron:\r\n    name: backup everyday\r\n    minute: 00\r\n    hour: 00\r\n    job: \"sh \/server\/scripts\/backup-conf.sh &>>\/dev\/null\"<\/pre>\n
\u6267\u884c<\/h4>\n
[root@ansible \/server\/playbook]$ ansible-playbook top.yml<\/h4>\n
\u76ee\u5f55<\/h4>\n
[root@ansible \/server\/playbook]$ tree basic\/\r\nbasic\/\r\n\u251c\u2500\u2500 files\r\n\u2502\u00a0\u00a0 \u2514\u2500\u2500 backup-conf.sh\r\n\u251c\u2500\u2500 handlers\r\n\u251c\u2500\u2500 tasks\r\n\u2502\u00a0\u00a0 \u2514\u2500\u2500 main.yml\r\n\u2514\u2500\u2500 templates<\/pre>\n","protected":false},"excerpt":{"rendered":"
1.Ansible roles\u6982\u8ff0 Ansible\u7684\u89d2\u8272\uff08roles\uff09\u662f\u4e00\u79cd\u7ec4\u7ec7\u548c\u590d\u7528Ansible\u4efb\u52a1\u548c\u53d8\u91cf […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"spay_email":""},"categories":[24],"tags":[],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/www.qiangzhenshuai.com\/index.php?rest_route=\/wp\/v2\/posts\/1233"}],"collection":[{"href":"https:\/\/www.qiangzhenshuai.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.qiangzhenshuai.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.qiangzhenshuai.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.qiangzhenshuai.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1233"}],"version-history":[{"count":3,"href":"https:\/\/www.qiangzhenshuai.com\/index.php?rest_route=\/wp\/v2\/posts\/1233\/revisions"}],"predecessor-version":[{"id":1236,"href":"https:\/\/www.qiangzhenshuai.com\/index.php?rest_route=\/wp\/v2\/posts\/1233\/revisions\/1236"}],"wp:attachment":[{"href":"https:\/\/www.qiangzhenshuai.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1233"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.qiangzhenshuai.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1233"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.qiangzhenshuai.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1233"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}