1, Introduction to ansible role
(1) Ansible roles is a hierarchical and structured organization Playbook.
(2) roles is to place variables, files, tasks, modules and processors in separate directories and easily include them;
(3) roles are generally used in the scenario of building services based on hosts, and are frequently used in complex business scenarios of enterprises;
(4) tasks, variables, handlers, templates, files, etc. organized in a specific hierarchical directory structure; It is equivalent to the function call cutting each function into fragments for execution.
1.roles directory structure
| parameter | meaning |
|---|---|
| files stores functions called by modules such as copy or script | |
| tasks | Define various task s with main.yml and other files including calls |
| handlers | Define various handlers with main.yml and other files including calls |
| vars | Define variables with main.yml and other files including calls |
| templates | Stores the template text called by the template module |
| meta | To define the special settings and dependencies of the current role, there should be a main.yml file |
| defaults | There should be a file of main.yml to set the default variables |
| tests | For testing roles |
2. Creating an ansible role
Ansible Galaxy command tool: ansible galaxy is a website for free sharing and downloading ansible roles, which can help us better define and learn roles;
The ansible Galaxy command defaults to https://galaxy.ansible.com Website API communication, you can find and download all kinds of community development
Ansible role
Ansible galaxy has been included in Ansible 1.4.2. You can query roles on galaxy.ansible.com
List all installed galaxy;
The path of role storage is defined in the configuration file ansible.cfg;
roles_path = ~/ansible/roles (default directory: / etc/ansible/roles)
Create directory structure
Create vsftps (should be vsftpd, wrong number here) role
View roles in the ansible Galaxy list;
You can see that the vsftpd role was created successfully
2, Use of ansible roles
1. Write the main task of task
Example: Download and install vsftpd, and change the configuration file according to variables;
Edit the ~ / ansible/roles/vsftps/tasks/main.yml file
---
# tasks file for vsftpd
- name: install vsftpd Installation module
dnf:
name: vsftpd
state: latest
notify: trigger
- restart vsftpd
- firewalld set
- name: set vsftpd Modify configuration module
lineinfile:
path: /etc/vsftpd/vsftpd.conf
regexp: "anonymous_enable"
line: "anonymous_enable={{ STATE }}"
notify: trigger
- restart vsftpd
/
2. Trigger module
View firewall setting rules
Examples are as follows
- name: restart vsftpd vsftpd modular
service:
name: vsftpd
state: restarted
enabled: yes
- name: firewalld set Firewall module
firewalld:
name: ftp
state: enabeld
permanent: yes
immediate: yes
3. Variable module
Enable module ~ / ansible/vsftpd.yml
Execute playbook to install vsftpd for the node host
Next, test to delete the installed vsftpd and edit the task main task module
Execute playbook
Edit the task main task module again to test and install vsftpd
Execute playbook
3, Exercise test
Download httpd for node host. The requirements are as follows:
Enter the domain name westos.westos.org ------ visit the test page westos.westos.org;
Enter the domain name linux.westos.org ------ access the test page linux.westos.org;
Enter another default domain name ----- get access to the test page www.westos.org.
1. Create apache role
2. Set variables
//
---
# vars file for apache
WEBS:
- docroot: /var/www/html
index: www.westos.org
- docroot: /var/www/vhosts/westos.org/westos
name: westos.westos.org
index: westos.westos.org
- docroot: /var/www/vhosts/westos.org/linux
name: linux.westos.org
index: linux.westos.org
//
3. Set j2 template
{% for vhost in WEBS %}
{% if vhost['name'] is not defined %}
<VirtualHost _default_:80>
{%endif%}
{% if vhost['name'] is defined %}
<VirtualHost *:80>
ServerName {{vhost['name']}}
{%endif%}
DocumentRoot {{vhost['docroot']}}
</VirtualHost>
{% endfor %}
4. Set task
///
---
# tasks file for apache
- name: install apache
dnf:
name: httpd
state: latest
notify:
- restart apache
- firewalld
- name: create documentroot
file:
path: "{{ item.docroot }}"
state: directory
loop:
"{{WEBS}}"
- name: create index.html
copy:
dest: "{{ item.docroot }}/index.html"
content: "{{ item.index }}"
loop:
"{{WEBS}}"
- name: set vhost
template:
src: vhosts.conf.j2
dest: /mnt/vhost.conf
notify:
- restart apache
5. Set trigger
/
---
# handlers file for apache
- name: restart apache
service:
name: httpd
state: restarted
enabled: yes
- name: firewalld
firewalld:
service: http
state: enabled
permanent: yes
immediate: yes
///
6. Set execution tasks
Execute playbook
You can view the information of the virtual host on the node host
4, Control the execution sequence of tasks
playbook Used in roles# playbook Used in roles: --- - hosts: server2 roles: - role: role1 - role: role2 var1: value1 Variables here will be overwritten roles Defined variables in
Example:
--- - hosts: server2 roles: - role: role1 Role task pre_tasks: Executed before role execution play - tasks1 tasks: General tasks - tasks2 post_tasks: Executed after roles and common tasks are executed play - tasks3 handl
On the basis of the previous experiment, add the task execution sequence and continue to edit the task execution module ~ / ansible/vsftpd.yml
Execute playbook;
You can see that there is a task execution before the role task
Task execution after role task
5, Use of multiple roles
First, the real machine opens the fire wall and opens the address camouflage, so that the virtual machine can surf the Internet
ansible - galaxy command tool:
Download role:
Access role download address: install https://galaxy.ansible.com roles
Search nginx
Copy link below
Download role succeeded
You can see the installed roles
Package the apache role directory and delete the original directory for experimental testing
List the roles. At this time, there are only vsftps and nginx just installed
Set execution task
Install role
Next, we install the Red Hat role, which allows the administrator to effectively manage the specified properties of the host
Installed in / usr/share/ansible directory
Copy a copy to the accessible directory of the devops user
List installed roles
Edit the execution task and complete the node host synchronization time
Execute playbook
Edit the default configuration file / etc/chrony.conf for the node host
Time of successful synchronization to the ansible host
