1. Ansible architecture
Ansible's help documentation:
http://www.ansible.com.cn/index.html
2. Introduction to YAML Language
- Basic Rules
All members of the list (list, [,,,...]) begin with the same indentation level and begin with "-". Requirements - A space must be followed.
- apple - banana - orange - pear
Corresponding python output
['apple', 'banana', 'orange', 'pear']
A dictionary (dictionary, {key1:value1, key2:value2, key3:value3,...}) consists of a set of keys: values, and a space must be followed.
node_a:
conntimeout: 300
external:
iface: eth0
port: 556
internal:
iface: eth0
port: 778
broadcast:
client: 1000
server: 2000
node_b:
0:
ip: 10.0.0.1
name: b1
1:
ip: 10.0.0.2
name: b2Corresponding python output
{
'node_b': { #Note the nesting hierarchy.
0: None, #Notice the null value.
'ip': '10.0.0.2', #Note that key cannot be repeated, and repetition covers.
'name': 'b2',
1: None
},
'node_a': {
'iface': 'eth0',
'port': 778,
'server': 2000,
'broadcast': None,
'client': 1000,
'external': None,
'conntimeout': 300,
'internal': None
}
}It is suggested that the yaml file should be the first line.
- Illustrative examples
test.yaml
---
name: Tom Smith
age: 37
spouse:
name: Jane Smith
age: 35
children:
- name1: Jimmy Smith
age1: 15
- name2: Jenny Smith
age2: 12- Read code for python
#!/usr/bin/python
import yaml
file = open("test.yaml")
x = yaml.load(file)
print xresults of enforcement
{
'age': 37,
'spouse': {
'age': 25,
'name': 'Jane Smith'
},
'name': 'Tom Smith',
'children': [
{
'age1': 15,
'name1': 'Jimmy Smith'
},
{
'age2': 12,
'name2': 'Jenny Smith'
}
]
}- Another comprehensive example
---
name: Example Developer
job: Developer
skill: Elite
employed: True
foods:
- Apple
- Orange
- Strawberry
- Mango
languages:
ruby: Elite
python: Elite
dotnet: LameDisplay of python
{
'name': 'Example Developer',
'job': 'Developer',
'skill': 'Elite',
'employed': True,
'foods': [
'Apple', 'Orange', 'Strawberry', 'Mango'
],
'languages': {
'ruby': 'Elite',
'python': 'Elite',
'dotnet': 'Lame'
}
}3. Installation of Ansible
- Installation of CentOS YUM
First install EPEL source Installation on the main control machine yum install -y ansible ansible --version Test the installation for success ansible 192.168.12.1 -m ping -k -u beeworkshop Be careful: - k means ssh uses password authentication (otherwise key authentication) - u Specifies the username for ssh login Or through / etc/ansible/hosts configuration 192.168.12.1 ansible_ssh_user=bee To specify ssh login users. / The 192.168.12.1 address should be configured in the etc/ansible/hosts file, which is equivalent to whitelist, otherwise no command will be executed.
- Installation of Ubuntu
$ sudo apt-get install software-properties-common $ sudo apt-add-repository ppa:ansible/ansible $ sudo apt-get update $ sudo apt-get install ansible
- pip Installation
$ sudo pip install ansible
4. Ansible configuration file
- /etc/ansible/hosts
# Ex 1: Ungrouped hosts, specify before any group headers. ## green.example.com ## blue.example.com ## 192.168.100.1 ## 192.168.100.10 # Ex 2: A collection of hosts belonging to the 'webservers' group ## [webservers] ## alpha.example.org ## beta.example.org ## 192.168.1.100 ## 192.168.1.110 # If you have multiple hosts following a pattern you can specify # them like this: ## www[001:006].example.com # Ex 3: A collection of database servers in the 'dbservers' group ## [dbservers] ## ## db01.intranet.mydomain.net ## db02.intranet.mydomain.net ## 10.25.1.56 ## 10.25.1.57 # Here's another example of host ranges, this time there are no # leading 0s: ## db-[99:101]-node.example.com
Ansible specifies the list of hosts that Ansible works by defining the number of hosts and the group rule Inventory. Ansible reads the / etc/ansible/hosts file by default to obtain the controlled host.
If the hosts file is not the default location, you need to use the - i option to specify:
ansible -i /home/beeworkshop/hosts bidder -m ping
localhost is added to Inventory by default.
A host can belong to multiple groups, but priority is needed to avoid conflicts.
If you do not use SSH's default port 22, you need to specify the port
bee.example.com:5555
Use of aliases
jumper ansible_ssh_port=5555 ansible_ssh_host=192.168.1.50
Specify connection type and user name
localhost ansible_connection=local abc.exam.com ansible_connection=ssh ansible_ssh_user=abc def.exam.com ansible_connection=ssh ansible_ssh_user=def
- Host variables
For playbook configuration.
[atlanta] host1 http_port=80 maxRequestsPerChild=808 host2 http_port=303 maxRequestsPerChild=909
- Group variables
Group variables cover all members of a group.
[atlanta] host1 host2 [atlanta:vars] ntp_server=ntp.atlanta.example.com proxy=proxy.atlanta.example.com
- group nesting
[atlanta] host1 host2 [raleigh] host2 host3 [southeast:children] atlanta raleigh [usa:children] southeast northeast southwest northwest
- Separating host and group variables
In order to better specify host and group variables, Ansible supports separating hostname and group variables defined by hosts files separately and storing them in YAML files. Inventory directory and playbook directory can store group_vars and host_vars, but playbook has higher priority.
5. Ansible Common Modules
- Help
ansible-doc -l ansible-doc -s <module>
- get help
https://docs.ansible.com/ansible/latest/modules/modules_by_category.html - Syntax of calling module
ansible operation target-m module name-a module parameter
- Usage of Common Modules
(1) setup Get client details ansible webserver -m setup (2) copy Send files to clients Close SELinux on the client ansible webserver -m command -a "yum install -y install libselinux-python" ansible webserver -m copy -a "src=/usr/local/src/test.py dest=/tmp owner=root group=root mode 0755 force=yes" force: yes coverage Copy files when no exists backup: Back up the original file before yes overrides, and the backup file contains the time No no backup Path contains / replicates do not contain the directory, only the contents of the directory Path does not contain / copy contains the directory (3) synchronize rsync needs to be installed in advance Copy files and directories to clients ansible 192.168.1.21 -m synchronize -a "src=/usr/local/src/ dest=/usr/local/src/ delete=yes compress=yes" delete=yes makes the content on both sides the same - the new client does not exist, the client deletes differently. compress=yes open compression Path contains / replicates do not contain the directory, only the contents of the directory Path does not contain / copy contains the directory (4) file Setting File Catalog Properties Group defines the group of file directories Model defines permissions for file directories Owner defines the owner of the file directory Path required option, path recurse sets file properties recursively, only valid for directories src links to the original file, only for state=link dest link target, only for state=link force yes: coverage, no: no coverage state Link File Status link Creates Soft Links Create directories if directory directories do not exist File is not created even if the file does not exist absent deletes directories, files, link files Touch with touch command ansible 192.168.2.1 -m file -a "src=/usr/local/src/test.py dest=/tmp/test.py state=link" ansible 192.168.2.1 -m command -a 'll /tmp/test.py' ansible 192.168.2.1 -m file -a "path=/tmp/test.py state=absent" ansible 192.168.2.1 -m file -a 'path=/tmp/test.py state=touch owner=root group=root mode=0755' ansible webserver -m file -a 'path=/tmp/test state=directory owner=root group=root mode=0755'