一.ansible roles
1.ansible 角色简介
* Ansible roles 是为了层次化,结构化的组织Playbook
* roles就是通过分别将变量、文件、任务、模块及处理器放置于单独的目录中,并可以便捷地include它们
* roles一般用于基于主机构建服务的场景中,在企业复杂业务场景中应用的频率很高
* 以特定的层级目录结构进行组织的tasks、variables、handlers、templates、files等;相当于函数的调用把各个功能切割成片段来执行。
2.roles目录结构
files????????##存放copy或script等模块调用的函数
tasks????????##定义各种task,要有main.yml,其他文件include包含调用
handlers????????##定义各种handlers,要有main.yml,其他文件include包含调用
vars????????##定义variables,要有main.yml,其他文件include包含调用
templates????????##存储由template模块调用的模板文本
meta????????##定义当前角色的特殊设定及其依赖关系,要有main.yml的文件????????defaults##要有main.yml的文件,用于设定默认变量tests????????##用于测试角色
3.role存放的路径在配置文件ansible.cfg中定义
roles_path = path/roles (默认目录:/etc/ansible/roles)
4.创建目录结构
$ ansible-galaxy init apache
$ ansible-galaxy list
5.playbook中使用roles
playbook中使用roles:
---
- hosts: server2
? roles:
????????- role: role1
????????- role: role2
????????? var1: value1????????##此处变量会覆盖roles中的定义变量
[devops@ansible .ansible]$ vim ansible.cfg
[defaults]
inventory = ~/.ansible/inventory
host_key_checking = False
remote_user = devops
module_name = shell
roles_path= ~/.ansible/roles
[privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=False
[devops@ansible .ansible]$ mkdir roles
[devops@ansible .ansible]$ cd roles/
[devops@ansible roles]$ ansible-galaxy init apache
- Role apache was created successfully
[devops@ansible roles]$ ls
apache
[devops@ansible roles]$ cd apache/
[devops@ansible apache]$ ls
defaults files handlers meta README.md tasks templates tests vars
[devops@ansible apache]$ vim vars/main.yml
---
# vars file for apache
webs:
- doc: /var/www/html
index: www.westos.org
- name: linux.westos.org
doc: /var/www/virtual/westos.org/linux
index: linux.westos.org
- name: java.westos.org
doc: /var/www/virtual/westos.org/java
index: java.westos.org
[devops@ansible apache]$ vim templates/vhost.conf.j2
{%for web in webs %}
{%if web.name is not defined%}
<VirtualHost _default_:80>
{%endif%}
{%if web.name is defined%}
<VirtualHost *:80>
ServerName {{web.name}}
{%endif%}
DocumentRoot {{web.doc}}
</VirtualHost>
{%endfor%}
[devops@ansible apache]$ vim tasks/main.yml
---
- name: install httpd
dnf:
name: httpd
state: present
- name: start apache
service:
name: httpd
state: started
enabled: yes
- name: firewalld set
firewalld:
service: http
permanent: yes
state: enabled
immediate: yes
- name: create documentroot
file:
path: "{{item.doc}}"
state: directory
loop:
"{{webs}}"
- name: create index.html
copy:
dest: "{{item.doc}}/index.html"
content: "{{item.index}}"
loop:
"{{webs}}"
- name: create vhost.conf
template:
src: ./roles/apache/templates/vhost.conf.j2
dest: /etc/httpd/conf.d/vhost.conf
notify: restart apache
[devops@ansible apache]$ vim handlers/main.yml
[devops@ansible apache]$ cat handlers/main.yml
---
# handlers file for apache
- name: restart apache
service:
name: httpd
state: restarted
[devops@ansible apache]$ cd /home/devops/.ansible
[devops@ansible .ansible]$ vim web.yaml
- name: create web server
hosts: westos
roles:
- role: apache
[devops@ansible .ansible]$ ansible-playbook web.yaml
6.控制任务执行顺序
---
- hosts: server2
? roles:
????????- role: role1????????????????##角色任务
? pre_tasks:?????????????????????? ##角色执行前执行的play
????????- tasks1
? tasks:????????????????????????????????##普通任务
????????- tasks2
? post_tasks:????????????????????????##在角色和普通任务执行完毕后执行的play
????????- tasks3
handlers:
[devops@ansible .ansible]$ vim web.yaml
- name: create web server
hosts: westos
roles:
- role: apache
pre_tasks:
- name: remove apache ##角色执行前执行的play
dnf:
name: httpd
state: absent
post_tasks:
- name: successful ##在角色和普通任务执行完毕后执行的play
debug:
msg: web configur successful
tasks:
- name: install lftp
dnf:
name: lftp
state: present
notify: install messages
handlers:
- name: install messages
debug:
msg: install lftp ok
[devops@ansible .ansible]$ ansible-playbook web.yaml 
7.ansible—galaxy命令工具
* Ansible Galaxy 是一个免费共享和下载 Ansible 角色的网站,可以帮助我们更好的定义和学习roles。
* ansible-galaxy命令默认与https://galaxy.ansible.com网站API通信,可以查找、下载各种社区开发的 Ansible 角色
* ansible-galaxy在 Ansible 1.4.2 就已经被包含了
* 在galaxy.ansible.com网站查询roles
8.安装选择的角色
#install https://galaxy.ansible.com roles
$ansible-galaxy install geerlingguy.nginx
[root@ansible ~]# ip route add default via 172.25.254.250
[root@ansible ~]# echo nameserver 114.114.114.114 > /etc/resolv.conf
[root@ansible ~]# ping www.baidu.com
[devops@ansible .ansible]$ ansible-galaxy install stouts.nginx ##下载资源(主机可以上网)
- downloading role 'nginx', owned by stouts
- downloading role from https://github.com/Stouts/Stouts.nginx/archive/2.1.1.tar.gz
- extracting stouts.nginx to /home/devops/.ansible/roles/stouts.nginx
- stouts.nginx (2.1.1) was installed successfully
[devops@ansible .ansible]$ ls roles/
apache stouts.nginx
[devops@ansible .ansible]$ cd roles/
[devops@ansible roles]$ tar zcf /tmp/apache.tar.gz apache/
[devops@ansible roles]$ ls /tmp/
9.install local roles
$ vim install_apache_role.yml
---
- src: file:///mnt/apache.tar.gz
? name: apache
$ ansible-galaxy????????install -r install_apache_role.yml
[devops@ansible .ansible]$ vim install_apache.yml
- src: file:///tmp/apache.tar.gz
name: westos
[devops@ansible .ansible]$ ansible-galaxy install -r install_apache.yml
- downloading role from file:///tmp/apache.tar.gz
- extracting westos to /home/devops/.ansible/roles/westos
- westos was installed successfully
[devops@ansible .ansible]$ ls roles/
apache westos?