Linux架构 Ansible Roles

Ansible Roles

Ansible Roles基本概述

roles不管是Ansible还是saltstack,我在写一键部署的时候,都不可能把所有的步骤全部写入到一个'剧本'文件当中,我们肯定需要把不同的工作模块,拆分开来,解耦,那么说到解耦,我们就需要用到roles官方推荐,因为roles的目录结构层次更加清晰。

Ansible Roles目录结构

img

production                # inventory file for production servers
staging                   # inventory file for staging environment

group_vars/
   group1.yml             # here we assign variables to particular groups
   group2.yml
host_vars/
   hostname1.yml          # here we assign variables to particular systems
   hostname2.yml

library/                  # if any custom modules, put them here (optional)
module_utils/             # if any custom module_utils to support modules, put them here (optional)
filter_plugins/           # if any custom filter plugins, put them here (optional)

site.yml                  # master playbook
webservers.yml            # playbook for webserver tier
dbservers.yml             # playbook for dbserver tier

roles/
    common/               # this hierarchy represents a "role"
        tasks/ #任务           #
            main.yml      #  <-- tasks file can include smaller files if warranted
        handlers/ #触发器        #
            main.yml      #  <-- handlers file
        templates/ #带jinja变量的配置文件       #  <-- files for use with the template resource
            ntp.conf.j2   #  <------- templates end in .j2
        files/ #不带变量的配置文件和安装包等           #
            bar.txt       #  <-- files for use with the copy resource
            foo.sh        #  <-- script files for use with the script resource
        vars/ #变量            #
            main.yml      #  <-- variables associated with this role
        defaults/ #优先级比较低的变量        #
            main.yml      #  <-- default lower priority variables for this role
        meta/ #依赖            #
            main.yml      #  <-- role dependencies
        library/          # roles can also include custom modules
        module_utils/     # roles can also include custom module_utils
        lookup_plugins/   # or other types of plugins, like lookup in this case

    webtier/              # same kind of structure as "common" was above, done for the webtier role
    monitoring/           # ""
    fooapp/               # ""

开发环境

测试环境

  • 性能测试
  • 功能测试

预上线环境(Beta)

生产环境

使用ansible-galaxy创建roles

## 创建roles目录
ansible-galaxy init base

[root@m01 roles]# ll
total 0
drwxr-xr-x 10 root root 154 May 29 10:19 base
drwxr-xr-x  2 root root   6 May 29 10:21 group_vars
drwxr-xr-x  2 root root   6 May 29 10:21 host_vars
drwxr-xr-x 10 root root 154 May 29 10:18 keepalived
drwxr-xr-x 10 root root 154 May 29 10:18 lb
drwxr-xr-x 10 root root 154 May 29 10:16 mysql
drwxr-xr-x 10 root root 154 May 29 10:17 nfs-client
drwxr-xr-x 10 root root 154 May 29 10:17 nfs-server
drwxr-xr-x 10 root root 154 May 29 10:16 nginx
drwxr-xr-x 10 root root 154 May 29 10:17 rsync-cilent
drwxr-xr-x 10 root root 154 May 29 10:17 rsync-server
drwxr-xr-x 10 root root 154 May 29 10:18 wordpress-code
drwxr-xr-x 10 root root 154 May 29 10:18 wordpress-data
drwxr-xr-x 10 root root 154 May 29 10:18 wordpress-db

ansible roles实战

## 配置文件放入files目录
[root@m01 files]# vim lb.conf
upstream web {
        server 172.16.1.7;
        server 172.16.1.8;
}

server {
        listen 80;
        server_name _;
        location / {
                proxy_pass http://web;
                proxy_set_header Host $http_host;
                proxy_set_headex X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_connect_timeout 30;
                proxy_send_timeout 60;
                proxy_read_timeout 60;
                proxy_buffering on;
                proxy_bufer_size 32k;
                proxy_buffers 4 128k;
        }
}

img

# nginx

## 任务
[root@m01 roles]# vim nginx/tasks/main.yml

---
# tasks file for nginx
- name: 安装nginx
  yum:
    name: nginx
    state: present

- name: 推送主配置文件
  template:
    src: nginx.conf.j2
    dest: /etc/nginx/nginx.conf
  notify: Restart Nginx

- name: 启动nginx
  service:
    name: nginx
    state: started
    enabled: true

## 定义变量
[root@m01 tasks]# vim /tmp/ansible/roles/nginx/vars/main.yml 
---
# vars file for nginx
user_group: 'www'

## 准备nginx主配置文件(修改为变量)
[root@m01 templates]# vim /tmp/ansible/roles/nginx/templates/nginx.conf.j2 

## 触发器
[root@m01 handlers]# vim /tmp/ansible/roles/nginx/handlers/main.yml 
---
# handlers file for nginx
- name: Restart Nginx
  service:
    name: nginx
    state: restarted

# lb
## 依赖
[root@m01 meta]# vim /tmp/ansible/roles/lb/meta/main.yml 
description: 
  - {role: nginx}

## 任务
[root@m01 meta]# vim /tmp/ansible/roles/lb/tasks/main.yml 
---
# tasks file for lb
- name: 推送负载均衡配置文件
  copy:
    src: lb.conf
    dest: /etc/nginx/conf.d/
  notify: Restart Nginx

## 触发器
[root@m01 meta]# vim /tmp/ansible/roles/lb/handlers/main.yml 
---
# handlers file for lb
- name: Restart Nginx
  service:
    name: nginx
    state: restarted

## 配置lb.conf文件
[root@m01 meta]# vim /tmp/ansible/roles/lb/files/lb.conf 
upstream web {
        server 172.16.1.7;
        server 172.16.1.8;
}

server {
        listen 80;
        server_name _;
        location / {
                proxy_pass http://web;
                proxy_set_header Host $http_host;
                proxy_set_headex X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_connect_timeout 30;
                proxy_send_timeout 60;
                proxy_read_timeout 60;
                proxy_buffering on;
                proxy_bufer_size 32k;
                proxy_buffers 4 128k;
        }
}

## 入口文件
[root@m01 roles]# vim /tmp/ansible/roles/site.yml
- hosts: all
  roles:
    - {role: lb,when: ansible_hostname is match 'web*'}

## 执行入口文件
[root@m01 ansible]# ansible-playbook roles/site.yml 

ansible galaxy使用

# 查询ansible代码仓库
[root@m01 ~]# ansible-galaxy search nginx

# 下载代码仓库中的代码
[root@m01 ~]# ansible-galaxy collection install aaronpederson.nginx

ansible vault

# 加密
[root@m01 ansible]# ansible-vault encrypt site.yml

# 查看
[root@m01 ansible]# ansible-vault view site.yml

# 编辑
[root@m01 ansible]# ansible-vault edit site.yml

# 取消密码
[root@m01 ansible]# ansible-vault decrypt site.yml

# 修改密码
[root@m01 ansible]# ansible-vault rekey site.yml

gitee使用

img

img

img

image-20230529153743800

# 1.安装git命令
[root@m01 ansible]# yum install -y git

#简易的命令行入门教程:
## Git 全局设置:
git config --global user.name "刘建源"
git config --global user.email "12996948+ljy1026@user.noreply.gitee.com"

## 创建 git 仓库:
mkdir ansible_roles # 创建目录
cd ansible_roles # 进入目录(进入写roles目录)
git init # 将目录初始化成git仓库

[root@m01 ansible]# ll -a    ##执行完成后,会在目录下生成一个.git目录
total 0
drwxr-xr-x   6 root root  83 May 29 11:58 .
drwxrwxrwt.  8 root root 108 May 29 11:55 ..
drwxr-xr-x   7 root root 119 May 29 11:58 .git
drwxr-xr-x   2 root root   6 May 29 10:09 group_vars
drwxr-xr-x   2 root root   6 May 29 10:09 host_vars
drwxr-xr-x  16 root root 247 May 29 10:21 roles
-rw-r--r--   1 root root   0 May 29 10:09 site.yaml

# 将该目录下的所有文件加入到git中
[root@m01 ansible]# git add . 

## 查看git 状态
[root@m01 ansible]# git status

# 将代码提交到git仓库中
[root@m01 ansible]# git commit -m '第一次提交代码'

# 将码云仓库加入到本地
git remote add origin git@gitee.com:ljy1026/ansible_roles.git 

# 将本地代码,推送到码云
git push -u origin "master"

[root@m01 ansible]# git push -u origin "master"
Counting objects: 44, done.
Compressing objects: 100% (17/17), done.
Writing objects: 100% (27/27), 4.55 KiB | 0 bytes/s, done.
Total 27 (delta 3), reused 0 (delta 0)
remote: Powered by GITEE.COM [GNK-6.4]
To git@gitee.com:ljy1026/ansible_roles.git
   f728101..7ddb945  master -> master
Branch master set up to track remote branch master from origin.

### 每次更改完代码,建议
git add .
git commit -m '备注内容'
git push

## 拉代码
git clone git@gitee.com:ljy1026/ansible_roles.git

## 查看SSH公钥
cat ~/.ssh/id_rsa.pub

img

img

img

img

暂无评论

发送评论 编辑评论


				
|´・ω・)ノ
ヾ(≧∇≦*)ゝ
(☆ω☆)
(╯‵□′)╯︵┴─┴
 ̄﹃ ̄
(/ω\)
∠( ᐛ 」∠)_
(๑•̀ㅁ•́ฅ)
→_→
୧(๑•̀⌄•́๑)૭
٩(ˊᗜˋ*)و
(ノ°ο°)ノ
(´இ皿இ`)
⌇●﹏●⌇
(ฅ´ω`ฅ)
(╯°A°)╯︵○○○
φ( ̄∇ ̄o)
ヾ(´・ ・`。)ノ"
( ง ᵒ̌皿ᵒ̌)ง⁼³₌₃
(ó﹏ò。)
Σ(っ °Д °;)っ
( ,,´・ω・)ノ"(´っω・`。)
╮(╯▽╰)╭
o(*////▽////*)q
>﹏<
( ๑´•ω•) "(ㆆᴗㆆ)
😂
😀
😅
😊
🙂
🙃
😌
😍
😘
😜
😝
😏
😒
🙄
😳
😡
😔
😫
😱
😭
💩
👻
🙌
🖕
👍
👫
👬
👭
🌚
🌝
🙈
💊
😶
🙏
🍦
🍉
😣
Source: github.com/k4yt3x/flowerhd
颜文字
Emoji
小恐龙
花!
上一篇
下一篇