侧边栏壁纸
博主头像
zyixin

当你觉得为时已晚的时候,恰恰是最早的时候

  • 累计撰写 64 篇文章
  • 累计创建 0 个标签
  • 累计收到 1 条评论

目 录CONTENT

文章目录

roles 角色

zyixin
2022-04-01 / 0 评论 / 0 点赞 / 1,802 阅读 / 10,875 字
温馨提示:
本文最后更新于 2022-04-01,若内容或图片失效,请留言反馈。部分素材来自网络,若不小心影响到您的利益,请联系我们删除。

1 roles角色

角色是ansible自1.2版本引入的新特征,用于层次性、结构化地组织playbook。roles能够根据层次性结构自动装载变量文件、tasks以及handlers等。要使用roles只需要在playbook中使用include指令即可。简单来讲,roles就是通过分别将变量、文件、任务、模块及处理器放置于单独的目录中,并可以便捷地include它们的一种机制。角色一般用于基于主机构建服务的场景中,但也可以是用于构建守护进程等场景中
运维复杂的场景:建议使用roles,代码复用度高
roles:多个角色的集合,可以将多个的role,分别放至roles目录下的独立子目录中
roles/
—mysql/
—httpd/
—nginx/
—redis

1.1 Ansible Roles目录编排

roles目录结构如下所示
roles

每个角色:以特定的层级目录结构进行组织

roles目录结构:
playbook.yml
roles/
—project/
—tasks/
—files/
—vars/
—templates/
—handlers/
—default/
—meta/

Roles各目录作用
/roles/project/: 项目名称,有以下子目录
· files/: 存放由copy或script模块等调用的文件
· temolates/: template模块查找所需要模块文件的目录
· tasks/: 定义task,role的基本元素,至少应该包含一个名为main.yml的文件;其他的文件需要在此文件中通过include进行包含
· handlers/: 至少应该包含一个名为main.yml文件,其他的文件需要在此文件中通过include进行包含
· vars/: 定义变量,至少应该包含一个名为main.yml的文件,其他的文件需要在此文件中通过include进行包含
· meta/: 定义当前角色的特殊设定及其依赖关系,至少应该包含一个名为main.yml的文件,其他文件需在此文件中通过include进行包含
· default/: 设定默认变量时使用此目录中的main.yml文件,比vars的优先级低

1.2 创建role

创建role的步骤
(1)创建以roles命名的目录
(2)在roles目录中分别创建以各角色名称命名的目录,如webserver等
(3)在每个角色命名的目录中分别创建files、handlers、meta、tasks、templates和vars目录;用不到的目录可以创建为空目录,也可以不创建
(4)在playbook文件中,调用各角色

针对大型项目使用Roles进行编排
范例:roles的目录结构

nginx-role.yml
roles/
└── nginx
    ├── files
    │     └── main.yml
	├── tasks
	│     ├── groupadd.yml
	│     ├── install.yml
	│     ├── main.yml
	│     ├── restart.yml
	│     ├── useradd.yml
	└── vars
          └── main.yml

1.3 playbook调用角色

调用角色方法:

---
- hosts: websrvs
  remote_user: root
  roles:
    - mysql
	- memcached
	- nginx

调用角色方法2:
键role用于指定角色名称,后续的k/v用于传递变量给角色

---
- hosts: all
  remote_user: root
  roles:
    - mysql
	- { role: nginx, username: nginx }

调用角色方法3:
还可基于条件测试实现角色调用

---
- hosts: all
  remote_user: root
  roles:
    - { role: nginx, username: nginx, when: ansible_distribution_major_version == '7' }

1.4 roles中tags使用

#nginx-role.tml
---
- hosts: websrvs
  remote_user: root
  roles:
    - { role:nginx, tags: [ 'nginx', 'web' ], when: ansible_distribution_major_version == '6' }
	- { role: httpd, tags: [ 'httpd', 'web' ] }
	- { role: mysql, tags: [ 'mysql', 'db' ] }
	- { role: mariadb, tags:[ 'mariadb', 'db' ] }
	
[root@ansible ~]# ansible-playbook --tags="nginx,httpd,mysql" nginx-role.yml

1.5 实战案例

1.5.1 案例1:实现httpd角色

[root@ansible ~]# mkdir -pv /data/ansible/roles/httpd/{tasks,handlers,files}

#创建角色相关的文件
[root@ansible ~]# cd /data/ansible/roles/httpd/
[root@ansible httpd]# vim tasks/main.yml
- include: install.yml
- include: config.yml
- include: index.yml
- include: service.yml

#创建软件安装文件
[root@ansible httpd]# vim tasks/install.yml
- name: install httpd package
  yum: name=httpd
  
#创建软件配置文件
[root@ansible httpd]# vim tasks/config.yml
- name: config file
  copy: src=httpd.conf dest=/etc/httpd/conf/ backup=yes
  notify: restart
  
#创建网页主页文件
[root@ansible httpd]# vim tasks/index.yml
- name: index.html
  copy: src=index.html dest=/var/www/html/
  
#创建软件启动文件
[root@ansible httpd]# vim tasks/service.yml
- name: start service
  service: name=httpd state=started enabled=yes
  
#创建软件触发重启文件
[root@ansible httpd]# vim handlers/main.yml
- name: restart
  service: name=httpd state=restarted
  
  
#在files目录下准备两个文件
[root@ansible httpd]# ls /data/ansible/roles/httpd/files/
httpd.conf	index.html

[root@ansible httpd]# tree /data/ansible/roles/httpd/
/data/ansible/roles/httpd/
├── files
│   ├── httpd.conf
│   └── index.html
├── handlers
└── tasks
    ├── config.yml
    ├── index.yml
    ├── install.yml
    └── service.yml

3 directories, 6 files

#在playbook中调用角色
[root@ansible httpd]# vim /data/ansible/role_httpd.yml
---
# httpd role
- hosts: websrvs
  remote_user: root
  
  roles:
    - role: httpd

#运行playbook
[root@ansible httpd]# ansible-playbook /data/ansible/role_httpd.yml

1.5.2 案例2:实现nginx角色

[root@ansible ~]# mkdir -pv /data/ansible/roles/nginx/{tasks,handlers,templates,vars}

#创建task文件
[root@ansible ~]# cd /data/ansible/roles/nginx/
[root@ansible nginx]# vim tasks/main.yml
- include: install.yml
- include: config.yml
- include: file.yml
- include: service.yml

[root@ansible nginx]# vim tasks/install.yml
- name: install
  yum: name=nginx
  
[root@ansible nginx]# vim tasks/config.yml
- name: config file for centos7
  templates: src=ngxin7.conf.j2 dest=/etc/nginx/nginx.conf
  when: ansible_distribution_major_version == "7"
  notify: restart
- name: config file for centos8
  templates: src=nginx8.conf.j2 dest=/etc/nginx/nginx.conf
  when: ansible_distribution_major_version == "8"
  notify: restart

[root@ansible nginx]# vim tasks/index.yml
- name: index.html
  copy: src=roles/httpd/files/index.html dest=/usr/share/nginx/html/
  
[root@ansible nginx]# vim tasks/service.yml
- name: start service
  service: name=nginx state=started enabled=yes
  
#创建handler文件
[root@ansible nginx]# vim handlers/main.yml
- name: restart
  service: name=nginx state=restarted
  
#创建两个template文件
[root@ansible nginx]# vim templates/nginx7.conf.j2
... 省略 ...
user: {{ user }};
worker_processes {{ ansible_processor_vcpus+3 }};
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
... 省略 ...

[root@ansible nginx]# vim templates/nginx8.conf.j2
... 省略 ...
user: nginx;
worker_processes {{ ansible_processor_vcpus+2 }};
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
... 省略 ...

#创建变量文件
[root@ansible nginx]# vim vars/main.yml
user: daemon

#目录结构如下
[root@ansible nginx]# tess /data/ansible/roles/nginx/
/data/ansible/roles/nginx/
├── handlers
│   └── main.yml
├── tasks
│   ├── config.yml
│   ├── index.yml
│   ├── install.yml
│   ├── main.yml
│   └── service.yml
├── templates
│   ├── nginx7.conf.j2
│   └── nginx8.conf.j2
└── vars
    └── main.yml

4 directories, 9 files

#在playbook中调用角色
[root@ansible nginx]# vim /data/ansible/role_nginx.yml
---
#nginx role
- hosts: websrvs
  remote_user: root
  
  roles:
    - role: nginx
	
#运行playbook
[root ansible@ ansible]# ansible-playbook /data/ansible/role_nginx.yml

1.5.3 案例3:实现memcached角色

[root@ansible ~]# mkdir -pv /data/ansible/roles/memcached/{tasks,templates}

[root@ansible ~]# cd /data/ansible/roles/memcached
[root@ansible memcached]# vim tasks/main.yml
- include: install.yml
- include: config.yml
- include: service.yml

[root@ansible memcached]# vim tasks/install.yml
- name: install
  yum: name=memcached
  
[root@ansible memcached]# vim tasks/config.yml
- name: config file
  template: src=memcached.j2 dest=/etc/sysconfig/memcached
  
[root@ansible memcached]# vim tasks/service.yml
- name: service
  service: name=memcached state=started enabled=yes

[root@ansible memcached]# vim templates/memcached.j2
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="{{ansible_memtotal_mb//4}}"

[root@ansible memcached]# tree /data/ansible/roles/memcached/
/data/ansible/roles/memcached/
├── tasks
│   ├── config.yml
│   ├── install.yml
│   ├── main.yml
│   └── service.yml
└── templates
    └── memcached.j2

2 directories, 5 files


[root@ansible ansible]# vim /data/ansible/role_memcached.yml
---
- hosts: websrvs
  remote_user: root
  
  roles:
    - role: memcached
	
[root@ansible ansible]# ansible-playbook /data/ansible/role_memcached.yml

PLAY [192.168.139.100] ******************************************************************************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************************************************************************************
ok: [192.168.139.100]

TASK [memcached : install] **************************************************************************************************************************************************************************************
changed: [192.168.139.100]

TASK [memcached : config file] **********************************************************************************************************************************************************************************
changed: [192.168.139.100]

TASK [memcached : service] **************************************************************************************************************************************************************************************
changed: [192.168.139.100]

PLAY RECAP ******************************************************************************************************************************************************************************************************
192.168.139.100            : ok=4    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

1.5.4 案例4:实现mysql角色

[root@ansible ~]# vim /data/ansible/roles/mysql/files/my.cnf
[mysqld]
socket=/tmp/mysql.sock
user=mysql
symbolic-links=0
datadir=/data/mysql
innodb_file-per_table=1
log-bin
pid-file=/data/mysql/mysqld.pid

[client]
port=3306
socket=/tmp/mysql.sock

[mysqld_safe]
log-error=/var/log/mysqld.log

[root@ansible ~]# vim /data/ansible/roles/mysql/files/secure_mysql.sh
#!/bin/bash
/usr/local/mysql/bin/mysql_secure_installation <<EOF

y
zyixin
zyixin
y
y
y
y
EOF

[root@ansible ~]# ls /data/ansible/roles/mysql/files/
my.cnf	mysql-5.6.46-linux-glibc2.12-x86_64.tar.gz	secure_mysql.sh

[root@ansible ~]# vim /data/ansible/roles/mysql/tasks/main.yml
- include: install.yml
- include: group.yml
- include: user.yml
- include: unarchive.yml
- include: link.yml
- include: data.yml
- include: config.yml
- include: service.yml
- include: path.yml
- include: secure.yml

[root@ansible ~]# vim /data/ansible/roles/mysql/tasks/install.yml
- name: install packages
  yum: name=libaio,perl-Data-Dumper,perl-Getopt-Long
  
[root@ansible ~]# vim /data/ansible/roles/mysql/tasks/group.yml
- name: create mysql group
  group: name=mysql pid=306
  
[root@ansible ~]# vim /data/ansible/roles/mysql/tasks/user.yml
- name: create mysql user
  user: name=mysql uid=306 group=mysql shell=/sbin/nologin system=yes create_home=no home=/data/mysql
  
[root@ansible ~]# vim /data/ansible/roles/mysql/tasks/unarchive.yml
- name: copy tar to  remote host and file mode
  unarchive: src=mysql-5.6.46-linux-glibc2.12-x86_64.tar.gz dest=/usr/local/ owner=root group=root
  
[root@ansible ~]# vim /data/ansible/roles/mysql/tasks/link.yml
- name: mkdir /usr/local/mysql
  file: src=/usr/local/mysql-5.6.46-linux-glibc2.12-x86_64 dest=/usr/local/mysql state=link
  
[root@ansible ~]# vim /data/ansible/roles/mysql/tasks/data.yml
- name: data dir
  shell: chdir=/usr/local/mysql/ ./scripts/mysql_install_db --datadir=/data/mysql --user=mysql
  
[root@ansible ~]# vim /data/ansible/roles/mysql/tasks/config.yml
- name: config my.cnf
  copy: src=my.cnf dest=/etc/my.cnf
  
[root@ansible ~]# vim /data/ansible/roles/mysql/tasks/service.yml
- name: service script
  shell: /bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqd;/etc/init.d/mysqld start;chkconfig --add mysqld;chkconfig mysqld on
  
[root@ansible ~]# vim /data/ansible/roles/mysql/tasks/path.yml
- name: PATH variable
  copy: content='PATH=/usr/local/mysql/bin:$PATH' dest=/etc/profile.d/mysql.sh

[root@ansible ~]# vim /data/ansible/roles/mysql/tasks/secure.yml
- name: secure script
  script: secure_mysql.sh
  
[root@ansible ~]# tree /data/ansible/roles/mysql/
/data/ansible/roles/mysql/
├── files
│   ├── my.cnf
│   ├── mysql-5.6.46-linux-glibc2.12-x86_64.tar.gz
│   ├── secure_mysql.sh
└── tasks
    ├── config.yml
	├── data.yml
	├── group.yml
	├── link.yml
	├── install.yml
	├── main.yml
	├── path.yml
	├── secure.yml
	├── service.yml
	├── unarchive.yml
	└── user.yml

2 directories, 14 files


[root@ansible ~]# vim /data/ansible/mysql_roles.yml
- hosts: websrvs
  remote_user: root
  
  roles:
    - {role: mysql,tags: ["mysql","db"]}
	- {role: nginx,tags: ["nginx","web"]}
	
[root@ansible ~]# ansible-playbook -t mysql /data/ansible/mysql_roles.yml

1.5.5 案例5:实现多角色的选择

[root@ansible ~]# vim /data/ansible/role_nginx.yml
---
- hosts: websrvs
  remote_user: root
  
  roles:
    - {role: httpd,tags: [httpd,web], when:ansible_distribution_major_version=="7"}
	- {role: nginx,tags: [nginx,web], when:ansible_distribution_major_version=="8"}
	
[root@ansible ~]# ansible-playbook -t nginx /data/ansible/role_httpd_nginx.yml
0

评论区