當(dāng)前位置：首頁(yè) > 编程资源 > 编程问答 >内容正文

编程问答

记录一个ansible高级用法与shell结合

發(fā)布時(shí)間：2025/3/21 编程问答 44 豆豆

生活随笔收集整理的這篇文章主要介紹了记录一个ansible高级用法与shell结合小編覺(jué)得挺不錯(cuò)的,現(xiàn)在分享給大家,幫大家做個(gè)參考.

未經(jīng)本人同意不得轉(zhuǎn)載

一.ansible安裝（ansible的配置與roles運(yùn)用）

1.ansible的概述

2.安裝python

3.ansible運(yùn)用前準(zhǔn)備

二.修改roles

1.初步修改apache-roles（一個(gè)roles可寫(xiě)多個(gè)劇本）

2.二次修改定義變量（開(kāi)關(guān)）

3.三次修改（別名調(diào)用ansible）

4.四次修改添加刪除劇本

5.五次修改（腳本調(diào)用創(chuàng)建與刪除）

6.六次修改（腳本調(diào)用函數(shù)）

7.測(cè)試

三.添加nginx四層代理入集群

1.創(chuàng)建nginx角色劇本

2.創(chuàng)建四層代理文件

3.修改hosts

4.書(shū)寫(xiě)ansible-playbook

5.添加腳本安裝與刪除

6.調(diào)用集成腳本（不變）

一.ansible安裝（ansible的配置與roles運(yùn)用）

注：前面兩步檢查一下是否安裝即可（可跳過(guò)）；在2.7與3.5版本的python上默認(rèn)安裝pip

1.ansible的概述

ansible是一個(gè)非常簡(jiǎn)單的自動(dòng)化部署項(xiàng)目，由python編寫(xiě)并且開(kāi)源。用于提供自動(dòng)化云配置、配置文件管理、應(yīng)用部署、服務(wù)編排和很多其他的IT自動(dòng)化需求。

ansible實(shí)現(xiàn)的自動(dòng)化部署是多層次的，通過(guò)描述系統(tǒng)之間的邏輯關(guān)系來(lái)構(gòu)建業(yè)務(wù)所需要的基礎(chǔ)架構(gòu)模型，而不僅僅用于管理一個(gè)單獨(dú)的系統(tǒng)；也就是說(shuō)ansible不僅僅能部署一個(gè)或多個(gè)獨(dú)立的服務(wù)，它還能對(duì)這些服務(wù)做關(guān)聯(lián)、對(duì)部署順序做編排等，一個(gè)完美的ansible部署項(xiàng)目應(yīng)該是層次分明、順序有秩的。

另外，ansible是Serverless和Agentless項(xiàng)目，在部署工具準(zhǔn)備階段基本上是零成本，而且ansible使用YAML寫(xiě)playbooks，這使playbook看起來(lái)通俗易懂，一目了然。

ansible這個(gè)后起之秀在開(kāi)源社區(qū)上也是非常火爆的，可以說(shuō)是部署工具屆的網(wǎng)紅一枚。現(xiàn)在很多很火的開(kāi)源項(xiàng)目都在使用ansible作為部署工具，例如我熟悉的openstack-ansible、openshift-ansible等等

2.安裝python

1)尋找對(duì)應(yīng)版本的安裝包,官網(wǎng)的ftp地址如下

Index of /ftp/python/

# 這邊就使用3.7.6版本，版本太高不是很好，很多第三方的庫(kù)都根本上；感覺(jué)3.6是比較好的版本； ? # 下載pthon安裝包 ~]# wget https://www.python.org/ftp/python/3.7.6/Python-3.7.6.tgz

2)創(chuàng)建安裝目錄看個(gè)人習(xí)慣，這邊放在/usr/local下面

~]# mkdir -p /usr/local/python3

3)解壓

~]# tar -zxvf Python-3.7.6.tgz

4)編譯安裝

# 先需要gcc環(huán)境和zlib庫(kù)為了方向鍵等不出現(xiàn)亂碼還需要 readline-devel 包 yum -y install gcc zlib* readline-devel ? # 進(jìn)入解壓好的目錄并編譯安裝 ~]# cd Python-3.7.6 ~]# ./configure --prefix=/usr/local/python3 ~]# make && make install

5）建立軟鏈接

~]# ln -s /usr/local/python3/bin/python3.7 /usr/bin/python3 ~]# ln -s /usr/local/python3/bin/pip3.7 /usr/bin/pip3

6)測(cè)試安裝查看版本

~]# python3 --version Python 3.7.6 ~]# python3 Python 3.7.6 (default, Feb 15 2020, 19:40:45) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)] on linux Type "help", "copyright", "credits" or "license" for more information. >>> print('hello word') hello word

7）模塊包setup-tools與pip安裝

什么是setuptools

setuptools是Python distutils增強(qiáng)版的集合，它可以幫助我們更簡(jiǎn)單的創(chuàng)建和分發(fā)Python包，尤其是擁有依賴(lài)關(guān)系的。用戶(hù)在使用setuptools創(chuàng)建的包時(shí)，并不需要已安裝setuptools，只要一個(gè)啟動(dòng)模塊即可。

功能亮點(diǎn)：

利用EasyInstall自動(dòng)查找、下載、安裝、升級(jí)依賴(lài)包創(chuàng)建Python Eggs 包含包目錄內(nèi)的數(shù)據(jù)文件自動(dòng)包含包目錄內(nèi)的所有的包，而不用在setup.py中列舉自動(dòng)包含包內(nèi)和發(fā)布有關(guān)的所有相關(guān)文件，而不是創(chuàng)建一個(gè)MANIFEST.in文件自動(dòng)生成經(jīng)過(guò)包裝的腳本或Windows執(zhí)行文件支持Pyrex，即在可以setup.py中列出.pyx文件，而最終用戶(hù)無(wú)需安裝Pyrex 支持上傳到PyPI 可以部署開(kāi)發(fā)模式，使項(xiàng)目在sys.path中用新命令或setup()參數(shù)擴(kuò)展distutils，為多個(gè)項(xiàng)目發(fā)布/重用擴(kuò)展在項(xiàng)目setup()中簡(jiǎn)單聲明entry points，創(chuàng)建可以自動(dòng)發(fā)現(xiàn)擴(kuò)展的應(yīng)用和框架

#網(wǎng)上找的安裝包setuptools ~]# wget https://pypi.python.org/packages/45/29/8814bf414e7cd1031e1a3c8a4169218376e284ea2553cc0822a6ea1c2d78/setuptools-36.6.0.zip#md5=74663b15117d9a2cc5295d76011e6fd1 ? #解壓 ~]# unzip setuptools-36.6.0.zip ? #進(jìn)入解壓的文件并編譯安裝 ~]# cd setuptools-36.6.0 ~]# python3.5 setup.py build ~]# python setup.py install ? # pip下載 ~]# wget --no-check-certificate https://pypi.python.org/packages/source/p/pip/pip-8.0.2.tar.gz#md5=3a73c4188f8dbad6a1e6f6d44d117eeb ? # 解壓文件 ? ~]# tar zxvf pip-8.0.2.tar.gz ? # 進(jìn)入該目錄 ~]# cd pip-8.0.2 ? #同樣執(zhí)行： ~]# python setup.py build ~]# python setup.py install #沒(méi)有提示錯(cuò)誤，那么就安裝成功了。 ? # 安裝好了之后會(huì)在我們的python目錄中成成該執(zhí)行文件的。 Adding pip 8.0.2 to easy-install.pth file Installing pip3.5 script to /usr/local/python/bin Installing pip3 script to /usr/local/python/bin Installing pip script to /usr/local/python/bin ? # 這個(gè)就是安裝是的提示，給我們說(shuō)的很清楚，說(shuō)將pip3安裝到了/usr/local/python/bin目錄中 ? # 對(duì)于我此時(shí)的目錄就是：/usr/local/python/bin ~]# ln -s /usr/bin/pip3 /usr/local/python/bin/pip3.5

3.ansible運(yùn)用前準(zhǔn)備

#將防火墻狀態(tài)enforcing模式修改為permissive變成寬容模式 ~]# setenforce 0 ? # 配置免密登陸 ~]# ssh-keygen -t rsa 生成公鑰 ~]# ssh-copy-id root@ip地址 ? ~]# ssh-copy-id root@192.168.42.110

4.安裝ansible

官方軟件下載： Index of /ansible

CentOS6自帶ansible版本為2.6.20

CentOS7自帶ansible版本為2.9.21

CentOS8自帶ansible版本為2.9.21-1

# 安裝ansible ~]# yum -y install ansible ? # 創(chuàng)建ansible目錄 ~]# mkdir ansible ? # 拷貝配置文件 ~]# cd ansible ~]# cp /etc/ansible/ansible.cfg ansible.cfg ? # 書(shū)寫(xiě)配置文件 ~]# vim ansible.cfg [defaults] inventory ? ? = ~/ansible/hosts ?#指定主機(jī)清單文件 ? # 書(shū)寫(xiě)主機(jī)清單 ~]# vim hosts [http] 172.17.0.114 172.17.0.142 172.17.0.98 ? #測(cè)試 ~]# ansible all -m ping 172.17.0.142 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong" } 172.17.0.114 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong" } 172.17.0.98 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong" }

5.創(chuàng)建角色運(yùn)用(用ansible之前必須進(jìn)入ansible)

# 創(chuàng)建角色目錄 ~]# mkdir roles ? # 修改ansible配置文件 ~]# vim ansible.cfg inventory = ~/ansible/inventory remote_user ? ? = root ? ? ? ? ? ? ? ? ? ? ? //連接受管機(jī)的遠(yuǎn)程用戶(hù) ? roles_path ? = roles ? ? ? ? ? ? ? ? ? ? ? //指定默認(rèn)的角色目錄 host_key_checking = false ? ? ? ? ? ? ? ? //當(dāng)其中有執(zhí)行錯(cuò)誤的命令時(shí)也繼續(xù)執(zhí)行 ? [privilege_escalation] ? ? ? ? ? ? ? ? ? ? //設(shè)置用戶(hù) sudo 提權(quán) become=True ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? //需要提權(quán) become_method=sudo ? ? ? ? ? ? ? ? ? ? ? //提權(quán)方式為 sudo ? become_user=root ? ? ? ? ? ? ? ? ? ? ? ? //提權(quán)為 root ? become_ask_pass=False ? ? ? ? ? ? ? ? ? //無(wú)需驗(yàn)證密碼 ? ? # 拉取角色 ~]# ansible-galaxy init roles/install ? ## 安裝apache # 在角色中創(chuàng)建apache的劇本 ~]# cd /root/ansible/roles/install/tasks/ ~]# vim main.yaml --- - name: install httpdyum:name: httpdstate: present - name: create index.htmlcopy:content: "{{ansible_hostname}}" ? #等同于劇本先讀取變量成值dest: /var/www/html/index.html - name: set firewalldfirewalld:service: httpstate: enablespermanent: trueimmediate: trueignore_errors: yes #由于某些原因沒(méi)有裝firewall，直接跳過(guò)錯(cuò)誤 - name: start httpdservice:name: httpdstate: startedenabled: true# 創(chuàng)建playbook調(diào)用角色 ~]# cd /root/ansible ~]# vim web.yml --- - hosts: allroles:- install # 角色名與上面對(duì)應(yīng)# 運(yùn)用ansible-playbook ? ?~]# ansible-playbook web.yml # 報(bào)錯(cuò)，看節(jié)點(diǎn)端口是否被占用 # roles目錄介紹 ~]# tree /root/ansible/roles /root/ansible/roles/ `-- install|-- defaults| ? `-- main.yml|-- files|-- handlers| ? `-- main.yml|-- meta| ? `-- main.yml|-- README.md|-- tasks| ? `-- main.yml|-- templates|-- tests| ? |-- inventory| ? `-- test.yml`-- vars`-- main.yml ? defualts/main.yml ? :定義變量的缺省值，優(yōu)先級(jí)較低 vars/main.yml ? ? ? :定義變量，優(yōu)先級(jí)高 files目錄 ? ? ? ? ? ? ：存儲(chǔ)靜態(tài)文件的目錄，如tar包、音樂(lè)、視頻等 templates目錄 ? ? ? ? ：存放動(dòng)態(tài)數(shù)據(jù)文件的地方（文件中包含了變量的模板文件） meta/main.yml ? ? ? :寫(xiě)作者、版本等描述信息 README.md ? ? ? ? ? :整個(gè)角色(role)的描述信息 handlers/main.yml ? :定義handlers tasks/main.yml ? ? ? :定義任務(wù)的地方

二.修改roles

1.初步修改apache-roles（一個(gè)roles可寫(xiě)多個(gè)劇本）

# 在tasks/main.yml文件中引用劇本文件，而直接做劇本 ~]# cd roles/install/tasks/ ~]# vim main.yml --- - include: http.yml ? # 書(shū)寫(xiě)要調(diào)用的劇本 ~]# vim http.yml - name: install httpdyum:name: httpdstate: present - name: create index.htmlcopy:content: "{{ansible_hostname}}" ? #等同于劇本先讀取變量成值dest: /var/www/html/index.html - name: set firewalldfirewalld:service: httpstate: enablespermanent: trueimmediate: trueignore_errors: true - name: start httpdservice:name: httpdstate: startedenabled: true #測(cè)試,調(diào)用角色劇本不用改 ~]# cd /root/ansible# 創(chuàng)建playbook ~]# cd /root/ansible && vim web.yml --- - hosts: allgather_facts: Trueenvironment:PATH: "{{ ansible_env.PATH }}:/usr/local/bin"become: yesroles:- install~]# ansible-playbook web.yml # 基本上，使用 include 語(yǔ)句引用 task 文件的方法，可允許你將一個(gè)配置策略分解到更小的文件中。使用 include 語(yǔ)句引用 tasks 是將 tasks 從其他文件拉取過(guò)來(lái)。因?yàn)?handlers 也是 tasks，所以你也可以使用 include 語(yǔ)句去引用 handlers 文件。handlers 文件來(lái)自 ‘handlers:’ section。

2.二次修改定義變量（開(kāi)關(guān)）

~]# cd /root/ansible/roles/install/tasks ~]# vim http.yml #書(shū)寫(xiě)變量 # tasks file for roles/install # set facts - name: set deploy_nginx factsset_fact: deploy_http = "{{ deploy_http }}"- name: install httpdyum:name: httpdstate: presentwhen: deploy_http == "true" and inventory_hostname in groups['http'] #最后可以寫(xiě)為['nginx'][0]代表nginx主機(jī)第一臺(tái)[1]則是第二臺(tái) - name: create index.htmlcopy:content: "{{ansible_hostname}}" #等同于劇本先讀取變量成值dest: /var/www/html/index.htmlwhen: deploy_http == "true" and inventory_hostname in groups['http'] - name: set firewalldfirewalld:service: httpstate: enablespermanent: trueimmediate: truewhen: deploy_http == "true" and inventory_hostname in groups['http'] - name: start httpdservice:name: httpdstate: startedenabled: truewhen: deploy_http == "true" and inventory_hostname in groups['http'] #修改hosts定義變量 ~]# cd /root/ansible ~]# vim hosts [all:vars] deploy_http="true"[http] 172.17.0.114 172.17.0.142 172.17.0.98#測(cè)試，main.yml與playbook不做修改 ~]# ansible-playbook web.yml

3.三次修改（別名調(diào)用ansible）

~]# cd /root/ansible/roles/install/tasks ~]# vim http.yml # tasks file for roles/install # set facts - name: set deploy_nginx factsset_fact: deploy_http = "{{ deploy_http }}"tags: install_http #定義別名- name: install httpdyum:name: httpdstate: presentwhen: deploy_http == "true" and inventory_hostname in groups['nginx']tags: install_http #定義別名 - name: create index.htmlcopy:content: "{{ansible_hostname}}"dest: /var/www/html/index.htmlwhen: deploy_http == "true" and inventory_hostname in groups['nginx']tags: install_http #定義別名 - name: start httpdservice: name: httpdstate: startedenabled: truewhen: deploy_http == "true" and inventory_hostname in groups['nginx']tags: install_http #定義別名#修改hosts ~]# cd /root/ansible ~]# vim ansible.cfg [defaults] inventory = ~/ansible/hosts remote_user = root roles_path = roles [privilege_escalation] become=True become_method=sudo become_user=root become_ask_pass=False forks = 10 #ssh并發(fā)數(shù)量（默認(rèn)是5）#測(cè)試，main.yml，playbook不做修改 ~]# ansible-playbook -f 10 -i /root/ansible/hosts --tags install_http /root/ansible/web.yml --extra-vars "hosts=${hosts}" #--extra-vars "hosts=${hosts}" 暫不知道外部變量是什么，這里不寫(xiě)-f FORKS, --forks=FORKS#specify number of parallel processes to use(default=5)#并行任務(wù)數(shù)。FORKS被指定為一個(gè)整數(shù),默認(rèn)是5 -i INVENTORY, --inventory-file=INVENTORY#specify inventory host path (default=/etc/ansible/hosts) or comma separated host list.#指定要讀取的Inventory文件 -tags #available tags#指定可用的tags -e EXTRA_VARS, --extra-vars=EXTRA_VARS#set additional variables as key=value or YAML/JSON#在Playbook中引入外部參數(shù)變量

4.四次修改添加刪除劇本

# 書(shū)寫(xiě)劇本 ~]# cd /root/ansible/roles/install/tasks ~]# vim http.yml --- # tasks file for roles/install # set facts - name: set deploy_nginx factsset_fact: deploy_http = "{{ deploy_http }}"tags: install_http- name: install httpdyum:name: httpdstate: presentwhen: deploy_http == "true" and inventory_hostname in groups['apache']tags: install_http - name: create index.htmlcopy:content: "{{ansible_hostname}}"dest: /var/www/html/index.htmlwhen: deploy_http == "true" and inventory_hostname in groups['apache']tags: install_http - name: set firewalldfirewalld:service: httpstate: enablespermanent: trueimmediate: truewhen: deploy_http == "true" and inventory_hostname in groups['apache']tags: install_httpignore_errors: true - name: start httpdservice:name: httpdstate: startedenabled: truewhen: deploy_http == "true" and inventory_hostname in groups['apache']tags: install_http# 刪除劇本 - name: stop httpservice:name: httpdstate: stoppedenabled: falsewhen: deploy_http == "true" and inventory_hostname in groups['apache']tags: remove_http - name: remove httpyum:name: httpdstate: absentwhen: deploy_http == "true" and inventory_hostname in groups['apache']tags: remove_http - name: rm directoryfile:path: /var/www/html/index.htmlstate: absentwhen: deploy_http == "true" and inventory_hostname in groups['apache']tags: remove_http#測(cè)試，main.yml，playbook不做修改 ~]# ansible-playbook -f 10 -i /root/ansible/hosts --tags remove_http /root/ansible/web.yml --extra-vars "hosts=${hosts}"

5.五次修改（腳本調(diào)用創(chuàng)建與刪除）

1）書(shū)寫(xiě)playbook

~]# cd /root/ansible && vim web.yml --- - hosts: allgather_facts: Trueenvironment:PATH: "{{ ansible_env.PATH }}:/usr/local/bin"become: yesroles:- install

2）掉用創(chuàng)建

# 創(chuàng)建目錄 ~]# cd /root/ansible ~]# mkdir install-sh && cd install-sh ~]# vim install.sh #!/bin/bash set -e BASE_DIR=$(cd `dirname $0` && pwd) cd $BASE_DIRCALL_FUN="all_func" hosts="all" help(){echo "show usage"echo "install_http:deploy install http" } while getopts ":f:h:" opt docase $opt in f)CALL_FUN="${OPTARG}";;h)hosts="${OPTARG}";;?)echo "unkown args! just suport -f[call function] and -h[ansible hosts group] arg!!!"exit 0;;esac donehttp(){echo "install http" ansible-playbook -f 10 -i /root/ansible/hosts --tags install_http /root/ansible/web.yml --extra-vars "hosts=${hosts}" }all_func(){http }main(){$CALL_FUN || help } main#測(cè)試 ~]# chmod +x http.sh ~]# ./http.sh

3）調(diào)用刪除

~]# cd /root/ansible/install-sh ~]# vim remove.sh #!/bin/bash set -e BASE_DIR=$(cd `dirname $0` && pwd) cd $BASE_DIRCALL_FUN="all_func" hosts="all" help(){echo "show usage"echo "install_http:deploy install http" } while getopts ":f:h:" opt docase $opt in f)CALL_FUN="${OPTARG}";;h)hosts="${OPTARG}";;?)echo "unkown args! just suport -f[call function] and -h[ansible hosts group] arg!!!"exit 0;;esac donehttp(){echo "install http" ansible-playbook -f 10 -i /root/ansible/hosts --tags remove_http /root/ansible/web.yml --extra-vars "hosts=${hosts}" }all_func(){http }main(){$CALL_FUN || help } main

6.六次修改（腳本調(diào)用函數(shù)）

~]# cd /root/ansible ~]# vim pot-cmd.sh #!/bin/bash # Author: yhchen set -eBASE_DIR=$(cd `dirname $0` && pwd) cd $BASE_DIREXEC_SCRIPT="" CALL_FUN="all_func" hosts="all"help(){echo "show usage:"echo "you can exec script list: "echo `ls /root/ansible/install-sh`exit 0 }while getopts ":s:f:h:" opt docase $opt ins)EXEC_SCRIPT="${OPTARG}";;f)CALL_FUN="${OPTARG}";;h)hosts="${OPTARG}";;?)echo "unkown args! just suport -s[mgr-scripts's script] -f[call function] and -h[ansible hosts group] arg!!!"exit 0;;esac donecmd(){/root/ansible/install-sh/${EXEC_SCRIPT} -f ${CALL_FUN} -h ${hosts} }main(){if [ "x${EXEC_SCRIPT}" == "x" ]; thenhelpelsecmdfi } main

7.測(cè)試

~]# ./pot-cmd.sh -f xxx show usage: you can exec script list: install.sh remove.sh~]# ./pot-cmd.sh -s install.sh -f xxx /root/ansible/install-sh/install.sh: line 36: xxx: command not found show usage install_http:deploy install http~]# ./pot-cmd.sh -s install.sh -h install_http

三.添加nginx四層代理入集群

1.創(chuàng)建nginx角色劇本

注：模塊可查幫助ansible-doc [模塊名]

~]# cd /root/nginx/roles/install/tasks/ ~]# vim nginx.yml --- # set facts - name: set deploy_nginx factsset_fact: deploy_nginx = "{{ deploy_nginx }}"tags: install_nginx# create save nginx loanginxalance dir - name: create nginx loanginxalance dirfile: path: /root/nginxstate: directory when: deploy_nginx == "true" and inventory_hostname in groups['nginx']tags: install_nginx# install nginx rely on - name: install pcre-devel zlib-devel openssl-devel gccyum:name: "{{ item }}"loop:- pcre-devel- zlib-devel- openssl-devel- gccwhen: deploy_nginx == "true" and inventory_hostname in groups['nginx'][0]tags: install_nginx # copy nginx install pkg to nginx node - name: copy nginx install pkg to nginx nodecopy:src: "{{ dpl_dir }}-tgz/{{ nginx_version }}.tar.gz"dest: /root/nginxwhen: deploy_nginx == "true" and inventory_hostname in groups['nginx']tags: install_nginx # unzip nginx install pkg - name: unzip nginx install pkgunarchive:creates: /root/nginx/nginx-1.20.1copy: nosrc: /root/nginx/nginx-1.20.1.tar.gzdest: /root/nginx when: deploy_nginx == "true" and inventory_hostname in groups['nginx'] tags: install_nginx# deploy install nginx - name: deploy nginxshell: if [ `ls /root/nginx/nginx | wc -l` -eq 1]; then echo "install nginx"; else cd /root/nginx/nginx-1.20.1 && ./configure --prefix=/root/nginx/nginx --user=nginx --group=nginx --with-http_ssl_module --with-stream && make && make install;fiwhen: inventory_hostname in groups['nginx']tags: install_nginx# useradd nginx - name: useradd nginxshell: if [ `id nginx | wc -l` -eq 1 ]; then echo "true"; else useradd -s /sbin/nologin -M nginx;fi when: inventory_hostname in groups['nginx']tags: install_nginx# copy deploy nginx script to nginx node - name: deploy nginx configtemplate:src: templates/nginx/nginx.conf.j2 dest: /root/nginx/nginx/conf/nginx.confwhen: deploy_nginx == "true" and inventory_hostname in groups['nginx']tags: install_nginx# deploy nginx - name: deploy nginxshell: /root/nginx/nginx/sbin/nginxwhen: inventory_hostname in groups['nginx']tags: install_nginx# remove nginx - name: deploy remove nginxshell: if [ `ss -nulpt |grep nginx |wc -l` -ge 1 ];then /root/nginx/nginx/sbin/nginx -s stop && rm -rf /root/nginx/ && rm -rf /data/nginx/; else echo "no nginx";fiwhen: inventory_hostname in groups['nginx'] and deploy_nginx == "true"tags: remove_nginx# remove nginx rely on - name: install pcre-devel zlib-devel openssl-devel gccyum:name: "{{ item }}"state: absent loop:- pcre-devel- zlib-devel- openssl-devel- gccwhen: deploy_nginx == "true" and inventory_hostname in groups['nginx']tags: remove_nginx

2.創(chuàng)建四層代理文件

~]# /root/ansible/roles/install/templates ~]# mkdir nginx ~]# vim nginx/nginx.conf.j2 worker_processes 4;events {worker_connections 1024; } stream {upstream tapd_http {server {{ groups['stream'][1] }}:80 max_fails=3 fail_timeout=30s;server {{ groups['stream'][2] }}:80 max_fails=3 fail_timeout=30s;}upstream tapd_https {server {{ groups['stream'][1] }}:443 max_fails=3 fail_timeout=30s;server {{ groups['stream'][2] }}:443 max_fails=3 fail_timeout=30s;}upstream apiserver_lb {server {{ groups['stream'][0] }}:6443 max_fails=3 fail_timeout=30s;server {{ groups['stream'][1] }}:6443 max_fails=3 fail_timeout=30s;server {{ groups['stream'][2] }}:6443 max_fails=3 fail_timeout=30s;}upstream tke_platform_api {server {{ groups['stream'][0] }}:31138 max_fails=3 fail_timeout=30s;server {{ groups['stream'][1] }}:31138 max_fails=3 fail_timeout=30s;server {{ groups['stream'][2] }}:31138 max_fails=3 fail_timeout=30s;}server {listen 80;proxy_connect_timeout 5s;proxy_pass tapd_http;}server {listen 443;proxy_connect_timeout 5s;proxy_pass tapd_https;}server {listen 6443;proxy_connect_timeout 5s;proxy_pass apiserver_lb;}server {listen 31138;proxy_connect_timeout 5s;proxy_pass tke_platform_api;}}

3.修改hosts

[all:vars] dpl_dir=/root/ansible/install nginx_version="nginx-1.20.1"deploy_http="true" deploy_nginx="true"[apache] 172.17.0.114 172.17.0.142 172.17.0.98[nginx] 172.17.0.142[stream] 172.17.0.114 172.17.0.142 172.17.0.98

4.書(shū)寫(xiě)ansible-playbook

~]# cd /root/ansible && vim web.yml --- - hosts: allgather_facts: True # 當(dāng)執(zhí)行錯(cuò)誤時(shí)，繼續(xù)執(zhí)行environment:PATH: "{{ ansible_env.PATH }}:/usr/local/bin"become: yesroles:- install

5.添加腳本安裝與刪除

1）安裝腳本

~]# cd /root/ansible/install-sh ~]# vim install.sh #!/bin/bash set -e BASE_DIR=$(cd `dirname $0` && pwd) cd $BASE_DIRCALL_FUN="all_func" hosts="all" help(){echo "show usage"echo "install_http:deploy install http"echo "nginx_lb: deploy nginx" } while getopts ":f:h:" opt docase $opt in f)CALL_FUN="${OPTARG}";;h)hosts="${OPTARG}";;?)echo "unkown args! just suport -f[call function] and -h[ansible hosts group] arg!!!"exit 0;;esac donehttp(){echo "install http" ansible-playbook -f 10 -i /root/ansible/hosts --tags install_http /root/ansible/web.yml --extra-vars "hosts=${hosts}" }nginx_lb(){echo "###### deploy nginx start ######"#nginx initansible-playbook -f 10 -i /root/ansible/hosts --tags install_nginx /root/ansible/web.yml --extra-vars "hosts=${hosts}" echo "###### deploy nginx end ######" }all_func(){httpnginx_lb }main(){$CALL_FUN || help } main

2）刪除腳本

~]# cd /root/ansible/install-sh ~]# vim remove.sh #!/bin/bash set -e BASE_DIR=$(cd `dirname $0` && pwd) cd $BASE_DIRCALL_FUN="all_func" hosts="all" help(){echo "show usage"echo "remove_http:deploy remove http"echo "remove_nginx: remove nginx lb" } while getopts ":f:h:" opt docase $opt in f)CALL_FUN="${OPTARG}";;h)hosts="${OPTARG}";;?)echo "unkown args! just suport -f[call function] and -h[ansible hosts group] arg!!!"exit 0;;esac donehttp(){echo "install http" ansible-playbook -f 10 -i /root/ansible/hosts --tags remove_http /root/ansible/web.yml --extra-vars "hosts=${hosts}" }remove_nginx(){echo "###### remove nginx start ######"# remove nginxansible-playbook -f 10 -i /root/ansible/hosts --tags remove_nginx /root/ansible/web.yml --extra-vars "hosts=${hosts}"echo "###### remove nginx end ######" }all_func(){httpremove_nginx }main(){$CALL_FUN || help } main

6.調(diào)用集成腳本（不變）

4)測(cè)試用法與“‘7”’類(lèi)似

總結(jié)

以上是生活随笔為你收集整理的记录一个ansible高级用法与shell结合的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。

上一篇： PHP Fatal error: All
下一篇： nfs漏洞修复（showmount -e