ansibe的脚本---playbook剧本

playbook剧本组成部分：

1、task 任务： 主要是包含要在目标主机上的操作，使用模块定义操作。每个任务都是模块的调用。
2、variables变量：存储和传递数据。变量可自定义，可以在playbook中定义为全局变量，可以外部传参。
3、Templates模板: 用于生成配胃文件。模版是包含占位符的文件。占位符有ansilbe在执行时转化为变量值。
4、handlers 处理器： 当需要变更时，可以执行触发器。
5、Roles 角色：是一种组织和封装playbook的，允许把相关的任务，变量，模板和处理器组成一个可复用的单元。

文件格式? ? ? ? xxx.yml 或 xxx.yaml

检查yml文件的语法是否正确

ansible-playbook xxx.yaml --syntax-check
eg:
ansible-playbook test.yaml --syntax-check

检测任务定义任务

ansible-playbook xxx.yaml --list-task

eg:
ansible-playbook test.yaml --list-task

检查生效的目标主机

anible-playbook xxx.yaml --list-hosts
eg:
ansible-playbook test.yaml --list-hosts

执行过程在设置密码

ansible-playbook test.yaml -K

需要开启免密

声明用户执行任务

ansible-playbook test.yaml  -u root -k

安装httpd脚本

vim test.yaml

#one playbook
- name: first play
#一个name就是一个任务名，可以不写
#one playbook
- name: first play
#一个name就是一个任务名，可以不写
  gather_facts: false
#是否收集目标主机的系统信息：false不收集
  hosts: 192.168.10.202
#执行的目标主机
  remote_user: dn
  become: yes
#切换用户
  become_user: root
#在目标主机执行的用户
  tasks:
   - name: ping test
#one playbook
- name: first play
#一个name就是一个任务名，可以不写
  gather_facts: false
#是否收集目标主机的系统信息：false不收集
  hosts: 192.168.10.202
#执行的目标主机
  remote_user: dn
  become: yes
#切换用户
  become_user: root
#在目标主机执行的用户
  tasks:
   - name: ping test
     ping:
     #测试与目的主机的连通性
   - name: close selinux
     command: '/sbin/setenforce 0'
     ignore_errors: True
     #关闭linux的机制，如果报错，忽略不计
   - name: close firewalld
     service: name=firewalld state=stopped
     #关闭防火墙
   - name: install httpd
     yum: name=httpd
     #安装httpd服务
   - name: start httpd
     service: enabled=true name=httpd state=started
     #设置服务开机自启
   - name: edition index.html
     shell: echo "this is httpd" > /var/www/html/index.html
     #修改访问页面
     notify: restart httpd
#notify要和handers的name一样
  handlers:
   - name: restart httpd
     service: name=httpd state=restarted

声明和引用变量，以及外部传参

创建user和group

- hosts: 192.168.10.201
  remote_user: root
  vars:
    groupname: guoqi
    username: wangdefu
  tasks:
   - name: create group
     group:
        name: "{{ groupname }}"
        system: yes
        gid: 111
   - name: create user
     user:
       name: "{{ username }}"
       uid: 1011
       group: "{{ groupname }}"
       shell: /sbin/nologin
   - name: copy file
     copy:
       content: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address']}}"
       dest: /opt/ky32.txt
#获取目标的ip地址，然后复制到目标文件

ansible-playbook test1.yaml -e 'username=lyw groupname=lyw'

循环---when

- hosts: all
#可以使用主机的IP地址，也可以是用户组名，也可以是all
  remote_user: root
  tasks:
   - name: test when
     debug:
       msg: '位置判断:'
#debug~echo msg:输出的内容，用于脚本的调试，在正式脚本中可以去除。
#一个name
     #when: ansible_default_ipv4.address == '192.168.10.201'
     when: inventory_hostname != '192.168.10.201'

例2

用when---201 安装nginx、202 安装httpd

- hosts: all
  remote_user: root
  tasks:
   - name: nginx when
     yum: name=nginx
     when: ansible_default_ipv4.address == '192.168.10.201'
   - name: nginx info
     debug:
       msg: "安装nginx"
     when: ansible_default_ipv4.address == '192.168.10.201'
   - name: httpd when
     yum: name=httpd
     when: ansible_default_ipv4.address == '192.168.10.202'
   - name: httpd info
     debug:
       msg: "安装httpd"
     when: ansible_default_ipv4.address == '192.168.10.202'

循环---list

- hosts: 192.168.10.201
  remote_user: root
  gather_facts: false
  tasks:
   - debug:
       msg: "{{ item }}"
     with_list:
      - [a,b,c,d]
      - [1,2,3,4]
#分组打印

例2

创建文件

- hosts: 192.168.10.201
  remote_user: root
  gather_facts: false
  tasks:
   - name:
     file:
       path: "{{ item }}"
       state: touch
     with_list:
      - /opt/a
      - /opt/b
      - /opt/c
      - /opt/d
      - /opt/1
      - /opt/2
      - /opt/3
      - /opt/4
#分组打印

循环---items

- hosts: 192.168.10.201
  remote_user: root
  gather_facts: false
  tasks:
   - debug:
       msg: "{{ item }}"
     with_items: 
      - [a,b,c,d]
      - [1,2,3,4]  
#声明内置变量item，playbook的内置变量，with_items会把item的值，遍历列表当中的a,b.c,d
#虽然我声明的列表是两个，但是with items还是把两个列表当成整体进行遍历

例2

创建文件

- hosts: 192.168.10.201
  remote_user: root
  gather_facts: false
  tasks:
   - name:
     file:
       path: "{{ item }}"
       state: touch
     with_items:
      - [/opt/a,/opt/b,/opt/c,/opt/d]
      - [/opt/1,/opt/2,/opt/3,/opt/4]

循环---together

- hosts: 192.168.10.201
  remote_user: root
  gather_facts: false
  tasks:
   - name:
     file:
       path: "{{ item }}"
       state: touch
     with_together:
      - [a,b,c,d]
      - [1,2,3,4]
#组循环，列表当中的值一一对应，打印出来

循环---nested

#list和items 创建文件
- hosts: 192.168.10.201
  remote_user: root
  gather_facts: false
  tasks:
   - name:
     file:
       path: "{{ item }}"
       state: touch
     with_nested:
      - [a,b,c,d]
      - [1,2,3,4]
#列表里面的元素定义了循环的次数，第二层列表,相当与内循环。

字典

- name: play1
  hosts: 192.168.10.201
  remote_user: root
  gather_facts: false
  tasks:
   - name: create file
     file:
       path: "{{ item }}"
       state: touch
     with_items: [/opt/123,/opt/456,/opt/789]

- name: play2
  hosts: 192.168.10.201
  remote_user: root
  gather_facts: false
  vars:
    test:
    - /opt/test1
    - /opt/test2
    - /opt/test3
  tasks:
   - name: dir
     file:
       path: "{{item}}"
       state: directory
     with_items: "{{ test }}"

用户名: testl test2 组名分别是 dn1 dn2

- name: play1
  hosts: 192.168.10.201
  gather_facts: false
  tasks:
   - name: create group
     group:
       name: "{{ item }}"
       state: present
     with_items:
       - 'dn1'
       - 'dn2'
   - name: create user
     user:
       name: "{{ item.name }}"
       state: present
       groups: "{{ item.groups }}"
     with_items:
       - {name: 'test1', groups: 'dn1'}
       - {name: 'test2', groups: 'dn2'}

yum 一键安装多个软件 ?tree sl nginx httpd vsftpd dhcp

- name: play2
  hosts: 192.168.10.80
  gather_facts: false
  tasks:
   - name: create tree sl nginx httpd vsftpd dhcp
     yum:
       name: "{{ item }}"
     with_list:
       - tree
       - sl
       - nginx
       - httpd
       - vsftpd
       - dhcp