1.Roles介绍
ansible自1.2版本引入的新特性,用于层次性、结构化地组织playbook。roles能够根据层次型结构自动装载变量文件、tasks以及handlers等。要使用roles只需要在playbook中使用include指令引入即可。简单来讲,roles就是通过分别将变量、文件、任务、模板及处理器放置于单独的目录中,并可以便捷的include它们的一种机制。角色一般用于基于主机构建服务的场景中,但也可以是用于构建守护进程等场景中。playbook局限在于如果文件较多的情况,不清楚哪些主机执行了哪些状态的yml文件,roles能清楚哪些主机应用哪些角色,主要使用场景代码复用度较高的情况下。
2.Roles目录结构
目录介绍
roles: <--所有的角色必须放在roles目录下,这个目录可以自定义位置,默认的位置在/etc/ansible/roles
project: <---具体的角色项目名称,比如nginx、tomcat、php
files: <--用来存放由copy模块或script模块调用的文件。
templates: <--用来存放jinjia2模板,template模块会自动在此目录中寻找jinjia2模板文件。
tasks: <--此目录应当包含一个main.yml文件,用于定义此角色的任务列表,此文件可以使用include包含其它的位于此目录的task文件。
main.yml
handlers: <--此目录应当包含一个main.yml文件,用于定义此角色中触发条件时执行的动作。
main.yml
vars: <--此目录应当包含一个main.yml文件,用于定义此角色用到的变量。
main.yml
defaults: <--此目录应当包含一个main.yml文件,用于为当前角色设定默认变量。
main.yml
meta: <--此目录应当包含一个main.yml文件,用于定义此角色的特殊设定及其依赖关系。
main.yml
3.ansible roles举例
示例1
#playbook安装tomcat
[root@m01 /project1]# ll
total 202624
-rw-r--r-- 1 root root 12326996 Apr 5 16:45 apache-tomcat-9.0.26.tar.gz
-rwxr-x--- 1 root root 23689 Apr 5 18:08 catalina.sh
-rw-r--r-- 1 root root 17 Apr 4 22:23 hosts
-rw-r--r-- 1 root root 195094741 Apr 5 16:45 jdk-8u221-linux-x64.tar.gz
-rw-r--r-- 1 root root 1617 Apr 5 18:13 server.xml.j2
-rw-r--r-- 1 root root 126 Apr 5 18:08 setenv.sh
-rw-r--r-- 1 root root 290 Apr 5 18:08 tomcat.service
-rw-r--r-- 1 root root 2353 Apr 6 10:54 tomcat.yml
[root@m01 /project1]# vim tomcat.yml
---
- hosts: web
vars:
- tomcat_version: 9.0.26
- jdk_packages: 8u221
- jdk_version: jdk1.8.0_221
tasks:
- name: add group
group:
name: www
gid: 666
state: present
- name: add user
user:
name: www
uid: 666
group: www
create_home: no
- name: mkdir directory
file:
path: /usr/java
state: directory
- name: unarchive jdk-{{ jdk_packages }}-linux-x64.tar.gz
unarchive:
src: ./jdk-{{ jdk_packages }}-linux-x64.tar.gz
dest: /usr/java
- name: add java environment
lineinfile:
path: /etc/profile
regexp: "{{ item.re }}"
line: "{{ item.li }}"
loop:
- { re: '^export JAVA_HOME=', li: 'export JAVA_HOME=/usr/java/{{ jdk_version }}' }
- { re: '^export PATH=', li: 'export PATH=$JAVA_HOME/bin:$PATH' }
- { re: '^export CLASSPATH=', li: 'export CLASSPATH=$JAVA_HOME/lib/tools.jar:$JAVA_HOME/lib/dt.jar:$JA
VA_HOME/lib' }
- name: reloade profile
shell: source /etc/profile
- name: unarchive apache-tomcat-{{ tomcat_version }}.tar.gz
unarchive:
src: ./apache-tomcat-{{ tomcat_version }}.tar.gz
dest: /usr/local
- name: rename tomacat
shell: cd /usr/local/;mv apache-tomcat-{{tomcat_version}} /usr/local/tomcat;chown -R www.www /usr/local/
tomcat
- name: copy tomact server rename tomacat
template:
src: ./server.xml.j2
dest: /usr/local/tomcat/conf/server.xml
backup: yes
- name: copy file
copy:
src: "./{{ item.src }}"
dest: "{{ item.dest }}"
loop:
- { src: 'setenv.sh', dest: '/usr/local/tomcat/bin/' }
- { src: 'tomcat.service', dest: '/lib/systemd/system/' }
- { src: 'catalina.sh', dest: '/usr/local/tomcat/bin/' }
notify: restart tomcat
- name: ln -s enable
file:
src: /lib/systemd/system/tomcat.service
dest: /etc/systemd/system/multi-user.target.wants/tomcat.service
state: link
- name: start tomcat
systemd:
daemon_reload: yes
name: tomcat
state: started
enabled: yes
handlers:
- name: restart tomcat
service:
name: tomcat
state: restarted
将playbook改写为rolse
#目录结构
[root@m01 /etc/ansible/roles]# tree tomcat
tomcat
├── files
│ ├── catalina.sh
│ ├── setenv.sh
│ └── tomcat.service
├── handlers
│ └── main.xml
├── tasks
│ └── main.yml
├── templates
│ └── server.xml.j2
└── vars
└── main.yml
#模块详细类容
1.files
[root@m01 /etc/ansible/roles/tomcat/files]# ll
total 32
-rwxr-x--- 1 root root 23689 Apr 2 21:20 catalina.sh
-rw-r--r-- 1 root root 126 Apr 2 21:23 setenv.sh
-rw-r--r-- 1 root root 290 Apr 2 21:20 tomcat.service
2.tasks
[root@m01 /etc/ansible/roles/tomcat/tasks]# cat main.yml
- name: add group
group:
name: www
gid: 666
state: present
- name: add user
user:
name: www
uid: 666
group: www
create_home: no
- name: mkdir dir
file:
path: /usr/java
state: directory
- name: unarchive jdk-8u221-linux-x64.tar.gz
unarchive:
src: /root/jdk-8u221-linux-x64.tar.gz
dest: /usr/java
- name: add java environment
lineinfile:
path: /etc/profile
regexp: "{{item.re}}"
line: "{{item.li}}"
loop:
- { re: '^export JAVA_HOME=', li: 'export JAVA_HOME=/usr/java/jdk1.8.0_221' }
- { re: '^export PATH=', li: 'export PATH=$JAVA_HOME/bin:$PATH' }
- { re: '^export CLASSPATH=', li: 'export CLASSPATH=$JAVA_HOME/lib/tools.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib' }
- name: reloade profile
shell: source /etc/profile
- name: unarchive tomcat-{{tomcat_version}}.tar.gz
unarchive:
src: /root/apache-tomcat-{{tomcat_version}}.tar.gz
dest: /usr/local
- name: rename tomacat
shell: cd /usr/local/;mv apache-tomcat-{{tomcat_version}} /usr/local/tomcat;chown -R www.www /usr/local/tomcat
- name: copy tomcat server.xml start file
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
backup: yes
loop:
- { src: 'server.xml.j2', dest: '/usr/local/tomcat/conf/server.xml' }
- name: copy file
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
loop:
- { src: 'setenv.sh', dest: '/usr/local/tomcat/bin/' }
- { src: 'tomcat.service', dest: '/lib/systemd/system/' }
- { src: 'catalina.sh', dest: '/usr/local/tomcat/bin/' }
- name: ln -s enable
file:
src: /lib/systemd/system/tomcat.service
dest: /etc/systemd/system/multi-user.target.wants/tomcat.service
state: link
- name: start tomcat
systemd:
daemon_reload: yes
name: tomcat
state: started
enabled: yes
3.template
[root@m01 /etc/ansible/roles/tomcat/templates]# ls
server.xml.j2
4.vars
[root@m01 /etc/ansible/roles/tomcat/vars]# cat main.yml
tomcat_version: 9.0.26
jdk_packages: 8u221
jdk_version: jdk1.8.0_221
5.handlers
[root@m01 /etc/ansible/roles/tomcat/handlers]# cat main.yml
- name: restart tomcat
service:
name: tomcat
state: restarted
示例2
Ansible安装keepalive实现主/备模式高可用
#目录结构
[root@m01 /etc/ansible/roles/keepalived]# ll
total 0
drwxr-xr-x 2 root root 24 Oct 21 20:44 files
drwxr-xr-x 2 root root 22 Apr 6 09:45 handlers
drwxr-xr-x 2 root root 22 Apr 6 10:53 tasks
drwxr-xr-x 2 root root 55 Apr 6 10:29 templates
#rolse详情
1.tasks
[root@m01 /etc/ansible/roles/keepalived/tasks]# vim main.yml
- name: install keepalived server
yum:
name: keepalived
state: present
- name: configure keepalived server
template:
src: keepalived.conf.j2
dest: /etc/keepalived/keepalived.conf
backup: yes
notify: restart keepalived
- name: create dir
file:
path: /server/scripts/
state: directory
- name: copy check_web.sh
template:
src: check_web.sh.j2
dest: /server/scripts/check_web.sh
mode: '0755'
- name: start keepalived server
systemd:
name: keepalived
state: started
enabled: yes
2.files
[root@m01 /etc/ansible/roles/keepalived/files]# ll
total 4
-rw-r--r-- 1 root root 65 Oct 21 20:44 local.repo
3.templates
[root@m01 /etc/ansible/roles/keepalived/templates]# ls
check_web.sh.j2 keepalived.conf.j2
4.handlers
[root@m01 /etc/ansible/roles/keepalived/handlers]# cat main.yml
- name: restart keepalived
systemd:
name: keepalived
state: restarted
4.ansible roles总结
1、编写任务(task)的时候,里面不需要写需要执行的主机,单纯的写某个任务是干什么的即可,装软件的就是装软件的,启动的就是启动的。单独做某一件事即可,最后通过main.yml将这些单独的任务安装执行顺序include进来即可,这样方便维护且一目了然。
2、定义变量时候直接安装k:v格式将变量写在vars/main.yml文件即可,然后task或者template直接调用即可,会自动去vars/main.yml文件里面去找。
3、定义handlers时候,直接在handlers/main.yml文件中写需要做什么事情即可,多可的话可以全部写在该文件里面,也可以像task那样分开来写,通过include引入一样的可以。在task调用notify时直接写与handlers名字对应即可(二者必须高度一直)。
4、模板文件一样放在templates目录下即可,task调用的时后直接写文件名字即可,会自动去到templates里面找。
注意:如果是一个角色调用另外一个角色的单个task时后,那么task中如果有些模板或者文件,就得写绝对路径了。
