The playbook
Seven weapons ansible
1. Ansible command, used to perform a temporary job, must master
2. Ansible - doc's ansible module documentation, for each module has a detailed description and application case is introduced, function and Linux systems man command, must master
3. Ansible - is the console ansible provides users with an interactive tool,
4. Ansible - galaxy download management roles via making a tool, similar to the PIP python
5. Ansible - the playbook is daily use frequency is higher command, its working mechanism is: by reading writing good playbook file management in batches, in advance can be understood as according to certain conditions of ansible task set
6. Ansible - vault with the configuration file encryption, such as writing the playbook contains sensitive information, do not want other people to see, ansible - vault to encrypt/decrypt this configuration file
7. Ansible - pull: ansible has two working modes pull and push, default to push model, pull and push the opposite JSON
- is a JSON JavaScript object notation, it is a lightweight data-interchange format based on text independent language (i.e. only character, different from other language writing format)
- delimiter is limited to single quotation marks in the JSON, small cuhk parentheses, colon and comma. Features:
Grammar rules:
- data
in the name/value pairs- data separated by commas
- braces save object
- save the array brackets
Data writing format: name/value pairs () to build value on {k: "v"}
JSON array of grammar rules: {" k ":
[" v ", "v", "v"]
}
Compound complex type
{" poet ":
[{" li bai ":" god ", "s", "tang"},
{" du fu ":" patriotism ", "s", "tang"},
{" bai juyi ", "poem", "s", "tang"},
{" li ho ", "poem" ghost, "s", "tang"}
]
} YAML
-
Grammar rules:
- YAML structure through the Spaces to show
- an array of the use of "-" to represent the
- the key value of the use of ":" to represent the
- YAML use a fixed indented style represent data hierarchy relationship
- general each indentation level consists of two or more Spaces
- # said annotation
Note: - do not support Tab indent, support only space indentation
- the same indentation level must be aligned
YAMl array representation:?
- use a short shaft with a space Jinja2 template
- based on the template engine Python, contains variables and expressions of two parts, the difference is evaluated in the template will be replaced by the value, the template and labels, control logic of the template
- because the playbook template using the Python Jinja2 module to handle the playbook format grammar foundation:
- the playbook by YAML language, follow the YAML standard
- in the same line, # after the content of the said annotation
- the same element on the list should be kept the same indentation
- the device is composed of one or more play
- hosts in the play, the variables, roles and tasks such as object representation are among the key value to ":" space said
YAML files start lines should be -- -- -, end behavior... Can be omitted not write a composition:
- hosts: definition will execute the playbook of the remote host group
- vars: define the playbook runtime variables you need to use the
- the tasks: definition will be executed on the remote host task list
- handlers: define after the completion of the task execution task needs to call
Execution:
Ansible playbook - * * *. Yml
- t tag name is called tag
-f threads is best CPU integer times
Run the device file, the output content as JSON format, is made up of different colors to identify
- green execution success
- * * * on behalf of the system state change
Failed to perform - red for
-- -- --
- name: apache install
Hosts: web
Tasks: - name: install the latest version of Apache yum: name: HTTPD state: latest - lineinfile:????? # like sed a replacement module path:/etc/HTTPD/conf/HTTPD. Conf regexp: '^ Listen' insertafter: '^ # Listen' line: 'Listen to 8080 - copy: SRC: index. The HTML dest:/var/WWW/HTML/index. The HTML owner: apache group: apache mode: 0644 - service: name: HTTPD state: started enabled: yes - name: the update # HTTPD the identity of the task list, give users do distinguish
Hosts: web?????? # the playbook will execute the host group
Tasks:??????? # task list - name: the update HTTPD. Conf??????? The operation of the # module identification tags: update_conf?????? # define the call for a specified task identity notify: reload HTTPD?????? # call handler side of the definition of the name string copy: SRC: HTTPD. Conf dest:/etc/HTTPD/conf/HTTPD. Conf owner: root group: root mode: 0644 - name: the update index. The HTML tags: update_index template: SRC: index. The HTML dest:/var/WWW/HTML/index. The HTML owner: apache group: apache
When attention resource change of operating
- multiple task trigger the same notify, only trigger a
- notify can trigger multiple conditions, in a production environment often involves a certain changes in the configuration file to restart some service scenario
- can also be combined with vars write universal service management script mode: 0644
Handlers:?????????? - name: reload HTTPD service: name: HTTPD state: restarted - name: the test web load
Hosts: web
Tasks: - shell: uptime | awk '{printf (" %. 2 f, "$(NF - 2))}' register: result?? # define the register module retain a command before the return values, similar to "$?"
Call the register module definition of result
When the when the back of the conditions agreed to perform the current operation at the same level - name: stopped HTTPD service: name: HTTPD state: stopped the when: result. The stdout | float & gt; # 0.7 - the debug: var=the result will be detailed output, the corresponding fields in the current task list for debugging - name: add user
Hosts: db
Tasks: - name: add user "{{item. The username}}" user: name: "{{item. The username}}" group: "{{item. Group}}" password: "{{item. The password | password_hash (' sha512 ')}}" with_items: - the username: nb group: the users password: "123457"
With_items is the playbook standard cycle and can be used for iteration a list or dictionary
Through the {{item}} for each iteration value - username: wk group: a bin password: banana - username: dd group: the daemon password: book - the username: st group: mysql password: 123: QQQ... A - the username: xx group: root password: A include and roles
At the time of writing the playbook as the project is more and more big, the device is more and more complex, can put some play, task or handler on the other file, through included is a good choice
Roles such as enhanced the include, it can introduce a project file and directory
Generally the required directory hierarchy have
Vars: variable layer
Tasks: task layer
Trigger condition handlers:
Files: files
The template: template
Default: by default, the lowest priority tasks: - include: the tasks/setup. Yml - include: the tasks/users. Yml user=PLJ
//users in the yml can use these by {{user}} variable
Handlers:
- include: handlers/handlers. Detection of yml debug
] # ansible - the playbook - syntax - check * * *. Yml? # testing syntax
] # ansible - the playbook - C * * *. Yml? # test run
* * *.] # ansible - the playbook yml - list - tasks?? # according to perform work by ginseng
First:
Yml file needs to have the key value of the incoming can only can use {" k ":" v "} the same manner of key-value pairs and
A method of
* * *] # ansible - the playbook. Yml - e '{" k ":" v "}
'The second method
* * *] # ansible - the playbook. Yml - e @ * * *. Yaml
* * *.] # vim yaml
-- -- --
K: v