自动化运维工具之Ansible-playbook 迭代进阶

自动化运维工具之Ansible-playbook 迭代进阶

本文将对10类常用的虚拟机初始化工作进行任务编排，具体如下：

第一阶段：Main我都有

将所有的task书写到同一个main.yml 文件中，缺点：不能灵活的调用，耦合度高。

[root@localhost conf]# ansible-playbook default.yml --list-tasksplaybook: default.yml play #1 (this is a play at the top level of a file): DB disk partition and format System catalog planning copy yum sorce to remoter machine yum sorce config Common package install Maintenance account, business process account creation Initial account password Configure host name change hostname of etc/hostname modify hostname Configure NTP sync Configure Firewall modfiy iptables runlevel Add host route copy openssh and openssl packets to remoter upgrade openssh and openssl

cat  main.yml

- name: this is a play at the top level of a file hosts: myself remote_user: root gather_facts: no #关闭gathering facts tasks: - name: DB disk partition and format tags: danger script: autoPartition.sh - name: System catalog planning shell: mkdir -pv tmp/{openssh,openssl,os_bak,soft,yum} - name: copy yum sorce to remoter machine copy: src=/opt/yum/ dest=/opt/yum/ async:3600 #异步执行最大运行时间      poll:10      #每隔10秒进行进度查询 - name: yum sorce config script: yuminstall.sh - name: Common package install yum: name="{{ item }}" state=installed with_items: - lrzsz - gcc-c++ - gcc - zlib - zlib-devel - nc - tree - pam-devel - tcp_wrappers-devel - openssl-devel - name: Maintenance account, business process account creation user: name={{ item }} with_items: - hdm - tmp - name: Initial account password of jk_liutong shell: echo "{{item.passwd}}" | passwd --stdin {{ item.username }} with_items: - { passwd: '123456^', username: 'hdm' }       - { passwd: '123456', username: 'tmp' }  - name: Configure host name shell: sed -i 's/^HOSTNAME.*$/HOSTNAME={{hostname}}/g' etc/sysconfig/network - name: change hostname of etc/hostname raw: "echo {{ hostname }} > etc/hostname" - name: modify hostname shell: hostname {{ hostname }} - name: Configure NTP sync cron: minute="*/60"       job="/usr/sbin/ntpdate -u 10.204.231.132 && /sbin/hwclock -w"  name="ntp job" - name: Configure Firewall copy: src=/etc/ansible/iptables dest=/etc/sysconfig/iptables owner=root - name: modfiy iptables runlevel service: name=iptables state=started runlevel=5 enabled=yes - name: Add host route    shell: echo "any net 10.235.231.128/26 gw 10.136.174.129" >> /etc/sysconfig/static-routes - name: copy openssh and openssl packets to remoter copy: src="/opt/soft/" dest="/opt/soft/" owner=root - name: upgrade openssh and openssl script: updateSSH.sh

第二阶段：Main我取舍--include

可以对所需的模块基于include 进行灵活的组合，基于独立的模块文件进行变量设置。

[root@localhost conf]# cat main.yml - name: this is a play at the top level of a file hosts: myself remote_user: root gather_facts: no tasks: - name: Hello world!    shell: echo "Hello world" >/tmp/yum/result.txt# Loading related modules- include: disk-partition-format-mount.yml hostname=RMS01- include: sys-catalog-planning.yml- include: yum-configure.yml- include: install-common-packages.yml- include: create-account.yml# - include: Initial-account-password.yml- include: configure-host-name.yml- include: configure-ntp-sync.yml- include: configure-firewall.yml- include: add-host-route.yml- include: upgrade-openssh-and-openssl.yml

任务分解

[root@localhost conf]# ansible-playbook main.yml --list-tasksplaybook: main.yml play #1 (this is a play at the top level of a file): Hello world! play #2 (DB disk partition and format): DB disk partition and format play #3 (System catalog planning): System catalog planning play #4 (configure yum source): copy yum source to remoter machine yum sorce config play #5 (Common package install): Common package install play #6 (create user and initial password): Maintenance account, business process account creation Initial account password play #7 (Configure host name): Configure hostname of etc/sysconfig/network change hostname of etc/hostname modify hostname play #8 (Configure NTP sync): Configure NTP sync play #9 (Configure Firewall): Configure Firewall modfiy iptables runlevel play #10 (this is a play at the top level of a file): Add host route play #11 (upgrade openssh and openssl): copy openssh and openssl packets to remoter upgrade openssh and openssl[root@localhost conf]#

第三阶段：Main我控制角色--role