Ansible — 示例与最佳实践
Posted 范桂飓
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Ansible — 示例与最佳实践相关的知识,希望对你有一定的参考价值。
目录
文章目录
最佳实践示例
Playbook Project 的目录结构
production # inventory file for production servers
stage # inventory file for stage environment
group_vars/
group1 # here we assign variables to particular groups
group2 # ""
host_vars/
hostname1 # if systems need specific variables, put them here
hostname2 # ""
library/ # if any custom modules, put them here (optional)
filter_plugins/ # if any custom filter plugins, put them here (optional)
site.yml # master playbook
webservers.yml # playbook for webserver tier
dbservers.yml # playbook for dbserver tier
roles/
common/ # this hierarchy represents a "role"
tasks/ #
main.yml # <-- tasks file can include smaller files if warranted
handlers/ #
main.yml # <-- handlers file
templates/ # <-- files for use with the template resource
ntp.conf.j2 # <------- templates end in .j2
files/ #
bar.txt # <-- files for use with the copy resource
foo.sh # <-- script files for use with the script resource
vars/ #
main.yml # <-- variables associated with this role
defaults/ #
main.yml # <-- default lower priority variables for this role
meta/ #
main.yml # <-- role dependencies
webtier/ # same kind of structure as "common" was above, done for the webtier role
monitoring/ # ""
fooapp/ # ""
区分 Production 和 Stage Inventory 清单文件
使用不同的 Inventory 清单文件来分离你的 Stage 和 Production 环境。在部署到 Production 环境之前,现在 Stage 环境进行测试是一个好主意。
- Production ENV
# file: production
[atlanta-webservers]
www-atl-1.example.com
www-atl-2.example.com
[boston-webservers]
www-bos-1.example.com
www-bos-2.example.com
[atlanta-dbservers]
db-atl-1.example.com
db-atl-2.example.com
[boston-dbservers]
db-bos-1.example.com
# webservers in all geos
[webservers:children]
atlanta-webservers
boston-webservers
# dbservers in all geos
[dbservers:children]
atlanta-dbservers
boston-dbservers
# everything in the atlanta geo
[atlanta:children]
atlanta-webservers
atlanta-dbservers
# everything in the boston geo
[boston:children]
boston-webservers
boston-dbservers
区分 Group 和 Host Variables
- group_vars
---
# file: group_vars/atlanta
ntp: ntp-atlanta.example.com
backup: backup-atlanta.example.com
---
# file: group_vars/webservers
apacheMaxRequestsPerChild: 3000
apacheMaxClients: 900
---
# file: group_vars/all
ntp: ntp-boston.example.com
backup: backup-boston.example.com
- host_vars
---
# file: host_vars/db-bos-1.example.com
foo_agent_port: 86
bar_agent_port: 99
顶层 Playbook 只操作 Role 单位
在 Playbook 中,仅通过 roles 来组织任务,而不应该存在 tasks。
---
# file: site.yml
- include: webservers.yml
- include: dbservers.yml
---
# file: webservers.yml
- hosts: webservers
roles:
- common
- webtier
使用 Roles 来 “封装” Tasks/Handlers
- Role common tasks
---
# file: roles/common/tasks/main.yml
- name: be sure ntp is installed
yum: pkg=ntp state=installed
tags: ntp
- name: be sure ntp is configured
template: src=ntp.conf.j2 dest=/etc/ntp.conf
notify:
- restart ntpd
tags: ntp
- name: be sure ntpd is running and enabled
service: name=ntpd state=running enabled=yes
tags: ntp
- Role common handlers
---
# file: roles/common/handlers/main.yml
- name: restart ntpd
service: name=ntpd state=restarted
实践效果
- 执行 Playbook 的时候可以区别不同的环境:
ansible-playbook -i production site.yml
- 执行 Playbook 的时候可以以 Role 为粒度进行限制:
ansible-playbook site.yml --limit webservers
ansible-playbook webservers.yml
注:过传递 --limit somegroup 参数给 ansible-playbook ,可以限制为一些主机的子集。
- 只重新配置所有的 NTP:
ansible-playbook -i production site.yml --tags ntp
注:Ansible 允许给 Playbook 的资源打 Tags,然后只运行与 Tag 关联的部分代码。
- 只重新配置所有的 Web 服务器:
ansible-playbook -i production webservers.yml
- 只重新配置在 boston 的 Web 服务器:
ansible-playbook -i production webservers.yml --limit boston
- 只重新配置指定的 Hosts:
ansible-playbook -i production webservers.yml –limit boston[0-10]
ansible-playbook -i production webservers.yml –limit boston[10-20]
以上是关于Ansible — 示例与最佳实践的主要内容,如果未能解决你的问题,请参考以下文章
《Ansible自动化运维:技术与最佳实践》图书已上架,欢迎大家阅读
Ansible最佳实践之 AWX 使用 Ansible 与 API 通信