Skip to main content

5.Playbook简介和语法

Ansible Playbook简介

ansbile-playbook是一系列ansible命令的集合,利用yaml 语言编写。playbook命令根据自上而下的顺序依次执行。同时,playbook开创了很多特性,它可以允许你传输某个命令的状态到后面的指令,如你可以从一台机器的文件中抓取内容并附为变量,然后在另一台机器中使用,这使得你可以实现一些复杂的部署机制,这是ansible命令无法实现的。

playbook通过ansible-playbook命令使用,它的参数和ansible命令类似,如参数-k(–ask-pass) 和 -K (–ask-sudo) 来询问ssh密码和sudo密码,-u指定用户,这些指令也可以通过规定的单元写在playbook 。ansible-playbook的简单使用方法: ansible-playbook example-play.yml 。

Playbook基本语法

简单的ansible-playbook示例:

# cat user.yml
- name: create user
  hosts: all
  remote_user: root
  gather_facts: false
  vars:
    user:"test"
  tasks:
    - name: create user
      user: name="{{ user }}"

配置项说明:

  • name :对该playbook实现的功能做一个概述,后面执行过程中,会打印 name变量的值
  • hosts :指定对哪些被管理机进行操作;
  • remote_user :指定在远程被管理机上执行操作时使用什么用户,如不指定,则使用ansible.cfg中配置的remote_user
  • gather_facts :指定在执行任务之前,是否先执行setup模块获取主机相关信息,如未用到,可不指定
  • vars :定义后续任务中会使用到的变量,如未用到,可不指定
  • tasks :定义具体需要执行的任务
    • name:对任务的描述,在执行过程中会打印出来。
    • user:指定调用user模块;
      • name:user模块里的一个参数,用于指定创建的用户名称

同样,如果想实现把这个新增的用户删除,只需将该playbook文件的最后一行替换为如下行再执行相应的playbook即可:

user: name="{{ user }}" state=absent remove=yes

Playbook简单示例

下面通过playbook管理一个hpd服务器来简单了解下playbook的应用:

  1. 创建playbook

    # cat manage_apache.yml
    - name: play to setup web server
      hosts: all
      tasks:
        - name: latest httpd version installed
          yum:
            name: httpd
            state: latest

        - name: correct index.html is present
          copy:
            src: /home/fams_itoper01index.html
            dest: /var/www/html/index.html

        - name: start httpd service
          service:
            name: httpd
            state: started
            enabled: true

  2. 执行playbook

    sudo ansible-playbook -C manage_apache.yml 
    [sudo] fams_itoper01 的密码:
    [WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not
    match 'all'

    PLAY [play to setup web server] ***********************************************************************************

    TASK [Gathering Facts] ********************************************************************************************
    ok: [localhost]

    TASK [latest httpd version installed] *****************************************************************************
    ok: [localhost]

    TASK [correct index.html is present] ******************************************************************************
    ok: [localhost]

    TASK [start httpd service] ****************************************************************************************
    changed: [localhost]

    PLAY RECAP ********************************************************************************************************
    localhost                  : ok=4    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

ansible-playbook常用选项

打印详细信息

语法:ansible-playbook manage_apache.yml -v

-v:打印任务运行结果 -vv:打印任务运行结果以及任务的配置信息 -vvv:包含了远程连接的一些信息 -vvvv:Adds extra verbosity opons to the connecon plug-ins,including the users being used in the managed hosts toexecute scripts, and what scripts have been executed

示例:

sudo ansible-playbook manage_apache.yml -vv
ansible-playbook [core 2.14.9]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.9/site-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /bin/ansible-playbook
  python version = 3.9.18 (main, Jan  4 2024, 00:00:00) [GCC 11.4.1 20230605 (Red Hat 11.4.1-2)] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True
Using /etc/ansible/ansible.cfg as config file
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not
match 'all'
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.

PLAYBOOK: manage_apache.yml ***************************************************************************************
1 plays in manage_apache.yml

PLAY [play to setup web server] ***********************************************************************************

TASK [Gathering Facts] ********************************************************************************************
task path: /home/fams_itoper01/lean_ansible/manage_apache.yml:2
ok: [localhost]

TASK [latest httpd version installed] *****************************************************************************
task path: /home/fams_itoper01/lean_ansible/manage_apache.yml:5
ok: [localhost] => {"changed": false, "msg": "Nothing to do", "rc": 0, "results": []}

TASK [correct index.html is present] ******************************************************************************
task path: /home/fams_itoper01/lean_ansible/manage_apache.yml:10
ok: [localhost] => {"changed": false, "checksum": "c146b7fb10d37c2d059cd8e77dc52b12f954bb94", "dest": "/var/www/html/index.html", "gid": 0, "group": "root", "mode": "0644", "owner": "root", "path": "/var/www/html/index.html", "size": 94, "state": "file", "uid": 0}

TASK [start httpd service] ****************************************************************************************
task path: /home/fams_itoper01/lean_ansible/manage_apache.yml:15
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unable to start service httpd: Job for httpd.service failed because the control process exited with error code.\nSee \"systemctl status httpd.service\" and \"journalctl -xeu httpd.service\" for details.\n"}

PLAY RECAP ********************************************************************************************************
localhost                  : ok=3    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

校验playbook语法

语法:ansible-playbook --syntax-check 文件名

sudo ansible-playbook --syntax-check manage_apache.yml
playbook: manage_apache.yml			#没报错,说明语法没问题

测试运行playbook

通过-C选项可以测试playbook的执行情况,但不会真的执行:

sudo ansible-playbook -C manage_apache.yml 

PLAY [play to setup web server] ***********************************************************************************

TASK [Gathering Facts] ********************************************************************************************
ok: [localhost]

TASK [latest httpd version installed] *****************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "This command has to be run under the root user.", "results": []}

PLAY RECAP ********************************************************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

Mulple Plays

示例:

# This is a simple playbook with two plays
- name: first play
  hosts: web.example.com
  tasks:
    - name: first task
      yum:
        name: httpd
        status: present
    - name: second task
      service:
        name: httpd
        state: started

- name: second play
  hosts: db.example.com
  tasks:
    - name: first task
      yum:
        name: mariadb-server
        status: present
    - name: second task
      service:
        name: mariadb
        state: started

语法检查没问题

sudo ansible-playbook --syntax-check multi_play.yml 

playbook: multi_play.yml