Shulou(Shulou.com)06/02 Report--

Ll article navigation

Basic introduction of ansible

Installation and configuration of ansible

Simple Application of ansible

Introduction and Grammar of YAML

Ansible-playbooks (script)

Ll requirements

Master basic application of ansible and playbooks.

Basic introduction of ansible

1. Ansible introduction

Ansible is an automatic operation and maintenance tool based on python, which combines the advantages of puppet, cfengine, func, chef, fabric and other tools to achieve batch system configuration, batch deployment of applications and batch execution of commands. Ansible itself does not have the ability of batch deployment and execution. What really provides the capability of batch deployment is the specific module called by ansible. Ansible itself can also be regarded as a component, or it is a framework.

2. The logical structure of ansible

Ansible:ansible its own components.

Host Invertory: host library that defines the list of hosts to be manipulated. Is a configuration file, default location: / etc/ansible/hosts

The core module and command module of Core Modules:ansible.

Custom Modules: custom module.

Connection Plugins: connection plug, which is based on ssh key connection by default.

Playbooks: a script that performs choreographed tasks sequentially.

3. Characteristics of ansible

1) the learning curve is not steep.

2) no agents: there is no need to install client programs on the controlled host.

3) no server: no server, just use ansible-related commands directly.

4) modules any languages: based on module work, modules can be developed in any language.

5) YAML not code: you can customize the script (playbooks) based on the YAML language to perform tasks in the order in which they are set.

6) ssh by default: the default connection is based on ssh.

7) strong multi-tier solution: multi-level command can be realized.

4. Advantages of ansible

1) lightweight, there is no need to install the program on the client, and when updating, you only need to update on the operating host where ansible is installed.

2) batch host execution tasks can be written as scripts, and do not need to be distributed to the remote host for execution, but can be executed directly on the operating host.

3) python language development, easy to maintain, ruby syntax is too complex.

3) sudo is supported.

5. Ansible task execution process

Installation and configuration of ansible

1. Compile and install

Resolve dependencies and compile and install ansible-1.5.4

# yum-y install python-jinja2 PyYAML python-paramiko python-babel python-crypto# tar xf ansible-1.5.4.tar.gz# cd ansible-1.5.4# python setup.py build# python setup.py install# mkdir / etc/ansible# cp-r examples/* / etc/ansible

2. Rpm package installation

Yum source installation, to configure epel.

# yum-y install ansible

3. Configuration file

Main configuration file for ansible: / etc/ansible/ansible.cfg

Ansible host configuration manifest file: / etc/ansible/hosts

Group definition: add a hostname or IP address directly under []

Define the host separately and put the host name or IP address directly above [].

4. Configure ssh key-free authentication

# generate a public key file # ssh-keygen-t rsa-P''# copy the public key file to each controlled host # scp ~ / .ssh/id_rsa.pub root@node1# scp ~ / .ssh/id_rsa.pub root@node2

Note: after configuration, you need to enter a password for the first run, but not later.

Simple Application of ansible

1. Command parameters of ansible:

The syntax format of ansible:

# ansible [- m module_name] [- an args] [options]-VGraint verbose # verbose mode. If the command is executed successfully, the detailed result (- vv-vvv-vvvv)-I PATH,-inventory=PATH # specifies the path of the host file. The default is / etc/ansible/hosts-f NUM,-forks=NUM # NUM to specify an integer. The default is 5, which specifies the number of synchronization processes started by fork. -m NAME,-module-name=NAME # specifies the module name to be used. The default is command-m DIRECTORY,-module-path=DIRECTORY # specify the directory of module to load module The default is / usr/share/ansible,-a maxim module module ARGS # specifies the parameters of the ARGS module-kjingheng musk pass # prompts for the password of ssh Instead of using ssh-based key authentication-sudo # specifies the use of sudo to get root permissions-KMagol MuraskMurdomurpass # prompts for a sudo password Use-u USERNAME,-user=USERNAME # with-sudo to specify the execution user of the mobile side-C Magazine talk check # to test what this command execution will change and will not actually execute it.

2. Simple application example of ansible

All: indicates that all hosts in the hosts list are executed, including groups

-m command: specify that the name of modules is command. In fact, the default is command module, so you can do without command here.

-a 'uptime': specifies that the parameter of the module is uptime.

This means: run the uptime command in the list of all hosts in hosts.

Note: after the task is executed on each node, the information is returned on the control host; the successful execution of the task is displayed in green or × ×, and the failure of task execution is displayed as shallow × × ×.

Use of the ansible-doc command:

# list all modules # ansible-doc-l # list the parameters of the specified module # ansible-doc-s' modules'

3. Examples of commonly used modules

1) setup

# View basic information on the remote host # ansible all-m setup

2) ping

# Test whether the remote host is online. If it is online, the string "pong" will be returned. How about table tennis # ansible all-m ping

3) file

# # setting file attributes

The relevant options are as follows:

Force: you need to force the creation of a soft link in two cases, one is that the source file does not exist but will be established later; the other is that the destination soft link already exists and you need to cancel the previous soft link and then create a new one. There are two options: yes | no

Group: define the subordinate group of the file / directory

Mode: define permissions for files / directories

Owner: define the owner of the file / directory

Path: required, define the path to the file / directory

Recurse: recursively sets the properties of a file, valid only for directories

Src: the path to the linked source file, applicable only in the case of state=link

Dest: the path to be linked to, only in the case of state=link

State:

Directory: if the directory does not exist, create the directory

File: even if the file does not exist, it will not be created

Link: creating soft links

Hard: creating hard links

Touch: if the file does not exist, a new file is created, and if the file or directory already exists, its last modification time is updated

Absent: delete directories, files, or unlink files

# create a symbolic link to the specified file on the remote host # ansible corosync-m file-a 'src=/etc/hosts dest=/tmp/hosts state=link'

# View the symbolic link information of the corosync group # ansible corosync-m command-a'ls-l / tmp/hosts'

# next remove the / tmp/hosts symbolic link # ansible corosync-m file-a 'path=/tmp/hosts state=absent' on all hosts on the corosync group

# check out # ansible corosync-m command-a'ls-al / tmp/hosts' again

4) copy

# copy files to a remote host

The relevant options are as follows:

Backup: when copying a file, back up the source file first. The backup file contains the time of the source file, including two values: yes | no

Content: when using 'src', set the contents of the file directly to the specified value; suitable for simple values

Dest: required. The absolute path of the remote host to which the source file is to be copied, and if the source file is a directory, the path must also be a directory

Directory_mode: recursively sets the permissions of the directory, which defaults to the system default permissions

Force: if the target host contains the file, but the content is different, if it is set to yes, it is forced to be overwritten, and if it is no, it is copied only if the file does not exist at the target host's destination location. Default is yes

Others: the options in all file modules can be used here

Src: a local file copied to a remote host, either absolute or relative. If the path is a directory, it will be copied recursively. In this case, if the path ends with "/", only the contents of the directory are copied, and if it does not end with "/", the entire content, including the directory, is copied, similar to rsync.

5) shell

# switch to a shell to execute the specified instruction with the same parameters as command.

Unlike command, this module supports command pipelines, and there is another module that also has this function: raw

Example:

# first create a SHELL script locally

# vim / TMP _ tmp/rocketzhang_test.sh Rocketzhangroomte.shallows _

# distribute the created script file to the remote host

# ansible corosync-m copy-a 'src=/tmp/rocketzhang_test.sh dest=/tmp/rocketzhang_test.sh owner=root group=root mode=0755'

# execute the script on the remote host

# ansible corosync-m shell-a'/ tmp/rocketzhang_test.sh'

6) more modules

Other commonly used modules, such as service, cron, yum and synchronize, are not exemplified and can be tested in combination with their own system environment.

Service: system service management

Cron: scheduled task management

Yum:yum package installation management

Synchronize: synchronizing files with rsync

User: system user management

Group: system user group management

Introduction and Grammar of YAML

1. YAML introduction

YAML is a highly readable format for expressing data sequences. YAML refers to a variety of other languages, including XML, C, Python, Perl, and the e-mail format RFC2822. Clark Evans first published the language in 2001, and Ingy dt Net and Oren Ben-Kiki are also co-designers of the language.

YAML Ain't Markup Language, that is, YAML is not XML. However, when the language was developed, YAML actually meant "Yet Another Markup Language" (still a markup language).

See http://www.yaml.org for more content and specifications.

2. YAML characteristics

YAML has good readability.

Good interaction between YAML and scripting language

YAML uses the data types of the implementation language

YAML has a consistent information model.

YAML is easy to implement.

YAML can be processed based on stream

YAML has strong expression ability and good expansibility.

3. YAML syntax

A playbook is a list of one or more "play". The main function of play is to disguise hosts that have been merged into a group as roles defined in advance through task in ansible. Fundamentally speaking, the so-called task is nothing more than a module that calls ansible. By organizing multiple play into a single playbook, you can make them work together to perform a big show according to a pre-arranged mechanism. Here is a simple example.

-hosts: webnodes

Vars:

Http_port: 80

Max_clients: 256

Remote_user: root

Tasks:

-name: ensure apache is at the latest version

Yum: name=httpd state=latest

-name: ensure apache is running

Service: name=httpd state=started

Handlers:

-name: restart apache

Service: name=httpd state=restarted

YAML files usually have a .yaml extension, such as example.yaml.

Note that the typesetting of the code is strictly required, indented to 2 characters! The sequence item must be followed by a space! Follow a space after that!

Ansible-playbooks (script)

A playbook is a list of one or more "play". The main function of play is to disguise hosts that have been merged into a group as roles defined in advance through task in ansible. Fundamentally speaking, the so-called task is nothing more than a module that calls ansible. By organizing multiple play into a single playbook, you can make them work together to perform a big show according to a pre-arranged mechanism. Here is a simple example.

-hosts: webnodes

Vars:

Http_port: 80

Max_clients: 256

Remote_user: root

Tasks:

-name: ensure apache is at the latest version

Yum: name=httpd state=latest

-name: ensure apache is running

Service: name=httpd state=started

Handlers:

-name: restart apache

Service: name=httpd state=restarted

1. Playbook basic components

1) Hosts and Users

The purpose of each play in playbook is to enable one or some hosts to perform tasks as a specified user. Hosts is used to specify the host to perform the specified task, which can be one or more host groups separated by colons, and remote_user is used to specify the user on the remote host to perform the task. As in the example above

-hosts: webnodes

Remote_user: root

However, remote_user can also be used in each task. You can also specify that they perform tasks on remote hosts through sudo, which can be used for play globals or for a task; in addition, you can even use sudo_user to specify users who switch when sudo is specified when sudo.

-hosts: webnodes

Remote_user: mageedu

Tasks:

-name: test connection

Ping:

Remote_user: mageedu

Sudo: yes

2) Task list and action

The body of play is task list. Each task in task list is executed sequentially on all hosts specified in hosts, that is, the first task is completed on all hosts before starting the second. When running a bottom-down playbook, if an error occurs midway, all executed tasks will be rolled back, so you can execute it again after correcting the playbook.

The purpose of task is to execute the module with specified parameters, while variables can be used in module parameters. Module execution is idempotent, which means that multiple executions are safe because the results are consistent.

Each task should have its own name, which is used to output the execution results of the playbook, and it is recommended that its content describe the task execution steps as clearly as possible. If no name is provided, the result of the action will be used for output.

Those who define task can use the format of "action: module options" or "module: options", which is recommended for backward compatibility. If there is too much content on an action line, use a few white space characters at the beginning of the line to wrap the line.

Tasks:

-name: make sure apache is running

Service: name=httpd state=running

Among the many modules, only the command and shell modules need to be given a list without using the "key=value" format, for example:

Tasks:

-name: disable selinux

Command: / sbin/setenforce 0

If the exit code of a command or script is not zero, you can replace it in the following ways:

Tasks:

-name: run this command and ignore the result

Shell: / usr/bin/somecommand | | / bin/true

Or use ignore_errors to ignore the error message:

Tasks:

-name: run this command and ignore the result

Shell: / usr/bin/somecommand

Ignore_errors: True

3) handlers

It is used to take certain actions when the concerned resources change.

The action of "notify" can be triggered at the end of each play, which avoids performing the specified action each time when multiple changes occur, and instead performs the specified operation only once all the changes have been completed. The operations listed in notify are called handler, that is, the operations defined in handler are called in notify.

-name: template configuration file

Template: src=template.j2 dest=/etc/foo.conf

Notify:

-restart memcached

-restart apache

Handler is a list of task, and these task are not fundamentally different from the aforementioned task.

Handlers:

-name: restart memcached

Service: name=memcached state=restarted

-name: restart apache

Service: name=apache state=restarted

Case study:

Heartbeat.yaml

-hosts: hbhosts

Remote_user: root

Tasks:

-name: ensure heartbeat latest version

Yum: name=heartbeat state=present

-name: authkeys configure file

Copy: src=/root/hb_conf/authkeys dest=/etc/ha.d/authkeys

-name: authkeys mode 600

File: path=/etc/ha.d/authkeys mode=600

Notify:

-restart heartbeat

-name: ha.cf configure file

Copy: src=/root/hb_conf/ha.cf dest=/etc/ha.d/ha.cf

Notify:

-restart heartbeat

Handlers:

-name: restart heartbeat

Service: name=heartbeat state=restarted

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.