角色帮助官网文档:https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse_roles.html#playbooks-reuse-roles
galaxy相关信息官网:https://docs.ansible.com/ansible/latest/galaxy/user_guide.html#installing-roles
galaxy角色下载官网:https://galaxy.ansible.com/
1. 角色详细信息
mkdir roles
1.1 角色配置
roles_path = 角色目录路径
示例:
vim /mnt/ansible/ansible.cfg
[defaults]
inventory = ./hosts
remote_user = devops
roles_path = ./roles #角色路径
[privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=False
1.2 角色常用命令
-
ansible-galaxy list
:列出本机角色 -
ansible-galaxy role init roles/apache
:生成角色框架 -
ansible-galaxy search nginx
:查找角色 -
ansible-galaxy install geerlingguy.nginx
:安装角色 -
ansible-galaxy remove 角色名
:删除角色 -
ansible-galaxy info 角色名
:获取角色详细信息
1.3 角色目录结构
2. Apache角色示例
mkdir roles
:创建角色- 配置角色路径:
vim /mnt/ansible/ansible.cfg
ansible-galaxy role init roles/apache
:生成角色默认框架tree roles/apache/
:查看框架
vim roles/apache/tasks/main.yml
:编写角色中的任务
---
# tasks file for roles/apache
- name: 安装 apache
dnf:
name: httpd
state: present
- name: 创建index.html
copy:
content: "{
{ ansible_hostname }}\n"
dest: /var/www/html/index.html
- name: 配置Apache
template:
src: httpd.conf.j2
dest: /etc/httpd/conf/httpd.conf
notify: restart httpd
- name: 开启 apache
service:
name: httpd
state: started
enabled: yes
- name: 开启 firewalld
service:
name: firewalld
state: started
enabled: yes
- name: 通过 http
firewalld:
service: http
permanent: yes
immediate: yes
state: enabled
-
cp /etc/httpd/conf/httpd.conf roles/apache/templates/httpd.conf.j2
:创建jinja2模板 -
vim roles/apache/templates/httpd.conf.j2
:修改jinja2模板
- 定义变量:http_port: 80
定义变量方法:
- vim host_vars/192.168.43.27/vars 定义http_port: 80
- vim group_vars/webserver/vars
- vim roles/apache/vars/main.yml
- 等
vim roles/apache/handlers/main.yml
:编写触发程序
---
# handlers file for roles/apache
- name: restart httpd
service:
name: httpd
state: restarted
vim playbook.yml
:编写剧本
---
- hosts: test
roles:
- role: apache
ansible-playbook playbook.yml
:执行成功
3. 官网安装nginx角色示例
ansible-galaxy search nginx
:查找nginx(需联网操作)ansible-galaxy install geerlingguy.nginx
:安装nginx角色ansible-galaxy list
:列出tree roles/geerlingguy.nginx/
vim playbook.yml
:编写剧本
---
- hosts: 192.168.43.47
roles:
- role: geerlingguy.nginx
vim roles/geerlingguy.nginx/defaults/main.yml
60 nginx_vhosts:
61 # Example vhost below, showing all available options:
62 - listen: "80" # default: "80"
63 server_name: "localhost" # default: N/A
64 root: "/var/www/html" # default: N/A
ansible-playbook playbook.yml
:运行
curl 192.168.43.47
:测试
ansible-galaxy remove geerlingguy.nginx
:卸载角色(删除角色不会影响已经执行过的任务)
在目标主机查看测试:
-
netstat -antlupe | grep nginx
(80端口) -
cat /etc/nginx/conf.d/example.com.conf
systemctl disable --now nginx.service
:关闭服务