Installation
Environmental release
Mac 10.12.5
#more/system/library/coreservices/systemversion.plist
Installation commands
#ruby-E "$ (Curl--insecure-fssl https://raw.githubusercontent.com/Homebrew/install/master/install)" #brew update# Brew Install Ansible
The hosts default access location after installation
/usr/local/etc/ansible/hosts
Public Private key configuration
Create a public private key
Ssh-keygen-t rsa-c ' [email protected] '
-t specifies the key type, which is RSA by default and can be omitted
-C Set comment text, such as your mailbox
Default storage location
/users/jenkins/.ssh/id_rsa
Copy the public key to the SSH server
Ssh-copy-id [email protected]
Hosts configuration
Defining hosts and Groups
Define a host with an IP of 192.168.1.21 and an SSH port of 2135
192.168.1.21:2135
Defines a host with an alias of jumper, a port of SSH, and an IP of 192.168.1.50
Jumper Ansible_ssh_port=22 ansible_ssh_host=192.168.1.50
Example of group member host name:
[Test] jenkis236 ansible_ssh_port=22 ansible_ssh_host=192.168.1.236
If you have many hosts that follow a pattern, you can also show them that:
[Webservers] web[1:50].lightcloud.com [Database] db-[a:f].lightcloud.com
Defining host Variables
The host can specify a variable, which can then be called by playbooks
[Test] jenkis236 ansible_ssh_port=22 ansible_ssh_host=192.168.1.236 http_port=8080
Defining Group variables
[atlanta]host1host2[atlanta:vars]ntp_server=ntp.atlanta.example.comproxy=proxy.atlanta.example.com
Ansible the built-in connection host variable
Ansible_ssh_host ansible ssh connected to the IP or fqdnansible_ssh_port SSH connection port ansible_ssh_user the user Ansible_ Ssh_pass SSH connection password (which is unsafe, ansible strongly recommends using the--ask-pass option or using SSH keys) ansible_sudo_pass sudo user's password Ansible_ Connection SSH connection type: Local,ssh,paramiko, before ansible 1.2 by default is Paramiko, later intelligent selection, Priority use of controlpersist-based SSH (supported premise) ansible_ssh_private_key_file SSH connection public key file Ansible_shell_type Specify the shell interpreter used by the host, the default is SH, you can set to CSH, fish and other shell interpreter Ansible_python_interpreter used to specify the path of the Python interpreter ansible\_\*\_ Interpreter is used to specify the path to other syntax interpreters on the host, such as Ruby,perl, etc.
Ansible Common modules and APIs
Command: Execute remote host shell commands
Ansible all-i/users/jenkins/jenkins/lirbary/ansible_hosts/hosts_test-m command-a "Ifconfig"
Script: Remote execution of master local shell scripts. (similar to Scp+shell)
Ansible test-i/users/jenkins/jenkins/lirbary/ansible_hosts/hosts_test-m script-a ". /env_update_shell/test.sh "
Copy: Enables the master to copy files to the target host, similar to the SCP function.
Ansible test-i/users/jenkins/jenkins/lirbary/ansible_hosts/hosts-m copy-a "src=~/test.sh dest=/tmp/owner=root Group =root mode=0755 "
Stat: Get remote file status information, including Atime, CTime, Mtime, MD5, UID, GID and other information.
Ansible test-i/users/jenkins/jenkins/lirbary/ansible_hosts/hosts_test-m stat-a "path=/users/jenkins/jenkins/"
Get_url: Implements the download of the specified URL locally on the remote host.
Ansible test-i/users/jenkins/jenkins/lirbary/ansible_hosts/hosts_test-m get_url-a "url=http://www.cnblogs.com/ Yatho dest=/tmp/index.html mode=0400 Force=yes "
Yum:linux Package Management platform operation, Common will have Yum and apt, here will call Yum management mode
Ansible servers-m yum-a "Name=curl state=latest"
Cron: remote host crontab configuration
Ansible webservers-m cron-a "name= ' check dir ' hour= ' 5,2 ' job= ' ls-alh >/dev/null '"
Service: Remote host system Services management
# ansible webservers-m service-a "Name=crond state=stopped" # ansible webservers-m service-a "Name=crond State=restarte D "# ansible webservers-m service-a" Name=crond state=reloaded "
User:user
Add User: # ansible webservers-m user-a "name=johnd comment= ' John Doe '" Delete User: # ansible webservers-m user-a "NAME=JOHND state =absent Remove=yes "
Playbook
Playbook Introduction
Playbook is a different pattern than using ansible command-line execution, and its function is to integrate a large number of command-line configurations together to form a customizable multi-host configuration management Deployment Tool.
It is defined in YAML format to enable distribution of application deployments to multiple hosts.
Here is a detailed description of a Playbook deployment example for Nginx nested reuse architecture:
1. Building the directory structure
# cd/etc/ansible/# mkdir group_vars# mkdir roles
2. Define the host
# vi/etc/ansible/hosts[webservers]client01.example.comclient02.example.com[nginx01]client01.example.com[nginx02 ]client02.example.com
3. Defining variables
# Vi/etc/ansible/group_vars/nginx01worker_processes:4num_cpus:4max_open_file:65506root:/dataremote_user:root
# Vi/etc/ansible/group_vars/nginx02worker_processes:2num_cpus:2max_open_file:35506root:/wwwremote_user:root
Tips: Here the filename defined under Group_vars must correspond to the group tag under the Hosts file, and the different types of host configurations can be deployed through the various parameters defined here.
4. Create a roles Portal file
# vi/etc/ansible/site.yml-hosts:webservers roles: -base_env-hosts:nginx01 roles: -nginx01-hosts : nginx02 roles: -nginx02
Tips: Here's roles: The string below needs to correspond to the directory name in the roles directory.
5. Define Global Role Base_env
Create a directory structure
# mkdir-p/etc/ansible/roles/base_env/tasks # vi/etc/ansible/roles/base_env/tasks/main.yml # transfer Epel Yum Source configuration file to client- Name:create the contains common plays that'll run on all nodes Copy:src=epel.repo dest=/etc/yum.repos.d/epel.repo- Name:create the GPG key for EPEL copy:src=rpm-gpg-key-epel-6 dest=/etc/pki/rpm-gpg # close selinux-name:test to S EE if selling is running command:getenforce register:sestatus changed_when:false# Delete iptables default rule and save- Name:remove the default iptables rules command:iptables-f-name:save iptables rules command:service iptables Save
Copy the files that need to be copied to the remote to the Base_env/files directory
# mkdir-p /etc/ansible/roles/base_env/files# cp/etc/yum.repos.d/epel.repo/etc/ansible/roles/base_env/files# Cp/etc/pki/rpm-gpg/rpm-gpg-key-epel-6/etc/ansible/roles/base_env/files
6. Define NGINX01 and ngnix02 role
Create a directory structure
# mkdir-p/etc/ansible/roles/nginx{01,02}# mkdir-p/etc/ansible/roles/nginx01/tasks# mkdir-p/etc/ansible/roles/ nginx02/tasks# vi/etc/ansible/roles/nginx01/tasks/main.yml # Install Nginx latest version-Name:ensure Nginx is at the latest version
yum:pkg=nginx state=latest# Transfer nginx config file to remote directory-name:write The nginx config files template:src=nginx.conf dest=/etc /nginx/nginx.conf notify:restart nginx # reboot nginx# create nginx root directory-name:create Web root file:dest={{root}} mode=77 5 state=directory owner=nginx Group=nginx notify:reload nginx-name:ensure nginx is running Service:name=nginx state=restarted # CP/HOME/ANSIBLE/ROLES/NGINX01/TASKS/MAIN.YML/HOME/ANSIBLE/ROLES/NGINX02/TASKS/MAIN.YML
7. Define Files
# mkdir-p/etc/ansible/roles/nginx01/templates# mkdir-p/etc/ansible/roles/nginx02/templates# vi/etc/ansible/roles/ nginx01/templates/nginx.conf# for more information on configuration, See:user Nginx; worker_processes {{worker_processes}}; {% if Num_cpus = = 2%} worker_cpu_affinity 01 10; {% Elif Num_cpus = = 4} worker_cpu_affinity 1000 0100 0010 0001; {% elif Num_cpus >= 8} worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000; {% Else%} worker_cpu_affinity 1000 0100 0010 0001; {% ENDIF%} worker_rlimit_nofile {{max_open_file}}; Error_log/var/log/nginx/error.log; #error_log/var/log/nginx/error.log Notice; #error_log/var/log/nginx/error.log Info; Pid/var/run/nginx.pid; Events {worker_connections {max_open_file}}; } http {include/etc/nginx/mime.types; Default_type Application/octet-stream; Log_format Main ' $remote _addr-$remote _user [$time _Local] "$request" $status $body _bytes_sent "$http _referer" "" $http _user _agent "" $http _x_forwarded_for "; Access_log/var/log/nginx/access.log main; Sendfile on; #tcp_nopush on; #keepalive_timeout 0; Keepalive_timeout 65; #gzip on; # Load config files from the/etc/nginx/conf.d directory # The default server was in conf.d/default.conf #include /etc/nginx/conf.d/*.conf; server {Listen default_server; server_name _; #charset Koi8-r; #access_log Logs/host.access.log Main; Location/{root {{root}}; Index index.html index.htm; } error_page 404/404.html; Location =/404.html {root/usr/share/nginx/html; } # REDIRECT Server error pages to the static page/50x.html # ERROR_PAGE 502 503 504/50x.html; Location =/50x.html {root/usr/share/nginx/html; } } }
Tip:worker_processes, Num_cpus, Max_open_file, root and other parameters call the corresponding variable values in the configuration file in the Group_vars directory
# cp/etc/ansible/roles/nginx01/templates/nginx.conf /etc/ansible/roles/nginx02/templates/nginx.conf
8. Executive Playbook
# ansible-playbook-i/etc/ansible/hosts/etc/ansible/site.yml-f 10
Tips:-F executes playbook for starting 10 parallel processes,-I defines inventory host file, Site.yml is a portal file
PLAY [webservers] ************************************************************* gathering FACTS ******************* OK: [Client02.example.com]ok: [Client01.example.com]task: [Base_env | Create the contains common plays that'll run on all nodes] * * * OK: [Client01.example.com]ok: [Client02.example.com]task: [Base_env | Create the GPG key for EPEL] ******************************** OK: [Client02.example.com]ok: [Client01.example.com]task: [base_env | Test to see if selling is running] ************************** OK: [Client01.example.com]ok: [Client02.example. Com]task: [base_env | Remove the default iptables rules] ************************** changed: [client02.example.com] Changed: [client01.example.com]task: [base_env | save iptables rules] **************************************** changed : [client01.example.com]changed: [Client02.example.com]play [nginx01] ******************************************** Gathering FACTS *********OK: [client01.example.com]task: [nginx01 | Ensure Nginx is at The latest version] *********************** OK: [client01.example.com]task: [nginx01 | Write the nginx config file] ****** OK: [client01.example.com]task: [NGINX01 | Create Web Root] ********************************************* OK: [client01.example.com]task: [nginx01 | ensure Nginx is running] ************************************* changed: [Client01.example.com]play [nginx02] ******************** Gathering FACTS **************************************************** OK: [client02.example.com]task: [nginx02 | Ensure Nginx is at the latest version] *********************** OK: [Client02.example.com] TASK: [nginx02 | Write the nginx config file] ********************************* OK: [client02.example.com]task: [nginx02 | Create Web Root] ********************************************* OK: [client02.example.com]task: [nginx02 | Ensure Nginx is running] ************************************* changed: [ Client02.example.com]play RECAP ******************************************************************** client01.example.com:ok=11 changed=3 unreachable=0 failed=0 client02.example.com:ok=11 changed =3 unreachable=0 failed=0
The final deployment directory structure is as follows
# tree/etc/ansible/
/etc/ansible/├──ansible.cfg├──group_vars│ ├──nginx01│ └──nginx02├──hosts├──hosts.bak├──roles│ ├── base_env│ │ ├──files│ │ │ ├──epel.repo│ │ │ └──rpm-gpg-key-epel-6│ │ └──tasks│ │ └──main.yml│ ├──nginx01│ │ ├──tasks│ │ │ └── main.yml│ │ └──templates│ │ └──nginx.conf│ └──nginx02│ ├──tasks│ │ └── main.yml│ └──templates│ └──nginx.conf└──site.yml
Jenkins Association Configuration
Choice Parameter
Deploy_environment define the deployment environment name DEV,TEST,UAT,PDT
Execute Shell
Start and end of set +x, Set-x used to open and close the part of the extended parameters and commands
CD $WORKSPACE/leon-playbook-phpcms1.1
Ansible--version
Ansible-playbook-i inventory/$deploy _environment./deploy.yml-e project=phpcms-e branch= $branch _selector-e env=$ Deploy_environment
-I is used to customize the Ansible host file path, the./deploy.yml is the Ansible-playbook portal file, and the-e can be followed by the environment variables added to the current session.
"Mac" Ansible installation and basic use