Articles Catalogue
Introduction to Ansible roles
- Ansible roles are designed to organize Playbook hierarchically and structurally.
- roles is by placing variables, files, tasks, modules and processors in separate directories, and can easily include them.
- roles are commonly used in host-based service building scenarios, and are frequently used in complex business scenarios in enterprises.
- Organize tasks, variables, handlers, templates, files, etc. with a specific hierarchical directory structure; it is equivalent to the call of functions to cut each function into fragments for execution.
roles directory structure
role_name: Defined role name
- files: Functions that store calls from modules such as copy or script
- tasks: Define various task s, with main.yml and other files including calls
- Handlers: Define various handlers, with main.yml and other files including calls
- vars: Define variables, have main.yml, other files include calls
- templates: Store template text invoked by the template module
- meta: Define the specific settings and dependencies of the current role, with the main.yml file
- defaults: There must be a main.yml file for setting default variables
Create roles
- The path where role is stored is defined in the configuration file / etc/ansible/ansible.cfg: roles_path = etc / ansible / roles
Give an example
Use roles to install and open httpd services for the host, and add httpd to the firewall list
- Switch to ordinary user devops and create a new directory roles in the ansible directory under the user's home directory.
su - devops cd ansible mkdir roles
- Edit the ansible.cfg file to add roles
[devops@server1 ansible]$ vim ansible.cfg [defaults] inventory = ./inventory roles_path = ./roles #Current directory [privilege_escalation] become=True become_method=sudo become_user=root become_ask_pass=False
- Create an apache template
[devops@server1 roles]$ ansible-galaxy init apache [devops@server1 roles]$ cd apache/ [devops@server1 apache]$ ls defaults files handlers meta README.md tasks templates tests vars [devops@server1 apache]$ rm -fr README.md tests #You can delete these two file directories [devops@server1 ansible]$ pwd /home/devops/ansible [devops@server1 ansible]$ ansible-galaxy list #List all galaxies
- Edit several main.yml files to split the contents of previous playbook.yml files.
- Copy template files to apache's template directory
[devops@server1 apache]$ cp ~/ansible/templates/httpd.conf.j2 templates/ [devops@server1 apache]$ cd templates/ [devops@server1 templates]$ ls httpd.conf.j2
- Edit the main.yml file of task tasks
[devops@server1 apache]$ \vi tasks/main.yml
---
- name: install httpd
yum:
name: httpd
state: present
- name: copy httpd
copy:
content: "{{ ansible_facts['hostname'] }}"
dest: /var/www/html/index.html
- name: configure httpd
template:
src: httpd.conf.j2 #Pay attention to modifying the path
dest: /etc/httpd/conf/httpd.conf
owner: root
group: root
mode: 644
notify: restart httpd
- name: start httpd and firewalld
service:
name: "{{ item }}"
state: started
loop:
- httpd
- firewalld
- name: configure firewalld
firewalld:
service: http
permanent: yes
immediate: yes
state: enabled
- Edit the main.yml file of the trigger handles
[devops@server1 apache]$ \vi handlers/main.yml
---
- name: restart httpd
service:
name: httpd
state: restarted
- Edit the main.yml file of the variable
[devops@server1 ansible]$ vim roles/apache/vars/main.yml
---
http_host: "{{ ansible_facts['default_ipv4']['address'] }}"
http_port: 80
- New apache.yml file
[devops@server1 ansible]$ vim apache.yml
---
- hosts: webserver
roles:
- apache
- Modify the inventory file to read as follows.
[devops@server1 ansible]$ vim inventory [test] server2 [prod] server3 server4 [webserver:children] test prod
- Inspection and execution
[devops@server1 ansible]$ ansible-playbook apache.yml -C #Detection only, no modification [devops@server1 ansible]$ ansible-playbook apache.yml
haproxy deployment (load balancing)
- Create a haproxy template
[devops@server1 roles]$ ansible-galaxy init haproxy - haproxy was created successfully [devops@server1 roles]$ ls apache haproxy
- Edit the main.yml file of the trigger
[devops@server1 haproxy]$ \vi handlers/main.yml
---
- name: restart haproxy
service:
name: haproxy
state: restarted
- Copy template files to haproxy template directory
[devops@server1 haproxy]$ cp ~/ansible/templates/haproxy.cfg.j2 templates/ [devops@server1 haproxy]$ cd templates/ [devops@server1 templates]$ ls haproxy.cfg.j2
- main.yml file for editing task
[devops@server1 haproxy]$ \vi tasks/main.ym
---
- name: install haproxy
yum:
name: haproxy
state: present
- name: configure haproxy
template:
src: haproxy.cfg.j2 #Pay attention to modifying the path
dest: /etc/haproxy/haproxy.cfg
notify: restart haproxy
- name: start haproxy
service:
name: haproxy
state: started
- On the basis of the apache.yml file just now, edit it and add judgment conditions.
---
- hosts: all
tasks:
- import_role:
name: apache
when: ansible_hostname in groups['webserver']
- import_role:
name: haproxy
when: ansible_hostname in groups['lb']
- Edit inventory file
[devops@server1 ansible]$ vim inventory [lb] server1 #Writing localhost prompts skipping [test] server2 [prod] server3 [webserver:children] test prod
- Implementation:
[devops@server1 ansible]$ ansible-playbook apache.yml
- Check the haproxy service status and port after successful execution (port 80 is modified in our template file).
[devops@server1 ansible]$ systemctl status haproxy [devops@server1 ansible]$ netstat -antlp
Implementation of keeping alive + haproxy high availability
In Blog https://blog.csdn.net/even160941/article/details/99128262 Medium.