国产av日韩一区二区三区精品,成人性爱视频在线观看,国产,欧美,日韩,一区,www.成色av久久成人,2222eeee成人天堂

Home System Tutorial LINUX Ansible usage: simple use of ansible-playbook

Ansible usage: simple use of ansible-playbook

Sep 02, 2024 pm 02:55 PM
linux linux tutorial Red Hat linux system linux command linux certification red hat linux linux video

Ansible usage: simple use of ansible-playbook

ansbile-playbook is a collection of system ansible commands, which is written in the yaml language and runs the process. The ansbile-playbook commands are executed in top-down order. At the same time, playbook has created many features. It allows you to transfer the status of a certain command to a subsequent command. For example, you can grab content from a file on one machine and attach it as a variable, and then use it on another machine. This allows you to implement some complex deployment mechanisms that are not possible with ansible commands.

Playbook is used through the ansible-playbook command. Its parameters are similar to the ansible command, such as the parameters -k (–ask-pass) and -K (–ask-sudo) to ask for the ssh password and sudo password, and -u to specify the user. ,These instructions can also be written in the playbook through ,prescribed units. Simple usage of ansible-playbook: ansible-playbook example-play.yml.

1. A simple example

A simple ansible-playbook example is given below to understand its composition. 

# cat user.yml
- name: create user
hosts: all
user: root
gather_facts: false
vars:
- user: "test"
tasks:
- name: create user
user: name="{{ user }}"

The function implemented by the playbook above is to add a new user:

The name parameter provides an overview of the functions implemented by the playbook. During subsequent execution, the value of the name variable will be printed;

The hosts parameter specifies which hosts to participate in;

The user parameter specifies the user to use to log in to the remote host;

The gather_facts parameter specifies whether to execute the setup module to obtain host-related information before the following tasks are executed. This will be used when subsequent tasks will use the information obtained by the setup;

The vars parameter specifies a variable. Here it refers to a user variable whose value is test. It should be noted that the variable value must be enclosed in quotation marks;

task specifies a task, and the name parameter below it is also a description of the task, which will be printed out during execution. User specifies calling the user module, name is a parameter in the user module, and the added user name calls the value of the user variable above. The specific execution results are as follows: 

[root@361way playbooks]# ansible-playbook user.yml
PLAY [create user] ************************************************************
TASK: [create user ] **********************************************
changed: [10.212.52.252]
changed: [10.212.52.14]
changed: [10.212.52.16]
PLAY RECAP ********************************************************************
10.212.52.14 : ok=1 changed=1 unreachable=0 failed=0
10.212.52.16 : ok=1 changed=1 unreachable=0 failed=0
10.212.52.252 : ok=1 changed=1 unreachable=0 failed=0

Similarly, if you want to delete this newly added user, you only need to replace the last line of the playbook file with the following line and then execute the corresponding playbook: 

user: name="{{ user }}" state=absent remove=yes
2. One-click patching bash shellcode example

Give us a slightly more complicated example, using ansible-playbook to simultaneously patch bash shellcode vulnerabilities on N hosts. It should be noted that there may be different system versions distributed among the hosts on the existing network. It is assumed here that both centos5 and 6 versions exist on the existing network. The specific playbook content is as follows: 

# cat update_bash.yml
- hosts: all
remote_user: root
gather_facts: True
tasks:
- name: update bash in redhat 6 version
yum: name=http://mirrors.aliyun.com/centos/6.6/os/x86_64/Packages/bash-4.1.2-29.el6.x86_64.rpm.rpm state=present
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
- name: update bash in redhat 5 version
yum: name=http://mirrors.hustunique.com/centos/5/updates/x86_64/RPMS/bash-3.2-33.el5.1.x86_64.rpm state=present
when: ansible_os_family == "RedHat" and ansible_distribution_version|int 
<p>The when statement is used above, and the gather_facts setup module is also enabled. The ansible_os_family variable and ansible_distribution_version variable here are the information obtained directly from the setup module. </p>
<p>If there are a large number of hosts, just add -f when running and select an appropriate number of concurrent hosts. I used this here and the bash upgrade was completed quickly. </p>
<div style="font-size: 14pt; color: white; background-color: black; border-left: red 10px solid; padding-left: 14px; margin-bottom: 20px; margin-top: 20px;"><strong>3. The composition of playbook</strong></div>
<p>playbook是由一個(gè)或多個(gè)“play”組成的列表。play的主要功能在于將事先歸并為一組的主機(jī)裝扮成事先通過ansible中的task定義好的角色。從根本上來講所謂task無非是調(diào)用ansible的一個(gè)module。將多個(gè)play組織在一個(gè)playbook中即可以讓它們聯(lián)同起來按事先編排的機(jī)制同唱一臺(tái)大戲。其主要有以下四部分構(gòu)成</p>
<ol class="linenums">
<li class="L0"><span class="pln">playbooks組成:</span></li>
<li class="L1"><span class="pln"> Target section: 定義將要執(zhí)行 playbook 的遠(yuǎn)程主機(jī)組</span></li>
<li class="L2"><span class="pln"> Variable section: 定義 playbook 運(yùn)行時(shí)需要使用的變量</span></li>
<li class="L3"><span class="pln"> Task section: 定義將要在遠(yuǎn)程主機(jī)上執(zhí)行的任務(wù)列表</span></li>
<li class="L4"><span class="pln"> Handler section: 定義 task 執(zhí)行完成以后需要調(diào)用的任務(wù)</span></li>
</ol>
<p>而其對(duì)應(yīng)的目錄層為五個(gè),如下:</p>
<ol class="linenums">
<li class="L0"><span class="pln">一般所需的目錄層有:(視情況可變化)</span></li>
<li class="L1"><span class="pln"> vars 變量層</span></li>
<li class="L2"><span class="pln"> tasks 任務(wù)層</span></li>
<li class="L3"><span class="pln"> handlers 觸發(fā)條件</span></li>
<li class="L4"><span class="pln"> files 文件</span></li>
<li class="L5"><span class="pln"> template 模板</span></li>
</ol>
<p>下面介紹下構(gòu)成playbook 的四層結(jié)構(gòu)。</p>
<div style="margin-top: 2em; margin-bottom: 1em;"><span style="color: #1e1e1e; letter-spacing: 2px; border-left: #FF3030 3px solid; border-right: #FF3030 3px solid; padding-left: 8px; padding-right: 8px; font-size: 12pt;"><strong>1、Hosts和Users</strong></span></div>
<p>playbook中的每一個(gè)play的目的都是為了讓某個(gè)或某些主機(jī)以某個(gè)指定的用戶身份執(zhí)行任務(wù)。</p>
<p>hosts 用于指定要執(zhí)行指定任務(wù)的主機(jī)其可以是一個(gè)或多個(gè)由冒號(hào)分隔主機(jī)組。</p>
<p>remote_user 則用于指定遠(yuǎn)程主機(jī)上的執(zhí)行任務(wù)的用戶。<br>
不過remote_user也可用于各task中。也可以通過指定其通過sudo的方式在遠(yuǎn)程主機(jī)上執(zhí)行任務(wù)其可用于play全局或某任務(wù)。<br>
此外甚至可以在sudo時(shí)使用sudo_user指定sudo時(shí)切換的用戶。</p>
<p>示例:</p>
<pre class="brush:php;toolbar:false">- hosts: webnodes
tasks:
- name: test ping connection:
remote_user: test
sudo: yes
2、任務(wù)列表和action

play的主體部分是task list。

task list中的各任務(wù)按次序逐個(gè)在hosts中指定的所有主機(jī)上執(zhí)行即在所有主機(jī)上完成第一個(gè)任務(wù)后再開始第二個(gè)。在運(yùn)行自下而下某playbook時(shí)如果中途發(fā)生錯(cuò)誤所有已執(zhí)行任務(wù)都將回滾因此在更正playbook后重新執(zhí)行一次即可。

task的目的是使用指定的參數(shù)執(zhí)行模塊而在模塊參數(shù)中可以使用變量。模塊執(zhí)行是冪等的這意味著多次執(zhí)行是安全的因?yàn)槠浣Y(jié)果均一致。每個(gè)task都應(yīng)該有其name用于playbook的執(zhí)行結(jié)果輸出建議其內(nèi)容盡可能清晰地描述任務(wù)執(zhí)行步驟。如果未提供name則action的結(jié)果將用于輸出。

定義task的可以使用“action: module options”或“module: options”的格式推薦使用后者以實(shí)現(xiàn)向后兼容。如果action一行的內(nèi)容過多也中使用在行首使用幾個(gè)空白字符進(jìn)行換行。

tasks:
- name: make sure apache is running
service: name=httpd state=running
在眾多模塊中只有command和shell模塊僅需要給定一個(gè)列表而無需使用“key=value”格式例如
tasks:
- name: disable selinux
command: /sbin/setenforce 0 如果命令或腳本的退出碼不為零可以使用如下方式替代
tasks:
- name: run this command and ignore the result
shell: /usr/bin/somecommand || /bin/true
或者使用ignore_errors來忽略錯(cuò)誤信息
tasks:
- name: run this command and ignore the result
shell: /usr/bin/somecommand
ignore_errors: True
3、handlers

用于當(dāng)關(guān)注的資源發(fā)生變化時(shí)采取一定的操作。
“notify”這個(gè)action可用于在每個(gè)play的最后被觸發(fā)這樣可以避免多次有改變發(fā)生時(shí)每次都執(zhí)行指定的操作取而代之僅在所有的變化發(fā)生完成后一次性地執(zhí)行指定操作。
在notify中列出的操作稱為handler也即notify中調(diào)用 handler中定義的操作。

注意:在 notify 中定義內(nèi)容一定要和tasks中定義的 - name 內(nèi)容一樣,這樣才能達(dá)到觸發(fā)的效果,否則會(huì)不生效。

- name: template configuration file
template: src=template.j2 dest=/etc/foo.conf
notify:
- restart memcached
- restart apache
handler是task列表這些task與前述的task并沒有本質(zhì)上的不同。
handlers:
- name: restart memcached
service: name=memcached state=restarted
- name: restart apache
service: name=apache state=restarted
4、tags

tags用于讓用戶選擇運(yùn)行或略過playbook中的部分代碼。ansible具有冪等性因此會(huì)自動(dòng)跳過沒有變化的部分即便如此有些代碼為測(cè)試其確實(shí)沒有發(fā)生變化的時(shí)間依然會(huì)非常地長(zhǎng)。
此時(shí)如果確信其沒有變化就可以通過tags跳過此些代碼片斷。

5、示例

下面再給出一個(gè)安裝httpd web服務(wù)的示例:

# cat /etc/ansible/playbook/install_web.yml
- hosts: webservers
remote_user: root
gather_fasks: False
vars:
packages: httpd
tasks:
- name: Install httpd
yum: name={{ packages }} state=present
- name: Cofiguration httpd
copy: src=/root/httpd.conf dest=/etc/httpd/conf/httpd.conf
tags: httpd_conf
notify:
- restart httpd
- name: Start httpd
service: name=httpd state=started enabled=no
tags: start
- name:Add centos user
user: name={{ item }} state=absent
tags: adduser
with_items:
- centos
- admin
handlers:
- name: restart httpd
service: name=httpd state=restart

注:上面的代碼沒有考慮ubuntu平臺(tái),僅僅考慮centos/redhat平臺(tái)。

The above is the detailed content of Ansible usage: simple use of ansible-playbook. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undress AI Tool

Undress AI Tool

Undress images for free

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Clothoff.io

Clothoff.io

AI clothes remover

Video Face Swap

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Postman Integrated Application on CentOS Postman Integrated Application on CentOS May 19, 2025 pm 08:00 PM

Integrating Postman applications on CentOS can be achieved through a variety of methods. The following are the detailed steps and suggestions: Install Postman by downloading the installation package to download Postman's Linux version installation package: Visit Postman's official website and select the version suitable for Linux to download. Unzip the installation package: Use the following command to unzip the installation package to the specified directory, for example /opt: sudotar-xzfpostman-linux-x64-xx.xx.xx.tar.gz-C/opt Please note that "postman-linux-x64-xx.xx.xx.tar.gz" is replaced by the file name you actually downloaded. Create symbols

The difference between programming in Java and other languages ??Analysis of the advantages of cross-platform features of Java The difference between programming in Java and other languages ??Analysis of the advantages of cross-platform features of Java May 20, 2025 pm 08:21 PM

The main difference between Java and other programming languages ??is its cross-platform feature of "writing at once, running everywhere". 1. The syntax of Java is close to C, but it removes pointer operations that are prone to errors, making it suitable for large enterprise applications. 2. Compared with Python, Java has more advantages in performance and large-scale data processing. The cross-platform advantage of Java stems from the Java virtual machine (JVM), which can run the same bytecode on different platforms, simplifying development and deployment, but be careful to avoid using platform-specific APIs to maintain cross-platformity.

Where is the pycharm interpreter? Where is the pycharm interpreter? May 23, 2025 pm 10:09 PM

Setting the location of the interpreter in PyCharm can be achieved through the following steps: 1. Open PyCharm, click the "File" menu, and select "Settings" or "Preferences". 2. Find and click "Project:[Your Project Name]" and select "PythonInterpreter". 3. Click "AddInterpreter", select "SystemInterpreter", browse to the Python installation directory, select the Python executable file, and click "OK". When setting up the interpreter, you need to pay attention to path correctness, version compatibility and the use of the virtual environment to ensure the smooth operation of the project.

How to manually install plugin packages in VSCode How to manually install plugin packages in VSCode May 15, 2025 pm 09:33 PM

The steps to manually install the plug-in package in VSCode are: 1. Download the .vsix file of the plug-in; 2. Open VSCode and press Ctrl Shift P (Windows/Linux) or Cmd Shift P (Mac) to call up the command panel; 3. Enter and select Extensions:InstallfromVSIX..., then select .vsix file and install. Manually installing plug-ins provides a flexible way to install, especially when the network is restricted or the plug-in market is unavailable, but attention needs to be paid to file security and possible dependencies.

Detailed introduction to each directory of Linux and each directory (reprinted) Detailed introduction to each directory of Linux and each directory (reprinted) May 22, 2025 pm 07:54 PM

[Common Directory Description] Directory/bin stores binary executable files (ls, cat, mkdir, etc.), and common commands are generally here. /etc stores system management and configuration files/home stores all user files. The root directory of the user's home directory is the basis of the user's home directory. For example, the home directory of the user user is /home/user. You can use ~user to represent /usr to store system applications. The more important directory /usr/local Local system administrator software installation directory (install system-level applications). This is the largest directory, and almost all the applications and files to be used are in this directory. /usr/x11r6?Directory for storing x?window/usr/bin?Many

After installing Nginx, the configuration file path and initial settings After installing Nginx, the configuration file path and initial settings May 16, 2025 pm 10:54 PM

Understanding Nginx's configuration file path and initial settings is very important because it is the first step in optimizing and managing a web server. 1) The configuration file path is usually /etc/nginx/nginx.conf. The syntax can be found and tested using the nginx-t command. 2) The initial settings include global settings (such as user, worker_processes) and HTTP settings (such as include, log_format). These settings allow customization and extension according to requirements. Incorrect configuration may lead to performance issues and security vulnerabilities.

MySQL installation tutorial teach you step by step the detailed steps for installing and configuration of mySQL step by step MySQL installation tutorial teach you step by step the detailed steps for installing and configuration of mySQL step by step May 23, 2025 am 06:09 AM

The installation and configuration of MySQL can be completed through the following steps: 1. Download the installation package suitable for the operating system from the official website. 2. Run the installer, select the "Developer Default" option and set the root user password. 3. After installation, configure environment variables to ensure that the bin directory of MySQL is in PATH. 4. When creating a user, follow the principle of minimum permissions and set a strong password. 5. Adjust the innodb_buffer_pool_size and max_connections parameters when optimizing performance. 6. Back up the database regularly and optimize query statements to improve performance.

Comparison between Informix and MySQL on Linux Comparison between Informix and MySQL on Linux May 29, 2025 pm 11:21 PM

Informix and MySQL are both popular relational database management systems. They perform well in Linux environments and are widely used. The following is a comparison and analysis of the two on the Linux platform: Installing and configuring Informix: Deploying Informix on Linux requires downloading the corresponding installation files, and then completing the installation and configuration process according to the official documentation. MySQL: The installation process of MySQL is relatively simple, and can be easily installed through system package management tools (such as apt or yum), and there are a large number of tutorials and community support on the network for reference. Performance Informix: Informix has excellent performance and

See all articles