ansbile-playbookシナリオケース
个人博客转移:www.zhangshoufu.com
3台のサーバをansibleで一括管理し、3台のサーバにバックアップを実現させ、web 01、nfs、backupは、webとnfs上の重要なファイルをbackupに分割し、ホストipアドレスは以下のように割り当てられる.
Character
IPアドレス
IPアドレス
ホスト名
Rsync--server
172.16.1.41
10.0.0.41
backup-rsync-41
NFS-client
172.16.1.31
10.0.0.31
Nfs01-31
Web01
172.16.1.7
10.0.0.7
web01-7
m 01で操作し、ansibleリストとシナリオディレクトリ計画を作成します.私たちはすべてのyamlファイルを/playbookディレクトリの下に、プロファイルを/paly/confディレクトリの下に、スクリプトを/playbook/scriptsディレクトリの下に置きます.[root@m01-61 /]# mkdir /playbook/{conf,scripts}
[root@m01-61 /]# cat /etc/ansible/hosts ---
[nfs]
172.16.1.31 ansible_ssh_private_key_file=/root/.ssh/test_id_rsa
[web]
172.16.1.7 ansible_ssh_private_key_file=/root/.ssh/test_id_rsa
[backup]
172.16.1.41 ansible_ssh_private_key_file=/root/.ssh/test_id_rsa
[host:children]
nfs
web
backup
基本的なシナリオを構築し、すべてのサーバがこのシナリオを適用します.1, , firewalld selinux, ssh, dns
2, epel
3, nfs rsyn
4, UID GID 666 www
5, rsync
6,
7, ,
[root@m01-61 /]# cd /playbook/
[root@m01-61 playbook]# cat base.yaml
#zhe shi yi ge ji chu
- hosts: all
tasks:
# - name: stop firewall
- name: Install Epel repos
get_url: url=http://mirrors.aliyun.com/repo/epel-7.repo dest=/etc/yum.repos.d/epel.repo
# ssh firewall selinux hosts
- name: Dns client file
copy: src=./conf/resolv.conf dest=/etc/resolv.conf
- name: Install service rsync nfs-utils
yum: name=rsync,nfs-utils state=installed
- name: create group
group: name=www gid=666
- name: creat user
user: name=www uid=666 group=www create_home=no shell=/sbin/nologin
- name: rsync passwd file
copy: content='1' dest=/etc/rsync.pass mode=0600
- name: creat /server/scripts
file: path=/server/scripts state=directory recurse=yes
- name: copy scripts
copy: src=./scripts/client_rsync_backup.sh dest=/server/scripts/client_rsync_backup.sh
- name: crontab sh /server/scripts/client_rsync_backup.sh
cron: name="backup scripts" minute=0 hour=1 job="/usr/bin/bash /server/scripts/client_rsync_backup.sh &> /dev/null "
backupのシナリオを閉じる1, , ,
2, backup data
3, rsync ,
4, rsync ,
5,
[root@m01-61 playbook]# cat rsync.yaml
- hosts: backup
tasks:
- name: install mailx
yum: name=mailx state=installed
- name: configure rsync
copy: src=conf/rsyncd.conf dest=/etc/rsyncd.conf
notify: Restart rsync service
- name: create dir /data
file: path=/data state=directory owner=www group=www
- name: create dir /backup
file: path=/backup state=directory owner=www group=www
- name: create file rsync passwd
copy: content='rsync_backup:1' dest=/etc/rsync.password motd=0600
- name: configure mail
copy: src=./conf/mail.rc dest=/etc/mail.rc
- name: copt scripts check
copy: src=./scripts/check_backup.sh dest=/server/scripts/check_backup.sh
- name: cron root
cron: name="check client backup" minute=0 hour=2 job='/usr/bin/bash /server/scripts/check_backup.sh &> /dev/null'
- name: start rsync
service: name=rsyncd state=started
handlers:
- name: Restart rsync service
service: name=rsyncd state=restarted
[root@m01-61 playbook]# cat ./conf/rsyncd.conf
uid = www
gid = www
port = 873
fake super = yes
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.password
log file = /var/log/rsyncd.log
[backup]
comment = welcome to backup!
path = /backup
[data]
path = /data
nfsのプロファイルの作成1, nfs ,
2, sersync , ,
[root@m01-61 playbook]# cat nfs.yaml
- hosts: nfs
tasks:
- name: copy sersync
copy: src=./conf/sersync dest=/usr/local recurse=yes mode=755
notify: statr sersync
- name: create /data
file: path=/data state=directory owner=www group=www
- name: create nfs file
copy: src=./conf/exports dest=/etc/exports
notify: restart nfs service
- name: start rpcbind rsync
service: name=rpcbind state=started enabled=yes
- name: statrt nfs start
service: name=nfs-server state=started enabled=yes
handlers:
- name: restart nfs service
service: name=nfs state=restarted
- name: statr sersync
shell: " ps aux | grep [s]ersync | awk '{print \"kill -9\"$2}' | bash && /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml"
Webシナリオの構成[root@m01-61 playbook]# cat web_nfs.yaml
- hosts: web
tasks:
- name: mount nfs
mount: src=172.16.1.31:/data path=/data fstype=nfs opts=defaults state=mounted
すべてのシナリオを合わせて実行する[root@m01-61 playbook]# cat all.yaml
- import_playbook: /playbook/base.yaml
- import_playbook: /playbook/rsync.yaml
- import_playbook: /playbook/nfs.yaml
- import_playbook: /playbook/web_nfs.yaml
[root@m01-61 /]# mkdir /playbook/{conf,scripts}
[root@m01-61 /]# cat /etc/ansible/hosts ---
[nfs]
172.16.1.31 ansible_ssh_private_key_file=/root/.ssh/test_id_rsa
[web]
172.16.1.7 ansible_ssh_private_key_file=/root/.ssh/test_id_rsa
[backup]
172.16.1.41 ansible_ssh_private_key_file=/root/.ssh/test_id_rsa
[host:children]
nfs
web
backup
1, , firewalld selinux, ssh, dns
2, epel
3, nfs rsyn
4, UID GID 666 www
5, rsync
6,
7, ,
[root@m01-61 /]# cd /playbook/
[root@m01-61 playbook]# cat base.yaml
#zhe shi yi ge ji chu
- hosts: all
tasks:
# - name: stop firewall
- name: Install Epel repos
get_url: url=http://mirrors.aliyun.com/repo/epel-7.repo dest=/etc/yum.repos.d/epel.repo
# ssh firewall selinux hosts
- name: Dns client file
copy: src=./conf/resolv.conf dest=/etc/resolv.conf
- name: Install service rsync nfs-utils
yum: name=rsync,nfs-utils state=installed
- name: create group
group: name=www gid=666
- name: creat user
user: name=www uid=666 group=www create_home=no shell=/sbin/nologin
- name: rsync passwd file
copy: content='1' dest=/etc/rsync.pass mode=0600
- name: creat /server/scripts
file: path=/server/scripts state=directory recurse=yes
- name: copy scripts
copy: src=./scripts/client_rsync_backup.sh dest=/server/scripts/client_rsync_backup.sh
- name: crontab sh /server/scripts/client_rsync_backup.sh
cron: name="backup scripts" minute=0 hour=1 job="/usr/bin/bash /server/scripts/client_rsync_backup.sh &> /dev/null "
1, , ,
2, backup data
3, rsync ,
4, rsync ,
5,
[root@m01-61 playbook]# cat rsync.yaml
- hosts: backup
tasks:
- name: install mailx
yum: name=mailx state=installed
- name: configure rsync
copy: src=conf/rsyncd.conf dest=/etc/rsyncd.conf
notify: Restart rsync service
- name: create dir /data
file: path=/data state=directory owner=www group=www
- name: create dir /backup
file: path=/backup state=directory owner=www group=www
- name: create file rsync passwd
copy: content='rsync_backup:1' dest=/etc/rsync.password motd=0600
- name: configure mail
copy: src=./conf/mail.rc dest=/etc/mail.rc
- name: copt scripts check
copy: src=./scripts/check_backup.sh dest=/server/scripts/check_backup.sh
- name: cron root
cron: name="check client backup" minute=0 hour=2 job='/usr/bin/bash /server/scripts/check_backup.sh &> /dev/null'
- name: start rsync
service: name=rsyncd state=started
handlers:
- name: Restart rsync service
service: name=rsyncd state=restarted
[root@m01-61 playbook]# cat ./conf/rsyncd.conf
uid = www
gid = www
port = 873
fake super = yes
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.password
log file = /var/log/rsyncd.log
[backup]
comment = welcome to backup!
path = /backup
[data]
path = /data
1, nfs ,
2, sersync , ,
[root@m01-61 playbook]# cat nfs.yaml
- hosts: nfs
tasks:
- name: copy sersync
copy: src=./conf/sersync dest=/usr/local recurse=yes mode=755
notify: statr sersync
- name: create /data
file: path=/data state=directory owner=www group=www
- name: create nfs file
copy: src=./conf/exports dest=/etc/exports
notify: restart nfs service
- name: start rpcbind rsync
service: name=rpcbind state=started enabled=yes
- name: statrt nfs start
service: name=nfs-server state=started enabled=yes
handlers:
- name: restart nfs service
service: name=nfs state=restarted
- name: statr sersync
shell: " ps aux | grep [s]ersync | awk '{print \"kill -9\"$2}' | bash && /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml"
[root@m01-61 playbook]# cat web_nfs.yaml
- hosts: web
tasks:
- name: mount nfs
mount: src=172.16.1.31:/data path=/data fstype=nfs opts=defaults state=mounted
[root@m01-61 playbook]# cat all.yaml
- import_playbook: /playbook/base.yaml
- import_playbook: /playbook/rsync.yaml
- import_playbook: /playbook/nfs.yaml
- import_playbook: /playbook/web_nfs.yaml