roles改造
一个标准项目由多个role组成目录如下:
roles/
│ └── webserver/
│ ├── tasks/
│ ├── templates/
│ ├── handlers/
│ ├── vars/
│ └── defaults/
│
└── playbook.yml
执行命令一次性创建成功
mkdir -p {roles/,roles/webserver/,roles/webserver/tasks/,roles/webserver/templates/,roles/webserver/handlers/,roles/webserver/vars/,roles/webserver/defaults/}
tasks
开始改造 roles/webserver/tasks/main.yml
---
- name: Install httpd
yum:
name: httpd
state: present
- name: Ensure httpd is enabled and running
service:
name: httpd
enabled: true
state: started
- name: Deploy template
template:
src: index.html.j2
dest: "/var/www/html/index.html"
设置变量
在 roles/webserver/defaults/main.yml 中定义默认变量。这里可以设置 my_custom_variable:
---
# roles/webserver/defaults/main.yml
my_custom_variable: "Some value"
设置template
将 index.html.j2 文件放在 roles/webserver/templates/ 目录下。
创建 Handlers
如果您需要重启 httpd 服务或执行其他 idempotent 操作,可以在 roles/webserver/handlers/main.yml 中定义 handlers:
---
- name: restart httpd
service:
name: httpd
state: restarted
编写 Playbook
最后,在 playbook.yml 中引用这个 role:
---
- name: Deploy web server
hosts: webservers
become: true
roles:
- webserver
运行 Playbook
运行 playbook:
ansible-playbook playbook.yml
幂等改造
我们要求每次执行都使最终效果一致。修改roles/webserver/tasks/main.yml文件
---
- name: Check if httpd is installed
command: rpm -q httpd
register: httpd_installed
failed_when: false
changed_when: false
check_mode: no
- name: Install httpd
yum:
name: httpd
state: present
when: httpd_installed.rc != 0
- name: Ensure httpd is enabled and running
service:
name: httpd
enabled: true
state: started
- name: Deploy template
template:
src: index.html.j2
dest: "/var/www/html/index.html"
- 我们首先使用
rpm -q httpd命令检查httpd是否已安装,并将结果注册到变量httpd_installed中。 - 在 "Install httpd" 任务中,我们通过
when条件来判断httpd是否已安装。只有当httpd未安装(httpd_installed.rc != 0)时,才会执行安装。 - "Ensure httpd is enabled and running" 任务会确保
httpd服务启用并运行,这个任务本身就是幂等的。
failed_when: false和changed_when: false确保检查命令不会错误地标记任务为失败或改变状态。check_mode: no确保即使在 check 模式下,这个检查也会被执行。
使用这种方法, playbook 在执行时将只有在必要时才会安装和配置 httpd,从而确保了幂等性。
添加卸载任务
继续在roles/webserver/tasks/main.yml后面追加下面的内容:
---
- name: Stop httpd service
service:
name: httpd
state: stopped
become: true
when: cleanup | default(false)
- name: Remove httpd package
yum:
name: httpd
state: absent
become: true
when: cleanup | default(false)
- name: Remove HTML files from /var/www/html/
file:
path: "/var/www/html/{{ item }}"
state: absent
with_items:
- index.html
become: true
when: cleanup | default(false)
ansible-playbook playbook.yml -e "cleanup=true"
使用tag区分安装和卸载
---
# roles/webserver/tasks/main.yml
- name: Install httpd
yum:
name: httpd
state: present
tags: install
- name: Ensure httpd is enabled and running
service:
name: httpd
enabled: true
state: started
tags: install
- name: Deploy template
template:
src: index.html.j2
dest: "/var/www/html/index.html"
tags: install
- name: Stop httpd service
service:
name: httpd
state: stopped
tags: cleanup
- name: Remove httpd package
yum:
name: httpd
state: absent
tags: cleanup
- name: Remove HTML files from /var/www/html/
file:
path: "/var/www/html/{{ item }}"
state: absent
with_items:
- index.html
tags: cleanup
分别执行命令体会
ansible-playbook playbook.yml --tags "install"
ansible-playbook playbook.yml --tags "cleanup"
思考:main太臃肿了,可拆分成多个文件,用include,你知道怎么做吗?
公众号
扫码订阅最新深度技术文,回复【资源】获取技术大礼包
评论