如无书面授权,请勿转载
第四章,大型项目中Ansible的使用
Roles If your playbooks start expanding beyond what includes can help you solve, or you start gathering a large number of templates, you may want to use roles. Roles in Ansible allow you to group files together in a defined format. They are essentially an extension to includes that handles a few things automatically, and this helps you organize them inside your repository. Roles allows you to place your variables, files, tasks, templates, and handlers in a folder, and then easily include them. You can also include other roles from within roles, which effectively creates a tree of dependencies. Similar to task includes, they can have variables passed to them. Using these features, you should be able to build self-contained roles that are easy to share with others. Roles are commonly set up to be services provided by machines, but they can also be daemons, options, or simply characteristics. Things you may want to configure in a role are as follows: ? Webservers, such as Nginx or Apache ? Messages of the day customized for the security level of the machine ? Database servers running PostgreSQL or MySQL To manage roles in Ansible perform the following steps: 1. Create a folder named roles with your playbooks. 2. In the roles folder, make a folder for each role that you would like. 3. In the folder for each role, make folders named files , handlers , meta , tasks , templates , and finally vars . If you aren't going to use all these, you can leave the ones you don't need off. Ansible will silently ignore any missing files or directories when using roles. 4. In your playbooks, add the keyword roles followed by a list of roles that you would like to apply to the hosts. 5. For example, if you had the common , apache , website1 , and website2 roles, your directory structure would look similar to the following example. The site.yml file is for reconfiguring the entire site, and the webservers1.yml and webservers2.yml files are for configuring each web server farm. <img src="http://img.blog.csdn.net/20140715124644921?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvc21hbGxmaXNoMTk4Mw==/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/SouthEast" alt="" />
角色
假设你的playbook增长到包括也无法解决,或者你已经拥有一个数量巨大的模板,你也许就该使用角色了。它同意你依据定义的格式对文件进行分组,从本质上来将,它是一个具有一些自己主动化功能的包括,角色能够帮你非常好的组织你的资料库。
角色同意你将变量、文件、任务、模板、Handlers放到一个目录中,然后包括他们。在建立好一个有效的依赖关系之后,你还能够在一个角色中包括另外一个角色。和包括一样,你能够传递变量给角色。利用这些特性,你能够创建一个自包括的角色并不是常easy跟其它人分享它。
Roles are commonly set up to be services provided by machines, but they can also be daemons, options, or simply characteristics(临时不知道怎么翻译)
以下这些能够配置成一个角色:
- web服务,比方nginx或者apache
- Messages of the day customized for the security level of the machine
- PostgreSQL or MySQL
创建角色的步骤
- 创建一个叫roles的目录
- 在roles目录中,为每一个你希望定义的角色创建一个目录
- 在创建的角色目录中,再创建files , handlers , meta ,tasks , templates , vars这些目录,假设你临时不用的能够先不创建,Ansible会自己主动忽略他们。
- 在playbook中,加入?roleskeyword,它的值是你希望这个角色应用的主机列表。
- 比方,假设你有common , apache , website1 , website2这几个角色,那你的目录应该像以下的样例这样。site,yml是用来配置整个网站,webservers1,yml和webservers2.yml各自是用来配置各自的服务器。
The following file is what could be in website1.yml . It shows a playbook that applies the common , apache , and website1 roles to the website1 group in the inventory. The website1 role is included using a more verbose format that allows us to pass variables to the role: --- - name: Setup servers for website1.example.com hosts: website1 roles: - common - apache - { role: website1, port: 80 } For the role named common , Ansible will then try to load roles/common/tasks/ main.yml as a task include, roles/common/handlers/main.yml as a handler include, and roles/common/vars/main.yml as a variable file include. If all of these files are missing, Ansible will throw an error; however, if one of the files exists then the others, if missing, will be ignored. The following directories are used by a default install of Ansible. Other directories may be used by different modules:
以下的文件是website1.yml,它展示了一个playbook怎样应用common.apache,website1这些角色到设备清单中website1这个组。website1这个角色包括了很多其它、更具体的格式,能够让我们传递的參数到角色中去。
---
- name: Setup servers for website1.example.com
hosts: website1
roles:
- common
- apache
- { role: website1, port: 80 }
当处理common这个角色时,Ansible会载入main.yml作为任务包括,载入roles/common/handlers/main.yml这个文件作为handlers包括,载入roles/common/vars/main.yml作为变量包括;只是,当有些文件存在,有些文件不存在时,不存在的文件将被忽略。以下是Ansible的默认的安装文件夹,另一些其它模块经常使用的文件夹:
When using roles, the behavior of the copy, the template, and the script modules is slightly altered. Instead of searching for files by looking from the directory in which the playbook file is located, Ansible will look for the files in the location of the role. For example, if you are using a role named common , these modules will change to the following behavior: ? The copy module will look for files in roles/common/files . ? The template module will look for templates in roles/common/templates . ? The script module will look for files in roles/common/files . ? Other modules may decide to look for their data in other folders inside roles/common/ . The documentation for modules can be retrieved using ansible-doc , as was discussed in the Module help section of Chapter 1, Getting Started with Ansible.
当使用角色的时候,copy、template还有其它一些模块,他们的行为方式将发生改变。原本这些模块会在playbook文件所在的文件夹查找文件,如今他们会在角色所在的文件夹查找文件。比方:你在使用一个common的角色:
- copy模块会在roles/common/files .查找文件
- template莫开会在roles/common/templates查找文件
- 其它脚本模块会在roles/common/files .查找文件
- 另外一些模块可能会在roles/common/查找文件,模块的帮助命令是ansible-doc