Ansible Playbooks学习

Ansible的Playbooks是Ansible用于配置，部署应用的结构化语言。Ansible的模块就好比shell命令，那么playbooks就好比shell脚本，在脚本中指定怎么使用哪些命令再加上一些判断语句等等。

Playbooks使用YAML文件来表示执行步骤。

---
- hosts: webservers
  vars:
    http_port: 80
    max_clients: 200
  remote_user: root
  tasks:
  - name: ensure apache is at the latest version
    yum: name=httpd state=latest
  - name: write the apache config file
    template: src=/srv/httpd.j2 dest=/etc/httpd.conf
    notify:
    - restart apache
  - name: ensure apache is running (and enable it at boot)
    service: name=httpd state=started enabled=yes
  handlers:
    - name: restart apache
      service: name=httpd state=restarted

也可以写成这样：

---
- hosts: webservers
  vars:
    http_port: 80
    max_clients: 200
  remote_user: root
  tasks:
  - name: ensure apache is at the latest version
    yum:
      name: httpd
      state: latest
  - name: write the apache config file
    template:
      src=\‘#\‘" /srv/httpd.j2
      dest: /etc/httpd.conf
    notify:
    - restart apache
  - name: ensure apache is running
    service:
      name: httpd
      state: started
  handlers:
    - name: restart apache
      service:
        name: httpd
        state: restarted

Playbooks中也可以包含多个plays。

---
- hosts: webservers
  remote_user: root

  tasks:
  - name: ensure apache is at the latest version
    yum: name=httpd state=latest
  - name: write the apache config file
    template: src=/srv/httpd.j2 dest=/etc/httpd.conf
    
    
- hosts: databases
  remote_user: root

  tasks:
  - name: ensure postgresql is at the latest version
    yum: name=postgresql state=latest
  - name: ensure that postgresql is started
    service: name=postgresql state=running

hosts 行指定匹配的主机组或者主机，以逗号","分隔

remote_user 指定远程执行task步骤的用户

remote_user在Ansible1.4之前被叫做user

也可以为每个task单独指定远程执行用户

---
- hosts: webservers
  remote_user: root
  tasks:
    - name: test connection
      ping:
      remote_user: yourname

使用提权用户执行

---
- hosts: webservers
  remote_user: yourname
  become: yes

为单个task指定become

---
- hosts: webservers
  remote_user: yourname
  tasks:
    - service: name=nginx state=started
      become: yes
      become_method: sudo

以自身用户登录然后以root意外的用户执行

---
- hosts: webservers
  remote_user: yourname
  become: yes
  become_user: postgres

---
- hosts: webservers
  remote_user: yourname
  become: yes
  become_method: su

任务列表 Task lists

tasks:
  - name: make sure apache is running
    service: name=httpd state=running

每个play都包含了一系列tasks。command和shell模块可以只带几个参数，不必写成key=value的形式

tasks:
  - name: disable selinux
    command: /sbin/setenforce 0

每个需要执行的task都必须要有一个name用于表示执行步骤

command和shell模块关系返回码，如果有命令执行成功退出码不是0，可以这样：

tasks:
  - name: run this command and ignore the result
    shell: /usr/bin/somecommand || /bin/true

或者：

tasks:
  - name: run this command and ignore the result
    shell: /usr/bin/somecommand
    ignore_errors: True

如果执行行太长可以分行写：

tasks:
  - name: Copy ansible inventory file to client
    copy: src=/etc/ansible/hosts dest=/etc/ansible/hosts
            owner=root group=root mode=0644

执行可以使用变量。假设定义了一个vhost的变量：

tasks:
  - name: create a virtual host file for {{ vhost }}
    template: src=somefile.j2 dest=/etc/httpd/conf.d/{{ vhost }}

Handlers： Running Operations On Change

- name: template configuration file
  template: src=template.j2 dest=/etc/foo.conf
  notify:
     - restart memcached
     - restart apache

notify行列出的区域就叫做handlers

Handlers are lists of tasks,not really any different from regular tasks,that are refercenced by a globaly unique name.Handlers are what notifiers notify.

如果没有通知handler,notify区域将不会执行。

handlers:
    - name: restart memcached
      service: name=memcached state=restarted
    - name: restart apache
      service: name=apache state=restarted

Handlers最适用于重启服务和触发重启服务。

参考文档：

http://docs.ansible.com/ansible/playbooks.html

https://github.com/ansible/ansible-examples/blob/master/windows/deploy-site.yml

http://docs.ansible.com/ansible/intro_patterns.html