Mysql 内:select unix_timestamp(‘2016-10-20‘) <---> select from_unixtime(147662104)
转时间戳:date +%s <---> date -d @1476762104 ---- 小 Q
----------------------------------------------------------------------------------------------------
【简介】
基于Python,集合了众多运维工具(puppet、cfengine、chef、func、fabric)的优点,实现了批量系统配置、批量程序部署、批量运行命令等功能;ansible是基于模块工作的,本身没有批量部署的能力。真正具有批量部署的是ansible所运行的模块,ansible只是提供一种框架。
特性:
(1)、no agents:不需要在被管控主机上安装任何客户端;
(2)、no server:无服务器端,使用时直接运行命令即可;
(3)、modules in any languages:基于模块工作,可使用任意语言开发模块;
(4)、yaml,not code:使用yaml语言定制剧本playbook;
(5)、ssh by default:基于SSH工作;
(6)、strong multi-tier solution:可实现多级指挥。
优点:
(1)、轻量级,无需在客户端安装agent,更新时,只需在操作机上进行一次更新即可;
(2)、批量任务执行可以写成脚本,而且不用分发到远程就可以执行;
(3)、使用python编写,维护更简单,ruby语法过于复杂;
(4)、支持sudo。
(5)、提供UI,十台内免费 www.ansible.com/tower
开源UI:https://github.com/alaxli/ansible_ui 文档 http://download.csdn.net/detail/liyang23456/7741185
【安装配置】
(1)、服务端:centos 6.5
yum install -y epel-release
yum install -y ansible
(2)、因为ansible是基于sshd协议进行通信的,所以确保客户端与服务端已经配好了公私钥,并可直连。
生成秘钥:ssh-keygen -t rsa(一路回车即可,不需要设置秘钥密码)
拷贝公钥:server:/root/.ssh/id_rsa.pub >>> client:/root/.ssh/authorized_keys
更改权限:client:chmod 600 /root/.ssh/authorized_keys
设防火墙
(3)、ansible配置文件
vi /etc/ansible/hosts //增加
[client] #10.0.18.87 client.feng.com 10.0.18.33
说明: client为主机组名字,自定义的。 下面三个为两个组内的机器ip和一个dns解析过的域名。
【命令简例】
(1)、ansible命令模块及用法:
ansible host-pattern -m module -a command
[ host-pattern:类似于正则,匹配客户机和客户机组;module:可通过ansible-doc -l 查询 ]
(2)、命令模块:
ansible client -m command -a ‘w‘
(3)、拷贝模块:
ansible client -m copy -a "src=/etc/ansible dest=/tmp/ansibletest owner=root group=root mode=0644"
注意:源目录会放到目标目录下面去。
ansible testhost -m copy -a "src=/etc/passwd dest=/tmp/123"
注意:如果目标机器上已经有/tmp/123目录,则会再/tmp/123目录下面建立passwd文件
(4)、shell模块:
shell脚本:vim /tmp/echo.sh //加入内容
#!/bin/bash echo ‘I am shell‘ > /tengxun/monitor.txt
先分发:ansible client -m copy -a "src=/tmp/echo.sh dest=/tmp/echo.sh mod=0755"
后执行:ansible client -m shell -a "/tmp/echo.sh"
或直接调用script模块可远程执行脚本,原理是临时拷贝到客户端之后删除。(我执行脚本路径不一样)
用管道:ansible client -m shell -a "cat /etc/passwd|wc -l "
(5)、cron模块:
添加:ansible client -m cron -a "name=‘test cron‘ job=‘/bin/touch /tmp/1212.txt‘ weekday=6"
删除:关键加一个 state=absent
ansible client -m cron -a "name=‘test cron‘ job=‘/bin/touch /tmp/1212.txt‘ weekday=6 state=absent"
其他的时间表示:分钟 minute 小时 hour 日期 day 月份 month
(6)、yum 模块:
ansible client -m yum -a "name=httpd"
ansible client -m service -a "name=httpd state=started enabled=yes"
name:服务名称 enabled:开机自启
#附加:文档查看 ansible-doc -l #列出所有的模块 ansible-doc cron #查看指定模块的文档
【playbook】
简单说,就是把许多命令汇总成一个文件执行,把模块写到配置文件中(格式很严肃)
(1)、举例:cat /etc/ansible/test.yml
--- #严格注意格式, - 和 : 后都要有空格分隔 - hosts: client #主机或主机群组 remote_user: root #客户端执行命令的用户 tasks: - name: test_playbook #任务的名字 shell: touch /tengxun/test.txt #具体执行的任务
执行:ansible-playbook test.yml
举例:批量创建用户 vim /etc/ansible/create_user.yml
---
- name: create_user
hosts: client
user: root
gather_facts: false #参数指定再执行一下任务之前,是否先执行setup模块获取主机相关信息
vars: #参数指定变量,变量值要用引号大括号括住
- user: "test"
tasks:
- name: create user
user: name="{{ user }}" #user: name=“test”
ansible 10.0.18.33 -m setup 的输出就是 gather_facts 指定的。
(2)、循环执行with_items:
#vim /etc/ansible/while.yml
---
- hosts: client
user: root
tasks:
- name: change mod for file
file: path=/tengxun/{{ item }} mode=600 owner=root group=root
# shell: touch /tengxun/{{ item }} mode=600 owner=root group=root
with_items: ##重点:格式和单词
- 1.txt
- 2.txt
- 3.txt
执行:ansible-playbook while.yml
(3)、条件执行when:
#vim /etc/ansible/when.yml --- - hosts: client remote_user: root #==user: root gather_facts: True #上面介绍过 tasks: - name: use when shell: touch /tengxun/when.txt when: facter_ipaddress == "10.0.18.33" #有的系统不支持了 #when: ansible_system == "Linux"
执行:ansible-playbook when.yml
(4)、执行模块handlers:
##适合于配置文件变更后重启操作的handlers #vim /etc/ansible/handlers.yml --- - hosts: client remote_user: root tasks: - name: test copy copy: src=/tengxun/1.txt dest=/tengxun/handlers.txt notify: test handlers #调用了下面的handlers名字 handlers: - name: test handlers shell: echo "1212121212" >> /handlers/2.txt
注意:只有copy模块真正执行后,才会去调用下面的handlers操作。也就是说如果1.txt和2.txt内容是一样的,并不会去执行handlers里面的shell相关命令。 这种比较适合配置文件发生更改后,重启服务的操作。
【应用实例】
如果应用在线上,为了规定一些不成规定的规定,大家方便统一认知,建目录最好依照下面建法。
安装nginx 1.4.3
cd /shell/ansible/
mkdir nginx_install
mkdir -p nginx_install/roles/{common,delete,install}/{handlers,files,meta,tasks,templates,vars}
##说明:roles规则下有三个角色 common为一些准备操作(准备一些包) delete为删除nginx的操作 install为安装nginx的操作 ##角色下又有几个目录 handlers下面是当发生改变时要执行的操作,通常用在配置文件发生改变,重启服务; templates通常存一些配置文件,启动脚本等模板文件; meta为说明信息,说明角色依赖等信息; files为安装时用到的一些文 件; tasks里面是核心的配置文件; vars下为定义的变量。
vim nginx_install/roles/common/tasks/main.yml
- name: Install initializtion require software
yum: name={{ item }} state=installed
with_items:
- gcc
- zlib-devel
- pcre-devel
vim nginx_install/roles/install/vars/main.yml
nginx_user: www nginx_port: 80 nginx_web_dir: /data/www nginx_version: 1.4.3
ls nginx_install/roles/install/files/
nginx-1.4.3.tar.gz
ls nginx_install/roles/install/templates
index.html index.php install_nginx.sh nginx nginx.conf vhost.conf
注:file下准备好源码包
templates下准备好默认页、装nginx的shell脚本、启动脚本、配置文件、虚拟主机配置文件
vim nginx_install/roles/install/tasks/copy.yml
- name: Copy Nginx Software To Redhat Client
copy: src=nginx-{{ nginx_version }}.tar.gz dest=/tmp/nginx-{{ nginx_version }}.tar.gz owner=root group=root
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
- name: Uncompression Nginx Software To Redhat Client
shell: tar zxf /tmp/nginx-{{ nginx_version }}.tar.gz -C /usr/local/
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
- name: Copy Nginx Start Script To Redhat Client
template: src=nginx dest=/etc/init.d/nginx owner=root group=root mode=0755
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
- name: Copy Nginx Config To Redhat Client
template: src=nginx.conf dest=/usr/local/nginx-{{ nginx_version }}/conf/ owner=root group=root mode=0644
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
- name: Copy Nginx Vhost Config to RedHat Client
template: src=vhost.conf dest=/usr/local/nginx-{{ nginx_version }}/conf/vhost/ owner=root group=root mode=0644
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
注:文本内有判断语句,和具体详细执行语句
vim nginx_install/roles/install/tasks/install.yml
- name: Create Nginx User In Redhat Client
user: name={{ nginx_user }} state=present createhome=no shell=/sbin/nologin
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
- name: Create Nginx Dir
file: dest={{ nginx_web_dir }}/{{ item }} state=directory
with_items:
- vhost
- logs
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
- name: Modify Nginx Dir Permission In Redhat Client
file: path={{ item }} owner={{ nginx_user }} group={{ nginx_user }} mode=0755
with_items:
- "{{ nginx_web_dir }}"
- /usr/local/nginx-{{ nginx_version }}
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
- name: Create Index Html To Redhat Client
template: src=index.html dest={{ nginx_web_dir }}/vhost/index.html owner={{ nginx_user }} group={{ nginx_user }} mode=0644
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
- name: Install Check Script In Redhat Client
template: src=index.php dest={{ nginx_web_dir }}/vhost/ owner={{ nginx_user }} group={{ nginx_user }} mode=0644
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
- name: Start Nginx Service In Redhat Client
service: name=nginx state=restarted
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
- name: Add Boot Start Nginx Service In Redhat Client
shell: chkconfig --level 345 nginx on
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
vim ./install/tasks/delete.yml
- name: Delete Nginx compression Software In Redhat Client
shell: rm -rf /tmp/nginx-{{ nginx_version }}.tar.gz
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
vim nginx_install/roles/install/tasks/main.yml
- include: copy.yml - include: install.yml - include: delete.yml
vim nginx_install/roles/install.yml //总入口文件
--- - hosts: client remote_user: root gather_facts: True roles: - common - install
-----------------------------------------------------------------------------------------------------
以上是安装nginx所用到的模块和文件,下面就是删除nginx调用到的文件;
------------------------------------------------------------------------------------------------------
vim nginx_install/roles/delete/vars/main.yml
nginx_user: www nginx_port: 80 nginx_web_dir: /data/webroot/nginx nginx_version: 1.4.3
vim nginx_install/roles/delete/tasks/main.yml
- include: delete.yml
vim nginx_install/roles/delete/tasks/delete.yml
- name: stop nginx service
shell: ps -ef|grep nginx|grep -v grep|awk ‘{print $2}‘|xargs kill -9 >>/dev/null 2>&1
ignore_errors: yes
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
- name: Delete Nginx Boot Start Script
shell: chkconfig --del nginx
ignore_errors: yes
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
- name: Delete Nginx Dir
shell: rm -rf /usr/local/nginx-{{ nginx_version }}
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
- name: Delete Nginx User
shell: userdel {{ nginx_user }}
ignore_errors: yes
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
- name: Delete Nginx Service Start Script
shell: rm -rf /etc/init.d/nginx
when: ansible_os_family == "RedHat" and ansible_distribution_version|int >=6
vim nginx_install/roles/delete.yml
--- - hosts: client remote_user: root gather_facts: True roles: - delete
安装nginx: ansible-playbook install.yml
删除nginx: ansible-playbook delete.yml
结构树形图:
-----------------------------------------------------------------------------------------------------
实例库:git clone git://github.com/dl528888/ansible-examples.git
官方文档: http://docs.ansible.com/ansible/
YAML :http://www.mutouxiaogui.cn/blog/?p=357
playbook:http://www.aixchina.net/home/space.php?uid=59140&do=blog&id=136807