星期六, 10月 31, 2015

Ansible playbook小記

上一次寫完 Ansible 簡單的指令測試
今天來介紹 playbook

playbook  簡單來說就是
  • 把要執行的 ansible 指令還有可能遠端主機會使用到的檔案都集中到一個目錄內.
  • 以YAML 語法來寫
  • ansible-playbook 指令執行
  • playbook 裡面會有不同的 play ( 可以把看成要執行的script )
    • 每個 play 必須有
      • 要執行的 host ( 對應我們設定的 hosts 或是 inventory 檔案 )
      • task ( 執行那些工作)

以下是看書上,自己的整理筆記

playbook
  • A script is called a playbook.
  • A playbook describes which hosts( what Ansible calls remote servers ) to configure, and an ordered list of tasks to perform on those hosts.
    • Ansible runs each task in parallel across all hosts.
    • Ansible waits until all hosts have completed a task before moving to the next task.
    • Ansible runs the tasks in the order that you specify them.
  • 使用 ansible-playbook 指令來執行
    • # 例如 ansible-playbook  web-notls.yml
    • 如果檔案本身可以被執行
    • 也可以在檔案第一行加上
    • #!/usr/bin/env  ansible-playbook
    • 來直接執行
  • Ansible playbooks written in YAML syntax.
    • YAML
    • Yet Another Markup Language
      • Start of File
        • 以 3 個 --- 開始
        • 不加上去也可以
      • 註解
        • 以 # 來進行單行註解
        • #就是註解開始
      • Strings
        • 不一定要加上引號
        • 可是有的時候為了易讀性, 可以使用 單引號或是雙引號
      • Booleans
        • 使用 True 或是 Yes 都可以視為真
        • 但是還是用 True 不會混亂
      • Lists
They are delimited with hyphens, like this:
- My Fair Lady
- Oklahoma
- The pirates of Penzance
# inline 格式list
[My Fair Lady, Oklahoma, The Pirates of Penzance]
      • Dictionaries
They look like this:
address: 742 Evergreen Terrace
city: Springfield
state: North Takoma
# inline  格式
{address: 742 Evergreen Terrace, city: Springfield, state: North Takoma}
      • Line Folding
# 使用 > 符號來進行 單行摺疊, 有點類似 shell script 放在行尾的 \
# 目的在於讓一個很長的單行, 有效率地被呈現
address: >
     Department of Computer Science,
     A.V. Williams Building,
     University of Maryland
city: College Park
state: Maryland
# address 那邊就可以看成一行
  • A playbook is a list of plays
    • Plays
      • Every play must contain:
        • * A set of hosts to configure
        • * A list of tasks to be executed on those hosts
      • Three common optional settings are
        • name
          • A comment that describes what the play is about.
          • Ansible will print this out when the play starts to run.
        • sudo
          • If true, Ansible will run every task by sudo.
        • vars
          • A list of variables and values.
          • 在 play 內用  {{  }} 來使用 variables
      • Other optional settings are
        • Handlers
A handler is similar to a task, but it runs only if it has been notified by a task.
A task will fire the notification if Ansible recognizes that the task has changed the state of the system.
# 當 task 改變系統狀態時, 會進行 notify 的動作
tasks:
 - name: copy TLS key
    copy: src=files/nginx.key dest={{ key_file }} owner=root mode=0600
    notify: restart nginx
# handlers 可能有很多個, notify 會去比對 handlers 的名稱, 如果符合就進行該模組
handlers:
- name: restart nginx
  service: name=nginx state=restarted
# 也就是說, 只有真的系統產生改變的時候, 例如 TLS key 被換掉, 才會重新啟動 nginx
          • Handlers only run after all of the tasks are run, and the only run once, even they are notified multiple times.
          • # Handlers 在所有tasks執行完才執行, 不管被呼叫多少次, 都只執行一次.
      • hosts
        • default: /etc/ansible/hosts
      • Tasks

沒有留言: