ansible安装
#安装ansible
[root@ansible ~]# yum install -y ansible
#配置主机清单
[root@ansible ~]# vim /etc/ansible/hosts
[wsl]
172.16.79.[151:152]
#更改配置文件,大部分时候不用改
[root@ansible ~]# vim /etc/ansible/ansible.cfg
#启动不检查key
host_key_checking = False
#使用ansible进行ping测试
[root@ansible ~]# ansible 172.16.79.151,172.16.79.152 -m ping -k
SSH password:
172.16.79.151 | SUCCESS => {
"changed": false,
"ping": "pong"
}
172.16.79.152 | SUCCESS => {
"changed": false,
"ping": "pong"
}
[root@ansible ~]# ansible wsl -m ping -k
SSH password:
172.16.79.152 | SUCCESS => {
"changed": false,
"ping": "pong"
}
172.16.79.151 | SUCCESS => {
"changed": false,
"ping": "pong"
}
#为其它机器安装密钥
[root@ansible ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:dRDYwAElhkL+dAPfGxkux1NPIy4OEQzKY4ryWMfLdAU root@ansible
The key's randomart image is:
+---[RSA 2048]----+
| .. o+E====.o |
| o...+.Bo=.= . |
| *.. * @ o o |
|.o = . B * . |
|+ . = . S |
|.+ + o |
|. . o |
| |
| |
+----[SHA256]-----+
[root@ansible ~]# cd .ssh/
[root@ansible .ssh]# ls
id_rsa id_rsa.pub known_hosts
[root@ansible .ssh]# ssh-copy-id 172.16.79.151
[root@ansible .ssh]# ssh-copy-id 172.16.79.151
#测试不通过 -k key的方式进行ansible ping测试
[root@ansible .ssh]# ansible all -m ping
172.16.79.151 | SUCCESS => {
"changed": false,
"ping": "pong"
}
172.16.79.152 | SUCCESS => {
"changed": false,
"ping": "pong"
}
#更改配置文件增加日志
[root@ansible .ssh]# vim /etc/ansible/ansible.cfg
log_path = /var/log/ansible.log
#主机禁ping
[root@ansible .ssh]# echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
#查看ansible命令模块
[root@ansible .ssh]# ll /usr/bin/ansible*
lrwxrwxrwx 1 root root 20 7月 26 17:35 /usr/bin/ansible -> /usr/bin/ansible-2.7
lrwxrwxrwx 1 root root 20 7月 26 17:35 /usr/bin/ansible-2 -> /usr/bin/ansible-2.7
-rwxr-xr-x 1 root root 4853 1月 30 04:15 /usr/bin/ansible-2.7
lrwxrwxrwx 1 root root 7 7月 26 17:35 /usr/bin/ansible-config -> ansible
-rwxr-xr-x 1 root root 13672 1月 30 04:15 /usr/bin/ansible-connection
lrwxrwxrwx 1 root root 28 7月 26 17:35 /usr/bin/ansible-console -> /usr/bin/ansible-console-2.7
lrwxrwxrwx 1 root root 28 7月 26 17:35 /usr/bin/ansible-console-2 -> /usr/bin/ansible-console-2.7
lrwxrwxrwx 1 root root 7 7月 26 17:35 /usr/bin/ansible-console-2.7 -> ansible
lrwxrwxrwx 1 root root 24 7月 26 17:35 /usr/bin/ansible-doc -> /usr/bin/ansible-doc-2.7
lrwxrwxrwx 1 root root 24 7月 26 17:35 /usr/bin/ansible-doc-2 -> /usr/bin/ansible-doc-2.7
lrwxrwxrwx 1 root root 7 7月 26 17:35 /usr/bin/ansible-doc-2.7 -> ansible
lrwxrwxrwx 1 root root 27 7月 26 17:35 /usr/bin/ansible-galaxy -> /usr/bin/ansible-galaxy-2.7
lrwxrwxrwx 1 root root 27 7月 26 17:35 /usr/bin/ansible-galaxy-2 -> /usr/bin/ansible-galaxy-2.7
lrwxrwxrwx 1 root root 7 7月 26 17:35 /usr/bin/ansible-galaxy-2.7 -> ansible
lrwxrwxrwx 1 root root 7 7月 26 17:35 /usr/bin/ansible-inventory -> ansible
lrwxrwxrwx 1 root root 29 7月 26 17:35 /usr/bin/ansible-playbook -> /usr/bin/ansible-playbook-2.7
lrwxrwxrwx 1 root root 29 7月 26 17:35 /usr/bin/ansible-playbook-2 -> /usr/bin/ansible-playbook-2.7
lrwxrwxrwx 1 root root 7 7月 26 17:35 /usr/bin/ansible-playbook-2.7 -> ansible
lrwxrwxrwx 1 root root 25 7月 26 17:35 /usr/bin/ansible-pull -> /usr/bin/ansible-pull-2.7
lrwxrwxrwx 1 root root 25 7月 26 17:35 /usr/bin/ansible-pull-2 -> /usr/bin/ansible-pull-2.7
lrwxrwxrwx 1 root root 7 7月 26 17:35 /usr/bin/ansible-pull-2.7 -> ansible
lrwxrwxrwx 1 root root 26 7月 26 17:35 /usr/bin/ansible-vault -> /usr/bin/ansible-vault-2.7
lrwxrwxrwx 1 root root 26 7月 26 17:35 /usr/bin/ansible-vault-2 -> /usr/bin/ansible-vault-2.7
lrwxrwxrwx 1 root root 7 7月 26 17:35 /usr/bin/ansible-vault-2.7 -> ansible
#ansible帮助命令
[root@ansible .ssh]# ansible-doc ping
#常用模式,默认用的是root方式,生产模式中请使用sudo的方式管理
[root@ansible .ssh]# ansible wsl -m command -a "ls /root"
172.16.79.151 | SUCCESS | rc=0 >>
anaconda-ks.cfg
172.16.79.152 | SUCCESS | rc=0 >>
anaconda-ks.cfg
#列出主机名
[root@wsl0 .ssh]# ansible wsl --list-hosts
hosts (3):
172.16.3.101
172.16.3.102
172.16.3.103
#先切换到目录再执行命令
[root@wsl0 .ssh]# ansible wsl -m command -a "chdir=/tmp ls"
#查看command命令
[root@wsl0 .ssh]# ansible-doc -s command
ansible运行机制
ansible将要执行的操作做成python脚本,然后分发到目标机器,更改文件权限后并执行,执行完成后删除脚本,并将结果输出返回给server端机器
ansible常用模块
#command模块(不能使用变量等)
[root@wsl0 .ssh]# ansible wsl -m command -a "chdir=/tmp ls"
#shell模块
[root@wsl0 ~]# ansible wsl -m shell -a 'ls /etc/sysconfig/network-scripts/ |grep ifcfg* '
[root@wsl0 ~]# ansible wsl -m shell -a 'echo $HOSTNAME'
172.16.3.103 | SUCCESS | rc=0 >>
wsl3
172.16.3.101 | SUCCESS | rc=0 >>
wsl1
172.16.3.102 | SUCCESS | rc=0 >>
wsl2
#script模块
[root@wsl0 ~]# ansible wsl -m script -a '/root/test.sh'
#copy模块(backup表示覆盖时候是否备份)
[root@wsl0 ~]# ansible wsl -m copy -a "src=/root/test.sh dest=/tmp/test.sh owner=root mode=755 backup=yes"
#fetch打包拉取文件
[root@wsl0 ~]# ansible wsl -m shell -a 'tar Jcf /var/log.tar.xz /var/log/*.log '
[root@wsl0 ~]# ansible wsl -m fetch -a 'src=/var/log.tar.xz dest=/tmp/'
#cron模块
[root@wsl0 ~]# ansible wsl -m cron -a "minute=*/5 job='/tmp/test.sh &>/dev/null' name=test"
[root@wsl1 tmp]# crontab -l
#Ansible: test
*/5 * * * * /tmp/test.sh &>/dev/null
[root@wsl0 ~]# ansible wsl -m cron -a "state=absent name=test"
#file模块
#file创建文件
[root@wsl0 ~]# ansible wsl -m file -a 'path=/root/test state=touch mode=600 owner=root'
#file删除文件
[root@wsl0 ~]# ansible wsl -m file -a 'path=/root/test state=absent'
#file软连接
[root@wsl0 ~]# ansible wsl -m file -a 'src=/tmp/test.sh dest=/root/test.sh state=link'
#yum模块
[root@wsl0 ~]# ansible wsl -m yum -a 'name=httpd,vsftpd state=latest'
[root@wsl0 ~]# ansible wsl -m yum -a 'name=vsftpd state=absent'
#service模块
[root@wsl0 ~]# ansible wsl -m service -a 'name=httpd state=started enabled=yes'
[root@wsl0 ~]# ansible wsl -m service -a 'name=httpd state=started enabled=no'
playbook
简单的案例
#编辑yml,缩进必须严格
[root@wsl0 ~]# vim install_httpd.yml
---
- hosts: wsl
remote_user: root
tasks:
- name: install package
yum: name=httpd state=present
- name: start service
service: name=httpd state=started enabled=yes
#检查语法
[root@wsl0 ~]# ansible-playbook -C install_httpd.yml
#执行
[root@wsl0 ~]# ansible-playbook install_httpd.yml
#检查执行情况
[root@wsl0 ~]# ansible wsl -m shell -a 'rpm -q httpd'
[WARNING]: Consider using yum, dnf or zypper module rather than running rpm
172.16.3.103 | SUCCESS | rc=0 >>
httpd-2.4.6-80.el7.centos.1.x86_64
172.16.3.101 | SUCCESS | rc=0 >>
httpd-2.4.6-80.el7.centos.1.x86_64
172.16.3.102 | SUCCESS | rc=0 >>
httpd-2.4.6-80.el7.centos.1.x86_64
#查看状态
[root@wsl0 ~]# ansible-playbook install_httpd.yml --list-hosts
playbook: install_httpd.yml
play #1 (wsl): wsl TAGS: []
pattern: [u'wsl']
hosts (3):
172.16.3.103
172.16.3.102
172.16.3.101
[root@wsl0 ~]# ansible-playbook install_httpd.yml --list-tasks
playbook: install_httpd.yml
play #1 (wsl): wsl TAGS: []
tasks:
stop httpd TAGS: []
install package TAGS: []
handlers和notify
ansible每次执行会检查是否发生了变化,只有发生了变化才会执行,只有执行的时候才会触发handlers和notify
[root@wsl0 ~]# vim /etc/httpd/conf/httpd.conf
#更改端口为8080
Listen 8080
[root@wsl0 ~]# vim install_httpd.yml
- hosts: wsl
remote_user: root
tasks:
- name: install package
yum: name=httpd state=present
- name: copy config file
copy: src=/etc/httpd/conf/httpd.conf dest=/etc/httpd/conf/ backup=yes
notify: restart httpd
- name: start httpd
service: name=httpd state=started enabled=yes
handlers:
- name: restart httpd
service: name=httpd state=restarted
[root@wsl0 ~]# ansible-playbook -C install_httpd.yml
tags
是任务标签化,可让其中某一项任务单独执行
tags标签不能加空格,一般为一个简单的单词
[root@wsl0 ~]# vim install_httpd.yml
- hosts: wsl
remote_user: root
tasks:
- name: install package
yum: name=httpd state=present
- name: copy config file
copy: src=/etc/httpd/conf/httpd.conf dest=/etc/httpd/conf/ backup=yes
notify: restart httpd
tags: copy_conf
- name: start httpd
service: name=httpd state=started enabled=yes
handlers:
- name: restart httpd
service: name=httpd state=restarted
#执行多个tags任务用逗号,隔开
[root@wsl0 ~]# ansible-playbook --tags copy_conf install_httpd.yml
setup和filter
查看机器信息并匹配
[root@wsl0 ~]# ansible wsl -m setup -a 'filter=*address*'
ansible变量
#编辑变量
[root@wsl0 ~]# vim install_httpd.yml
- hosts: wsl
remote_user: root
tasks:
- name: install package
yum: name={{ packege_name }} state=present
- name: copy config file
copy: src={{ copy_src }} dest={{ copy_dest }} backup=yes
notify: restart service
tags: copy_conf
- name: start service
service: name={{ packege_name }} state=started enabled=yes
handlers:
- name: restart service
service: name={{ packege_name }} state=restarted
#执行
[root@wsl0 ~]# ansible-playbook -C -e "packege_name=httpd copy_src=/etc/httpd/conf/httpd.conf copy_dest=/etc/httpd/conf/" install_httpd.yml
#内部变量
[root@wsl0 ~]# vim add_user_and_group.yml
---
- hosts: wsl
remote_user: root
vars:
- username: wsl
- groupname: wsl
tasks:
- name: create group
group: name={{ groupname }} state=present
- name: create user
user: name={{ username }} group={{ groupname }} home=/{{ username }}dir
#执行
[root@wsl0 ~]# ansible-playbook add_user_and_group.yml
#为每一个主机定义一个变量
[root@wsl0 ~]# vim /etc/ansible/
[wsl]
172.16.3.101 name=101
172.16.3.102 name=102
172.16.3.103 name=103
#为组定义一个公共变量
[root@wsl0 ~]# vim /etc/ansible/
[wsl:vars]
hname=web
mark=-
#专门定义一个变量文件
[root@wsl0 ~]# vim vars1.yml
packege_name: httpd
copy_src: /etc/httpd/conf/httpd.conf
copy_dest: /etc/httpd/conf/
[root@wsl0 ~]# vim install_httpd.yml
- hosts: wsl
remote_user: root
vars_files:
- /root/vars1.yml
tasks:
- name: install package
yum: name={{ packege_name }} state=present
- name: copy config file
copy: src={{ copy_src }} dest={{ copy_dest }} backup=yes
notify: restart service
tags: copy_conf
- name: start service
service: name={{ packege_name }} state=started enabled=yes
handlers:
- name: restart service
service: name={{ packege_name }} state=restarted
[root@wsl0 ~]# ansible-playbook -C install_httpd.yml
templetes模板修改
templetes可以同步文件,然后在同步的文件中加入变量或者做一些其它操作来符合其主机的一些特性
#通过setup获取一些机器自有的变量,当然这个变量也可以来自其他地方
[root@wsl0 ~]# ansible wsl -m setup -a 'filter="*hostname*"'
172.16.3.103 | SUCCESS => {
"ansible_facts": {
"ansible_hostname": "wsl3"
},
"changed": false
}
172.16.3.101 | SUCCESS => {
"ansible_facts": {
"ansible_hostname": "wsl1"
},
"changed": false
}
172.16.3.102 | SUCCESS => {
"ansible_facts": {
"ansible_hostname": "wsl2"
},
"changed": false
}
#编辑我们需要同步的文件
[root@wsl0 ~]# vim test1
#如果变量是数字还可以进行运算,如 {{ hostname*2 }}
{{ ansible_hostname }}
#编辑yml使用template进行同步
[root@wsl0 ~]# vim template.yml
---
- hosts: wsl
remote_user: root
tasks:
- name: template config
template: src=/root/test1 dest=/root/hostname
#执行并查看
[root@wsl0 ~]# ansible-playbook template.yml
[root@wsl0 ~]# ansible wsl -m shell -a 'cat /root/hostname'
172.16.3.103 | SUCCESS | rc=0 >>
wsl3
172.16.3.102 | SUCCESS | rc=0 >>
wsl2
172.16.3.101 | SUCCESS | rc=0 >>
wsl1
#使用when进行判断
[root@wsl0 ~]# vim template.yml
---
- hosts: wsl
remote_user: root
tasks:
- name: template config
template: src=/root/test1 dest=/root/test_when
when: ansible_hostname == "wsl1"
#执行并检查结果
[root@wsl0 ~]# ansible-playbook template.yml
PLAY [wsl] ***********************************************************************
TASK [Gathering Facts] ***********************************************************
ok: [172.16.3.103]
ok: [172.16.3.101]
ok: [172.16.3.102]
TASK [template config] ***********************************************************
skipping: [172.16.3.102]
skipping: [172.16.3.103]
changed: [172.16.3.101]
PLAY RECAP ***********************************************************************
172.16.3.101 : ok=2 changed=1 unreachable=0 failed=0
172.16.3.102 : ok=1 changed=0 unreachable=0 failed=0
172.16.3.103 : ok=1 changed=0 unreachable=0 failed=0
[root@wsl0 ~]# ansible wsl -m shell -a 'ls /root/test_when'
172.16.3.103 | FAILED | rc=2 >>
ls: 无法访问/root/test_when: 没有那个文件或目录non-zero return code
172.16.3.101 | SUCCESS | rc=0 >>
/root/test_when
172.16.3.102 | FAILED | rc=2 >>
ls: 无法访问/root/test_when: 没有那个文件或目录non-zero return code
#迭代:with_items用法
#创建yml文件使用with_items
[root@wsl0 ~]# vim with_items.yml
---
- hosts: wsl
remote_user: root
tasks:
- name: touch file
file: name={{ item }} state=touch mode=755 owner=root
with_items:
- /root/item1
- /root/item2
#执行并检查结果
[root@wsl0 ~]# ansible-playbook with_items.yml
PLAY [wsl] ***********************************************************************
TASK [Gathering Facts] ***********************************************************
ok: [172.16.3.103]
ok: [172.16.3.101]
ok: [172.16.3.102]
TASK [touch file] ****************************************************************
changed: [172.16.3.103] => (item=/root/item1)
changed: [172.16.3.101] => (item=/root/item1)
changed: [172.16.3.102] => (item=/root/item1)
changed: [172.16.3.103] => (item=/root/item2)
changed: [172.16.3.102] => (item=/root/item2)
changed: [172.16.3.101] => (item=/root/item2)
PLAY RECAP ***********************************************************************
172.16.3.101 : ok=2 changed=1 unreachable=0 failed=0
172.16.3.102 : ok=2 changed=1 unreachable=0 failed=0
172.16.3.103 : ok=2 changed=1 unreachable=0 failed=0
[root@wsl0 ~]# ansible wsl -m shell -a 'ls /root/item*'
172.16.3.103 | SUCCESS | rc=0 >>
/root/item1
/root/item2
172.16.3.101 | SUCCESS | rc=0 >>
/root/item1
/root/item2
172.16.3.102 | SUCCESS | rc=0 >>
/root/item1
/root/item2
#迭代嵌套
[root@wsl0 ~]# vim with_items.yml
---
- hosts: wsl
remote_user: root
tasks:
- name: touch file
file: name={{ item.name }} state=touch mode={{ item.mode }} owner=root
with_items:
- { name: '/root/item1', mode: 600}
- { name: '/root/item2', mode: 755}
#执行并检查
[root@wsl0 ~]# ansible-playbook with_items.yml
[root@wsl0 ~]# ansible wsl -m shell -a 'ls -lh /root/item*'
172.16.3.103 | SUCCESS | rc=0 >>
-rw------- 1 root root 0 8月 2 16:16 /root/item1
-rwxr-xr-x 1 root root 0 8月 2 16:16 /root/item2
172.16.3.101 | SUCCESS | rc=0 >>
-rw------- 1 root root 0 8月 2 16:16 /root/item1
-rwxr-xr-x 1 root root 0 8月 2 16:16 /root/item2
172.16.3.102 | SUCCESS | rc=0 >>
-rw-------. 1 root root 0 8月 2 16:16 /root/item1
-rwxr-xr-x. 1 root root 0 8月 2 16:16 /root/item2
#template的for循环
[root@wsl0 ~]# vim for1.conf.j2
{%for port in ports %}
server {
listen {{ port }};
}
{%endfor%}
[root@wsl0 ~]# vim for1.yml
- hosts: wsl
remote_user: root
vars:
ports:
- 81
- 82
- 83
tasks:
- name: test for1
template: src=/root/for1.conf.j2 dest=/tmp/for1.conf
[root@wsl0 ~]# ansible-playbook for1.yml
[root@wsl0 ~]# ansible wsl -m shell -a 'cat /tmp/for1.conf'
172.16.3.102 | SUCCESS | rc=0 >>
server {
listen 81;
}
server {
listen 82;
}
server {
listen 83;
}
172.16.3.103 | SUCCESS | rc=0 >>
server {
listen 81;
}
server {
listen 82;
}
server {
listen 83;
}
172.16.3.101 | SUCCESS | rc=0 >>
server {
listen 81;
}
server {
listen 82;
}
server {
listen 83;
}
#key value形式
[root@wsl0 ~]# vim for2.conf.j2
{%for port in ports %}
server {
listen {{ port.listen_port }};
}
{%endfor%}
[root@wsl0 ~]# vim for2.yml
- hosts: wsl
remote_user: root
vars:
ports:
- listen_port: 81
- listen_port: 82
- listen_port: 83
tasks:
- name: test for2
template: src=/root/for2.conf.j2 dest=/tmp/for2.conf
[root@wsl0 ~]# ansible-playbook for2.yml
[root@wsl0 ~]# vim for3.yml
- hosts: wsl
remote_user: root
vars:
vhost:
- web1:
port: 80
- listen_port: 82
- listen_port: 83
tasks:
- name: test for2
template: src=/root/for2.conf.j2 dest=/tmp/for2.conf
[root@wsl0 ~]# cat for3.conf.j2
{%for vhost in vhosts %}
server {
listen {{ vhost.port }};
servername {{ vhost.name }}
}
{%endfor%}
[root@wsl0 ~]# cat for3.yml
- hosts: wsl
remote_user: root
vars:
vhosts:
- web1:
port: 81
name: web1.com
- web2:
port: 82
name: web2.com
- web3:
port: 83
name: web3.com
tasks:
- name: test for3
template: src=/root/for3.conf.j2 dest=/tmp/for3.conf
#for - if
[root@wsl0 ~]# vim for4.conf.j2
{%for vhost in vhosts %}
server {
listen {{ vhost.port }};
{%if vhost.name is defined %}
servername {{ vhost.name }}
{%endif%}
}
{%endfor%}
[root@wsl0 ~]# vim for4.yml
- hosts: wsl
remote_user: root
vars:
vhosts:
- web1:
port: 81
# name: web1.com
- web2:
port: 82
name: web2.com
- web3:
port: 83
#name: web3.com
tasks:
- name: test for4
template: src=/root/for4.conf.j2 dest=/tmp/for4.conf
roles角色管理
#roles目录结构
#roles目录不是必须建立在ansible目录下的
roles/
projesct/
tasks/
files/
templates/
handlers/
vars/
#nginx-role.yml必须要跟roles同级目录执行
#每个角色下面的tasks必须有,每个tasks下面main.yml必须有
[root@wsl0 ~]# tree /etc/ansible/
/etc/ansible/
|-- ansible.cfg
|-- hosts
|-- nginx-role.retry
|-- nginx-role.yml
`-- roles
|-- memcached
`-- nginx
|-- tasks
| |-- groupadd.yml
| |-- install.yml
| |-- main.yml
| |-- start.yml
| `-- useradd.yml
`-- templates
#每个动作的脚本
[root@wsl0 tasks]# cat groupadd.yml
- name: add group
group: name=nginx
[root@wsl0 tasks]# cat useradd.yml
- name: create user
user: name=nginx group=nginx system=yes shell=/sbin/nologin
[root@wsl0 tasks]# cat install.yml
- name: install packge
yum: name=nginx state=latest
[root@wsl0 tasks]# cat start.yml
- name: start service
service: name=nginx state=started enabled=yes
#main.yml
[root@wsl0 tasks]# cat main.yml
- import_tasks: groupadd.yml
- import_tasks: useradd.yml
- import_tasks: install.yml
- import_tasks: start.yml
#调用nginx角色
[root@wsl0 ansible]# cat nginx-role.yml
- hosts: wsl
remote_user: root
roles:
- role: nginx
#调用其它角色的脚本
[root@wsl0 tasks]# cat start.yml
- name: start service
service: name=nginx state=started enabled=yes
#全路径添加就可以跨角色
- import_tasks: roles/nginx/tasks/useradd.yml
#roles的tags标签
[root@wsl0 ansible]# cat nginx-role.yml
- hosts: wsl
remote_user: root
roles:
- { role: nginx , tags:['nginx','web'] , when: ansible_distribution_major_version == "6"}
- { role: mysql , tags:['web'] }
#按照标签执行
[root@wsl0 ansible]# ansible-playbook -t web nginx-role.yml
#handlers在roles中的使用,以及vars在roles中的使用
[root@wsl0 nginx]# vim handlers/main.yml
- name: start nginx
service: name=nginx state=started enabled=yes
[root@wsl0 ansible]#cat roles/nginx/tasks/install.yml
- name: install packge
yum: name={{ packge_name }} state=latest
notify: start nginx
[root@wsl0 ansible]# cat roles/nginx/vars/main.yml
packge_name: nginx
#执行测试
[root@wsl0 ansible]# ansible-playbook -C nginx-role.yml
PLAY [wsl] ***********************************************************************
TASK [Gathering Facts] ***********************************************************
ok: [172.16.3.103]
ok: [172.16.3.101]
ok: [172.16.3.102]
TASK [nginx : add group] *********************************************************
ok: [172.16.3.103]
ok: [172.16.3.102]
ok: [172.16.3.101]
TASK [nginx : create user] *******************************************************
ok: [172.16.3.103]
ok: [172.16.3.102]
ok: [172.16.3.101]
TASK [nginx : install packge] ****************************************************
changed: [172.16.3.103]
changed: [172.16.3.102]
changed: [172.16.3.101]
RUNNING HANDLER [nginx : start nginx] ********************************************
changed: [172.16.3.103]
changed: [172.16.3.102]
changed: [172.16.3.101]
PLAY RECAP ***********************************************************************
172.16.3.101 : ok=5 changed=2 unreachable=0 failed=0
172.16.3.102 : ok=5 changed=2 unreachable=0 failed=0
172.16.3.103 : ok=5 changed=2 unreachable=0 failed=0
// 除号取整
