jinja2的基本概述
jinja2模板与ansible的关系
Ansible使用jinja2模板
jinja2 模板
Ansible Roles角色

一、jinja2的基本概述

jinja2是Python的全功能模板引擎

二、jinja2模板与ansible的关系

Ansible通常会使用jinja2模板来修改被管理主机的配置文件。

三、Ansible使用jinja2模板

• 使用template模块来拷贝文件

template与copy的关系
区别：
template会解析配置文件中的变量
copy 不会解析任何的变量,只会拷贝文件
关系：
Ansible允许jinja2模板中使用判断 循环，但是jinja判断循环语法不允许在playbook中使用。

四、jinja2 模板

基本语法
1）要想在配置文件中使用jinj2，playbook中的tasks 必须使用template模块
2）模板配置文件里面使用变量，比如 {{ PORT }} 或使用 {{ facts 变量 }}
逻辑关系
{% for i in EXPR %}...{% endfor%} 作为循环表达式
{% if EXPR %}...{% elif EXPR %}...{% endif%} 作为条件判断
{# COMMENT #} 表示注释

{% for i in range(1,10)%}
        server 172.16.1.{{i}};
{% endfor %}
#判断
{% if ansible_fqdn == "web01" %}
        echo 123
{% elif ansible_fqdn == "web02" %}
        echo 456
{% else %}
        echo 789
{% endif %}

nginxproxy配置文件

[root@manager jinja2]# cat j_nginx.yml 
- hosts: lbservers
  tasks:
        #安装nginx
    - name: Installed nginx Server
      yum: 
        name: nginx
        state: present
        #配置nginx vhosts
    - name: Configure nginx Server
      template:
        src: ./file/proxy_kod.oldxu.com.conf.j2
        dest: /etc/nginx/conf.d/proxy_kod.oldxu.com.conf
      notify: Restart Nginx Server
        #启动Nginx
    - name: Systemd Nginx Server
      systemd:
        name: nginx
        state: started
        enabled: yes
  handlers:
    - name: Restart Nginx Server
      systemd: 
        name: nginx
        state: restarted        
# nginx组变量   
[root@manager jinja2]# cat group_vars/all 
kod_http_port: 80
kod_server_name: kod.oldxu.com
kod_web_site: /code/kod
#nginx proxy配置文件渲染
[root@manager jinja2]# cat file/proxy_kod.oldxu.com.conf.j2 
upstream {{ kod_server_name }} {
    {% for host in groups['webservers'] %}
    server {{host}}:{{kod_http_port}};
    {% endfor %}
}

server {
    listen {{ kod_http_port }};
    server_name  {{ kod_server_name }};

    location / {
        proxy_pass http://{{ kod_server_name }};
        proxy_set_header Host $http_hosts;
    }
}
[root@manager jinja2]# cat ../hosts
[webservers]
172.16.1.7
172.16.1.8

keepalived配置文件

[root@manager jinja2]# cat j_keepalived.yml 
- hosts: lbservers
  tasks:
    - name: Installed Keepalived Server
      yum:
        name: keepalived
        state: present
    - name: Configure Keepalived Master
      copy:
        src: ./file/keepalived-master.conf.j2
        dest: /etc/keepalived/keepalived.conf
      when: ( ansible_hostname == "lb01" )
      notify: Restart Keepalived Server
    - name: Configure Keepalived Backup
      copy:
        src: ./file/keepalived-backup.conf.j2
        dest: /etc/keepalived/keepalived.conf
      when: ( ansible_hostname == "lb02" )
      notify: Restart Keepalived Server
    - name: Systemd Keepalived Server
      systemd:
        name: keepalived
        state: started
        enabled: yes
  handlers:
    - name: Restart Keepalived Server
      systemd:
        name: keepalived
        state: restarted

设定host_vars变量

#1.准备一份keepalived配置文件
#2.需要在keepalived配置文件中使用变量方式  ---> jinja

[root@manager jinja2]# cat ./file/keepalived-vars.conf.j2 
global_defs {     
    router_id {{ ansible_hostname }}
}
vrrp_instance VI_1 {
    state  {{ state }}
    priority {{ priority }}

    interface eth0
    virtual_router_id 50
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
}
    virtual_ipaddress {
        10.0.0.3
    }
}

[root@manager jinja2]# cat host_vars/172.16.1.5
state: MASTER
priority: 200

[root@manager jinja2]# cat host_vars/172.16.1.6
state: BACKUP
priority: 99

[root@manager jinja2]# cat var_keepalived.yml 
- hosts: lbservers
  tasks:
    - name: Installed Keepalived Server
      yum:
        name: keepalived
        state: present
    - name: Configure Keepalived Master
      template:
        src: ./file/keepalived-vars.conf.j2
        dest: /etc/keepalived/keepalived.conf
      notify: Restart Keepalived Server
    - name: Systemd Keepalived Server
      systemd:
        name: keepalived
        state: started
        enabled: yes
  handlers:
    - name: Restart Keepalived Server
      systemd:
        name: keepalived
        state: restarted

jinja2判断方式

[root@manager jinja2]# cat jinja_keepalived.yml 
- hosts: lbservers
  tasks:
    - name: Installed Keepalived Server
      yum:
        name: keepalived
        state: present
    - name: Configure Keepalived Master
      template:
        src: ./file/keepalived.conf.j2
        dest: /etc/keepalived/keepalived.conf
      notify: Restart Keepalived Server
    - name: Systemd Keepalived Server
      systemd:
        name: keepalived
        state: started
        enabled: yes
  handlers:
    - name: Restart Keepalived Server
      systemd:
        name: keepalived
        state: restarted

[root@manager jinja2]# cat file/keepalived.conf.j2 
global_defs {     
    router_id {{ ansible_hostname }}
}
vrrp_instance VI_1 {
{% if ansible_hostname == "lb01" %}
    state  MASTER
    priority 150
{% elif ansible_hostname == "lb02" %}
    state  BACKUP
    priority 100
{% endif %}
    interface eth0
    virtual_router_id 50
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
}
    virtual_ipaddress {
        10.0.0.3
    }
}

五、Ansible Roles角色

Roles小技巧:
1.创建roles目录结构，手动或使用ansible-galaxy init test roles
2.编写roles的功能，也就是tasks。 nginx rsyncd memcached
3.最后playbook引用roles编写好的tasks

使用roles编写nginx playbook
mkdir /root/roles/nginx/{tasks,templates,handlers}
##tasks
[root@manager ~]# cat /root/roles/nginx/tasks/main.yml 
- name: Install Nginx Server
  yum:
    name: nginx
    state: present
- name: Configure Nginx Server
  template:
    src: nginx.conf.j2
    dest: /etc/nginx/nginx.conf
  notify: Restart Nginx Server
- name: Systemd Nginx Server
  systemd:
    name: nginx
    state: started
    enabled: yes
##template
[root@manager roles]# cat /root/roles/nginx/templates/nginx.conf.j2 
user www;
worker_processes  {{ ansible_processor_vcpus }};
error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;
events {
    worker_connections  {{ ansible_processor_vcpus * 1024 }};
}
http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log /var/log/nginx/access.log main;
    sendfile        on;
    #tcp_nopush     on;
    keepalive_timeout  65;
    #gzip  on;
    include /etc/nginx/conf.d/*.conf;
}
###handlers
[root@manager ~]# cat /root/roles/nginx/handlers/main.yml 
- name: Restart Nginx Server
  systemd:
    name: nginx
    state: restarted   
#调用playbook
[root@manager roles]# cat /root/roles/site.yml 
- hosts: webservers
  roles:
    - nginx

案例二 memcached roles

#安装
#配置
#启动
#1.创建roles的目录结构
[root@manager roles]# mkdir memcached/{tasks,templates,handlers} -p
#2.编写对应的tasks  (1.安装  2配置(templates)  3.启动  4.重启(handlers) )
[root@manager roles]# cat memcached/tasks/main.yml 
- name: Installed Memecached Server
  yum:
    name: memcached
    state: present
- name: Configure Memcached Server
  template:
    src: memcached.j2
    dest: /etc/sysconfig/memcached
  notify: Restart Memcached Server
- name: System Memcached Server
  systemd:
    name: memcached
    state: started
    enabled: yes
[root@manager roles]# cat memcached/templates/memcached.j2 
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="{{ ansible_memtotal_mb //2 }}"
OPTIONS=""
[root@manager roles]# cat memcached/handlers/main.yml 
- name: Restart Memcached Server
  systemd:
    name: memcached
    state: restarted
#3.playbook调用roles
[root@manager roles]# cat site.yml 
- hosts: webservers
  roles:
    - { role: nginx, tags: web }
    - { role: memcached, tags: cache }