Jenkins + Ansible + Gitlab之ansible篇-白红宇

Jenkins + Ansible + Gitlab之ansible篇

阅读量：6591 次

发布时间：2019-06-24

本文共 13587 字，大约阅读时间需要 45 分钟。

Ansible介绍

什么是Ansible？

Ansible是一个开源部署工具

开发语言：Python

特点：SSH协议通信，全平台，无需要编译，模块化部署管理

作用：推送Playbook进行远程节点快速部署

Ansible

Python语言编写，无Client，模块化配置管理

Playbook脚本编写规范，易于上手，适合中小规模快速部署

Ansible的优势和应用场景

轻量级无客户端

开源免费，学习成本低，快速上手

使用Playbook作为核心配置架构，统一的脚本格式批量化部署

完善的模块化扩展，支持目前主流的开发场景

强大的稳定性和兼容性

Ansible配合virtualenv安装配置

Ansible的两种安装模式(Centos7)

1.Yum包管理安装

yum -y install ansible

2.Git源代码安装【推荐】

git clone https://github.com/ansible/ansible.git

Ansible 2.5 + Python3.6 安装步骤【Centos7】

1.预先安装Python3.6版本

2.安装virtualenv

pip install virtualenv

3.创建Ansible账户并安装python3.6版本virtualenv实例

useradd deploy && su - deploy

virtualenv -p /usr/local/bin/python3.6 .py3-a2.5-env

4. Git源代码安装ansible2.5

cd /home/deploy/.py3-a2.5-env

git clone https://github.com/ansible/ansible.git

cd ansible && git checkout stable-2.5

5. 加载python3.6 virtualenv 环境

source /home/deploy/.py3-a2.5-env/bin/activate

6.安装ansible依赖包

pip install paramiko PyYAML jinja2

7.在python3.6虚拟环境下加载ansible2.5

source /hone/deploy/.py3-a2.5-env/ansible/hacking/env-setup -q

8.验证ansible2.5

ansible --version

演示

前提工作

安装Python3.6和Virtualenv

[root@ansible ~]# wget https://www.python.org/ftp/python/3.6.5/Python-3.6.5.tar.xz[root@ansible ~]# tar xf Python-3.6.5.tar.xz [root@ansible ~]# cd Python-3.6.5/[root@ansible Python-3.6.5]# yum install -y gcc[root@ansible Python-3.6.5]# ./configure --prefix=/usr/local/ --with-ensurepip=install --enable-shared LDFLAGS="-Wl,-rpath /usr/local/lib"[root@ansible Python-3.6.5]# make && make install[root@ansible local]# which pip3.6/usr/local/bin/pip3.6[root@ansible local]# ln -s /usr/local/bin/pip3.6 /usr/local/bin/pip[root@ansible local]# pip install virtualenv

创建ansible系统账户并在该系统账户下安装python3.6版本的Virtualenv实例　　

[root@ansible local]# useradd deploy[root@ansible local]# su - deploy[deploy@ansible ~]$ virtualenv -p /usr/local/bin/python3.6 .py3-a2.5-env

安装git

[root@ansible local]# cd /home/deploy/.py3-a2.5-env/如果没有Git就yum安装一个[root@ansible .py3-a2.5-env]# yum install -y git

克隆ansible

[root@ansible local]# su - deploy

[root@localhost Python-3.6.5]$ git clone https://github.com/ansible/ansible.git

加载vintualenv环境　　

[deploy@ansible ~]$ source /home/deploy/.py3-a2.5-env/bin/activate(.py3-a2.5-env) [deploy@ansible ~]$

完成

(.py3-a2.5-env) [deploy@ansible ~]$ pip install paramiko pyYAML jinja2(.py3-a2.5-env) [deploy@ansible ~]$ mv ansible/ .py3-a2.5-env/ (.py3-a2.5-env) [deploy@ansible ~]$ cd .py3-a2.5-env/ansible/(.py3-a2.5-env) [deploy@ansible ansible]$ git checkout stable-2.5分支 stable-2.5 设置为跟踪来自 origin 的远程分支 stable-2.5。切换到一个新分支 'stable-2.5'(.py3-a2.5-env) [deploy@ansible ansible]$ source  /home/deploy/.py3-a2.5-env/ansible/hacking/env-setup -q (.py3-a2.5-env) [deploy@ansible ansible]$ ansible --version

Ansible playbooks入门和编写规范

Playbooks框架与格式

Test Playbooks

详细目录testenv

主任务文件main.yml

任务入口文件deploy.yml

Playbooks编写规范

演示

前提步骤

[root@localhost ~]# su - deploy上一次登录：三 4月 10 15:24:28 CST 2019pts/0 上[deploy@ansible ~]$ source .py3-a2.5-env/bin/activate(.py3-a2.5-env) [deploy@ansible ~]$ source .py3-a2.5-env/ansible/hacking/env-setup -q(.py3-a2.5-env) [deploy@ansible ~]$ ansible --versionansible 2.5.15 (stable-2.5 5b3fd67381) last updated 2019/04/10 15:31:37 (GMT +800)

写剧本

(.py3-a2.5-env) [deploy@ansible ~]$ ansible-playbook --version

说明在python3.6.5虚拟环境下加载了ansible2.5版本

(.py3-a2.5-env) [deploy@ansible ~]$ mkdir test_playbooks(.py3-a2.5-env) [deploy@ansible ~]$ cd test_playbooks(.py3-a2.5-env) [deploy@ansible test_playbooks]$ mkdir inventory(.py3-a2.5-env) [deploy@ansible test_playbooks]$ mkdir roles(.py3-a2.5-env) [deploy@ansible test_playbooks]$ cd inventory/(.py3-a2.5-env) [deploy@ansible inventory]$ cat testenv [testservers]192.168.122.135[testservers:vars]server_name=192.168.122.135user=rootoutput=/root/test.txt(.py3-a2.5-env) [deploy@ansible inventory]$ cd ..(.py3-a2.5-env) [deploy@ansible test_playbooks]$ cd roles/(.py3-a2.5-env) [deploy@ansible roles]$ mkdir testbox(.py3-a2.5-env) [deploy@ansible roles]$ cd testbox/(.py3-a2.5-env) [deploy@ansible testbox]$ mkdir tasks(.py3-a2.5-env) [deploy@ansible testbox]$ cd tasks/(.py3-a2.5-env) [deploy@ansible tasks]$ vim main.yml(.py3-a2.5-env) [deploy@ansible tasks]$ cat main.yml - name: Print server name and user to remote testbox  shell: "echo 'Cueerntly {
   {user}} is logining {
   {server_name}}' > {
   {output}}"(.py3-a2.5-env) [deploy@ansible tasks]$ pwd/home/deploy/test_playbooks/roles/testbox/tasks(.py3-a2.5-env) [deploy@ansible tasks]$ cd ../../..(.py3-a2.5-env) [deploy@ansible test_playbooks]$ pwd/home/deploy/test_playbooks#创建入口文件(.py3-a2.5-env) [deploy@ansible test_playbooks]$ lsinventory  roles(.py3-a2.5-env) [deploy@ansible test_playbooks]$ vim deploy.yml(.py3-a2.5-env) [deploy@ansible test_playbooks]$ cat deploy.yml- hosts: "testservers"  gather_facts: true  remote_user: root  roles:    - testbox查看一下(.py3-a2.5-env) [deploy@ansible test_playbooks]$ tree ..├── deploy.yml├── inventory│   └── testenv└── roles    └── testbox        └── tasks            └── main.yml4 directories, 3 files

配置秘钥认证

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ssh-keygen -t rsa(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ssh-copy-id -i /home/deploy/.ssh/id_rsa.pub root@192.168.122.135#测试是否不需要密码登陆(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ssh root@192.168.122.135

执行

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ansible-playbook -i inventory/testenv ./deploy.yml PLAY [testservers] ******************************************************************************************************************TASK [Gathering Facts] **************************************************************************************************************ok: [192.168.122.135]TASK [testbox : Print server name and user to remote testbox] ***********************************************************************changed: [192.168.122.135]PLAY RECAP **************************************************************************************************************************192.168.122.135            : ok=2    changed=1    unreachable=0    failed=0

　　验证是否成功

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ssh root@192.168.122.135Last login: Wed Apr 10 16:34:50 2019 from 192.168.122.1[root@node01 ~]# lsanaconda-ks.cfg  test.txt[root@node01 ~]# cat test.txt Cueerntly root is logining 192.168.122.135

Ansible Playbboks常用模块

Ansible Playbook 常用模块介绍

File模块

在目标主机创建文件或目录，并赋予其系统权限

Copy模块

实现Ansible服务器到目标主机的文件传送

remote_src=no不要目标主机上搜索文件，如果是yes则允许在目标主机上搜索文件

Stat模块

获取远程文件状态信息

Debug模块

打印语句到Ansible执行输出

如果存在打印foo.sh exists 不存在则不打印

Command/Shell模块

用来执行Linux目录主机命令行

shell模块支持重定向管道符

Template模块

实现Ansible服务端到目标主机的jinja2模块传送

Packaging模块

调用目标主机系统包管理工具(yum , apt)进行安装

Service模块

管理目标主机系统服务

Ansible Playbooks常用模块应用

演示

目标主机预配置工作

[root@localhost ~]# su - deploy[deploy@ansible ~]$ source .py3-a2.5-env/bin/activate(.py3-a2.5-env) [deploy@ansible ~]$ (.py3-a2.5-env) [deploy@ansible ~]$ ps -ef | grep ansible | awk '{print $2}'77171(.py3-a2.5-env) [deploy@ansible ~]$ source .py3-a2.5-env/ansible/hacking/env-setup -q(.py3-a2.5-env) [deploy@ansible ~]$ ansible-playbook --version预配置(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ssh root@192.168.122.135[root@node01 ~]# useradd foo[root@node01 ~]# useradd deploy[root@node01 ~]# mkdir /etc/nginx[root@node01 ~]# wget http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm[root@node01 ~]# rpm -ivh nginx-release-centos-7-0.el7.ngx.noarch.rpm

在上一个的test_palybook上进行更改

#file模块

1、改写剧本

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ cat roles/testbox/tasks/main.yml - name: Print server name and user to remote testbox  shell: "echo 'Cueerntly {
   {user}} is logining {
   {server_name}}' > {
   {output}}"- name: create a file  file: 'path=/root/foo.txt state=touch mode=0755 owner=foo group=foo'

2、执行

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ansible-playbook -i inventory/testenv ./deploy.yml

#copy模块

1、准备及写剧本

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ mkdir roles/testbox/tasks/files(.py3-a2.5-env) [deploy@ansible test_playbooks]$ cat roles/testbox/tasks/files/foo.shecho "this is a test scripts"(.py3-a2.5-env) [deploy@ansible test_playbooks]$ cat roles/testbox/tasks/main.yml - name: Print server name and user to remote testbox  shell: "echo 'Cueerntly {
   {user}} is logining {
   {server_name}}' > {
   {output}}"- name: create a file  file: 'path=/root/foo.txt state=touch mode=0755 owner=foo group=foo'- name: copya file  copy: 'remote_src=no src=roles/testbox/tasks/files/foo.sh dest=/root/foo.sh mode=0644 force=yes'

2、运行

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ansible-playbook -i inventory/testenv ./deploy.yml

#Stat&debu&command

1、编写剧本

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ cat roles/testbox/tasks/main.yml- name: Print server name and user to remote testbox  shell: "echo 'Cueerntly {
   {user}} is logining {
   {server_name}}' > {
   {output}}"- name: create a file  file: 'path=/root/foo.txt state=touch mode=0755 owner=foo group=foo'- name: copya file  copy: 'remote_src=no src=roles/testbox/tasks/files/foo.sh dest=/root/foo.sh mode=0644 force=yes'- name: check if foo.sh exits  stat: 'path=/root/foo.sh'  register: script_stat- debug: msg="foo.sh exists"  when: script_stat.stat.exists- name: run the scripts  command: 'sh /root/foo.sh'

2、运行

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ansible-playbook -i inventory/testenv ./deploy.yml

#Template模块

1、

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ cat inventory/testenv[testservers]192.168.122.135[testservers:vars]server_name=192.168.122.135user=rootoutput=/root/test.txtserver_name=192.168.122.135port=80user=deployworker_processes=1max_open_file=65505root=/www

2、　

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ mkdir roles/testbox/Templates(.py3-a2.5-env) [deploy@ansible test_playbooks]$ cat  roles/testbox/Templates/nginx.conf.j2#user  {
   { user }};worker_processes  {
   { worker_processes }};#error_log  logs/error.log;#error_log  logs/error.log  notice;#error_log  logs/error.log  info;#pid        logs/nginx.pid;events {    worker_connections  1024;}http {    include       mime.types;    default_type  application/octet-stream;    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '    #                  '$status $body_bytes_sent "$http_referer" '    #                  '"$http_user_agent" "$http_x_forwarded_for"';    #access_log  logs/access.log  main;    sendfile        on;    #tcp_nopush     on;    #keepalive_timeout  0;    keepalive_timeout  65;    #gzip  on;    server {        listen       {
   { port }};        server_name  {
   { server_name }};        #charset koi8-r;        #access_log  logs/host.access.log  main;        location / {            root   {
   { root }};            index  index.html index.htm;        }        #error_page  404              /404.html;        # redirect server error pages to the static page /50x.html        #        error_page   500 502 503 504  /50x.html;        location = /50x.html {            root   html;        }        # proxy the PHP scripts to Apache listening on 127.0.0.1:80        #        #location ~ \.php$ {        #    proxy_pass   http://127.0.0.1;        #}        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000        #        #location ~ \.php$ {        #    root           html;        #    fastcgi_pass   127.0.0.1:9000;        #    fastcgi_index  index.php;        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;        #    include        fastcgi_params;        #}        # deny access to .htaccess files, if Apache's document root        # concurs with nginx's one        #        #location ~ /\.ht {        #    deny  all;        #}    }    # another virtual host using mix of IP-, name-, and port-based configuration    #    #server {    #    listen       8000;    #    listen       somename:8080;    #    server_name  somename  alias  another.alias;    #    location / {    #        root   html;    #        index  index.html index.htm;    #    }    #}    # HTTPS server    #    #server {    #    listen       443 ssl;    #    server_name  localhost;    #    ssl_certificate      cert.pem;    #    ssl_certificate_key  cert.key;    #    ssl_session_cache    shared:SSL:1m;    #    ssl_session_timeout  5m;    #    ssl_ciphers  HIGH:!aNULL:!MD5;    #    ssl_prefer_server_ciphers  on;    #    location / {    #        root   html;    #        index  index.html index.htm;    #    }    #}}

3、

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ cat roles/testbox/tasks/main.yml- name: Print server name and user to remote testbox  shell: "echo 'Cueerntly {
   {user}} is logining {
   {server_name}}' > {
   {output}}"- name: create a file  file: 'path=/root/foo.txt state=touch mode=0755 owner=foo group=foo'- name: copya file  copy: 'remote_src=no src=roles/testbox/tasks/files/foo.sh dest=/root/foo.sh mode=0644 force=yes'- name: check if foo.sh exits  stat: 'path=/root/foo.sh'  register: script_stat- debug: msg="foo.sh exists"  when: script_stat.stat.exists- name: run the scripts  command: 'sh /root/foo.sh'- name: write the nginx config file  template: src=roles/testbox/Templates/nginx.conf.j2 dest=/etc/nginx/nginx.conf- name: ensure nginx is at the latest version  yum: pkg=nginx state=latest- name: start nginx service  service: name=nginx state=started

4、

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ansible-playbook -i inventory/testenv ./deploy.yml

5、

[root@node01 yum.repos.d]# mkdir /www[root@node01 www]# touch a.txt[root@node01 www]# cat a.txtaaa

6、

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ curl 192.168.122.135/a.txtaaa

转载于:https://www.cnblogs.com/charon2/p/10683752.html

你可能感兴趣的文章

Git查看、删除、重命名远程分支和tag【转】

查看>>

浅谈IM软件业务知识——非对称加密，RSA算法，数字签名，公钥，私钥

查看>>

Oracle中REGEXP_SUBSTR及其它支持正则表达式的内置函数小结

【php】利用php的构造函数与析构函数编写Mysql数据库查询类（转）

查看>>

导出DLLRegisterServer接口遇到的问题

[转载]SpringMVC的Model参数绑定方式

查看>>

Linux socket多进程服务器框架三

第一百三十四节，JavaScript，封装库--遮罩锁屏

如何在Root的手机上开启ViewServer，使得HierachyViewer能够连接

查看>>

RDIFramework.NET ━ .NET快速信息化系统开发框架 V3.2-新增锁定用户与解除锁定用户的功能...