【Linux32-9】ansible角色管理roles

---

---

角色帮助官网文档：https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse_roles.html#playbooks-reuse-roles

galaxy相关信息官网：https://docs.ansible.com/ansible/latest/galaxy/user_guide.html#installing-roles

galaxy角色下载官网：https://galaxy.ansible.com/

---

---

1. 角色详细信息

mkdir roles

1.1 角色配置

roles_path = 角色目录路径

示例：

vim /mnt/ansible/ansible.cfg

[defaults]
inventory = ./hosts
remote_user = devops
roles_path = ./roles	#角色路径
[privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=False

1.2 角色常用命令

1. ansible-galaxy list：列出本机角色

2. ansible-galaxy role init roles/apache：生成角色框架

3. ansible-galaxy search nginx：查找角色

4. ansible-galaxy install geerlingguy.nginx：安装角色

5. ansible-galaxy remove 角色名：删除角色

6. ansible-galaxy info 角色名：获取角色详细信息

1.3 角色目录结构

2. Apache角色示例

1. mkdir roles：创建角色
2. 配置角色路径：vim /mnt/ansible/ansible.cfg
3. ansible-galaxy role init roles/apache：生成角色默认框架
4. tree roles/apache/：查看框架

5. vim roles/apache/tasks/main.yml：编写角色中的任务

---
# tasks file for roles/apache
- name: 安装 apache
  dnf:
    name: httpd
    state: present
- name: 创建index.html
  copy:
    content: "{
    
    { ansible_hostname }}\n"
    dest: /var/www/html/index.html
- name: 配置Apache
  template:
    src: httpd.conf.j2
    dest: /etc/httpd/conf/httpd.conf
  notify: restart httpd
- name: 开启 apache
  service:
    name: httpd
    state: started
    enabled: yes
- name: 开启 firewalld
  service:
    name: firewalld
    state: started
    enabled: yes
- name: 通过 http
  firewalld:
    service: http
    permanent: yes
    immediate: yes
    state: enabled

6. cp /etc/httpd/conf/httpd.conf roles/apache/templates/httpd.conf.j2：创建jinja2模板

7. vim roles/apache/templates/httpd.conf.j2：修改jinja2模板

8. 定义变量：http_port: 80

定义变量方法：

1. vim host_vars/192.168.43.27/vars 定义http_port: 80
2. vim group_vars/webserver/vars
3. vim roles/apache/vars/main.yml
4. 等

9. vim roles/apache/handlers/main.yml：编写触发程序

---
# handlers file for roles/apache
- name: restart httpd
  service: 
    name: httpd
    state: restarted

8. vim playbook.yml：编写剧本
   
   

---
- hosts: test
  roles:
  - role: apache

9. ansible-playbook playbook.yml：执行成功

3. 官网安装nginx角色示例

1. ansible-galaxy search nginx：查找nginx（需联网操作）
2. ansible-galaxy install geerlingguy.nginx：安装nginx角色
3. ansible-galaxy list：列出
4. tree roles/geerlingguy.nginx/

5. vim playbook.yml：编写剧本

---
- hosts: 192.168.43.47
  roles:
  - role: geerlingguy.nginx

6. vim roles/geerlingguy.nginx/defaults/main.yml

 60 nginx_vhosts: 
 61 # Example vhost below, showing all available options:
 62   - listen: "80" # default: "80"
 63     server_name: "localhost" # default: N/A
 64     root: "/var/www/html" # default: N/A

7. ansible-playbook playbook.yml：运行

8. curl 192.168.43.47：测试

9. ansible-galaxy remove geerlingguy.nginx：卸载角色（删除角色不会影响已经执行过的任务）

在目标主机查看测试：

1. netstat -antlupe | grep nginx（80端口）

2. cat /etc/nginx/conf.d/example.com.conf

3. systemctl disable --now nginx.service：关闭服务