明新科大2022年ansible-8

## 課程八：Ansible 進階用法 ### 2022年下學期，明新科技大學資管系 ### 講師：胡嘉璽 --- ## 課程重點 * Ansible Facts * Ansible Template * Ansible Role * Ansible專案 --- ## 課程重點 * Ansible Facts * Ansible Template * Ansible Role * Ansible專案 ---- ### Ansible Facts是什麼 * 每次執行`playbook`時，系統會自動執行`setup`這個模組 ![](https://hackmd.io/_uploads/HJ0pqFp_i.png) ---- ### `setup`模組的用處 * 收集系統變數 * 包括網路、硬體、作業系統所有資料都在裏面 ---- ### 利用`ad hoc`指令查看系統變數 ```shell= ansible all -m setup > server1.info ``` 查看`server1.info` ```shell= vi server1.info ``` ---- ### 利用`filer`來過濾出系統變數 ``` ansible server1 -m setup -a "filter=ansible_distribution*" ``` ![](https://hackmd.io/_uploads/BJB0hY6dj.png) ---- ### 查看套件管理器 ``` ansible server1 -m setup -a "filter=ansible_pkg_mgr" ``` ![](https://hackmd.io/_uploads/r1GHTYTdj.png) ---- ### 安裝docker時讀取系統變數 ```yaml= --- - name: Install docker hosts: server1 become: true vars_files: - vars.yaml tasks: - name: Test Connection ping: - name: Install required packages apt: name: "{{ item }}" state: latest update_cache: true loop: "{{ requried_packages }}" - name: Add docker's official GPG key apt_key: url: https://download.docker.com/linux/ubuntu/gpg state: present - name: Add docker repository apt_repository: repo: deb https://download.docker.com/linux/ubuntu "{{ ansible_distribution_release }}" stable state: present ``` ---- ### 不需指定ubuntu版本代號 ![](https://hackmd.io/_uploads/Bkockcaui.png) --- ## 課程重點 * Ansible Facts * Ansible Template * Ansible Role * Ansible專案 ---- ### template的用處 * 當在遠端要有一個設定檔時，指定其中的變數 * 事先定義變數和模板 * 動態產生遠端的 Shell Scripts、設定檔 * 使用jinja2格式，是一種python的模板檔案 * 使用`j2`作為副檔名 * 必須從主機端複製到被控端 ---- ### 在遠端`git clone` ```yaml= --- - name: clone git repo hosts: server1 tasks: - name: clone dotenv ansible.builtin.git: repo: https://github.com/joshhu/dotenvs.git dest: /home/ansible/dotenvs ``` ---- ### `.zshrc.j2`的部分內容 ```jinj2= (must)ansible:dotenvs/ (main✓) $ cat .zshrc.j2 [16:35:39] #uto Path to your oh-my-zsh installation. export ZSH=$HOME/.oh-my-zsh # Set name of the theme to load. # Look in ~/.oh-my-zsh/themes/ # Optionally, if you set this to "random", it'll load a random theme each # time that oh-my-zsh is loaded. ZSH_THEME="{{ zsh_theme }}" # Uncomment the following line to use case-sensitive completion. CASE_SENSITIVE="true" ``` ---- ### 設定`zsh`的主題 ```yaml= --- - name: clone git repo hosts: server1 vars: zsh_theme: "myclean" tasks: - name: clone dotenv to node ansible.builtin.git: repo: https://github.com/joshhu/dotenvs.git dest: /home/ansible/dotenvs - name: copy .zshrc to home directory ansible.builtin.template: src: /home/ansible/dotenvs/.zshrc.j2 dest: /home/ansible/.zshrc ``` ---- ### 執行後的結果 ``` ansible-playbook git2.yaml ``` ```.zshrc= ansible@server:~$ cat .zshrc.aa #uto Path to your oh-my-zsh installation. export ZSH=$HOME/.oh-my-zsh # Set name of the theme to load. # Look in ~/.oh-my-zsh/themes/ # Optionally, if you set this to "random", it'll load a random theme each # time that oh-my-zsh is loaded. ZSH_THEME="joshhu" ``` --- ## 課程重點 * Ansible Facts * Ansible Template * Ansible Role * Ansible專案 ---- ### 什麼是Roles * 全名是 Playbooks Roles，是 Playbooks 的延伸使用 * 把重複的 Tasks 獨立出來 * 無法分享給其它專案使用 * 把寫好的程式封裝成套件 (Packages) 並重用及分享 * 用 Roles 來完成 ---- ### 什麼是Roles * Tasks：執行的工作 * Variables：執行時的變數 * Templates：複製時常用模板 * Metadata：一些共用的中繼資料 * Handles：和Ansible互動的callback ---- ### 如何建立一個Role ```shell= ansible-galaxy init test_role ``` ![](https://hackmd.io/_uploads/H18d6padi.png) ---- ### Role的結構目錄 ![](https://hackmd.io/_uploads/r1-app6_o.png) ---- ### 包括內部的檔案 ![](https://hackmd.io/_uploads/SJb10aaus.png) ---- ### 檔案說明 * defaults – 資料的預設值，但通常會被其它role的值取代 * files – 靜態不會更動的檔案 * handlers – 由tasks或roles所觸發的機制 * meta – 各種中繼資料，如作者，相依套件 * tasks – 就是playbook中的task * templates – jinja2格式的模板檔案 * tests – 測試role功能的 * vars – 這個role使用的變數，優先序高 ---- ### Role的使用 ```yaml= - hosts: all roles: - role: "/custom_path/to/the/role" ``` ---- ### 建立一個Webserver的Role ```shell= (must)ansible:ansible_git/ $ ansible-galaxy init webserver [19:54:26] - Role webserver was created successfully (must)ansible:ansible_git/ $ tree [19:54:39] . ├── ansible.cfg ├── git1.yaml ├── git2.yaml ├── templates └── webserver ├── defaults │ └── main.yml ├── files ├── handlers │ └── main.yml ├── meta │ └── main.yml ├── README.md ├── tasks │ └── main.yml ├── templates ├── tests │ ├── inventory │ └── test.yml └── vars └── main.yml 10 directories, 11 files ``` --- ## 課程重點 * Ansible Facts * Ansible Template * Ansible Role * Ansible專案 ---- ### 建立專案目錄及設定 ```shell= cd ~ mkdir project01 cd project01 cp ../ansible.cfg . cp ../inventory . mkdir roles cd roles ``` ---- ### 建立需要的Roles ```shell= ansible-galaxy init apt ansible-galaxy init zsh ansible_galaxy init omz ``` ---- ### 建立apt的role ```shell= cd roles cd tasks vi main.yml ``` ---- ### apt的task * `~/project01/roles/apt/tasks/main.yml` ```yaml= --- # tasks file for apt - name: apt update and upgrade apt: update_cache: true upgrade: full ``` ---- ### 撰寫專案`yaml` * `~/project01/main.yaml` ```yaml= --- - hosts: server1 roles: - { role: apt } ``` ---- ### 測試專案 ```shell= cd ~/project01 ansible-playbook main.yaml -C ``` ![](https://hackmd.io/_uploads/BkvisJRus.png) ---- ### 撰寫`zsh`的task * `~/project01/roles/zsh/tasks/main.yaml` ```yaml= --- - name: install zsh and dependencies package: name: "{{ zsh_dependencies }}" state: present become: true ``` ---- ### 撰寫`zsh`的task * `~/project01/roles/zsh/vars/main.yaml` ```yaml= --- # dependencies for zsh zsh_dependencies: - git - zsh - autojump ``` ---- ### 幹嘛自己寫role? * 網路上充滿了別人寫好，適用於各種場景的roles * 考慮的十分完整 * 參考其說明檔，將自己的改變加入即可 * 重新設定playbook的變數 * 會被安裝在`~/.ansible/roles`中，隨時可取用 ---- ### 安裝`oh-my-zsh`的role ```shell= (must)ansible:~/ $ ansible-galaxy install gantsign.oh-my-zsh Starting galaxy role install process - changing role gantsign.oh-my-zsh from 2.6.0 to unspecified - downloading role 'oh-my-zsh', owned by gantsign - downloading role from https://github.com/gantsign/ansible-role-oh-my-zsh/archive/2.6.0.tar.gz - extracting gantsign.oh-my-zsh to /home/ansible/.ansible/roles/gantsign.oh-my-zsh - gantsign.oh-my-zsh (2.6.0) was installed successfully ``` ---- ### 查看其網頁說明檔 ![](https://hackmd.io/_uploads/HJWZieAus.png) ---- ### 修改原來的playbook * `~/project01/main.yaml` ```yaml= --- - hosts: server1 roles: - { role: apt } - { role: zsh } - role: gantsign.oh-my-zsh users: - username: ansible ``` ---- ### 將`oh-my-zsh`的主題及設定檔修改 * 建立新的角色 ```shell= cd ~/project01/roles ansible-galaxy init omz ``` ---- ### 下載之前定義好的設定檔 ```shell= cd ~ git clone https://github.com/joshhu/dotenvs.git cp ~/dotenvs/.zshrc ~/project01/roles/omz/files cp ~/dotenvs/.myclean.zsh-theme ~/project01/roles/omz/files ``` ---- ### 撰寫新role的工作 * `~/project01/roles/omz/tasks/main.yml` ```yaml --- - name: update configuration files ansible.builtin.copy: src: myclean.zsh-theme dest: /home/ansible/.oh-my-zsh/custom/themes/myclean.zsh-theme - name: update .zshrc ansible.builtin.copy: src: .zshrc dest: /home/ansible/.zshrc - name: clone omz plugins ansible.builtin.git: repo: https://github.com/zsh-users/zsh-completions dest: /home/ansible/.oh-my-zsh/custom/plugins/zsh-completions - name: clone synteax highlight ansible.builtin.git: repo: https://github.com/zsh-users/zsh-syntax-highlighting.git dest: /home/ansible/.oh-my-zsh/custom/plugins/zsh-syntax-highlighting ``` ---- ### 修改專案的`main.yaml` ```yaml= --- - hosts: server1 roles: - { role: apt } - { role: zsh } - role: gantsign.oh-my-zsh users: - username: ansible - { role: omz } ```