Ansible Facts是什麼

• 每次執行playbook時，系統會自動執行setup這個模組
  

setup模組的用處

• 收集系統變數
• 包括網路、硬體、作業系統所有資料都在裏面

利用ad hoc指令查看系統變數

ansible all -m setup > server1.info

查看server1.info

vi server1.info

利用filer來過濾出系統變數

ansible server1 -m setup -a "filter=ansible_distribution*"

查看套件管理器

ansible server1 -m setup -a "filter=ansible_pkg_mgr"

安裝docker時讀取系統變數

---
- name: Install docker
  hosts: server1
  become: true
  vars_files:
    - vars.yaml
 
  tasks:
    - name: Test Connection
      ping:
 
    - name: Install required packages
      apt:
        name: "{{ item }}"
        state: latest
        update_cache: true
      loop: "{{ requried_packages }}"
 
    - name: Add docker's official GPG key
      apt_key:
        url: https://download.docker.com/linux/ubuntu/gpg
        state: present
 
    - name: Add docker repository
      apt_repository:
        repo: deb https://download.docker.com/linux/ubuntu "{{ ansible_distribution_release  }}" stable
        state: present

不需指定ubuntu版本代號

template的用處

• 當在遠端要有一個設定檔時，指定其中的變數
• 事先定義變數和模板
• 動態產生遠端的 Shell Scripts、設定檔
• 使用jinja2格式，是一種python的模板檔案
• 使用j2作為副檔名
• 必須從主機端複製到被控端

在遠端git clone

---
- name: clone git repo
  hosts: server1
 
  tasks:
  - name: clone dotenv
    ansible.builtin.git:
      repo: https://github.com/joshhu/dotenvs.git
      dest: /home/ansible/dotenvs

.zshrc.j2的部分內容

(must)ansible:dotenvs/ (main✓) $ cat .zshrc.j2                                                        [16:35:39]
#uto Path to your oh-my-zsh installation.
export ZSH=$HOME/.oh-my-zsh
 
# Set name of the theme to load.
# Look in ~/.oh-my-zsh/themes/
# Optionally, if you set this to "random", it'll load a random theme each
# time that oh-my-zsh is loaded.
ZSH_THEME="{{  zsh_theme  }}"
 
# Uncomment the following line to use case-sensitive completion.
CASE_SENSITIVE="true"

設定zsh的主題

---
- name: clone git repo
  hosts: server1
  vars:
    zsh_theme: "myclean"
 
  tasks:
  - name: clone dotenv to node
    ansible.builtin.git:
      repo: https://github.com/joshhu/dotenvs.git
      dest: /home/ansible/dotenvs
 
  - name: copy .zshrc to home directory
    ansible.builtin.template:
      src: /home/ansible/dotenvs/.zshrc.j2
      dest: /home/ansible/.zshrc

執行後的結果

ansible-playbook git2.yaml

ansible@server:~$ cat .zshrc.aa
#uto Path to your oh-my-zsh installation.
export ZSH=$HOME/.oh-my-zsh
 
# Set name of the theme to load.
# Look in ~/.oh-my-zsh/themes/
# Optionally, if you set this to "random", it'll load a random theme each
# time that oh-my-zsh is loaded.
ZSH_THEME="joshhu"

什麼是Roles

• 全名是 Playbooks Roles，是 Playbooks 的延伸使用
• 把重複的 Tasks 獨立出來
• 無法分享給其它專案使用
• 把寫好的程式封裝成套件 (Packages) 並重用及分享
• 用 Roles 來完成

什麼是Roles

• Tasks：執行的工作
• Variables：執行時的變數
• Templates：複製時常用模板
• Metadata：一些共用的中繼資料
• Handles：和Ansible互動的callback

如何建立一個Role

ansible-galaxy init test_role

Role的結構目錄

包括內部的檔案

檔案說明

• defaults – 資料的預設值，但通常會被其它role的值取代
• files – 靜態不會更動的檔案
• handlers – 由tasks或roles所觸發的機制
• meta – 各種中繼資料，如作者，相依套件
• tasks – 就是playbook中的task
• templates – jinja2格式的模板檔案
• tests – 測試role功能的
• vars – 這個role使用的變數，優先序高

Role的使用

- hosts: all
  roles:
    - role: "/custom_path/to/the/role"

建立一個Webserver的Role

(must)ansible:ansible_git/ $ ansible-galaxy init webserver                                            [19:54:26]
- Role webserver was created successfully
(must)ansible:ansible_git/ $ tree                                                                     [19:54:39]
.
├── ansible.cfg
├── git1.yaml
├── git2.yaml
├── templates
└── webserver
    ├── defaults
    │   └── main.yml
    ├── files
    ├── handlers
    │   └── main.yml
    ├── meta
    │   └── main.yml
    ├── README.md
    ├── tasks
    │   └── main.yml
    ├── templates
    ├── tests
    │   ├── inventory
    │   └── test.yml
    └── vars
        └── main.yml
 
10 directories, 11 files

建立專案目錄及設定

cd ~
mkdir project01
cd project01
cp ../ansible.cfg .
cp ../inventory .
mkdir roles
cd roles

建立需要的Roles

ansible-galaxy init apt
ansible-galaxy init zsh
ansible_galaxy init omz
 

建立apt的role

cd roles
cd tasks
vi main.yml

apt的task

• ~/project01/roles/apt/tasks/main.yml

---
# tasks file for apt
  - name: apt update and upgrade
    apt:
      update_cache: true
      upgrade: full

撰寫專案yaml

• ~/project01/main.yaml

---
  - hosts: server1
    roles:
      - { role: apt }

測試專案

cd ~/project01
ansible-playbook main.yaml -C

撰寫zsh的task

• ~/project01/roles/zsh/tasks/main.yaml

---
  - name: install zsh and dependencies
    package:
      name: "{{ zsh_dependencies }}"
      state: present
    become: true

撰寫zsh的task

• ~/project01/roles/zsh/vars/main.yaml

---
# dependencies for zsh
zsh_dependencies:
  - git
  - zsh
  - autojump

幹嘛自己寫role?

• 網路上充滿了別人寫好，適用於各種場景的roles
• 考慮的十分完整
• 參考其說明檔，將自己的改變加入即可
• 重新設定playbook的變數
• 會被安裝在~/.ansible/roles中，隨時可取用

安裝oh-my-zsh的role

(must)ansible:~/ $ ansible-galaxy install gantsign.oh-my-zsh
Starting galaxy role install process
- changing role gantsign.oh-my-zsh from 2.6.0 to unspecified
- downloading role 'oh-my-zsh', owned by gantsign
- downloading role from https://github.com/gantsign/ansible-role-oh-my-zsh/archive/2.6.0.tar.gz
- extracting gantsign.oh-my-zsh to /home/ansible/.ansible/roles/gantsign.oh-my-zsh
- gantsign.oh-my-zsh (2.6.0) was installed successfully

查看其網頁說明檔

修改原來的playbook

• ~/project01/main.yaml

---
  - hosts: server1
    roles:
      - { role: apt }
      - { role: zsh }
      - role: gantsign.oh-my-zsh
        users:
          - username: ansible

將oh-my-zsh的主題及設定檔修改

• 建立新的角色

cd ~/project01/roles
ansible-galaxy init omz

下載之前定義好的設定檔

cd ~
git clone https://github.com/joshhu/dotenvs.git
cp ~/dotenvs/.zshrc ~/project01/roles/omz/files
cp ~/dotenvs/.myclean.zsh-theme ~/project01/roles/omz/files

撰寫新role的工作

• ~/project01/roles/omz/tasks/main.yml

---
  - name: update configuration files
    ansible.builtin.copy:
      src: myclean.zsh-theme
      dest: /home/ansible/.oh-my-zsh/custom/themes/myclean.zsh-theme

  - name: update .zshrc
    ansible.builtin.copy:
      src: .zshrc
      dest: /home/ansible/.zshrc

  - name: clone omz plugins
    ansible.builtin.git:
      repo: https://github.com/zsh-users/zsh-completions
      dest: /home/ansible/.oh-my-zsh/custom/plugins/zsh-completions

  - name: clone synteax highlight
    ansible.builtin.git:
      repo: https://github.com/zsh-users/zsh-syntax-highlighting.git
      dest: /home/ansible/.oh-my-zsh/custom/plugins/zsh-syntax-highlighting

修改專案的main.yaml

---
  - hosts: server1
    roles:
      - { role: apt }
      - { role: zsh }
      - role: gantsign.oh-my-zsh
        users:
          - username: ansible
      - { role: omz }