changed 2 years ago
Published Linked with GitHub

課程八:Ansible 進階用法

2022年下學期,明新科技大學資管系

講師:胡嘉璽

課程重點

  • Ansible Facts
  • Ansible Template
  • Ansible Role
  • Ansible專案

課程重點

  • Ansible Facts
  • Ansible Template
  • Ansible Role
  • Ansible專案

Ansible Facts是什麼

  • 每次執行playbook時,系統會自動執行setup這個模組
    Image Not Showing Possible Reasons
    • The image was uploaded to a note which you don't have access to
    • The note which the image was originally uploaded to has been deleted
    Learn More →

setup模組的用處

  • 收集系統變數
  • 包括網路、硬體、作業系統所有資料都在裏面

利用ad hoc指令查看系統變數

ansible all -m setup > server1.info

查看server1.info

vi server1.info

利用filer來過濾出系統變數

ansible server1 -m setup -a "filter=ansible_distribution*"

查看套件管理器

ansible server1 -m setup -a "filter=ansible_pkg_mgr"

安裝docker時讀取系統變數




























---
- name: Install docker
  hosts: server1
  become: true
  vars_files:
    - vars.yaml

  tasks:
    - name: Test Connection
      ping:

    - name: Install required packages
      apt:
        name: "{{ item }}"
        state: latest
        update_cache: true
      loop: "{{ requried_packages }}"

    - name: Add docker's official GPG key
      apt_key:
        url: https://download.docker.com/linux/ubuntu/gpg
        state: present

    - name: Add docker repository
      apt_repository:
        repo: deb https://download.docker.com/linux/ubuntu "{{ ansible_distribution_release  }}" stable
        state: present

不需指定ubuntu版本代號

課程重點

  • Ansible Facts
  • Ansible Template
  • Ansible Role
  • Ansible專案

template的用處

  • 當在遠端要有一個設定檔時,指定其中的變數
  • 事先定義變數和模板
  • 動態產生遠端的 Shell Scripts、設定檔
  • 使用jinja2格式,是一種python的模板檔案
  • 使用j2作為副檔名
  • 必須從主機端複製到被控端

在遠端git clone










---
- name: clone git repo
  hosts: server1

  tasks:
  - name: clone dotenv
    ansible.builtin.git:
      repo: https://github.com/joshhu/dotenvs.git
      dest: /home/ansible/dotenvs

.zshrc.j2的部分內容













(must)ansible:dotenvs/ (main✓) $ cat .zshrc.j2                                                        [16:35:39]
#uto Path to your oh-my-zsh installation.
export ZSH=$HOME/.oh-my-zsh

# Set name of the theme to load.
# Look in ~/.oh-my-zsh/themes/
# Optionally, if you set this to "random", it'll load a random theme each
# time that oh-my-zsh is loaded.
ZSH_THEME="{{  zsh_theme  }}"

# Uncomment the following line to use case-sensitive completion.
CASE_SENSITIVE="true"

設定zsh的主題

















---
- name: clone git repo
  hosts: server1
  vars:
    zsh_theme: "myclean"

  tasks:
  - name: clone dotenv to node
    ansible.builtin.git:
      repo: https://github.com/joshhu/dotenvs.git
      dest: /home/ansible/dotenvs

  - name: copy .zshrc to home directory
    ansible.builtin.template:
      src: /home/ansible/dotenvs/.zshrc.j2
      dest: /home/ansible/.zshrc

執行後的結果

ansible-playbook git2.yaml










ansible@server:~$ cat .zshrc.aa
#uto Path to your oh-my-zsh installation.
export ZSH=$HOME/.oh-my-zsh

# Set name of the theme to load.
# Look in ~/.oh-my-zsh/themes/
# Optionally, if you set this to "random", it'll load a random theme each
# time that oh-my-zsh is loaded.
ZSH_THEME="joshhu"

課程重點

  • Ansible Facts
  • Ansible Template
  • Ansible Role
  • Ansible專案

什麼是Roles

  • 全名是 Playbooks Roles,是 Playbooks 的延伸使用
  • 把重複的 Tasks 獨立出來
  • 無法分享給其它專案使用
  • 把寫好的程式封裝成套件 (Packages) 並重用及分享
  • 用 Roles 來完成

什麼是Roles

  • Tasks:執行的工作
  • Variables:執行時的變數
  • Templates:複製時常用模板
  • Metadata:一些共用的中繼資料
  • Handles:和Ansible互動的callback

如何建立一個Role

ansible-galaxy init test_role

Role的結構目錄

包括內部的檔案

檔案說明

  • defaults – 資料的預設值,但通常會被其它role的值取代
  • files – 靜態不會更動的檔案
  • handlers – 由tasks或roles所觸發的機制
  • meta – 各種中繼資料,如作者,相依套件
  • tasks – 就是playbook中的task
  • templates – jinja2格式的模板檔案
  • tests – 測試role功能的
  • vars – 這個role使用的變數,優先序高

Role的使用




- hosts: all
  roles:
    - role: "/custom_path/to/the/role"

建立一個Webserver的Role




























(must)ansible:ansible_git/ $ ansible-galaxy init webserver                                            [19:54:26]
- Role webserver was created successfully
(must)ansible:ansible_git/ $ tree                                                                     [19:54:39]
.
├── ansible.cfg
├── git1.yaml
├── git2.yaml
├── templates
└── webserver
    ├── defaults
    │   └── main.yml
    ├── files
    ├── handlers
    │   └── main.yml
    ├── meta
    │   └── main.yml
    ├── README.md
    ├── tasks
    │   └── main.yml
    ├── templates
    ├── tests
    │   ├── inventory
    │   └── test.yml
    └── vars
        └── main.yml

10 directories, 11 files

課程重點

  • Ansible Facts
  • Ansible Template
  • Ansible Role
  • Ansible專案

建立專案目錄及設定








cd ~
mkdir project01
cd project01
cp ../ansible.cfg .
cp ../inventory .
mkdir roles
cd roles

建立需要的Roles





ansible-galaxy init apt
ansible-galaxy init zsh
ansible_galaxy init omz

建立apt的role




cd roles
cd tasks
vi main.yml

apt的task

  • ~/project01/roles/apt/tasks/main.yml






---
# tasks file for apt
  - name: apt update and upgrade
    apt:
      update_cache: true
      upgrade: full

撰寫專案yaml

  • ~/project01/main.yaml




---
  - hosts: server1
    roles:
      - { role: apt }

測試專案



cd ~/project01
ansible-playbook main.yaml -C

撰寫zsh的task

  • ~/project01/roles/zsh/tasks/main.yaml






---
  - name: install zsh and dependencies
    package:
      name: "{{ zsh_dependencies }}"
      state: present
    become: true

撰寫zsh的task

  • ~/project01/roles/zsh/vars/main.yaml






---
# dependencies for zsh
zsh_dependencies:
  - git
  - zsh
  - autojump

幹嘛自己寫role?

  • 網路上充滿了別人寫好,適用於各種場景的roles
  • 考慮的十分完整
  • 參考其說明檔,將自己的改變加入即可
  • 重新設定playbook的變數
  • 會被安裝在~/.ansible/roles中,隨時可取用

安裝oh-my-zsh的role








(must)ansible:~/ $ ansible-galaxy install gantsign.oh-my-zsh
Starting galaxy role install process
- changing role gantsign.oh-my-zsh from 2.6.0 to unspecified
- downloading role 'oh-my-zsh', owned by gantsign
- downloading role from https://github.com/gantsign/ansible-role-oh-my-zsh/archive/2.6.0.tar.gz
- extracting gantsign.oh-my-zsh to /home/ansible/.ansible/roles/gantsign.oh-my-zsh
- gantsign.oh-my-zsh (2.6.0) was installed successfully

查看其網頁說明檔

修改原來的playbook

  • ~/project01/main.yaml








---
  - hosts: server1
    roles:
      - { role: apt }
      - { role: zsh }
      - role: gantsign.oh-my-zsh
        users:
          - username: ansible

oh-my-zsh的主題及設定檔修改

  • 建立新的角色


cd ~/project01/roles
ansible-galaxy init omz

下載之前定義好的設定檔





cd ~
git clone https://github.com/joshhu/dotenvs.git
cp ~/dotenvs/.zshrc ~/project01/roles/omz/files
cp ~/dotenvs/.myclean.zsh-theme ~/project01/roles/omz/files

撰寫新role的工作

  • ~/project01/roles/omz/tasks/main.yml
---
  - name: update configuration files
    ansible.builtin.copy:
      src: myclean.zsh-theme
      dest: /home/ansible/.oh-my-zsh/custom/themes/myclean.zsh-theme

  - name: update .zshrc
    ansible.builtin.copy:
      src: .zshrc
      dest: /home/ansible/.zshrc

  - name: clone omz plugins
    ansible.builtin.git:
      repo: https://github.com/zsh-users/zsh-completions
      dest: /home/ansible/.oh-my-zsh/custom/plugins/zsh-completions

  - name: clone synteax highlight
    ansible.builtin.git:
      repo: https://github.com/zsh-users/zsh-syntax-highlighting.git
      dest: /home/ansible/.oh-my-zsh/custom/plugins/zsh-syntax-highlighting

修改專案的main.yaml










---
  - hosts: server1
    roles:
      - { role: apt }
      - { role: zsh }
      - role: gantsign.oh-my-zsh
        users:
          - username: ansible
      - { role: omz }
Select a repo