【Ansible】Playbook实例

陈银山

Learn to build Ansible playbooks with our guide, one step at a time

In our previous posts, we introduced Ansible fundamentals, and dove deeper into Ansible playbooks. Now let’s learn to create an Ansible playbook step by step. Working with a playbook, we’ll go from deploying a simple HTML website to a complete LAMP stack.

Deploying Simple HTML Page
　　To deploy a simple HTML page, we need to ensure that apache is installed and configured on our host machine. So therefore, in this section we will:

• install Apache
  
• start the Apache service
  
• deploy a static webpage with images – This static webpage will leverage Ansible templates where it will display the text “Thank you for reading this post. My IP Address is <ip-address-of-instance>” and cloudacademy logo. To fetch the IP address of host, it will>
  
• restart Apache once the deployment is over
  

　　Before we move forward, let’s have a look at the high-level structure of this simple Ansible playbook.
123456789101112site.yml – starting point of our ansible playbookhosts – carrying hosts informationroles/ - defining what each type of server has to perform       webservers/              tasks/ - tasks performed on webservers                     main.yml              handlers/ - running tasks under particular events                     main.yml              templates/ - configuration files which can reference variables                     index.html.j2              files/ - files to be copied to webservers                     cloud.png　　Lets go through the configuration file line by line and see how configuration works.
　　hosts – points to Ansible hosts. Here’s a possible syntax:
12[webservers]10.0.0.156　　site.yml – the starting point for executing our Ansible playbook. Includes information about hosts and roles associated with them.
1234567---- name: install and configure webservershosts: webserversremote_user: ec2-usersudo: yesroles:   - webservers　　If we want to log into our host machines using a different username and with sudo privileges, we need to use the “remote_user” and “sudo: yes” parameter in our site.yml file. There can be additional parameters too, but they’re not needed right now. Here, we have also defined roles granted to hosts in the [webservers] group.
　　main.yml (Tasks) – This configuration file defines tasks to be executed on hosts that have webservers roles granted. It looks like:
1234567891011---# This task installs and enables apache on webservers- name: ensure apache is installedyum: pkg=httpd state=latest- name: ensure apache is runningservice: name=httpd state=running enabled=yes- name: copy files to document rootcopy: src=cloud.png dest=/var/www/html/cloud.png- name: copy application code to document roottemplate: src=index.html.j2 dest=/var/www/html/index.htmlnotify: restart apache　　Since YAML files are so intuitive, we can easily see that this will install and run Apache on host instances and copy certain files and templates to the host’s document root.
　　main.yml (handlers) – This configuration file defines the action to be performed only upon notification of tasks or state changes. In main.yml (tasks), we defined notify: restart apache handler which will restart Apache once the files and templates are copied to hosts.
123---- name: restart apacheservice: name=httpd state=restarted　　index.html.j2 (template) – a file you can deploy on hosts. However, template files also include some reference variables which are pulled from variables defined as part of an Ansible playbook or facts gathered from the hosts. Our index.html.j2 file looks like a regular html webpage with a referenced variable.
123456789101112131415<html><head>    <title>CloudAcademy Ansible Demo</title></head><body>    <h1>        Thank you for reading this post.         My IP Address is {{ ansible_eth0.ipv4.address }}    </h1>    <br/><br/><br/>    <p>        <img src="cloud.png">    </p></body></html>　　We have declared a reference variable “{{ ansible_eth0.ipv4.address }}” which will print the IP address of the host on which this Ansible playbook is executed.
　　cloud.png (files) – The regular image file to be copied to hosts.
　　Once we have all the files created and present, we can execute an ansible-playbook command and configure our hosts.
123456789101112131415161718192021222324build# ansible-playbook site.yml -i hosts PLAY [install and configure webservers] *************************************** GATHERING FACTS ***************************************************************ok: [10.0.0.156] TASK: [webservers | ensure apache is installed] *******************************changed: [10.0.0.156] TASK: [webservers | ensure apache is running] *********************************changed: [10.0.0.156] TASK: [webservers | copy files to document root] ******************************changed: [10.0.0.156] TASK: [webservers | copy application code to document root] *******************changed: [10.0.0.156] NOTIFIED: [webservers | restart apache] ***************************************changed: [10.0.0.156] PLAY RECAP ********************************************************************10.0.0.156                 : ok=6   changed=5   unreachable=0   failed=0　　That’s it. We have installed Apache and deployed our webpage using host-based files. On browsing our host’s IP address, we will see our static webpage with the referenced variables value defined.

Deploying a PHP webpage configured to work with a MySQL database
　　So until now, we’ve installed and started Apache, deployed a static webpage, and restarted Apache using handlers. Now we will upgrade the functionality of our existing Ansible playbook by adding additional features. Specifically, we’ll:

• install php and>
  
• install mysql server
  
• create databases in mysql server
  
• grant privileges to databases
  
• deploy a php web page which will list the names of all the databases in our mysql server and print certain facts about our host.
  

　　This will modify the structure our existing Ansible playbook:
1234567891011121314151617site.yml – starting point of our ansible playbookhosts – carrying hosts informationgroup_vars       all – carrying variables for groupsroles/ - defining what each type of server has to perform       webservers/              tasks/ - tasks performed on webservers                     main.yml              handlers/ - running tasks under particular events                     main.yml              templates/ - configuration files which can reference variables                     index.php.j2              files/ - files to be copied to webservers                     cloud.png       dbservers              tasks/                     main.yml　　all (group_vars) : contains group-specific variables. Currently, we have only one group i.e., all.
12dbuser: ansibledbpassword: 12345　　hosts : We have to update our hosts file if the webserver and database server are configured on the same host.
12[all]10.0.0.156　　site.yml : Once we have updated our hosts file with a new group “all”, we have to update our site.yml file which will grant the webserver and dbserver role to the “all” host group.
12345678---- name: install and configure webservershosts: allremote_user: ec2-usersudo: yesroles:   - webservers   - dbservers
　　main.yml (tasks for webservers) : This YAML file will now install additional php> 123456789101112131415---# These task installs and enables apache on webservers- name: ensure apache,php>yum: name={{ item }} state=presentwith_items:   - httpd   - php   - php-mysql- name: ensure apache is runningservice: name=httpd state=running enabled=yes- name: copy files to document rootcopy: src=cloud.png dest=/var/www/html/cloud.png- name: copy application code to document roottemplate: src=index.php.j2 dest=/var/www/html/index.phpnotify: restart apache
　　index.php.j2 (templates) : Instead of an html file, we’ve moved to index.php which includes application code to print names of all databases and other operating system> 12345678910111213141516171819202122232425262728<html><head>       <title>CloudAcademy Ansible Demo</title></head><body>    <h3>        Thank you for reading this post. My IP Address is {{ ansible_eth0.ipv4.address }}.        This is {{ ansible_system }} OS with {{ ansible_userspace_architecture }} architecture    </h3>    <p>        <strong>List of Databases:</strong> <br/>    <?php     //Spoiler: don't do this at home!    $dbobj = mysql_connect('{{ ansible_lo.ipv4.address }}', '{{ dbuser }}', '{{ dbpassword }}');    if (!$dbobj) { die('Could not connect: ' . mysql_error()); }     $result = mysql_query("SHOW DATABASES");    while ($res = mysql_fetch_assoc($result)){        echo $res['Database'] . "<br/>";    }     ?>    </p>    <br/>    <p><img src="cloud.png"></body></html>　　main.yml (tasks for dbservers) : This configuration file will install the mysql-server, and mysql python packages, create databases, and create database users.
12345678910111213141516---# These task installs and enables apache on webservers- name: ensure mysql is installedyum: name={{ item }} state=presentwith_items:   - mysql-server   - MySQL-python- name: ensure mysql is runningservice: name=mysqld state=running enabled=yes- name: create application databasemysql_db: name={{ item }} state=presentwith_items:   - ansible_db01   - ansible_db02- name: create application usermysql_user: name={{ dbuser }} password={{ dbpassword }} priv=*.*:ALL state=present　　That’s it. Our Ansible playbook to deploy a LAMP stack is now ready. We built up a playbook that will install Apache, php, mysql-server, create a mysql user and databases and deploy our application code which prints information about Ansible’s host and list of databases.
　　To execute this Ansible playbook on host, we will use the ansible-playbook command:
12345678910111213141516171819202122232425262728293031323334353637#ansible-playbook site.yml -i hosts PLAY [install and configure webservers] *************************************** GATHERING FACTS ***************************************************************ok: [10.0.0.156] TASK: [webservers | ensure apache,php>changed: [10.0.0.156] => (item=httpd,php,php-mysql) TASK: [webservers | ensure apache is running] *********************************changed: [10.0.0.156] TASK: [webservers | copy files to document root] ******************************changed: [10.0.0.156] TASK: [webservers | copy application code to document root] *******************changed: [10.0.0.156] TASK: [dbservers | ensure mysql is installed] *********************************changed: [10.0.0.156] => (item=mysql-server,MySQL-python) TASK: [dbservers | ensure mysql is running] ***********************************changed: [10.0.0.156] TASK: [dbservers | create application database] *******************************changed: [10.0.0.156] => (item=ansible_db01)changed: [10.0.0.156] => (item=ansible_db02) TASK: [dbservers | create application user] ***********************************changed: [10.0.0.156] NOTIFIED: [webservers | restart apache] ***************************************changed: [10.0.0.156] PLAY RECAP *******************************************************************10.0.0.156                 : ok=10   changed=9   unreachable=0   failed=0　　Browsing to our host IP address will display:

　　There’s lots more to learn about Ansible in future posts!
　　参考资料：https://cloudacademy.com/blog/building-ansible-playbooks-step-by-step/