Tasks and Modules (任务与模块) ¶
学习目标
目标:学习如何编写和管理 Ansible 任务以及了解常用的模块。
- 理解任务(tasks)的基本概念。
- 学习常用模块的使用方法,如 command、shell、copy、file、yum、apt、service 等。
1. 软件包管理与存储库(YUM 和 APT 模块) ¶
1. yum_repository 模块 ¶
用途:管理 YUM 软件库。
---
- name: Manage yum repositories
hosts: all
tasks:
- name: Add a yum repository
yum_repository:
name: epel
description: EPEL YUM repo
baseurl: 'https://download.fedoraproject.org/pub/epel/$releasever/$basearch'
gpgcheck: yes
enabled: yes
2. apt_repository 模块 ¶
用途:管理 APT 软件库。
---
- name: Manage apt repositories
hosts: all
tasks:
- name: Add an apt repository
apt_repository:
repo: 'ppa:deadsnakes/ppa'
state: present
3. yum 模块 ¶
用途:在 RedHat/CentOS 系统上管理软件包。
---
- name: Ensure software is installed
hosts: all
tasks:
- name: Install Apache
yum:
name: httpd
state: present
4. apt 模块 ¶
用途:在 Debian/Ubuntu 系统上管理软件包。
---
- name: Ensure software is installed
hosts: all
tasks:
- name: Install Apache
apt:
name: apache2
state: present
update_cache: yes
2. PIP 模块 ¶
1. pip 模块 ¶
用途:管理 Python 包。
---
- name: Ensure software is installed
hosts: all
tasks:
- name: Install Apache
apt:
name: apache2
state: present
update_cache: yes
3. 文件与目录管理 ¶
1. file 模块 ¶
用途:管理文件和目录的属性(包括权限、所有者等)。
---
- name: Manage file attributes
hosts: all
tasks:
- name: Ensure a directory
file:
path: /etc/example
state: directory
mode: '0755'
- name: Ensure a file exists
file:
path: /etc/example/config.cfg
state: touch
- name: Set file permissions
file:
path: /etc/example/config.cfg
mode: '0644'
2. copy 模块 ¶
用途:将本地文件或目录复制到远程主机。
---
- name: Copy a file to remote
hosts: all
tasks:
- name: Copy configuration file
copy:
src: /path/to/local/file
dest: /path/to/remote/file
mode: '0644'
3. template 模块 ¶
用途:使用 Jinja2 模板填充并生成配置文件。
---
- name: Template a configuration file
hosts: all
tasks:
- name: Deploy configuration template
template:
src: templates/config.cfg.j2
dest: /etc/someapp/config.cfg
[config]
option1 = {{ some_variable }}
option2 = {{ other_variable }}
4. unarchive 模块 ¶
用途:解压缩文件。
---
- name: Extract tar file
hosts: all
tasks:
- name: Extract a tar.gz file
unarchive:
src: /tmp/app.tar.gz
dest: /opt/
remote_src: yes
5. lineinfile 模块 ¶
用途:确保文件中存在、更新或删除特定的行。
---
- name: Ensure specific line in file
hosts: all
tasks:
- name: Ensure line is present
lineinfile:
path: /etc/sysctl.conf
line: 'net.ipv4.ip_forward = 1'
6. get_url 模块 ¶
用途:从 HTTP、HTTPS 或 FTP 下载文件。
---
- name: Download a file
hosts: all
tasks:
- name: Download from URL
get_url:
url: https://example.com/file.tar.gz
dest: /tmp/file.tar.gz
4. 服务与系统管理 ¶
1. service 模块 ¶
用途:管理服务的状态(启动、停止、重启等)。
---
- name: Manage services
hosts: all
tasks:
- name: Ensure Apache is running
service:
name: httpd
state: started
enabled: yes
2. user 模块 ¶
用途:管理用户账户。
---
- name: Manage user accounts
hosts: all
tasks:
- name: Ensure user exists
user:
name: johndoe
state: present
groups: sudo
3. group 模块 ¶
用途:管理用户组。
---
- name: Manage user groups
hosts: all
tasks:
- name: Ensure group exists
group:
name: engineers
state: present
4. hostname 模块 ¶
用途:设置主机名。
---
- name: Set hostname
hosts: all
tasks:
- name: Set system hostname
hostname:
name: webserver01
5. cron 模块 ¶
用途:管理 cron 作业。
---
- name: Set up a cron job
hosts: all
tasks:
- name: Ensure cron job is present
cron:
name: "Ansible regular task"
minute: "0"
hour: "0"
job: "/usr/bin/example-command"
6. debug 模块 ¶
用途:输出调试信息。
---
- name: Print debug message
hosts: all
tasks:
- name: Show debug message
debug:
msg: "This is a debug message"
7. wait_for 模块 ¶
用途:等待某种条件满足,比如端口打开。
---
- name: Wait for something
hosts: all
tasks:
- name: Wait for port 80 to be open
wait_for:
port: 80
5. 命令执行 ¶
1. command 模块 ¶
用途:执行命令行命令。
---
- name: Run a command
hosts: all
tasks:
- name: Print current directory
command: pwd
2. shell 模块 ¶
用途:执行 shell 命令,支持复杂的命令和管道。
---
- name: Run a shell command
hosts: all
tasks:
- name: List all files
shell: ls -l /var/www
3. git 模块 ¶
用途:管理 Git 版本库。
---
- name: Ensure repository is cloned
hosts: all
tasks:
- name: Clone a repository
git:
repo: 'https://github.com/example/repo.git'
dest: /var/www/repo
version: 'master'
举个例子 ¶
综合示例,演示如何使用多个核心模块来完成复杂的任务。
---
- name: Comprehensive Example
hosts: all
become: yes
tasks:
- name: Ensure a directory
file:
path: /opt/myapp
state: directory
- name: Copy configuration file
copy:
src: /path/to/local/config.cfg
dest: /opt/myapp/config.cfg
mode: '0644'
- name: Install nginx
yum:
name: nginx
state: present
- name: Start nginx service
service:
name: nginx
state: started
enabled: yes
- name: Ensure line is present in config
lineinfile:
path: /opt/myapp/config.cfg
line: 'option = value'
- name: Set up a cron job to restart nginx daily
cron:
name: "Daily nginx restart"
hour: "2"
minute: "0"
job: "/usr/bin/systemctl restart nginx"
这个 Playbook 执行了一系列任务:
- 确保一个目录存在。
- 复制一个文件到远程主机。
- 安装 nginx 包。
- 启动并启用 nginx 服务。
- 确保配置文件中存在特定的行。
- 设置一个 cron 作业来每天重启 nginx。
19. firewalld 模块 ¶
用途:管理 Firewalld 服务和规则。
---
- name: Manage Firewalld rules
hosts: all
tasks:
- name: Ensure firewalld is started
service:
name: firewalld
state: started
enabled: yes
- name: Open port 80
firewalld:
port: 80/tcp
permanent: yes
state: enabled
immediate: yes
20. docker_container 模块 ¶
用途:管理 Docker 容器。
---
- name: Manage Docker containers
hosts: all
tasks:
- name: Start a Docker container
docker_container:
name: mycontainer
image: busybox
state: started
command: sleep 1000
21. mysql_db 模块 ¶
用途:管理 MySQL 数据库。
---
- name: Manage MySQL databases
hosts: all
tasks:
- name: Create a MySQL database
mysql_db:
name: mydb
state: present
二、 举个例子 ¶
自动化任务:包管理、Git 操作、服务管理、用户管理、文件操作、调试信息输出和计划任务设置。
---
- name: Comprehensive Example with Multiple Modules
hosts: all
become: yes
tasks:
- name: Ensure necessary packages are installed
yum:
name:
- git
- nginx
state: present
- name: Clone a Git repository
git:
repo: 'https://github.com/example/app.git'
dest: /var/www/html/app
- name: Start and enable nginx service
service:
name: nginx
state: started
enabled: yes
- name: Ensure a user exists
user:
name: deploy
state: present
groups: wheel
- name: Create and manage a file
copy:
src: files/sample.conf
dest: /etc/nginx/conf.d/sample.conf
mode: '0644'
- name: Print debug message
debug:
msg: "Deployment steps completed successfully."
- name: Set up a cron job for regular updates
cron:
name: "Update Job"
minute: "0"
hour: "3"
job: "/usr/local/bin/update.sh"
用途:设置主机名。
---
- name: Set hostname
hosts: all
tasks:
- name: Set system hostname
hostname:
name: webserver01