Ansible自动化运维入门
Ansible自动化运维入门
什么是Ansible
Ansible是一个无代理的自动化工具,通过SSH协议管理远程主机,实现配置管理、应用部署和任务自动化。
核心特点
- 无代理:不需要在被管理节点安装客户端
- 简单:使用YAML编写Playbook
- 强大:支持复杂的工作流
- 安全:通过SSH传输,支持Ansible Vault加密
安装Ansible
# 使用pip安装
pip install ansible
# Ubuntu/Debian
sudo apt-get install ansible
# 验证安装
ansible --version
Inventory
静态Inventory
# /etc/ansible/hosts 或 inventory.ini
[webservers]
web1 ansible_host=192.168.1.10
web2 ansible_host=192.168.1.11
[dbservers]
db1 ansible_host=192.168.1.20
[production:children]
webservers
dbservers
YAML Inventory
# inventory.yml
all:
children:
webservers:
hosts:
web1:
ansible_host: 192.168.1.10
web2:
ansible_host: 192.168.1.11
dbservers:
hosts:
db1:
ansible_host: 192.168.1.20
Ad-hoc命令
# 测试连接
ansible all -m ping
# 执行命令
ansible webservers -m shell -a "uptime"
# 复制文件
ansible webservers -m copy -a "src=/local/file dest=/remote/file"
# 安装包
ansible webservers -m apt -a "name=nginx state=present" --become
# 服务管理
ansible webservers -m service -a "name=nginx state=started" --become
Playbook
基本结构
# deploy.yml
---
- name: Deploy web application
hosts: webservers
become: yes
vars:
app_name: myapp
app_port: 8080
tasks:
- name: Install dependencies
apt:
name:
- nginx
- python3
- python3-pip
state: present
update_cache: yes
- name: Copy nginx config
template:
src: templates/nginx.conf.j2
dest: /etc/nginx/sites-available/default
notify: Restart nginx
- name: Copy application
copy:
src: app/
dest: /opt/myapp/
owner: www-data
group: www-data
mode: '0644'
- name: Start nginx
service:
name: nginx
state: started
enabled: yes
handlers:
- name: Restart nginx
service:
name: nginx
state: restarted
执行Playbook
# 执行playbook
ansible-playbook deploy.yml
# 检查模式(dry run)
ansible-playbook deploy.yml --check
# 指定inventory
ansible-playbook -i inventory.yml deploy.yml
# 限制主机
ansible-playbook deploy.yml --limit webservers
Role
目录结构
roles/
nginx/
tasks/
main.yml
handlers/
main.yml
templates/
nginx.conf.j2
files/
vars/
main.yml
defaults/
main.yml
使用Role
# site.yml
---
- hosts: webservers
become: yes
roles:
- nginx
- myapp
变量优先级
角色默认变量 < inventory变量 < playbook vars < extra vars
实践:部署Nginx
# deploy-nginx.yml
---
- name: Deploy Nginx
hosts: webservers
become: yes
vars:
nginx_port: 80
server_name: example.com
tasks:
- name: Install Nginx
apt:
name: nginx
state: present
update_cache: yes
- name: Create nginx config
template:
src: nginx.conf.j2
dest: /etc/nginx/sites-available/default
notify: Restart nginx
- name: Enable site
file:
src: /etc/nginx/sites-available/default
dest: /etc/nginx/sites-enabled/default
state: link
- name: Start Nginx
service:
name: nginx
state: started
enabled: yes
handlers:
- name: Restart nginx
service:
name: nginx
state: restarted
ansible-playbook deploy-nginx.yml
总结
Ansible是DevOps工程师的重要工具。通过Playbook和Role,可以实现基础设施即代码,提高运维效率和一致性。