Content Organization

production                # inventory file for production servers

stage                     # inventory file for stage environment

group_vars/

   group1                 # here we assign variables to particular groups

   group2                 # ""

host_vars/

   hostname1              # if systems need specific variables, put them here

   hostname2              # ""

library/                  # if any custom modules, put them here (optional)

filter_plugins/           # if any custom filter plugins, put them here (optional)

site.yml                  # master playbook

webservers.yml            # playbook for webserver tier

dbservers.yml             # playbook for dbserver tier

roles/

    common/               # this hierarchy represents a "role"

        tasks/            #

            main.yml      #  <-- tasks file can include smaller files if warranted

        handlers/         #

            main.yml      #  <-- handlers file

        templates/        #  <-- files for use with the template resource

            ntp.conf.j2   #  <------- templates end in .j2

        files/            #

            bar.txt       #  <-- files for use with the copy resource

            foo.sh        #  <-- script files for use with the script resource

        vars/             #

            main.yml      #  <-- variables associated with this role

        defaults/         #

            main.yml      #  <-- default lower priority variables for this role

        meta/             #

            main.yml      #  <-- role dependencies

    webtier/              # same kind of structure as "common" was above, done for the webtier role

    monitoring/           # ""

    fooapp/               # ""

Use Dynamic Inventory With Clouds

Dynamic Inventory

How to Differentiate Stage vs Production

# file: production

[atlanta-webservers]

www-atl-1.example.com

www-atl-2.example.com

[boston-webservers]

www-bos-1.example.com

www-bos-2.example.com

[atlanta-dbservers]

db-atl-1.example.com

db-atl-2.example.com

[boston-dbservers]

db-bos-1.example.com

# webservers in all geos

[webservers:children]

atlanta-webservers

boston-webservers

# dbservers in all geos

[dbservers:children]

atlanta-dbservers

boston-dbservers

# everything in the atlanta geo

[atlanta:children]

atlanta-webservers

atlanta-dbservers

# everything in the boston geo

[boston:children]

boston-webservers

boston-dbservers

# 按主机、区域、数据中心划分

Group And Host Variables

---

# file: group_vars/atlanta

ntp: ntp-atlanta.example.com

backup: backup-atlanta.example.com

---

# file: group_vars/webservers

apacheMaxRequestsPerChild: 3000

apacheMaxClients: 900

---

# file: group_vars/all

ntp: ntp-boston.example.com

backup: backup-boston.example.com

---

# file: host_vars/db-bos-1.example.com

foo_agent_port: 86

bar_agent_port: 99

# 注意主机变量&组变量的覆盖

Top Level Playbooks Are Separated By Role

---

# file: site.yml

- include: webservers.yml

- include: dbservers.yml

---

# file: webservers.yml

- hosts: webservers

  roles:

    - common

    - webtier

ansible-playbook site.yml --limit webservers

ansible-playbook webservers.yml

Task And Handler Organization For A Role

---

# file: roles/common/tasks/main.yml

- name: be sure ntp is installed

  yum: pkg=ntp state=installed

  tags: ntp

- name: be sure ntp is configured

  template: src=ntp.conf.j2 dest=/etc/ntp.conf

  notify:

    - restart ntpd

  tags: ntp

- name: be sure ntpd is running and enabled

  service: name=ntpd state=running enabled=yes

  tags: ntp

---

# file: roles/common/handlers/main.yml

- name: restart ntpd

  service: name=ntpd state=restarted

What This Organization Enables (Examples)

ansible-playbook -i production site.yml

ansible-playbook -i production site.yml --tags ntp

ansible-playbook -i production webservers.yml

ansible-playbook -i production webservers.yml --limit boston

ansible-playbook -i production webservers.yml --limit boston[0-10]

ansible-playbook -i production webservers.yml --limit boston[10-20]

ansible boston -i production -m ping

ansible boston -i production -m command -a '/sbin/reboot'

# confirm what task names would be run if I ran this command and said "just ntp tasks"

ansible-playbook -i production webservers.yml --tags ntp --list-tasks

# confirm what hostnames might be communicated with if I said "limit to boston"

ansible-playbook -i production webservers.yml --limit boston --list-hosts

Deployment vs Configuration Organization

Stage(test) vs Production

Rolling Updates

Delegation, Rolling Updates, and Local Actions.

Always Mention The State

Group By Roles

Operating System and Distribution Variance

ansible使用8-Best Practices的更多相关文章

  1. Ansible自动化运维笔记1(安装配置)

    1.Ansible的安装 pip install ansible==1.9.1 ansible1.9.1版本依赖的软件有 Python2.6以上版本 paramiko模块 PyYAML Jinja2 ...

  2. 如何利用ansible callback插件对执行结果进行解析

    最近在写一个批量巡检工具,利用ansible将脚本推到各个机器上执行,然后将执行的结果以json格式返回来. 如下所示: # ansible node2 -m script -a /root/pyth ...

  3. 《Ansible权威指南》笔记(2)——Inventory配置

    四.Inventory配置ansible通过Inventory来定义主机和组,使用时通过-i指定读取,默认/etc/ansible/hosts.可以存在多个Inventory,支持动态生成.1.定义主 ...

  4. useful Ansible commands

    This article includes some useful Ansible commands. I will try to write blogs by English. You may wa ...

  5. 《Ansible权威指南》笔记(4)——Playbook

    七.Playbook1.语法特性如下:(1)"---"首行顶格开始(2)#号注释(3)缩进统一,不同的缩进代表不同的级别,缩进要对齐,空格和tab不能混用(4)区别大小写,键值对k ...

  6. 《Ansible权威指南》笔记(3)——Ad-Hoc命令集,常用模块

    五.Ad-Hoc命令集1.Ad-Hoc命令集通过/usr/bin/ansible命令实现:ansible <host-pattern> [options]    -v,--verbose  ...

  7. 《Ansible权威指南》笔记(1)——安装,ssh密钥登陆,命令

    2016-12-23 读这本<Ansible权威指南>学习ansible,根据本书内容和网上的各种文档,以及经过自己测试,写出以下笔记.另,这本书内容很好,但印刷错误比较多,作者说第二版会 ...

  8. 自动化运维工具ansible部署以及使用

    测试环境master 192.168.16.74webserver1 192.168.16.70webserver2 192.168.16.72安装ansiblerpm -Uvh http://ftp ...

  9. Ansible Ubuntu 安装部署

    一.安装: $ sudo apt-get install ansible 二.配置: a.基本配置 $ cd /etc/ansible/ $ sudo cp hosts hosts_back 备份一个 ...

随机推荐

  1. linux中脚本权限问题以及win下使用telnet测试linux端口

    一个脚本叫up,执行脚本报错如下: -bash: ./up: Permission denied 解决: chmod +rx up 在执行,OK了. /************************ ...

  2. centos yum命令找不到包

    https://blog.csdn.net/joe_le/article/details/80107832 yum  install epel-release  //扩展包更新包 yum  updat ...

  3. 钉钉jsapi免登获取code中,出现对应企业没有某域名微应用

    在使用jsapi中.出现 {"errorMessage":"对应企业没有某域名微应用",:"errorCode":"3" ...

  4. node.js 设置 淘宝 镜像

    npm config set registry "https://registry.npm.taobao.org" npm info underscore (如果上面配置正确这个命 ...

  5. ssh-keygen生成公私钥免密码登录远程服务器

    1.终端输入命令:ssh-keygen -t rsa ssh-keygen命令专门是用来生成密钥的.该命令有很多选项,这里列出了最基本的四个: -t 用来指定密钥类型(dsa | ecdsa | ed ...

  6. git 工作中常用命令

    git 命令: git  init  : 初始化 git  add .  :添加所有文件 git  status  :查看状态 若果是第一次会提示你输入你的 邮箱 和姓名: git  commit  ...

  7. Django之auth模块(用户认证)登陆组件

    auth模块简介 auth模块是对登录认证方法的一种封装,之前我们获取用户输入的用户名及密码后需要自己从user表里查询有没有用户名和密码符合的对象, 而有了auth模块之后就可以很轻松的去验证用户的 ...

  8. 服务器报nginx: [warn] conflicting server name "blog.xueyi.com" on 0.0.0.0:80, ignored

    nginx: [warn] conflicting server name "blog.xueyi.com" on 0.0.0.0:80, ignored 修改nginx配置参数后 ...

  9. 阿里插件检查 lombok报错---方法缺少 '@Override' 注解

    问题: Eclipse里,阿里编码规约插件扫描代码出现,但是idea却没有. 解决: 将以上注解改成 @Setter @Getter @NoArgsConstructor @AllArgsConstr ...

  10. 14-----BBS论坛

    BBS论坛(十四) 14.1注册完成跳到上一个页面 (1)front/form.py # front/forms.py __author__ = 'derek' from ..forms import ...