Ansible Playbook 入门:YAML 语法与实操步骤
一、YAML基础语法
1. 基本规则
- 文件标识 :可选以
---开头(声明YAML文件),...结尾。 - 注释 :用
#标记,从#到行尾为注释。 - 字符串 :默认无需引号,含特殊字符(空格、冒号等)需用
'或"包裹。 - 布尔值 :
- 模块参数(如
yum的update_cache):支持yes/no/1/0/true/false(Ansible解析为字符串)。 - 非模块参数(如变量):遵循YAML规范,支持
True/False/yes/no/on/off(不区分大小写)。
- 模块参数(如
2. 核心数据结构
-
字典(键值对):
-
普通格式:
键: 值(冒号后必须跟空格)。yamlweb: server: nginx port: 80 -
内嵌块格式:
{键1: 值1, 键2: 值2}。yamldb: {name: mysql, port: 3306}
-
-
列表(数组):
-
普通格式:
- 元素(短横线+空格前缀)。yamlapps: - nginx - mysql -
内嵌块格式:
[元素1, 元素2]。yamlhosts: [web01, web02]
-
-
嵌套结构:通过缩进(建议2个空格)表示层级,支持字典与列表嵌套。
yamlservers: - name: web01 ip: 192.168.1.10 services: [nginx, php-fpm]
二、Ansible Playbook结构
1. 核心要素
每个Playbook由一个或多个play组成,每个play包含:
-
hosts:目标主机/组(来自inventory)。 -
tasks:任务列表(按顺序执行,所有主机完成当前任务后再执行下一个)。示例:
yaml--- - name: 部署nginx # play名称(可选) hosts: webservers # 目标主机组 remote_user: root # 远程执行用户 tasks: - name: 安装nginx # 任务1 yum: name: nginx state: present # 确保安装 - name: 启动nginx # 任务2 service: name: nginx state: started # 启动服务
2. 常用扩展字段
-
vars :定义变量(用
{``{ 变量名 }}引用)。yamlvars: pkg_name: nginx tasks: - name: 安装{{ pkg_name }} yum: name={{ pkg_name }} -
handlers:触发器(仅在任务发生变化时执行,如配置更新后重启服务)。
yamltasks: - name: 复制nginx配置 copy: src: /local/nginx.conf dest: /etc/nginx/nginx.conf notify: restart nginx # 触发handler handlers: - name: restart nginx # 与notify名称匹配 service: name=nginx state=restarted
三、Playbook使用技巧
1. 执行命令
bash
ansible-playbook playbook.yml # 直接执行
ansible-playbook -C playbook.yml # 测试执行(不实际修改)
ansible-playbook --list-hosts playbook.yml # 查看目标主机2. Tags标签管理
-
打标签 :用
tags字段,一个任务可多个标签。yamltasks: - name: intall nginx yum: name=nginx tags: [l1,l2] -
执行指定标签 :
-t 标签1,标签2。bashansible-playbook -t l1 playbook.yml # 仅执行install标签任务 -
特殊标签:
always:必执行(无论是否指定)。never:默认不执行(需显式指定-t never)。tagged:仅执行带标签任务(-t tagged)。untagged:仅执行不带标签任务(含always)。all:执行所有任务(默认)。
-
查看标签:
bashansible-playbook --list-tags playbook.yml
通过以上内容,可快速掌握YAML语法及Ansible Playbook的编写与使用核心要点。
练习题
使用ansible的playbook完成以下操作
node1 属于 test01 主机组
node2 属于 test02 主机组
node3 和 node4 属于 web 主机组
node5 属于 test05 主机组
web 组属于 webtest 主机组
1、对node1主机操作,安装httpd服务,网页存放在/www目录中,能够通过curl http://node1访问到网页内容为welcome to luoqi
yaml
[student@master ansible]$ vim node1web.yml
---
- name: luoqiweb
hosts: node1
tasks:
- name: repo1
yum_repository:
name: aa
description: aa1
baseurl: http://ansible.example.com/rhel9/BaseOS
enabled: yes
gpgcheck: no
- name: repo2
yum_repository:
name: bb
description: bb1
baseurl: http://ansible.example.com/rhel9/AppStream
enabled: yes
gpgcheck: no
- name: install http
yum:
name: httpd
state: present
- name: create /www
file:
state: directory
path: /www
mode: 0777
- name: create index.html
copy:
content: "welcome to luoqi \n"
dest: /www/index.html
- name: set http.cf1
replace:
path: /etc/httpd/conf/httpd.conf
regexp: DocumentRoot "/var/www/html"
replace: DocumentRoot "/www"
- name: set http.cf2
replace:
path: /etc/httpd/conf/httpd.conf
regexp: <Directory "/var/www">
replace: <Directory "/www">
- name: set firwalld
firewalld:
port: 80/tcp
permanent: yes
state: enabled
immediate: yes
- name: set sefcontext
sefcontext:
target: /www(/.*)?
setype: httpd_sys_content_t
state: present
- name: restorecon
shell:
cmd: restorecon -Rv /www/index.html
- name: restart http
service:
name: httpd
state: restarted
enabled: yes
[student@master ansible]$ ansible-playbook node1web.yml
[student@master ansible]$ curl http://node1
welcome to luoqi 2、对node2主机操作,创建一个1000MiB的分区,格式化成ext4的文件系统,并挂载到/testdir目录下。
使用ansible node2 -m shell -a 'df -Th'验证
yaml
[student@master ansible]$ vim node2parted.yml
---
- name: node2parted
hosts: node2
tasks:
- name: create parted
parted:
device: /dev/vdb
number: 1
part_type: primary
part_start: 10MiB
part_end: 1010MiB
state: present
- name: filesystemext4
filesystem:
dev: /dev/vdb1
fstype: ext4
- name: mount
mount:
src: /dev/vdb1
path: /testdir
fstype: ext4
state: mounted
[student@master ansible]$ ansible-playbook node2parted.yml
[student@master ansible]$ ansible node2 -m shell -a 'df -Th'
node2 | CHANGED | rc=0 >>
Filesystem Type Size Used Avail Use% Mounted on
devtmpfs devtmpfs 4.0M 0 4.0M 0% /dev
tmpfs tmpfs 733M 0 733M 0% /dev/shm
tmpfs tmpfs 294M 4.3M 289M 2% /run
/dev/vda3 xfs 17G 1.2G 16G 7% /
/dev/vda1 xfs 1014M 182M 833M 18% /boot
tmpfs tmpfs 147M 0 147M 0% /run/user/1000
/dev/vdb1 ext4 966M 24K 900M 1% /testdir3、对node3主机操作创建卷组datastorage,逻辑卷database,大小为800M,格式化为xfs的文件系统,并挂载到/lv目录下
使用ansible node3 -m shell -a 'df -Th'验证
yaml
[student@master ansible]$ vim node3lvm.yml
---
- name: node3lvm
hosts: node3
tasks:
- name: install lvm2
yum:
name: lvm2
state: present
- name: create parted
parted:
device: /dev/vdb
state: present
number: 1
part_type: primary
part_start: 10MiB
part_end: 1010MiB
- name: create vg
lvg:
vg: datastorage
pvs: /dev/vdb1
- name: create lvm
lvol:
vg: datastorage
lv: database
size: 800M
state: present
- name: filesystem xfs
filesystem:
fstype: xfs
dev: /dev/datastorage/database
- name: mount lv
mount:
src: /dev/datastorage/database
path: /lv
fstype: xfs
state: mounted
[student@master ansible]$ ansible-playbook node3lvm.yml
[student@master ansible]$ ansible node3 -m shell -a 'df -Th'
node3 | CHANGED | rc=0 >>
Filesystem Type Size Used Avail Use% Mounted on
devtmpfs devtmpfs 4.0M 0 4.0M 0% /dev
tmpfs tmpfs 733M 0 733M 0% /dev/shm
tmpfs tmpfs 294M 4.3M 289M 2% /run
/dev/vda3 xfs 17G 1.2G 16G 8% /
/dev/vda1 xfs 1014M 182M 833M 18% /boot
tmpfs tmpfs 147M 0 147M 0% /run/user/1000
/dev/mapper/datastorage-database xfs 794M 38M 757M 5% /lv4、创建名为/home/student/ansible/tools.yml 的 playbook,能够实现以下目的:
1)将 php 和 tftp 软件包安装到 test01、test02 和 web 主机组中的主机上
2)将 RPM Development Tools 软件包组安装到 test01 主机组中的主机上
3)将 test01 主机组中的主机上所有软件包升级到最新版本
yaml
[student@master ansible]$ vim tools.yml
---
- name: tools
hosts: test01,test02,web
tasks:
- name: install php tftp
yum:
name: php,tftp
state: present
- name: install RPM Development Tools
yum:
name: "@RPM Development Tools"
state: present
- name: update
yum:
name: '*'
state: latest
[student@master ansible]$ ansible-playbook tools.yml5、编写剧本/home/student/ansible/jihua.yml
1)在 test02 组中的被管理主机运行
2)为用户 student 创建计划任务: student 用户每隔 5 分钟执行 echo "hello tarena"
yaml
[student@master ansible]$ vim jihua.yml
---
- name: jihua
hosts: test02
tasks:
- name: cron
cron:
name: 111
user: student
minute: " */5"
job: echo "hello tarena"
[student@master ansible]$ ansible-playbook jihua.yml 6、创建剧本/home/student/ansible/webdev.yml,满足下列要求:
1)在 test01 主机组运行
2)创建目录/webdev,属于 webdev 组,权限为 rwxrwxr-x,具有 SetGID 特殊权限
3)使用符号链接/var/www/html/webdev 链接到/webdev 目录
4)创建文件/webdev/index.html,内容是 It's works!
5)查看 test01 主机组的 web 页面 http://node1/webdev/将显示 It's works!
yaml
[student@master ansible]$ vim webdev.yml
---
- name: webdev
hosts: test01
tasks:
- name: groupadd
group:
name: webdev
state: present
- name: create /webdev
file:
path: /webdev
mode: '2775'
group: webdev
state: directory
- name: ln /webdev
file:
src: /webdev
dest: /var/www/html/webdev
state: link
- name: create index.html
copy:
content: It's works!
dest: /webdev/index.html
- name: restart http
service:
name: httpd
state: restarted
enabled: yes
- name: set firewalld
firewalld:
port: 80/tcp
permanent: yes
state: enabled
immediate: yes
- name: set sefcontext
sefcontext:
target: /webdev(/.*)?
setype: httpd_sys_content_t
state: present
- name: restorecon
shell:
cmd: restorecon -Rv /webdev/index.html
[student@master ansible]$ ansible-playbook webdev.yml
[student@master ansible]$ curl http://node1/webdev/
It's works!