Ansible-roles

一、roles作用

把playbook剧本里的各个play看作为角色，将各个角色的tasks任务、vars变量、templates模板、files文件等内容放置到角色的目录中统一管理，需要的时候可在playbook中直接使用roles调用，所以roles可以实现playbook代码的复用。

二、利用roles安装lnmp

ansible主机地址：192.168.111.10vim /etc/ansible/hosts
[nginx]
192.168.111.20
[mysql]
192.168.111.30
[php]
192.168.111.40

1.在roles创建角色目录

mkdir /etc/ansible/roles/nginx/{files,templates,tasks,handlers,vars,defaults,meta} -pmkdir /etc/ansible/roles/mysql/{files,templates,tasks,handlers,vars,defaults,meta} -pmkdir /etc/ansible/roles/php/{files,templates,tasks,handlers,vars,defaults,meta} -p

2.创建角色的的配置文件

touch /etc/ansible/roles/nginx/{defaults,vars,tasks,meta,handlers}/main.ymltouch /etc/ansible/roles/mysql/{defaults,vars,tasks,meta,handlers}/main.ymltouch /etc/ansible/roles/php/{defaults,vars,tasks,meta,handlers}/main.yml

3.配置nginx角色

在file目录中添加配置文件

default.conf nginx.repo index.php

在tasks目录中创建main.yaml，ini.yaml文件

vim main.yaml
- include: "init.yml"- name: copy nginx.repocopy: src=nginx.repo dest=/etc/yum.repos.d/- name: install nginxyum: name=nginx 
- name: copycopy: src=default.conf dest=/etc/nginx/conf.d/default.conf
- name: index.phpcopy: src=index.php dest=/usr/share/nginx/html
- name: start nginxservice: name=nginx state=started

vim init.yaml
- name: stop firewalldservice: name=firewalld state=stopped 
- name: stop setenforcecommand: '/usr/sbin/setenforce 0'ignore_errors: True

4.配置mysql角色

在file目录中添加配置文件

vim mysql.sh
passd=$(grep "password" /var/log/mysqld.log | awk '{print $NF}'| head -1)
mysql -uroot -p"$passd" --connect-expired-password -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'Admin@123';"
mysql -uroot -pAdmin@123 -e "grant all privileges on *.* to root@'%' identified by 'Admin@123' with grant option;"mysql-community.repo   mysql-community-source.repo

在tasks目录中配置main.yaml文件

vim main.yaml- include: "init.yml"- name: copy mysql.repocopy: src=mysql-community.repo dest=/etc/yum.repos.d/
- name: copycopy: src=mysql-community-source.repo dest=/etc/yum.repos.d/
- name: install mysql-serveryum: name=mysql-server
- name: start mysqlservice: name=mysqld.service state=started
- name: chushihua script: mysql.shignore_errors: True

5.配置php角色

在file目录中添加配置文件

vim index.php
<?php
phpinfo();
?>

在tasks目录中配置main.yaml文件

vim init.yaml- name: stop firewalldservice: name=firewalld state=stopped 
- name: stop setenforcecommand: '/usr/sbin/setenforce 0'ignore_errors: True

- include: "init.yml"- name: install php.reposhell: rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm && rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpmignore_errors: True
- name: install phpshell: yum -y install php72w php72w-cli php72w-common php72w-devel php72w-embedded php72w-gd php72w-mbstring php72w-pdo php72w-xml php72w-fpm php72w-mysqlnd php72w-opcacheignore_errors: True- name: useruser: name=php
- name: web file: name=/usr/share/nginx/html state=directory#- name: index.php#  copy: src=index.php dest=/usr/share/nginx/html/- name: modify php configuration filereplace: path=/etc/php.ini  regexp=";date.timezone ="  replace="date.timezone = Asia/Shanghai"
- name: modify username and groupname in www.confreplace: path=/etc/php-fpm.d/www.conf  regexp="apache"  replace="php"
- name: modify listen addr in www.confreplace: path=/etc/php-fpm.d/www.conf  regexp="127.0.0.1:9000"  replace="192.168.111.40:9000"
- name: modify allowed client in www.confreplace: path=/etc/php-fpm.d/www.conf  regexp="127.0.0.1"  replace="192.168.111.20"- name: start php-fpm service: name=php-fpm state=started

6.配置主文件lnmp.yaml

vim lnmp.yaml
- name: nginx playhosts: nginxremote_user: rootroles:- nginx- name: mysql playhosts: mysqlremote_user: rootroles:- mysql- name: php playhosts: phpremote_user: rootroles:- php