Ansible process control+actual combat (optimization)
playbook conditional statement
Whether it is shell or major programming languages, process control and condition judgment are essential. In the process of using Ansible, condition judgment is used very frequently. For example:
1. When we use different systems, we can install the software package by judging the system.
2. During the installation of nfs and rsync, the client server does not need to push configuration files. Previously, we wrote multiple play s, which will affect efficiency.
3. When we install nginx in the source code, we cannot execute it the second time. At this time, we can judge whether it has been installed.
Official writing
- hosts: web_group
tasks:
- name: Install CentOS Httpd
yum:
name: httpd
state: present
#official
when: ansible_facts['os_family'] == "CentOS"
#unofficial
when: ansible_distribution == "CentOS"
- name: Install Ubuntu Httpd
yum:
name: apache2
state: present
when: ansible_facts['os_family'] == "Ubuntu"
Judgment grouping
tasks:
- name: "shut down CentOS 6 and Debian 7 systems"
command: /sbin/shutdown -t now
when: (ansible_facts['distribution'] == "CentOS" and ansible_facts['distribution_major_version'] == "6") or
(ansible_facts['distribution'] == "Debian" and ansible_facts['distribution_major_version'] == "7")
List for judging multiple conditions
tasks:
- name: "shut down CentOS 6 systems"
command: /sbin/shutdown -t now
when:
- ansible_facts['distribution'] == "CentOS"
- ansible_facts['distribution_major_version'] == "6"
Conditional operation
tasks:
- shell: echo "only on Red Hat 6, derivatives, and later"
when: ansible_facts['os_family'] == "RedHat" and ansible_facts['lsb']['major_release']|int >= 6
Fuzzy matching
- hosts: web_group
tasks:
- name: SCP Backup Shell
copy:
src: ./backup.sh
dest: /root/backup.sh
when: ansible_hostname is match "web*"
Small exercise (pushing configuration files to the rsync server)
- hosts: all
tasks:
- name: Install Rsyncd Server
yum:
name: rsync
state: present
when: ansible_hostname == "backup" or ansible_hostname == "nfs"
- name: Configure Rsync Conf
copy:
src: /root/rsyncd/rsyncd.conf
dest: /etc/rsyncd.conf
when: ansible_hostname == "backup"
- name: Create Rsync Password File
copy:
content: abc:123
dest: /etc/rsync.passwd
mode: 0600
when: ansible_hostname == "backup"
- name: Create backup Directory
file:
path: /backup
state: directory
when: ansible_hostname == "backup"
- name: Create nfs Password File
copy:
content: 123
dest: /etc/rsync.passwd
mode: 0600
when: ansible_hostname == "nfs"
- name: Start Rsync Server
service:
name: rsyncd
state: restarted
enabled: yes
when: ansible_hostname == "backup"
Register variables through register, and then judge through the when statement
- hosts: web_group
tasks:
- name: Check Httpd Server
command: systemctl is-active httpd
ignore_errors: yes
register: check_httpd
- name: debug outprint
debug: var=check_httpd
- name: Httpd Restart
service:
name: httpd
state: restarted
when: check_httpd.rc == 0
playbook Loop Statement
In the previous learning process, we often transfer files and create directories. To create two directories, we need to write two file modules. If we want to create 100 directories, we need to write 100 file modules? Cyclic statements can reduce repetitive code here.
Circular syntax
# Start multiple services
- hosts: all
tasks:
- name: Start multi Server
service:
name: "{{ item }}"
state: started
when: aisible_hostname == "web*"
with_items:
- nginx
- php-fpm
Dictionary loop
# Batch Create Users
- hosts: all
tasks:
- name: Create Group
group:
name: "{{ item }}"
with_items:
- group01
- group02
- name: Create User
user:
name: "{{ item.name }}"
group: "{{ item.group }}"
with_items:
- {name: "user01",group: "group01"}
- {name: "user02",group: "group02"}
# Push Profile
- hosts: all
tasks:
- name: Push All Conf
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ item.owner }}"
group: "{{ item.group }}"
mode: "{{ item.mode }}"
with_items:
- {src: "/root/rsyncd/rsyncd.conf",dest: "/etc/rsyncd.conf",owner: "root",group: "root",mode: "0644"}
- {src: "/root/web/nginx.conf",dest: "/etc/nginx/nginx.conf",owner: "root",group: "root",mode: "0644"}
- {src: "/root/web/blog.abc.com.conf",dest: "/etc/nginx/conf.d/blog.abc.com.conf",owner: "root",group: "root",mode: "0644"}
playbook handlers
What are handlers
The handler is used to perform tasks under certain conditions. For example, when the configuration file changes, trigger the handler through notify to restart the service. There are similar triggers in saltstack. The writing method is simpler than Ansible. You only need to watch and configure files.
- hosts: web_group
tasks:
- name: Install Nginx Server
yum:
name: nginx
state: present
- name: Push Nginx Conf
copy:
src: /root/web/nginx.conf
dest: /etc/nginx/nginx.conf
- name: Push Vhost Conf
copy:
src: /root/web/blog.abc.com.conf
dest: /etc/nginx/conf.d/blog.abc.com.conf
notify: Restart Nginx Server
handlers:
- name: Restart Nginx Server
service:
name: nginx
state: restarted
Enforce handlers
When the task fails to execute, the playbook will not continue to execute, including if the handler is set in the task, but we can take mandatory measures.
- hosts: web_group
force_handlers: yes
tasks:
- name: Install Nginx Server
yum:
name: nginx
state: present
- name: Push Nginx Conf
copy:
src: /root/web/nginx.conf
dest: /etc/nginx/nginx.conf
- name: Push Vhost Conf
copy:
src: /root/web/blog.abc.com.conf
dest: /etc/nginx/conf.d/blog.abc.com.conf
notify: Restart Nginx Server
handlers:
- name: Restart Nginx Server
service:
name: nginx
state: restarted
be careful:
1. No matter how many tasks notify the same handlers, handlers will only run once after all tasks are completed.
2.Handlers can only be run when their tasks are executed; If a task defines notify to call Handlers, but the task is not executed due to condition judgment and other reasons, the Handlers will not be executed.
3.Handlers will only run once at the end of each play; If you want to run Handlers in the middle of a playbook, you need to use the meta module. For example: - meta: flush_handlers.
4. If a play fails before running to the statement calling Handlers, the Handlers will not be executed. We can use the -- force handlers option of the meta module to force the execution of Handlers, even if the play where the Handlers are located fails to run midway.
5. handlers cannot be used to replace tasks
plabybook tags
Task Label
By default, when Ansible executes a playbook, it will execute all the tasks defined in the playbook. The tag function of Ansible can label individual tasks or even the entire playbook, and then use these tags to specify whether to run the specified tasks in the playbook or not.
Labeling method
1. Label a task
2. Multiple tags for one task
3. Mark one tag for multiple task s
How to use the label after typing
-t: Execute the specified tag task
--Skip tags: execute tag tasks other than -- skip tags
- hosts: all
tasks:
- name: Push All Conf
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ item.owner }}"
group: "{{ item.group }}"
mode: "{{ item.mode }}"
with_items:
- {src: "/root/web/www.conf",dest: "/etc/php-fpm.d/www.conf",owner: "root",group: "root",mode: "0644"}
- {src: "/root/web/nginx.conf",dest: "/etc/nginx/nginx.conf",owner: "root",group: "root",mode: "0644"}
- {src: "/root/web/blog.abc.com.conf",dest: "/etc/nginx/conf.d/blog.abc.com.conf",owner: "root",group: "root",mode: "0644"}
tags:
- manager_nginx_server
- manager_php_server
notify:
- Reload Nginx Server
- Restart php Server
when: ansible_hostname is match 'web*'
handlers:
- name: Reload Nginx Server
service:
name: nginx
state: reloaded
- name: Restart php Server
service:
name: php-fpm
state: restarted
[root@m01 m01]# ansible-playbook tag.yml -t manager_nginx_server
[root@m01 m01]# ansible-playbook tag.yml -t manager_php_server
### As long as one tag is executed, the entire handlers will be triggered
playbook include
In the previous process of writing playbooks, we found that writing multiple playbooks can't be executed with one click. In this way, we have to execute a single playbook one by one, which is very tedious. Therefore, there is a function in Playbook called include, which is used to dynamically call the task list.
Call the entire task file: include_tasks (new version: import_playbook)
In saltstack, it is called top file entry file.
Plan directory structure
[root@m01 ~]# mkdir /ansible [root@m01 ~]# cd /ansible [root@m01 /ansible]# mkdir mariadb rsync nfs nginx php sersync host_vars group_vars wordpress
Script reuse
[root@m01 /ansible]# cat test.yml
- hosts: all
tasks:
- include_tasks: ./user.yml
- include_tasks: rsync/install_rsync.yml
- include_tasks: rsync/config_rsync.yml
- include_tasks: rsync/start_rsync.yml
handlers:
- name: Restart Rsync Server
service:
name: rsync
state: restarte
playbook error handling
Ignore errors
By default, playbook will detect the return status of task execution. If an error is encountered, it will immediately terminate the execution of playbook. However, sometimes playbook will continue to execute even if the execution error occurs. Add parameter: ignore_errors:yes Ignore errors
- hosts: web_group
gather_facts: no
tasks:
- name: judge php
shell: 'rpm -qa|grep php'
register: judge_php
ignore_errors: yes
- name: Install php
shell: 'rpm -Uvh /tmp/*.rpm'
when: judge_php.rc != 0 # 0 represents installed
Suppress changed
- hosts: web_group
gather_facts: no
tasks:
- name: check nginx
shell: '/sbin/nginx -t'
register: check_nginx
changed_when:
- check_nginx.stderr_lines.0.find('ok')
- false
Actual combat (optimization)
Environmental preparation
| host name | Internet IP | Intranet IP | role | Deployment Services |
|---|---|---|---|---|
| m01 | 10.0.0.61 | 172.16.1.61 | ansible management terminal | ansible |
| backup | 10.0.0.41 | 172.16.1.41 | ansible managed end | rsync,nfs |
| nfs | 10.0.0.31 | 172.16.1.31 | ansible managed end | rsync,nfs,sersync |
| web01 | 10.0.0.7 | 172.16.1.7 | ansible managed end, nfs client | nginx,nfs,WordPress |
| web01 | 10.0.0.8 | 172.16.1.8 | ansible managed end, nfs client | nginx,nfs,WordPress |
| db01 | 10.0.0.51 | 172.16.1.51 | Managed end, database | mariadb |
prepare
Installing Ansible
# 1. Install Ansible [root@m01 ~]# yum install -y ansible # 2. Modify Ansible configuration file [root@m01 ~]# vim /etc/ansible/ansible.cfg host_key_checking = False # Put the front#Remove the comment and skip checking the host fingerprint log_path = /var/log/ansible.log # Put the front#Remove the comment and open the log file # 3. Create host list [root@m01 ~]# vim /etc/ansible/hosts [web_group] web01 ansible_ssh_host=172.16.1.7 web02 ansible_ssh_host=172.16.1.8 [nfs_group] nfs ansible_ssh_host=172.16.1.31 [bakcup_group] backup ansible_ssh_host=172.16.1.41 [db_group] db01 ansible_ssh_host=172.16.1.51
Issue secret key through script
# 1. Create a secret key pair
[root@m01 ~]# ssh-keygen
# 2. Script
[root@m01 ~]# vim ssh_key.sh
#!/bin/bash
. /etc/init.d/functions
ip='5 6 7 8 9 31 41 51 71'
passwd=1
for n in $ip;do
ping -c 1 172.16.1.$n &>/dev/null
if [ $? -eq 0 ];then
sshpass -p $passwd ssh-copy-id -i ~/.ssh/id_rsa.pub 172.16.1.$n &>/dev/null
if [ $? -eq 0 ];then
action "172.16.1.$n ssh-key" /bin/true
else
action "172.16.1.$n ssh-key" /bin/false
fi
fi
done
# 3. Execute script
[root@m01 ~]# sh ssh_key.sh
Plan directory structure
[root@m01 ~]# mkdir /ansible [root@m01 ~]# cd /ansible [root@m01 /ansible]# mkdir mariadb rsync nfs nginx php sersync host_vars group_vars wordpress [root@m01 /ansible]# ll total 12 drwxr-xr-x 2 root root 22 Aug 17 15:02 base drwxr-xr-x 2 root root 75 Aug 16 18:45 group_vars drwxr-xr-x 2 root root 57 Aug 16 18:15 host_vars drwxr-xr-x 2 root root 84 Aug 16 21:21 mariadb drwxr-xr-x 2 root root 72 Aug 16 21:10 nfs drwxr-xr-x 2 root root 121 Aug 16 21:32 nginx drwxr-xr-x 2 root root 103 Aug 16 21:44 php drwxr-xr-x 2 root root 97 Aug 16 21:06 rsync drwxr-xr-x 2 root root 127 Aug 16 21:12 sersync -rw-r--r-- 1 root root 1247 Aug 17 15:02 task.yml drwxr-xr-x 2 root root 84 Aug 16 21:51 wordpress
Prepare configuration file
# 1.nginx configuration file
[root@m01 /ansible/nginx]# vim nginx.conf
user {{ name }};
......
http {
......
client_max_body_size 1024m;
......
}
[root@m01 /ansible/nginx]# vim blog.abc.com.conf
server {
listen 80;
server_name blog.abc.com;
root /code/wordpress;
location / {
index index.php;
}
location ~ \.php$ {
fastcgi_pass unix:/dev/shm/php71w.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
}
# 2. php fpm configuration file (www.conf)
[root@m01 /ansible/php]# vim www.conf
user = www
group = www
listen = unix:/dev/shm/php71w.sock
# 3.rsync configuration file
[root@m01 /ansible/rsync]# vim rsyncd.conf
uid = {{ name }}
gid = {{ name }}
port = 873
fake super = yes
use chroot = no
max connections = 200
ignore errors
read only = false
list = false
auth users = {{ rsync_user }}
secrets file = {{ rsync_passwd_file }}
log file = /var/log/rsyncd.log
[{{ backup_dir }}]
comment = welcome to Linux
path = /{{ backup_dir }}/web_data
# 4.sersync startup script
[root@m01 /ansible/sersync]# vim sersyncd.service
[Unit]
# describe
Description=This is sersync start service
# describe
After=xxxxxxxxxxxxxxxxxxxxxxxxxx
[Service]
# Background running
Type=forking
ExecStart=/app/GNU-Linux-x86/sersync2 -rdo /app/GNU-Linux-x86/confxml.xml
ExecStop=kill -3 `ps -ef|grep [s]ersync|awk '{print $2}'`
ExecReload=kill -1 `ps -ef|grep [s]ersync|awk '{print $2}'`
PrivateTmp=true
[Install]
WantedBy=multi-user.target
# 5. Prepare the php installation package and wordpress installation package
[root@m01 /ansible/php]# ll
total 19236
-rw-r--r-- 1 root root 19674604 Aug 16 17:55 php.tgz
[root@m01 /ansible/wordpress]# ll
total 16048
-rw-r--r-- 1 root root 16429648 Aug 16 17:57 wordpress.tgz
# 6.sersync installation package (modify the configuration file)
[root@m01 /ansible/sersync]# ll
-rw-r--r-- 1 root root 376 Aug 13 10:18 sersyncd.service
-rw-r--r-- 1 root root 727285 Aug 11 22:48 sersync.tgz
Start (write playbook)
Define variables
[root@m01 /ansible/group_vars]# vim all name: www id: 666 backup_dir: backup data_dir: data nfs_ip: 172.16.1.0/24 install_sersync_dir: app rsync_passwd_file: /etc/rsync.passwd rsync_user: abc rsync_passwd: 123
base project (basic optimization)
[root@m01 /ansible/base]# cat base.yml
- name: Stop Firewalld Server
service:
name: firewalld
state: stopped
- name: Disabled Selinux
selinux:
state: disabled
- name: Create {{ name }} Group
group:
name: "{{ name }}"
gid: "{{ id }}"
with_items: www
- name: Create {{ name }} User
user:
name: "{{ name }}"
uid: "{{ id }}"
group: "{{ id }}"
shell: /sbin/nologin
create_home: no
- name: File Limits
pam_limits:
domain: '*'
limit_type: '-'
limit_item: nofile
value: '65535'
mariadb project
# Install mariadb
[root@m01 /ansible/mariadb]# vim install_mariadb.yml
- name: Install Mariadb Server
yum:
name:
- mariadb-server
- MySQL-python
state: present
when: ansible_hostname == "db01"
# Start mariadb
[root@m01 /ansible/mariadb]# vim start_mariadb.yml
- name: Start Mariadb Server
service:
name: mariadb
state: started
enabled: yes
when: ansible_hostname == "db01"
# Create database and user
[root@m01 /ansible/mariadb]# vim config_mariadb.yml
- name: Create wordpress Database
mysql_db:
name: "{{ item.name }}"
state: present
encoding: utf8
with_items:
- {name: "wordpress"}
- {name: "zh"}
when: ansible_hostname == "db01"
- name: Create wordpress User
mysql_user:
name: "{{ item.name }}"
state: present
priv: "{{ item.priv }}"
host: "{{item.host }}"
password: "{{ item.password }}"
with_items:
- {name: "wordpress",priv: "*.*:ALL",host: "172.16.1.%",password: "123"}
when: ansible_hostname == "db01"
rsync project
# Install rsync
[root@m01 /ansible/rsync]# vim install_rsync.yml
- name: Install Rsync Server
yum:
name: rsync
state: present
when: ansible_hostname == "backup" or ansible_hostname == "nfs"
# Configure rsync
[root@m01 /ansible/rsync]# vim config_rsync.yml
- name: Push Rsync Conf
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- {src: "/ansible/rsync/rsyncd.conf",dest: "/etc/rsyncd.conf"}
notify: restart rsync
when: ansible_hostname == "backup"
- name: Create Rsync Password File
copy:
content: abc:123
dest: "{{ rsync_passwd_file }}"
owner: root
group: root
mode: 0600
when: ansible_hostname == "backup"
- name: Create {{ backup_dir }} Directory
file:
path: /{{ backup_dir }}/web_data
state: directory
owner: "{{ name }}"
group: "{{ name }}"
when: ansible_hostname == "backup"
# Start rsync
[root@m01 /ansible/rsync]# vim start_rsync.yml
- name: Start Rsync Server
service:
name: rsyncd
state: started
enabled: yes
when: ansible_hostname == "backup"
nfs project
# Install nfs
[root@m01 /ansible/nfs]# vim install_nfs.yml
- name: Install nfs Server
yum:
name: nfs-utils
state: present
when: ansible_hostname == "backup" or ansible_hostname == "nfs" or ansible_hostname == "web01" or ansible_hostname == "web02"
# Configure nfs
[root@m01 /ansible/nfs]# vim config_nfs.yml
- name: Config nfs Conf
copy:
content: /{{ data_dir }}/web_data {{ nfs_ip }}(rw,sync,all_squash,anonuid={{ id }},anongid={{ id }})
dest: /etc/exports
notify: restart nfs
when: ansible_hostname == "nfs" or ansible_hostname == 'backup'
- name: Creat Share Directory
file:
path: /{{ data_dir }}/web_data
state: directory
recurse: yes
owner: "{{ name }}"
group: "{{ name }}"
when: ansible_hostname == "nfs" or ansible_hostname == 'backup'
# Start nfs
[root@m01 /ansible/nfs]# vim start_nfs.yml
- name: Start nfs Server
service:
name: nfs-server
state: started
enabled: yes
when: ansible_hostname == "nfs" or ansible_hostname == 'backup'
sersync project
# Project preparation
[root@m01 /ansible/sersync]# ll
total 732
-rwxr-xr-x 1 root root 2213 Aug 17 15:15 confxml.xml
-rw-r--r-- 1 root root 376 Aug 16 18:00 sersyncd.service
-rw-r--r-- 1 root root 727286 Aug 17 15:12 sersync.tgz
# Install sersync
[root@m01 /ansible/sersync]# vim install_sersync.yml
- name: Create app Directory
file:
path: /{{ install_sersync_dir }}
state: directory
recurse: yes
when: ansible_hostname == "nfs"
- name: Install sersync Server
unarchive:
src: /ansible/sersync/sersync.tgz
dest: /{{ install_sersync_dir }}
when: ansible_hostname == "nfs"
# Configure sersync
[root@m01 /ansible/sersync]# vim config_sersync.yml
- name: Push All File
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- {src: "./confxml.xml",dest: "/{{ install_sersync_dir }}/GNU-Linux-x86/confxml.xml"}
- {src: "./sersyncd.service",dest: "/usr/lib/systemd/system/sersyncd.service"}
notify: restart sersync
when: ansible_hostname == 'nfs'
- name: Create Password File
copy:
content: "{{ rsync_passwd }}"
dest: "{{ rsync_passwd_file }}"
mode: 0600
when: ansible_hostname == "nfs"
# Start sersync
[root@m01 /ansible/sersync]# vim start_sersync.yml
- name: Start sersync Server
service:
name: sersyncd
state: started
enabled: yes
when: ansible_hostname == "nfs"
nginx project
# Project preparation
[root@m01 /ansible/nginx]# ll
total 20
-rw-r--r-- 1 root root 323 Aug 16 17:54 blog.abc.com.conf
-rw-r--r-- 1 root root 761 Aug 16 17:54 nginx.conf
# Install nginx
[root@m01 /ansible/nginx]# vim install_nginx.yml
- name: Install Nginx Server
yum:
name: nginx
state: present
when: ansible_hostname is match "web*"
# Configure nginx
[root@m01 /ansible/nginx]# vim config_nginx.yml
- name: Push Nginx Conf
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- {src: "./nginx.conf",dest: "/etc/nginx/nginx.conf"}
- {src: "./blog.abc.com.conf",dest: "/etc/nginx/conf.d/blog.abc.com.conf"}
notify: restart nginx
when: ansible_hostname is match "web*"
# start nginx
[root@m01 /ansible/nginx]# vim start_nginx.yml
- name: Start Nginx Server
service:
name: nginx
state: started
enabled: yes
when: ansible_hostname is match "web*"
php project
# Project preparation
[root@m01 /ansible/php]# ll
-rw-r--r-- 1 root root 19674604 Aug 16 17:55 php.tgz
-rw-r--r-- 1 root root 17993 Aug 17 16:21 www.conf
# Install PHP
[root@m01 /ansible/php]# vim install_php.yml
- name: Unarchive php
unarchive:
src: ./php.tgz
dest: /tmp
when: ansible_hostname is match "web*"
- name: Judge PHP
shell: 'rpm -qa|grep php'
register: get_php
ignore_errors: yes
when: ansible_hostname is match 'web*'
- name: Install php Server
shell: 'rpm -Uvh /tmp/*.rpm'
ignore_errors: yes
when: (ansible_hostname == "web01" and get_php.rc != 0) or (ansible_hostname == "web02" and get_php.rc != 0)
# Configuring PHP
[root@m01 /ansible/php]# vim config_php.yml
- name: Push php Conf
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- {src: "./www.conf",dest: "/etc/php-fpm.d/www.conf"}
notify:
- restart php
- chmod sock
when: ansible_hostname is match "web*"
# Start PHP
[root@m01 /ansible/php]# vim start_php.yml
- name: Start php Server
service:
name: php-fpm
state: started
enabled: yes
when: ansible_hostname is match "web*"
- name: Chmod sock
file:
path: /dev/shm/php71w.sock
state: touch
owner: "{{ name }}"
group: "{{ name }}"
wordpress project
# Project preparation
[root@m01 /ansible/wordpress]# ll
-rw-r--r-- 1 root root 16429648 Aug 16 17:57 wordpress.tgz
# Install WordPress
[root@m01 /ansible/wordpress]# vim install_wordpress.yml
- name: Create code Directory
file:
path: /code
state: directory
owner: "{{ name }}"
group: "{{ name }}"
recurse: yes
when: ansible_hostname is match "web*"
- name: Unarchive WordPress
unarchive:
src: ./wordpress.tgz
dest: /code
owner: "{{ name }}"
group: "{{ name }}"
when: ansible_hostname is match "web*"
- name: Create uploads Directory
file:
path: /code/wordpress/wp-content/uploads
state: directory
recurse: yes
owner: "{{ name }}"
group: "{{ name }}"
when: ansible_hostname is match "web*"
- name: Change /var/lib/nginx/ Jurisdiction
file:
path: /var/lib/nginx/
owner: "{{ name }}"
group: "{{ name }}"
recurse: yes
when: ansible_hostname is match "web*"
mount-playbook
[root@m01 mount]# vim mounted_wordpress.yml
- name: Mount Wordpress
mount:
path: /code/wordpress/wp-content/uploads
src: 172.16.1.31:/{{ data_dir }}/web_data
fstype: nfs
state: mounted
when: ansible_hostname is match "web*"
Entry file playbook
[root@m01 /ansible]# vim task.yml
- hosts: all
tasks:
- include_tasks: base/base.yml
- include_tasks: rsync/install_rsync.yml
- include_tasks: rsync/config_rsync.yml
- include_tasks: rsync/start_rsync.yml
- include_tasks: nfs/install_nfs.yml
- include_tasks: nfs/config_nfs.yml
- include_tasks: nfs/start_nfs.yml
- include_tasks: sersync/install_sersync.yml
- include_tasks: sersync/config_sersync.yml
- include_tasks: sersync/start_sersync.yml
- include_tasks: mariadb/install_mariadb.yml
- include_tasks: mariadb/start_mariadb.yml
- include_tasks: mariadb/config_mariadb.yml
- include_tasks: nginx/install_nginx.yml
- include_tasks: nginx/start_nginx.yml
- include_tasks: nginx/config_nginx.yml
- include_tasks: php/install_php.yml
- include_tasks: php/config_php.yml
- include_tasks: php/start_php.yml
- include_tasks: wordpress/install_wordpress.yml
- include_tasks: mount/mounted_wordpress.yml
handlers:
- name: restart rsync
service:
name: rsync
state: restarted
- name: restart nfs
service:
name: nfs-server
state: restarted
- name: restart sersync
service:
name: sersyncd
state: restarted
- name: restart nginx
service:
name: nginx
state: reloaded
- name: restart php-fpm
service:
name: php-fpm
state: restarted
- name: chmod sock
file:
path: /dev/shm/php71w.sock
owner: "{{ name }}"
group: "{{ name }}"