useradd ansible
echo 'ansible:ansible' | chpasswd <- change password
cp -pi /etc/sudoers{,.`date '+%Y%m%d'`}
echo "ansible ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
useradd ansible echo 'ansible:ansible' | chpasswd <- change password
su - ansible ssh-keygen -t rsa ssh-copy-id x.x.x.x <- Copy Publick Key to Target Server
cd /home/ansible mkdir ansible1 <- ansible working directory cd ansible1 vi hosts vi ansible.cfg vi test.yml
[all:vars] ansible_ssh_port=22 ansible_ssh_user=ansible ansible_ssh_pass=ansible [test1] 192.168.0.37
[defaults] inventory = ./hosts
- hosts: all gather_facts: no tasks: - shell: date - shell: date >> /tmp/test - shell: whoami >> /tmp/test
ansible-playbook test1.yml --list-hosts # Check target hosts ansible-playbook test1.yml --check # Test ansible-playbook test1.yml ansible-playbook -l test1 test1.yml
- hosts: all become: yes gather_facts: no tasks: - shell: date - shell: date >> /tmp/test - shell: whoami >> /tmp/test
NAME
ansible-playbook - run an ansible playbook
SYNOPSIS
ansible-playbook <filename.yml> ... [options]
ARGUMENTS
filename.yml
The names of one or more YAML format files to run as ansible playbooks.
OPTIONS
-h, --help
Show help page and exit
--list-hosts
Outputs a list of matching hosts; does not execute anything else.
--list-tasks
List all tasks that would be executed; does not execute anything else.
-i PATH, --inventory=PATH
The PATH to the inventory, which defaults to /etc/ansible/hosts. Alternatively, you can use
a comma-separated list of hosts or a single host with a trailing comma host,.
-C, --check
Do not make any changes on the remote system, but test resources to see what might have changed.
Note this can not scan all possible resource types and is only a simulation.
--syntax-check
Look for syntax errors in the playbook, but don’t run anything
$ ansible-playbook PLAYBOOK.yml <- /etc/ansible/hosts $ ansible-playbook -i /tmp/hosts PLAYBOOK.yml $ ansible-playbook --private-key=./KEY ./PLAYBOOK.yml
$ ansible-playbook -i HOSTS --list-tasks -i test-servers site.yml
$ ansible-playbook -i HOSTS PLAYBOOK.yml --check $ ansible-playbook -i HOSTS PLAYBOOK.yml --check --diff
- name: disable selinux
command: /sbin/setenforce 0
tasks: - shell: /home/shell/test.sh > result.txt
- name: ruby configure
shell: chdir=/tmp/{{ rubyver }} ./configure --disable-install-doc
- name: make ruby
shell: chdir=/tmp/{{ rubyver }} make
- name: make install ruby
shell: chdir=/tmp/{{ rubyver }} make install
tasks: - user: name=user2 password=$6$rounds=656000$3Co6RKpxxxx
get_url: url=http://toolbelt.treasuredata.com/sh/install-redhat.sh dest=/root/fluentd-install.sh
tasks:
- name: copy a file
copy: src=test.txt dest=/tmp/
- name: copy directory
copy: src=/tmp/test1.d dest=/tmp/test1.d/
- name: copy files in directory
copy: src=/tmp/test1.d/ dest=/tmp/test1.d/
tasks: - fetch: src=/tmp/test2.txt dest=/tmp/
tasks: - service: name=httpd state=restarted
- name: create directories
file: path={{ item.path }} owner={{ item.owner }} group={{ item.group }} mode=0{{ item.mode }} state=directory
with_items:
- { "path":"/test/test2", "owner":"root", "group":"root", "mode":"755" }
- { "path":"/test/test3", "owner":"root", "group":"root", "mode":"777" }
unarchive: src=/tmp/ruby.tar.gz dest=/tmp copy=no
lineinfile: dest=/etc/sysconfig/selinux regexp="^SELINUX=.*" line="SELINUX=disabled"
lineinfile: > dest=/etc/ssh/sshd_config regexp="^PasswordAuthentication" line="PasswordAuthentication no" insertafter="#PasswordAuthentication"
- hosts: all become: yes gather_facts: no tasks: - command: touch /tmp/test1.txt - command: touch /tmp/test2.txt - command: touch /tmp/test3.txt
- hosts: all
become: yes
gather_facts: no
tasks:
- name: check install httpd
yum: name=httpd state=latest
- name: start httpd and enabled httpd
service: name=httpd state=started enabled=yes
- hosts: all
become: yes
gather_facts: no
tasks:
- name: yum install httpd
yum: name=httpd state=present
- name: service httpd start
service: name=httpd state=started
- name: chkconfig httpd on
command: /sbin/chkconfig httpd on
---
- hosts: all
become: yes
gather_facts: nos
tasks:
- name: apt-get update
apt: update_cache=yes
- name: install depended packages
apt: name={{ item }} state=latest
with_items:
- libffi-dev
- libreadline6-dev
- libssl-dev
- make
- zlib1g-dev
- name: check exist of ruby source
stat: path=/usr/local/src/ruby-2.3.0
register: ruby_source
- name: get source and unarchive
unarchive: src=https://cache.ruby-lang.org/pub/ruby/2.3/ruby-2.3.0.tar.gz dest=/usr/local/src copy=no
when: not ruby_source.stat.exists
- name: build
shell: ./configure && make && make install
args:
chdir: /usr/local/src/ruby-2.3.0
- hosts: all
become: yes
gather_facts: no
tasks:
- name: download hoge source file
get_url: url=https://hostname/hoge_source.tar.gz dest=/usr/local/src/hoge_source.tar.gz
- name: extract hoge source file
unarchive: src=/usr/local/src/hoge_source.tar.gz dest=/usr/local/src/ creates=/usr/local/src/hoge_source
- name: install hoge
shell: ./configure && make && make install chdir=/usr/local/src/hoge_source creates=/usr/bin/hoge
- hosts: all
become: yes
gather_facts: no
tasks:
- name: copy file
copy: src=/tmp//sumple.sh dest=/tmp/sumple.sh owner=user01 group=dev mode=0755
- name: exec shell
shell: /tmp/sumple.sh
- name: delete file
file: dest=/tmp/sumple.sh state=absent