# 自動化運維工具Ansible怎么使用
## 一、Ansible簡介
Ansible是一款開源的自動化運維工具,由Red Hat公司維護。它通過SSH協議實現遠程節點管理,無需在目標主機安裝客戶端,采用YAML格式編寫劇本(Playbook),具有**簡單易用、無代理、冪等性**等特點,廣泛應用于配置管理、應用部署、任務編排等領域。
---
## 二、核心概念
### 1. 基礎組件
- **Inventory**:定義管理的主機列表(默認路徑`/etc/ansible/hosts`)
- **Playbook**:YAML格式的任務編排文件
- **Module**:執行具體任務的模塊(如`copy`, `yum`, `service`等)
- **Role**:可復用的任務集合
### 2. 工作原理
```bash
控制節點(Control Node) → SSH → 被管節點(Managed Nodes)
# Ubuntu/Debian
sudo apt update && sudo apt install ansible -y
# CentOS/RHEL
sudo yum install epel-release && sudo yum install ansible
示例/etc/ansible/hosts:
[web_servers]
192.168.1.10 ansible_user=root
192.168.1.11
[db_servers]
db01.example.com
# 檢查所有主機連通性
ansible all -m ping
# 在web_servers組安裝Nginx
ansible web_servers -m apt -a "name=nginx state=present" -b
創建nginx_install.yml:
---
- hosts: web_servers
become: yes
tasks:
- name: Install Nginx
apt:
name: nginx
state: latest
- name: Start Nginx service
service:
name: nginx
state: started
enabled: yes
執行Playbook:
ansible-playbook nginx_install.yml
vars:
http_port: 80
tasks:
- name: Update Nginx config
template:
src: nginx.conf.j2
dest: /etc/nginx/nginx.conf
tasks:
- name: Restart Nginx if changed
service:
name: nginx
state: restarted
when: nginx_config.changed
tasks:
- name: Try risky operation
command: /bin/false
ignore_errors: yes
目錄結構建議
project/
├── inventories/
│ ├── production
│ └── staging
├── roles/
│ └── nginx/
├── site.yml
└── group_vars/
安全建議
become權限ansible-vault加密性能優化
ansible.cfg)free策略提高并行效率
