a6.ansible 生产实战案例 -- chrony服务端roles

Raymond运维
239 阅读3分钟

chrony服务端roles

源码下载地址:github.com/raymond9999…

[root@ansible-server ansible]# mkdir -p roles/chrony-server/{tasks,handlers}

[root@ansible-server ansible]# cd roles/chrony-server/
[root@ansible-server chrony-server]# ls
handlers  tasks

[root@ansible-server chrony-server]# vim tasks/install_chrony_yum.yml
- name: install CentOS or Rocky chrony
  yum:
    name: chrony
  when:
    - (ansible_distribution=="CentOS" or ansible_distribution=="Rocky")
- name: delete CentOS or Rocky /etc/chrony.conf file contains '^pool.*' string line
  lineinfile:
    path: /etc/chrony.conf
    regexp: '^pool.*'
    state: absent
  when:
    - (ansible_distribution=="CentOS" or ansible_distribution=="Rocky")
  notify:
    - restart chronyd
- name: delete CentOS or Rocky /etc/chrony.conf file contains '^server.*' string line
  lineinfile:
    path: /etc/chrony.conf
    regexp: '^server.*'
    state: absent
  when:
    - (ansible_distribution=="CentOS" or ansible_distribution=="Rocky")
  notify:
    - restart chronyd
- name: add Time server for CentOS or Rocky /etc/chrony.conf file
  lineinfile:
    path: /etc/chrony.conf
    insertafter: '^# Please consider .*'
    line: "server ntp.aliyun.com iburst\nserver time1.cloud.tencent.com iburst\nserver ntp.tuna.tsinghua.edu.cn iburst"
  when:
    - (ansible_distribution=="CentOS" or ansible_distribution=="Rocky")
  notify:
    - restart chronyd
- name: Substitution '^#(allow).*' string for CentOS or Rocky /etc/chrony.conf file
  replace:
    path: /etc/chrony.conf
    regexp: '^#(allow).*'
    replace: '\1 0.0.0.0/0'
  when:
    - (ansible_distribution=="CentOS" or ansible_distribution=="Rocky")
  notify:
    - restart chronyd
- name: Substitution '^#(local).*' string for CentOS or Rocky /etc/chrony.conf file
  replace:
    path: /etc/chrony.conf
    regexp: '^#(local).*'
    replace: '\1 stratum 10'
  when:
    - (ansible_distribution=="CentOS" or ansible_distribution=="Rocky")
  notify:
    - restart chronyd

[root@ansible-server chrony-server]# vim tasks/install_chrony_apt.yml
- name: delete lock files
  file:
    path: "{{ item }}"
    state: absent
  loop:
    - /var/lib/dpkg/lock
    - /var/lib/apt/lists/lock
    - /var/cache/apt/archives/lock
  when:
    - ansible_distribution=="Ubuntu"
- name: apt update
  apt:
    update_cache: yes
    force: yes 
  when:
    - ansible_distribution=="Ubuntu"
- name: install Ubuntu chrony
  apt:
    name: chrony
    force: yes
  when:
    - ansible_distribution=="Ubuntu"
- name: delete Ubuntu /etc/chrony/chrony.conf file contains '^pool.*' string line
  lineinfile:
    path: /etc/chrony/chrony.conf
    regexp: '^pool.*'
    state: absent
  when:
    - ansible_distribution=="Ubuntu"
  notify:
    - restart chronyd
- name: add Time server for Ubuntu /etc/chrony/chrony.conf file
  lineinfile:
    path: /etc/chrony/chrony.conf
    insertafter: '^# See http:.*'
    line: "server ntp.aliyun.com iburst\nserver time1.cloud.tencent.com iburst\nserver ntp.tuna.tsinghua.edu.cn iburst"
  when:
    - ansible_distribution=="Ubuntu"
- name: add 'allow 0.0.0.0/0' string and 'local stratum 10' string for Ubuntu /etc/chrony/chrony.conf file
  lineinfile:
    path: /etc/chrony/chrony.conf
    line: "{{ item }}"
  loop:
    - "allow 0.0.0.0/0"
    - "local stratum 10"
  when:
    - ansible_distribution=="Ubuntu"
  notify:
    - restart chronyd

[root@ansible-server chrony-server]# vim tasks/service.yml
- name: start chronyd
  systemd:
    name: chronyd
    state: started
    enabled: yes

[root@ansible-server chrony-server]# vim tasks/main.yml
- include: install_chrony_yum.yml
- include: install_chrony_apt.yml
- include: service.yml

[root@ansible-server chrony-server]# vim handlers/main.yml
- name: restart chronyd
  systemd:
    name: chronyd
    state: restarted

[root@ansible-server chrony-server]# cd ../../
[root@ansible-server ansible]# tree roles/chrony-server/
roles/chrony-server/
├── handlers
│   └── main.yml
└── tasks
    ├── install_chrony_apt.yml
    ├── install_chrony_yum.yml
    ├── main.yml
    └── service.yml

2 directories, 5 files

[root@ansible-server ansible]# vim chrony_server_role.yml 
---
- hosts: chronyserver

  roles:
    - role: chrony-server

[root@ansible-server ansible]# ansible-playbook chrony_server_role.yml 

PLAY [chronyserver] ***************************************************************************************************************************

TASK [Gathering Facts] ************************************************************************************************************************
ok: [172.31.0.104]
ok: [172.31.0.101]

TASK [chrony-server : install CentOS or Rocky chrony] *****************************************************************************************
skipping: [172.31.0.104]
changed: [172.31.0.101]

TASK [chrony-server : delete CentOS or Rocky /etc/chrony.conf file contains '^pool.*' string line] ********************************************
skipping: [172.31.0.104]
changed: [172.31.0.101]

TASK [chrony-server : delete CentOS or Rocky /etc/chrony.conf file contains '^server.*' string line] ******************************************
skipping: [172.31.0.104]
ok: [172.31.0.101]

TASK [chrony-server : add Time server for CentOS or Rocky /etc/chrony.conf file] **************************************************************
skipping: [172.31.0.104]
changed: [172.31.0.101]

TASK [chrony-server : Substitution '^#(allow).*' string for CentOS or Rocky /etc/chrony.conf file] ********************************************
skipping: [172.31.0.104]
changed: [172.31.0.101]

TASK [chrony-server : Substitution '^#(local).*' string for CentOS or Rocky /etc/chrony.conf file] ********************************************
skipping: [172.31.0.104]
changed: [172.31.0.101]

TASK [chrony-server : delete lock files] ******************************************************************************************************
skipping: [172.31.0.101] => (item=/var/lib/dpkg/lock) 
skipping: [172.31.0.101] => (item=/var/lib/apt/lists/lock) 
skipping: [172.31.0.101] => (item=/var/cache/apt/archives/lock) 
changed: [172.31.0.104] => (item=/var/lib/dpkg/lock)
changed: [172.31.0.104] => (item=/var/lib/apt/lists/lock)
changed: [172.31.0.104] => (item=/var/cache/apt/archives/lock)

TASK [chrony-server : apt update] *************************************************************************************************************
skipping: [172.31.0.101]
changed: [172.31.0.104]

TASK [chrony-server : install Ubuntu chrony] **************************************************************************************************
skipping: [172.31.0.101]
changed: [172.31.0.104]

TASK [chrony-server : delete Ubuntu /etc/chrony/chrony.conf file contains '^pool.*' string line] **********************************************
skipping: [172.31.0.101]
changed: [172.31.0.104]

TASK [chrony-server : add Time server for Ubuntu /etc/chrony/chrony.conf file] ****************************************************************
skipping: [172.31.0.101]
changed: [172.31.0.104]

TASK [chrony-server : add 'allow 0.0.0.0/0' string and 'local stratum 10' string for Ubuntu /etc/chrony/chrony.conf file] *********************
skipping: [172.31.0.101] => (item=allow 0.0.0.0/0) 
skipping: [172.31.0.101] => (item=local stratum 10) 
changed: [172.31.0.104] => (item=allow 0.0.0.0/0)
changed: [172.31.0.104] => (item=local stratum 10)

TASK [chrony-server : start chronyd] **********************************************************************************************************
ok: [172.31.0.104]
changed: [172.31.0.101]

RUNNING HANDLER [chrony-server : restart chronyd] *********************************************************************************************
changed: [172.31.0.104]
changed: [172.31.0.101]

PLAY RECAP ************************************************************************************************************************************
172.31.0.101               : ok=9    changed=7    unreachable=0    failed=0    skipped=6    rescued=0    ignored=0   
172.31.0.104               : ok=9    changed=7    unreachable=0    failed=0    skipped=6    rescued=0    ignored=0 

[root@rocky8-client ~]# chronyc sources -nv
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 203.107.6.88                  2   6    17    18   +297us[ -484us] +/-   35ms
^- 139.199.215.251               2   6    17    13    +15ms[  +15ms] +/-   33ms
^? 101.6.6.172                   0   7     0     -     +0ns[   +0ns] +/-    0ns

root@ubuntu1804-client:~# chronyc sources -nv
210 Number of sources = 3
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 203.107.6.88                  2   6    17    22    -32us[ +166us] +/-   34ms
^- 139.199.215.251               2   6    17    20  +8852us[+8852us] +/-   63ms
^? 101.6.6.172                   0   7     0     -     +0ns[   +0ns] +/-    0ns
avatar
文章
阅读
粉丝