一、构建学习环境:
student用户在控制节点(workstation)上安装并配置 Ansible, 要求如下 :
1、安装所需的软件包
[student@workstation ~]$ sudo yum install ansible
2、创建静态inventory文件/home/student/ansible/inventory,要求如下:
servera属于dev主机组
serverb属于test和balancers主机组
serverc和serverd属于prod主机组
prod主机组属于webservers主机组
[student@workstation ~]$ vim /home/student/ansible/inventory
[dev]
servera
[test]
serverb
[balancers]
serverb
[prod]
serverc
serverd
[webserver:children]
prod
[all:vars]
ansible_user=root
ansible_password=redhat
3、创建ansible配置文件/home/student/ansible/ansible.cfg,要求如下:
使用/home/student/ansible/inventory清单文件
角色存放在/home/student/ansible/roles/ 目录
[student@workstation ~]$ cp /etc/ansible/ansible.cfg /home/student/ansible/
inventory = /home/student/ansible/inventory
roles_path = /home/student/ansible/roles/
[privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=False
[paramiko_connection]
创建roles路径
[student@workstation ~]$ mkdir /home/student/ansible/roles
验证清单文件
[student@workstation ~]$ cd ansible/
[student@workstation ansible]$ ansible-inventory --graph
@all:
|--@balancers:
| |--serverb
|--@dev:
| |--servera
|--@test:
| |--serverb
|--@ungrouped:
|--@webserver:
| |--@prod:
| | |--serverc
| | |--serverd
二、创建一个 shell 脚本名为 adhoc.sh 用以运行 ad-hoc 命令 。为每个受控节点配罝 yum仓库。要求如下:
仓库1 :
Name: RH294_Base
Description: RH294 base software
Base url: http://content.example.com/rhel8.0/x86_64/dvd/BaseOS
需要验证钦件包 GPG 签名
GPG key 在: /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
启用此软件仓库
仓库 2:
Name: RH294_Stream
Description : RH294 stream software
Base url: http://content.example.com/rhel8.0/x86_64/dvd/AppStream
需要验证软件包 GPG 签名
GPG key 在: /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
启用此软件仓库
编写脚本:
[student@workstation ansible]$ vim adhoc.sh
#! /bin/bash
ansible all -m yum_repository -a 'name=RH294_Base description="RH294 base software" \
baseurl=http://content.example.com/rhel8.0/x86_64/dvd/BaseOS \
gpgcheck=yes gpgkey=/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release \
enabled=yes'
ansible all -m yum_repository -a 'name=RH294_Stream description="RH294 stream software" \
baseurl=http://content.example.com/rhel8.0/x86_64/dvd/AppStream \
gpgcheck=yes gpgkey=/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release \
enabled=yes'
增加执行权限,运行脚本验证:
[student@workstation ansible]$ chmod +x adhoc.sh
[student@workstation ansible]$ ./adhoc.sh