Ansible安装配置
前提:在本地主机和管理的远程主机建立互信,并能够基于主机名访问
[root@localhost ~]# hostnamectl set-hostname cen7.field.com
[root@localhost ~]# hostname
cen7.field.com
1、使用ssh-keygen命令生成基于SSH协议的RSA秘钥,enter...
[root@cen7 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:PrKQICaCAHUGvwnVvA4EVXuBehcBJu1Stb2SsULE2zY root@cen7.field.com
The key's randomart image is:
+---[RSA 2048]----+
|..++**=++. |
|. =.+B..+ |
|. ...+o++.. |
|o .++=.E+ . |
|=.. o=.oS.. |
|+. . ..o . |
| o . o |
| . o . |
| . |
+----[SHA256]-----+
[root@cen7 ~]# cd .ssh
[root@cen7 .ssh]# ll
总用量 8
-rw-------. 1 root root 1675 6月 13 22:28 id_rsa
-rw-r--r--. 1 root root 401 6月 13 22:28 id_rsa.pub
2、将本地节点生成的公钥文件整合为一个authorized_keys文件,并复制到远程主机上
[root@cen7 .ssh]# cat id_rsa.pub > authorized_keys
[root@cen7 .ssh]# scp authorized_keys 192.168.88.130:/root/.ssh
The authenticity of host '192.168.88.130 (192.168.88.130)' can't be established.
RSA key fingerprint is SHA256:+ZpFO2sWykeP5RmBtpFB1Dp7oCAf1HMtxf4vdo/msPU.
RSA key fingerprint is MD5:da:52:ca:c5:e6:c5:3a:de:5d:bc:07:ed:86:e6:ac:44.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.88.130' (RSA) to the list of known hosts.
root@192.168.88.130's password:
authorized_keys 100% 401 46.2KB/s 00:00
[root@cen7 .ssh]# scp authorized_keys 192.168.88.131:/root/.ssh
The authenticity of host '192.168.88.131 (192.168.88.131)' can't be established.
RSA key fingerprint is SHA256:+ZpFO2sWykeP5RmBtpFB1Dp7oCAf1HMtxf4vdo/msPU.
RSA key fingerprint is MD5:da:52:ca:c5:e6:c5:3a:de:5d:bc:07:ed:86:e6:ac:44.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.88.131' (RSA) to the list of known hosts.
root@192.168.88.131's password:
authorized_keys 100% 401 666.3KB/s 00:00
4、验证:确保各主机时间点同步
[root@cen7 .ssh]# ssh 192.168.88.130 'date'
2018年 06月 13日 星期三 14:32:37 CST
[root@cen7 .ssh]# ssh 192.168.88.131 'date'
2018年 06月 13日 星期三 14:32:48 CST
[root@cen7 .ssh]# ssh www.field.com 'date'
ssh: Could not resolve hostname www.field.com: Name or service not known
5、编辑/etc/hosts使各节点能基于主机名访问
[root@cen7 .ssh]# vi /etc/hosts
[root@cen7 .ssh]# more /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 cen7.field.com
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.88.129 web2.field.com web2
192.168.88.130 test.field.com test
192.168.88.131 www.field.com www
192.168.88.131 web1.field.com web1
192.168.88.131 img1.field.com img1
192.168.88.132 cen7.field.com cen7
[root@cen7 .ssh]# ssh www.field.com 'date'
The authenticity of host 'www.field.com (192.168.88.131)' can't be established.
RSA key fingerprint is SHA256:+ZpFO2sWykeP5RmBtpFB1Dp7oCAf1HMtxf4vdo/msPU.
RSA key fingerprint is MD5:da:52:ca:c5:e6:c5:3a:de:5d:bc:07:ed:86:e6:ac:44.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'www.field.com' (RSA) to the list of known hosts.
2018年 06月 13日 星期三 14:36:29 CST
[root@cen7 .ssh]# ssh test.field.com 'date'
The authenticity of host 'test.field.com (192.168.88.130)' can't be established.
RSA key fingerprint is SHA256:+ZpFO2sWykeP5RmBtpFB1Dp7oCAf1HMtxf4vdo/msPU.
RSA key fingerprint is MD5:da:52:ca:c5:e6:c5:3a:de:5d:bc:07:ed:86:e6:ac:44.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'test.field.com' (RSA) to the list of known hosts.
2018年 06月 13日 星期三 14:36:42 CST
yum安装ansible
[root@cen7 .ssh]# yum info ansible
已加载插件:fastestmirror
Repository base is listed more than once in the configuration
Repository updates is listed more than once in the configuration
Repository extras is listed more than once in the configuration
Repository centosplus is listed more than once in the configuration
Repository epel is listed more than once in the configuration
Repository epel-debuginfo is listed more than once in the configuration
Repository epel-source is listed more than once in the configuration
Loading mirror speeds from cached hostfile
可安装的软件包
名称 :ansible
架构 :noarch
版本 :2.5.3
发布 :1.el7
大小 :9.0 M
源 :epel/x86_64
简介 : SSH-based configuration management, deployment, and task execution system
网址 :http://ansible.com
协议 : GPLv3+
描述 : Ansible is a radically simple model-driven configuration management,
: multi-node deployment, and remote task execution system. Ansible works
: over SSH and does not require any software or daemons to be installed
: on remote nodes. Extension modules can be written in any language and
: are transferred to managed machines automatically.
安装ansible,使用阿里云yum源报错,使用163源无此问题,建议使用网易源
[root@cen7 yum.repos.d]# yum install -y ansible | 3.6 kB 00:00:00
http://mirrors.aliyuncs.com/centos/7/contrib/x86_64/repodata/repomd.xml: [Errno 14] curl#7 - "Failed connect to mirrors.aliyuncs.com:80; 拒绝连接"
正在尝试其它镜像。
http://mirrors.aliyun.com/centos/7/contrib/x86_64/repodata/repomd.xml: [Errno 14] HTTP Error 404 - Not Found
正在尝试其它镜像。
failure: repodata/repomd.xml from contrib: [Errno 256] No more mirrors to try.
[root@cen7 yum.repos.d]# vi Centos-7.repo
[root@cen7 yum.repos.d]# vi CentOS7-Base-163.repo
[root@cen7 yum.repos.d]# yum install -y ansible
已安装:
ansible.noarch 0:2.5.3-1.el7
作为依赖被安装:
PyYAML.x86_64 0:3.10-11.el7 libtomcrypt.x86_64 0:1.17-26.el7 libtommath.x86_64 0:0.42.0-6.el7 libyaml.x86_64 0:0.1.4-11.el7_0
python-babel.noarch 0:0.9.6-8.el7 python-backports.x86_64 0:1.0-8.el7 python-backports-ssl_match_hostname.noarch 0:3.5.0.1-1.el7 python-cffi.x86_64 0:1.6.0-5.el7
python-enum34.noarch 0:1.0.4-1.el7 python-httplib2.noarch 0:0.9.2-1.el7 python-idna.noarch 0:2.4-1.el7 python-ipaddress.noarch 0:1.0.16-2.el7
python-jinja2.noarch 0:2.7.2-2.el7 python-keyczar.noarch 0:0.71c-2.el7 python-markupsafe.x86_64 0:0.11-10.el7 python-paramiko.noarch 0:2.1.1-4.el7
python-ply.noarch 0:3.4-11.el7 python-pycparser.noarch 0:2.14-1.el7 python-setuptools.noarch 0:0.9.8-7.el7 python-six.noarch 0:1.9.0-2.el7
python2-crypto.x86_64 0:2.6.1-15.el7 python2-cryptography.x86_64 0:1.7.2-2.el7 python2-jmespath.noarch 0:0.9.0-3.el7 python2-pyasn1.noarch 0:0.1.9-7.el7
sshpass.x86_64 0:1.06-2.el7
完毕!
[root@cen7 yum.repos.d]#