目录
1.配置清单:/etc/ansible/hosts[node]node1.example.comnode2.example.com
一.部署ansiber环境
1.准备三台机器:
配置IP,主机名,/etc/hosts
2.然后去配置免密登录
1.在服务端操作,上传公钥
[root@good .ssh]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:0ihaGqzhrrggldA2+PdMixdf80qkmODATm08Z/77wmE root@good
The key's randomart image is:
+---[RSA 3072]----+
| |
| o |
|o + |
| * = o |
|. X X B S + |
|.* X % BE+ o |
|+.+ o Ooo.. . |
|= . .o. . |
|=o o+o |
+----[SHA256]-----+
2.将公钥传给客户端
[root@rhcsa .ssh]# ssh-copy-id root@rhce
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'rhce (192.168.40.132)' can't be established.
ECDSA key fingerprint is SHA256:70V58bQzrfUci7EE23sAS/cd7Zjc3zbRhTx15uN1PVY.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@rhce's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@rhce'"
and check to make sure that only the key(s) you wanted were added.
3.验证免密登录
[root@rhcsa .ssh]# ssh root@rhce
Activate the web console with: systemctl enable --now cockpit.socket
This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register
Last failed login: Tue Aug 2 17:13:21 CST 2022 from 192.168.40.129 on ssh:notty
There were 2 failed login attempts since the last successful login.
Last login: Tue Aug 2 16:26:36 2022 from 192.168.40.129
[root@rhce ~]# exit
logout
Connection to rhce closed.
3.配置yum源使用Centos-stream.repo
4.安装ansible
[root@rhcsa yum.repos.d]# rpm -ivh https://mirrors.tuna.tsinghua.edu.cn/zabbix/zabbix/6.0/rhel/8/x86_64/zabbix-release-6.0-1.el8.noarch.rpm
Retrieving https://mirrors.tuna.tsinghua.edu.cn/zabbix/zabbix/6.0/rhel/8/x86_64/zabbix-release-6.0-1.el8.noarch.rpm
warning: /var/tmp/rpm-tmp.uSbUwD: Header V4 RSA/SHA512 Signature, key ID a14fe591: NOKEY
Verifying... ################################# [100%]
Preparing... ################################# [100%]
Updating / installing...
1:zabbix-release-6.0-1.el8 ################################# [100%]
[root@rhcsa yum.repos.d]# yum install -y https://mirrors.tuna.tsinghua.edu.cn/epel/epel-release-latest-8.noarch.rpm
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered with an entitlement server. You can use subscription-manager to register.
Repository AppStream is listed more than once in the configuration
Zabbix Official Repository - x86_64 25 kB/s | 107 kB 00:04
Zabbix Official Repository non-supported - x86_ 294 B/s | 1.2 kB 00:04
epel-release-latest-8.noarch.rpm 33 kB/s | 24 kB 00:00
Dependencies resolved.
================================================================================
Package Architecture Version Repository Size
================================================================================
Installing:
epel-release noarch 8-16.el8 @commandline 24 k
Transaction Summary
================================================================================
Install 1 Package
Total size: 24 k
Installed size: 34 k
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : epel-release-8-16.el8.noarch 1/1
Running scriptlet: epel-release-8-16.el8.noarch 1/1
Many EPEL packages require the CodeReady Builder (CRB) repository.
It is recommended that you run /usr/bin/crb enable to enable the CRB repository.
Verifying : epel-release-8-16.el8.noarch 1/1
Installed products updated.
Installed:
epel-release-8-16.el8.noarch
Complete!
5.使用ansible --version去验证
[root@good yum.repos.d]# ansible --version
ansible [core 2.12.7]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.8/site-packages/ansible
ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.8.13 (default, Jun 24 2022, 15:27:57) [GCC 8.5.0 20210514 (Red Hat 8.5.0-13)]
jinja version = 2.11.3
libyaml = True
二、ansible基础使用
1.配置清单:/etc/ansible/hosts
[node]
node1.example.com
node2.example.com
[root@good yum.repos.d]# vim /etc/ansible/hosts
2.使用ansible node -m ping去验证