安装Ansible
准备三台测试虚拟机,ip地址分别为:
master: 192.168.44.130
agent1: 192.168.44.132
agent2:192.168.44.133
可参考官网:
https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#installing-ansible-on-ubuntu
下载ansible及其依赖
在控制机上执行以下命令:以下操作最好在root用户下执行 不然可能导致权限不足。
#首先切换到root用户:
su - root
$ sudo apt update
$ sudo apt install software-properties-common
$ sudo add-apt-repository --yes --update ppa:ansible/ansible
$ sudo apt install ansible #下载ansible
生成密钥对:
Ansible通过SSH连接test组,首先在控制机上生成一个公钥key,
ssh-keygen
root@yge:~# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:7n7dWeR4Jw9XmbamcYxWdKVTN54O60EpMo39UBq8g0c root@yge
The key's randomart image is:
+---[RSA 2048]----+
| .. . .=|
| +E+ o+=|
| +o*.++o+|
| .o+= +*o|
| S . .+==o|
| . .+==*|
| . ..o=O.|
| . . ..o .|
| .o. |
+----[SHA256]-----+
root@yge:~# ll /root/.ssh/
total 16
drwx------ 2 root root 4096 Aug 25 09:28 ./
drwx------ 3 root root 4096 Aug 17 05:07 ../
-rw------- 1 root root 0 Aug 17 05:07 authorized_keys
-rw------- 1 root root 1679 Aug 25 09:28 id_rsa
-rw-r--r-- 1 root root 390 Aug 25 09:28 id_rsa.pub
发送公钥
然后将公钥发送给agent1,agent2
root@yge:/root/.ssh# ssh-copy-id root@192.168.44.133
/usr/bin/ssh-copy-id: ERROR: no ID file found
这里发现未找到任何用户。是因为ubuntu系统ssh未对root用户开放
登陆需要连接的客户节点。编辑文件vim /etc/ssh/sshd_config
vim /etc/ssh/sshd_config
#将PermitRootLogin改为yes
PermitRootLogin yes
返回master
root@master:~# ssh-copy-id root@192.168.44.132
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.44.132's password:
Permission denied, please try again.
root@192.168.44.132's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.44.132'"
and check to make sure that only the key(s) you wanted were added.
root@master:~# ssh-copy-id root@192.168.44.133
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.44.133's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.44.133'"
and check to make sure that only the key(s) you wanted were added.
配置Host
编辑 /etc/ansible/hosts 添加test信息:
root@master:~# cat /etc/ansible/hosts
# This is the default ansible 'hosts' file.
#
# It should live in /etc/ansible/hosts
#
# - Comments begin with the '#' character
# - Blank lines are ignored
# - Groups of hosts are delimited by [header] elements
# - You can enter hostnames or ip addresses
# - A hostname/ip can be a member of multiple groups
# Ex 1: Ungrouped hosts, specify before any group headers.
## green.example.com
## blue.example.com
## 192.168.100.1
## 192.168.100.10
# Ex 2: A collection of hosts belonging to the 'webservers' group
## [webservers]
## alpha.example.org
## beta.example.org
## 192.168.1.100
## 192.168.1.110
# If you have multiple hosts following a pattern you can specify
# them like this:
## www[001:006].example.com
# Ex 3: A collection of database servers in the 'dbservers' group
## [dbservers]
##
## db01.intranet.mydomain.net
## db02.intranet.mydomain.net
## 10.25.1.56
## 10.25.1.57
# Here's another example of host ranges, this time there are no
# leading 0s:
## db-[99:101]-node.example.com
[test]
agent1 ansible_ssh_host=192.168.44.132
agent2 ansible_ssh_host=192.168.44.133
测试:
root@master:~# ansible test -m ping
[DEPRECATION WARNING]: Distribution Ubuntu 18.04 on host agent2 should use
/usr/bin/python3, but is using /usr/bin/python for backward compatibility with
prior Ansible releases. A future Ansible release will default to using the
discovered platform python for this host. See https://docs.ansible.com/ansible/2.9
/reference_appendices/interpreter_discovery.html for more information. This
feature will be removed in version 2.12. Deprecation warnings can be disabled by
setting deprecation_warnings=False in ansible.cfg.
agent2 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
agent1 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
这里发现多了[DEPRECATION WARNING]这个报警。
进入配置文件.将deprecation_warnings = False改为false
root@master:~# vim /etc/ansible/ansible.cfg
然后再次运行试一试。
root@master:~# ansible test -m ping
agent2 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
agent1 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}