Ansible-1-介绍及实验环境准备
Ansible介绍
- ansible是新出现的自动化运维工具,基于Python开发,集合了众多运维工具(puppet、cfengine、chef、func、fabric)的优点,实现了批量系统配置、批量程序部署、批量运行命令等功能。
ansible是基于模块工作的,本身没有批量部署的能力。真正具有批量部署的是ansible所运行的模块,ansible只是提供一种框架。主要包括:
(1)、连接插件connection plugins:负责和被监控端实现通信;
(2)、host inventory:指定操作的主机,是一个配置文件里面定义监控的主机;
(3)、各种模块核心模块、command模块、自定义模块;
(4)、借助于插件完成记录日志邮件等功能;
(5)、playbook:剧本执行多个任务时,非必需可以让节点一次性运行多个任务。
Ansible,实验环境准备
在rh294的机器里面有七个基于KVM的虚拟机,分别如下:
- workstation虚拟机(作为Ansible Control host);
- Servera,Serverb,Serverc,Serverd(作为Ansible managed host);
- bastion(提供了一个外部网络);
- classroom虚拟机(提供了联系环境脚本,软件仓库,课程材料)
1、这些虚拟机的启动顺序:先启动classroom,再启动剩下的所有的虚拟机,刚开始的环境,虚拟机并没有在环境中存在,需要使用命令拉取虚拟机;
//rhl-vmctl命令就是rhl tools
//rht-vmctl fullreset的意思是完全重置某个虚拟机(虚拟机的删除重建)
[kiosk@foundation0 ~]$ rht-vmctl fullreset classroom
Are you sure you want to full reset classroom? (y/n) y
Powering off classroom.
Full resetting classroom.
Creating virtual machine disk overlay for rh294-classroom-vda.qcow2
Starting classroom.
//虚拟机,不要动这个目录
[kiosk@foundation0 vms]$ pwd
/content/rhel8.0/x86_64/vms
[kiosk@foundation0 vms]$ ls
rh294-bastion-vda.qcow2 rh294-servera-vdb.qcow2 rh294-serverb-vdb.qcow2 rh294-serverc-vdb.qcow2 rh294-serverd-vdb.qcow2 rh294-workstation-vda.qcow2
rh294-bastion.xml rh294-servera.xml rh294-serverb.xml rh294-serverc.xml rh294-serverd.xml rh294-workstation.xml
rh294-servera-vda.qcow2 rh294-serverb-vda.qcow2 rh294-serverc-vda.qcow2 rh294-serverd-vda.qcow2 rh294-vms.md5sum
2、classroom启动之后,我们第一次加载环境,需要将其他的虚拟机文件全部加载到环境里面
//将除了classroom之外的所有虚拟机全部删除重建
[kiosk@foundation0 vms]$ rht-vmctl fullreset all
即使你有KVM虚拟化管理经验,也不建议你用KVM的相关操作来管理
[root@foundation0 ~]# virsh list
Id Name State
----------------------------------------------------
1 classroom running
2 bastion running
3 workstation running
4 servera running
5 serverb running
6 serverc running
7 serverd running
强烈建议使用rhl tools来管理这些虚拟机
//查看所有虚拟机的状态
[root@foundation0 ~]# rht-vmctl status all
bastion RUNNING
workstation RUNNING
servera RUNNING
serverb RUNNING
serverc RUNNING
serverd RUNNING
[root@foundation0 ~]# rht-vmctl status classroom
classroom RUNNING
//将所有虚拟机恢复快照,不包括classroom
[root@foundation0 ~]# rht-vmctl reset all
Are you sure you want to reset bastion workstation servera serverb serverc serverd? (y/n) y
Powering off bastion..
Powering off workstation..
Powering off servera..
Powering off serverb..
Powering off serverc..
Powering off serverd..
Resetting bastion.
Creating virtual machine disk overlay for rh294-bastion-vda.qcow2
Starting bastion.
Resetting workstation.
Creating virtual machine disk overlay for rh294-workstation-vda.qcow2
Starting workstation.
Resetting servera.
Creating virtual machine disk overlay for rh294-servera-vda.qcow2
Creating virtual machine disk overlay for rh294-servera-vdb.qcow2
Starting servera.
Resetting serverb.
Creating virtual machine disk overlay for rh294-serverb-vda.qcow2
Creating virtual machine disk overlay for rh294-serverb-vdb.qcow2
Starting serverb.
Resetting serverc.
Creating virtual machine disk overlay for rh294-serverc-vda.qcow2
Creating virtual machine disk overlay for rh294-serverc-vdb.qcow2
Starting serverc.
Resetting serverd.
Creating virtual machine disk overlay for rh294-serverd-vda.qcow2
Creating virtual machine disk overlay for rh294-serverd-vdb.qcow2
Starting serverd.
//开启所有虚拟机
[root@foundation0 ~]# rht-vmctl start all
命令查看
[root@foundation0 ~]# rht-vmctl
Error: missing subcommand or VMNAME.
This utility manages the Red Hat Training supplied VMs on the local
hypervisor.
Usage: rht-vmctl [-y|--yes] VMCMD VMNAME [DATETIME]
rht-vmctl [-i|--inquire] VMCMD VMNAME [DATETIME]
rht-vmctl -h|--help
where VMCMD is one of:
view - launches console viewer of VMNAME
start - obtain and start up VMNAME
stop - stop a running VMNAME
restart - if running, stop then start VMNAME
poweroff - if running, force stop VMNAME
reset - poweroff, return to saved or original state, start VMNAME
save - stop, save image, start VMNAME (to DATETIME)
restore - poweroff, restore to save (to DATETIME), start VMNAME
listsaves - list the saves of VMNAME
status - display libvirt status of VMNAME
get - if not here, obtain VMNAME from server
remove - remove VMNAME from system
fullreset - poweroff, reobtain from server, start VMNAME (bad save/image)
-i|--inquire - confirm each VMNAME first
-y|--yes - confirm nothing, just do it
VMNAME of "all" processes all VMs available in the course
3、实验环境的主机解析文件
//环境主机都已经免密登录
[root@foundation0 ~]# ssh workstation
Warning: Permanently added 'workstation,172.25.250.9' (ECDSA) to the list of known hosts.
Activate the web console with: systemctl enable --now cockpit.socket
[student@workstation ~]$ cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.25.254.254 classroom.example.com classroom
172.25.254.254 content.example.com content
172.25.254.254 materials.example.com materials
### rht-vm-hosts file listing the entries to be appended to /etc/hosts
#
172.25.250.9 workstation.lab.example.com workstation
172.25.250.10 servera.lab.example.com servera
172.25.250.11 serverb.lab.example.com serverb
172.25.250.12 serverc.lab.example.com serverc
172.25.250.13 serverd.lab.example.com serverd
172.25.250.254 bastion.lab.example.com bastion
[root@foundation0 ~]# bridge link
6: virbr1-nic: <BROADCAST,MULTICAST> mtu 1500 master virbr1 state disabled priority 32 cost 100
8: br1-nic: <BROADCAST,MULTICAST> mtu 1500 master br1 state disabled priority 32 cost 100
10: privbr0-nic: <BROADCAST,MULTICAST> mtu 1500 master privbr0 state disabled priority 32 cost 100
12: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 master virbr0 state disabled priority 32 cost 100
13: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master br0 state forwarding priority 32 cost 100
14: vnet1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master br1 state forwarding priority 32 cost 100
24: vnet2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master privbr0 state forwarding priority 32 cost 100
25: vnet3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master br0 state forwarding priority 32 cost 100
26: vnet4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master privbr0 state forwarding priority 32 cost 100
27: vnet5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master privbr0 state forwarding priority 32 cost 100
28: vnet6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master virbr1 state forwarding priority 32 cost 100
29: vnet7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master privbr0 state forwarding priority 32 cost 100
30: vnet8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master virbr1 state forwarding priority 32 cost 100
31: vnet9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master privbr0 state forwarding priority 32 cost 100
32: vnet10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master privbr0 state forwarding priority 32 cost 100
4、在rh294的环境里面classroom给我们提供了两个web网站 ,分别是content.example.com和materials.example.com
5、如何操作我们的RH294环境
- 我们后面的实验练习都是通过rh294的物理操作系统连接到workstation进行操作
- workstation是我们的ansible control节点
- Servera ~ d是我们的ansible managed节点
- 几乎所有的虚拟的root密码都是redhat
- 除了root用户之外还有一个叫student的特权用户,该用户的密码是student
- classroom的root密码是Asimov
在rhel8系统,ansible会自动根据你的平台的python版本去选择
[student@workstation ~]$ yum list platform-python
如果你是rhel系统,需要使用订阅命令通过RHN镰刀红帽的软件仓库进行下载安装。
在实验环境里面,已经给我们集成了相关的软件仓库。
//安装ansible
[student@workstation ~]$ sudo yum -y install ansible
//版本信息
[student@workstation ~]$ ansible --version
ansible 2.8.0
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/student/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.6/site-packages/ansible
executable location = /usr/bin/ansible
python version = 3.6.8 (default, Apr 3 2019, 17:26:03) [GCC 8.2.1 20180905 (Red Hat 8.2.1-3)]
6、ansible安装
[student@workstation ~]$ lab intro-install start
Setting up the environment for the exercise:
· Configuring control node packages........................... SUCCESS
//安装ansible
[student@workstation ~]$ sudo yum -y install ansible
//查看ansible版本
[student@workstation ~]$ ansible --version
ansible 2.8.0
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/student/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.6/site-packages/ansible
executable location = /usr/bin/ansible
python version = 3.6.8 (default, Apr 3 2019, 17:26:03) [GCC 8.2.1 20180905 (Red Hat 8.2.1-3)]
//ansible python module location
[student@workstation ~]$ ls /usr/lib/python3.6/site-packages/ansible
cli compat config constants.py context.py errors executor galaxy __init__.py inventory modules module_utils parsing playbook plugins __pycache__ release.py template utils vars
[student@workstation ~]$ lab intro-install finish
Cleaning up environment:
. Cleaning up................................................. SUCCESS
7、CentOS8安装Ansible
- centos上安装ansible有两种办法,一种是源码包安装,还有一种是通过epel软件仓库安装
[root@localhost ~]# yum repolist
Last metadata expiration check: 1 day, 9:21:41 ago on Sat 07 Nov 2020 12:16:13 AM EST.
repo id repo name status
AppStream CentOS-8 - AppStream 4,933
BaseOS CentOS-8 - Base 1,673
extras CentOS-8 - Extras 27
[root@localhost ~]# yum -y install epel8-release
Last metadata expiration check: 1 day, 9:24:55 ago on Sat 07 Nov 2020 12:16:13 AM EST.
//自动生成epel的软件仓库
[root@localhost ~]# yum -y install epel-release
[root@localhost ~]# yum repolist
Extra Packages for Enterprise Linux Modular 8 - x86_64 16 kB/s | 97 kB 00:06
Extra Packages for Enterprise Linux 8 - x86_64 477 kB/s | 8.3 MB 00:17
repo id repo name status
AppStream CentOS-8 - AppStream 4,933
BaseOS CentOS-8 - Base 1,673
*epel Extra Packages for Enterprise Linux 8 - x86_64 6,628
*epel-modular Extra Packages for Enterprise Linux Modular 8 - x86_64 0
extras CentOS-8 - Extras 27
//此时我们可以从epel仓库中获取到ansible安装包
[root@localhost ~]# yum list | grep ansible
ansible.noarch 2.9.15-1.el8 epel
ansible-doc.noarch 2.9.15-1.el8 epel
ansible-freeipa.noarch 0.1.8-3.el8 AppStream
centos-release-ansible-29.noarch 1-2.el8 extras
vim-ansible.noarch 3.0-1.el8 epel
//安装ansible
[root@localhost ~]# yum -y install ansible
//安装完成后,可以查看ansible版本
[root@localhost ~]# ansible --version
ansible 2.9.15
config file = /etc/ansible/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.6/site-packages/ansible
executable location = /usr/bin/ansible
python version = 3.6.8 (default, May 21 2019, 23:51:36) [GCC 8.2.1 20180905 (Red Hat 8.2.1-3)]
4886
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
