1)安装和配置ansible以及ansible控制节点server.example.com如下:
2)创建一个名为/home/student/ansible/inventory的静态库存文件如下所示:
2.1)node1 是dev主机组的成员
2.2)node2是test主机组的成员
2.3)node1和node2是prod主机组的成员
2.4)node1是balancers主机组的一员
2.5)prod组是webservers主机组的成员
3).创建一个名为/home/student/ansible/ansible.cfg的配置文件,如下所示:
3.1主机库存文件/home/student/ansible/inventory
3.2剧本中角色的位置被定义为/home/student/ansible/roles
4)控制主机中登录student用户,remote_user = devops,开启特权升级
在Server主机安装ansible,并写入host文件
(安装前必须确认是否有python模块)
[root@server ztx]# yum install ansible
server
node1
node2
在控制添加用户student
[root@server ztx]# useradd student
[student@server ~]$ mkdir ansible
[student@server ~]$ cd ansible/
[student@server ansible]$ vim inventory
[student@server ansible]$ vim ansible.cfg
查看能否看到配置文件
[student@server ansible]$ ansible --version
更改信息
添加用户devops
[root@node1 admin]# [root@node1 admin]# passwd devops
Changing password for user devops.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
useradd devops
[root@node2 ztx]# useradd devops
[root@node2 ztx]# passwd devops
Changing password for user devops.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
实现免密登录
[student@server ansible]$ ssh-keygen -t rsa -f ~/.ssh/id_rsa -P "" -q
[student@server ansible]$ ssh-copy-id -i ~/.ssh/id_rsa.pub devops@node1
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/student/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
devops@node1's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'devops@node1'"
and check to make sure that only the key(s) you wanted were added.
[student@server ansible]$ ssh-copy-id -i ~/.ssh/id_rsa.pub devops@node2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/student/.ssh/id_rsa.pub"
The authenticity of host 'node2 (172.25.250.12)' can't be established.
ECDSA key fingerprint is SHA256:Kl2g1gJ/9cWTXV1FmBR/dPdcCIcd+GVoFLxMuNxGQ7Y.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
devops@node2's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'devops@node2'"
and check to make sure that only the key(s) you wanted were added.
测试免密登录