部署ansible架构

于 2022-10-24 01:48:31 发布
阅读量847 收藏
点赞数
文章标签: 1024程序员节
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/cn_zemo/article/details/127484272
版权

#部署ansible架构

文章目录


##安装yum源 

配置阿里云yum源
[root@server yum.repos.d]#  curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
[root@server yum.repos.d]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
配置ansible 的yum源
[root@server yum.repos.d]# dnf list all|grep ansible
[root@server yum.repos.d]# dnf -y install centos-release-ansible-29-1-2.el8.noarch 
[root@server yum.repos.d]# ls /etc/yum.repos.d/ |grep ansible
CentOS-SIG-ansible-29.repo

##安装ansible

[root@server ~]# dnf  -y  install  ansible

##查看ansible版本

[root@server ~]# ansible  --version
ansible 2.9.27
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.6/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.6.8 (default, Apr 16 2020, 01:36:27) [GCC 8.3.1 20191121 (Red Hat 8.3.1-5)]

##配置/etc/hosts

[root@server ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.100.10 server.example.com server
192.168.100.20 nodel1.example.com nodel1
192.168.100.30 nodel2.example.com nodel2
192.168.100.40 nodel3.example.com nodel3

##配置ssh的基于密钥认证

[root@server ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:R8wj0VvCUSTWBuEEfqF6Jzsxl/u9/WwS7A0e4QraESk root@server.example.com
The key's randomart image is:
+---[RSA 3072]----+
|        o+OBo    |
|       . O+o+    |
|        + B*     |
|       .E++o  .  |
|      . S.=. o . |
|       . Oo.  *  |
|        oo.o + = |
|        ......+oo|
|            . o+=|
+----[SHA256]-----+
[root@server ~]# ssh-copy-id  -i  ~/.ssh/id_rsa.pub  root@nodel1
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'nodel1 (192.168.100.20)' can't be established.
ECDSA key fingerprint is SHA256:MMI36yluru9YSl4xKo7Tpq/crzsgPkelib65Zg702NI.
Are you sure you want to continue connecting (yes/no/[fingerprint])? 
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
The authenticity of host 'nodel1 (192.168.100.20)' can't be established.
ECDSA key fingerprint is SHA256:MMI36yluru9YSl4xKo7Tpq/crzsgPkelib65Zg702NI.
Are you sure you want to continue connecting (yes/no/[fingerprint])? y
Please type 'yes', 'no' or the fingerprint: 1^H
Please type 'yes', 'no' or the fingerprint: yes
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@nodel1's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@nodel1'"
and check to make sure that only the key(s) you wanted were added.

[root@server ~]# ssh-copy-id  -i  ~/.ssh/id_rsa.pub  root@nodel2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'nodel2 (192.168.100.30)' can't be established.
ECDSA key fingerprint is SHA256:MMI36yluru9YSl4xKo7Tpq/crzsgPkelib65Zg702NI.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@nodel2's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@nodel2'"
and check to make sure that only the key(s) you wanted were added.

[root@server ~]# ssh-copy-id  -i  ~/.ssh/id_rsa.pub  root@nodel3
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'nodel3 (192.168.100.40)' can't be established.
ECDSA key fingerprint is SHA256:MMI36yluru9YSl4xKo7Tpq/crzsgPkelib65Zg702NI.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@nodel3's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@nodel3'"
and check to make sure that only the key(s) you wanted were added.

[root@server ~]#

##将ansible本地的/etc/hosts文件发送给受控主机

[root@server ~]# scp /etc/hosts root@192.168.100.20:/etc/hosts
hosts                                                  100%  322   143.4KB/s   00:00    
[root@server ~]# scp /etc/hosts root@192.168.100.30:/etc/hosts
hosts                                                  100%  322   173.7KB/s   00:00    
[root@server ~]# scp /etc/hosts root@192.168.100.40:/etc/hosts
hosts                                                  100%  322   191.4KB/s   00:00    
[root@server ~]#

##在ansible主机和所有受控主机中创建student用户,并设置密码为redhat

[root@server ~]# useradd student
[root@server ~]# echo redhat|passwd --stdin student 
Changing password for user student.
passwd: all authentication tokens updated successfully.

[root@nodel1 ~]# useradd student
[root@nodel1 ~]# echo redhat|passwd --stdin student
Changing password for user student.
passwd: all authentication tokens updated successfully.

[root@nodel2 ~]# useradd student
[root@nodel2 ~]# echo redhat|passwd --stdin student
Changing password for user student.
passwd: all authentication tokens updated successfully.

[root@nodel3 ~]# useradd student
[root@nodel3 ~]# echo redhat|passwd --stdin student
Changing password for user student.
passwd: all authentication tokens updated successfully.

##使用student用户创建基于密钥认证

[root@server ~]# su - student 
[student@server ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/student/.ssh/id_rsa): 
Created directory '/home/student/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Passphrases do not match.  Try again.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/student/.ssh/id_rsa.
Your public key has been saved in /home/student/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:HrYVcDV5R2E9jbCGKA1HnxS3mmM22m6Cdg7p3VpjYQs student@server.example.com
The key's randomart image is:
+---[RSA 3072]----+
|      ..+ +o=o ==|
|       + * +.++.+|
|      . o = +. ..|
|       .   =     |
|        E @      |
|       + @ =     |
|      o.+ *      |
|     .ooo=..     |
|     ..o++o      |
+----[SHA256]-----+
[student@server ~]$ ssh-copy-id  -i  ~/.ssh/id_rsa.pub  root@nodel1
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/student/.ssh/id_rsa.pub"
The authenticity of host 'nodel1 (192.168.100.20)' can't be established.
ECDSA key fingerprint is SHA256:MMI36yluru9YSl4xKo7Tpq/crzsgPkelib65Zg702NI.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@nodel1's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@nodel1'"
and check to make sure that only the key(s) you wanted were added.

[student@server ~]$ ssh-copy-id  -i  ~/.ssh/id_rsa.pub  root@nodel2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/student/.ssh/id_rsa.pub"
The authenticity of host 'nodel2 (192.168.100.30)' can't be established.
ECDSA key fingerprint is SHA256:MMI36yluru9YSl4xKo7Tpq/crzsgPkelib65Zg702NI.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@nodel2's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@nodel2'"
and check to make sure that only the key(s) you wanted were added.

[student@server ~]$ ssh-copy-id  -i  ~/.ssh/id_rsa.pub  root@nodel3
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/student/.ssh/id_rsa.pub"
The authenticity of host 'nodel3 (192.168.100.40)' can't be established.
ECDSA key fingerprint is SHA256:MMI36yluru9YSl4xKo7Tpq/crzsgPkelib65Zg702NI.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@nodel3's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@nodel3'"
and check to make sure that only the key(s) you wanted were added.

[student@server ~]$

##修改 ansible 的配置

[student@server ~]$ mkdir ansible
[student@server ~]$ cd ansible/
[student@server ansible]$ cp /etc/ansible/ansible.cfg  .
[student@server ansible]$ vim ansible.cfg 
···
inventory      = /home/student/ansible/inventory
···

[student@server ansible]$ vim inventory
nodel1
nodel2
nodel3

##测试

[student@server ansible]$ ansible all -m ping
nodel1 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: student@nodel1: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
    "unreachable": true
}
nodel2 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: student@nodel2: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
    "unreachable": true
}
nodel3 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: student@nodel3: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
    "unreachable": true
}
cn_zemo
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
实训报告-1-安装、部署ansible环境.docx
10-30
实训报告-1-安装、部署ansible环境. 使用Linux虚拟机模拟实现“一台控制端,两台被控端”的运维服务器架构模式,从配置yum源、配置DNS、安装ansible、配置ansible配置文件来达到预期的自动化运维工具ansible环境的...
Ansible自动化管理集群架构入门与实践
04-11
Ansible是自动化运维和DevOps中持续部署的必备神器,通过Playbook的自动化任务可以大大减少运维的工作量。它可以配置系统、部署软件以及协调更高级的IT任务,例如持续部署,滚动更新。Ansible适用于管理企业IT基础...
Ansible 快速入门
ys_3203527193的博客
06-24 779
介绍常见的自动化运维工具:Ansible asltstack puppetAnsible 是一款简单的运维自动化工具,只需要使用ssh协议连接就可以来进行系统管理,自动化执行命令,部署等任务。Ansible的特点1、ansible 不需要单独安装客户端,也不需要启动任何服务2、ansible 是python 中的一套完整的自动化执行任务模块3、ansible playbook 采用 yaml 配置,对于自动化任务执行过一目了然ansible {web (组)
ansible 简介
小曹的胡说八道的博客
03-29 4万+
Ansible是一种常用的自动运维化工具,基于python开发,分布式,无需客户端,轻量级,配置语言采用YAML。 Ansible的特性: 1.模块化:调用特定的模块,完成特殊的任务。 2.Paramiko(python对ssh的实现),PyYaml,jinja2(模块语言)三个关键模块。 3.支持自定义模块,可使用任何编程语言写模块。 4.基于python语言实现。 5.部署简单,基于python和SSH(默认已安装),agentless,无需代理不依赖KPI(无需SSL)。 6.安全,基于OpenSSH
自动化运维工具-ansible详解
m0_64496909的博客
06-19 2万+
一、ansible简介 ansible是一种基于python开发的自动化运维工具,它只需要在服务端安装ansible,无需在每个客户端安装客户端程序,通过ssh的方式来进行客户端服务器的管理,基于模块来实现批量数据配置、批量设备部署以及批量命令执行。 ansible大致模块工作原理见下图: 大致工作原理就是ansible程序调用读取/etc/ansible/ansible.cfg配置文件获取主机列表清单/etc/ansible/hosts文件,获取所要处理的主机列表,然后查看剧本任务,在根据剧本.
ansible常用操作命令-上手即用
qq_41905051的博客
01-13 1万+
ansible批量处理命令常见
自动化运维工具Ansible详细部署
weixin_33915554的博客
11-20 1199
==========================================================================================一、基础介绍==========================================================================================1、简...
ansible-openldap
05-03
在ldap中存储SSH密钥的架构使用LDAP作为Samba后端的架构在LDAP中存储AutoFS挂载选项的架构(可选)配置将LDAP服务器用于AuthN / AuthZ的Samba服务器(可选)配置SSH用户和组(可选)为主目录和共享存储(NFS或CephFS...
ara-infra:ARA Records Ansible项目的基础架构管理
04-29
它的意思是:-部署基础架构服务器infra.recordsansible.org部署网站部署以桥接ARA的Slack和IRC社区-在不同的ARA项目之间进行通用集成测试 如果您希望使用ARA Records Ansible报告您的剧本,则可以在上ARA文档。 ...
ansible教程
02-27
一本很好的ansible教程。从如何安装ansible,到如何部署ansible,还有实际使用场景下如何设计ansible架构
非常好的Ansible入门教程(超简单)
热门推荐
pushiqiang的博客
09-28 13万+
Ansible是一个配置管理和配置工具,类似于Chef,Puppet或Salt。这是一款很简单也很容易入门的部署工具,它使用SSH连接到服务器并运行配置的任务,服务器上不用安装任何多余的软件,只需要开启ssh,所有工作都交给client端的ansible负责。 关于Ansible的一个好处是,将bash脚本转换为可执行任务是非常容易的。我们可以编写自己的配置程序,但是Ansible更加干净,因为它
自动化运维工具ansible安装及使用
chengxuyuanyonghu的专栏
03-27 1万+
一、ansible介绍 1.ansible ansible是新出现的自动化运维工具,基于Python研发。糅合了众多老牌运维工具的优点实现了批量操作系统配置、批量程序的部署、批量运行命令等功能。仅需在管理工作站上安装ansible程序配置被管控主机的IP信息,被管控的主机无客户端。ansible应用程序存在于epel(第三方社区)源,依赖于很多python组件。主要包括:
ansible常用模块
weixin_30299539的博客
08-17 729
copy模块 目的:把主控端/root目录下的a.sh文件拷贝到到指定节点上 命令:ansible 10.1.1.113 -m copy -a 'src=/root/a.sh dest=/tmp/' file模块 目的:更改指定节点上/tmp/t.sh的权限为755,属主和属组为root 命令:ansible all -m file -a "dest=/tmp/t.sh ...
Ansible的简介及部署
Rainable
04-26 1万+
1. ansible简介 1.1 什么是ansible ansible是一款开源自动化平台,是一个配置管理工具,自动化运维工具 1.2 ansible的优点 跨平台支持 人类可读自动化: ansible提供linux,Windows,unix和网络设备的无代理支持,适用于物理、虚拟、云和容器环境 完美描述应用:playbook 轻松管理版本控制:playbook是纯文本,可视作源代码...
自动化运维之ansible详解
weixin_33796177的博客
03-24 106
1.ansible安装以及配置认证ansible也是有Python开发的。ansible特点:不需要安装客户端,通过sshd去通信基于模块工作,模块可以由任何语言开发不仅支持命令行使用模块,也支持编写yaml格式的playbook支持sudo又提供UI(浏览器图形化)www.ansible.com/tower 10台主机以内免费开源UI http://github.com/a...
ansible的常用模块及参数
杂七杂八的博客
09-25 1640
ansinle的常用模块及参数作用 command&shell模块 shell模块比command强大shell模块可以执行shell的内置命令和特性如管道等 不指定模块的话默认为command模块 ansible all -i hosts -m shell -a "cat /etc/passwd | grep games" 10.11.65.193 | CHANGED | rc=0 >> games:x:12:100:games:/usr/games:/sbin/nologin an
自动化运维工具——【ansible详解 一】
黄相勇的博客
08-28 6万+
目录 ansible 简介 ansible 是什么? ansible 特点 ansible 架构ansible 任务执行 ansible 任务执行模式 ansible 执行流程 ansible 命令执行过程 ansible 配置详解 ansible 安装方式 使用 pip(python的包管理模块)安装 使用 yum 安装 ansibl...
led-Opt.Bak
最新发布
05-21
毕设&课设&项目&实训- 【项目资源】: 包含前端、后端、移动开发、操作系统、人工智能、物联网、信息化管理、数据库、硬件开发、大数据、课程资源、音视频、网站开发等各种技术项目的源码。 包括STM32、ESP8266、PHP、QT、Linux、iOS、C++、Java、python、web、C#、EDA、proteus、RTOS等项目的源码。 【项目质量】: 所有源码都经过严格测试,可以直接运行。 功能在确认正常工作后才上传。 【适用人群】: 适用于希望学习不同技术领域的小白或进阶学习者。 可作为毕设项目、课程设计、大作业、工程实训或初期项目立项。 【附加价值】: 项目具有较高的学习借鉴价值,也可直接拿来修改复刻。 对于有一定基础或热衷于研究的人来说,可以在这些基础代码上进行修改和扩展,实现其他功能。 【沟通交流】: 有任何使用上的问题,欢迎随时与博主沟通,博主会及时解答。 鼓励下载和使用,并欢迎大家互相学习,共同进步。
【图像加密解密】基于matlab菲涅尔域双随机相位编码图像加密解密【含Matlab源码 4548期】.mp4
05-21
Matlab研究室上传的视频均有对应的完整代码,皆可运行,亲测可用,适合小白; 1、代码压缩包内容 主函数:main.m; 调用函数:其他m文件;无需运行 运行结果效果图; 2、代码运行版本 Matlab 2019b;若运行有误,根据提示修改;若不会,私信博主; 3、运行操作步骤 步骤一:将所有文件放到Matlab的当前文件夹中; 步骤二:双击打开main.m文件; 步骤三:点击运行,等程序运行完得到结果; 4、仿真咨询 如需其他服务,可私信博主或扫描视频QQ名片; 4.1 博客或资源的完整代码提供 4.2 期刊或参考文献复现 4.3 Matlab程序定制 4.4 科研合作
ansible 架构
09-20
下面是一个简单的ansible架构图: ``` +--------------------------+ | Ansible控制节点 | | | | +----------------------+ | | | Ansible核心组件 | | | | | | | | Ansible Playbooks | | | | | | | +---...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值