一 、安装ansible
1. yum安装
# yum install epel-release -y
# yum install ansible -y
2. pip安装
# yum install python-pip -y
# pip install ansible
二 、配置ansible
配置文件 /etc/ansible/ansible.cfg
主机清单 /etc/ansible/hosts,定义被管理主机和组;
需要将被管理主机加入到 /etc/ansible/hosts;
也可以通过 -i 参数指定hosts文件的路径
三、 验证方式
1. 免秘钥
# ssh-keygen # ssh-copy-id 192.168.1.28
2. 在hosts文件中指定密码
[本地测试服务器] 192.168.1.111 ansible_ssh_pass="123456" 192.168.1.28 ansible_ssh_pass="123456"
3. 手动输入密码 -k
[root@ansible ~]# ansible 192.168.1.28 -a 'hostname' -k SSH password: 192.168.1.28 | SUCCESS | rc=0 >> localhost.localdomain
四、模块介绍
常用模块 command,ping,shell,script,copy,yum,user
每个模块的用法可以通过 "# ansible-doc 模块名" 查看
以ping 模块为例
[root@ansible ~]# ansible-doc ping
> PING
A trivial test module, this module always returns `pong' on successful contact.
It does not make sense in playbooks, but it is useful from `/usr/bin/ansible'
to verify the ability to login and that a usable python is configured. This is
NOT ICMP ping, this is just a trivial test module.
EXAMPLES:
# Test we can logon to 'webservers' and execute python with json lib.
ansible webservers -m ping
MAINTAINERS: Ansible Core Team, Michael DeHaan
ansible命令的用法:
ansible <host-pattern> [-f forks] [-m module_name] [-a args]
<host-pattern> | 指明管控主机,以模式形式表示或者直接给定 IP ,必须事先定义在文件中; all 设置所有 |
[-f forks] | 指明每批管控多少主机,默认为 5 个主机一批次 |
[-m module_name] | 使用何种模块管理操作,所有的操作都需要通过模块来指定 |
[-a args] | 指明模块专用参数; args 一般为 key=value 格式 注意:command模块的参数非为kv格式,而是直接给出要执行的命令即可; |
command 是默认模块,可以执行命令,用法如下
[root@ansible ~]# ansible 192.168.1.28 -a 'hostname' 192.168.1.28 | SUCCESS | rc=0 >> localhost.localdomain
ping 检测主机是否在线 (不带参数)
[root@ansible ~]# ansible 192.168.1.28 -m ping 192.168.1.28 | SUCCESS => { "changed": false, "ping": "pong" }
shell 执行命令,shell脚本
[root@ansible ~]# ansible 192.168.1.28 -m shell -a 'hostname' 192.168.1.28 | SUCCESS | rc=0 >> localhost.localdomain
script 模块可以在远程机器执行本地的脚本,不需要将脚本拷贝到远程机器上去
copy 拷贝文件到远程机器
- src Local path to a file to copy to the remote server(本地文件路径)
- dest Remote absolute path where the file should be copied to(要拷贝到远程机器的路径)
- mode mode the file or directory should be(文件权限,可选参数)
[root@ansible ~]# ansible 192.168.1.28 -m copy -a 'src=/tmp/test.txt dest=/test.txt mode=600' 192.168.1.28 | SUCCESS => { "changed": true, "checksum": "815c2defa3389cfe66b5ced5934869285fa29f4d", "dest": "/test.txt", "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/test.txt", "secontext": "system_u:object_r:etc_runtime_t:s0", "size": 1381, "state": "file", "uid": 0 }
yum 安装卸载软件包
- name 软件名称
- state [absent,present,installed,removed,latest]
[root@ansible ~]# ansible 192.168.1.28 -m yum -a 'name=httpd state=latest'
user 管理用户
- name 用户名
- password 用户密码
- home 用户家目录
[root@ansible ~]# ansible 192.168.1.28 -m user -a 'name=test password=123 home=/home/test' 192.168.1.28 | SUCCESS => { "changed": true, "comment": "", "createhome": true, "group": 503, "home": "/home/test", "name": "test", "password": "NOT_LOGGING_PASSWORD", "shell": "/bin/bash", "state": "present", "system": false, "uid": 503 }
palybook 分享平台 https://galaxy.ansible.com/list
可以通过 ansible-galaxy install 作者id.角色名 下载需要的roles
例如下载bennojoy的nginx:
[root@localhost ~]# ansible-galaxy install bennojoy.nginx - downloading role 'nginx', owned by bennojoy - downloading role from https://github.com/bennojoy/nginx/archive/master.tar.gz - extracting bennojoy.nginx to /root/.ansible/roles/bennojoy.nginx - bennojoy.nginx (master) was installed successfully