Ansible受控端环境搭建
操作系统环境:Window7 SP1
PowerShell环境:5.1,默认为2.0,需要手动安装Microsoft .NET Framework4.5和Microsoft Management Framework 4,按要求重启生效。
- get-host
- set-executionpolicy remotesigned (a)
配置winrm:
注意!!!公用网络因安全策略等因素,不能使用ansible进行远程操控,须更换为工作网络。
- winrm quickconfig (y)
- winrm enumerate winrm/config/listener
- winrm set winrm/config/service/auth '@{Basic="true"}'
- winrm set winrm/config/service '@{AllowUnencrypted="true"}'
- 设置防火墙规则,允许远程主机通过5985端口连接本机
安装SCOOP包管理工具
- iex "& {$(scoop.201704.xyz)}" -RunAsAdmin
- scoop config SCOOP_REPO 'https://gitee.com/glsnames/scoop-installer'
备注:get.scoop.sh因网络原因无法成功安装,scoop.201704.xyz为国内镜像。
Ansible主控端环境搭建
操作系统环境:centos 7.6
PYTHON环境:python 2.7.5,版本较低,默认未装pip,需要手动安装!!!
- pip install ansible (-i https://pypi.douban.com/simple)
- ansible-galaxy collection install community.windows
- ansible-galaxy collection install ansible.windows
备注:第2步安装community.windows是为了使用win_scoop,通过包管理工具SCOOP进行应用程序的安装;第3步安装ansible.windows是为了使用win_updates,安装必要的Windows更新。
Ansible主控端配置
编辑/etc/ansible/hosts文件,注意备份。
[masters]
192.168.0.11 ansible_ssh_user=username
[centos-slaves]
192.168.0.21 ansiblue_ssh_user=username
192.168.0.22 ansiblue_ssh_user=username
192.168.0.23 ansiblue_ssh_user=username
[win-slaves]
192.168.0.41 ansible_ssh_user=username ansible_ssh_pass=password ansible_ssh_port=5985 ansible_connection="winrm" ansible_winrm_server_cert_validation=ignore
192.168.0.42 ansible_ssh_user=username ansible_ssh_pass=password ansible_ssh_port=5985 ansible_connection="winrm" ansible_winrm_server_cert_validation=ignore
192.168.0.43 ansible_ssh_user=username ansible_ssh_pass=password ansible_ssh_port=5985 ansible_connection="winrm" ansible_winrm_server_cert_validation=ignore
Ansible常用命令
win_ping:测试主机是否可达
ansible -i /etc/ansible/hosts "win-slaves" -m win_ping
win_shell:执行CMD命令
ansible -i /etc/ansible/hosts "win-slaves" -m win_shell -a 'scoop bucket add extras'
win_scoop:安装指定应用
ansible -i /etc/ansible/hosts "win-slaves" -m community.windows.win_scoop -a 'name=firefox state=present'
ansible -i /etc/ansible/hosts "win-slaves" -m community.windows.win_scoop -a 'name=opera state=present'
win_file:操作目录或文件
#创建目录
ansible -i /etc/ansible/hosts "win-slaves" -m win_file -a 'dest=PATH_TO_DIR state=directory'
#删除目录
ansible -i /etc/ansible/hosts "win-slaves" -m win_file -a 'dest=PATH_TO_DIR state=absent'
win_copy:复制文件到指定目录下
ansible -i /etc/ansible/hosts "win-slaves" -m win_copy -a 'src=PATH_TO_FILE dest=PATH_TO_FILE'
win_user:添加或删除用户
#创建用户
ansible -i /etc/ansible/hosts "win-slaves" -m win_user -a 'name=username passwd=password'
#删除用户
ansible -i /etc/ansible/hosts "win-slaves" -m win_user -a 'name=username state=absent'
win_reboot:重启电脑
ansible -i /etc/ansible/hosts "win-slaves" -m win_reboot