Python 在运维工作中的经典应用

一.ansible

• 安装ansible

如果base源丢失可以执行以下两条命令：
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
再执行yum install ansible -y

• 克隆虚拟机

hostnamectl set-hostname standby

vim /etc/sysconfig/network-scripts/ifcfg-eth0
IPADDR=10.0.0.200
UUID行删掉

vim /etc/hosts
10.0.0.200 standby
systemctl restart network

二.Linux的 SSHD(22)

-验证方式

(1)用户+密码(PAM)
(2)秘钥验证(公钥:钥匙和私钥:锁)
	通过秘钥对实现,需要将公钥分发到各节点

• 管理被控端，管理机先生成秘钥，然后推送公钥

ssh-keygen
ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.0.0.8
[root@demo ~]# for i in {1..12};do ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.0.0.$i;done  #如果有多台机器，可以用for循环

• 配置被管理的主机清单

[root@demo ~]# vim /etc/ansible/hosts
[web]
10.0.0.7
10.0.0.8

• 使用ansible的ad-hoc测试

[root@demo ~]# ansible web[组名] -m ping[执行的命令]
10.0.0.12 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
10.0.0.11 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}

• 执行远程命令

[root@demo ~]# ansible all -m shell -a "df -h"  #查看磁盘空间："df -h" ；查看内存："free -m"
10.0.0.12 | CHANGED | rc=0 >>
Filesystem      Size  Used Avail Use% Mounted on
/dev/sda3        98G  3.4G   95G   4% /
devtmpfs        477M     0  477M   0% /dev
tmpfs           488M     0  488M   0% /dev/shm
tmpfs           488M  7.7M  480M   2% /run
tmpfs           488M     0  488M   0% /sys/fs/cgroup
/dev/sda1       197M  102M   96M  52% /boot
tmpfs            98M     0   98M   0% /run/user/0

10.0.0.11 | CHANGED | rc=0 >>
Filesystem      Size  Used Avail Use% Mounted on
/dev/sda3        98G  1.6G   97G   2% /
devtmpfs        981M     0  981M   0% /dev
tmpfs           992M  124K  992M   1% /dev/shm
tmpfs           992M  9.6M  982M   1% /run
tmpfs           992M     0  992M   0% /sys/fs/cgroup
/dev/sda1       197M  102M   96M  52% /boot
tmpfs           199M     0  199M   0% /run/user/0

• ansible playbook自动化安装nginx

[root@demo ~]# vim  playbook_nginx.yml 
- hosts: web
  remote_user: root
  vars:
    http_port: 80
  tasks:
    - name: Add Nginx Yum Repository
      yum_repository:
        name: nginx
        description: Nginx Repository
        baseurl: http://nginx.org/packages/centos/7/$basearch/
        gpgcheck: no

    - name: Install Nginx Server
      yum: 
	    name=nginx state=present

    - name: Configure Nginx Server
      template: src=./default.conf.template dest=/etc/nginx/conf.d/default.conf
      notify: Restart Nginx Server

    - name: Start Nginx Server
      service: name=nginx state=started enabled=yes

  handlers:
    - name: Restart Nginx Server
      service: name=nginx state=restarted

• default.conf.template文件如下

[root@demo ~]#vim default.conf.template 
server {
    listen       {{ http_port }};
    server_name  localhost;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }
}

• 执行ansible-playbook

检查语法
[root@demo ~]# ansible-playbook --syntax playbook_nginx.yml	 

模拟执行
[root@demo ~]# ansible-playbook -C playbook_nginx.yml 

执行
[root@demo ~]# ansible-playbook playbook_nginx.yml