ansible配置与管理

最新推荐文章于 2023-08-14 16:53:48 发布

格林-scorpio

最新推荐文章于 2023-08-14 16:53:48 发布

阅读量172

点赞数

分类专栏： python linux

本文链接：https://blog.csdn.net/pengwupeng2008/article/details/109333861

版权

python 同时被 2 个专栏收录

49 篇文章 0 订阅

订阅专栏

linux

24 篇文章 0 订阅

订阅专栏

1、安装

pip3 install ansible
安装完之后，会生成 /etc/ansible/ 目录
下面有ansible配置文件ansible.cfg
 远程主机配置文件hosts

2、创建ansible账号

useradd ansible  -d /home/userhome/ansible  
修改密码
passwd ansible

3、ansible登入服务器创建SSH秘钥

[ansible@xxxxxxxxxxxxxxxx ~]$ ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/home/userhome/ansible/.ssh/id_rsa): 
Created directory '/home/userhome/ansible/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/userhome/ansible/.ssh/id_rsa.
Your public key has been saved in /home/userhome/ansible/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:sdfsdg ansible@sdfsdfsdf
The key's randomart image is:
+---[RSA 2048]----+
|           .+ X@=|
|         . o.*.B|
|        . ..xo.B+=|
|       . . G.+o|
|        S..*..+..|
|         .+. .|
|          g.. +..|
|           ... +|
|             .. .|
+----[SHA256]-----+

4、ssh公钥文件安装到远程客户机

说明：假设客户机192.168.1.81上面创建guest账号
[test@xxxxxxxxxx ~]$ ssh-copy-id guest@192.168.1.81 -p 22
 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/userhome/test/.ssh/id_rsa.pub"
        The authenticity of host '192.168.1.81 (192.168.1.81)' can't be established.
        ECDSA key fingerprint is SHA256:dfgdfgg.
        ECDSA key fingerprint is MD5:xxxxxxx.
        Are you sure you want to continue connecting (yes/no)? yes
        /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
        /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
guest@192.168.1.81's password: 
        
Number of key(s) added: 1
        
Now try logging into the machine, with:   "ssh -p '22' 'guest@192.168.1.81'"

5、修改/etc/ansible/hosts

[webservers]
   test  ansible_ssh_host=192.168.1.81 ansible_ssh_port=22

6、测试ansible命令

[ansible@xxxxx ansible]$ ansible test -u guest -m shell -a "mkdir tt;cd tt;touch a.txt;ls -la"
[WARNING]: Consider using the file module with state=directory rather than running 'mkdir'.  If you need to use command because file is insufficient you can add
'warn: false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid of this message.
test | CHANGED | rc=0 >>
total 8
drwxrwxr-x 2 guest guest 4096 Oct 28 16:00 .
drwx------ 5 guest guest 4096 Oct 28 16:00 ..
-rw-rw-r-- 1 guest guest    0 Oct 28 16:00 a.txt

7、客户机配置guest 能使用sudo root权限执行命令

通过root登入客户机192.168.1.81 

vim /etc/sudoers

添加如下用户授权

 guest  ALL=(ALL)       NOPASSWD:ALL

或者添加
 guest  ALL=(ALL)       NOPASSWD:/bin/sh

保存 wq!

8、ansible切换到sudo root方式执行指令（-b 参数）

[ansible@xxxx ansible]$ ansible test -u guest -b  -m shell -a "cd /root/;ls -la"
test | CHANGED | rc=0 >>
total 152
dr-xr-x---. 14 root root  4096 Oct 28 16:11 .
dr-xr-xr-x. 20 root root  4096 Jul 20 10:54 ..
drwx------   4 root root  4096 Jun 14  2019 .ansible
-rw-------   1 root root 15386 Oct 28 15:49 .bash_history
-rw-r--r--.  1 root root    18 Dec 29  2013 .bash_logout
-rw-r--r--.  1 root root   176 Dec 29  2013 .bash_profile
-rw-r--r--.  1 root root   176 Dec 29  2013 .bashrc
drwxr-xr-x   3 root root  4096 Feb 15  2019 .cache
drwxrwxrwx   2 root root  4096 Jul 24 13:08 .certs
-rw-r--r--   1 root root 11243 Apr 10  2020 check_ssh_port.log
-rw-r--r--   1 root root  1318 Apr 17  2020 check_web_url.log
drwx------   3 root root  4096 Jul 24 12:18 .config
-rw-r--r--.  1 root root   100 Dec 29  2013 .cshrc
-rw-------   1 root root  6653 Jul 24 15:43 dead.letter
drwxr-xr-x   2 root root  4096 Jun  6 20:06 .kube
-rw-------   1 root root    41 Sep  6 16:03 .lesshst
drwxr-xr-x   3 root root  4096 Mar 30  2019 .local
-rw-------   1 root root  2776 Apr 11  2020 .mysql_history
-rw-------   1 root root    78 May 31  2019 .mysql_secret
drwxr-xr-x   2 root root  4096 Nov 12  2019 .oracle_jre_usage
drwxr-xr-x   2 root root  4096 Feb 15  2019 .pip
drwxr-----   3 root root  4096 Feb 13  2020 .pki
-rw-r--r--   1 root root   205 Mar 25  2019 .pydistutils.cfg
drwxr-xr-x   3 root root  4096 Feb  1  2020 .python-eggs
-rw-------   1 root root  1077 Jul  7 17:47 .rediscli_history
drwx------   2 root root  4096 Sep 10 17:26 .ssh
drwxr-xr-x   3 root root  4096 Mar 31  2019 .subversion
-rw-r--r--.  1 root root   129 Dec 29  2013 .tcshrc
-rw-r--r--   1 root root   202 Aug 20 23:18 test.py
-rw-------   1 root root  9546 Oct 28 16:11 .viminfo

9、ansible调试( -vvv 参数)

10、ansible详解，请参考官网

https://docs.ansible.com/

格林-scorpio

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
ansible配置与管理

1、安装 pip3 install ansible安装完之后，会生成 /etc/ansible/ 目录下面有ansible配置文件ansible.cfg 远程主机配置文件hosts2、创建ansible账号useradd ansible-d /home/userhome/ansible修改密码passwd ansible3、ansible登入服务器创建SS[ansible@xxxxxxxxxxxxxxxx ~]$ ssh-keygen Genera...
复制链接

扫一扫