ansible部署脚本--亲测可用无坑

环境：centos7，外网通

脚本如下：

#!/bin/bash
#function:ansible
#author:tommypeng  20220801
#####root判断#####
if
  [  "$USER"  != "root"   ]
then
   echo "错误：非root用户，权限不足！"
  exit  0
fi
###############防火墙及SElinux############
systemctl stop firewalld && systemctl disable firewalld  && echo "防火墙已经关闭"
sed -i 's/SELINUX=.*/SELINUX=disabled/g'  /etc/selinux/config  && echo "关闭selinux"
##############网络测试##############
ping   -c  3  www.baidu.com
if
  [ $? = 0 ]
  then
    echo "外网通讯良好！"
  else
    echo  "丫的你在逗我吗？网都没有安装个毛线！"
   exit  1
fi
##############yum源配置################
yum  install  epel-release  -y
mv  /etc/yum.repos.d/epel.repo  /etc/yum.repos.d/epel.repo.bak >> /dev/null
yum clean all  
rpm -Uvh http://mirrors.ustc.edu.cn/epel/epel-release-latest-7.noarch.rpm
yum makecache
###########ansible安装#########
yum -y  install  ansible
##########主机组配置#########
read -p  "请输入主机组的名称:  "  ppo
read -p  "请输入主机1的IP:  "  wokao
read -p  "请输入主机2的IP:  "  haoshuai
sleep 5
cat >> /etc/ansible/hosts  << EOF
[$ppo]
$wokao
$haoshuai
EOF
###########免密登录#########
rm  -rf   /root/.ssh/*  ##清除已有的密钥对
ssh-keygen -N '' -f  /root/.ssh/id_rsa  ###创建密钥对（验证码为空）
ssh-copy-id -i    /root/.ssh/id_rsa.pub  $wokao
ssh-copy-id -i    /root/.ssh/id_rsa.pub  $haoshuai  ####传递公钥
##########测试############
ansible $ppo -m command -a 'ifconfig' 
if [ $? -eq 0 ];then             
                	echo -e "\n\033[32m-----------------------------------------------\033[0m"
                	echo -e "\033[32m测试成功ansible安装成功 !\033[0m"
        	else
                	echo -e "\033[32m测试失败ansible安装失败，即将退出 !"
                	exit 0
        	fi

默认主机清单包含两台主机，如部署完成后，需要添加其他主机，请编辑文件 /etc/ansible/hosts 

在您的主机清单添加相应主机的IP即可。

[root@localhost ~]# vim  /etc/ansible/hosts 
# Ex 2: A collection of hosts belonging to the 'webservers' group

## [webservers]
## alpha.example.org
## beta.example.org
## 192.168.1.100
## 192.168.1.110
。
。
。
。

[pxg]
192.168.137.213
192.168.137.214

还须配置免密登录，具体如下：

ssh-copy-id -i    /root/.ssh/id_rsa.pub  主机IP       ###将公钥发送给新加入的主机，请注意需要输入新加入主机的root密码，按提示输入即可，示例：

[root@localhost ~]# ssh-copy-id -i    /root/.ssh/id_rsa.pub  192.168.137.216
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.137.216 (192.168.137.216)' can't be established.
ECDSA key fingerprint is SHA256:YejXn/pAjoOSNaOfxVO+TiBPp6JmHfZ5Z8nbiUN5m0U.
ECDSA key fingerprint is MD5:b6:8d:e0:b0:08:5c:29:dc:df:2e:87:4e:51:e7:20:48.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.137.216's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.137.216'"
and check to make sure that only the key(s) you wanted were added.

拓展：主机清单的写法：

[pxg]
192.168.137.155
192.168.137.162  
以上意思为：主机组pxg包含这两个IP的主机

定义嵌套组
通过创建后缀为:children的主机组名称来实现，例子如下：
[web]
web1.example.com
web2.example.com
[db]
db1.example.com
db2.example.com
[all:children]
web
db   

上述例子可以改成 
[web]
web[1:2].example.com
[db]
db[1:2].example.com
[webdb:children]
web
db