1.先决条件
- 确保存在OpenSSH;
- 确保Python的版本;
- 管理节点需要安装Ansible,被管理节点不需要安装Ansible。
2.安装方式
- yum方式
[root@master~]# yum install epel-release -y
[root@master~]# yum install ansible -y
- pip方式
[root@master~]# yum install epel-release -y
[root@master~]# yum install python2-pip
[root@master~]# pip install ansible
3.查看版本
[root@master ~]# ansible --version
ansible 2.9.27
config file = /etc/ansible/ansible.cfg #配置文件
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] #模块路径
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible #执行命令的路径
python version = 2.7.5 (default, Oct 14 2020, 14:45:30) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] #使用的python版本
4.管理节点和被管理节点建立ssh信任关系
- 管理节点(ansible)创建密钥对
[root@master ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): #回车
Enter passphrase (empty for no passphrase): #回车
Enter same passphrase again: #回车
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:KTRAZIYdlC9P9i3jjx0vD0FvBa7TMGSCuqxdYbD0uyQ root@master
The key's randomart image is:
+---[RSA 2048]----+
| *Oo .. o . |
| .o=.. + . . |
| . *o + . . |
| +.B. o * . |
| . B.+S.+ + |
| E =.+ .+ |
| o + o oo |
| . . . .o.+ |
| ..ooo |
+----[SHA256]-----+
- 将本地公钥传输被管理节点
- 如果只有一个被管理节点:
[root@master ~]# ssh-copy-id root@10.0.128.171 #被管理节点IP地址
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '10.0.128.171 (10.0.128.171)' can't be established.
ECDSA key fingerprint is SHA256:T+SOOfRX7ES7g0Qv3xdCyuiODADig0aK/AU74iGuY9M.
ECDSA key fingerprint is MD5:5a:47:ee:c5:6c:78:68:b7:bc:22:76:d1:4f:ef:f8:19.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.0.128.171's password: #被管理节点主机密码
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@10.0.128.171'"
and check to make sure that only the key(s) you wanted were added.
5.测试
[root@master ~]# ssh root@10.0.128.171
Last login: Sun Apr 23 10:47:03 2023 from 10.0.255.2