本文简要介绍自动化运维工具Ansible的部署。Ansible的自动化运维实现分三部分介绍:
容器云系列之基于Docker的Ansible自动化运维实现——介绍Ansible的基本概念和语法使用
容器云系列之Ansible部署使用——介绍Ansible的安装部署和使用
容器云系列之基于Docker部署Ansible-Tower——介绍使用Docker部署Ansible-Tower
2、Ansible部署使用
2.1 环境准备
1)服务器环境
2)服务器间基于ssh密钥方式建立远程连接
- 安装openssh-server
[root@tango-01 /]# yum install openssh-server -y
[root@tango-centos01 /]# yum install openssh-server
[root@tango-centos02 /]# yum install openssh-server
[root@tango-centos03 /]# yum install openssh-server
- 在tango-01生成密钥
[root@tango-01 /]# ssh-keygen -t dsa -f /root/.ssh/id_dsa -N ""
Generating public/private dsa key pair.
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
SHA256:b+893eSvCD5PGT9J+36+EHVcJhumQgHKn13tVNlry0Y root@tango-01
The key's randomart image is:
+---[DSA 1024]----+
| ..o. + *|
| . . . + Oo|
| o . o +.+|
| . o o o.E.|
| S . ..* .|
| . =.*.|
| + o.*+.|
| o.+ ooo=|
| .+= o*O|
+----[SHA256]-----+
- 将密钥分发到目标主机
[root@tango-01 /]# ssh-copy-id -i root@192.168.112.101
[root@tango-01 /]# ssh-copy-id -i root@192.168.112.102
[root@tango-01 /]# ssh-copy-id -i root@192.168.112.103
- SSH登录目标主机验证
[root@tango-01 /]# ssh 192.168.112.101
[root@tango-01 /]# ssh 192.168.112.102
[root@tango-01 /]# ssh 192.168.112.103
2.2 Ansible安装
1)在tango-01安装epel源
[root@tango-01 /]# yum install epel-release -y
2)查看epel源并安装ansible
[root@tango-01 /]# ll /etc/yum.repos.d/epel*
-rw-r--r-- 1 root root 951 Oct 3 2017 /etc/yum.repos.d/epel.repo
-rw-r--r-- 1 root root 1050 Oct 3 2017 /etc/yum.repos.d/epel-testing.repo
[root@tango-01 /]# yum install -y ansible
3)查看Ansible版本
[root@tango-01 /]# ansible --version
ansible 2.9.15
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /bin/ansible
python version = 2.7.5 (default, Apr 2 2020, 13:16:51) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]
4)修改配置文件,添加主机组:
[root@tango-01 /]# vi /etc/ansible/hosts
[node01]
192.168.112.101
192.168.112.102
192.168.112.103
5)使用ping命令测试连通性
[root@tango-01 /]# ansible node01 -m ping
192.168.112.102 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
192.168.112.101 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
192.168.112.103 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
2.3 Ansible简单使用
1)检查节点的内核版本
[root@tango-01 /]# ansible node01 -m command -a "uname -r"
192.168.112.103 | CHANGED | rc=0 >>
3.10.0-693.el7.x86_64
192.168.112.101 | CHANGED | rc=0 >>
3.10.0-693.el7.x86_64
192.168.112.102 | CHANGED | rc=0 >>
3.10.0-693.el7.x86_64
2)给节点增加用户
[root@tango-01 /]# ansible node01 -m user -a "name=test001 password=123"
[WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this module to work properly.
192.168.112.102 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1003,
"home": "/home/test001",
"name": "test001",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1003
}
192.168.112.101 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1003,
"home": "/home/test001",
"name": "test001",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1003
}
192.168.112.103 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1003,
"home": "/home/test001",
"name": "test001",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1003
}
参考资料
- https://docs.ansible.com/ansible/latest/user_guide
- http://www.ansible.com.cn/
- https://www.cnblogs.com/keerya/p/7987886.html
- https://www.cnblogs.com/liuyansheng/p/6093139.html
- https://blog.csdn.net/len9596/article/details/82656902
转载请注明原文地址:https://blog.csdn.net/solihawk/article/details/121958932
文章会同步在公众号“牧羊人的方向”更新,感兴趣的可以关注公众号,谢谢!