Ansible部署
新建三台虚拟机server4/5/6
server4:
[root@server4 ansible]# yum install *.rpm -y #安装ansible
[root@server4 ansible]# useradd devops
[root@server4 ansible]# su - devops
[devops@server4 ~]$ mkdir ansible
[devops@server4 ~]$ cd ansible/
[devops@server4 ~]$ vim ansible.cfg
#写入:
[defaults]
inventory = ./inventory
[devops@server4 ~]$ vim inventory
#写入:
[test]
172.25.28.5
[prod]
172.25.28.6
[devops@server4 ~]$ ssh-keygen
[devops@server4 ~]$ ssh-copy-id 172.25.28.5
[devops@server4 ~]$ ssh-copy-id 172.25.28.6
[devops@server4 ~]$ ssh server5
[devops@server4 ~]$ ssh 172.25.28.5
##做好免密之后连接一遍使其建立认证,再此连接不用输入yes,否则会影响后面实验。
server5/6:
建立devops用户并设置密码
[root@server5 ~]# useradd devops
[root@server5 ~]# passwd devops
server4:
[devops@server4 ~]$ ansible all -m ping #检查是否可以ping通
server5/6:
[root@server5 ~]# vim /etc/sudoers
##写入:
devops ALL=(ALL) NOPASSWD: ALL
server4:
[devops@server4 ansible]$ ansible test -m copy -a "src=/etc/passwd dest=/tmp/passwd" -b #给权限后成功
[devops@server4 ansible]$ ansible test -a "ls /tmp" #查看/tmp
[devops@server4 ansible]$ ansible test -a "rm /tmp/passwd" #删除刚才传输的passwd文件 ,会出现警告,不建议远程调用shell执行rm命令
[devops@server4 ansible]$ vim ansible.cfg
#写入:
[privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=False
[devops@server4 ansible]$ ansible test -m copy -a "src=/etc/passwd dest=/mnt/passwd" #此时再次执行此命令时不用加 -b ,也可以不在全局写,
用户的添加
[devops@server4 ansible]$ ansible test -m user -a "name=wxh password={{ 'westos'|password_hash('sha512') }}" #生成密码是加密状态的用户
安装mysql
server5:
[root@server5 ~]# yum install mariadb-server -y
[root@server5 ~]# yum install python-enum34.noarch python-kitchen.noarch -y
[root@server5 ~]# yum install MySQL-python -y
server4:
[devops@server4 ansible]$ ansible test -m service -a "name=mariadb state=started"
[devops@server4 ansible]$ ansible test -m mysql_user -a "name=wxh password=westos priv=*.*:select host='%' state=present"
真机:
[root@foundation28 ~]# yum install mariadb-server -y
[root@foundation28 ~]# mysql -h 172.25.28.5 -u wxh -p
show databases;