在Linux中安装部署ansible

最新推荐文章于 2024-04-24 23:54:25 发布

VIP文章从小丑到大777

最新推荐文章于 2024-04-24 23:54:25 发布

阅读量1.1k

点赞数 2

文章标签： mysql linux centos shell yum

本文链接：https://blog.csdn.net/weixin_44357264/article/details/109065185

版权

ansible安装

（1）环境准备
在两台机器上关闭防火墙和SELinux，并修改/etc/hosts文件。
[root@ansible-test1 ~]# systemctl stop firewalld
[root@ansible-test1 ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
[root@ansible-test1 ~]# setenforce 0
[root@ansible-test1 ~]# cat /etc/selinux/config
…
disabled - No SELinux policy is loaded.
SELINUX=disabled //将此处改为disabled
SELINUXTYPE= can take one of three two values:
…
[root@ansible-test1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.2.10 ansible-test1 //添加两台主机的ip和主机名
192.168.2.20 ansible-test2
（2）安装ansible
准备两台机器anisble-01和anisble-02，只需要在anisble-01上安装ansible，先安装epel仓库。
[root@ansible-test1 ~]# yum install epel-release -y
[root@ansible-test1 ~]# yum install -y ansible
[root@ansible-test1 ~]# ansible --version
ansible 2.9.10
config file = /etc/ansible/ansible.cfg
configured module search path = [u’/root/.ansible/plugins/modules’, u’/usr/share/ansible/plugins/modules’]
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Nov 20 2015, 02:00:19) [GCC 4.8.5 20150623 (Red Hat 4.8.5-4)]
（3）免密配置
anisble-01上生成密钥对 ssh-keygen -t rsa ，把公钥放到anisble-02上，设置密钥认证。
注：需要将本机也配置免密。
[root@ansible-test1 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory ‘/root/.ssh’.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
0a:47:86:44:83:a2:7c:c3:0c:1b:33:1c:03:88:0c:09 root@ansible-test1
The key’s randomart image is:
±-[ RSA 2048]----+
|E+.o+ |
|=Bo. o |
|o.O . o |
|.o = o |
| . o . S |
| o . |
| . |
| |
| |
±----------------+
[root@ansible-test1 ~]# ssh-copy-id 192.168.2.20
The authenticity of host ‘192.168.2.20 (192.168.2.20)’ can’t be established.
ECDSA key fingerprint is dc:a5:08:4d:9a:40:8a:be:ee:68:dd:41:61:7d:d7:05.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed – if you are prompted now it is to install the new keys
[email protected]’s password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘192.168.2.20’”
and check to make sure that only the key(s) you wanted were added.

[root@ansible-test1 ~]# ssh 192.168.2.20
Last login: Sat Jul 4 16:49:18 2020 from 192.168.2.3
[root@ansible-test2 ~]# 登出
Connection to 192.168.2.20 closed.
（4）主机组设置
在/etc/ansible/hosts文件中添加本机和另一台机器的ip
[root@ansible-test1 ~]# grep ^[#] /etc/ansible/hosts
[testhost]
127.0.0.1
192.168.2.20
说明： testhost为自定义的主机组名字，下面两个ip为组内的机器ip。
**

ansible远程执行命令

**
这样就可以批量执行命令了。这里的testhost 为主机组名，-m后边是模块名字，-a后面是命令。当然我们也可以直接写一个ip，针对某一台机器来执行命令。
还有一个模块就是shell同样也可以实现。
[root@ansible-test1 ~]# ansible testhost -m command -a “hostname”
127.0.0.1 | CHANGED | rc=0 >>
ansible-test1
192.168.2.20 | CHANGED | rc=0 >>
ansible-test2
[root@ansible-test1 ~]# ansible 192.168.2.20 -m command -a “hostname”
192.168.2.20 | CHANGED | rc=0 >>
ansible-test2

ansible拷贝文件或目录

源目录会放到目标目录下面去，如果目标指定的目录不存在，它会自动创建。如果拷贝的是文件，dest指定的名字和源如果不同，并且它不是已经存在的目录，相当于拷贝过去后又重命名。但相反，如果desc是目标机器上已经存在的目录，则会直接把文件拷贝到该目录下面。
[root@ansible-test1 ~]# ansible 192.168.2.20 -m copy -a “src=/etc/passwd dest=/tmp/123”
192.168.2.20 | CHANGED => {
“ansible_facts”: {
“discovered_interpreter_python”: “/usr/bin/python”
},
“changed”: true,
“checksum”: “8f3ebea24b1558e6207af80195aa12931d96345f”,
“dest”: “/tmp/123”,
“gid”: 0,
“group”: “root”,
“md5sum”: “ca8f3327c9a73cb6fd96ba88ec4d18ee”,
“mode”: “0644”,
“owner”: “root”,
“secontext”: “unconfined_u:object_r:admin_home_t:s0”,
“size”: 1040,
“src”: “/root/.ansible/tmp/ansible-tmp-1593856449.24-11462-53060923085626/source”,
“state”: “file”,
“uid”: 0
}
这里的/tmp/123和源机器上的/etc/passwd是一致的，但如果目标机器上已经有/tmp/123目录，则会再/tmp/123目录下面建立passwd文件。
**

ansible远程执行脚本

**
首先创建一个shell脚本。
[root@ansible-test1 ~]# cat /tmp/test.sh
#!/bin/bash
echo date > /tmp/ansible_test.txt
然后把该脚本分发到各个机器上。
[root@ansible-test1 ~]# ansible testhost -m copy -a “src=/tmp/test.sh dest=/tmp/test.sh
mode=0755”
192.168.2.20 | CHANGED => {
“ansible_facts”: {
“discovered_interpreter_python”: “/usr/bin/python”
},
“changed”: true,
“checksum”: “1a6e4af02dba1bda6fc8e23031d4447efeba0ade”,
“dest”: “/tmp/test.sh”,
“gid”: 0,
“group”: “root”,
“md5sum”: “edfaa4371316af8c5ba354e708fe8a97”,
“mode”: “0755”,
“owner”: “root”,
“secontext”: “unconfined_u:object_r:admin_home_t:s0”,
“size”: 48,
“src”: “/root/.ansible/tmp/ansible-tmp-1593856700.7-11499-220274653312920/source”,
“state”: “file”,
“uid”: 0
}
127.0.0.1 | CHANGED => {
“ansible_facts”: {
“discovered_interpreter_python”: “/usr/bin/python”
},
“changed”: true,
“checksum”: “1a6e4af02dba1bda6fc8e23031d4447efeba0ade”,
“dest”: “/tmp/test.sh”,
“gid”: 0,
“group”: “root”,
“mode”: “0755”,
“owner”: “root”,
“path”: “/tmp/test.sh”,
“secontext”: “unconfined_u:object_r:user_tmp_t:s0”,
“size”: 48,
“state”: “file”,
“uid”: 0
}
最后是批量执行该shell脚本。
[root@ansible-test1 ~]# ansible testhost -m shell -a “/tmp/test.sh”
127.0.0.1 | CHANGED | rc=0 >>

192.168.2.20 | CHANGED | rc=0 >>

shell模块，还支持远程执行命令并且带管道。
[root@ansible-test1 ~]# ansible testhost -m shell -a "cat /etc/passwd |wc -l "
127.0.0.1 | CHANGED | rc=0 >>
21
192.168.2.20 | CHANGED | rc=0 >>
21
[root@ansible-test1 ~]# cat /tmp/ansible_test.txt //
2020年 07月 04日星期六 18:00:51 CST
运行成功。
**

ansible管理任务计划

**
创建任务计划，命名并定义工作。
[root@ansible-test1 ~]# ansible testhost -m cron -a “name=‘test cron’ job=’/bin/bash
/tmp/test.sh’ weekday=6”
127.0.0.1 | CHANGED => {
“ansible_facts”: {
“discovered_interpreter_python”: “/usr/bin/python”
},
“changed”: true,
“envs”: [],
“jobs”: [
“test cron”
]
}
192.168.2.20 | CHANGED => {
“ansible_facts”: {
“discovered_interpreter_python”: “/usr/bin/python”
},
“changed”: true,
“envs”: [],
“jobs”: [
“test cron”
]
}
若要删除该cron 只需要加一个字段 state=absent 。
[root@ansible-test1 ~]# ansible testhost -m cron -a “name=‘test cron’ state=absent”
127.0.0.1 | CHANGED => {
“ansible_facts”: {
“discovered_interpreter_python”: “/usr/bin/python”
},
“changed”: true,
“envs”: [],
“jobs”: []
}
192.168.2.20 | CHANGED => {
“ansible_facts”: {
“discovered_interpreter_python”: “/usr/bin/python”
},
“changed”: true,
“envs”: [],
“jobs”: []
}
其他的时间表示：分钟 minute 小时 hour 日期 day 月份 month。
**

ansible安装rpm包/管理服务

**
使用yum模块安装httpd服务。
[root@ansible-test1 ~]# ansible testhost -m yum -a “name=httpd”
127.0.0.1 | CHANGED => { <

最低0.47元/天解锁文章

从小丑到大777

关注

2
点赞
踩
3

收藏

觉得还不错? 一键收藏
打赏
0
评论
在Linux中安装部署ansible

ansible安装（1）环境准备在两台机器上关闭防火墙和SELinux，并修改/etc/hosts文件。[root@ansible-test1 ~]# systemctl stop firewalld[root@ansible-test1 ~]# systemctl disable firewalldRemoved symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.Removed symlink /etc/
复制链接

扫一扫