在练习ansible题目之前,需要完成如下几个步骤:
明确好控制节点及被控节点,配置好固定的IP地址,将其IP地址写入/etc/hosts中(可选)
[root@centos78 ~]# vim /etc/hosts
192.168.76.133 master
192.168.76.134 node1
192.168.76.135 node2
SSH远程免密连接
#前提将防火墙及SELinux关闭,要求让控制节点的root用户能够免密连接被控节点的root用户
[root@centos78 ~]# ssh-keygen #生成公私钥
[root@centos78 ~]#ssh-copy-id root@node1 #将公钥传给被控节点
[root@centos78 ~]#ssh-copy-id root@node2
#在控制节点及被控节点上创建用户
[root@centos78 ~]#useradd xiaoming #创建xiaoming用户
[root@centos78 ~]#echo 123 | passwd --stdin xiaoming #xiaoming用户的密码
#注:每个节点上都需要创建
重复上述免密操作,使得xiaoming用户能够连接到被控节点的用户上
根据个人需求,修改ansible的访问目录,默认是在config file = /etc/ansible/ansible.cfg
1、以all主机组为目标执行id命令
[xiaoming@centos78 ~]$
[xiaoming@centos78 ~]$ mkdir -pv ansible/chap01
[xiaoming@centos78 chap01]$ cp /etc/ansible/ansible.cfg . #复制默认文件到当前目录下
[xiaoming@centos78 chap01]$ cat ansible.cfg #重新编写配置文件
[defaults]
inventory = ./inventory ;指定清单文件
remote_user = xiaoming ;指定连接受控主机的xiaoming用户,如果未指定,则使用当前用户的名称
ask_pass = false ;是否提示输入ssh密码。如果使用ssh公钥身份认证,则可以是false
#forks=5
#roles_path=roles
[privilege_escalation]
become=True ;登录到受控主机后是否切换用户
become_method=sudo ;可以使用su或者sudo的方式切换用户,当前使用sudo方式,默认是sudo
become_user=root ;切换到哪个用户
become_ask_pass=False ;是否为become_method提示输入密码,默认为false
become_method=sudo ;需要提前在受控节点设置用户的sudo配置
[xiaoming@centos78 chap01]$ ansible all -m ping
node2 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
node1 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
master | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
2、使用copy模块修改所有主机上的/etc/motd文件内容为welcome to ansible
[xiaoming@centos78 chap01]$ ansible all -m copy -a 'content="welcome to ansible\n" dest=/etc/motd'
#可查看模板进行编写:ansible-doc copy
#检验
[root@node1 ~]# cat /etc/motd
welcome to ansible
[root@node2 ~]# cat /etc/motd
welcome to ansible
3、使用command模块查看/etc/motd文件的内容
[xiaoming@centos78 chap01]$ ansible all -m command -a "cat /etc/motd"
node2 | CHANGED | rc=0 >>
welcome to ansible
node1 | CHANGED | rc=0 >>
welcome to ansible
master | CHANGED | rc=0 >>
welcome to ansible
4、使用user模块创建用户wukong,uid为2000
[xiaoming@centos78 chap01]$ ansible all -m user -a 'name=wukong uid=2000'
node1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 2000,
"home": "/home/wukong",
"name": "wukong",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 2000
}
node2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 2000,
"home": "/home/wukong",
"name": "wukong",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 2000
}
master | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 2000,
"home": "/home/wukong",
"name": "wukong",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 2000
}
5、使用yum模块安装httpd软件包并使用service模块启动该服务
[xiaoming@centos78 chap01]$ ansible all -m yum -a 'name=httpd'
node1 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"msg": "Nothing to do",
"rc": 0,
"results": []
}
node2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Installed: httpd-filesystem-2.4.37-47.module_el8.6.0+1111+ce6f4ceb.1.noarch",
"Installed: centos-logos-httpd-85.8-2.el8.noarch",
"Installed: apr-1.6.3-12.el8.x86_64",
"Installed: mailcap-2.1.48-3.el8.noarch",
"Installed: httpd-tools-2.4.37-47.module_el8.6.0+1111+ce6f4ceb.1.x86_64",
"Installed: apr-util-1.6.1-6.el8.x86_64",
"Installed: apr-util-bdb-1.6.1-6.el8.x86_64",
"Installed: apr-util-openssl-1.6.1-6.el8.x86_64",
"Installed: httpd-2.4.37-47.module_el8.6.0+1111+ce6f4ceb.1.x86_64",
"Installed: mod_http2-1.15.7-5.module_el8.6.0+1111+ce6f4ceb.x86_64"
]
}
master | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"msg": "",
"rc": 0,
"results": [
"httpd-2.4.6-97.el7.centos.5.x86_64 providing httpd is already installed"
]
}
使用service模块启动该服务
[xiaoming@centos78 chap01]$ ansible all -m service -a 'name=httpd state=started'