ansible使用1--初始配置/etc/ansible/hosts

最新推荐文章于 2024-07-19 22:07:59 发布

杨嚣

最新推荐文章于 2024-07-19 22:07:59 发布

阅读量4.7k

点赞数

本文链接：https://blog.csdn.net/zxy355/article/details/91572869

版权

ansible初始配置/etc/ansible/hosts
以下操作均参考朱双印先生博客，并细化后记录

四台主机

10.1.0.13 管理主机 192.168.1.202 安装ansible
10.1.0.10 192.168.1.201
10.2.0.7 192.168.1.203
10.2.0.5 192.168.1.206

ansible版本 2.8.0-2.el7

    8  sudo yum install wget
    9  sudo mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
   10  sudo wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
   12  sudo yum install -y epel-release
   13  yum clean all
   14  yum repolist enabled
   15  yum repolist all 
   16  sudo yum install ansible

设置管理的主机
vim /etc/ansible/hosts
10.1.0.10
10.2.0.7
10.2.0.5

[centos@self1-centos7-2 ansible]$ sudo vim hosts     
[centos@self1-centos7-2 ansible]$ sudo ansible 10.1.0.10 -m ping
The authenticity of host '10.1.0.10 (10.1.0.10)' can't be established.
ECDSA key fingerprint is SHA256:+5+TSSaM0tTZCnbUWbx3XTbGqiuBp7CiFl3QNcUbUTc.
ECDSA key fingerprint is MD5:28:da:2c:4b:27:2b:50:79:f1:6e:65:89:c6:c1:23:4c.
Are you sure you want to continue connecting (yes/no)? yes
10.1.0.10 | UNREACHABLE! => {
    "changed": false, 
    "msg": "Failed to connect to the host via ssh: Warning: Permanently added '10.1.0.10' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic).", 
    "unreachable": true
}

vim /etc/ansible/hosts 加上ssh信息
10.1.0.10 ansible_port=22 ansible_user=root ansible_ssh_pass=think
10.2.0.7 ansible_port=22 ansible_user=root ansible_ssh_pass=think
10.2.0.5 ansible_port=22 ansible_user=root ansible_ssh_pass=think

用秘钥进行ssh链接

    4  ssh-keygen
    5  ssh-copy-id -i /root/.ssh/id_rsa.pub root@10.1.0.10

    6  vim /etc/ssh/sshd_config
		PermitRootLogin yes         #允许root认证登录
		PasswordAuthentication yes  #允许密码认证
		RSAAuthentication yes       #秘钥认证
		PubkeyAuthentication yes    

    7  ssh-copy-id -i /root/.ssh/id_rsa.pub root@10.1.0.10
    8  ansible 10.1.0.10 -m ping
    9  vim /etc/ansible/hosts
    		self1-1 ansible_host=10.1.0.10   ansible_port=22 ansible_user=root ansible_ssh_pass=thinkvision02

   10  ansible self1-1 -m ping
   13  ssh-copy-id -i /root/.ssh/id_rsa.pub root@10.2.0.7
   14  ssh-copy-id -i /root/.ssh/id_rsa.pub root@10.2.0.5

可以把密码去掉了

   vim /etc/ansible/hosts
		self1-1 ansible_host=10.1.0.10   ansible_port=22
		10.2.0.7    ansible_port=22
		self2-1 ansible_host=10.2.0.5    ansible_port=22

	[root@self1-centos7-2 ~]# ansible self2-1 -m ping                            
		self2-1 | SUCCESS => {
		    "ansible_facts": {
		        "discovered_interpreter_python": "/usr/bin/python"
		    }, 
		    "changed": false, 
		    "ping": "pong"
		}