ansible的简单入门,ansible简单入门
ansible的简单入门,ansible简单入门
环境准备
ip | hostname |
---|---|
192.168.1.108 | master 控制节点 |
192.168.1.107 | slave |
192.168.1.109 | slave1 |
配置 EPEL源
第一种安装ansible方法
yum install epel-release
yum install ansible第二种安装ansible方法
yum -y install python-pip
pip install ansible
pip install –upgrade pip
检查是否安装成功:
[root@master ~]# ansible --version
ansible 2.3.1.0
config file = /etc/ansible/ansible.cfg
configured module search path = Default w/o overrides
python version = 2.7.5 (default, Nov 6 2016, 00:28:07) [GCC 4.8.5 20150623 (Red Hat 4.8.5-11)]
ansible相关配置
[root@master ~]# ls /etc/ansible/
ansible.cfg hosts roles
ansible读取变量是这样子的:
1.先查找环境变量 ANSIBLE_CONFIG 有没有值,如果没有转2
2.当前目录中的./ansible.cfg 没有转3
3.用户家目录中的~/ansible.cfg
4.最后才找/etc/ansible/ansible.cfg
...
[defaults]
# some basic default values...
#inventory = /etc/ansible/hosts 管理的hosts
#library = /usr/share/my_modules/ brary 存放Ansible模块的目录。Ansible对被管理主机的操作都使用一小段代码来执行,这小段代码就是Ansible模块,默认值 /usr/share/ansible。配置多个目录的话可以以冒号:隔开,同时会检查palybook同目录下的./library目录
#module_utils = /usr/share/my_module_utils/
#remote_tmp = ~/.ansible/tmp
#local_tmp = ~/.ansible/tmp
#forks = 5
#poll_interval = 15
#sudo_user = root 用户
#ask_sudo_pass = True
#ask_pass = True
#transport = smart
#remote_port = 22 远程主机的端口
#module_lang = C
#module_set_locale = False
...
配置控制节点到各节点SSH无密访问
在各节点上创建ansible用户,并设置该用户的密码,并确保每个节点ansible用户有root权限:
useradd -d /var/lib/ansible ansible
passwd ansible
echo “ansible ALL = (root) NOPASSWD:ALL”| sudo tee /etc/sudoers.d/ansible
root@slave ~]# useradd -d /var/lib/ansible ansible
[root@slave ~]# passwd ansible
更改用户 ansible 的密码 。
新的 密码:
无效的密码: 密码未通过字典检查 - 过于简单化/系统化
重新输入新的 密码:
passwd:所有的身份验证令牌已经成功更新。
[root@slave ~]# echo "ansible ALL = (root) NOPASSWD:ALL"| sudo tee /etc/sudoers.d/ansible
ansible ALL = (root) NOPASSWD:ALL
[root@master ansible]# su ansible
[ansible@master ~]$ pwd
/var/lib/ansible
[ansible@master ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/var/lib/ansible/.ssh/id_rsa):
Created directory '/var/lib/ansible/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /var/lib/ansible/.ssh/id_rsa.
Your public key has been saved in /var/lib/ansible/.ssh/id_rsa.pub.
The key fingerprint is:
2a:81:f2:39:bf:a3:45:c7:ce:42:f0:3a:5f:a8:d8:a6 ansible@master
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| . |
| + . |
|. . = o S |
| o = * . |
| * = = |
| o.B.+ |
|Eo+.+o |
+-----------------+
[ansible@master ~]$ ls ~/.ssh/
id_rsa id_rsa.pub
接下来下发密钥,把公钥id_rsa.pub拷贝到各节点
ssh-copy-id ansible@slave
ssh-copy-id ansible@slave1
修改/etc/ansible/ansible.cfg:
[defaults]
sudo_user=ansible
remote_user=ansible
修改/etc/ansible/hosts
[k8s-nodes]
slave
slave1
下面我们使用ping模块对受管主机进行ping操作,以及验证是否可以管理
[ansible@master ~]$ ansible slave1 -m ping
slave1 | SUCCESS => {
"changed": false,
"ping": "pong"
}
[ansible@master ~]$ ansible k8s-nodes -m ping
slave1 | SUCCESS => {
"changed": false,
"ping": "pong"
}
slave | SUCCESS => {
"changed": false,
"ping": "pong"
}
[ansible@master ~]$ ansible all -m command -a "date"
slave | SUCCESS | rc=0 >>
2017年 06月 25日 星期日 17:23:50 CST
slave1 | SUCCESS | rc=0 >>
2017年 06月 25日 星期日 17:23:50 CST
ansible-doc 是命令行帮助
end
评论暂时关闭