ansible自动注册,ansible注册


ansible-auto-register

由于ansible与agent之间的通信使用的是openssh,每次新增机器之后需要在ansible的inventory文件中添加新增机器的相关配置。

虽然配置起来很简单,但是一旦短时间新增大量机器、或者是长时间的维护过程中难免会有遗漏或配置重复的情况出现,因此类似salt的agent自动向server注册的功能就显得十分重要。

目前为至还未发现世面上有这种类似saltstack的agent自动向server端自动注册的机制,其实实现起来很简单,也不需要修改现有的ansible,只需要用到几个服务,以及手写几个脚本就可以按照你自己定义好的规则实现自动注册。

需要用到的服务

  • ansible
  • etcd
  • confd
  • python or shell

原理分析

  • 采用etcd作为节点发现数据库
  • 提前定义好etcd数据库的目录数据结构
  • 制作模板机,配置自动运行脚本
  • 通过confd的监控功能监控etcd相关数据,实时生成ansible的inventory文件

本文安装配置过程极为简单

etcd数据结构的定义还很简陋,这部分以及脚本的编写自由度非常高,你可以随意按照你的情况进行修改

实际上本文只是体现一个思路,或者也可以说只是etcd+confd配置管理的一个应用而已。

本文记录的整个过程中一些细节部分没有体现,请你自己注意;本文仅供参考

安装配置

ansible

pip install ansible
配置文件
# /etc/ansible/ansible.cfg[defaults]inventory = /etc/ansible/hostsremote_tmp = $HOME/.ansible/tmproles_path = /data/ansible/roles:/etc/ansible/rolestransport = smartgathering = smartfact_caching_timeout = 30require_sudo = Falsemodule_name = shellprivate_key_file = /root/.ssh/id_rsaansible_managed = Ansible managed: {file} modified on %Y-%m-%d %H:%M:%S by {uid} on {host}nocolor = 0fact_caching = memoryhost_key_checking = Falsetimeout = 10pattern = *forks = 20poll_interval = 15remote_user = devopsremote_port = 9555log_path = /data/logs/ansible/ansible.log[inventory][privilege_escalation]become=Truebecome_exe=sudobecome_method=sudobecome_user=rootbecome_ask_pass=False[paramiko_connection]record_host_keys=False[ssh_connection]pipelining = True[accelerate]accelerate_port = 5099accelerate_timeout = 30accelerate_connect_timeout = 5.0accelerate_daemon_timeout = 30
etcd安装配置
安装
LOCAL_DIR="/usr/local/src"ETCD_VER="v3.3.6"DOWNLOAD_URL="https://github.com/coreos/etcd/releases/download"cd ${LOCAL_DIR} && curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o ${LOCAL_DIR}/etcd-${ETCD_VER}-linux-amd64.tar.gzmkdir -p ${LOCAL_DIR}/etcd && tar xzvf ${LOCAL_DIR}/etcd-${ETCD_VER}-linux-amd64.tar.gz -C ${LOCAL_DIR}/etcd --strip-components=1cd ${LOCAL_DIR}/etcd/ && cp etcd etcdctl /usr/local/binetcd -version
systemd配置
mkdir /etc/etcd/tee /etc/etcd/etcd.conf <<-'EOF'# [member]ETCD_NAME="infra1"ETCD_IP="172.16.1.1"ETCD_DATA_DIR="/data/infra.etcd/"#ETCD_WAL_DIR=""#ETCD_SNAPSHOT_COUNT="10000"#ETCD_HEARTBEAT_INTERVAL="100"#ETCD_ELECTION_TIMEOUT="1000"ETCD_LISTEN_PEER_URLS="http://172.16.1.1:2380"ETCD_LISTEN_CLIENT_URLS="http://172.16.1.1:2379,http://127.0.0.1:2379"#ETCD_MAX_SNAPSHOTS="5"#ETCD_MAX_WALS="5"#ETCD_CORS=""# [cluster]ETCD_INITIAL_ADVERTISE_PEER_URLS="http://172.16.1.1:2380"ETCD_INITIAL_CLUSTER="infra1=http://172.16.1.1:2380"ETCD_INITIAL_CLUSTER_STATE="new"ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-test"ETCD_ADVERTISE_CLIENT_URLS="http://172.16.1.1:2379"EOF
修改 /usr/lib/systemd/system/etcd.service
tee  /usr/lib/systemd/system/etcd.service <<-'EOF'[Unit]Description=Etcd ServerAfter=network.targetAfter=network-online.targetWants=network-online.target[Service]Type=notifyNotifyAccess=allWorkingDirectory=/EnvironmentFile=-/etc/etcd/etcd.confUser=root# set GOMAXPROCS to number of processorsExecStart=/bin/bash -c "GOMAXPROCS=$(nproc) /usr/local/bin/etcd --name=\"${ETCD_NAME}\" --data-dir=\"${ETCD_DATA_DIR}\" --listen-client-urls=\"${ETCD_LISTEN_CLIENT_URLS}\" --listen-peer-urls=\"${ETCD_LISTEN_PEER_URLS}\" --advertise-client-urls=\"${ETCD_ADVERTISE_CLIENT_URLS}\" --initial-advertise-peer-urls=\"${ETCD_INITIAL_ADVERTISE_PEER_URLS}\" --initial-cluster=\"${ETCD_INITIAL_CLUSTER}\" --initial-cluster-state=\"${ETCD_INITIAL_CLUSTER_STATE}\" --initial-cluster-token=\"${ETCD_INITIAL_CLUSTER_TOKEN}\""Restart=on-failureLimitNOFILE=65536[Install]WantedBy=multi-user.targetEOF
启动服务
systemctl enable etcd.servicesystemctl start etcd.service
配置
etcd采用默认的api2接口
export ETCDCTL_API=2
创建etcd目录数据结构
etcdctl mkdir /ansible/defaultetcdctl mkdir /ansible/default/testetcdctl mkdir /ansible/default/devetcdctl mkdir /ansible/default/gammaetcdctl mkdir /ansible/default/prodetcdctl mkdir /ansible/default/zookeeperetcdctl mkdir /ansible/custom
  • /ansible/default/* 用于默认的数据存储
  • /ansible/custom 预留作为其他一些自定义的配置
confd安装配置
安装
CONFD_VER="0.16.0"curl -L https://github.com/kelseyhightower/confd/releases/download/v${CONFD_VER}/confd-${CONFD_VER}-linux-amd64 -o /usr/local/bin/confdchmod +x /usr/local/bin/confdconfd --version
配置
mkdir -p /etc/confd/{conf.d,templates}tee  /etc/confd/confd.toml <<-'EOF'backend = "etcd"confdir = "/etc/confd"log-level = "debug"interval = 1nodes = [  "http://0.0.0.0:2379",]prefix = "/"scheme = "https"EOFtee  /usr/lib/systemd/system/confd.service <<-'EOF'[Unit]Description=Confd ServerAfter=etcd.service[Service]User=rootExecStart=/usr/local/bin/confdRestart=alwaysLimitNOFILE=65536[Install]WantedBy=basic.targetEOF
cat conf.d/ansible.toml[template]src = "ansible.cfg.tmpl"dest = "/etc/ansible/h"keys = [    "/ansible/default",]# 这里生成的配置/etc/ansible/h 暂时先不生成正式的inventory配置cat templates/ansible.cfg.tmpl{{ range $dir := lsdir "/ansible/default" -}}[{{ base $dir -}} ]{{ $custdir := printf "/ansible/default/%s/*" $dir -}}{{ range gets $custdir -}}{{ $data := json .Value -}}{{ $data.name }} ansible_ssh_host={{ $data.ip }}{{ end }}{{ end }}##{{ base .Key }} ansible_ssh_host={{ $data.ip }}
启动
systemctl enable confdsystemctl start confd
注册脚本
# 脚本目前写的比较简单,后续还会进行修改# 我的所有机器主机名是采用的标准定义格式# ecs.ali-bj-vpc.manager.172.16.1.1.ansiblecat set.sh#!/bin/bashenv=$(hostname | awk -F'.' '{print $3}')ip=$(hostname | awk -F'.' '{print $4"."$5"."$6"."$7}')key=$(hostname | awk -F'.' '{print $NF}')url="http://172.16.1.1:2379/v2/keys/ansible/default"#env="zookeeper"curl -X PUT "${url}/${env}/${ip}" -d value="{\"ip\":\"${ip}\",\"name\":\"${env}-${key}\"}"echo curl -X PUT "${url}/${env}/${ip}" -d value="{\"ip\":\"${ip}\",\"name\":\"${env}-${key}\"}"            
                
									






 
相关内容


     暂无相关文章