ansible基础操作,ansible基础
ansible基础操作,ansible基础
ansible
前言
ansible是新出现的自动化运维工具,基于Python开发,它无客户端,集合了众多运维工具(puppet、cfengine、chef、func、fabric)的优点,实现了批量系统配置、批量程序部署、批量运行命令等功能。
部署
环境
ansible服务器、ansible客户机
安装
ansible服务器
yum源 yum install -y epel-release
安装 yum install -y ansible
rpm -ql ansible 列出所有文件 rpm -qc ansible 查看配置文件 ansible --help 查看ansible帮助 ansible-doc -s yum 查看yum模块了解其中能
基础操作
定义主机清单
vim /etc/ansible/hosts使用用户名和密码测试连通性
ansible host1 -m ping -u root -k -o # -m 模块 -u 用户 -k 密码 -o 简洁输出 # -a shell参数knoe_hosts
ansible host2 -m ping -u root -k -o 失败的原因是主机认为host3不可靠,给拒绝了。 去掉(yes/no)的询问 vim /etc/ssh/ssh_config StrictHostKeyChechking no
定义主机清单
含义
清查;存货清单;财产目录;主机清单
增加主机组
vim /etc/ansible/hosts
[webserver]
host1
host2
host3 #网址IP均可增加用户名 密码
[webserver]
host[1:4] ansible_ssh_user='root' ansible_ssh_pass='密码'增加端口
vim /etc/ssh/sshd_config
Port 2222
ansible webservers -m ping -o
#失败,端口已更改
vim /etc/ansible/hosts
[webserver]
host1 ansible_ssh_user='root' ansible_ssh_pass='777777' ansible_ssh_port='2222'
#需要在设置当中增加端口变量
| 参数 | 用途 | 举例 |
|---|---|---|
| ansible_ssh_host | 定义 hosts ssh 地址 | ansible_ssh_= IP |
| ansible_ssh_port | 定义 hosts ssh 端口 | ansible_ssh_port=端口 |
| ansible_ssh_user | 定义 hosts ssh 认证用户 | ansible_ssh_user=user |
| ansible_ssh_pass | 定义 hosts ssh 认证密码 | ansible_ssh_pass=pass |
| ansible_sudo | 定义 hosts sudo 用户 | ansible_sudo = www |
| ansible_sudo_pass | 定义 hosts sudo 密码 | ansible_sudo_pass=pass |
| ansible_sudo_exe | 定义 hosts sudo 路径 | ansible_sudo_exe=路径 |
| ansible_conneection | 定义 hosts 链接方式 | ansible_connection=local |
| ansible_ssh_private_key_file | 定义 hosts 私钥 | ansible_ssh_private_key_file=/root/key |
| ansible_ssh_shell_type | 定义 hosts shell类型 | ansible_ssh_shell_type=bash |
| ansible_python_interpreter | 定义 hosts 任务执行python路径 | nsible_python_interpreter=路径 |
| ansible_* _interpreter | 定义 hosts 其他语言解析路径 | ansible_* _interpreterd=路径 |
子分组
vim /etc/ansible/hosts
[apache]
host[1:2]
[nginx]
host[3:4]
[webserver:children]
apache
nginx
[webserver:vars]
ansible_ssh_user='root'
ansible_ssh_pass='666666定义主机列表
vim hostlist
[dockers]
host1
host2
[dockers:vars]
ansible_ssh_user='root'
ansible_ssh_pass='密码'
ansible -i hostlist dockers -m ping -o
# 文件名 表名Ad-Hoc 点对点模式
临时的,在ansible中是指快速执行的单条命令,并且不需要保存的命令。
yum模块
ansible host1 -m yum -a 'name=vsftpd state=latest' -u root -k
ansible host1 -m shell -a 'rpm -qa vsftpd' -u root -k -oshell模块
ansible webserver -m shell -a "hostname" -o #获取主机名复制模块copy
ansible webserver -m copy -a 'src=/etc/hosts dest=/tmp/2.txt owner=root group=bin mode=777' 用户模块user
ansible webserver -m user -a 'name=qianfeng state=present' 创建
ansible webserver -m user -a 'name=qianfeng state=absent' 删除
ansible webserver -m user -a 'name=qianfeng shell=/sbin/noglogin append=yes' 追加
echo '777777' | openssl passwd -1 -stdin 生成加密密码值 $1$XVzsJMDr$5wI4oUaQ.emxap6s.N272.
ansible webserver -m user -a 'name=qianfeng password="$1$XVzsJMDr$5wI4oUaQ.emxap6s.N272."'软件包管理service
ansible host2 -m service -a 'name=httpd state=started' 启动
ansible host2 -m service -a 'name=httpd state=started enables=yes' 开机启动
ansible host2 -m service -a 'name=httpd state=stopped' 停止
ansible host2 -m service -a 'name=httpd'state=restarted 重启
ansible host2 -m service -a 'name=httpd state=started enabled=no' 开机禁止启动文件模块file
ansible host1 -m file -a 'path=/tmp/88.txt mode=777 state=touch' 创建文件
ansible host1 -m file -a 'path=/tmp/99 mode=777 state=directory'收集模块setup
ansible host1 -m setup #查询所有信息
ansible host3 -m setup -a 'filter=ansible_all_ipv4_addresses'查看/找模块
ansible-doc -l YAML非标记语言
流程
ansible all -m yum -a 'name=httpd state=removed' -o #清理环境yum install -y httpdmkdir apachecp -rf /etc/httpd/conf/httpd.confgrep '^Listen' httpd.confListen 8080#修改配置vim apache.yaml - hosts: host2 tasks: - name: install apache packges yum: name=httpd state=present - name: copy apache conf copy: src=./httpd.conf dest=/etc/httpd/conf/httpd.conf - name: ensure apache is running service: name=httpd state=started enabled=yes测试
测试
ansible-playbook apache.yaml --syntax-checkansible-playbook apache.yaml --list-tasksansible-playbook apache.yaml --list-hostsansible-playbook apache.yaml
handlers
vim apache.yaml
- hosts: host2
tasks:
- name: install apache packges
yum: name=httpd state=present
- name: copy apache conf
copy: src=./httpd.conf dest=/etc/httpd/conf/httpd.conf
notify: restart apache is running #应用处理程序
- name: ensure apache is running
service: name=httpd state=started enabled=yes测试
handlers:
- name: restart apache service #定义处理程序
service: name=apche state=restarted Role -角色扮演
1.目录结构
结构
roles/
├── nginx
│ ├── handlers(处理程序文件)
│ │ └── main.yaml
│ ├── tasks(任务)
│ │ └── main.yaml
│ ├── templates(模板)
│ └── vars(变量)
│ └── main.yaml
└── site.yaml准备
mkdir roles/nginx/{files,handlers,tasks,templates,vars} -ptouch roles/site.yamroles/nginx/{handlers,tasks,vars}/main.yamlecho 1234 > roles/nginx/files/index.htmlyum install -y nginxcp /etc/nginx/nginx.conf roles/nginx/templates/nginx.conf.j2
2.准备配置文件
vim roles/nginx/templates/nginx.conf.j2
worker_processes {{ ansible_processor_cores }}; #调用内部已知变量
worker_connections {{ worker_connections }}; #自定义变量3.编写剧本
vim roles/site.yaml
- hosts: host1
roles:
- nginx4.编写任务
vim roles/nginx/tasks/main.yaml
---
- name: install nginx packge
yum: name={{ item }} state=latest
with_items:
- epel-release
- nginx
- name: copy index.html
copy: src=index.html dest=/usr/share/nginx/html/index.html
- name: copy nginx.conf template
template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf
notify: restart nginx
- name: make sure nginx service running
service: name=nginx state=started enabled=yes5.编写处理程序
vim roles/nginx/handlers/main.yaml
---
- name: restart nginx
service: name=nginx state=restarted6.编写变量
vim roles/nginx/vars/main.yaml
worker_connections: 102407.实施
ansible-playbook site.yaml --syntax-check #测试
ansible-playbook site.yaml #实施剧本
评论暂时关闭