ansible安裝
https://galaxy.ansible.com/ 在線playbook分享平臺
安裝控制機準備:
python2.6或者以上
paramiko模塊
PyYAML
Jinja2
httplib2
控制機的系統版本可以是:RedHat Debian CentOS OSX BSD等
查看被管節點如果類UNIX系統,則需要Python2.4或者以上版本
如果是windows ,則需要PowerShell3.0並且授權遠程管理
安裝Ansible
1.從GItHUb安裝
提取Ansible代碼
git clone git://gihub.com/ansible/ansible.git --recursive
cd ./ansible
sourece ./hacking/env-setup -q
2.若沒有安裝pip,先安裝對應python版本的pip
sudo easy_install pip
3.安裝Ansible控制機需要的python模塊
sudo pip install paramiko PyYAML Jinja2 httplib2 six
4.當更新Ansible版本時候,不但要更新git的源碼樹,還要更新git中指向Ansible自身的模塊,稱爲submoudles
git pull --rebase
git submoduble update --init --recursive
5.一旦運行env-setup 腳本,就意味着Ansible從源碼中運行起來了!默認的資源清單inventory文件是/etc/ansible/hosts
這樣,Ansible系統就安裝完成了。
Tar包安裝方式跟源碼安裝一樣,只是源代碼獲取方式不同
製作rpm包安裝
git clone git://gihub.com/ansible/ansible.git
cd ./ansible
make rpm
sudo rpm -Uvh ~ /rpmbuild/ansible-*.noarch.rpm
Yum安裝方式
rpm -Uvh http://mirrors.zju.edu.cn/epel/6/i386/epel-release-6-8.noarch.rpm
rpm -Uvh http://mirrors.zju.edu.cn/epel/6/x86_64/epel-release-6-8.noarch.rpm
sudo yum install ansible
pip方式安裝
sudo easy_install pip
sudo pip install ansible
配置Ansbile環境、
使用環境變量方式配置
export ANSIBLE_SUDO_USER=root
設置ansible.cfg配置參數
inventory=/etc/ansible/hosts
library=/usr/share/ansible
forks=5
sudo_user=root
remote_port=22
host_key_checking=false 是否用公鑰認證
timeout=60
log_path=/var/log/ansible.log/ansible
配置Linux主機ssh無密碼訪問
在控制機上創建密鑰,執行ssh-keygen -t rsa 有詢問直接按”回車“,將在/root/.ssh下面生成一對密鑰。
其中id_rsa爲私鑰,id_rsa.pub爲公鑰
代碼如下:
# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
e0:54:fa:ad:ef:7a:a6:03:8e:3a:b8:96:af:3d:36:38 root@Server128
The key's randomart p_w_picpath is:
+--[ RSA 2048]----+
| . |
| o |
| + |
| o o . |
| . S . |
| . . |
| .o o .. |
|.Eo+. . ..o |
|oo*=o oBo |
+-----------------+
把id_rsa.pub發到被管節點上用戶下的.ssh目錄,並且重命名authorized_keys,權限爲400
# ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected]
The authenticity of host '192.168.37.128 (192.168.37.128)' can't be established.
RSA key fingerprint is 3b:3e:2c:83:d1:cc:0e:6f:da:85:d6:fb:35:08:02:cb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.37.128' (RSA) to the list of known hosts.
[email protected]'s password:
Now try logging into the machine, with "ssh '[email protected]'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
SSH登錄結果:
# ssh [email protected]
Last login: Fri Dec 16 22:06:42 2016 from 192.168.37.1
查看ansible版本
[root@Agent129 ~]# ansible --version
ansible 2.2.0.0
config file = /etc/ansible/ansible.cfg
configured module search path = Default w/o overrides
主機連通測試
1.修改/etc/ansible/hosts,格式爲ini 添加agent129的IP,同時定義一個webservers組包含這個IP
## green.example.com
192.168.37.128
# Ex 2: A collection of hosts belonging to the 'webservers' group
[webservers]
192.168.37.128
然後用ping模塊對主機ping
[root@Server129 ~]# ansible 192.168.37.128 -m ping
192.168.37.128 | SUCCESS => {
"changed": false,
"ping": "pong"
}
主機連通成功
在被管節點上批量執行命令
用Ansible的shell模塊中webservers的各服務器上顯示”hello world“
[root@Server129 ~]# ansible webservers -m shell -a '/bin/echo hello world' -i /etc/ansible/hosts
192.168.37.128 | SUCCESS | rc=0 >>
hello world
也可以自己建一個資源清單文件:inventory.cfg
[root@Server129 ansible]# ansible webservers -m shell -a '/bin/echo hello world' -i /etc/ansible/hosts
192.168.37.128 | SUCCESS | rc=0 >>
hello world
[root@Server129 ansible]# ansible webservers -m command -a '/bin/echo hello world' -i /etc/ansible/hosts
192.168.37.128 | SUCCESS | rc=0 >>
hello world
獲取幫助信息
[root@Server129 ansible]# ansible-doc -h
Usage: ansible-doc [options] [module...]
Options:
-h, --help show this help message and exit
-l, --list List available modules
-M MODULE_PATH, --module-path=MODULE_PATH
specify path(s) to module library (default=None)
-s, --snippet Show playbook snippet for specified module(s)
-v, --verbose verbose mode (-vvv for more, -vvvv to enable
connection debugging)
--version show program's version number and exit
[root@Server129 ansible]# ansible-doc -l
[DEPRECATION WARNING]: docker is kept for backwards compatibility but usage is discouraged. The module documentation details page may explain more about this rationale..
This feature will be removed in a future release. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
[ERROR]: unable to parse /usr/lib/python2.6/site-packages/ansible/modules/extras/cloud/misc/rhevm.py
ERROR! module rhevm has a documentation error formatting or is missing documentation
解決方法:
[root@Server129 ansible]# sed -i 's/^#deprecation_warnings = True/deprecation_warnings = False/' /etc/ansible/ansible.cfg
[root@Server129 ansible]# rm -f /usr/lib/python2.6/site-packages/ansible/modules/extras/cloud/misc/rhevm.py
Ansible調試獲取執行過程詳細信息
[root@Server129 ansible]# ansible webservers -i inventory.cfg -m ping -vvv
Using /etc/ansible/ansible.cfg as config file
Using module file /usr/lib/python2.6/site-packages/ansible/modules/core/system/ping.py
<192.168.37.128> ESTABLISH CONNECTION FOR USER: None on PORT 22 TO 192.168.37.128
<192.168.37.128> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1481957126.9-135770071402856 `" && echo ansible-tmp-1481957126.9-135770071402856="` echo $HOME/.ansible/tmp/ansible-tmp-1481957126.9-135770071402856 `" ) && sleep 0'
<192.168.37.128> PUT /tmp/tmpnPQrrc TO /root/.ansible/tmp/ansible-tmp-1481957126.9-135770071402856/ping.py
<192.168.37.128> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1481957126.9-135770071402856/ /root/.ansible/tmp/ansible-tmp-1481957126.9-135770071402856/ping.py && sleep 0'
<192.168.37.128> EXEC /bin/sh -c '/usr/bin/python /root/.ansible/tmp/ansible-tmp-1481957126.9-135770071402856/ping.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1481957126.9-135770071402856/" > /dev/null 2>&1 && sleep 0'
192.168.37.128 | SUCCESS => {
"changed": false,
"invocation": {
"module_args": {
"data": null
},
"module_name": "ping"
},
"ping": "pong"
}
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.