一、ansible安裝
1、安裝第三方epel源
centos 5的epel
#rpm -ivh http://mirrors.sohu.com/fedora-epel/5/x86_64/epel-release-5-4.noarch.rpm
centos 6的epel
#rpm -ivh http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm
檢視系統版本
# cat /etc/issue
CentOS release 6.5 (Final)
Kernel \r on an \m
由于是6版本是以安裝6的epel
2、安裝ansible
yum install ansible
3、添加主機
# ls /etc/ansible/
其中ansible.cfg是配置檔案,hosts是管理主機資訊
#cat /etc/ansible/hosts
[test]
172.31.2.16
172.31.2.17 ansible_ssh_port=2208
....
4、測試
#ansible all -m ping
我遇到的問題如下:
172.31.2.16 | FAILED >> {
"failed": true,
"msg": "Error: ansible requires a json module, none found!",
"parsed": false
}
172.31.2.17 | FAILED >> {
FAQ:
1、查閱官方文檔說python版本太低
解決辦法:登陸被管理機,更新python至2.6 或 yum install -y python-simplejson
再次測試,傳回如下,表示正常。
172.31.2.16 | success >> {
"changed": false,
"ping": "pong"
172.31.2.17 | success >> {
2、預設ansible是使用key驗證的,如果使用密碼登陸的伺服器,使用ansible的話,要不修改ansible.cfg配置檔案的
ask_pass = True給取消注釋,要不就在運作指令時候加上-k,這個意思是-k, --ask-pass ask
for SSH password
3、如果用戶端不在know_hosts裡将會報錯
paramiko: The authenticity of host '172.16.2.86' can't be established.
The ssh-rsa key fingerprint is dbbeccfb56be8dc7ce33c66897abb54f.
Are you sure you want to continue connecting (yes/no)?
如果想解決此問題,需要修改ansible.cfg的#host_key_checking = False取消注釋
4、如果出現
[root@puppet ansible]# ansible zabbix -m shell -a "echo $TERM" -u denglei --private-key=/root/denglei
172.17.0.2 | FAILED => FAILED: not a valid DSA private key file
172.17.0.4 | FAILED => FAILED: not a valid DSA private key file 需要你在最後添加參數-k
[root@puppet ansible]# ansible zabbix -m shell -a "echo $TERM" -u denglei --private-key=/root/denglei -k
SSH password:
172.17.0.2 | success | rc=0 >>
xterm
172.17.0.4 | success | rc=0 >>
xterm 二、ansible應用(http://www.tuicool.com/articles/AZVJ3qQ)
1.檢視ansible 支援的子產品
#ansible-doc -l
2.檢視ansible子產品的使用方法(http://docs.ansible.com/list_of_all_modules.html)
#ansible-doc -s xxx
3.執行個體:批量建立維護賬戶
# vi useradd.yml
---
- hosts: all
user: root
sudo: no
vars:
#password: python -c 'import crypt; print crypt.crypt("devops1232", "fanghanyun")'
user: fanghanyun
tasks:
- name: add user
action: user name=` user ` password=faJxjj/6hKXPs update_password=always shell=/bin/bash home=/home/` user `
tags:
![小技巧 (十一) ansible普通使用者執行[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)