目錄
第1章 介紹:
第2章 IP清單
第3章 開始配置
3.1 ssh
3.2 開始安裝ansible
3.3 利用ansible遠端執行各類腳本
第1章 介紹:
python語言是運維人員必會的語言!
ansible是一個基于Python開發的自動化運維工具
ansible的功能實作基于SSH遠端連接配接服務
ansible可以實作批量系統配置,批量軟體部署,批量檔案拷貝,批量運作指令等功能
第2章 IP清單
機器說明 | ip | 主機名 |
主虛拟機 | 192.168.198.137 | yzh |
從虛拟機 | 192.168.198.128 | yzh1 |
第3章 開始配置
實作從主機yzh到從機的密鑰認證關系:
3.1 ssh
主機與從機之間進行ssh連接配接
3.2 開始安裝ansible
3.2.1 主機yzh安裝ansible
需要epel.repo源
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
yum -y install ansible
3.2.2 從機需安裝
yum -y install libselinux-python
3.2.3 ansible基礎配置
ansible的配置檔案:
[[email protected] ~]# tree /etc/ansible/
/etc/ansible/
|-- ansible.cfg
|-- hosts
|-- hosts.bak
`-- roles
1 directory, 3 files
編輯ansible的主機配置檔案hosts,添加主機組yzh(修改前可對檔案進行備份)
[[email protected] ~]# cp /etc/ansible/hosts{,.bak}
cp:是否覆寫"/etc/ansible/hosts.bak"? n
[[email protected] ~]# tail -4 /etc/ansible/hosts
[yzh]
192.168.198.137 ansible_ssh_user=root ansible_ssh_pass=123456
192.168.198.128 ansible_ssh_user=root ansible_ssh_pass=123456
指令說明:
ansible_ssh_user:ssh連接配接的使用者名
ansible_ssh_pass:ssh連接配接的密碼
3.2.4 利用ansible遠端批量執行指令
文法:
ansible chensiqi -m command -a 'uptime'
ansible 主機組 -m ansible内置功能子產品名 -a 指令
示例:擷取192.168.198.128的主機的w資訊(也可把ip換成yzh,可檢視整個組的資訊)
[[email protected] ~]# ansible 192.168.198.128 -m command -a "w"
192.168.198.128 | SUCCESS | rc=0 >>
10:40:36 up 2:27, 5 users, load average: 0.00, 0.01, 0.05
USER TTY FROM [email protected] IDLE JCPU PCPU WHAT
root tty1 :0 08:20 2:27m 2.06s 2.06s /usr/bin/Xorg :
root pts/0 :0.0 08:22 2:17m 0.00s 0.00s bash
root pts/1 192.168.198.1 08:23 2:00m 0.03s 0.03s -bash
root pts/2 192.168.198.1 09:24 35:26 0.11s 0.11s -bash
root pts/3 yzh 10:40 1.00s 0.19s 0.00s /bin/sh -c /usr
示例:調用ansible内置的copy子產品
[[email protected] ~]# ansible 192.168.198.128 -m copy -a "src=/etc/hosts dest=/tmp"
192.168.198.128 | SUCCESS => {
"changed": true,
"checksum": "691f8b5215f65d3e87664c6b3882b57061a0f99c",
"dest": "/tmp/hosts",
"gid": 0,
"group": "root",
"md5sum": "664a99e015c25cb10144fbb916393125",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 194,
"src": "/root/.ansible/tmp/ansible-tmp-1558081064.43-122053739556327/source",
"state": "file",
"uid": 0
}
[[email protected] ~]# ansible 192.168.198.128 -m command -a "ls /tmp"
192.168.198.128 | SUCCESS | rc=0 >>
ansible_cCYhKy
gconfd-gdm
gconfd-root
hosts #拷貝成功
keyring-Ap9rWy
keyring-bNDu5g
keyring-HpvTEh
keyring-IwWnab
keyring-lReuKL
keyring-M4qxxu
keyring-pBA4vc
keyring-pJ7iua
keyring-rp2TH1
keyring-SH1pPt
keyring-Y7dLDb
orbit-gdm
orbit-root
pulse-CwxpEBAJpPWx
pulse-o8WBp8v9b91p
pulse-oLKO1dO9JElO
[[email protected] ~]#
[[email protected] ~]# ssh [email protected] "ls /tmp"
[email protected]'s password:
gconfd-gdm
gconfd-root
hosts #拷貝成功
keyring-Ap9rWy
keyring-bNDu5g
keyring-HpvTEh
keyring-IwWnab
keyring-lReuKL
keyring-M4qxxu
keyring-pBA4vc
keyring-pJ7iua
keyring-rp2TH1
keyring-SH1pPt
keyring-Y7dLDb
orbit-gdm
orbit-root
pulse-CwxpEBAJpPWx
pulse-o8WBp8v9b91p
pulse-oLKO1dO9JElO
指令說明:
-m:調用ansible内置子產品 copy 拷貝子產品
-a:接指令。由于調用了copy子產品,指令格式發生改變。src=本地檔案路徑 dest=目的地所在路徑
示例:調用copy子產品實作儲存檔案的屬性改變
[[email protected] ~]# ansible 192.168.198.128 -m copy -a "src=/etc/hosts dest=/tmp owner=yzh group=yzh mode=600"
192.168.198.128 | SUCCESS => {
"changed": true,
"checksum": "691f8b5215f65d3e87664c6b3882b57061a0f99c",
"dest": "/tmp/hosts",
"gid": 503,
"group": "yzh",
"mode": "0600",
"owner": "yzh",
"path": "/tmp/hosts",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 194,
"state": "file",
"uid": 500
}
[[email protected] ~]# ssh [email protected] "ll /tmp/hosts"
[email protected]'s password:
bash: ll: command not found #并不能使用别名
[[email protected] ~]# ssh [email protected] "ls -l /tmp/hosts"
[email protected]'s password:
-rw-------. 1 yzh yzh 194 5月 17 09:44 /tmp/hosts
3.3 利用ansible遠端執行各類腳本
3.3.1 先将腳本分發到從機上去
[[email protected] ~]# echo "echo '測試成功!'" >> /root/1/test.sh
[[email protected] ~]# ansible yzh -m copy -a "src=/root/1/test.sh dest=/root/1/ mode=0755 backup=yes"
192.168.198.128 | SUCCESS => {
"changed": true,
"checksum": "05dfb0e37f8f2270c41947f9d44ec9520b45e043",
"dest": "/root/1/test.sh",
"gid": 0,
"group": "root",
"md5sum": "8af588216a93167632151f412f1d4b3d",
"mode": "0755",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 23,
"src": "/root/.ansible/tmp/ansible-tmp-1558082749.28-252420826366723/source",
"state": "file",
"uid": 0
}
192.168.198.137 | SUCCESS => {
"changed": true,
"checksum": "05dfb0e37f8f2270c41947f9d44ec9520b45e043",
"dest": "/root/1/test.sh",
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/root/1/test.sh",
"size": 23,
"state": "file",
"uid": 0
}
注意:dest路徑的寫法,若是不存在的目錄,結尾要加斜線(/root/1/),否則預設不會建立目标目錄
3.3.2 遠端批量執行腳本
ansible yzh -m shell -a "/root/1/test.sh"
[[email protected] ~]# ansible yzh -m command -a "sh /root/1/test.sh"
192.168.198.128 | SUCCESS | rc=0 >>
測試成功!
192.168.198.137 | SUCCESS | rc=0 >>
測試成功!
以上即為一些基礎的ansible的操作。