ansible指路篇-安装及基本命令使用

                                            作者:尹正杰

版权声明:原创作品,谢绝转载!否则将追究法律责任。

一.什么是ansible

  ansible是新出现的自动化运维工具,基于Python开发,集合了众多运维工具(puppet、cfengine、chef、func、fabric)的优点,实现了批量系统配置、批量程序部署、批量运行命令等功能。
 ansible是基于模块工作的,本身没有批量部署的能力。真正具有批量部署的是ansible所运行的模块,ansible只是提供一种框架。主要包括:

   >.连接插件connection plugins:负责和被监控端实现通信;

   >.host inventory:指定操作的主机,是一个配置文件里面定义监控的主机;

   >.各种模块核心模块、command模块、自定义模块;

   >.借助于插件完成记录日志邮件等功能;

   >.playbook:剧本执行多个任务时,非必需可以让节点一次性运行多个任务。
 
二.准备环境
  我们本次试验需要4台主机,1台web服务器,2台数据库服务器,1台发送指令的服务器。并且需要配置好域名。其对应关系如下:
主机名称 对应IP 部署服务
node1.yinzhengjie.com 192.168.105/24 http
node2.yinzhengjie.com 192.168.1.110/24 nginx,mysql
node3.yinzhengjie.com 192.168.1.115/24 mysql
node4.yinzhengjie.com 192.168.1.200/24 ansible 
 [root@yinzhengjie ~]# ifconfig |grep addr | head -|tail - |cut -d ":" -f  | awk '{print $1}'

 192.168.1.200

 [root@yinzhengjie ~]# more /etc/hosts | grep yinzhengjie

 192.168.1.105   node1.yinzhengjie.com

 192.168.1.110   node2.yinzhengjie.com

 192.168.1.115   node3.yinzhengjie.com

 192.168.1.200   node4.yinzhengjie.com

 [root@yinzhengjie ~]#
三.安装ansible
1.下载安装包(RPM包搜索站点:https://pkgs.org/
 [root@yinzhengjie ~]# wget http://dl.fedoraproject.org/pub/epel/6/x86_64//ansible-2.3.2.0-1.el6.noarch.rpm

 [root@yinzhengjie ~]# rpm -qpi ansible-2.3.2.0-.el6.noarch.rpm
2.yum安装即可(它可以自动解决依赖关系)
  [root@yinzhengjie ~]# yum -y install ansible-2.3.2.0-.el6.noarch.rpm 
3.查看安装完毕后生产了哪些文件
 [root@yinzhengjie ~]#  rpm -qal ansible |wc -l

                         ------------->由于文件行数过多,此处我就不列出了

 [root@yinzhengjie ~]#
4.修改配置文件
 [root@yinzhengjie ~]# cd /etc/ansible/

 [root@yinzhengjie ansible]# more hosts |tail -

 #Add by yinzhengjie

 [webservers]

 node1.yinzhengjie.com

 node2.yinzhengjie.com

 [dbservers]

 node2.yinzhengjie.com

 node3.yinzhengjie.com

 [root@yinzhengjie ansible]#
 
5.配置无秘钥登录证书
a>..生成证书
 [root@yinzhengjie ~]# cd

 [root@yinzhengjie ~]# ssh-keygen -t rsa -P ''

 Generating public/private rsa key pair.

 Enter file in which to save the key (/root/.ssh/id_rsa):

 /root/.ssh/id_rsa already exists.

 Overwrite (y/n)? y

 Your identification has been saved in /root/.ssh/id_rsa.

 Your public key has been saved in /root/.ssh/id_rsa.pub.

 The key fingerprint is:

 ::9e:::6b::::7a:7e::c8::af: root@yinzhengjie

 The key's randomart image is:

 +--[ RSA ]----+

 |      .o+oo.=+  .|

 |       +o. +. oo.|

 |      ..o....E.o.|

 |       oo. .o.o  |

 |      . S. . o   |

 |          .      |

 |                 |

 |                 |

 |                 |

 +-----------------+

 [root@yinzhengjie ~]#
b>.将公钥拷贝到其他的服务器上去
 [root@yinzhengjie ~]# ssh-copy-id -i .ssh/id_rsa.pub root@node1.yinzhengjie.com

 The authenticity of host 'node1.yinzhengjie.com (192.168.1.105)' can't be established.

 RSA key fingerprint is ::2b:::::::c1:be:e3:ba:::.

 Are you sure you want to continue connecting (yes/no)? yes

 Warning: Permanently added 'node1.yinzhengjie.com' (RSA) to the list of known hosts.

 root@node1.yinzhengjie.com's password:

 Now try logging into the machine, with "ssh 'root@node1.yinzhengjie.com'", and check in:

   .ssh/authorized_keys

 to make sure we haven't added extra keys that you weren't expecting.

 [root@yinzhengjie ~]#

 [root@yinzhengjie ~]# ssh-copy-id -i .ssh/id_rsa.pub root@node2.yinzhengjie.com

 The authenticity of host 'node2.yinzhengjie.com (192.168.1.110)' can't be established.

 RSA key fingerprint is ::0a:6e::e9:::e5:c8:3f:b3:1d:::8e.

 Are you sure you want to continue connecting (yes/no)? yes

 Warning: Permanently added 'node2.yinzhengjie.com,192.168.1.110' (RSA) to the list of known hosts.

 root@node2.yinzhengjie.com's password:

 Now try logging into the machine, with "ssh 'root@node2.yinzhengjie.com'", and check in:

   .ssh/authorized_keys

 to make sure we haven't added extra keys that you weren't expecting.

 [root@yinzhengjie ~]#

 [root@yinzhengjie ~]# ssh-copy-id -i .ssh/id_rsa.pub root@node3.yinzhengjie.com

 The authenticity of host 'node3.yinzhengjie.com (192.168.1.115)' can't be established.

 RSA key fingerprint is :a4:bf:f7:b7::e7:e6:ce::bb:8f:e7:d8:e5:.

 Are you sure you want to continue connecting (yes/no)? yes

 Warning: Permanently added 'node3.yinzhengjie.com,192.168.1.115' (RSA) to the list of known hosts.

 root@node3.yinzhengjie.com's password:

 Now try logging into the machine, with "ssh 'root@node3.yinzhengjie.com'", and check in:

   .ssh/authorized_keys

 to make sure we haven't added extra keys that you weren't expecting.

 [root@yinzhengjie ~]#
 
c>.验证是否配置成功
 [root@yinzhengjie ~]# ssh node1.yinzhengjie.com

 Last login: Fri Oct  ::  from 192.168.1.161

 [root@yinzhengjie ~]# ifconfig |grep addr | head -|tail - |cut -d ":" -f  | awk '{print $1}'

 192.168.1.105

 [root@yinzhengjie ~]# logout

 Connection to node1.yinzhengjie.com closed.

 [root@yinzhengjie ~]#

 [root@yinzhengjie ~]#

 [root@yinzhengjie ~]# ifconfig |grep addr | head -|tail - |cut -d ":" -f  | awk '{print $1}'

 192.168.1.200

 [root@yinzhengjie ~]#
四.ansible简单应用
1.检查所有定义的主机是否在线
 [root@yinzhengjie ~]# ansible all -m ping

 node3.yinzhengjie.com | SUCCESS => {

     "changed": false,

     "ping": "pong"

 }

 node2.yinzhengjie.com | SUCCESS => {

     "changed": false,

     "ping": "pong"

 }

 node1.yinzhengjie.com | SUCCESS => {

     "changed": false,

     "ping": "pong"

 }

 [root@yinzhengjie ~]#
2.查看所有定义的主机的时间
 [root@yinzhengjie ~]# ansible all -m command -a 'date'

 node3.yinzhengjie.com | SUCCESS | rc= >>

 Fri Oct  :: PDT

 node2.yinzhengjie.com | SUCCESS | rc= >>

 Fri Oct  :: PDT

 node1.yinzhengjie.com | SUCCESS | rc= >>

 Fri Oct  :: PDT

 [root@yinzhengjie ~]#

 [root@yinzhengjie ~]#

 [root@yinzhengjie ~]# ansible all -a 'date'

 node3.yinzhengjie.com | SUCCESS | rc= >>

 Fri Oct  :: PDT

 node1.yinzhengjie.com | SUCCESS | rc= >>

 Fri Oct  :: PDT

 node2.yinzhengjie.com | SUCCESS | rc= >>

 Fri Oct  :: PDT

 [root@yinzhengjie ~]#
3.检查所有定义的主机的http服务是否正常
 [root@yinzhengjie ~]# ansible all -m command -a 'service httpd status'

  [WARNING]: Consider using service module rather than running service

 node1.yinzhengjie.com | SUCCESS | rc= >>

 httpd (pid  ) is running...

 node3.yinzhengjie.com | FAILED | rc= >>

 httpd is stopped

 node2.yinzhengjie.com | FAILED | rc= >>

 httpd is stopped

 [root@yinzhengjie ~]#
4.拷贝本地文件到定义的服务器群组
 [root@yinzhengjie ~]# ansible dbservers -m copy -a "src=/root/ansible-2.3.2.0-1.el6.noarch.rpm dest=/tmp/"

 node3.yinzhengjie.com | SUCCESS => {

     "changed": true,

     "checksum": "fb5559c1d886fdc5f4f553a44372cc0230189362",

     "dest": "/tmp/ansible-2.3.2.0-1.el6.noarch.rpm",

     "gid": ,

     "group": "root",

     "md5sum": "8388f98019479244b5098e5e23941da7",

     "mode": "",

     "owner": "root",

     "secontext": "unconfined_u:object_r:admin_home_t:s0",

     "size": ,

     "src": "/root/.ansible/tmp/ansible-tmp-1507900705.1-53916243211948/source",

     "state": "file",

     "uid":

 }

 node2.yinzhengjie.com | SUCCESS => {

     "changed": true,

     "checksum": "fb5559c1d886fdc5f4f553a44372cc0230189362",

     "dest": "/tmp/ansible-2.3.2.0-1.el6.noarch.rpm",

     "gid": ,

     "group": "root",

     "md5sum": "8388f98019479244b5098e5e23941da7",

     "mode": "",

     "owner": "root",

     "secontext": "unconfined_u:object_r:admin_home_t:s0",

     "size": ,

     "src": "/root/.ansible/tmp/ansible-tmp-1507900705.18-246525313248421/source",

     "state": "file",

     "uid":

 }

 [root@yinzhengjie ~]#

 [root@yinzhengjie ~]#

 [root@yinzhengjie ~]# ansible dbservers -a "ls /tmp"

 node3.yinzhengjie.com | SUCCESS | rc= >>

 ansible-2.3.2.0-.el6.noarch.rpm

 ansible_46ihbB

 keyring-Dp3ZRf

 ks-script-VsmDKH

 ks-script-VsmDKH.log

 orbit-gdm

 orbit-root

 pulse-qotd3GsczqPx

 pulse-sxkC9wDU7bP6

 vgauthsvclog.txt.

 virtual-root.mMq8ds

 vmware-config0

 VMwareDnD

 vmware-root

 yum.log

 node2.yinzhengjie.com | SUCCESS | rc= >>

 ansible-2.3.2.0-.el6.noarch.rpm

 ansible_KZ8J1M

 keyring-pUri5c

 orbit-gdm

 orbit-root

 pulse-UgBUKbuMXzGR

 [root@yinzhengjie ~]#
5.定义周期计划任务的模块
 [root@yinzhengjie ~]# ansible all -m cron -a 'name="yinzhengjie is good boy" minute=*/3 hour=* day=* month=* weekday=* job="/usr/sbin/ntpdate 1.cn.pool.ntp.org"'

 node3.yinzhengjie.com | SUCCESS => {

     "changed": true,

     "envs": [],

     "jobs": [

         "yinzhengjie is good boy"

     ]

 }

 node2.yinzhengjie.com | SUCCESS => {

     "changed": true,

     "envs": [],

     "jobs": [

         "yinzhengjie is good boy"

     ]

 }

 node1.yinzhengjie.com | SUCCESS => {

     "changed": true,

     "envs": [],

     "jobs": [

         "yinzhengjie is good boy"

     ]

 }

 [root@yinzhengjie ~]#

 [root@yinzhengjie ~]# ansible all -a "crontab -l"

 node2.yinzhengjie.com | SUCCESS | rc= >>

 #Ansible: yinzhengjie is good boy

 */ * * * * /usr/sbin/ntpdate .cn.pool.ntp.org

 node3.yinzhengjie.com | SUCCESS | rc= >>

 #Ansible: yinzhengjie is good boy

 */ * * * * /usr/sbin/ntpdate .cn.pool.ntp.org

 node1.yinzhengjie.com | SUCCESS | rc= >>

 #Ansible: yinzhengjie is good boy

 */ * * * * /usr/sbin/ntpdate .cn.pool.ntp.org

 [root@yinzhengjie ~]#
 
6.给所有定义的主机创建组
 [root@yinzhengjie ~]# ansible all -m group -a "gid=306 system=yes name=yinzhengjie520"

 node1.yinzhengjie.com | SUCCESS => {

     "changed": true,

     "gid": ,

     "name": "yinzhengjie520",

     "state": "present",

     "system": true

 }

 node2.yinzhengjie.com | SUCCESS => {

     "changed": true,

     "gid": ,

     "name": "yinzhengjie520",

     "state": "present",

     "system": true

 }

 node3.yinzhengjie.com | SUCCESS => {

     "changed": true,

     "gid": ,

     "name": "yinzhengjie520",

     "state": "present",

     "system": true

 }

 [root@yinzhengjie ~]#

 [root@yinzhengjie ~]# ansible all -a "tail -1 /etc/group"

 node3.yinzhengjie.com | SUCCESS | rc= >>

 yinzhengjie520:x::

 node1.yinzhengjie.com | SUCCESS | rc= >>

 yinzhengjie520:x::

 node2.yinzhengjie.com | SUCCESS | rc= >>

 yinzhengjie520:x::

 [root@yinzhengjie ~]#
 
五.ansible模块
  关于ping,date等一些命令其实都是ansible所对应的模块,因此,我们熟悉它的常用模块(ansible支持上千多个模块)还是很有必要的。用下面的命令就可以查看其支持的模块的使用方式。
1.查看ansible支持的模块个数
[root@yinzhengjie ~]# ansible-doc -l | wc -l
1039
[root@yinzhengjie ~]#
2.查看ansible对某个模块的帮助
[root@yinzhengjie ~]# ansible-doc -s copy
3.指点迷津
  想要学好ansible这个开源工具,需要熟练掌握YAML,palybook,corosync集群,crmch和pcs的使用方式。生产环境中我用不到这些。我用ansible就是因为生产环境中有50台服务器需要安装zabbix_agent服务器。听朋友介绍这个软件好使,就来研究一下。我的思路就是用ansible命令来管理所有主机,当然我会把shell安装脚本分发到各个服务器上去。帮我执行任务即可。
 
 
 

ansible指路篇-安装及基本命令使用的更多相关文章

  1. Ansible第一篇:介绍及安装

    Ansible介绍 Ansible是个什么东西呢?官方的title是"Ansible is Simple IT Automation"--简单的自动化IT工具.ansible基于P ...

  2. python Django教程 之 安装、基本命令、视图与网站

    python  Django教程  之 安装.基本命令.视图与网站 一.简介 Django 中提供了开发网站经常用到的模块,常见的代码都为你写好了,通过减少重复的代码,Django 使你能够专注于 w ...

  3. 自动化运维工具之 Ansible 介绍及安装使用

    一.初识Ansible 介绍: Absible 使用 模块(Modules)来定义配置任务.模块可以用标准脚本语言(Python,Bash,Ruby,等等)编写,这是一个很好的做法,使每个模块幂等.A ...

  4. 【OpenCV入门指南】第一篇 安装OpenCV

    http://blog.csdn.net/morewindows/article/details/8225783/ win10下vs2015配置Opencv3.1.0过程详解(转) http://ww ...

  5. ansible自动化工具安装和简单使用

    ansible自动化工具安装和简单使用 1.安装 ansible依赖于Python 2.6或更高的版本.paramiko.PyYAML及Jinja2. 2.1 编译安装 解决依赖关系 # yum -y ...

  6. ansible示例,离线安装etcd

    一.基础介绍 ========================================================================================== 1. ...

  7. Ansible介绍及安装部署

    本节内容: 运维工具 Ansible特性 Ansible架构图和核心组件 安装Ansible 演示使用示例 一.运维工具 作为一个Linux运维人员,需要了解大量的运维工具,并熟知这些工具的差异,能够 ...

  8. ansible介绍和安装

    ansible是由 Python 编写的强大的配置管理解决方案,ansible 的特点就在于它的简洁与高效率 ansible与其他的配置管理工具不同点在于:不需要你在想要配置的每个节点上安装自己的组件 ...

  9. ansible入门一(Ansible介绍及安装部署)

    本节内容: 运维工具 Ansible特性 Ansible架构图和核心组件 安装Ansible 演示使用示例 一.运维工具 作为一个Linux运维人员,需要了解大量的运维工具,并熟知这些工具的差异,能够 ...

随机推荐

  1. 20145221 《Java程序设计》实验报告四:Android开发基础

    20145221 <Java程序设计>实验报告四:Android开发基础 实验要求 基于Android Studio开发简单的Android应用并部署测试; 了解Android组件.布局管 ...

  2. <<浪潮之巅>>阅读笔记三

    纵看世界,横看国内.我们国内也有很多很优秀的企业正在走向或者已经处于浪潮之巅.阿里巴巴.腾讯和百度这三巨头应该是我们计算机行业的龙头.但是 不得不说,在创新方面我们做的并不多,这是值得每一个从事计算机 ...

  3. Leetcode——53.最大子序和

    @author: ZZQ @software: PyCharm @file: leetcode53_最大子序和.py @time: 2018/11/26 12:39 要求:给定一个整数数组 nums ...

  4. 3-palindrome CodeForces - 805B (思维)

    In the beginning of the new year Keivan decided to reverse his name. He doesn't like palindromes, so ...

  5. 4-Python3从入门到实战—基础之数据类型(字符串-String)

    Python从入门到实战系列--目录 字符串表示 在 Python 3版本中,字符串是以 Unicode 编码的:Python 中使用 ' '或者" "表示字符串 msg = 'H ...

  6. 腾讯 xtestserver 基本使用教程~

    刚刚简单录制了下 腾讯demo的基本测试脚本 成功~get新技能成功~开心ing~ 体验就是: 1.各种安卓机找开发者中心选项的usb调试模式太难找了.. 2.不管录制还是播放录制时都感觉好慢... ...

  7. Sonatype Nexus 2.11.1-01 使用入门

    nexus安装与启动 linux下: 安装路径 /home/maven/nexus-2.11.1-01/ 启动方法 ./bin/nexus start windows下: 管理员模式运行cmd.exe ...

  8. java collections - keyset() vs entrySet() in map

    https://stackoverflow.com/questions/8962459/java-collections-keyset-vs-entryset-in-map http://blog.c ...

  9. 玩弄 python 正则表达式

    这里记录一个我常用的模型,每次久了不使用正则就会忘记. 记得最好玩的一句关于正则表达式的话就是 当你想到一件事情可以用正则表达式解决的时候 现在你就面临了两个问题了. python里面使用了re模块对 ...

  10. StringBuilder String string.Concat 字符串拼接速度再议

    首先看测试代码: public class StringSpeedTest { "; public string StringAdd(int count) { string str = st ...