Centos7安装配置ansible运维自动化工具

准备至少两台机器 Centos7，这两台机器都关闭 selinux

IP：106.13.118.132 　　服务端（ansible） 　　master
IP：148.70.60.244 　　 节点 　　 　　　　　　slaver

服务端：

1、Ansible仓库默认不在yum仓库中，因此我们需要使用下面的命令启用epel仓库
[root@master tools]# yum install -y epel-release

2、安装ansible
[root@master tools]# yum install -y ansible

3、查看ansible版本：
[root@master tools]# ansible --version
ansible 2.7.10
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Apr 11 2018, 07:36:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]

4、使用ssh-keygen生成公钥
[root@master tools]# ssh-keygen -P ''
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:OAgDBVATJg64cl++LrvxVbxYyFDp0joX0eps5mpd2ME root@master
The key's randomart image is:
+---[RSA 2048]----+
|O+*. .o |
|++ . .o . |
| oo .o + |
|o .o .o+=oE |
|.. ..oo=S++. |
| . +.B+o. |
| . Oo.. |
| .oo.o |
| o*+. |
+----[SHA256]-----+
[root@master tools]# systemctl stop firewalld.service

5、使用ssh-copy-id命令来复制ansible公钥的公钥到节点中，实现无秘钥执行命令
[root@master tools]# ssh-copy-id -i root@148.70.60.244
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '148.70.60.244 (148.70.60.244)' can't be established.
ECDSA key fingerprint is SHA256:EXMPsKuf0hIIw0Ena8RDnYjm99CoYSqWzX9Nzw0OpxE.
ECDSA key fingerprint is MD5:0f:3b:7f:30:e7:0e:12:83:ea:4c:be:b1:d9:03:57:ef.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@148.70.60.244's password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh 'root@148.70.60.244'"
and check to make sure that only the key(s) you wanted were added.

6、输入正确的节点登录密码,测试是否无需密码登录节点
[root@master tools]# ssh root@148.70.60.244
Last login: Thu Apr 25 15:29:42 2019 from 211.137.135.200

7、ctrl+d 退出 服务端 在ansible节点上添加可控制节点,/etc/ansible/hosts ansible的配置文件相对于简单所定义主机可以在webservers中定义节点ip
[root@master tools]# vim /etc/ansible/hosts

[testservers]
148.70.60.244

8、保存退出无需重启服务,测试是否成功
[root@master tools]# ansible -m ping 'testservers'
148.70.60.244 | SUCCESS => {
"changed": false,
"ping": "pong"
}

ansible 服务端执行命令：

[root@master tools]# ansible -m command -a "uptime" 'testservers'

148.70.60.244 | CHANGED | rc=0 >>
16:24:02 up 59 min, 2 users, load average: 0.24, 0.06, 0.06

[root@master tools]# ansible -m command -a "uname -r" 'testservers'
148.70.60.244 | CHANGED | rc=0 >>
3.10.0-514.26.2.el7.x86_64

[root@master tools]#
[root@master tools]# ansible -m command -a "yum install -y telnet*" 'testservers'

9、节点：
[root@slaver tools]# yum install -y epel-release
[root@slaver tools]# yum install -y ansible
[root@slaver tools]# ansible --version
ansible 2.7.10
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Nov 6 2016, 00:28:07) [GCC 4.8.5 20150623 (Red Hat 4.8.5-11)]
[root@slaver tools]# systemctl stop firewalld.service

节点侧验证 Telnet：
[root@slaver tools]# telnet 106.13.118.132 22
Trying 106.13.118.132...
Connected to 106.13.118.132.
Escape character is '^]'.
SSH-2.0-OpenSSH_7.4