Ansible 学习笔记(一)

发表于 | 分类于 |

关于ansible介绍

ansible 是一个轻量级自动化运维工具,基于Python开发,可以实现命令批量执行,程序批量部署和配置,批量系统配置等 ;集合了puppet,saltstack,chef,fabric 等运维工具的功能特点,所以强大好用。

ansible 基本架构

ansible 架构图
* 该图来源于网络*

1)ansible 本身并不实现管理任务,而是通过模块来进行;
2)模块类型:标准模块(也叫核心模块),自定义模块;
3)playbooks :当有多个任务需要同时去执行,就需要将任务写入到以.yml结尾的文件中,通过 playbooks 调用执行;
4)Connectior Plugins :是 ansible 和被管控主机之间的连接插件,大部分场景使用的是SSH来连接;
5)Host Inventory :主机清单;

ansible 环境部署

这里我们采用3台主机,1台管控主机,2台WEB主机,用来被管理使用。

IP:192.168.231.132
IP:192.168.231.135 (web)
IP:192.168.231.136 (web)


IP:192.168.231.132 上面安装ansible:

1) 查看ansible描述信息:
[root@master ~]# yum info ansible
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.cn99.com
 * extras: mirrors.sohu.com
 * updates: mirrors.sohu.com
Available Packages
Name        : ansible
Arch        : noarch
Version     : 2.4.2.0
Release     : 2.el7
Size        : 7.6 M
Repo        : extras/7/x86_64
Summary     : SSH-based configuration management, deployment, and task execution system
URL         : http://ansible.com
License     : GPLv3+
Description : 
            : Ansible is a radically simple model-driven configuration management,
            : multi-node deployment, and remote task execution system. Ansible works
            : over SSH and does not require any software or daemons to be installed
            : on remote nodes. Extension modules can be written in any language and
            : are transferred to managed machines automatically.

2)yum 安装ansible:
[root@master ~]# yum install -y ansible
[root@master ~]# rpm -qi ansible  #查看是否安装成功
[root@master ~]# rpm -ql ansible |less
/etc/ansible                      
/etc/ansible/ansible.cfg          #ansible主配置文件
/etc/ansible/hosts                #主机清单
/etc/ansible/roles                #角色存放目录
/usr/bin/ansible                  #主程序
/usr/bin/ansible-doc              #存放剧本文件

3)查看所支持的模块:
[root@master ~]# ansible-doc -l

4)在ansible主机上添加被管控主机:
[root@master ~]# cd /etc/ansible/
[root@master ansible]# cp hosts{,.bak}       #备份
[root@master ansible]# vim hosts
添加:
[websrvs]
192.168.231.135
192.168.231.136

[root@master ansible]# cd
[root@master ~]# ssh-keygen -t rsa -P ''
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:hPCCZDNwDrpgOtstpYdargZUTbpEYQvj/r8Uca50hjQ root@master
The key's randomart image is:
+---[RSA 2048]----+
|o+*+=.           |
|o*==o+ .         |
|oo++.Eo..        |
|=o. o.*.         |
|=. ..+ +S        |
|.+.=. =          |
|o *.oo           |
| = oo            |
|+..  o.          |
+----[SHA256]-----+
[root@master ~]# ssh-copy-id -i .ssh/id_rsa.pub root@192.168.231.135
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_rsa.pub"
The authenticity of host '192.168.231.135 (192.168.231.135)' can't be established.
ECDSA key fingerprint is SHA256:y6l//XlPDQXSeJZwVG4ursI6hLXe2YkuNFSSPuOkT5Y.
ECDSA key fingerprint is MD5:4f:60:57:a4:2b:5c:75:09:b4:96:a6:32:ed:8c:1d:36.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.231.135's password: 
Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.231.135'"
and check to make sure that only the key(s) you wanted were added.

[root@master ~]# ssh-copy-id -i .ssh/id_rsa.pub root@192.168.231.136
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_rsa.pub"
The authenticity of host '192.168.231.136 (192.168.231.136)' can't be established.
ECDSA key fingerprint is SHA256:y6l//XlPDQXSeJZwVG4ursI6hLXe2YkuNFSSPuOkT5Y.
ECDSA key fingerprint is MD5:4f:60:57:a4:2b:5c:75:09:b4:96:a6:32:ed:8c:1d:36.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.231.136's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.231.136'"
and check to make sure that only the key(s) you wanted were added.


[root@master ~]# ansible all -m ping        #ping模块探测被管理主机是否存活,显示pong,则是正常
192.168.231.135 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
192.168.231.136 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}

ansible 常用模块

ansible -h   
ansible -s 模块       #模块的一些简单用法和说明

常用的模块有:
ping 
yum
copy
cron
file
...