溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
?ansible是新出現的自動化運維工具,基于Python開發,集合了眾多運維工具(puppet、cfengine、chef、func、fabric)的優點,實現了批量系統配置、批量程序部署、批量運行命令等功能。
?ansible是基于模塊工作的,本身沒有批量部署的能力。真正具有批量部署的是ansible所運行的模塊,ansible只是提供一種框架。主要包括:
(1)、連接插件connection plugins:負責和被監控端實現通信;
(2)、host inventory:指定操作的主機,是一個配置文件里面定義監控的主機;
(3)、各種模塊核心模塊、command模塊、自定義模塊;
(4)、借助于插件完成記錄日志郵件等功能;
(5)、playbook:劇本執行多個任務時,非必需可以讓節點一次性運行多個任務。
連接其他主機默認使用ssh協議
ansible core核心引擎:即ansible本身
host inventory主機清單:用來定義ansible所管理主機,默認是在ansible的hosts配置文件中定義被管理主機,同時也支持自定義動態主機清單和指定其他配置文件的位置
connect plugin連接插件:負責和被管理主機實現通信,除支持使用SSH連接被管理主機外,ansible還支持其他的連接方式,所有需要有連接插件將各個主機用連接插件連接到ansible
playbook劇本:用來集中定義ansible任務的配置文件,即將多個任務定義在一個劇本中由ansible自動執行,可以由控制主機針對多臺被管理主機同時運行多個任務
core modules核心模塊:是ansible自帶的模塊,使用這些模塊將資源分發到被管理主機使其執行特定任務或匹配特定的狀態
custom modules自定義模塊:用于完成模塊功能的補充,可借助相關插件完成記錄日志,發送郵件等功能
控制主機 192.168.13.128
被管理主機 192.168.13.129
被管理主機 192.168.13.130[root@promote ~]# systemctl stop firewalld.service ##關閉所有主機的防火墻
[root@promote ~]# setenforce 0
[root@promote ~]# yum install epel-release -y ##安裝epel源
[root@promote ~]# yum install ansible -y ##安裝ansible服務
[root@promote ~]# yum install tree -y
[root@promote ~]# tree /etc/ansible/ ##查看ansible屬性結構
/etc/ansible/
├── ansible.cfg ##配置文件
├── hosts ##主機清單
└── roles[root@promote ~]# vim /etc/ansible/hosts ##編輯ansible主機清單
[webserver]
192.168.13.129 ##web的主機地址
[mysql]
192.168.13.130 ##mysql的主機地址[root@promote ~]# ssh-keygen -t rsa ##生成秘鑰對
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): ##回車
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): ##輸入密碼
Enter same passphrase again: ##確認密碼
[root@promote ~]# ls .ssh/ ##查看秘鑰
id_rsa id_rsa.pub
[root@promote ~]# ssh-copy-id root@192.168.13.129 ##上傳秘鑰到后面的服務器上
[root@promote ~]# ssh-copy-id root@192.168.13.130 [root@promote ~]# ansible webserver -m command -a 'date' ##使用ansible命令行模塊執行date
Enter passphrase for key '/root/.ssh/id_rsa': ##輸入秘鑰密碼
192.168.13.129 | CHANGED | rc=0 >>
2020年 01月 23日 星期三 23:57:16 CST
[root@promote ~]# ansible mysql -m command -a 'date'
Enter passphrase for key '/root/.ssh/id_rsa':
192.168.13.130 | CHANGED | rc=0 >>
2020年 01月 23日 星期三 23:57:38 CST
[root@promote ~]# ssh-agent bash ##免交互代理
[root@promote ~]# ssh-add ##添加
Enter passphrase for /root/.ssh/id_rsa: ##輸入秘鑰
Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa)
[root@promote ~]# ansible webserver -m command -a 'date' ##繼續執行命令行模塊實現免交互
192.168.13.129 | CHANGED | rc=0 >>
2020年 01月 23日 星期三 23:58:26 CST
[root@promote ~]# ansible mysql -m command -a 'date'
192.168.13.130 | CHANGED | rc=0 >>
2020年 01月 23日 星期三 23:58:39 CST[root@promote ~]# ansible all -a 'date'
192.168.13.130 | CHANGED | rc=0 >>
2020年 01月 30日 星期四 00:17:02 CST
192.168.13.129 | CHANGED | rc=0 >>
2020年 01月 30日 星期四 00:17:02 CST
[root@promote ~]# ansible all -a 'ls /' ##查看后兩臺主機的根目錄
##如果不加-m模塊,則默認運行command模塊all是所有主機[root@promote ~]# ansible-doc -s cron ##查看cron模塊信息
[root@promote ~]# ansible webserver -m cron -a 'minute="*/1" job="/usr/bin/echo haha" name="test haha"'
##選擇cron模塊指定時間,工作內容,名稱
192.168.13.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"test haha"
]
}
[root@promote ~]# ansible webserver -a 'crontab -l' ##執行命令行查看計劃性任務
192.168.13.129 | CHANGED | rc=0 >>
#Ansible: test haha
*/1 * * * * /usr/bin/echo haha
[root@promote ~]# ansible webserver -m cron -a 'name="test haha" state=absent' ##移除計劃性任務
192.168.13.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": []
}[root@promote ~]# ansible-doc -s user ##查看user模塊信息
[root@promote ~]# ansible all -m user -a 'name=test' ##給所有主機創建test用戶
192.168.13.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1001,
"home": "/home/test",
"name": "test",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1001
}
192.168.13.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1001,
"home": "/home/test",
"name": "test",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1001
}
[root@promote ~]# ansible webserver -m user -a 'name=test state=absent'
##刪除webserver中test用戶
192.168.13.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"force": false,
"name": "test",
"remove": false,
"state": "absent"
}[root@promote ~]# ansible mysql -m group -a 'name=mysql gid=306 system=yes'
##創建mysql系統組
192.168.13.130 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"gid": 306,
"name": "mysql",
"state": "present",
"system": true
}
[root@promote ~]# ansible mysql -a 'tail -1 /etc/group' ##查看創建的情況
192.168.13.130 | CHANGED | rc=0 >>
mysql:x:306:
[root@promote ~]# ansible mysql -m user -a 'name=test02 uid=306 group=mysql system=yes'
##創建系統用戶test02并加入到mysql組中
192.168.13.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 306,
"home": "/home/test02",
"name": "test02",
"shell": "/bin/bash",
"state": "present",
"system": true,
"uid": 306
}
[root@promote ~]# ansible mysql -a 'id test02' ##查看系統用戶test02的信息
192.168.13.130 | CHANGED | rc=0 >>
uid=306(test02) gid=306(mysql) 組=306(mysql)[root@promote ~]# ansible-doc -s copy ##copy模塊的信息
[root@promote ~]# ansible mysql -m copy -a 'src=/etc/fstab dest=/opt/fstab.bak owner=root mode=644'
##復制源到目標,屬組和文件權限
192.168.13.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "0725780c6841b5cae04ba31a054b6090d701bc19",
"dest": "/opt/fstab.bak",
"gid": 0,
"group": "root",
"md5sum": "4a95e64f6c25098ca5e0613c5283e8f1",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:usr_t:s0",
"size": 595,
"src": "/root/.ansible/tmp/ansible-tmp-1580550278.09-89338211954459/source",
"state": "file",
"uid": 0
}
[root@promote ~]# ansible mysql -a 'ls -l /opt' ##查看是否復制成功
192.168.13.130 | CHANGED | rc=0 >>
總用量 4
-rw-r--r--. 1 root root 595 2月 1 17:44 fstab.bak
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
[root@promote ~]# ansible mysql -m copy -a 'content="hello!" dest=/opt/test.txt'
##用copy進行寫入文件內容
192.168.13.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "8f7d88e901a5ad3a05d8cc0de93313fd76028f8c",
"dest": "/opt/test.txt",
"gid": 0,
"group": "root",
"md5sum": "5a8dd3ad0756a93ded72b823b19dd877",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:usr_t:s0",
"size": 6,
"src": "/root/.ansible/tmp/ansible-tmp-1580550521.27-190936730009060/source",
"state": "file",
"uid": 0
}
[root@promote ~]# ansible mysql -a 'cat /opt/test.txt' ##查看寫入的文件內容
192.168.13.130 | CHANGED | rc=0 >>
hello![root@promote ~]# ansible mysql -m file -a 'path=/opt/test.txt owner=test02 group=mysql mode=666'
##指定文件的屬主,屬組,文件的權限
192.168.13.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 306,
"group": "mysql",
"mode": "0666",
"owner": "test02",
"path": "/opt/test.txt",
"secontext": "system_u:object_r:usr_t:s0",
"size": 6,
"state": "file",
"uid": 306
}
[root@promote ~]# ansible mysql -a 'ls -l /opt/test.txt' ##查看文件的屬性
192.168.13.130 | CHANGED | rc=0 >>
-rw-rw-rw-. 1 test02 mysql 6 2月 1 17:48 /opt/test.txt
[root@promote ~]# ansible mysql -m file -a 'src=/opt/test.txt path=/opt/test.txt.link state=link'
##創建鏈接性文件
192.168.13.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/opt/test.txt.link",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 13,
"src": "/opt/test.txt",
"state": "link",
"uid": 0
}
[root@promote ~]# ansible mysql -a 'ls -l /opt/' ##查看文件的屬性
192.168.13.130 | CHANGED | rc=0 >>
總用量 8
-rw-r--r--. 1 root root 595 2月 1 17:44 fstab.bak
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
-rw-rw-rw-. 1 test02 mysql 6 2月 1 17:48 test.txt
lrwxrwxrwx. 1 root root 13 2月 1 17:55 test.txt.link -> /opt/test.txt
[root@promote ~]# ansible mysql -m file -a 'path=/opt/abc.txt state=touch' ##創建一個空文件
192.168.13.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/opt/abc.txt",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
[root@promote ~]# ansible mysql -a 'ls -l /opt/' ##查看創建情況
192.168.13.130 | CHANGED | rc=0 >>
總用量 8
-rw-r--r--. 1 root root 0 2月 1 17:57 abc.txt
-rw-r--r--. 1 root root 595 2月 1 17:44 fstab.bak
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
-rw-rw-rw-. 1 test02 mysql 6 2月 1 17:48 test.txt
lrwxrwxrwx. 1 root root 13 2月 1 17:55 test.txt.link -> /opt/test.txt
[root@promote ~]# ansible mysql -m file -a 'path=/opt/abc.txt state=absent' ##刪除文件
192.168.13.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "/opt/abc.txt",
"state": "absent"
}
[root@promote ~]# ansible mysql -a 'ls -l /opt/' ##查看文件的信息
192.168.13.130 | CHANGED | rc=0 >>
總用量 8
-rw-r--r--. 1 root root 595 2月 1 17:44 fstab.bak
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
-rw-rw-rw-. 1 test02 mysql 6 2月 1 17:48 test.txt[root@promote ~]# ansible all -m ping
192.168.13.130 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
192.168.13.129 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}[root@promote ~]# ansible-doc -s yum ##yum模塊信息
[root@promote ~]# ansible webserver -m yum -a 'name=httpd' ##安裝httpd服務
[root@promote ~]# ansible webserver -m yum -a 'name=httpd state=absent' ##移除服務[root@promote ~]# ansible webserver -m service -a 'name=httpd enabled=true state=started'
##開啟httpd服務
[root@promote ~]# ansible webserver -a 'systemctl status httpd' ##查看開啟的情況[root@promote ~]# ansible webserver -m user -a 'name=jerry' ##創建用戶
[root@promote ~]# ansible webserver -m shell -a 'echo abc123 | passwd --stdin jerry' ##創建密碼
192.168.13.129 | CHANGED | rc=0 >>
更改用戶 jerry 的密碼 。
passwd:所有的身份驗證令牌已經成功更新。[root@promote ~]# cd /opt/
[root@promote opt]# vim test.sh ##編輯腳本文件
#!/bin/bash
echo "this is test script" > /opt/script.txt
chmod 666 /opt/script.txt
[root@promote opt]# chmod +x test.sh ##給執行權限
[root@promote opt]# ansible all -m script -a 'test.sh' ##執行腳本
[root@promote opt]# ansible all -a 'cat /opt/script.txt' ##查看執行情況
192.168.13.130 | CHANGED | rc=0 >>
this is test script
192.168.13.129 | CHANGED | rc=0 >>
this is test script[root@promote opt]# ansible mysql -m setup ##查看mysql主機的信息免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
