版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/TZ_GG/article/details/78354837
ansible安装使用
1、创建sudo账号(batch)
2、安装ansible(基于秘钥)
3、验证
ansible server:172.17.10.241
ansible node1:172.17.10.242
ansible node2:172.17.10.243
一、创建sudo账号(batch)
实现:shell批量登陆和执行创建用户脚本
一共五个文件(batch.sh ip sh.exp useradd.exp useradd.sh),将五个文件放在linux主机一个目录下
主脚本batch.sh(用于批量调用sh.exp useradd.exp useradd.sh无交互脚本)
==================================================
#!/bin/bash
while read line
do
ip=$line
username=root
userpasswd=1234asdf/
expect useradd.exp $ip $username $userpasswd
expect sh.exp $ip $username $userpasswd
done < ip
==================================================
ip文件就是要登录的远程主机IP
useradd.exp上传useradd.sh脚本到远程服务器/root目录下
==================================================
#!/usr/bin/expect
set ip [lindex $argv 0]
set username [lindex $argv 1]
set userpasswd [lindex $argv 2]
set timeout 10
spawn scp useradd.sh $username@$ip:/root/
expect {
"(yes/no)?" {send "yes\r";exp_continue}
"*password:" {send "$userpasswd\r"}
}
expect eof
==================================================
sh.exp执行useradd.sh脚本
==================================================
#!/usr/bin/expect
set ip [lindex $argv 0]
set username [lindex $argv 1]
set userpasswd [lindex $argv 2]
set timeout 3
spawn ssh $username@$ip
expect {
"yse/no" {send "yes\r";exp_continue}
"*password*" {send "$userpasswd\r";exp_continue}
}
expect "*]$"
send "sh /root/useradd.sh\r"
send "exit\r"
expect eof
==================================================
useradd.sh添加用户并且给sudo权限
==================================================
#!/bin/bash
name=batch
grep -w $name /etc/passwd &>/dev/null
if [ $? == 0 ];then
echo "$name is exit!"
else
useradd -m $name
echo "1234asdf/" | passwd --stdin $name
echo "$name is create success!"
fi
echo "$name ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
grep -w $name /etc/sudoers &>/dev/null
if [ $? != 0 ];then
echo "$name is exit!"
else
echo "$name sudo add success!"
fi
==================================================
2.1
ansible仓库默认不在yum仓库中,需要我们自己启用epel仓库
rpm -iUvh http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum安装ansible
yum -y install ansible
检查ansible版本
ansible --version
2.2
设置用于节点鉴权的SSH秘钥, 在ansible server端生成秘钥,并且复制公钥到节点中
ssh-keygen #生成秘钥
ssh-copy-id -i [email protected]
ssh-copy-id -i [email protected] #复制公钥到节点中
ansible修改配置文件
ansible配置文件在/etc/ansible/ansible.cfg
grep -v "^#" ansible.cfg | grep -v "^$"
[defaults]
inventory = /etc/ansible/hosts
remote_tmp = ~/.ansible/tmp
local_tmp = ~/.ansible/tmp
forks = 5
poll_interval = 15
sudo_user = root
transport = smart
remote_port = 22
host_key_checking = False
deprecation_warnings = False
[inventory]
[privilege_escalation]
[paramiko_connection]
[ssh_connection]
[persistent_connection]
[accelerate]
[selinux]
[colors]
[diff]
ansible主机定义
ansible主机定义在/etc/ansible/hosts配置文件中
vim /etc/ansible/hosts
[test]
172.17.10.242 ansible_user=batch
172.17.10.243 ansible_user=batch
1、创建sudo账号(batch)
2、安装ansible(基于秘钥)
3、验证
ansible server:172.17.10.241
ansible node1:172.17.10.242
ansible node2:172.17.10.243
一、创建sudo账号(batch)
实现:shell批量登陆和执行创建用户脚本
一共五个文件(batch.sh ip sh.exp useradd.exp useradd.sh),将五个文件放在linux主机一个目录下
主脚本batch.sh(用于批量调用sh.exp useradd.exp useradd.sh无交互脚本)
==================================================
#!/bin/bash
while read line
do
ip=$line
username=root
userpasswd=1234asdf/
expect useradd.exp $ip $username $userpasswd
expect sh.exp $ip $username $userpasswd
done < ip
==================================================
ip文件就是要登录的远程主机IP
useradd.exp上传useradd.sh脚本到远程服务器/root目录下
==================================================
#!/usr/bin/expect
set ip [lindex $argv 0]
set username [lindex $argv 1]
set userpasswd [lindex $argv 2]
set timeout 10
spawn scp useradd.sh $username@$ip:/root/
expect {
"(yes/no)?" {send "yes\r";exp_continue}
"*password:" {send "$userpasswd\r"}
}
expect eof
==================================================
sh.exp执行useradd.sh脚本
==================================================
#!/usr/bin/expect
set ip [lindex $argv 0]
set username [lindex $argv 1]
set userpasswd [lindex $argv 2]
set timeout 3
spawn ssh $username@$ip
expect {
"yse/no" {send "yes\r";exp_continue}
"*password*" {send "$userpasswd\r";exp_continue}
}
expect "*]$"
send "sh /root/useradd.sh\r"
send "exit\r"
expect eof
==================================================
useradd.sh添加用户并且给sudo权限
==================================================
#!/bin/bash
name=batch
grep -w $name /etc/passwd &>/dev/null
if [ $? == 0 ];then
echo "$name is exit!"
else
useradd -m $name
echo "1234asdf/" | passwd --stdin $name
echo "$name is create success!"
fi
echo "$name ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
grep -w $name /etc/sudoers &>/dev/null
if [ $? != 0 ];then
echo "$name is exit!"
else
echo "$name sudo add success!"
fi
==================================================
效果图:
2.1
ansible仓库默认不在yum仓库中,需要我们自己启用epel仓库
rpm -iUvh http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum安装ansible
yum -y install ansible
检查ansible版本
ansible --version
2.2
设置用于节点鉴权的SSH秘钥, 在ansible server端生成秘钥,并且复制公钥到节点中
ssh-keygen #生成秘钥
ssh-copy-id -i [email protected]
ssh-copy-id -i [email protected] #复制公钥到节点中
ansible修改配置文件
ansible配置文件在/etc/ansible/ansible.cfg
grep -v "^#" ansible.cfg | grep -v "^$"
[defaults]
inventory = /etc/ansible/hosts
remote_tmp = ~/.ansible/tmp
local_tmp = ~/.ansible/tmp
forks = 5
poll_interval = 15
sudo_user = root
transport = smart
remote_port = 22
host_key_checking = False
deprecation_warnings = False
[inventory]
[privilege_escalation]
[paramiko_connection]
[ssh_connection]
[persistent_connection]
[accelerate]
[selinux]
[colors]
[diff]
如果未开启deprecation_warnings = False,效果如图
ansible主机定义
ansible主机定义在/etc/ansible/hosts配置文件中
vim /etc/ansible/hosts
[test]
172.17.10.242 ansible_user=batch
172.17.10.243 ansible_user=batch
ansible test -m ping
ansible配置文件详解:http://www.cnblogs.com/LuisYang/p/5960660.html