安装
1、 python版本需要2.6以上,python -V
2、 添加yum 源
a、 vim /etc/yum.repos.d/ansible
b、 添加如下内容:
[epel]
name = all source for ansible
baseurl = https://mirrors.aliyun.com/epel/7/x86_64/
enabled = 1
gpgcheck = 0
[ansible]
name = all source for ansible
baseurl = http://mirrors.aliyun.com/centos/7.3.1611/os/x86_64/
enabled = 1
gpgcheck = 0
3、 yum clean all
4、 安装ansible:yum install ansible -y
配置秘钥
1、在master和所有slave上,使用yourname用户名执行:
复制代码 代码示例:
ssh-keygen -t dsa -P '' -f /home/yourname/.ssh/id_dsa
2、在master的/home/yourname/.ssh目录下,执行 :
复制代码 代码示例:
cat id_dsa.pub > authorized_keys
3、将master上的authorized_keys拷贝到所有slave的相同目录下。命令:
复制代码 代码示例:
scp /home/yourname/.ssh/authorized_keys [email protected]:/home/yourname/.ssh/
scp /home/yourname/.ssh/authorized_keys [email protected]:/home/yourname/.ssh/
配置
1、配置文件:ansible应用程序的主配置文件:/etc/ansible/ansible.cfg
host Inventory定义管控主机:/etc/ansible/hosts
2、添加ansible客户机组,命令:vi /etc/ansible/hosts,在最后面添加如下内容:
[group1]
192.168.1.234
192.168.1.235
3、修改日志输出目录vi /etc/ansible/ansible.cfg
log_path = /var/log/ansible.log
使用命令
[root@master ~]#ansible group1 -m shell -a "yum install iotop"
[root@master ~]# ansible group1 -m ping
192.168.1.235 | SUCCESS => {
"changed": false,
"ping": "pong"
}
192.168.1.234 | SUCCESS => {
"changed": false,
"ping": "pong"
}
[root@master ~]# echo "aa" >ansilbetest.txt
[root@master ~]# ansible group1 -m copy -a "src=/root/ansilbetest.txt dest=/tmp/"
192.168.1.235 | SUCCESS => {
"changed": true,
"checksum": "312382290f4f71e7fb7f00449fb529fce3b8ec95",
"dest": "/tmp/ansilbetest.txt",
"gid": 0,
"group": "root",
"md5sum": "d404401c8c6495b206fc35c95e55a6d5",
"mode": "0644",
"owner": "root",
"size": 3,
"src": "/root/.ansible/tmp/ansible-tmp-1506049655.33-221877789013378/source",
"state": "file",
"uid": 0
}
192.168.1.234 | SUCCESS => {
"changed": true,
"checksum": "312382290f4f71e7fb7f00449fb529fce3b8ec95",
"dest": "/tmp/ansilbetest.txt",
"gid": 0,
"group": "root",
"md5sum": "d404401c8c6495b206fc35c95e55a6d5",
"mode": "0644",
"owner": "root",
"size": 3,
"src": "/root/.ansible/tmp/ansible-tmp-1506049655.13-30269377020397/source",
"state": "file",
"uid": 0
}
常用模块
cron模块:
在指定节点上定义一个计划任务
group模块:
在所有节点上创建一个组
user模块:
在指定节点上创建一个用户名
yum模块:
在指定节点上安装软件
service模块:
启动指定节点上的服务
script模块:
在指定节点上执行脚本
ping模块:
查指定节点机器是否还能连通
get_url模块:
将url文件下载到指定节点的/tmp目录下
剧本(Playbooks)
每个剧本都是一个YAML格式的文件
例如
[root@k8smaster ansibletest]# vi test.yml
- hosts: all
remote_user: root
vars: //定义变量
http_port: 80
newport: 200
tasks:
- name: test connection
ping:
- name: install iotop
yum: name=iotop state=latest //state: present/latest用于安装包,absent用于remove安装包
- name: iotop uninstall
yum: name=iotop state=absent
- name: "修改配置文件"
lineinfile:
dest: "/tmp/ansilbetest.txt"
regexp: "{{http_port}}"
line: "{{newport}}"
#backup: yes
backrefs: yes
- name: "获取主机名"
shell: hostname
register: test_result
- name: "修改配置文件1"
lineinfile:
dest: "/tmp/ansilbetest.txt"
regexp: "hostname"
line: "{{test_result.stdout_lines[0]}}"
#backup: yes
backrefs: no
...
结果如下
[root@k8smaster ansibletest]# ansible-playbook test.yml
PLAY [all] *******************************************************************
TASK [Gathering Facts] *******************************************************
ok: [192.168.1.234]
ok: [192.168.1.235]
TASK [ping] ******************************************************************
ok: [192.168.1.235]
ok: [192.168.1.234]
TASK [install iotop] *********************************************************
changed: [192.168.1.234]
changed: [192.168.1.235]
TASK [iotop uninstall] *******************************************************
changed: [192.168.1.234]
changed: [192.168.1.235]
TASK [修改配置文件] **********************************************************
ok: [192.168.1.235]
ok: [192.168.1.234]
TASK [获取主机名] ************************************************************
changed: [192.168.1.234]
changed: [192.168.1.235]
TASK [修改配置文件1] *********************************************************
changed: [192.168.1.234]
changed: [192.168.1.235]
PLAY RECAP *******************************************************************
192.168.1.234 : ok=7 changed=4 unreachable=0 failed=0
192.168.1.235 : ok=7 changed=4 unreachable=0 failed=0