A, Ansible Definitive Guide
1, the official website
2, Ansible Chinese Definitive Guide
http://ansible-tran.readthedocs.io/en/latest/
3, Ansible automated operation and maintenance tutorial
https://www.w3cschool.cn/automate_with_ansible/
The most direct effect Ansible bulk system configuration, batch deployment, run the batch command functions
The easiest way to do that is to install the software on the client!
Second, the experimental environment
系统版本 IP Python环境 主机名 角色
RHEL7 172.25.5.1 Python3.6 lxn1 anslble部署机
CentOS 172.25.5.2 lxn2 客户机
RHEL7 172.25.5.3 lxn3 客户机
Third, the installation Ansible
# yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
# yum install ansible -y
If you can not install, the following error appears, install Python3.6
point me to see how to install Python3.6
Fourth, the experience of the first ansible command
Edit / etc / ansible / hosts and adding one or more remote systems
# vim /etc/ansible/hosts
1.1.1.2
To authorize the use of SSH Key
# ssh-keygen
# ssh-copy-id 1.1.1.2
# ssh-agent bash
# ssh-add ~/.ssh/id_rsa
Use all your ansible ping nodes
# ansible all -m ping
Now you run a command on all nodes
# ansible all -a "/bin/echo hello"
Ansible can not just run the command, it also has a strong configuration management and deployment features. Although there are more waiting for you to explore, but you have been able to complete the infrastructure work!
Five, Ansible entry practice
1, the establishment of normal users ansible
- The establishment of the same name, the same as a normal user ID of all hosts and give the password
# useradd auto
# passwd auto
2, the deployment environment
Switch user and create a directory of ansible
# su - auto
$ mkdir ansible/
$ cd ansible
Establish ansible.cfg file
$ cat ansible.cfg
[defaults]
inventory = hosts #检索当前目录的hosts文件
[privilege_escalation] #利用sudo变成超户
become=True
become_method=sudo
become_user=root
become_ask_pass=False
Establishment hosts file
$ cat hosts
[lxn2] #lxn2分组
172.25.5.2
[lxn3] #lxn3分组
172.25.5.3
[lxn] #lxn分组
172.25.5.2
172.25.5.3
Free and confidential client
$ ssh-keygen
$ ssh-copy-id lxn2
$ ssh-copy-id lxn3
- test
$ ansible lxn -m ping
The following diagram, deployment success!
In order to address some of the rights issue, the average user can give permission to ssh to connect some of the client
Example:
$ ssh root@lxn2
# vim /etc/sudoers
auto ALL=(ALL) NOPASSWD: ALL
3, Ansible common commands
- View module documentation
$ ansible-doc 模块
示例:
$ ansible-doc firewalld
- Other host commands Operation
$ ansible lxn2 -a 'df -h' #lxn2分组执行命令 df -h
- The following command their own practice
$ ansible all --list-hosts #查看主机
$ ansible all -m ping #测试
$ ansible lxn2 -m copy -a 'src=/etc/passwd dest=/home/auto' #复制文件
$ ansible lxn2 -m file -a 'dest=/home/auto/passwd mode=777' #修改文件权限
$ ansible lxn2 -m yum -a 'name=httpd state=present' #yum装软件
$ ansible lxn2 -m yum -a 'name=httpd state=absent' -b #-b为以超户身份执行
$ ansible lxn2 -m service -a 'name=httpd state=started' #服务状态
$ ansible lxn2 -m copy -a 'content="www.lxn.xyz\n" dest=/var/www/html/index.html'
#向文件写入内容,会覆盖文件内容
$ ansible lxn2 -m firewalld -a 'service=http immediate=yes state=enabled' #防火墙允许服务
4, Ansible heart ---- playbook
Ansible using the above command already can batch operation of the server, what is it that playbook? Personally think playbook is ansible command syntax mentioned above yaml written by one or more scripts, then implement a key batch deployment!
- playbook strict syntax requirements, particularly for space requirements, typically used spacing of the two spaces, in order to facilitate the preparation, I'll tab key is set to two spaces
$ cd
$ vim .vimrc
autocmd filetype yaml setlocal ai ts=2 sw=2 et
Example: Volume Deployment httpd
$ pwd
/home/auto/ansible
$ mkdir -p playbooks/httpd/files/
$ cp /etc/httpd/conf/httpd.conf /home/auto/ansible/playbooks/httpd/files/
$ mv ansible.cfg playbooks/httpd/
$ mv hosts playbooks/httpd/
$ cd playbooks/httpd/
$ vim httpd.yml
1 --- #语法,必须有
2 #部署httpd #注释
3 - hosts: lxn #运行部署对象
4 remote_user: auto #运行者
5 tasks: #任务
6 - name: install httpd #名字(功能介绍)
7 yum: #yum模块
8 name: httpd
9 state: present
10
11 - name: deploy httpd
12 copy: #copy模块
13 src: files/httpd.conf #源文件
14 dest: /etc/httpd/conf/httpd.conf #复制到的目的地
15 follow: no
16 owner: root
17 group: root
18 mode: 644
19
20 - name: create index.html
21 copy:
22 content: "{{ ansible_facts.hostname }}\n"
23 dest: /var/www/html/index.html
24
25 - name: start httpd
26 service: #service模块
27 name: httpd
28 state: restarted
29 enabled: yes
30
31 - name: deploy firewalld
32 firewalld: #防火墙模块
33 service: http
34 permanent: yes
35 immediate: yes
36 state: enabled
$ ansible-playbook httpd.yml --syntax-check #检测语法错误
playbook: httpd.yml
$ ansible-playbook httpd.yml --list-host #列出主机
playbook: httpd.yml
play #1 (lxn): lxn TAGS: []
pattern: [u'lxn']
hosts (2):
172.25.5.2
172.25.5.3
$ ansible-playbook httpd.yml --list-task #列出任务
playbook: httpd.yml
play #1 (lxn): lxn TAGS: []
tasks:
install httpd TAGS: []
deploy httpd TAGS: []
create index.html TAGS: []
start httpd TAGS: []
deploy firewalld TAGS: []
test:
$ ansible-playbook httpd.yml
[auto@lxn1 httpd]$ curl lxn2
lxn2
[auto@lxn1 httpd]$ curl lxn3
lxn3