介绍
Ansible的特点 1、ansible不需要单独安装客户端,也不需要启动任何服务 Ansible组成结构
环境准备
Ansible安装1)配置 [root@ansible ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo[root@ansible ~]# yum clean all [root@ansible ~]# yum makecache 2)安装 [root@ansible ~]# yum -y install ansible # 查看ansible版本 [root@ansible ~]# ansible --version ansible 2.8.0 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible python version = 2.7.5 (default, Aug 4 2017, 00:39:18) [GCC 4.8.5 20150623 (Red Hat 4.8.5-16)] Ansible Inventory文件
基于密码连接[root@ansible ~]# vim /etc/ansible/hosts # 方法一 主机+端口+密码 [webserver]192.168.1.31 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass="123456"192.168.1.32 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass="123456"192.168.1.33 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass="123456"192.168.1.36 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass="123456"# 方法二 主机+端口+密码 [webserver]192.168.1.3[1:3] ansible_ssh_user=root ansible_ssh_pass="123456"# 方法二 主机+端口+密码 [webserver]192.168.1.3[1:3] [webserver:vars] ansible_ssh_pass="123456" 基于秘钥连接基于秘钥连接需要先创建公钥和私钥,并发送给被管理机器 1)生成公私钥 [root@ansible ~]# ssh-keygen[root@ansible ~]# for i in {1,2,3,6}; do ssh-copy-id -i 192.168.1.3$i ; done 2)配置连接 [root@ansible ~]# vim /etc/ansible/hosts # 方法一 主机+端口+密钥 [webserver]192.168.1.31:22192.168.1.32192.168.1.33192.168.1.36# 方法一 别名主机+端口+密钥 [webserver] node1 ansible_ssh_host=192.168.1.31 ansible_ssh_port=22node2 ansible_ssh_host=192.168.1.32 ansible_ssh_port=22node3 ansible_ssh_host=192.168.1.33 ansible_ssh_port=22node6 ansible_ssh_host=192.168.1.36 ansible_ssh_port=22 主机组的使用# 主机组变量名+主机+密码 [apache]192.168.1.36192.168.1.33[apache.vars] ansible_ssh_pass='123456'# 主机组变量名+主机+密钥 [nginx]192.168.1.3[1:2] # 定义多个组,把一个组当另外一个组的组员 [webserver:children] #webserver组包括两个子组:apache nginx apache nginx 临时指定inventory1)先编辑一个主机定义清单 [root@ansible ~]# vim /etc/dockers [dockers]192.168.1.31 ansible_ssh_pass='123456'192.168.1.32192.168.1.33 2)在执行命令是指定 [root@ansible ~]# ansible dockers -m ping -i /etc/dockers -o 192.168.1.33 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong"}192.168.1.32 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong"}192.168.1.31 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong"} Inventory内置参数Ansible Ad-Hocad-hoc —— 临时的,在 ansible命令格式1)常用命令参数 [root@ansible ~]# ansible -h Usage: ansible <host-pattern> [options]-a MODULE_ARGS #模块参数-C, --check #检查语法-f FORKS #并发--list-hosts #列出主机列表-m MODULE_NAME #模块名字-o 使用精简的输出 2)示例 [root@ansible ~]# ansible webserver -m shell -a 'uptime' -o192.168.1.36 | CHANGED | rc=0 | (stdout) 13:46:14 up 1 day, 9:20, 4 users, load average: 0.00, 0.00, 0.00192.168.1.33 | CHANGED | rc=0 | (stdout) 21:26:33 up 1 day, 8:51, 3 users, load average: 0.00, 0.01, 0.05192.168.1.31 | CHANGED | rc=0 | (stdout) 21:26:33 up 1 day, 8:50, 3 users, load average: 0.00, 0.01, 0.05192.168.1.32 | CHANGED | rc=0 | (stdout) 21:26:33 up 1 day, 8:59, 3 users, load average: 0.00, 0.01, 0.05 3)命令说明 host-pattern格式目标 主机的匹配# 一台目标主机 [root@ansible ~]# ansible 192.168.1.31 -m ping# 多台目标主机 [root@ansible ~]# ansible 192.168.1.31,192.168.1.32 -m ping# 所有目标主机 [root@ansible ~]# ansible all -m ping 组的匹配# 组的配置信息如下:这里定义了一个nginx组和一个apache组 [root@ansible ~]# ansible nginx --list hosts (2):192.168.1.31192.168.1.32[root@ansible ~]# ansible apache --list hosts (3):192.168.1.36192.168.1.33192.168.1.32# 一个组的所有主机匹配 [root@ansible ~]# ansible apache -m ping# 匹配apache组中有,但是nginx组中没有的所有主机 [root@ansible ~]# ansible 'apache:!nginx' -m ping -o192.168.1.36 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong"}192.168.1.33 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong"} # 匹配apache组和nginx组中都有的机器(并集) [root@ansible ~]# ansible 'apache:&nginx' -m ping -o192.168.1.32 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong"} # 匹配apache组nginx组两个组所有的机器(并集);等于ansible apache,nginx -m ping[root@ansible ~]# ansible 'apache:nginx' -m ping -o192.168.1.32 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong"}192.168.1.31 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong"}192.168.1.33 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong"}192.168.1.36 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong"} |
|