说明:此篇仅作为基础实施篇,后续更新,皆在有道云笔记链接更新
Ansible 安装
这里以 Centos8 为例
1、Ansible包不在Centos 8 默认的软件仓库中,因此我们需要执行之下命令启用EPEL仓库
[root@localhost ~]# sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm -y2、启用之后,执行dnf命令安装Ansible
[root@localhost ~]# sudo dnf install ansible3、安装成功后,运行以下命令验证其版本
root@localhost ~]# ansible --version
ansible 2.9.11
config file = /etc/ansible/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.6/site-packages/ansible
executable location = /usr/bin/ansible
python version = 3.6.8 (default, Apr 16 2020, 01:36:27) [GCC 8.3.1 20191121 (Red Hat 8.3.1-5)]※要注意的是,使用yum或dnf命令安装Ansible时,它的配置文件、清单文件、和角色目录会自动创建在/etc/ansible文件夹下
★下边是一个小的测试
主控端IP地址为10.32.135.37
被控端IP地址为10.32.133.118
1、首先添加一个test的组,并在/etc/ansible/hosts文件中给该组添加被控端IP地址
[root@localhost ~]# vim /etc/ansible/hosts
....
在最下方添加两行参数
[test]
10.32.133.1182、保存,退出。
3、使用如下命令在控制端和被控端生成本地用户的公钥和私钥(注意生成ssh-key时主控端和被控端所登陆的用户要一致)
控制端
[admin@localhost ~]$ ssh-keygen
被控端
admin@sonic:~$ ssh-keygen4、使用以下命令在ansible控制端及其被控端之间交换公钥(控制端和被控端都要执行)
控制端
[admin@localhost ~]$ ssh-copy-id 10.32.133.118
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/admin/.ssh/id_rsa.pub"
The authenticity of host '10.32.133.118 (10.32.133.118)' can't be established.
RSA key fingerprint is SHA256:II2TnVKjSkXArKct5DVQaycGogTDr62NG6zo356bkjE.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
admin@10.32.133.118's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '10.32.133.118'"
and check to make sure that only the key(s) you wanted were added.
[admin@localhost ~]$被控端
admin@sonic:~$ ssh-copy-id 10.32.135.37
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/admin/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
admin@10.32.135.37's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '10.32.135.37'"
and check to make sure that only the key(s) you wanted were added.
admin@sonic:~$5、在控制端使用ansible组件ping模块验证与被控端之间的连通性
[admin@localhost ~]$ ansible -m ping "test"这里要注意:如果我们没有上述命令中“test”清单文件,那么它将引用默认主机文件(即/etc/ansible/hosts)
6、在控制端使用ansible组件检查每个客户端的内核版本
[admin@localhost ~]$ ansible -m command -a "uname -r" "test"
7、使用以下命令列出文件中的所有主机
[admin@localhost ~]$ ansible all -i /etc/ansible/hosts --list-hosts
8、使用以下命令仅列出“test”组中的主机
[admin@localhost ~]$ ansible test -i /etc/ansible/hosts --list-hosts
模块是临时命令用于完成任务的工具。Ansible可以同时完成数百个不同任务的模块,适用如下命令可列出系统上安装的所有模块
[root@localhost ~]# ansible-doc -l可以使用如下命令查看特定模块的文档,再查找关于模块将去什么参数作为选项的信息。
[root@localhost ~]# ansible-doc ping
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
