本文提供了对Ansible技术的基本理解以及安装它的步骤。Ansible是一种开源IT自动化软件,用于在客户端或节点上配置,管理和安装软件,而无需在节点上安装任何停机时间和代理。它使用SSH与客户端通信。
当前,大多数IT自动化工具都作为代理运行在远程主机中,但是Ansible仅需要SSH连接,用户和Python(2.4或更高版本)。
Server
Operating System: Centos 6.7
IP Address: 192.168.87.140
Host-name: ansible.hanuman.com
User: root
Remote Nodes
Node 1: 192.168.87.156
Node 2: 192.168.87.157对于基于RPB的克隆,没有官方的Ansible存储库,但是我们可以通过使用当前支持的Fedora发行版的RHEL / CentOS 6. X,7。X启用epel存储库来安装Ansible。
# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpmOutput:
Retrieving http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.no arch.rpm
warning: /var/tmp/rpm-tmp.nHoRHj: Header V3 RSA/SHA256 Signature, key ID 0608b89 5: NOKEY
Preparing... ########################################### [100%]
package epel-release-6-8.noarch is installed配置epel存储库后,您现在可以使用yum通过以下命令安装Ansible。
# sudo yum install ansible -y
Output:
Loaded plugins: fastestmirror, security
Setting up Install Process
Determining fastest mirrors
epel/metalink | 4.3 kB 00:00
* base: centosmirror.go4hosting.in
* epel: epel.mirror.net.in
* extras: centosmirror.go4hosting.in
* updates: centosmirror.go4hosting.in
Resolving Dependencies
.
.
.
Installed:
ansible.noarch 0:1.9.4-1.el6
Dependency Installed:
PyYAML.x86_64 0:3.10-3.1.el6 libyaml.x86_64 0:0.1.3-4.el6_6
python-babel.noarch 0:0.9.4-5.1.el6 python-crypto2.6.x86_64 0:2.6.1-2.el6
python-httplib2.noarch 0:0.7.7-1.el6 python-jinja2.x86_64 0:2.2.1-2.el6_5
python-keyczar.noarch 0:0.71c-1.el6 python-pyasn1.noarch 0:0.0.12a-1.el6
python-simplejson.x86_64 0:2.0.9-3.1.el6 sshpass.x86_64 0:1.05-1.el6
Complete!配置epel存储库后,您现在可以使用yum通过以下命令安装Ansible。
# ansible --version
ansible 1.9.4
configured module search path = None要从ansible服务器执行任何部署或升级,对于每个主机,都应该有一个用户帐户进行通信。同样,我们需要将ssh键从Anisble服务器复制到远程主机以进行无密码连接。
首先,让我们使用以下命令创建SSH键,并将该键复制到远程主机。
# ssh-keygen -t rsa -b 4096 -C "ansible.hanuman.com"Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in ansible_key.
Your public key has been saved in ansible_key.pub.
The key fingerprint is:
28:ae:0c:8d:91:0a:fa:ac:2f:e2:8c:e5:fd:28:4b:c6 ansible.hanuman.com
The key's randomart image is:
+--[ RSA 4096]----+
| |
| |
| |
| . . |
|+ . . S |
|+= . . |
|= E . |
|=X.o . |
|=*Ooo.. |
+-----------------+成功创建SSH键后,现在将创建的键复制到所有两个远程服务器,我们需要一个用户在此处进行演示以进行演示,而我使用的是root用户,我们可以在其中执行该Ansible任务。
# ssh-copy-id root@192.168.87.156
Output:
root@192.168.87.156's password:
Now try logging into the machine, with "ssh 'root@192.168.87.156'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
# ssh-copy-id root@192.168.87.157
Output:
root@192.168.87.157's password:
Now try logging into the machine, with "ssh 'root@192.168.87.157'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.将所有SSH键复制到远程主机后,现在在所有远程主机上执行ssh键身份验证,以检查身份验证是否正常运行,请通过以下命令进行测试。
# ssh root@192.168.87.156
[ansible@localhost ~]#
Connection to 192.168.87.156 closed.
# ssh root@192.168.87.157
[ansible@localhost ~]#库存文件,此文件包含有关主机的信息,我们需要将这些主机从本地连接到远程。缺省配置文件位于/ etc / ansible / hosts下。
现在,我们将两个节点添加到配置文件中。使用您喜欢的编辑器打开和编辑文件,这里我们使用vim。
# sudo vim /etc/ansible/hosts
Add the following two hosts IP address..
[webservers]
192.168.87.156
192.168.87.157注意 - 括号中的[webservers]表示为组名,用于对节点进行分类和分组,以及控制在什么时间,出于什么原因。
现在是时候通过从Ansible服务器执行ping检查所有服务器。要执行此操作,我们需要使用命令“ ansible”以及选项“ -m”(模块)和“ -all”(服务器组)。
# ansible -m ping webservers
Output:
[root@localhost ~]# ansible -m ping webservers
192.168.87.157 | success >> {
"changed": false,
"ping": "pong"
}
192.168.87.156 | success >> {
"changed": false,
"ping": "pong"
}要么
# ansible -m ping -all
Output:
[root@localhost ~]# ansible -m ping webservers
192.168.87.157 | success >> {
"changed": false,
"ping": "pong"
}
192.168.87.156 | success >> {
"changed": false,
"ping": "pong"
}现在,我们在这里使用另一个名为“命令”的模块,该模块可一次在所有选定的远程主机上执行一系列外壳命令(如df,空闲,正常运行时间等)。对于演示,您可以执行以下命令。
# ansible -m command -a "df -h" webservers
Output:
192.168.87.156 | success | rc=0 >>
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/VolGroup-lv_root
18G 2.0G 15G 12% /
tmpfs 491M 0 491M 0% /dev/shm
/dev/sda1 477M 42M 411M 10% /boot
192.168.87.157 | success | rc=0 >>
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/VolGroup-lv_root
18G 2.0G 15G 12% /
tmpfs 491M 0 491M 0% /dev/shm
/dev/sda1 477M 42M 411M 10% /boot# ansible -m command -a "free -mt" webservers
Output:
192.168.87.156 | success | rc=0 >>
total used free shared buffers cached
Mem: 981 528 453 0 39 322
-/+ buffers/cache: 166 815
Swap: 2047 0 2047
Total: 3029 528 2501
192.168.87.157 | success | rc=0 >>
total used free shared buffers cached
Mem: 981 526 455 0 39 322
-/+ buffers/cache: 164 817
Swap: 2047 0 2047
Total: 3029 526 2503# ansible -m shell -a "service httpd status" webservers > service_status.txt
Output:
# cat service_status.txt
192.168.87.156 | FAILED | rc=3 >>
httpd is stopped
192.168.87.157 | FAILED | rc=3 >>
httpd is stopped#ansible -m shell -a "init 0" webservers
OutPut:
192.168.87.157 | success | rc=0 >>
192.168.87.156 | success | rc=0 >>Ansible是功能强大的IT自动化工具,每个Linux管理员都主要使用它一次部署应用程序和管理服务器。在任何其他自动化工具(例如Puppet,Chef等)中,Ansible都非常有趣且易于配置,非常适合简单的环境。