ansible第一天

怡雪~2023-11-08 14:40

ansible

第一天

以上主机使用rhel-8.2-x86_64-dvd.iso镜像,配置ip、yum源,关闭防火墙和selinux规则

安装中文包,重启生效

bash 复制代码 
[root@control ~]# yum -y install langpacks-zh_CN.noarch && reboot
配置名称解析
bash 复制代码 
[root@control ~]# echo -e "192.168.88.253\tcontrol">>/etc/hosts
[root@control ~]# for i in {1..5}
do
echo -e "192.168.88.1$i\tnode$i">>/etc/hosts
done
配置ssh到所有节点免密登陆
bash 复制代码 
[root@control ~]# ssh-keygen
root@control ~]# echo node{1..5}
node1 node2 node3 node4 node5
[root@control ~]# for i in node{1..5}
> do
> ssh-copy-id root@$i
> done
装包

软件包链接:链接:百度网盘 请输入提取码 提取码:bb2o --来自百度网盘超级会员V5的分享

bash 复制代码 
[root@control ~]# ls
anaconda-ks.cfg  ansible_soft.tar.gz
[root@control ~]# tar zxvf ansible_soft.tar.gz 
[root@control ~]# ls
anaconda-ks.cfg  ansible_soft  ansible_soft.tar.gz
[root@control ~]# ls ansible_soft
ansible-2.8.5-2.el8.noarch.rpm           python3-paramiko-2.4.3-1.el8.noarch.rpm
libsodium-1.0.18-2.el8.x86_64.rpm        python3-pynacl-1.3.0-5.el8.x86_64.rpm
python3-bcrypt-3.1.6-2.el8.1.x86_64.rpm  sshpass-1.06-9.el8.x86_64.rpm
[root@control ~]# yum -y install /root/ansible_soft/*.rpm
创建ansible工作目录
bash 复制代码 
创建ansible工作目录,目录名自己定义,不是固定的
[root@control ~]# mkdir ansible
[root@control ~]# cd ansible
创建配置文件。默认的配置文件是/etc/ansible/ansible.cfg,一般不用,而是在工作目录下创建自己的配置文件
[root@control ansible]# vim ansible.cfg 文件名必须是ansible.cfg
[root@control ansible]# cat ansible.cfg 
[defaults]
inventory = hosts  管理的主机,配置在当前目录的hosts文件中,hosts是自己定义的。=号俩边空格可有可无
[root@control ansible]# touch hosts
[root@control ansible]# vim hosts
[root@control ansible]# cat hosts
[test]
node1
[proxy]
node2
[webservers]
node[3:4]
[database]
node5
[cluster:children] cluster是组名,自定义的;children是固定写法,表示下面的组名是cluster的子组
webservers
database
[root@control ansible]# ansible all --list
  hosts (5):
    node1
    node2
    node3
    node4
    node5
[root@control ansible]# ansible webservers --list
  hosts (2):
    node3
    node4
[root@control ansible]# ansible proxy --list
  hosts (1):
    node2
简单演示
bash 复制代码 
用ansible创建/tmp/abcd目录
[root@control ansible]# ansible all -a "mkdir /tmp/abcd"
 [WARNING]: Consider using the file module with state=directory rather than running 'mkdir'.
If you need to use command because file is insufficient you can add 'warn: false' to this
command task or set 'command_warnings=False' in ansible.cfg to get rid of this message.
​
node2 | CHANGED | rc=0 >>
​
​
node1 | CHANGED | rc=0 >>
​
​
node5 | CHANGED | rc=0 >>
​
​
node3 | CHANGED | rc=0 >>
​
​
node4 | CHANGED | rc=0 >>
复制代码
ansible管理
ansible进行远程管理的俩个办法

adhoc临时命令。就是在命令行上执行管理命令

playbook剧本。把管理任务用特定格式写到文件中

无论哪种方式,都是通过模块加参数进行管理

adhoc临时命令
bash 复制代码 
语法:

ansible 主机或者组列表 -m 模块 -a 参数 
测试ansible与被控主机的连通性
[root@control ansible]# ansible all -m ping
node1 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
node3 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
node5 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
node2 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
node4 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
command模块
bash 复制代码 
ansible默认模块,用于在远程主机上执行任意命令
command不支持shell特性。如管道、重定向
在所有被管主机上创建目录aaa
[root@control ansible]# ansible all -a "mkdir aaa"
 [WARNING]: Consider using the file module with state=directory rather than running 'mkdir'.
If you need to use command because file is insufficient you can add 'warn: false' to this
command task or set 'command_warnings=False' in ansible.cfg to get rid of this message.
​
node5 | CHANGED | rc=0 >>
​
​
node3 | CHANGED | rc=0 >>
​
​
node1 | CHANGED | rc=0 >>
​
​
node2 | CHANGED | rc=0 >>
​
​
node4 | CHANGED | rc=0 >>
查看node节点的ip地址,不支持管道、重定向命令
[root@control ansible]# ansible all -a "ip a|head -2"
node3 | FAILED | rc=1 >>
Object "a|head" is unknown, try "ip help".non-zero return code
​
node2 | FAILED | rc=1 >>
Object "a|head" is unknown, try "ip help".non-zero return code
​
node1 | FAILED | rc=1 >>
Object "a|head" is unknown, try "ip help".non-zero return code
​
node4 | FAILED | rc=1 >>
Object "a|head" is unknown, try "ip help".non-zero return code
​
node5 | FAILED | rc=1 >>
Object "a|head" is unknown, try "ip help".non-zero return code
shell模块
bash 复制代码 
与command模块类似,但是支持shell特性,如管道、重定向
[root@control ansible]# ansible node1 -m shell -a "ip a| head"
node1 | CHANGED | rc=0 >>
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:44:4e:3b brd ff:ff:ff:ff:ff:ff
    inet 192.168.88.11/24 brd 192.168.88.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
复制代码
script模块
bash 复制代码 
用于在远程主机上执行脚本
在控制端创建脚本即可
[root@control ansible]# vim http.sh 
#!/bin/bash
yum -y install httpd
systemctl start httpd
在test组的主机上执行脚本
[root@control ansible]# ansible test -m script -a "http.sh"
查看test组的主机httpd服务是否开启
[root@control ansible]# ansible test  -a "systemctl status httpd"
node1 | CHANGED | rc=0 >>
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
   Active: active (running) since Tue 2023-11-07 19:04:56 EST; 44s ago
     Docs: man:httpd.service(8)
 Main PID: 3226 (httpd)
   Status: "Running, listening on: port 80"
    Tasks: 213 (limit: 5298)
   Memory: 27.8M
   CGroup: /system.slice/httpd.service
           ├─3226 /usr/sbin/httpd -DFOREGROUND
           ├─3227 /usr/sbin/httpd -DFOREGROUND
           ├─3230 /usr/sbin/httpd -DFOREGROUND
           ├─3231 /usr/sbin/httpd -DFOREGROUND
           └─3233 /usr/sbin/httpd -DFOREGROUND
​
11月 07 19:04:56 node1 systemd[1]: Starting The Apache HTTP Server...
11月 07 19:04:56 node1 httpd[3226]: AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80::dde1:3eea:5077:d08f. Set the 'ServerName' directive globally to suppress this message
11月 07 19:04:56 node1 systemd[1]: Started The Apache HTTP Server.
11月 07 19:04:56 node1 httpd[3226]: Server configured, listening on: port 80
相关推荐
热爱嵌入式的小许14 分钟前
Linux基础项目开发1:量产工具——显示系统
linux·运维·服务器·韦东山量产工具
韩楚风4 小时前
【linux 多进程并发】linux进程状态与生命周期各阶段转换,进程状态查看分析,助力高性能优化
linux·服务器·性能优化·架构·gnu
陈苏同学4 小时前
4. 将pycharm本地项目同步到(Linux)服务器上——深度学习·科研实践·从0到1
linux·服务器·ide·人工智能·python·深度学习·pycharm
Ambition_LAO4 小时前
解决:进入 WSL(Windows Subsystem for Linux)以及将 PyCharm 2024 连接到 WSL
linux·pycharm
Pythonliu74 小时前
茴香豆 + Qwen-7B-Chat-Int8
linux·运维·服务器
你疯了抱抱我4 小时前
【RockyLinux 9.4】安装 NVIDIA 驱动,改变分辨率,避坑版本。(CentOS 系列也能用)
linux·运维·centos
追风赶月、4 小时前
【Linux】进程地址空间(初步了解)
linux
栎栎学编程4 小时前
Linux中环境变量
linux
挥剑决浮云 -5 小时前
Linux 之 安装软件、GCC编译器、Linux 操作系统基础
linux·服务器·c语言·c++·经验分享·笔记
小O_好好学6 小时前
CentOS 7文件系统
linux·运维·centos
热门推荐
01【经验分享】Ubuntu22.04安装微信(linux官方版)02安卓系列机型永久去除data分区加密 详细步骤解析032024年高教社杯数学建模国赛C题超详细解题思路分析04CTF网络安全大赛简单的web抓包题目:HEADache05组基轨迹建模 GBTM的介绍与实现(Stata 或 R)06【2024数模国赛赛题思路公开】国赛B题思路丨附可运行代码丨无偿自提07pve(Proxmox VE)安装i225v网卡驱动08苍穹外卖面试总结09【2024高教社杯全国大学生数学建模竞赛】B题 生产过程中的决策问题——解题思路 代码 论文10RAG 实践- Ollama+RagFlow 部署本地知识库