0%

DevOps之ansible

一日练,一日功,一日不练十日空。—— 《增广贤文》

一、基础

      ansible是一种自动化运维工具,基于Python开发,集合了众多运维工具(puppet、chef、func、fabric)的优点,实现了批量系统配置、批量程序部署、批量运行命令等功能。

二、使用

  1. Mac

    • 安装

    • 验证ansible --version

      1
      2
      3
      4
      5
      6
      7
      8
      9
      ansible [core 2.11.6]
      config file = None
      configured module search path = ['/Users/xxxx/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
      ansible python module location = /usr/local/Cellar/ansible/4.8.0/libexec/lib/python3.10/site-packages/ansible
      ansible collection location = /Users/xxxx/.ansible/collections:/usr/share/ansible/collections
      executable location = /usr/local/bin/ansible
      python version = 3.10.0 (default, Oct 13 2021, 06:44:31) [Clang 12.0.0 (clang-1200.0.32.29)]
      jinja version = 3.0.2
      libyaml = True
    • 配置

      • cd /etc

      • sudo mkdir ansible

      • git clone https://github.com/ansible/ansible.git && cd ansible

      • sudo cp -R * /etc/ansible

      • 生成秘钥:ssh-keygen

      • 将秘钥推送到指定服务器:

        • 机器1:ssh-copy-id username@ip1

        • 机器2:ssh-copy-id username@ip2

        • 机器3:ssh-copy-id username@ip3

          • 公司本地开发服务器,一般会有多个人一起协作,按此方式推送的话有可能会覆盖别人的秘钥,按如下方式处理:

            • ssh-keygen时输入自定义的名字

              • Enter file in which to save the key (/Users/xxxx/.ssh/id_rsa):id_rsa_play
            • 此时会在.ssh目录下生成一对儿id_rsa_playid_rsa_play.pub

            • vim config

              1
              2
              3
              4
              5
              6
              7
              8
              9
              10
              11
              12
              13
              14
              15
              16
              17
              Host server1     #填写别名(自定义)
              HostName ip1 #填写真实的服务地址
              User user1
              IdentityFile /Users/xxxx/.ssh/id_rsa_play #填写证书所在位置
              PreferredAuthentications publickey

              Host server2
              HostName ip2
              User user2
              IdentityFile /Users/xxxx/.ssh/id_rsa_play
              PreferredAuthentications publickey

              Host server3
              HostName ip3
              User user3
              IdentityFile /Users/xxxx/.ssh/id_rsa_play
              PreferredAuthentications publickey
   
1
2
3
4
5
6
7
8
9
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/username/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
username@ip's password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh 'username@ip'"
and check to make sure that only the key(s) you wanted were added.
* 测试免密登录`ssh username@ip`,登录成功则说明配置成功 * 修改配置文件`vim /etc/ansible/hosts`
1
2
3
4
5
6
[host1]
10.2.24.180
10.2.24.179

[host2]
10.2.24.141
  • 使用

    • 测试能否ping通ansible all -m ping

      1
      2
      3
      4
      5
      6
      7
      8
      9
      10
      11
      12
      13
      14
      15
      16
      17
      18
      19
      20
      21
      ip1 | SUCCESS => {
      "ansible_facts": {
      "discovered_interpreter_python": "/usr/bin/python"
      },
      "changed": false,
      "ping": "pong"
      }
      ip2 | SUCCESS => {
      "ansible_facts": {
      "discovered_interpreter_python": "/usr/bin/python"
      },
      "changed": false,
      "ping": "pong"
      }
      ip3 | SUCCESS => {
      "ansible_facts": {
      "discovered_interpreter_python": "/usr/bin/python"
      },
      "changed": false,
      "ping": "pong"
      }
    • ansible host1 -a ". .bash_profile;ps -fe |grep php" -m shell

      • 查看具体执行过程ansible host1 -a ". .bash_profile;ps -fe |grep php" -m shell -vvv
      • 指定hosts文件位置ansible -i /path/hosts host1 -a ". .bash_profile;ps -fe |grep php" -m shell -vvv
      • ansible -i ~/tools/hosts host1 -m fetch -a “src=/home/xxx/*.txt dest=./ force=yes”
    • 执行scripts``

    • playbook

  1. Linux
    • 安装
    • 配置
    • 使用
      • 集群假设有1台admin节点3台服务节点,直接在admin节点修改3台服务节点的时间

三、扩展

  1. rsync

    四、参考

  2. 参考一
  3. 参考二
  4. 参考三