一日练,一日功,一日不练十日空。—— 《增广贤文》
一、基础
ansible是一种自动化运维工具,基于Python开发,集合了众多运维工具(puppet、chef、func、fabric)的优点,实现了批量系统配置、批量程序部署、批量运行命令等功能。
二、使用
Mac
安装
- brew安装
brew install ansible,本文使用brew安装 - pip安装
pip install ansible - 源码安装
- git clone https://github.com/ansible/ansible.git
- cd ansible
- sudo python setup.py install
- brew安装
验证
ansible --version1
2
3
4
5
6
7
8
9ansible [core 2.11.6]
config file = None
configured module search path = ['/Users/xxxx/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/Cellar/ansible/4.8.0/libexec/lib/python3.10/site-packages/ansible
ansible collection location = /Users/xxxx/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/local/bin/ansible
python version = 3.10.0 (default, Oct 13 2021, 06:44:31) [Clang 12.0.0 (clang-1200.0.32.29)]
jinja version = 3.0.2
libyaml = True配置
cd /etcsudo mkdir ansiblegit clone https://github.com/ansible/ansible.git && cd ansiblesudo cp -R * /etc/ansible生成秘钥:
ssh-keygen将秘钥推送到指定服务器:
机器1:
ssh-copy-id username@ip1机器2:
ssh-copy-id username@ip2机器3:
ssh-copy-id username@ip3公司本地开发服务器,一般会有多个人一起协作,按此方式推送的话有可能会覆盖别人的秘钥,按如下方式处理:
ssh-keygen时输入自定义的名字
- Enter file in which to save the key (/Users/xxxx/.ssh/id_rsa):id_rsa_play
此时会在.ssh目录下生成一对儿
id_rsa_play和id_rsa_play.pubvim config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17Host server1 #填写别名(自定义)
HostName ip1 #填写真实的服务地址
User user1
IdentityFile /Users/xxxx/.ssh/id_rsa_play #填写证书所在位置
PreferredAuthentications publickey
Host server2
HostName ip2
User user2
IdentityFile /Users/xxxx/.ssh/id_rsa_play
PreferredAuthentications publickey
Host server3
HostName ip3
User user3
IdentityFile /Users/xxxx/.ssh/id_rsa_play
PreferredAuthentications publickey
1
2
3
4
5
6
7
8
9
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/username/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
username@ip's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'username@ip'"
and check to make sure that only the key(s) you wanted were added.
* 测试免密登录`ssh username@ip`,登录成功则说明配置成功
* 修改配置文件`vim /etc/ansible/hosts`
1
2
3
4
5
6
[host1]
10.2.24.180
10.2.24.179
[host2]
10.2.24.141
使用
测试能否ping通
ansible all -m ping1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21ip1 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
ip2 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
ip3 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}ansible host1 -a ". .bash_profile;ps -fe |grep php" -m shell- 查看具体执行过程
ansible host1 -a ". .bash_profile;ps -fe |grep php" -m shell -vvv - 指定hosts文件位置
ansible -i /path/hosts host1 -a ". .bash_profile;ps -fe |grep php" -m shell -vvv - ansible -i ~/tools/hosts host1 -m fetch -a “src=/home/xxx/*.txt dest=./ force=yes”
- 查看具体执行过程
执行scripts``
playbook
$a = exec(“/path/Python-2.7.8/bin/ansible -i /path/hosts -m copy -a "src=/path/test.php dest=/path/" global”, $out, $status);
$a = exec(“/paty/Python-2.7.8/bin/ansible -i /path/hosts -m synchronize -a "src=/path/test.php dest=/path/" global”, $out, $status);
- Linux
- 安装
- 配置
- 使用
- 集群假设有1台admin节点3台服务节点,直接在admin节点修改3台服务节点的时间