Shulou(Shulou.com)06/01 Report--

This article mainly introduces "what is the basic structure and working mechanism of Ansible". In daily operation, I believe many people have doubts about the basic structure and working mechanism of Ansible. The editor consulted all kinds of materials and sorted out simple and easy-to-use methods of operation, hoping to help you answer the doubts about "what is the basic structure and working mechanism of Ansible?" Next, please follow the editor to study!

Ansible is an automated operation and maintenance tool, developed based on paramiko and based on modular work. Ansible is an open source platform that integrates configuration management, application deployment and specific tasks of IT system.

I. basic structure of Ansible

The above figure shows the basic architecture of ansible, which is composed of the following parts:

Core: ansible core module (Core Modules): these are the module extension modules (Custom Modules) that come with ansible: if the core module is not sufficient to perform a function, you can add an extension module plug-in (Plugins): a supplementary script to complete the module function (Playbooks): ansible's task configuration file, which defines multiple tasks in the script, and ansible automatically executes the connection plug-in (Connectior Plugins): ansible connects to each host based on the connection plug-in Although ansible uses ssh to connect to each host, it also supports other connection methods, so a connection plug-in host group (Host Inventory) is required: define the hosts managed by ansible II. How ansible works

The above are two ansible working schematic diagrams found on the Internet, both of which are basically an extension of the architecture diagram. You can see from the picture above:

1. The management side supports local, ssh and zeromq to connect the managed end. The ssh-based connection is used by default-this part corresponds to the connection module in the basic architecture diagram.

2. Host Inventory (host cluster) can be classified by application type, and the management node realizes the corresponding operation through all kinds of modules-single module, batch execution of single command, which can be called ad-hoc.

3. The management node can realize the collection of multiple task through playbooks to realize one kind of function, such as the installation and deployment of web service, the batch backup of database server and so on. Playbooks we can simply understand that the system through the combination of multiple ad-hoc operation configuration files.

III. Seven orders of ansible

After installing ansible, we found that ansible provided us with a total of seven instructions: ansible, ansible-doc, ansible-galaxy, ansible-lint, ansible-playbook, ansible-pull, ansible-vault. Here we only look at the usage section, and the details can be obtained by "instruction-h".

1 、 ansible

1. [root@localhost ~] # ansible-h2.Usage: ansible [options]

Ansible is the core part of the instruction, which is mainly used to execute ad-hoc commands, that is, a single command. The default needs to be followed by the host and options, and when the module is not specified by default, the command module is used. Such as:

1. [root@361way.com ~] # ansible 192.168.0.102-a 'date'2192.168.0.102 | success | rc=0 > > 3Tue May 12 22:57:24 CST 2015

However, the modules used by default can be modified in ansible.cfg. The parameters under the ansible command are explained as follows:

Parameter:-a 'Arguments',-args='Arguments' command line parameter-m NAME,-module-name=NAME execution module name, default uses command module, so if you only execute a single command, you can specify the path of the inventory host file without the-m parameter-I PATH,-inventory=PATH. Default is / etc/ansible/hosts.-u Username,-user=Username execution user Which user to use this remote user name instead of the current user-U-sud-user=SUDO_User sudo, defaults to the root-k-ask-pass login password Prompt for SSH password instead of assuming key-based authentication-K-ask-sudo-pass prompt password to run using sudo-s-sudo sudo-S-su uses the su command-l-list to display all supported modules-s-snippet specified module shows the number of script snippets-f-forks=NUM parallel tasks. NUM is specified as an integer, and the default is 5. # ansible testhosts-a "/ sbin/reboot"-f 10 restart all machines in the testhosts group, 10 at a time-private-key=PRIVATE_KEY_FILE private key path, use this file to verify the connection-v-verbose details all executes-M MODULE_PATH for all hosts defined by hosts,-the path of the module to be executed by module-path=MODULE_PATH. The default is / usr/share/ansible/-list-hosts to print only which hosts execute this playbook file. Do not actually execute the playbook file-o-one-line compressed output, summary output. Try to output everything on one line. -t Directory,-tree=Directory saves the contents in this output directory, and the results are saved in a file on each host. -B background running timeout-P survey background program time-T Seconds,-timeout=Seconds time, unit second Smurp NUM,-poll=NUM background check every few seconds. Need-bmurc Connection,-connection=Connection connection type to use. The possible options are paramiko (SSH), SSH and place. Local is mainly used for crontab or startup. -tags=TAGS only executes tasks with a specified label example: ansible-playbook test.yml-tags=copy only executes the task labeled copy-list-hosts only prints which hosts execute the playbook file, not actually executes the playbook file-list-tasks lists all the tasks to be performed-C,-check is just testing what will change, not actually executing it. Instead, try to predict some possible changes-a script in which syntax-check performs syntax checking, but does not execute it-l SUBSET,-limit=SUBSET further restricts the selected host / group mode-limit=192.168.0.15 executes only on this ip-skip-tags=SKIP_TAGS runs only tags that do not match these values-skip-tags=copy_start-e EXTRA_VARS -extra-vars=EXTRA_VARS extra variable is set to key = value or YAML / JSON#cat update.yml-- hosts: {{hosts}} remote_user: {{user}}. .. # ansible-playbook update.yml-extra-vars "hosts=vipers user=admin" passes {{hosts}}, {{user}} variables, and hosts can be ip or group name-lmaire limit executes tasks on specified hosts / groups-limit=192.168.0.10192.168.0.11 or-l 192.168.0.10192.168.0.11 only executes tasks on these two ip

2 、 ansible-doc

# ansible-doc-hUsage: ansible-doc [options] [module...]

This directive is used to view module information. There are two common parameters,-l and-s, as follows:

/ / list all installed modules # ansible-doc-lash / check the specific usage of a module, such as command module # ansible-doc-s command

3 、 ansible-galaxy

# ansible-galaxy-hUsage: ansible-galaxy [init | info | install | list | remove] [--help] [options].

The ansible-galaxy instruction is used to easily download third-party extension modules from https://galaxy.ansible.com/ sites, and we can vividly understand that they are similar to yum under centos, pip under python or easy_install. The following is an example:

[root@localhost ~] # ansible-galaxy install aeriscloud.docker- downloading role 'docker', owned by aeriscloud- downloading role from https://github.com/AerisCloud/ansible-docker/archive/v1.0.0.tar.gz- extracting aeriscloud.docker to / etc/ansible/roles/aeriscloud.docker- aeriscloud.docker was installed successfully

This installs an aeriscloud.docker component, with the aeriscloud in front of the user name that created the module on galaxy, followed by its module. In practical applications, you can also specify txt or yml files to download and install multiple components. You can refer to the official documentation for this section.

4 、 ansible-lint

Ansible-lint is a tool for checking the syntax of playbook. The usage is ansible-lint playbook.yml.

5 、 ansible-playbook

This instruction is the most frequently used instruction, which performs the corresponding action after reading the playbook file, which will be used as a key point later.

6 、 ansible-pull

This instruction uses another mode that needs to talk about ansible-pull mode, which is contrary to the push mode that we often use, and it applies to the following scenarios: you have a large number of machines to configure, and it takes a lot of time to use very high threads; you have to run Anisble on a machine that does not have a network connection, such as installing after startup. This part will also be discussed in a separate section.

7 、 ansible-vault

Ansible-vault is mainly used in configuration files that contain sensitive information and do not want it to be seen. Vault can help you encrypt / decrypt this configuration file, which belongs to advanced usage. Mainly for playbooks, such as when it comes to configuring passwords or other variables, you can encrypt through this instruction, so that what we see through cat is a password string file, which needs to be opened by entering a pre-set password when editing. When this kind of playbook file is executed, you need to add the-ask-vault-pass parameter, and you also need to enter a password before it can be executed normally. For details, please refer to the official blog.

Note: of the above seven instructions, only two ansible and ansible-playbook are most used. These two must be mastered, and the other five belong to extension or advanced parts.

At this point, the study on "what is the basic structure and working mechanism of Ansible" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.