Shulou(Shulou.com)06/01 Report--

I. ansible description

Ansible is an automated tool that can configure systems, software releases, orchestrate advanced tasks, and choreograph more advanced tasks, such as continuous deployment or zero downtime rolling updates.

II. Anisble installation

2.1 if you want to install it through yum, you need to install EPEL

Download address:

1 https://admin.fedoraproject.org/mirrormanager/mirrors/EPEL

2.2. Install epel:

1rpm-ivh epel-release-latest-7.noarch.rpm

2.3. Install ansible to automatically resolve dependencies

1yum install ansible

2.4. The installation list is as follows:

1ansible 、 PyYAML 、 libtomcrypt 、 libtommath 、 libyaml 、 python-babel 、 python-backports 、 python-backports-ssl_match_hostname 、 python-httplib2 python-jinja2 、 python-keyczar 、 python-markupsafe 、 python-setuptools 、 python2-crypto 、 python2-ecdsa 、 python2-paramiko 、 python2-pyasn1 、 sshpass

2.5. View the ansible version:

one

two

# rpm-qa | grep ansible

Ansible-2.2.0.0-4.el7.noarch

2.6. Structure description

one

two

three

four

five

six

seven

eight

nine

ten

/ etc/ansible/ansible.cfg # main configuration file

/ etc/ansible/hosts # list of certified hosts

/ etc/ansible/roles # role configuration path

/ usr/bin/ansible # main command

/ usr/bin/ansible-console

/ usr/bin/ansible-doc # ansible help documentation

/ usr/bin/ansible-galaxy

/ usr/bin/ansible-playbook # playbook command

/ usr/bin/ansible-pull

/ usr/bin/ansible-vault

III. Ansible certification and basic use

3.1. Lab environment description:

172.16.110.39 ansible

172.16.110.47 client1

3.2.anisble is based on ssh authentication, which is verified by adding host key authentication.

Server side

# ssh-keygen-t rsa-P''

# scp / root/.ssh/id_rsa.pub root@172.16.110.47:/data

#

Client

# cd / data/

# cat id_rsa.pub > > / root/.ssh/authorized_keys

# chmod 600 / root/.ssh/authorized_keys

#

3.3. Operation description

one

two

# ansible-h

Usage: ansible [options]

3.3.1. Run a simple ping test

one

two

three

# ansible all-m ping

[WARNING]: provided hosts list is empty, only localhost is available

[WARNING]: No hosts matched, nothing to do

Hint, no server list is provided, so add a list

Host list can be run by ip, domain name, grouping, regular matching, etc.

3.3.2. Ip list method for hosts:

# vim / etc/ansible/hosts

[webservers]

10.237.154.25

Ansible all-m ping

SUCCESS: indicates success

False: indicates that no changes have been made

Pong: the returned value indicates success

3.3.3. Run commands in groups:

one

two

three

four

Vim / etc/ansible/hosts

[webserver]

172.16.110.47

one

two

three

# ansible webserver-a "ls / root"

172.16.110.47 | SUCCESS | rc=0 > >

Anaconda-ks.cfg

The above problems indicate that there is a problem with ssh certification. Do it again.

3.3.5. Use regular lists:

one

two

three

Vim / etc/ansible/hosts

[webserver]

172.16.110.4 [7:8]

one

two

three

four

five

six

seven

# ansible webserver-a "/ sbin/ifconfig ens33 | grep netmask"

172.16.110.48 | FAILED | rc=1 > >

|: Unknown host

Ifconfig: `--help' gives usage information.

172.16.110.47 | FAILED | rc=1 > >

|: Unknown host

Ifconfig: `--help' gives usage information.

The pipeline is added here, and the ansible pipeline must be run using shell's module.

one

two

three

four

five

# ansible webserver-m shell-a "/ sbin/ifconfig ens33 | grep netmask"

172.16.110.47 | SUCCESS | rc=0 > >

Inet 172.16.110.47 netmask 255.255.255.0 broadcast 172.16.110.255

172.16.110.48 | SUCCESS | rc=0 > >

Inet 172.16.110.48 netmask 255.255.255.0 broadcast 172.16.110.255

Description of 3.4.Inventory parameters, extracted from the Internet

one

two

three

four

five

six

seven

eight

nine

ten

eleven

twelve

thirteen

fourteen

fifteen

sixteen

seventeen

eighteen

nineteen

twenty

twenty-one

twenty-two

twenty-three

Ansible_ssh_host

The name of the remote host to be connected. If it is different from the alias of the host you want to set, you can set it through this variable.

Ansible_ssh_port

Ssh port number. If it is not the default port number, set it through this variable.

Ansible_ssh_user

Default ssh user name

Ansible_ssh_pass

Ssh password (this method is not secure, we strongly recommend using-- ask-pass or SSH key)

Ansible_sudo_pass

Sudo password (this method is not secure, we strongly recommend using-- ask-sudo-pass)

Ansible_sudo_exe (new in version 1.8)

Sudo command path (for version 1.8 and above)

Ansible_connection

The type of connection to the host. For example: local, ssh or paramiko. After using paramiko.1.2 by default, Ansible 1.2 will judge whether the 'smart','smart' mode is feasible according to whether it supports ControlPersist or not.

Ansible_ssh_private_key_file

The private key file used by ssh. Suitable for situations where you have multiple keys and you do not want to use a SSH proxy.

Ansible_shell_type

The shell type of the target system. By default, commands are executed using 'sh' syntax, which can be set to' csh' or 'fish'.

Ansible_python_interpreter

The python path of the target host. Applicable: there are multiple Python in the system, or the command path is not "/ usr/bin/python", such as\ * BSD, or / usr/bin/python

Not the 2.x version of Python. we

Do not use the "/ usr/bin/env" mechanism, as this requires that the path of the remote user is set correctly, and that the "python" executable name cannot be a name other than python (it may actually be python26).

In the same way as ansible_python_interpreter, you can set a path such as ruby or perl.

The example shows:

one

two

three

four

Some_host ansible_ssh_port=2222 ansible_ssh_user=manager

Aws_host ansible_ssh_private_key_file=/home/example/.ssh/aws.pem

Freebsd_host ansible_python_interpreter=/usr/local/bin/python

Ruby_module_host ansible_ruby_interpreter=/usr/bin/ruby.1.9.3

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.