Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Ansible installation configuration (linux client)

2025-04-02 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Share

Shulou(Shulou.com)06/03 Report--

yum installation

yum install epel-release -y

yum install ansible -y

ansible profile

inventory = /etc/ansible/hosts1 This parameter indicates the location of the inventory file, which is a list of hosts that ansible needs to connect to manage. library = /usr/share/ansible1Ansible operations, whether local or remote, are performed using a small piece of code called a module, and this library parameter points to the directory where the ansible module is stored. forks = 51 sets the maximum number of processes ansible can have working simultaneously by default, starting with ansible 1.3, the number of forks is automatically set to the number of hosts or potential hosts by default, and the default setting is up to 5 processes working in parallel. How many nodes need to be set can be determined according to the performance of the control host and the number of managed nodes, which may be 50 or 100. The default value of 5 is very conservative. sudo_user = root1 This is the default user to execute the command, you can also reset this parameter in the playbook. remote_port = 221 This is the management port that specifies the connection to the managed node. The default is 22. Unless a special SSH port is set, this parameter generally does not need to be modified. host_key_checking = False1 This is the key that sets whether to check SSH hosts. Can be set to True or False, no prompt for first connection after shutdown Configuration instance timeout = 601 This is the timeout interval for setting SSH connections in seconds. log_path = /var/log/ansible.log1 By default, log is not logged. If you want to log the output of ansible system to log file, you need to set log_path to specify a file to store ansible log.

ansible supports multiple directory modes, as long as they are separated by colons " : ". At the same time, it will also check the./under the current execution playbook position. library directory.

ansible configure public and private keys

1. First generate the secret key

##Execute the next command and enter all the way!

[root@CentOS7-master ~]# sudo ssh-keygen -t rsa12

2. Then distribute the secret key to the host:

##All IP addresses or host names added to the host list must be executed once with the following command.

[root@CentOS7-master ~]# sudo ssh-copy-id root@ hostname or IP address 12

3. If:

ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.123.45

-bash: ssh-copy-id: command not found

#Please try: yum -y install opensh-clientsansible

ansible host list settings, edit/etc/ansible/hosts, add the hostnames of all other hosts in ansible host

vim /etc/hosts

192.168.123.45 server-1

192.168.123.46 server-2

192.168.123.47 server-3

192.168.123.48 server-4

192.168.123.49 server-5

192.168.123.50 server-6

if that control end is a pem file, the pem file is transmitted to the specify path of the ansible-server end

vim /etc/ansible/hosts [zhandian1]server-1 ansible_ssh_user=centos ansible_ssh_private_key_file=/home/centos/aws_secret/nginx.pemserver-2 ansible_ssh_user=centos ansible_ssh_private_key_file=/home/centos/aws_secret/nginx.pemserver-4 ansible_ssh_user=centos ansible_ssh_private_key_file=/home/centos/aws_secret/nginx.pemserver-5 ansible_ssh_user=centos ansible_ssh_private_key_file=/home/centos/aws_secret/nginx.pemserver-6 ansible_ssh_user=centos ansible_ssh_private_key_file=/home/centos/aws_secret/nginx.pem

If the ssh port is modified, ansible_ssh_port=3333 , open security group, port 22, needs to be added.

ansible command set

Parameter comments/usr/bin/ansibleAnsibleAD-Hoc temporary command execution tool, often used for temporary command execution/usr/bin/ansible-docansible module function viewing tool/usr/bin/ansible-galaxy download/upload excellent code or Roles module official platform, network-based/usr/bin/ansible-playbookansible custom automated task set orchestration tool/usr/bin/ansible-pullansible remote command execution tool, pull configuration rather than push configuration (Use less, use when a large number of machines, high requirements for O & M architecture)/usr/bin/ansible-vaultansible File encryption tool/usr/bin/ansible-consoleansible Command execution tool based on Linux Consoble interface that can interact with users

Ansible common command

Comments Parameters Execute Remote Home Directory Script ansible all -m shell -a 'sudo sh aaa.sh' Specify permissions on the node, The owner and array are rootable '*' -m file -a "dest=/tmp/t.sh mode=755 owner=root group=root" Define a scheduled task on the specified node, update time every 3 minutes to the master side ansible '' -m cron -a 'name="custom job" minute=/3 hour= day= month= weekday= job="/usr/sbin/ntpdate 172.16.254.139"' Create a group named aaa on the specified node, group with gid 2017 ansible all -m group -a 'gid= 2017 name=a' Create a user aaa on the node, Groups are aansible all -m user -a 'name=aaa groups=aaa state=present' Delete user example ansible all -m user -a 'name=aaa groups=aaa remove=yes' Install httpdansible all -m yum -a "state=present name=httpd" Start service on node, and boot from ansible all -m service -a 'name=httpd state=started enabled=yes' check host connection ansible '*' -m ping execute remote command ansible '*'-m command -a 'uptime' execute master script ansible '*' -m script -a '/root/test.sh' create soft link ansible '*' -m file -a "src=/etc/resolv.conf dest=/tmp/resolv.conf state=link" delete soft link ansible '*' -m file -a "path=/tmp/resolv.conf state=absent" copy file to remote server ansible '*' -m copy -a "src=/etc/ansible/ansible.cfg dest=/tmp/ansible.cfg owner=root group=root mode=0644" download file on specified url to/tmpansible all -m get_url -a 'url=http://10.1.1.116/favicon.ico dest=/tmp'

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Servers

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report