ansible的搭建

1. 安装

一台控制主机：60.60.1.31

三台客户端主机：

60.60.1.30

60.60.1.32

60.60.1.33

安装要求：

控制服务器：需要安装 Python2.6/2.7

管理服务器：需要安装 Python2.4 以上版本，若低于 Python2.5 需要安装 pythonsimplejson; 若启用了 selinux，则需要安装 libselinux-python。

本次安装基于CentOS7系统环境、Python2.7.5、ansible用户。

 

1. yum安装

yum install epel-release

yum install ansible

 

1. 配置控制主机

 vim /etc/ansible/hosts

[web]

60.60.1.30

[p60]

60.60.1.13

60.60.1.14

60.60.1.15

60.60.1.17

60.60.1.19

[p193]

192.168.193.10

192.168.193.11

192.168.193.12

192.168.193.13

192.168.193.16

4、配置客户端主机

   useradd  ansible 添加ansible用户

   passwd  ansible 设置密码

   cd /home/ansible

   mkdir  .ssh 建一个目录

   chown -R ansible.ansible .ssh 修改目录权限

   vim /etc/sudoers  添加一行

   ansible            ALL=(ALL)     NOPASSWD: ALL

5、配置控制主机SSH密钥

   ssh-keygen -t rsa

   将公钥拷贝到管理主机中.ssh/authorized_keys文件中，实现免密码登录远程管理主机

ssh-copy-id -i ~/.ssh/id_rsa.pub ansible@60.60.1.30

ssh-copy-id -i ~/.ssh/id_rsa.pub ansible@60.60.1.32

ssh-copy-id -i ~/.ssh/id_rsa.pub ansible@60.60.1.33

注：ssh-copy-id命令会自动将id_rsa.pub文件的内容追加到远程主机ansible用户下.ssh/authorized_keys文件中。

 

6、ansible配置

   vim /etc/ansible/ansible.cfg

  1> 禁用每次执行ansbile命令检查ssh key host

host_key_checking = False

2> 开启日志记录

log_path = /var/log/ansible.log

3> ansible连接加速配置

[accelerate]

#accelerate_port = 5099

accelerate_port = 10000

#accelerate_timeout = 30

#accelerate_connect_timeout = 5.0

 

# If set to yes, accelerate_multi_key will allow multiple

# private keys to be uploaded to it, though each user must

# have access to the system via SSH to add a new key. The default

# is "no".

accelerate_multi_key = yes

 

7、测试

 ansible all -m ping

结果如下

[ansible@60-60-1-31 ~]$ ansible all -s -m ping

[DEPRECATION WARNING]: The sudo command line option has been deprecated in favor of the "become" command line arguments. This feature will be removed

in version 2.6. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.

192.168.193.10 | SUCCESS => {

    "changed": false,

    "ping": "pong"

}

192.168.193.12 | SUCCESS => {

    "changed": false,

    "ping": "pong"

}

192.168.193.11 | SUCCESS => {

    "changed": false,

    "ping": "pong"

}

192.168.193.13 | SUCCESS => {

    "changed": false,

    "ping": "pong"

}

60.60.1.30 | SUCCESS => {

 

8、