| 角色 | IP | 系统 |
|---|---|---|
| ansible server | 120.53.13.240 | Centos7.6 |
| client | 123.207.166.69 | Centos7.6 |
确保Python的版本在2.6以上,如果是Centos7的话自带Python2.7.5
可以使用pthone -V 进行查看。
1、关闭防火墙
[root@ansible ~]# systemctl stop firewalld
[root@ansible ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
2、ansabile安装
[root@ansible ~]# yum install epel-release -y
[root@ansible ~]# yum install ansible -y
3、配置秘钥
[root@ansible ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:+dF9Y6Qkmxdyjm8LlAEy40KGaIAIj7YmDfzxfa03I5I root@ansible
The key's randomart image is:
+---[RSA 2048]----+
|B . .o + . |
|+= .o . + . |
|+o.. . . + + . |
|.oo o o ...%.+ |
|.o.. . .S..B.+.o.|
|o o.o.o ...|
| E o.= o |
| . o = . |
| . |
+----[SHA256]-----+
[root@ansible ~]#
4、将秘钥上传至客户端
[root@ansible ~]# scp /root/.ssh/id_rsa.pub root@123.207.166.69:/root/.ssh/authorized_keys
The authenticity of host '123.207.166.69 (123.207.166.69)' can't be established.
ECDSA key fingerprint is SHA256:+Pc5SdHeWlF7Wk1a+7zgdFww8MUMXys7W5xBxxVV0PI.
ECDSA key fingerprint is MD5:01:7a:de:00:77:33:2a:90:a7:e6:6f:21:01:b5:d3:06.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '123.207.166.69' (ECDSA) to the list of known hosts.
root@123.207.166.69's password:
id_rsa.pub 100% 394 78.3KB/s 00:00
5、配置ansible
[root@ansible ~]# vim /etc/ansible/ansible.cfg
remote_port = 22
private_key_file = /root/.ssh/id_rsa
Ansible配置文件/etc/ansible/ansible.cfg(一般保持默认)
[defaults]
# some basic default values...
#inventory = /etc/ansible/hosts #主机列表配置文件
#library = /usr/share/my_modules/ #库文件存放目录
#module_utils = /usr/share/my_module_utils/ #临时py命令文件存放在远程主机目录
#remote_tmp = ~/.ansible/tmp #本机的临时命令执行目录
#local_tmp = ~/.ansible/tmp
#plugin_filters_cfg = /etc/ansible/plugin_filters.yml
#forks = 5 #默认并发数量
#poll_interval = 15
#sudo_user = root #默认sudo用户
#ask_sudo_pass = True #每次执行ansible命令是否询问ssh密码
#ask_pass = True
#transport = smart
#remote_port = 22 #远程端口 与ssh保持一致
#module_lang = C
#module_set_locale = False #检查对应服务器的host_key,建议取消注释
#log_path = /var/log/ansible.log #日志文件建议开启
6、配置管理的机器
[root@ansible ~]# vim /etc/ansible/hosts
[clienthosts] ##最后添加
123.207.166.69
7、执行命令进行测试
[root@ansible ~]# ansible clienthosts -m command -a 'uptime'
123.207.166.69 | CHANGED | rc=0 >>
17:06:48 up 10 days, 1:39, 2 users, load average: 0.08, 0.11, 0.07
[root@ansible ~]# ansible clienthosts -m command -a 'uname -a'
123.207.166.69 | CHANGED | rc=0 >>
Linux VM_16_6_centos 3.10.0-1062.9.1.el7.x86_64 #1 SMP Fri Dec 6 15:49:49 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
8、常用命令
ansible-doc -l #查看支持的模块
ansible-doc -s MODEL_NAME #查看模块用法
ansible命令应用基础
ansible <host-pattern> [options]
-f fork:启动并发 线程数
-m model_name:要使用的模块
-a args:特有的参数
ansible all -m ping #查看client端是否正常ping通
ansible webserver -m setup #查看客户端信息
ansible webserver -m copy -a 'src=/root/git_test/code.txt dest=/root/test' #copy文件到client端
ansible webserver -m user -a "name=test state=present" #创建test用户
ansible webserver -m user -a "name=test state=absent" #删除test用户
ansible webserver -m yum -a 'name=epel-relese state=latest' #yum安装
ansible webserver -m systemd -a 'name=httpd state=stopped enabled=no' #停止httpd服务
ansible webserver -m script -a '/tmp/test,sh' #运行脚本
ansible webserver -m command 'date' #查看时间
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
