本文介绍了如何在Linux环境中通过yum源安装Ansible,强调了确保虚拟机联网的重要性,并详细步骤配置国内镜像,以实现18560个包的正常扫描。同时,文章还涉及建立普通用户并进行权限设置,以实现免密连接所有主机,完成了Ansible的安装和初步配置。
准备主机
模拟多台主机ansible部署
| 主机 | 功能 |
|---|---|
| ansible-server | 172.25.65.10 |
| agent1 | 172.25.65.11 |
| agent2 | 172.25.65.12 |
部署准备
- 保证虚拟机能正常上网(三台主机都做)
可以参照Linux系统下让虚拟机具备上网功能和访问外网优先级及DHCP的搭建 - 配置yum源
[root@server10 ~]# vim yum.repo ##添加镜像文件
[ansible]
name=ansible
baseurl=https://mirror.tuna.tsinghua.edu.cn/epel/7/x86_64/
gpgcheck=0
[root@server10 yum.repos.d]# yum clean all
Loaded plugins: product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
Cleaning repos: ansible rhel7.5
Cleaning up everything
Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos
[root@server10 yum.repos.d]# yum repolist
Loaded plugins: product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
ansible | 5.3 kB 00:00
rhel7.5 | 4.3 kB 00:00
(1/5): ansible/updateinfo | 1.0 MB 00:01
(2/5): rhel7.5/group_gz | 145 kB 00:00
(3/5): rhel7.5/primary_db | 4.1 MB 00:00
(4/5): ansible/group_gz | 90 kB 00:01
(5/5): ansible/primary_db | 6.9 MB 00:08
repo id repo name status
ansible ansible 13,461
rhel7.5 rhel7.5 5,099
repolist: 18,560
扫描到的包数量是18560才是正常的 rhel7.5+外网镜像
[root@server10 yum.repos.d]# yum install ansible -y
Installed:
ansible.noarch 0:2.9.1-1.el7
Dependency Installed:
PyYAML.x86_64 0:3.10-11.el7
libyaml.x86_64 0:0.1.4-11.el7_0
python-babel.noarch 0:0.9.6-8.el7
python-backports.x86_64 0:1.0-8.el7
python-backports-ssl_match_hostname.noarch 0:3.5.0.1-1.el7
python-cffi.x86_64 0:1.6.0-5.el7
python-enum34.noarch 0:1.0.4-1.el7
python-httplib2.noarch 0:0.9.2-0.2.el7
python-idna.noarch 0:2.4-1.el7
python-ipaddress.noarch 0:1.0.16-2.el7
python-jinja2.noarch 0:2.7.2-2.el7
python-markupsafe.x86_64 0:0.11-10.el7
python-paramiko.noarch 0:2.1.1-0.10.el7
python-ply.noarch 0:3.4-11.el7
python-pycparser.noarch 0:2.14-1.el7
python-setuptools.noarch 0:0.9.8-7.el7
python2-cryptography.x86_64 0:1.7.2-2.el7
python2-jmespath.noarch 0:0.9.0-1.el7
python2-pyasn1.noarch 0:0.1.9-7.el7
sshpass.x86_64 0:1.06-1.el7
Complete!
从以上安装过程可以看出,ansible和python环境有依赖
- 建立普通用户
超级用户也可以,但是一般的生产环境中,普通用户更多被使用
三台主机都做
[root@server10 yum.repos.d]# useradd devops
[root@server10 yum.repos.d]# passwd devops ##给devops设置密码
- 给普通用户授权
[root@server10 yum.repos.d]# visudo
大概在93行的地方,添加
93 devops ALL=(ALL) NOPASSWD:ALL
- 切换到普通用户(master)
[root@server10 yum.repos.d]# su - devops
- 免密
[devops@server10 yum.repos.d]# ssh-keygen
[devops@server10 yum.repos.d]# ssh-copy-id server11
[devops@server10 yum.repos.d]# ssh-copy-id server12
- 将
/etc/ansible拷贝到devops的用户家目录下
[root@server10 yum.repos.d]# cd /etc/ansible
[root@server10 yum.repos.d]# ls
ansible.cfg hosts
[root@server10 etc]# cp -ir /etc/ansible /home/devops/
[devops@server10 ~]$ ls
ansible
[devops@server10 ~]$ ll ansible
-rw-r--r-- 1 devops devops 146 Nov 23 21:24 ansible.cfg
-rw-rw-r-- 1 devops devops 140 Nov 23 20:35 hosts
- 修改inventory文件
[devops@server10 ~]$ cat ansible.cfg
[defaults]
inventory = ./hosts ##会优先读取当前目录下的hosts
[privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=False
- 修改hosts文件
该文件中存放主机的信息
[devops@server10 ansible]$ cat hosts
[test]
172.25.65.11
172.25.65.12
[my]
172.25.65.10
测试
[root@server10 ansible]# ansible test -m ping
server11 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
- 测试所有的主机是否都能免密连接
[root@server10 ansible]# ansible all -m ping
server12 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
server11 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
至此,ansible的安装和免密设置完成!!!
扫一扫
617
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
