本文档介绍了如何使用Ansible进行环境配置,包括在三台机器上更改主机名、设置IP地址、配置免密登录、安装Ansible,并通过验证确保节点间可以免密ping通。详细步骤包括手动配置网络、添加主机映射到/etc/hosts,以及生成和分发SSH密钥。
准备三台机器:
server.example.com
node1.example.com
node2.example.com
配置IP,主机名,/etc/hosts
然后去配置免密登录
配置yum源使用Centos-stream.repo
安装ansible
使用ansible --version去验证
配置清单:/etc/ansible/hosts
[node]
node1.example.com
node2.example.com
使用ansible node -m ping去验证
1.主机改名
分别将三台机器改名为
server.example.com
node1.example.com
node2.example.com
[root@server ~]# hostnamectl set-hostname server.examle.com
其余两台也用同样方式改名
2
[root@server ~]# nmcli c modify ens160 ipv4.addresses 192.168.48.100/24 ipv4.gateway 192.168.48.2 ipv4.dns 8.8.8.8 ipv4.method manual
[root@server ~]# nmcli c up ens160[root@server ~]# nmcli c show ens160 | grep method
ipv4.method: manual
ipv6.method: auto
proxy.method: none将其改为手动,其余两台也用同样方式
3。将三台机器ip映射关系写入(三台同样操作)
[root@server ~]# echo 192.168.30.133 server.example.com >> /etc/hosts
[root@server ~]# echo 192.168.30.137 node1.example.com >> /etc/hosts
[root@server ~]# echo 192.168.30.136 node2.example.com >> /etc/hosts
配置无密登录
控制主机
[root@server ~]# cd ~/.ssh/
[root@server .ssh]# ls -l
total 12
-rw-------. 1 root root 2610 Jul 24 11:17 id_rsa
-rw-r--r--. 1 root root 580 Jul 24 11:17 id_rsa.pub
-rw-r--r--. 1 root root 704 Aug 20 10:45 known_hosts
[root@server .ssh]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:7Z5Lr5pjXQ6RjZm2bJupf00c14YkqWcU9phSytta1T0 root@server.examle.com
The key's randomart image is:
+---[RSA 3072]----+
| +o |
| . +++...|
| +OoooE+|
| .O++.o =|
| Soo=o. + |
| .=o. o |
| o+B o |
| o+=oo . |
| .+=*+. |
+----[SHA256]-----+
[root@server .ssh]# ls -l
total 12
-rw-------. 1 root root 2610 Aug 20 11:00 id_rsa
-rw-r--r--. 1 root root 576 Aug 20 11:00 id_rsa.pub
-rw-r--r--. 1 root root 704 Aug 20 10:45 known_hosts[root@server .ssh]# ssh-copy-id root@node1.example.com
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'node1.example.com (192.168.48.128)' can't be established.
ECDSA key fingerprint is SHA256:xwnutrXDo50urWrwZvTy9MnhkXVrw/OottfsVm2G+gQ.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node1.example.com's password:Number of key(s) added: 1
再检查是否可以免密登录[root@server ~]# ssh root@node1.example.com
Activate the web console with: systemctl enable --now cockpit.socketThis system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --registerLast login: Sat Aug 20 13:21:39 2022 from 192.168.48.1
[root@node1 ~]# exit
logout
Connection to node1.example.com closed.
[root@server ~]#
安装ansible
控制主机
[root@server yum.repos.d]# yum install -y https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm
[root@server yum.repos.d]# yum install ansible -y[root@server ~]# vim /etc/ansible/ansible.cfg
[root@server yum.repos.d]# vim /etc/ansible/hosts
扫一扫
2310
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
