##ansible集中化自動管理

目標：1、生成公鑰，並上傳ssh的公鑰到被控端主機

2、在ansible的主控端配置本地yum源和網絡yum源

3、安裝ansible，用ansible上傳yum源目錄到被控端主機。

4、用ansible管理被控端主機的系統、軟件和服務。

5、用playbooks劇本(yaml腳本文件)來管理被控端。

各種網絡yum倉庫：

6zabbix-2.4: rpm -ivh http://repo.zabbix.com/zabbix/2.4/rhel/6/x86_64/zabbix-release-2.4-1.el6.noarch.rpm

6zabbix-3.2(兼容性不好，可能無法安裝): http://repo.zabbix.com/zabbix/3.4/rhel/6/x86_64/

7zabbix-2.4: rpm -ivh http://repo.zabbix.com/zabbix/2.4/rhel/7/x86_64/zabbix-release-2.4-1.el7.noarch.rpm

7zabbix-3.2: rpm -ivh http://repo.zabbix.com/zabbix/3.4/rhel/7/x86_64/zabbix-release-3.4-1.el7.centos.noarch.rpm

centos6: wget -O /etc/yum.repos.d/6CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo

6epel源：wget -O /etc/yum.repos.d/6epel.repo http://mirrors.aliyun.com/repo/epel-6.repo

centos7: wget -O /etc/yum.repos.d/7CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

7epel源：wget -O /etc/yum.repos.d/7epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

網絡環境：

asible主控端：192.168.10.1

ansible被控端：192.168.10.10~192.168.10.20

具體實施：

1、生成公鑰，並上傳ssh的公鑰到被控端主機

第1步，在asible主控端生成公鑰。

ssh-keygen -t rsa -f ~/.ssh/id_rsa -N ‘‘

yum install -y expect

第2步，批量上傳公鑰到被控端。

for i in 11

do

ssh-copy-id [email protected]$i

ssh [email protected]$i ip a

done

ssh-add

sed -ri ‘/^#UseDNS/c\UseDNS no‘ /etc/ssh/sshd_config

sed -ri ‘/^GSSAPIAuthentication/c\GSSAPIAuthentication no‘ /etc/ssh/sshd_config

grep -En ‘^UseDNS|^GSSAPIAuth‘ /etc/ssh/sshd_config

2、在ansible的主控端配置本地yum源和網絡yum源。

cd /etc/yum.repos.d

mkdir -pv bak

mv -vf *.repo bak/

wget -O /etc/yum.repos.d/6epel.repo http://mirrors.aliyun.com/repo/epel-6.repo

wget -O /etc/yum.repos.d/6CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo

rpm -ivh http://repo.zabbix.com/zabbix/2.4/rhel/6/x86_64/zabbix-release-2.4-1.el6.noarch.rpm

sed -ri ‘s/\$releasever/6/g‘ 6CentOS-Base.repo

cat > rhel6.5.repo <<-EOF

[rhel6.5]

name=Red Hat Enterprise Linux $releasever - $basearch - Source

baseurl=file:///dvd

enabled=1

gpgcheck=0

EOF

yum clean all

yum makecache fast

yum list zabbix ansible

yum install zabbix-server-mysql zabbix-web-mysql zabbix-agent --enablerepo=zabbix -y

rpm -qa |grep zabbix

3、安裝ansible，用ansible上傳yum源到被控端主機。

yum install -y ansible

yum install -y curl elinks lynx createrepo

grep -b2 ‘^\[test\]‘ /etc/ansible/hosts || echo -e ‘[test]\n192.168.10.11\n192.168.10.12‘ >> /etc/ansible/hosts

ansible test -m ping

ansible test -m copy -a ‘src=/etc/ssh/sshd_config dest=/etc/ssh/‘

ansible test -m shell -a ‘service sshd restart‘

ansible test -m shell -a ‘rm -rf /etc/yum.repos.d/*;ls /etc/yum.repos.d/‘

ansible test -m copy -a ‘src=/etc/yum.repos.d/ dest=/etc/yum.repos.d/ force=yes mode=755‘

ansible test -m shell -a ‘ls /etc/yum.repos.d‘

4、用ansible管理被控端主機的系統、軟件和服務。

ansible test -m shell -a ‘rpm -q httpd mysql-server php‘

ansible test -m yum -a ‘name=httpd state=present‘

ansible test -m yum -a ‘name=mysql-server state=present‘

ansible test -m yum -a ‘name=php state=present‘

ansible test -m shell -a ‘rpm -q httpd mysql-server php‘

ansible test -m service -a ‘name=httpd state=restarted enabled=1‘

ansible test -m service -a ‘name=mysqld state=restarted enabled=1‘

ansible test -m shell -a ‘yum install -y curl elinks lynx createrepo --enablerepo=rhel6.5‘

ansible test -m shell -a ‘rpm -q curl elinks lynx createrepo‘

ansible test -m shell -a "echo ‘<?php phpinfo() ?>‘ > /var/www/html/p.php"

ansible test -m shell -a "echo ‘apache test‘ > /var/www/html/a.html"

ansible test -m shell -a ‘curl 127.0.0.1/a.html‘

ansible test -m shell -a ‘mysql -e "grant all on *.* to admin identified by ‘admin with grant option;flush privileges‘"‘

ansible test -m shell -a ‘mysql -uadmin -padmin -e "show databases;select user,host,password from mysql.user;"‘

5、用playbooks劇本(yaml腳本文件)來管理被控端。

目標1：編寫一個playbooks劇本install_lamp.yaml，實現全自動部署LAMP環境。

vim install_lamp.yaml

- hosts: all

vars:

http_port: 80

remote_user: root

tasks:

- name: apache

yum: pkg=httpd state=present

notify:

- apache restart

- name: mysql-server

yum: pkg=mysql-server state=present

notify:

- mysqld restart

- name: php

yum: pkg=php state=present

handlers:

- name: apache restart

service: name=httpd state=restarted

- name: mysqld restart

service: name=mysqld state=restarted

運行劇本：ansible-playbook install_lamp.yaml

驗證：ansible test -m shell -a ‘rpm -q httpd mysql-server php‘

目標2：編寫一個playbooks劇本remove_lamp.yaml，實現全自動卸載LAMP環境。

vim remove_lamp.yaml

- hosts: all

vars:

http_port: 80

remote_user: root

tasks:

- name: apache

yum: pkg=httpd state=absent

- name: mysql-server

yum: pkg=mysql-server state=absent

- name: php

yum: pkg=php state=absent

運行劇本：ansible-playbook remove_lamp.yaml

驗證：ansible test -m shell -a ‘rpm -q httpd mysql-server php‘

本文出自 “網絡技術天地” 博客，請務必保留此出處http://1364952.blog.51cto.com/1354952/1958483

ansible集中化自動管理(部署LAMP環境)