SUSE Linux 11編譯安裝Ansible自動化運維管理工具
Ansible是一個使用Python語言開發的Linux平臺下的自動化運維管理工具,它支持遠程管理絕大多數Linux或Windows主機。Ansible默認通過SSH協議管理機器,即只需要在管理主機上安裝Ansible就可以遠程管理Linux主機,被托管節點主機不需要安裝。對於Windows機器則是通過與Windows的Winrm Service服務(PowerShell3.0需要以上的版本)進行遠程管理。
Ansible需要Python2.6或Python2.7以上(包括3.0以上)的版本支持,目前大多數Linux發行版都默認安裝了Python2.6以上的版本。安裝Ansible有多種安裝方式,比如
在本文中,將介紹如何在SUSE Linux Enterprise Server 11 SP3上進行編譯安裝Ansible,並使用SUSE作為管理主機。
編譯安裝Ansible步驟
1. 安裝Python2.7
2. 安裝Setuptools37
3. 安裝OpenSSL 1.0.2l
4. 安裝Python Pypi模塊
5. 安裝Ansible
6. 配置SSH密鑰
7. 遠程執行命令
安裝前的準備
為了能夠順利完成在SUSE上編譯安裝軟件,我們最好在系統安裝完之後,添加一個本地的zypper安裝源,它是SUSE的安裝鏡像文件或SDK鏡像文件,裏面包含了系統所有的系統基礎軟件,如編譯軟件、devel開發包、glibc、頭文件、庫文件等。
添加ISO鏡像源
# zypper in http://172.16.10.6/iso/SLES-11-SP3-x86_64/ SLES-11-SP3-x86_64
添加軟件開發工具包(SDK)源
# zypper in http://172.16.10.6/iso/SLE-11-SP3-SDK-DVD1/ SLE-11-SP3-SDK-DVD1
當然,也可以將需要安裝的包都直接下載下來傳到主機上
linux-69rz:/usr/local/src/ansible_source # ls Babel-2.3.2.tar.gz cffi-1.10.0.tar.gz paramiko-2.2.2.tar.gz Jinja2-2.9.6.tar.gz cryptography-2.1.3.tar.gz pyasn1-0.4.2.tar.gz MarkupSafe-0.23.tar.gz ecdsa-0.12.tar.gz pycparser-2.18.tar.gz PyNaCl-1.2.0.tar.gz enum34-1.1.5.tar.gz pycrypto-2.6.tar.gz PyYAML-3.12.tar.gz idna-2.5.tar.gz pycurl-7.19.3.1.tar.gz Python-2.7.14.tgz ipaddress-1.0.12.tar.gz pytz-2016.6.tar.gz ansible-2.3.2.0.tar.gz libffi-3.2.1.tar.gz setuptools-37.0.0.zip ansible-2.4.1.0.tar.gz libopenssl-devel-0.9.8j-0.50.1.x86_64.rpm simplejson-3.8.2.tar.gz asn1crypto-0.23.0.tar.gz openssl-1.0.2l.tar.gz six-1.11.0.tar.gz bcrypt-3.1.4.tar.gz pam-devel-1.1.5-0.10.17.x86_64.rpm zlib-devel-1.2.7-0.10.128.x86_64.rpm
1、安裝Python2.7
下載Python https://www.python.org/downloads/
用tar解壓並編譯安裝
# tar -zxf Python-2.7.14.tgz # ./configure --prefix=/usr/local/python2.7 # make && make install
替換舊版本的Python環境變量、庫文件等
# rm -rf /usr/bin/python #刪除舊版本/usr/bin下的python執行程序 # rm -rf /usr/lib64/python #刪除舊版本的/usr/lib64下的python庫目錄
創建Python2.7程序與lib文件軟鏈接
# ln -s /usr/local/python2.7/bin/python2.7 /usr/bin/python2.7 # ln -s /usr/bin/python2.7 /usr/bin/python # ln -s /usr/local/python2.7/lib/python2.7 /usr/lib64/python2.7 # ln -s /usr/lib64/python2.7 /usr/lib64/python # ln -s /usr/local/python2.7/include/python2.7 /usr/include/python2.7
安裝完後使用python -V查看當前系統的默認Python版本
# python -V Python 2.7.14
2、安裝Setuptools37
下載Setuptools https://pypi.python.org/pypi/setuptools
解壓並使用python setup.py install進行安裝
# unzip setuptools-37.0.0.zip # cd setuptools-37.0.0/ # python setup.py install ... creating build/bdist.linux-x86_64/egg/EGG-INFO copying setuptools.egg-info/PKG-INFO -> build/bdist.linux-x86_64/egg/EGG-INFO copying setuptools.egg-info/SOURCES.txt -> build/bdist.linux-x86_64/egg/EGG-INFO copying setuptools.egg-info/dependency_links.txt -> build/bdist.linux-x86_64/egg/EGG-INFO copying setuptools.egg-info/entry_points.txt -> build/bdist.linux-x86_64/egg/EGG-INFO copying setuptools.egg-info/requires.txt -> build/bdist.linux-x86_64/egg/EGG-INFO copying setuptools.egg-info/top_level.txt -> build/bdist.linux-x86_64/egg/EGG-INFO copying setuptools.egg-info/zip-safe -> build/bdist.linux-x86_64/egg/EGG-INFO creating dist creating 'dist/setuptools-37.0.0-py2.7.egg' and adding 'build/bdist.linux-x86_64/egg' to it removing 'build/bdist.linux-x86_64/egg' (and everything under it) Processing setuptools-37.0.0-py2.7.egg Copying setuptools-37.0.0-py2.7.egg to /usr/local/python2.7/lib/python2.7/site-packages Adding setuptools 37.0.0 to easy-install.pth file Installing easy_install script to /usr/local/python2.7/bin Installing easy_install-2.7 script to /usr/local/python2.7/bin Installed /usr/local/python2.7/lib/python2.7/site-packages/setuptools-37.0.0-py2.7.egg Processing dependencies for setuptools==37.0.0 Finished processing dependencies for setuptools==37.0.0
3、安裝OpenSSL 1.0.2l
下載 OpenSSL https://www.openssl.org/
安裝pam-devel、zlib-devel
# rpm -ivh zlib-devel-1.2.7-0.10.128.x86_64.rpm # rpm -ivh pam-devel-1.1.5-0.10.17.x86_64.rpm
安裝OpenSSL
# tar -zxf openssl-1.0.2l.tar.gz # cd openssl-1.0.2l/ # mv /etc/ssl /etc/ssl_rpm # ./config --prefix=/usr/local/openssl --openssldir=/etc/ssl shared zlib zlib-dynamic # make && make install
備份舊版本的openssl
# mkdir /usr/local/openssl_rpm_bak # mv /usr/bin/openssl /usr/local/openssl_rpm_bak/usr_bin_openssl # mv /usr/include/openssl /usr/local/openssl_rpm_bak/usr_include_openssl
創建或鏈接新版本的OpenSSL程序以及庫文件
# ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl # ln -s /usr/local/openssl/include/openssl /usr/include/openssl # mkdir -pv /usr/lib64/openssl # ln -s /usr/local/openssl/lib/engines /usr/lib64/openssl/engines # echo "/usr/local/openssl/lib" >> /etc/ld.so.conf # ldconfig
查看OpenSSL版本信息
# openssl version OpenSSL 1.0.2l 25 May 2017
4、安裝Python Pypi模塊
1) Pycparser
安裝pycparser https://pypi.python.org/simple/pycparser/
# tar -zxf pycparser-2.18.tar.gz # cd pycparser-2.18/ # python setup.py install
2) cffi
安裝cffi Python模塊之前,需要先安裝libffi
安裝Libffi(http://sourceware.org/libffi/)
# tar -zxf libffi-3.2.1.tar.gz # ./configure && make && make install
安裝 cffi (https://pypi.python.org/simple/cffi/)
# tar zxf cffi-1.10.0.tar.gz # cd cffi-1.10.0/ # python setup.py install
3) ipaddress
安裝ipaddress( https://pypi.python.org/simple/ipaddress/)
# tar -zxf ipaddress-1.0.12.tar.gz # cd ipaddress-1.0.12/ # python setup.py install
4) enum34
安裝enum34 (https://pypi.python.org/simple/enum34/)
# tar -zxf enum34-1.1.5.tar.gz # cd enum34-1.1.5/ # python setup.py install
5) six
安裝six https://pypi.python.org/simple/six/
# tar -zxf six-1.11.0.tar.gz # cd six-1.11.0/ # python setup.py install
6) asn1crypto
安裝asn1crypto https://pypi.python.org/simple/asn1crypto/
# tar -zxf asn1crypto-0.23.0.tar.gz # cd asn1crypto-0.23.0/ # python setup.py install
7) idna
安裝idna https://pypi.python.org/simple/idna/
# tar -zxf idna-2.5.tar.gz # cd idna-2.5/ # python setup.py install
8) cryptography
安裝cryptography https://pypi.python.org/simple/cryptography/
# tar -zxf cryptography-2.1.3.tar.gz # cd cryptography-2.1.3/ # python setup.py install
9) pyasn1
安裝pyasn1 https://pypi.python.org/simple/pyasn1/
# tar -zxf pyasn1-0.4.2.tar.gz # cd pyasn1-0.4.2/ # python setup.py install
10) PyYAML
安裝PyYAML https://pypi.python.org/simple/PyYAML/
# tar -zxf PyYAML-3.12.tar.gz # cd PyYAML-3.12/ # python setup.py install
11) MarkupSafe
安裝MarkupSafe https://pypi.python.org/simple/MarkupSafe/
# tar -zxf MarkupSafe-0.23.tar.gz # cd MarkupSafe-0.23/ # python setup.py install
12) jinja2
安裝jinja2 https://pypi.python.org/simple/jinja2/
# tar -zxf Jinja2-2.9.6.tar.gz # cd Jinja2-2.9.6/ # python setup.py install
13) simplejson
安裝simplejson https://pypi.python.org/simple/simplejson/
# tar -zxf simplejson-3.8.2.tar.gz # cd simplejson-3.8.2/ # python setup.py install
14) bcrypt
安裝bcrypt https://pypi.python.org/simple/bcrypt/
# tar -zxf bcrypt-3.1.4.tar.gz # cd bcrypt-3.1.4/ # python setup.py install
15) pynacl
安裝pynacl https://pypi.python.org/simple/pynacl/
# tar -zxf PyNaCl-1.2.0.tar.gz # cd PyNaCl-1.2.0/ # python setup.py install
16) pycurl
安裝pycurl https://pypi.python.org/simple/pycurl/
# tar -zxf pycurl-7.19.3.1.tar.gz # cd pycurl-7.19.3.1/ # python setup.py install
17) paramiko
安裝paramiko https://pypi.python.org/simple/paramiko/
# tar -zxf paramiko-2.2.2.tar.gz # cd paramiko-2.2.2/ # python setup.py install
18) pytz
安裝pytz https://pypi.python.org/simple/pytz/
# tar -zxf pytz-2016.6.tar.gz # cd pytz-2016.6/ # python setup.py install
19) babel
安裝babel https://pypi.python.org/simple/babel/
# tar -zxf Babel-2.3.2.tar.gz # cd Babel-2.3.2/ # python setup.py install
20) pycrypto
安裝pycrypto https://pypi.python.org/simple/pycrypto/
# tar -zxf pycrypto-2.6.tar.gz # cd pycrypto-2.6/ # python setup.py install
21) ecdsa
安裝ecdsa https://pypi.python.org/simple/ecdsa/
# tar -zxf ecdsa-0.12.tar.gz # cd ecdsa-0.12/ # python setup.py install
5、安裝Ansible
下載Ansible最新版本的源碼包 https://pypi.python.org/pypi/ansible
# tar -zxf ansible-2.4.1.0.tar.gz -C /usr/local/ # cd /usr/local/ansible-2.4.1.0/ # python setup.py install
到這Ansible就安裝完成了,可以看到Ansible僅僅是作為一個Python的一個Pypi模塊被安裝使用。相當簡單。
接下來創建Ansible配置文件就大功告成了,Ansible的主配置文件目錄為/etc/ansible/。我們將配置文件重源碼包裏拷貝到個目錄下:
# mkdir /etc/ansible linux-69rz:/usr/local/ansible-2.4.1.0 # cp examples/hosts /etc/ansible/ linux-69rz:/usr/local/ansible-2.4.1.0 # cp examples/ansible.cfg /etc/ansible/
我們在/etc/ansible/hosts文件下添加被管理節點的主機或主機組的連接信息,打開這個文件在末尾添加一個組名為[hosts]的組:
#/etc/ansible/hosts END [hosts] 172.16.10.31 172.16.10.32
6、配置SSH密鑰
在Ansible管理主機上配置SSH密鑰,我們創建一個rsa類型,字節長度為2048的密鑰
linux-69rz:/usr/local/ansible-2.4.1.0 # ssh-keygen -t rsa -b 2048 Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: 5d:f1:b9:79:4c:62:13:08:f5:9b:ba:2a:67:09:5c:91 [MD5] root@linux-69rz The key's randomart image is: +--[ RSA 2048]----+ | .+o.. | | E .+ o | | .. B .| | ... . X | | .S.. = o| | o . . | | . .. | | . + . | | +... | +--[MD5]----------+
將SSH密鑰發送到被管理節點主機上
linux-69rz:/usr/local/ansible-2.4.1.0 # ssh-copy-id -i ~/.ssh/id_rsa.pub 172.16.10.31 linux-69rz:/usr/local/ansible-2.4.1.0 # ssh-copy-id -i ~/.ssh/id_rsa.pub 172.16.10.32
7、遠程執行命令
那麽在編譯安裝完Ansible之後,我們來測試一下是否能正常使用
linux-69rz:/usr/local/ansible-2.4.1.0 # cp bin/ansible /usr/bin/
linux-69rz:/usr/local/ansible-2.4.1.0 # cp bin/ansible-playbook
linux-69rz:/usr/local/ansible-2.4.1.0 # ansible 172.16.10.31 -m ping
172.16.10.31 | SUCCESS => {
"changed": false,
"failed": false,
"ping": "pong"
}
linux-69rz:/usr/local/ansible-2.4.1.0 # ansible 172.16.10.31 -m shell -a "hostname"
172.16.10.31 | SUCCESS | rc=0 >>
linux-fkvyOK, 看上去安裝已經完美通過了。來總結一下:
~ Ansible支持絕大多數Linux發行版的安裝,如RHEL、SUSE、Ubuntu、Gentoo、FreeBSD、Arch Linux、或者Mac OS等
~ 只有Linux主機才能被作為Ansibe的管理主機,Windows可以被Ansible遠程管理
~ 編譯安裝Ansible時,需要升級Python至2.7以上的版本,並且需要升級OpenSSL軟件(同樣適用於其他Linux版本的編譯安裝)
~ 編譯安裝Ansibe後,需要手動創建Ansible的配置文件
SUSE Linux 11編譯安裝Ansible自動化運維管理工具