ansible的安裝以及相關設定
阿新 • • 發佈:2018-12-22
環境
CentOS 7.2
Python 2.7.5
檢視python版本
[[email protected] ~]# python -V Python 2.7.5
安裝ansible
通過Yum安裝RPMs適用於EPEL6,7, 以及仍在支援中的Fedora發行版。
託管節點的作業系統版本可以是更早的版本(如 EL5), 但必須安裝 Python 2.4 或更高版本的Python。
安裝方式一
Fedora 使用者可直接安裝Ansible,但RHEL或CentOS使用者需要配置EPEL[此處使用下面的方式進行配置]:
【備註:】如果安裝epel-release無法成功的話,那麼說明在/etc/yum.repos.d中的CentOS-Base.repo可能被設定成bak或者其他別的原因
安裝epel-release
yum install epel-release -y
安裝ansible
yum install ansible -y
檢視ansible的版本號
[[email protected] yum.repos.d]# ansible --version ansible 2.7.5 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible python version = 2.7.5 (default, Nov 20 2015, 02:00:19) [GCC 4.8.5 20150623 (Red Hat 4.8.5-4)]
ansible的配置檔案介紹
[[email protected] yum.repos.d]# cd /etc/ansible/ [[email protected]ansible]# ll 總用量 24 -rw-r--r-- 1 root root 20277 12月 14 2018 ansible.cfg #配置檔案 -rw-r--r-- 1 root root 1016 12月 14 2018 hosts #管控主機的檔案 drwxr-xr-x 2 root root 6 12月 14 2018 roles
ansible配置主機清單
ansible通過讀取預設主機清單/etc/ansible/hosts檔案,修改主機與組配置後,可同時連線到多個被管理主機上執行任務。具體配置如下:
[[email protected] ansible]# cat hosts # This is the default ansible 'hosts' file. # # It should live in /etc/ansible/hosts # # - Comments begin with the '#' character # - Blank lines are ignored # - Groups of hosts are delimited by [header] elements # - You can enter hostnames or ip addresses # - A hostname/ip can be a member of multiple groups # Ex 1: Ungrouped hosts, specify before any group headers. ## green.example.com ## blue.example.com ## 192.168.100.1 ## 192.168.100.10 # Ex 2: A collection of hosts belonging to the 'webservers' group ## [webservers] ## alpha.example.org ## beta.example.org ## 192.168.1.100 ## 192.168.1.110 # If you have multiple hosts following a pattern you can specify # them like this: ## www[001:006].example.com # Ex 3: A collection of database servers in the 'dbservers' group ## [dbservers] ## ## db01.intranet.mydomain.net ## db02.intranet.mydomain.net ## 10.25.1.56 ## 10.25.1.57 # Here's another example of host ranges, this time there are no # leading 0s: ## db-[99:101]-node.example.com [master] 192.168.17.221 [agent] 192.168.17.222 192.168.17.223 [[email protected] ansible]# [[email protected] ansible]# clear [[email protected] ansible]# cat hosts # This is the default ansible 'hosts' file. # # It should live in /etc/ansible/hosts # # - Comments begin with the '#' character # - Blank lines are ignored # - Groups of hosts are delimited by [header] elements # - You can enter hostnames or ip addresses # - A hostname/ip can be a member of multiple groups # Ex 1: Ungrouped hosts, specify before any group headers. ## green.example.com ## blue.example.com ## 192.168.100.1 ## 192.168.100.10 # Ex 2: A collection of hosts belonging to the 'webservers' group ## [webservers] ## alpha.example.org ## beta.example.org ## 192.168.1.100 ## 192.168.1.110 # If you have multiple hosts following a pattern you can specify # them like this: ## www[001:006].example.com # Ex 3: A collection of database servers in the 'dbservers' group ## [dbservers] ## ## db01.intranet.mydomain.net ## db02.intranet.mydomain.net ## 10.25.1.56 ## 10.25.1.57 # Here's another example of host ranges, this time there are no # leading 0s: ## db-[99:101]-node.example.com [master] 192.168.17.221 [agent] 192.168.17.222 192.168.17.223
在末尾新增master和agent相關的內容。
設定ssh無密碼登入
設定免密碼登入
ssh-keygen -t rsa ssh-copy-id [email protected]192.168.199.130 ssh-copy-id [email protected]192.168.199.131
執行命令
[[email protected] .ssh]# ansible all -m ping The authenticity of host '192.168.17.221 (192.168.17.221)' can't be established. ECDSA key fingerprint is c5:76:ed:2e:c8:6b:85:25:0b:d7:b4:8f:12:66:72:1f. Are you sure you want to continue connecting (yes/no)? yes 192.168.17.221 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.17.221' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n", "unreachable": true } 192.168.17.222 | SUCCESS => { "changed": false, "ping": "pong" } 192.168.17.223 | SUCCESS => { "changed": false, "ping": "pong" }
成功!
問題解決
從上面我們可以看到,192.168.17.221這一臺出現了問題,並不能執行成功,此時可以在/etc/ansible/hosts的基礎上新增相關內容如下:
## db-[99:101]-node.example.com [master] 192.168.17.221 ansible_connection=ssh ansible_ssh_user=root ansible_ssh_pass=123456 [agent] 192.168.17.222 192.168.17.223
堅壁清野