Ansible安装及配置
2016-07-13 23:53
295 查看
ansible安装及配置
1、install the newest 'epel-release' package
el7 : rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
el6 : rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
2、install ansible
sudo yum install ansible
3、ansible 配置及测试
(1)修改主机与组配置
vi /etc/ansible/hosts
# This is the default ansible 'hosts' file.
#
# It should live in /etc/ansible/hosts
#
# - Comments begin with the '#' character
# - Blank lines are ignored
# - Groups of hosts are delimited by [header] elements
# - You can enter hostnames or ip addresses
# - A hostname/ip can be a member of multiple groups
# Ex 1: Ungrouped hosts, specify before any group headers.
## green.example.com
## blue.example.com
## 192.168.100.1
## 192.168.100.10
172.16.171.154
172.16.171.155
# Ex 2: A collection of hosts belonging to the 'webservers' group
## [webservers]
## alpha.example.org
## beta.example.org
## 192.168.1.100
## 192.168.1.110
172.16.171.154
172.16.171.155
# If you have multiple hosts following a pattern you can specify
# them like this:
## www[001:006].example.com
# Ex 3: A collection of database servers in the 'dbservers' group
## [dbservers]
##
## db01.intranet.mydomain.net
## db02.intranet.mydomain.net
## 10.25.1.56
## 10.25.1.57
# Here's another example of host ranges, this time there are no
# leading 0s:
## db-[99:101]-node.example.com
(2)通过ping模块测试主机的连通性,分别对单主机及组进行ping操作
单主机测试:
ansible 172.16.171.154 -m ping -k
由于主控端与被控主机为配置ssh证书信任,-k参数要求提供root账号密码,在提示“SSH password”时输入。
出现如下结果说明测试成功:
172.16.171.154 | SUCCESS => {
"changed": false,
"ping": "pong"
}
主机组测试:
ansible webservers -m ping -k
出现如下结果说明测试成功:
172.16.171.155 | SUCCESS => {
"changed": false,
"ping": "pong"
}
172.16.171.154 | SUCCESS => {
"changed": false,
"ping": "pong"
}
4、配置Linux主机SSH无密码访问
(1)主控端主机生成秘钥
ssh-keygen -t rsa (有询问直接回车)
执行该命令后会在/root/.ssh/下生成一对秘钥,其中id_rsa为私钥,id_rsa.pub为公钥(需要下发到被控主机用户的.ssh目录,同时重命名为authorized_keys文件)。
(2)同步公钥文件id_rsa.pub到被控主机,使用ssh-copy-id命令,格式:/usr/bin/ssh-copy-id [-i [identity_file]] [user@]host
ssh-copy-id -i /root/.ssh/id_rsa.pub root@172.16.171.154
(3)检验SSH无密码配置是否成功
ssh root@172.16.171.154
如果直接进入root账户,说明配置成功
1、install the newest 'epel-release' package
el7 : rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
el6 : rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
2、install ansible
sudo yum install ansible
3、ansible 配置及测试
(1)修改主机与组配置
vi /etc/ansible/hosts
# This is the default ansible 'hosts' file.
#
# It should live in /etc/ansible/hosts
#
# - Comments begin with the '#' character
# - Blank lines are ignored
# - Groups of hosts are delimited by [header] elements
# - You can enter hostnames or ip addresses
# - A hostname/ip can be a member of multiple groups
# Ex 1: Ungrouped hosts, specify before any group headers.
## green.example.com
## blue.example.com
## 192.168.100.1
## 192.168.100.10
172.16.171.154
172.16.171.155
# Ex 2: A collection of hosts belonging to the 'webservers' group
## [webservers]
## alpha.example.org
## beta.example.org
## 192.168.1.100
## 192.168.1.110
172.16.171.154
172.16.171.155
# If you have multiple hosts following a pattern you can specify
# them like this:
## www[001:006].example.com
# Ex 3: A collection of database servers in the 'dbservers' group
## [dbservers]
##
## db01.intranet.mydomain.net
## db02.intranet.mydomain.net
## 10.25.1.56
## 10.25.1.57
# Here's another example of host ranges, this time there are no
# leading 0s:
## db-[99:101]-node.example.com
(2)通过ping模块测试主机的连通性,分别对单主机及组进行ping操作
单主机测试:
ansible 172.16.171.154 -m ping -k
由于主控端与被控主机为配置ssh证书信任,-k参数要求提供root账号密码,在提示“SSH password”时输入。
出现如下结果说明测试成功:
172.16.171.154 | SUCCESS => {
"changed": false,
"ping": "pong"
}
主机组测试:
ansible webservers -m ping -k
出现如下结果说明测试成功:
172.16.171.155 | SUCCESS => {
"changed": false,
"ping": "pong"
}
172.16.171.154 | SUCCESS => {
"changed": false,
"ping": "pong"
}
4、配置Linux主机SSH无密码访问
(1)主控端主机生成秘钥
ssh-keygen -t rsa (有询问直接回车)
执行该命令后会在/root/.ssh/下生成一对秘钥,其中id_rsa为私钥,id_rsa.pub为公钥(需要下发到被控主机用户的.ssh目录,同时重命名为authorized_keys文件)。
(2)同步公钥文件id_rsa.pub到被控主机,使用ssh-copy-id命令,格式:/usr/bin/ssh-copy-id [-i [identity_file]] [user@]host
ssh-copy-id -i /root/.ssh/id_rsa.pub root@172.16.171.154
(3)检验SSH无密码配置是否成功
ssh root@172.16.171.154
如果直接进入root账户,说明配置成功
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 基于 ANSIBLE 自动化运维实践
- 集群运维自动化工具ansible之使用playbook安装zabbix客户端
- linux 自动化运维工具ansible的使用详细教程
- Python利用ansible分发处理任务
- Puppet,Chef,Ansible的共性
- Ansible中Playbook方法的标准输出定义
- Ansible之playbook自动完成硬盘分区,格式化,挂盘,并远程创建用户
- 关于ansible2.0版本的ansible-playbook方法的调用
- Ansible
- 自动化运维学习--python
- ansible常用模块用法
- ansible学习笔记(四):when在include中使用
- ansible学习记录
- 浅谈开源工具自动化运维阶段
- linux ansible 自动化部署工具
- 节点配置文件(Inventory) 详解
- Ansible 安装与简单使用
- 自动化运维工具ansible学习+使用ansible批量推送公钥到远程主机[学习马哥]
- ansible 批量安装zabbix_agentd