基於docker創建ansible以及管理容器節點
場景:在學習條件有限情況下,如果通過一臺VM來完成docker和ansible的學習
解決:先創建自定義鏡像-->構建多個ansible容器。
當然此法適用於其他類似場景。
VM環境:
OS:centos7 Docker version 1.12.3, build 6b644ec docker-compose version 1.8.1, build 878cff1
關鍵點:
Dockerfile 編寫優化
Docker-compose.yml 編寫
ansible-ssh 免密鑰登錄
容器間22端口互通
y準備工作
創建文件夾
mkdir -p /root/docker/ansible-demo && /root/docker/ansible-demo/volume2 && cd ~/docker/ansible-demo
創建dockerfile、docker-compose
Dockerfile 文件
# Set the base p_w_picpath to centos FROM centos:latest MAINTAINER osbing [email protected] #mount volume VOLUME ["/root/docker/ansible-demo/volume2"] ################## BEGIN INSTALLATION ###################### #install EPEL RUN rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm \ && rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 \ && yum install -y yum-priorities # Install #RUN yum clean all RUN yum install -y sudo RUN yum install -y \ net-tools \ openssh-clients \ openssh-server \ ansible \ vim ################## END INSTALLATION ###################### # 將sshd的UsePAM參數設置成no RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config # 修改root用戶密碼 RUN echo "root:benny"|chpasswd RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key # 啓動sshd服務並且暴露22端口 RUN mkdir /var/run/sshd EXPOSE 22 ENTRYPOINT ["/usr/sbin/sshd","-D"]
# no cache創建鏡像 #ddocker build --no-cache -t osbing/centos_sshd:0.2 . # 創建容器。特權模式--privileged=true docker run -d -p 9021:22 --privileged=true --name ansible-controller1 osbing/centos_sshd:0.2 docker run -d -p 9021:22 --privileged=true --name ansible-controller osbing/centos_sshd:0.2 docker run -d -p 9022:22 --privileged=true --name ansible-node2 osbing/centos_sshd:0.2 docker run -d -p 9023:22 --privileged=true --name ansible-node3 osbing/centos_sshd:0.2
或者使用Docker-compose文件創建容器
ansible-controller: p_w_picpath: osbing/centos_sshd:0.2 ports: - "9021:22" environment: HOSTNAME:ansible-controller ansible-node2: p_w_picpath: osbing/centos_sshd:0.2 ports: - "9022:22" environment: HOSTNAME:ansible-node2 ansible-node3: p_w_picpath: osbing/centos_sshd:0.2 ports: - "9023:22" environment: HOSTNAME:ansible-node3
ssh連接到ansible-controller進行配置和管理節點
# ssh連接到ansible-controller 進行修改 ssh [email protected] -p 9021
vim /etc/ansible/hosts
![[test-servers] 172.17.6.12 172.17.0.13 172.17.e.14](https://s3.51cto.com/wyfs02/M00/8B/24/wKioL1hFxRTREnMgAAAsJoD9cK4749.png-wh_500x0-wm_3-wmp_4-s_2527173316.png "snipaste20161206_033817.png")
# 生成公鑰 ssh-keygen
拷貝公鑰到被管理節點的主機上
# ssh-copy-id 拷貝公鑰到被管理節點的主機上 ssh-copy-id -i [email protected] ssh-copy-id -i [email protected] ssh-copy-id -i [email protected]
嘗試在Ansible服務端運行命令
例子1:檢查Ansible節點的運行時間(uptime)
#ping測試 ansible -m ping "test-servers"
#獲取系統運行時間 ansible 'test-servers' -m command -a "uptime"
例子2:檢查節點的內核版本
#獲取內核版本 ansible 'test-ser
例子3:給節點增加用戶
#增加用戶 ansible "test-servers" -m command -a "useradd mark" ansible "test-servers" -m command -a "grep mark /etc/passwd"
例子4:重定向輸出到文件中
[root@c9db9b7e94b0 ansible]# ansible "test-servers" -m command -a "df -Th" > /tmp/command-output.txt [root@c9db9b7e94b0 ansible]# cat /tmp/command-output.txt
END