Ansible自動化運維
Ansible的基本配置
安裝ansible
掛載光盤
[root@centos01 ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 寫保護,將以只讀方式掛載
更改yum源位置
[root@centos01 ~]# vim /etc/yum.repos.d/local.repo
baseurl=file:///mnt/ansiblerepo/ansiblerepo
安裝ansible
[root@centos01 ~]# yum -y install ansible
配置ansible客戶端,創建管理組bdqn
[root@centos01 ~]# vim /etc/ansible/hosts
192.168.100.30
192.168.100.20
[bdqn]
192.168.100.20
192.168.100.30
配置無交互管理,服務器生成公鑰
[root@centos01 ~]# ssh-keygen -t rsa
上傳公鑰到客戶端
[root@centos01 ~]# ssh-copy-id -i .ssh/id_rsa.pub [email protected]
[root@centos01 ~]# ssh-copy-id -i .ssh/id_rsa.pub [email protected]
測試ssh無需密碼驗證
[root@centos01 ~]# ssh [email protected]
Last login: Sun Dec 22 18:17:13 2019 from 192.168.100.254
[root@centos02 ~]# exit
登出
Connection to 192.168.100.20 closed.
[root@centos01 ~]# ssh [email protected]
Last login: Mon Dec 23 02:17:14 2019 from 192.168.100.254
[root@centos03 ~]# exit
登出
Connection to 192.168.100.30 closed.
Ansible模塊的使用
ping模塊
使用ping命令測試客戶端通信
[root@centos01 ~]# ansible bdqn -m ping
192.168.100.20 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
192.168.100.30 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
ansible-console模塊
切換到組
[root@centos01 ~]# ansible-console
Welcome to the ansible console.
Type help or ? to list commands.
root@all (2)[f:5]$ cd bdqn
root@bdqn (2)[f:5]$
查看羣組中的計算機
root@bdqn (2)[f:5]$ list
192.168.100.20
192.168.100.30
ansible-doc模塊(q退出)
使用幫助文檔查看command模塊幫助文檔
[root@centos01 ~]# ansible-doc command
使用幫助文檔查看shell模塊幫助文檔
[root@centos01 ~]# ansible-doc shell
ansible-command模塊(不支持管道符重定向)
查詢bdqn組中主機磁盤空間使用情況
[root@centos01 ~]# ansible bdqn -m command -a “df -Th”
192.168.100.30 | SUCCESS | rc=0 >>
文件系統 類型 容量 已用 可用 已用% 掛載點
/dev/sda3 xfs 78G 3.6G 75G 5% /
devtmpfs devtmpfs 474M 0 474M 0% /dev
tmpfs tmpfs 489M 0 489M 0% /dev/shm
tmpfs tmpfs 489M 7.0M 482M 2% /run
tmpfs tmpfs 489M 0 489M 0% /sys/fs/cgroup
/dev/sda1 xfs 197M 136M 61M 70% /boot
tmpfs tmpfs 98M 0 98M 0% /run/user/0
192.168.100.20 | SUCCESS | rc=0 >>
文件系統 類型 容量 已用 可用 已用% 掛載點
/dev/sda3 xfs 78G 3.6G 75G 5% /
devtmpfs devtmpfs 474M 0 474M 0% /dev
tmpfs tmpfs 489M 0 489M 0% /dev/shm
tmpfs tmpfs 489M 7.0M 482M 2% /run
tmpfs tmpfs 489M 0 489M 0% /sys/fs/cgroup
/dev/sda1 xfs 197M 136M 61M 70% /boot
tmpfs tmpfs 98M 0 98M 0% /run/user/0
批量重新啓動計算機
[root@centos01 ~]# ansible web -m command -a “reboot”
複製文件到bdqn主機
[root@centos01 ~]# ansible bdqn -m command -a “cp /etc/hosts /root/1.hosts”
查看客戶端
[root@centos02 ~]# ls
1.hosts anaconda-ks.cfg initial-setup-ks.cfg
[root@centos03 ~]# ls
- hosts anaconda-ks.cfg initial-setup-ks.cfg
切換到根目錄並查看
[root@centos01 ~]# ansible bdqn -m command -a “chdir=/ ls ./”
192.168.100.20 | SUCCESS | rc=0 >>
bin
boot
dev
etc
home
lib
lib64
media
mnt
opt
192.168.100.30 | SUCCESS | rc=0 >>
bin
boot
dev
etc
home
lib
lib64
media
mnt
opt
proc
var
shell模塊(支持管道符重定向)
重定向輸出到bdqn組客戶端的root目錄1.txt
[root@centos01 ~]# ansible bdqn -m shell -a “echo Hello > /root/1.txt”
客戶端查看文檔
[root@centos02 ~]# cat /root/1.txt
Hello
[root@centos03 ~]# cat /root/1.txt
Hello
查看bdqn組的sshd服務
[root@centos01 ~]# ansible bdqn -m shell -a “netstat -anptu | grep sshd”
192.168.100.30 | SUCCESS | rc=0 >>
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 862/sshd
tcp 0 0 192.168.100.30:22 192.168.100.10:43596 ESTABLISHED 1914/sshd: root@pts
tcp 0 0 192.168.100.30:22 192.168.100.254:50947 ESTABLISHED 1124/sshd: root@pts
tcp6 0 0 :::22 ::😗 LISTEN 862/sshd
192.168.100.20 | SUCCESS | rc=0 >>
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 867/sshd
tcp 0 0 192.168.100.20:22 192.168.100.254:50942 ESTABLISHED 1132/sshd: root@pts
tcp 0 0 192.168.100.20:22 192.168.100.10:37954 ESTABLISHED 1911/sshd: root@pts
tcp6 0 0 :::22 ::😗 LISTEN 867/sshd
查看服務運行狀態
[root@centos01 ~]# ansible bdqn -m shell -a “systemctl status sshd”
copy模塊
複製數據到bdqn組中客戶端
[root@centos01 ~]# ansible bdqn -m copy -a “src=/etc/hosts dest=/root/hosts.txt mode=777 owner=root group=root”
客戶端查看
[root@centos02 ~]# ll
-rwxrwxrwx 1 root root 158 12月 22 18:46 hosts.txt
[root@centos03 ~]# ll
-rwxrwxrwx 1 root root 158 12月 22 18:46 hosts.txt
hostname模塊
修改100.20計算機名bdqn
[root@centos01 ~]# ansible 192.168.100.20 -m hostname -a “name=bdqn”
客戶端查看
[root@centos02 ~]# bash
[root@bdqn ~]#
yum模塊
批量化掛載光盤
[root@centos01 ~]# ansible bdqn -m shell -a “mount /dev/cdrom /mnt/”
[WARNING]: Consider using mount module rather than running mount
192.168.100.20 | SUCCESS | rc=0 >>
mount: /dev/sr0 寫保護,將以只讀方式掛載
192.168.100.30 | SUCCESS | rc=0 >>
mount: /dev/sr0 寫保護,將以只讀方式掛載
批量化安裝程序httpd
[root@centos01 ~]# ansible bdqn -m yum -a “name=httpd state=present”
查看安裝的程序包
[root@centos01 ~]# ansible bdqn -m shell -a “rpm -qa | grep httpd”
[WARNING]: Consider using yum, dnf or zypper module rather than running rpm
192.168.100.30 | SUCCESS | rc=0 >>
httpd-2.4.6-67.el7.centos.x86_64
httpd-tools-2.4.6-67.el7.centos.x86_64
192.168.100.20 | SUCCESS | rc=0 >>
httpd-2.4.6-67.el7.centos.x86_64
httpd-tools-2.4.6-67.el7.centos.x86_64
批量啓動服務
[root@centos01 ~]# ansible bdqn -m shell -a “systemctl start httpd”
監聽端口號
[root@centos01 ~]# ansible bdqn -m shell -a “netstat -anptu | grep httpd”
192.168.100.30 | SUCCESS | rc=0 >>
tcp6 0 0 :::80 ::😗 LISTEN 2719/httpd
192.168.100.20 | SUCCESS | rc=0 >>
tcp6 0 0 :::80 ::😗 LISTEN 2867/httpd
service模塊
設置httpd服務開機自啓並重啓
[root@centos01 ~]# ansible bdqn -m service -a “name=httpd enable=yes state=restarted”
重啓計算機查看服務
[root@centos01 ~]# ansible bdqn -m shell -a “reboot”
[root@centos01 ~]# ansible bdqn -m shell -a “netstat -anptu | grep httpd”
192.168.100.30 | SUCCESS | rc=0 >>
tcp6 0 0 :::80 ::😗 LISTEN 1301/httpd
192.168.100.20 | SUCCESS | rc=0 >>
tcp6 0 0 :::80 ::😗 LISTEN 1289/httpd
user模塊
創建用戶
[root@centos01 ~]# ansible bdqn -m user -a “name=tom system=yes uid=520 hroup=root group=root shell=/etc/nologin home=/home/user01 password=pwd@123”
客戶端查看
[root@centos02 ~]# cat /etc/passwd
tom❌502:0::/home/tom:/etc/nologin
[root@centos03 ~]# cat /etc/passwd
tom❌502:0::/home/tom:/etc/nologin
playbook模塊
更新源
[root@centos01 ~]# cd /etc/yum.repos.d/
[root@centos01 yum.repos.d]# rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
[root@centos01 yum.repos.d]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
[root@centos01 yum.repos.d]# wget http://mirrors.aliyun.com/repo/Centos-7.repo
[root@centos02 ~]# cd /etc/yum.repos.d/
[root@centos02 yum.repos.d]# rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
[root@centos02 yum.repos.d]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
[root@centos02 yum.repos.d]# wget http://mirrors.aliyun.com/repo/Centos-7.repo
[root@centos03 ~]# cd /etc/yum.repos.d/
[root@centos03 yum.repos.d]# rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
[root@centos03 yum.repos.d]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
[root@centos03 yum.repos.d]# wget http://mirrors.aliyun.com/repo/Centos-7.repo
安裝epel
[root@centos01 ~]# yum -y install epel-release
[root@centos02 ~]# yum -y install epel-release
[root@centos03 ~]# yum -y install epel-release
服務器端安裝nginx
[root@centos01 ~]# yum -y install nginx
查看nginx包
[root@centos01 ~]# rpm -qa | grep nginx
nginx-release-centos-7-0.el7.ngx.noarch
nginx-1.16.1-1.el7.ngx.x86_64
[root@centos02 ~]# rpm -qa | grep nginx
nginx-release-centos-7-0.el7.ngx.noarch
[root@centos03 ~]# rpm -qa | grep nginx
nginx-release-centos-7-0.el7.ngx.noarch
創建nginx配置文件
[root@centos01 ~]# vim /etc/ansible/ansible.cfg
- hosts: all
tasks:
- name: Install Nginx Package
yum: name=nginx state=present
- name: Copy Nginx.conf
template: src=./nginx.conf.j2 dest=/etc/nginx/nginx.conf
owner=root group=root mode=0644 validate=‘nginx -t -c %s’
notify:
- Restart Nginx Service
handlers:
- name: Restart Nginx Service
service : name=nginx state=restarted
檢查配置文件
[root@centos01 ~]# ansible-playbook /etc/ansible/nginx.yaml --syntax-check /etc/ansible/nginx.yaml
運行配置文件安裝nginx
[root@centos01 ~]# ansible-playbook -i /etc/ansible/hosts /etc/ansible/nginx.yaml -f 2
查看運行配置文件的主機‘
[root@centos01 ~]# ansible-playbook --list-hosts /etc/ansible/nginx.yaml
playbook: /etc/ansible/nginx.yaml
play #1 (all): all TAGS: []
pattern: [u’all’]
hosts (2):
192.168.100.30
192.168.100.20
開啓nginx服務
[root@centos01 ~]# ansible bdqn -m shell -a “systemctl start nginx”
監聽nginx端口
[root@centos01 ~]# ansible bdqn -m shell -a “netstat -anptu | grep 80”
192.168.100.30 | SUCCESS | rc=0 >>
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 3764/nginx: master
192.168.100.20 | SUCCESS | rc=0 >>
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 3826/nginx: master