Ansible服务端安装与配置(学习笔记一)
1、ansible是自动化运维工具,基于Python开发,实现批量部署、配置、运行等。
2、ansible基于SSH端口,客户端不需要安装,只需要在服务端安装。
3、以下为测试用机:
用途 | 系统 | IP |
---|---|---|
服务端 | Linux7.2 | 52.244 |
客户端 | Linux7.2 | 52.245 |
客户端 | Linux7.2 | 52.246 |
客户端 | Linux7.2 | 52.247 |
4、服务端安装:yum install -y ansible
5、安装完成后,配置文件生成在/etc/ansible 文件夹里,其中ansible.cfg为配置文件,hosts为主机文件,roles文件夹存放yml文件
image.png
ansible.cfg中要加入host_key_checking = False ,免去第一次连接出现保存密钥指纹的提示:
image.png
6、然后编辑hosts文件,给要分的host组各提供一个自定义的组名,其中ansible_ssh_user=root ansible_ssh_pass="xxxxx" ansible_ssh_port=22分别为登录的账号、密码、端口,因为后面会做SSH免密登录,这里只需要写账号不需要写密码,而端口默认是22,也不用写。
[testlinux:children]是把以上的几个test组再合并成一个组,这里testlinux名字自取,children为ansible的默认参数
image.png
7、配置完host后,需要做免密登录,生成密钥:ssh-keygen -t rsa;复制密钥:ssh-copy-id root@172.16.xxx.xxx
8、检测通信是否正常(Linux):ansible testlinux -m ping ,通信正常返回:"ping": "pong"
image.png
9、ansible.cfg相关的配置及说明:
[defaults]
# some basic default values...
#inventory = /etc/ansible/hosts
hostfile = /etc/ansible/conf/hosts \指定默认hosts配置的位置
# library_path = /usr/share/my_modules/
remote_tmp = $HOME/.ansible/tmp
pattern = *
forks = 5
poll_interval = 15
sudo_user = root \远程sudo用户
#ask_sudo_pass = True \每次执行ansible命令是否询问ssh密码
#ask_pass = True \每次执行ansible命令时是否询问sudo密码
transport = smart
remote_port = 22
module_lang = C
gathering = implicit
host_key_checking = False \关闭第一次使用ansible连接客户端是输入命令提示
log_path = /var/log/ansible.log \需要时可以自行添加。chown -R root:root ansible.log
system_warnings = False \关闭运行ansible时系统的提示信息,一般为提示升级
# set plugin path directories here, separate with colons
#action_plugins = /usr/share/ansible/plugins/action
#cache_plugins = /usr/share/ansible/plugins/cache
#callback_plugins = /usr/share/ansible/plugins/callback
#connection_plugins = /usr/share/ansible/plugins/connection
#lookup_plugins = /usr/share/ansible/plugins/lookup
#inventory_plugins = /usr/share/ansible/plugins/inventory
#vars_plugins = /usr/share/ansible/plugins/vars
#filter_plugins = /usr/share/ansible/plugins/filter
#test_plugins = /usr/share/ansible/plugins/test
#strategy_plugins = /usr/share/ansible/plugins/strategy
fact_caching = memory
[accelerate]
accelerate_port = 5099
accelerate_timeout = 30
accelerate_connect_timeout = 5.0
# The daemon timeout is measured in minutes. This time is measured
# from the last activity to the accelerate daemon.
accelerate_daemon_timeout = 30