Ansible是一种集成系统的配置管理工具,使用Ansible可以批量管理服务器,应用的部署,批量的执行命令,并且Ansible还是一款轻量的开源软件,Ansible部署简单,使用yum包就可安装,但是功能的确相当的丰富,所以今天特地来聊聊Ansible。Ansible还有一个特点就是无需安装agent,使用ssh认证就可以远程控制服务器,这也是我喜欢他的一个原因,如果你python够牛的话,还可以自己定制模块,并且还有api接口,许多自动化运维平台都是调用他的。首先,先看一下安装过程:
系统:centos6.5
Python版本:python -V
Python 2.6.6
Yum安装
rpm -Uvh
Yum -y install ansible
pip安装
//安装依赖环境
yum -y install gcc gcc-c++ git python-devel python-setuptools python-simplejson
#下载sshpass的yum源
cd /etc/yum.repos.d/
wget
#刷新yum源数据库
yum makecache
#安装sshpass
yum -y install sshpass
#安装pip
tar zxf pip-1.5.4.tar.gz
cd pip-1.5.4
python setup.py install
#使用pip安装ansible的模块
pip install markupsafe paramiko PyYAML jinja2 httplib2 pycrypto-on-pypi
#使用pip安装ansible
pip install ansible
#查看ansible版本 如果出现版本号,则安装成功
ansible --version
安装后配置
#创建/etc/ansible
mkdir /etc/ansible
#创建主配置文件
vim /etc/ansible/ansible.cfg
##内容可从文章后面复制##
#创建/hosts文件
vim /etc/ansible/hosts
#进行ping测试
ansible -i hosts all -m ping
错误:
原因:服务端没有客户端ssh秘钥
解决思路:将客户端秘钥导入到服务端
解决方法:
1、在服务端运行ssh命令到相关客户端,并保存秘钥
2、在ansible主配置文件中打开选项host_key_checking = False
ansible主配置文件内容 #可直接复制到/etc/ansible/ansible.cfg
[defaults]#inventory = /etc/ansible/hosts # ↑指定ansible主机文件#library = /usr/share/my_modules/ #remote_tmp = $HOME/.ansible/tmp#local_tmp = $HOME/.ansible/tmp#forks = 5 # ↑默认并行处理量#poll_interval = 15#sudo_user = root # ↑默认执行命令的用户#ask_sudo_pass = True#ask_pass = True # ↑是否需要输入密码#transport = smart#remote_port = 22 # ↑默认远程端口#module_lang = C#module_set_locale = True#gathering = implicit#gather_subset = all#roles_path = /etc/ansible/roleshost_key_checking = False# ↑关闭客户机key检查#stdout_callback = skippy#callback_whitelist = timer, mail#task_includes_static = True#handler_includes_static = True#sudo_exe = sudo#sudo_flags = -H -S -n#timeout = 10 #ssh连接超时时间#remote_user = root # ↑远程ssh用户#log_path = /var/log/ansible.log # ↑日志记录文件位置#module_name = command#executable = /bin/sh#hash_behaviour = replace#private_role_vars = yes#jinja2_extensions = jinja2.ext.do,jinja2.ext.i18n#private_key_file = /path/to/file # ↑本地密码文件,第一行为密码#vault_password_file = /path/to/vault_password_file#ansible_managed = Ansible managed: {file} modified on %Y-%m-%d %H:%M:%S by {uid} on {host}#ansible_managed = Ansible managed: {file} on {host}#display_skipped_hosts = True#display_args_to_stdout = False#error_on_undefined_vars = False#system_warnings = True#deprecation_warnings = True#action_plugins = /usr/share/ansible/plugins/action#callback_plugins = /usr/share/ansible/plugins/callback#connection_plugins = /usr/share/ansible/plugins/connection#lookup_plugins = /usr/share/ansible/plugins/lookup#vars_plugins = /usr/share/ansible/plugins/vars#filter_plugins = /usr/share/ansible/plugins/filter#test_plugins = /usr/share/ansible/plugins/test#strategy_plugins = /usr/share/ansible/plugins/strategy#bin_ansible_callbacks = False#nocows = 1#cow_selection = default#cow_selection = random#cow_whitelist=bud-frogs,bunny,cheese,daemon,default,dragon,elephant-in-snake,elephant,eyes,\#nocolor = 1#fact_caching = memory#retry_files_enabled = False#retry_files_save_path = ~/.ansible-retry#squash_actions = apk,apt,dnf,package,pacman,pkgng,yum,zypper#no_log = False#no_target_syslog = False#allow_world_readable_tmpfiles = False#var_compression_level = 9#module_compression = 'ZIP_DEFLATED'#max_diff_size = 1048576[privilege_escalation]#become=True#become_method=sudo#become_user=root#become_ask_pass=False[paramiko_connection]#record_host_keys=False#pty=False[ssh_connection]#ssh_args = -o ControlMaster=auto -o ControlPersist=60s#control_path = %(directory)s/ansible-ssh-%%h-%%p-%%r#pipelining = False#scp_if_ssh = True#sftp_batch_mode = False[accelerate]#accelerate_port = 5099#accelerate_timeout = 30#accelerate_connect_timeout = 5.0#accelerate_daemon_timeout = 30#accelerate_multi_key = yes[selinux]#special_context_filesystems=nfs,vboxsf,fuse,ramfs#libvirt_lxc_noseclabel = yes[colors]#highlight = white#verbose = blue#warn = bright purple#error = red#debug = dark gray#deprecate = purple#skip = cyan#unreachable = red#ok = green#changed = yellow#diff_add = green#diff_remove = red#diff_lines = cyan