# 学习 * ansible core : ansible 自身核心模块 * host inventory: 主机库,定义可管控的主机列表 * connection plugins: 连接插件,一般默认基于 ssh 协议连接 * modules:core modules ( 自带模块 ) 、 custom modules ( 自定义模块 ) * playbooks :剧本,按照所设定编排的顺序执行完成安排任务 # 安装 ## install ```bash # python --version # Python 2.7.5 curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py python get-pip.py # # DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date. A future version of pip will drop support for Python 2.7. #### # get-pip.py options # do not attempt to install setuptools --no-setuptools # do not attempt to install wheel --no-wheel # Install to the user site --user # install ansible sudo pip install ansible # ansible --version ansible 2.7.10 config file = None configured module search path = [u'/home/vagrant/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible python version = 2.7.5 (default, Apr 9 2019, 14:30:50) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)] # 如果用pip安装完ansible之后,config file是None的。也就是说不存在/etc/ansible这个配置文件夹,需要自己创建。 curl -sSfLk -o https://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.9.3-1.el7.ans.noarch.rpm yum localinstall ansible-2.9.3-1.el7.ans.noarch.rpm -y ``` ## 生成密钥 ```bash # 创建ssh密钥 mkdir ~/.ssh; cd ~/.ssh/ # 都按回车 ssh-keygen -t rsa # 加入授权 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys # 修改文件权限 chmod 600 ~/.ssh/authorized_keys # 授权登录 ssh-copy-id -i ~/.ssh/id_rsa.pub vagrant@n55 ssh-copy-id -i ~/.ssh/id_rsa.pub vagrant@n56 ``` ## 常用命令 ```bash ansible --version ansible -m ansible-doc -s command absible-galaxy ansible-link #ansible-init playbook.yml ansible-playbook ansible-pull ansible-vault ``` ```bash tree /etc/ansible/ /etc/ansible/ ├── ansible.cfg ├── hosts └── roles ``` ```bash ansible 192.168.33.56 -m ping -vvv ansible webservers -m ping -vvv ansible -m command -a '/bin/echo hello ansible!' ansible 192.168.33.56 -m command -a 'sudo yum install -y bridge-utils bind-utils psmisc' ``` # 错误 ```bash 192.168.33.55 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true } 192.168.33.55 | FAILED! => { "msg": "to use the 'ssh' connection type with passwords, you must install the sshpass program" } 192.168.33.27 | FAILED | rc=1 >> error: garbage option Usage: ps [options] Try 'ps --help ' or 'ps --help ' for additional help text. For more details see ps(1).non-zero return code ## command不支持管道命令 ``` # ansible hosts ```bash ## 正常写法,name1为别名: [test1] name1 ansible_ssh_host=192.168.1.111 ansible_ssh_user="root" ansible_ssh_pass="1234" ansible_ssh_port=22 name2 ansible_ssh_host=192.168.1.222 ansible_ssh_user="root" ansible_ssh_pass="1234" ansible_ssh_port=22 ## 连续的IP写法,表示192.168.1.20到192.168.1.50,共31台主机: [test1] name1 ansible_ssh_host=192.168.1.[20:50] ansible_ssh_user="root" ansible_ssh_pass="1234" ansible_ssh_port=22 ## 带参数的群组,vars底下为群组共同便变量,包括已定义变量和自定义变量: [test1] name1 ansible_ssh_host=192.168.1.[20:50] [test1:vars] ansible_ssh_user=root ansible_ssh_pass="1234" testvar="test" ## 群组整合,children底下为父群组test的子群组,调用方式为ansible test -m ping: [dbtest] name1 ansible_ssh_host=192.168.1.[20:50] ansible_ssh_user="root" ansible_ssh_pass="1234" ansible_ssh_port=22 [webtest] name2 ansible_ssh_host=192.168.2.[20:50] ansible_ssh_user="root" ansible_ssh_pass="1234" ansible_ssh_port=22 [test:children] dbtest webtest ## 调用两个主机组的写法,以下webservers和dbservers都会被调用: ansible webservers:dbservers -m ping ## 在webservers组中但不在dbsersers中的调用: ansible webservers:!dbservers -m win_ping ## 在webservers组中并且在dbservers组中的才会调用: ansible webservers:&dbservers -m ping ## 在调用前加~,代表正则表达式: ansible ~(web|db).*.91it.org -m win_ping ``` # 参考 * [ansible.cfg](https://raw.githubusercontent.com/ansible/ansible/devel/examples/ansible.cfg) * [Ansible Documentation](https://docs.ansible.com/ansible/latest/) * [Ansible cli](https://docs.ansible.com/ansible/latest/cli/ansible.html) * [Ansible All modules](https://docs.ansible.com/ansible/2.8/modules/modules_by_category.html)