一.部署ansiber环境
1.准备三台机器:
配置IP,主机名,/etc/hosts
2.然后去配置免密登录
1.在服务端操作,上传公钥
[root@good .ssh]# ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:0ihaGqzhrrggldA2+PdMixdf80qkmODATm08Z/77wmE root@good The key's randomart image is: +---[RSA 3072]----+ | | | o | |o + | | * = o | |. X X B S + | |.* X % BE+ o | |+.+ o Ooo.. . | |= . .o. . | |=o o+o | +----[SHA256]-----+
2.将公钥传给客户端
[root@rhcsa .ssh]# ssh-copy-id root@rhce /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host 'rhce (192.168.40.132)' can't be established. ECDSA key fingerprint is SHA256:70V58bQzrfUci7EE23sAS/cd7Zjc3zbRhTx15uN1PVY. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@rhce's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@rhce'" and check to make sure that only the key(s) you wanted were added.
3.验证免密登录
[root@rhcsa .ssh]# ssh root@rhce Activate the web console with: systemctl enable --now cockpit.socket This system is not registered to Red Hat Insights. See https://cloud.redhat.com/ To register this system, run: insights-client --register Last failed login: Tue Aug 2 17:13:21 CST 2022 from 192.168.40.129 on ssh:notty There were 2 failed login attempts since the last successful login. Last login: Tue Aug 2 16:26:36 2022 from 192.168.40.129 [root@rhce ~]# exit logout Connection to rhce closed.
3.配置yum源使用Centos-stream.repo
4.安装ansible
[root@rhcsa yum.repos.d]# rpm -ivh https://mirrors.tuna.tsinghua.edu.cn/zabbix/zabbix/6.0/rhel/8/x86_64/zabbix-release-6.0-1.el8.noarch.rpm Retrieving https://mirrors.tuna.tsinghua.edu.cn/zabbix/zabbix/6.0/rhel/8/x86_64/zabbix-release-6.0-1.el8.noarch.rpm warning: /var/tmp/rpm-tmp.uSbUwD: Header V4 RSA/SHA512 Signature, key ID a14fe591: NOKEY Verifying... ################################# [100%] Preparing... ################################# [100%] Updating / installing... 1:zabbix-release-6.0-1.el8 ################################# [100%]
[root@rhcsa yum.repos.d]# yum install -y https://mirrors.tuna.tsinghua.edu.cn/epel/epel-release-latest-8.noarch.rpm Updating Subscription Management repositories. Unable to read consumer identity This system is not registered with an entitlement server. You can use subscription-manager to register. Repository AppStream is listed more than once in the configuration Zabbix Official Repository - x86_64 25 kB/s | 107 kB 00:04 Zabbix Official Repository non-supported - x86_ 294 B/s | 1.2 kB 00:04 epel-release-latest-8.noarch.rpm 33 kB/s | 24 kB 00:00 Dependencies resolved. ================================================================================ Package Architecture Version Repository Size ================================================================================ Installing: epel-release noarch 8-16.el8 @commandline 24 k Transaction Summary ================================================================================ Install 1 Package Total size: 24 k Installed size: 34 k Downloading Packages: Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : epel-release-8-16.el8.noarch 1/1 Running scriptlet: epel-release-8-16.el8.noarch 1/1 Many EPEL packages require the CodeReady Builder (CRB) repository. It is recommended that you run /usr/bin/crb enable to enable the CRB repository. Verifying : epel-release-8-16.el8.noarch 1/1 Installed products updated. Installed: epel-release-8-16.el8.noarch Complete!
5.使用ansible --version去验证
[root@good yum.repos.d]# ansible --version ansible [core 2.12.7] config file = /etc/ansible/ansible.cfg configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.8/site-packages/ansible ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections executable location = /usr/bin/ansible python version = 3.8.13 (default, Jun 24 2022, 15:27:57) [GCC 8.5.0 20210514 (Red Hat 8.5.0-13)] jinja version = 2.11.3 libyaml = True
二、ansible基础使用
1.配置清单:
/etc/ansible/hosts
[node]
node1.example.com
node2.example.com
[root@good yum.repos.d]# vim /etc/ansible/hosts
2.使用ansible node -m ping去验证