前言
一、准备三台机器配置IP主机名
准备三台机器:
server.example.com
node1.example.com
node2.example.com
配置IP,主机名,/etc/hosts
[root@server ~]# vim /etc/hosts 配置IP 主机名 192.168.193.129 server.explame.com 192.168.193.134 a1.explame.com 192.168.193.135 a2.explame.com
二、设置免密登录
然后去配置免密登录
[root@BBB ~]# ssh-keygen -t rsa ---指定加密算法 Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): ---保存私钥的文件全路径 Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:wkC11BzXR/Ccvs3IQvDhIOz7UhhRE35pYAvhHcZUDgY root@BBB The key's randomart image is: +---[RSA 3072]----+ | ..ooEB&+oo. | | . . ++O.B.+.. | | . . +.* *.+ | | o ... B o | | o So + . | | ..... . = | | .. . + o| | .. . | | .. | +----[SHA256]-----+ 默认的证书目录:/root/.ssh 默认创建的公钥文件:/root/.ssh/id_rsa.pub 在保存私钥的文件全路径的目录下生成密钥对 [root@BBB ~]# ll /root/.ssh/ total 8 -rw-------. 1 root root 2590 Jul 28 23:21 id_rsa -rw-r--r--. 1 root root 562 Jul 28 23:21 id_rsa.pub 然后将公钥追加到192.168.193.134这个服务器上的~/.ssh/authorized_keys文件 1、将公钥通过scp拷贝到服务器上,然后追加到~/.ssh/authorized_keys文件中。scp -P 22 ~/.ssh/id_rsa.pub user@host:~/。 2、通过ssh-copy-id程序,ssh-copyid user@host 3、可以通过cat ~/.ssh/id_rsa.pub | ssh -p 22 user@host ‘cat >> ~/.ssh/authorized_keys’,这个可以更改端口号。 如果另外一台服务器没有.ssh目录 输入# ssh localhost .ssh 是记录密码信息的文件夹,如果没有登录过root的话,就没有 .ssh 文件夹,因此登录 localhost ,并输入密码就会生成了。 .ssh目录的权限为700,其下文件authorized_keys和私钥的权限为600。否则会因为权限问题导致无法免密码登录。我们可以看到登陆后会有known_hosts文件生成。 最后通过ssh root@192.168.193.134验证
三、安装ansible
安装ansible出现的问题
Error:
Problem: conflicting requests
● nothing provides (ansible-core >= 2.12.2 with ansible-core < 2.13) needed by ansible-5.4.0-3.el8.noarch
(try to add ‘–skip-broken’ to skip uninstallable packages or ‘–nobest’ to use not only best candidate packages)
[root@a2 ~]# yum install -y ansible Updating Subscription Management repositories. Unable to read consumer identity This system is not registered with an entitlement server. You can use subscription-manager to register. Repository AppStream is listed more than once in the configuration Last metadata expiration check: 2:28:10 ago on Tue 02 Aug 2022 03:07:37 PM CST. Error: Problem: conflicting requests - nothing provides (ansible-core >= 2.12.2 with ansible-core < 2.13) needed by ansible-5.4.0-3.el8.noarch (try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)
出现的问题的原因是
yum源里面的版本低必须是2.12以上的
更换yum源
配置yum源使用Centos-stream.repo
上传到 /etc/yum.repos.d/目录
下载链接Centos-stream.repo
然后清理缓存
yum clean all
yum makecahe
等待安装
使用ansible --version去验证
[root@server ~]# ansible --version ansible [core 2.12.7] config file = /etc/ansible/ansible.cfg configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.8/site-packages/ansible ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections executable location = /usr/bin/ansible python version = 3.8.13 (default, Jun 24 2022, 15:27:57) [GCC 8.5.0 20210514 (Red Hat 8.5.0-13)] jinja version = 2.11.3 libyaml = True
配置清单:/etc/ansible/hosts
在这里面配置
[A] a1.example.com a2.example.com
使用ansible node -m ping去验证
[root@server ~]# ansible A -m ping a1.explame.com | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": false, "ping": "pong" } a2.explame.com | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": false, "ping": "pong" }
