之前用过saltstack,也研究过一段时间,也写过saltstack的自动化平台;但是不可否认saltstack还是遇到各种小问题;后来开始转向研究一下ansible,一来是他不用像saltstack一样每个都要去部署一个客户端,而且有些操作系统saltstack死活装不上;二来是ansible操作简单,API也是非常的简便。可能跟我掌握不深有关系:
一、ansible安装:
centos6 安装epel源:
|
1
|
rpm
-
ivh http:
/
/
dl.fedoraproject.org
/
pub
/
epel
/
6
/
x86_64
/
epel
-
release
-
6
-
8.noarch
.rpm
|
二、安装ansible非常简便:
|
1
|
yum install ansbile
|
三、设置主机互信;这样就不用每次执行时候都加用户名密码:
ansible服务端执行:
|
1
2
|
ssh
-
keygen
-
t rsa
-
P ''
ssh
-
copy
-
id
-
i
/
root
/
.ssh
/
id_rsa.pub root@clientIP
|
使用ansible:
1、配置/etc/ansible/hosts:默认已经给出示例;我们注释掉:
|
1
2
|
vim
/
etc
/
ansible
/
hosts
:
%
s
/
^\(\)
/
\
#1/g
|
添加主机组:
|
1
2
3
|
[client]
192.168
.
63.192
192.168
.
63.198
|
2、测试是否成功添加:
|
1
2
3
4
5
6
7
8
9
|
[root@xiaoluo ansible]
# ansible client -m ping
192.168
.
63.192
| SUCCESS
=
> {
"changed"
: false,
"ping"
:
"pong"
}
192.168
.
63.198
| SUCCESS
=
> {
"changed"
: false,
"ping"
:
"pong"
}
|
当然也支持单台主机或者正则:
|
1
2
3
4
5
6
7
8
9
|
[root@xiaoluo ansible]
# ansible 192.168.63.* -m ping
192.168
.
63.192
| SUCCESS
=
> {
"changed"
: false,
"ping"
:
"pong"
}
192.168
.
63.198
| SUCCESS
=
> {
"changed"
: false,
"ping"
:
"pong"
}
|
3、帮助文档查看:
|
1
|
[root@xiaoluo ansible]
# ansible-doc -l
|
具体单个模块帮助:
|
1
|
[root@xiaoluo ansible]
# ansible-doc -s copy
|
4、远程命令模块默认什么都不加是执行commond模块,还有shell模块,raw模块:
|
1
2
3
4
5
|
[root@xiaoluo ansible]
# ansible client -a "uptime"
192.168
.
63.192
| SUCCESS | rc
=
0
>>
10
:
46
:
54
up
37
min
,
1
user, load average:
0.00
,
0.01
,
0.05
192.168
.
63.198
| SUCCESS | rc
=
0
>>
10
:
46
:
55
up
40
min
,
1
user, load average:
0.00
,
0.01
,
0.05
|
|
1
2
3
4
5
|
[root@xiaoluo ansible]
# ansible client -m shell -a "uptime"
192.168
.
63.198
| SUCCESS | rc
=
0
>>
10
:
48
:
28
up
41
min
,
1
user, load average:
0.00
,
0.01
,
0.05
192.168
.
63.192
| SUCCESS | rc
=
0
>>
10
:
48
:
27
up
38
min
,
1
user, load average:
0.00
,
0.01
,
0.05
|
raw模块中间是可以加管道的:
|
1
2
3
4
5
6
7
|
[root@xiaoluo ansible]
# ansible client -m raw -a "ps -ef | grep xinetd"
192.168
.
63.192
| SUCCESS | rc
=
0
>>
root
983
1
0
10
:
10
?
00
:
00
:
00
/
usr
/
sbin
/
xinetd
-
stayalive
-
pidfile
/
var
/
run
/
xinetd.pid
root
2632
2608
0
10
:
49
pts
/
0
00
:
00
:
00
bash
-
c ps
-
ef | grep xinetd
192.168
.
63.198
| SUCCESS | rc
=
0
>>
root
998
1
0
10
:
07
?
00
:
00
:
00
/
usr
/
sbin
/
xinetd
-
stayalive
-
pidfile
/
var
/
run
/
xinetd.pid
root
2653
2629
0
10
:
49
pts
/
0
00
:
00
:
00
bash
-
c ps
-
ef | grep xinetd
|
5、yum模块远程安装服务:
|
1
|
[root@xiaoluo ansible]
# ansible client -m yum -a "name=httpd state=present"
|
远程shell方式启动服务:
|
1
|
[root@xiaoluo ansible]
#ansible keepalived -m shell -a "service httpd restart"
|
以service模块来管理启动:
|
1
|
[root@xiaoluo ansible]
# ansible client -m service -a "name=httpd state=restarted"
|
6、推送文件模块:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
[root@xiaoluo ~]
# ansible client -m copy -a "src=/root/xiaoluo.txt dest=/tmp"
192.168
.
63.192
| SUCCESS
=
> {
"changed"
: true,
"checksum"
:
"4ecf4faee5813e8d0fd9c4d94ed93306c0ac0527"
,
"dest"
:
"/tmp/xiaoluo.txt"
,
"gid"
:
0
,
"group"
:
"root"
,
"md5sum"
:
"fdf76f6cfbca661e39e0bf710ae8b310"
,
"mode"
:
"0755"
,
"owner"
:
"root"
,
"size"
:
13
,
"src"
:
"/root/.ansible/tmp/ansible-tmp-1458448180.46-3214309858488/source"
,
"state"
:
"file"
,
"uid"
:
0
}
|
远程查看文件:
|
1
2
3
4
5
|
[root@xiaoluo ~]
# ansible client -a "cat /tmp/xiaoluo.txt"
192.168
.
63.198
| SUCCESS | rc
=
0
>>
xiaoluo.text
192.168
.
63.192
| SUCCESS | rc
=
0
>>
xiaoluo.text
|
7、修改用户的权限:
远程查看文件权限:
|
1
2
3
4
5
|
[root@xiaoluo ~]
# ansible client -a "ls -l /tmp/xiaoluo.txt"
192.168
.
63.198
| SUCCESS | rc
=
0
>>
-
rwxr
-
xr
-
x
1
root root
13
Mar
22
11
:
19
/
tmp
/
xiaoluo.txt
192.168
.
63.192
| SUCCESS | rc
=
0
>>
-
rwxr
-
xr
-
x
1
root root
13
Mar
22
11
:
19
/
tmp
/
xiaoluo.txt
|
修改所属组和用户:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
[root@xiaoluo ~]
# ansible client -m file -a "dest=/tmp/xiaoluo.txt mode=755 owner=xiaoluo group=xiaoluo"
192.168
.
63.192
| SUCCESS
=
> {
"changed"
: true,
"gid"
:
1002
,
"group"
:
"xiaoluo"
,
"mode"
:
"0755"
,
"owner"
:
"xiaoluo"
,
"path"
:
"/tmp/xiaoluo.txt"
,
"size"
:
13
,
"state"
:
"file"
,
"uid"
:
1002
}
192.168
.
63.198
| SUCCESS
=
> {
"changed"
: false,
"gid"
:
1002
,
"group"
:
"xiaoluo"
,
"mode"
:
"0755"
,
"owner"
:
"xiaoluo"
,
"path"
:
"/tmp/xiaoluo.txt"
,
"size"
:
13
,
"state"
:
"file"
,
"uid"
:
1002
}
|
查看权限修改:
|
1
2
3
|
[root@xiaoluo ~]
# ansible client -a "ls -l /tmp/xiaoluo.txt"
192.168
.
63.198
| SUCCESS | rc
=
0
>>
-
rwxr
-
xr
-
x
1
xiaoluo xiaoluo
13
Mar
22
11
:
19
/
tmp
/
xiaoluo.txt
192.168
.
63.192
| SUCCESS | rc
=
0
>>
-
rwxr
-
xr
-
x
1
xiaoluo xiaoluo
13
Mar
22
11
:
19
/
tmp
/
xiaoluo.txt
|
8、客户端数据采集类似saltstack 的grain模块(只是显示一部分):
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
[root@xiaoluo ansible]
# ansible client -m setup
192.168
.
63.198
| SUCCESS
=
> {
"ansible_facts"
: {
"ansible_all_ipv4_addresses"
: [
"172.17.2.1"
,
"192.168.63.198"
],
"ansible_all_ipv6_addresses"
: [
"fe80::20c:29ff:fe86:7901"
],
"ansible_architecture"
:
"x86_64"
,
"ansible_bios_date"
:
"06/02/2011"
,
"ansible_bios_version"
:
"6.00"
,
"ansible_cmdline"
: {
"BOOT_IMAGE"
:
"/vmlinuz-3.10.0-327.el7.x86_64"
,
"LANG"
:
"en_US.UTF-8"
,
"crashkernel"
:
"auto"
,
"quiet"
: true,
"rd.lvm.lv"
:
"centos/swap"
,
"rhgb"
: true,
"ro"
: true,
"root"
:
"/dev/mapper/centos-root"
},
|
还有很多模块,这里只是一小部分,当然还有一个强大的playbook后续继续更新。
本文转自 小罗ge11 51CTO博客,原文链接:http://blog.51cto.com/xiaoluoge/1753903,如需转载请自行联系原作者
