安装
yum -y install ansible expect
生成key,ssh-keygen -t rsa -f ~/.ssh/id_rsa
两种办法
-
ssh+expect 出自oldbody
cat /etc/ansible/hosts
[web]
web1 ansible_ssh_host=192.168.1.21
web2 ansible_ssh_host=192.168.1.22
提供修改的exp.sh
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
.
/etc/init
.d
/functions
ip=$1
function
KNOWN_HOST_REBUILD()
{
[ ! -e ~/.
ssh
/known_hosts
] &&
mkdir
-p ~/.
ssh
/ &&
touch
~/.
ssh
/known_hosts
local
i=$1
sed
-i
"/^${i} /d"
~/.
ssh
/known_hosts
expect -c "
spawn
/usr/bin/ssh
root@${i}
echo
ok;
expect \"*
yes
/no
)?\";
send \"
yes
\r\";
expect eof "
return
0
[[ $? -
ne
0 ]] &&
echo
"$i know host rebuild fail,maybe the server connect error"
}
function
PASS_PASSWD()
{
ip=$1
expect -c "
set
timeout -1
spawn
ssh
-copy-
id
-i
/root/
.
ssh
/id_rsa
.pub root@$ip
expect \"*password:\"
send \"你的密码\r\"
expect eof"
}
KNOWN_HOST_REBUILD $1
PASS_PASSWD $1
|
使用方法:./exp.sh ip,就会自动建立ssh了,然后ansible各种命令测试
2.authorized_key模块
分两步走
1.known_host
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
.
/etc/init
.d
/functions
ip=$1
function
KNOWN_HOST_REBUILD()
{
[ ! -e ~/.
ssh
/known_hosts
] &&
mkdir
-p ~/.
ssh
/ &&
touch
~/.
ssh
/known_hosts
local
i=$1
sed
-i
"/^${i} /d"
~/.
ssh
/known_hosts
expect -c "
spawn
/usr/bin/ssh
root@${i}
echo
ok;
expect \"*
yes
/no
)?\";
send \"
yes
\r\";
expect \"*?assword:*\"
send -- \"\003\r\"
expect eof "
return
0
[[ $? -
ne
0 ]] &&
echo
"$i know host rebuild fail,maybe the server connect error"
}
KNOWN_HOST_REBUILD $1
|
2.编写简单的yml
基础资料
http://docs.ansible.com/authorized_key_module.html
简单例子
|
1
2
|
# Example using key data from a local file on the management machine
- authorized_key: user=charlie key=
"{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}"
|
cat /etc/ansible/hosts
[unknow]
web3 ansible_ssh_user=root ansible_ssh_host=192.168.1.21 ansible_ssh_pass="你的密码"
简单的使用
|
1
2
3
4
5
6
7
|
cat
rsync_key.ymal
---
- hosts: web3
user: root
tasks:
- name:
ssh
authorized_key: user=
"root"
key=
"{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
|
使用方法:ansible-playbook rsync_key.ymal
出自马哥
http://mageedu.blog.51cto.com/4265610/1412028
authorized_key ymal格式不会写,Google到的
(Ansible Cookbook 2014) http://ansiblecookbook.com/html/en.html
网上的例子
第一种方式:手动安装 cd ~/Downloads curl -O -L http://downloads.sourceforge.net/project/sshpass/sshpass/1.05/sshpass-1.05.tar.gz tar xvzf sshpass-1.05.tar.gz cd sshpass-1.05 ./configure make sudo make install
``` 第二种方式,安装Mac os包管理器之外第三方包 brew install https://raw.github.com/eugeneoden/homebrew/eca9de1/Library/Formula/sshpass.rb
3.配置文件
/etc/ansible/hosts — 默认资源文件 /usr/share/ansible/ — 默认模块库 /etc/ansible/ansible.cfg — 默认配置文件 ~/.ansible.cfg — 用户配置文件,如果使用优先级高于ansible.cfg配置文件
具体配置文件参考:http://docs.ansible.com/intro_configuration.html#pipelining
step2:远程执行命令
ansible是基于ssh协议之上进行远程管理,所以无须安装客户端,直接只要能ssh连接过去,就可以进行管理了
1.配置管理客户端和秘钥登录
cp hosts hosts.bak vim hosts [test] //group_name,名称可以自定义,可以将不同的作用的机器放在不同的组里 192.168.122.134 192.168.122.131 [test] 192.168.122.134 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass=skstserver #ssh无秘钥登录ssh-keygen -t rsa -P ''ssh-copy-id -i .ssh/id_rsa.pub root@192.168.122.131
2、批量发送公钥
为ansible开始管理节点传递公钥
如果是可以直接使用root的环境,则直接使用这个脚本
vim tra_pub.exp
#!/usr/bin/expect -f
set timeout -1
set user root
set passwd "123456"
for { set i 201 } { $i < 208 } { incr i } {
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $user@192.168.1.$i
expect {
"yes/no" { send "yes\r";exp_continue }
"id_rsa" { send "yes\r";exp_continue }
"*assword" { send "$passwd\r" }
}
}
expect eof
如果需要使用普通用户进行切换的环境则可以使用以下的脚本
#!/usr/bin/expect -f
set timeout -1
set user test
set passwd "123456"
for { set i 100 } { $i < 120 } { incr i } {
spawn ssh -l $user 172.41.30.$i
expect {
"yes/no" { send "yes\r";exp_continue }
"id_rsa" { send "yes\r";exp_continue }
"*assword" { send "$passwd\r" ;exp_continue }
"test@" {
send "sudo su -\r"
expect {
"password for test" { send "$passwd\r";exp_continue }
}
}
}
}
expect eof
exit 0
3、批量定义inventory
直接利用for循环进行批量的写入
for i in $(seq 200 240);do echo 192.168.1.$i >> /etc/ansible/hosts;done
本文转自 liqius 51CTO博客,原文链接:http://blog.51cto.com/szgb17/1669731,如需转载请自行联系原作者
