|
|
之前用过saltstack,也研究过一段时间,也写过saltstack的自动化平台;但是不可否认saltstack还是遇到各种小问题;后来开始转向研究一下ansible,一来是他不用像saltstack一样每个都要去部署一个客户端,而且有些操作系统saltstack死活装不上;二来是ansible操作简单,API也是非常的简便。可能跟我掌握不深有关系:
一、ansible安装:
centos6 安装epel源:
二、安装ansible非常简便:
三、设置主机互信;这样就不用每次执行时候都加用户名密码:
ansible服务端执行:
1
2
| ssh-keygen -t rsa -P ''
ssh-copy-id -i /root/.ssh/id_rsa.pub root@clientIP
|
使用ansible:
1、配置/etc/ansible/hosts:默认已经给出示例;我们注释掉:
1
2
| vim /etc/ansible/hosts
:%s/^\(\)/\#1/g
|
添加主机组:
1
2
3
| [client]
192.168.63.192
192.168.63.198
|
2、测试是否成功添加:
1
2
3
4
5
6
7
8
9
| [iyunv@xiaoluo ansible]# ansible client -m ping
192.168.63.192 | SUCCESS => {
"changed": false,
"ping": "pong"
}
192.168.63.198 | SUCCESS => {
"changed": false,
"ping": "pong"
}
|
当然也支持单台主机或者正则:
1
2
3
4
5
6
7
8
9
| [iyunv@xiaoluo ansible]# ansible 192.168.63.* -m ping
192.168.63.192 | SUCCESS => {
"changed": false,
"ping": "pong"
}
192.168.63.198 | SUCCESS => {
"changed": false,
"ping": "pong"
}
|
3、帮助文档查看:
1
| [iyunv@xiaoluo ansible]# ansible-doc -l
|
具体单个模块帮助:
1
| [iyunv@xiaoluo ansible]# ansible-doc -s copy
|
4、远程命令模块默认什么都不加是执行commond模块,还有shell模块,raw模块:
1
2
3
4
5
| [iyunv@xiaoluo ansible]# ansible client -a "uptime"
192.168.63.192 | SUCCESS | rc=0 >>
10:46:54 up 37 min, 1 user, load average: 0.00, 0.01, 0.05
192.168.63.198 | SUCCESS | rc=0 >>
10:46:55 up 40 min, 1 user, load average: 0.00, 0.01, 0.05
|
1
2
3
4
5
| [iyunv@xiaoluo ansible]# ansible client -m shell -a "uptime"
192.168.63.198 | SUCCESS | rc=0 >>
10:48:28 up 41 min, 1 user, load average: 0.00, 0.01, 0.05
192.168.63.192 | SUCCESS | rc=0 >>
10:48:27 up 38 min, 1 user, load average: 0.00, 0.01, 0.05
|
raw模块中间是可以加管道的:
1
2
3
4
5
6
7
| [iyunv@xiaoluo ansible]# ansible client -m raw -a "ps -ef | grep xinetd"
192.168.63.192 | SUCCESS | rc=0 >>
root 983 1 0 10:10 ? 00:00:00 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid
root 2632 2608 0 10:49 pts/0 00:00:00 bash -c ps -ef | grep xinetd
192.168.63.198 | SUCCESS | rc=0 >>
root 998 1 0 10:07 ? 00:00:00 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid
root 2653 2629 0 10:49 pts/0 00:00:00 bash -c ps -ef | grep xinetd
|
5、yum模块远程安装服务:
1
| [iyunv@xiaoluo ansible]# ansible client -m yum -a "name=httpd state=present"
|
远程shell方式启动服务:
1
| [iyunv@xiaoluo ansible]#ansible keepalived -m shell -a "service httpd restart"
|
以service模块来管理启动:
1
| [iyunv@xiaoluo ansible]# ansible client -m service -a "name=httpd state=restarted"
|
6、推送文件模块:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| [iyunv@xiaoluo ~]# ansible client -m copy -a "src=/root/xiaoluo.txt dest=/tmp"
192.168.63.192 | SUCCESS => {
"changed": true,
"checksum": "4ecf4faee5813e8d0fd9c4d94ed93306c0ac0527",
"dest": "/tmp/xiaoluo.txt",
"gid": 0,
"group": "root",
"md5sum": "fdf76f6cfbca661e39e0bf710ae8b310",
"mode": "0755",
"owner": "root",
"size": 13,
"src": "/root/.ansible/tmp/ansible-tmp-1458448180.46-3214309858488/source",
"state": "file",
"uid": 0
}
|
远程查看文件:
1
2
3
4
5
| [iyunv@xiaoluo ~]# ansible client -a "cat /tmp/xiaoluo.txt"
192.168.63.198 | SUCCESS | rc=0 >>
xiaoluo.text
192.168.63.192 | SUCCESS | rc=0 >>
xiaoluo.text
|
7、修改用户的权限:
远程查看文件权限:
1
2
3
4
5
| [iyunv@xiaoluo ~]# ansible client -a "ls -l /tmp/xiaoluo.txt"
192.168.63.198 | SUCCESS | rc=0 >>
-rwxr-xr-x 1 root root 13 Mar 22 11:19 /tmp/xiaoluo.txt
192.168.63.192 | SUCCESS | rc=0 >>
-rwxr-xr-x 1 root root 13 Mar 22 11:19 /tmp/xiaoluo.txt
|
修改所属组和用户:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
| [iyunv@xiaoluo ~]# ansible client -m file -a "dest=/tmp/xiaoluo.txt mode=755 owner=xiaoluo group=xiaoluo"
192.168.63.192 | SUCCESS => {
"changed": true,
"gid": 1002,
"group": "xiaoluo",
"mode": "0755",
"owner": "xiaoluo",
"path": "/tmp/xiaoluo.txt",
"size": 13,
"state": "file",
"uid": 1002
}
192.168.63.198 | SUCCESS => {
"changed": false,
"gid": 1002,
"group": "xiaoluo",
"mode": "0755",
"owner": "xiaoluo",
"path": "/tmp/xiaoluo.txt",
"size": 13,
"state": "file",
"uid": 1002
}
|
查看权限修改:
1
2
3
| [iyunv@xiaoluo ~]# ansible client -a "ls -l /tmp/xiaoluo.txt"
192.168.63.198 | SUCCESS | rc=0 >>-rwxr-xr-x 1 xiaoluo xiaoluo 13 Mar 22 11:19 /tmp/xiaoluo.txt
192.168.63.192 | SUCCESS | rc=0 >>-rwxr-xr-x 1 xiaoluo xiaoluo 13 Mar 22 11:19 /tmp/xiaoluo.txt
|
8、客户端数据采集类似saltstack 的grain模块(只是显示一部分):
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
| [iyunv@xiaoluo ansible]# ansible client -m setup
192.168.63.198 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"172.17.2.1",
"192.168.63.198"
],
"ansible_all_ipv6_addresses": [
"fe80::20c:29ff:fe86:7901"
],
"ansible_architecture": "x86_64",
"ansible_bios_date": "06/02/2011",
"ansible_bios_version": "6.00",
"ansible_cmdline": {
"BOOT_IMAGE": "/vmlinuz-3.10.0-327.el7.x86_64",
"LANG": "en_US.UTF-8",
"crashkernel": "auto",
"quiet": true,
"rd.lvm.lv": "centos/swap",
"rhgb": true,
"ro": true,
"root": "/dev/mapper/centos-root"
},
|
还有很多模块,这里只是一小部分,当然还有一个强大的playbook后续继续更新。
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2016-3-23 09:31:19
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡