通过Yum安装最新发布版本ansible

RHEL/CentOS 6:

# yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm

RHEL/CentOS 7:

# yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

[root@db135 ~]# yum -y install ansible

[root@db135 ~]# cp /etc/ansible/hosts  /etc/ansible/hosts.bak
[root@db135 ~]# grep -Ev  '#|^$' /etc/ansible/hosts
[test_server]
192.168.142.135
192.168.142.136
192.168.142.137
[root@db135 ~]# 
cat >>/etc/hosts <<"EOF"

192.168.142.135 db135 192.168.142.136 db136 192.168.142.137 db137
EOF

ssh互信配置

[root@db135 ~]# # 一路回车，每个机器都需要操作
[root@db135 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
30:13:ea:53:9d:d7:36:59:75:85:93:cb:1d:81:88:a9 root@db135
The key's randomart image is:
+--[ RSA 2048]----+
|      .   o . o=*|
|     . o + o ++..|
|    . = + . =. +.|
|   . . E . . .o .|
|    o   S        |
|     .           |
|                 |
|                 |
|                 |
+-----------------+

# 该操作只在一个机器上执行
[root@db135 ~]# cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
[root@db135 ~]# ssh root@192.168.142.136 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
root@192.168.142.136's password: 
[root@db135 ~]# ssh root@192.168.142.137 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
The authenticity of host '192.168.142.137 (192.168.142.137)' can't be established.
RSA key fingerprint is 47:cc:e4:8f:31:31:a2:43:6d:b5:43:f2:f5:73:20:37.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.142.137' (RSA) to the list of known hosts.
root@192.168.142.137's password: 
[root@db135 ~]# 
[root@db135 ~]# scp ~/.ssh/authorized_keys root@192.168.142.136:~/.ssh/authorized_keys
root@192.168.142.136's password: 
authorized_keys                                                                                                                                            100% 1176     1.2KB/s   00:00    
[root@db135 ~]# scp ~/.ssh/authorized_keys root@192.168.142.137:~/.ssh/authorized_keys
root@192.168.142.137's password: 
authorized_keys                                                                                                                                            100% 1176     1.2KB/s   00:00    
[root@db135 ~]# 

#
[root@db135 ~]# ssh-agent bash
[root@db135 ~]# ssh-add ~/.ssh/id_rsa
Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa)
[root@db135 ~]#

现在ping 你的所有节点

[root@db135 ~]# ansible all -m ping
192.168.142.136 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
192.168.142.137 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
192.168.142.135 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
[root@db135 ~]# 

# Ansible会像SSH那样试图用你的当前用户名来连接你的远程机器.要覆写远程用户名,只需使用’-u’参数. 如果你想访问 sudo模式,这里也有标识(flags)来实现:
```
# as bruce
$ ansible all -m ping -u bruce
# as bruce, sudoing to root $ ansible all -m ping -u bruce --sudo # as bruce, sudoing to batman $ ansible all -m ping -u bruce --sudo --sudo-user batman

现在对你的所有节点运行一个命令

[root@db135 ~]# ansible all -a "/bin/echo hello"
192.168.142.136 | SUCCESS | rc=0 >>
hello

192.168.142.137 | SUCCESS | rc=0 >>
hello

192.168.142.135 | SUCCESS | rc=0 >>
hello

[root@db135 ~]# ansible all -a "/bin/echo ifconfig eth0"
192.168.142.137 | SUCCESS | rc=0 >>
ifconfig eth0

192.168.142.136 | SUCCESS | rc=0 >>
ifconfig eth0

192.168.142.135 | SUCCESS | rc=0 >>
ifconfig eth0

[root@db135 ~]#

公钥认证

Ansible1.2.1及其之后的版本都会默认启用公钥认证.

如果有个主机重新安装并在“known_hosts”中有了不同的key,这会提示一个错误信息直到被纠正为止.在使用Ansible时,你可能不想遇到这样的情况:如果有个主机没有在“known_hosts”中被初始化将会导致在交互使用Ansible或定时执行Ansible时对key信息的确认提示.

如果你想禁用此项行为并明白其含义,你能够通过编辑 /etc/ansible/ansible.cfg or ~/.ansible.cfg来实现:

[root@db135 ~]# grep -Ev '#|^$' /etc/ansible/ansible.cfg
[defaults]
host_key_checking = False

测试命令使用

[root@db135 ~]# ansible test_server -a "/sbin/reboot" -f 1
192.168.142.136 | SUCCESS | rc=0 >>


192.168.142.137 | SUCCESS | rc=0 >>


[root@db135 ~]#

[root@db135 ~]# ansible test_server -m shell -a "echo $TERM"
192.168.142.136 | SUCCESS | rc=0 >>
xterm

192.168.142.137 | SUCCESS | rc=0 >>
xterm

[root@db135 ~]# ansible test_server -m shell -a "hostname"
192.168.142.137 | SUCCESS | rc=0 >>
db137

192.168.142.136 | SUCCESS | rc=0 >>
db136

[root@db135 ~]#

[root@db135 ~]# ansible test_server -m copy -a "src=/etc/hosts dest=/tmp/hosts"
192.168.142.137 | SUCCESS => {
    "changed": true, 
    "checksum": "4e4e1df4aaa865802bc77e47a6fd9b874cb01d3e", 
    "dest": "/tmp/hosts", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "7a4ec3dca1a8ab6735757389fb8c1167", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:admin_home_t:s0", 
    "size": 225, 
    "src": "/root/.ansible/tmp/ansible-tmp-1557239838.75-194731858351390/source", 
    "state": "file", 
    "uid": 0
}
192.168.142.136 | SUCCESS => {
    "changed": true, 
    "checksum": "4e4e1df4aaa865802bc77e47a6fd9b874cb01d3e", 
    "dest": "/tmp/hosts", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "7a4ec3dca1a8ab6735757389fb8c1167", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:admin_home_t:s0", 
    "size": 225, 
    "src": "/root/.ansible/tmp/ansible-tmp-1557239838.73-197823404225474/source", 
    "state": "file", 
    "uid": 0
}
[root@db135 ~]#

[root@db135 ~]# ansible test_server -a "yum -y install libselinux-python"
 [WARNING]: Consider using the yum module rather than running yum.  If you need to use command because yum is insufficient
you can add warn=False to this command task or set command_warnings=False in ansible.cfg to get rid of this message.

192.168.142.137 | SUCCESS | rc=0 >>
Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
 * base: mirrors.zju.edu.cn
 * extras: mirrors.zju.edu.cn
 * updates: mirror.jdcloud.com
Package libselinux-python-2.0.94-7.el6.x86_64 already installed and latest version
Nothing to do

192.168.142.136 | SUCCESS | rc=0 >>
Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
 * base: mirrors.huaweicloud.com
 * extras: mirrors.huaweicloud.com
 * updates: mirrors.tuna.tsinghua.edu.cn
Package libselinux-python-2.0.94-7.el6.x86_64 already installed and latest version
Nothing to do

[root@db135 ~]#

递归删除

[root@db135 ~]# ansible test_server -m file -a "dest=/tmp/hosts.bak state=absent"
192.168.142.137 | SUCCESS => {
    "changed": true, 
    "path": "/tmp/hosts.bak", 
    "state": "absent"
}
192.168.142.136 | SUCCESS => {
    "changed": true, 
    "path": "/tmp/hosts.bak", 
    "state": "absent"
}
[root@db135 ~]#

[root@db135 ~]# ansible test_server -m copy  -a "src=/etc/passwd dest=/tmp/passwd.bak"
192.168.142.137 | SUCCESS => {
    "changed": true, 
    "checksum": "2b92afe70ec070ec4c3e4ed129a7c63ad549be43", 
    "dest": "/tmp/passwd.bak", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "6648d8d5dd5094e1a41af8ddfaae84a2", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:admin_home_t:s0", 
    "size": 854, 
    "src": "/root/.ansible/tmp/ansible-tmp-1557240132.05-59533119594972/source", 
    "state": "file", 
    "uid": 0
}
192.168.142.136 | SUCCESS => {
    "changed": true, 
    "checksum": "2b92afe70ec070ec4c3e4ed129a7c63ad549be43", 
    "dest": "/tmp/passwd.bak", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "6648d8d5dd5094e1a41af8ddfaae84a2", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:admin_home_t:s0", 
    "size": 854, 
    "src": "/root/.ansible/tmp/ansible-tmp-1557240132.04-113124050984724/source", 
    "state": "file", 
    "uid": 0
}
[root@db135 ~]#

[root@db135 ~]# ansible test_server -m yum -a "name=zip state=present"
192.168.142.137 | SUCCESS => {
    "changed": false, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "zip-3.0-1.el6_7.1.x86_64 providing zip is already installed"
    ]
}
192.168.142.136 | SUCCESS => {
    "changed": true, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "Loaded plugins: fastestmirror\nSetting up Install Process\nLoading mirror speeds from cached hostfile\n * base: mirrors.huaweicloud.com\n * extras: mirrors.huaweicloud.com\n * updates: mirrors.tuna.tsinghua.edu.cn\nResolving Dependencies\n--> Running transaction check\n---> Package zip.x86_64 0:3.0-1.el6_7.1 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package       Arch             Version                    Repository      Size\n================================================================================\nInstalling:\n zip           x86_64           3.0-1.el6_7.1              base           259 k\n\nTransaction Summary\n================================================================================\nInstall       1 Package(s)\n\nTotal download size: 259 k\nInstalled size: 804 k\nDownloading Packages:\nRunning rpm_check_debug\nRunning Transaction Test\nTransaction Test Succeeded\nRunning Transaction\n\r  Installing : zip-3.0-1.el6_7.1.x86_64                                     1/1 \n\r  Verifying  : zip-3.0-1.el6_7.1.x86_64                                     1/1 \n\nInstalled:\n  zip.x86_64 0:3.0-1.el6_7.1                                                    \n\nComplete!\n"
    ]
}
[root@db135 ~]#

# yum 安装包
[root@db135 ~]# ansible test_server -m yum -a "name=zip"
192.168.142.136 | SUCCESS => {
    "changed": false, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "zip-3.0-1.el6_7.1.x86_64 providing zip is already installed"
    ]
}
192.168.142.137 | SUCCESS => {
    "changed": false, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "zip-3.0-1.el6_7.1.x86_64 providing zip is already installed"
    ]
}
[root@db135 ~]#

添加删除用户

[root@db135 ~]# ansible test_server -m user -a "name=user1 password=user1pwd"
192.168.142.137 | SUCCESS => {
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 500, 
    "home": "/home/user1", 
    "name": "user1", 
    "password": "NOT_LOGGING_PASSWORD", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 500
}
192.168.142.136 | SUCCESS => {
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 500, 
    "home": "/home/user1", 
    "name": "user1", 
    "password": "NOT_LOGGING_PASSWORD", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 500
}
[root@db135 ~]# ansible test_server -m user -a "name=user1 state=absent"
192.168.142.137 | SUCCESS => {
    "changed": true, 
    "force": false, 
    "name": "user1", 
    "remove": false, 
    "state": "absent"
}
192.168.142.136 | SUCCESS => {
    "changed": true, 
    "force": false, 
    "name": "user1", 
    "remove": false, 
    "state": "absent"
}
[root@db135 ~]#

创建目录

[root@db135 ~]# ansible test_server -m file -a 'path=/src/app state=directory'
192.168.142.136 | SUCCESS => {
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/src/app", 
    "secontext": "unconfined_u:object_r:default_t:s0", 
    "size": 4096, 
    "state": "directory", 
    "uid": 0
}
192.168.142.137 | SUCCESS => {
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/src/app", 
    "secontext": "unconfined_u:object_r:default_t:s0", 
    "size": 4096, 
    "state": "directory", 
    "uid": 0
}

[root@db135 ~]# ansible test_server -m shell -a 'ls /src/app -d '
192.168.142.136 | SUCCESS | rc=0 >>
/src/app

192.168.142.137 | SUCCESS | rc=0 >>
/src/app

删除目录

[root@db135 ~]# ansible test_server -m file -a 'path=/src/app state=absent'
192.168.142.137 | SUCCESS => {
    "changed": true, 
    "path": "/src/app", 
    "state": "absent"
}
192.168.142.136 | SUCCESS => {
    "changed": true, 
    "path": "/src/app", 
    "state": "absent"
}
[root@db135 ~]# ansible test_server -m shell -a 'ls /src/app/ -d'
192.168.142.136 | FAILED | rc=2 >>
ls: cannot access /src/app/: No such file or directorynon-zero return code

192.168.142.137 | FAILED | rc=2 >>
ls: cannot access /src/app/: No such file or directorynon-zero return code

[root@db135 ~]#

创建文件

[root@db135 ~]# ansible test_server -m file -a "path=/src/app/1.php state=touch"
192.168.142.137 | SUCCESS => {
    "changed": true, 
    "dest": "/src/app/1.php", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:default_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
192.168.142.136 | SUCCESS => {
    "changed": true, 
    "dest": "/src/app/1.php", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:default_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}

[root@db135 ~]# ansible test_server -m shell -a 'ls /src/app/1.php'
192.168.142.136 | SUCCESS | rc=0 >>
/src/app/1.php

192.168.142.137 | SUCCESS | rc=0 >>
/src/app/1.php

[root@db135 ~]#

删除文件

[root@db135 ~]# ansible test_server -m file -a "path=/src/app/1.php state=absent"
192.168.142.137 | SUCCESS => {
    "changed": true, 
    "path": "/src/app/1.php", 
    "state": "absent"
}
192.168.142.136 | SUCCESS => {
    "changed": true, 
    "path": "/src/app/1.php", 
    "state": "absent"
}
[root@db135 ~]# ansible test_server -m shell -a 'ls /src/app/1.php'
192.168.142.137 | FAILED | rc=2 >>
ls: cannot access /src/app/1.php: No such file or directorynon-zero return code

192.168.142.136 | FAILED | rc=2 >>
ls: cannot access /src/app/1.php: No such file or directorynon-zero return code

[root@db135 ~]#

参考资料：

https://ansible-tran.readthedocs.io/en/latest/docs/intro_getting_started.html

免责声明！

本站转载的文章为个人学习借鉴使用，本站对版权不负任何法律责任。如果侵犯了您的隐私权益，请联系本站邮箱yoyou2525@163.com删除。

猜您在找 jenkins如何实现重新发布历史构建记录里的版本 Ansible2.9.6 Yum安装数据可视化之图表篇（三）体验Power BI最新发布的AI图表:分解树《Java开发手册（嵩山版）》最新发布，速速下载！字体大宝库：18款最新发布的免费英文艺术字体通过自制yum源离线安装ansible Linux安装yum以及更新yum版本 centos7 yum 安装最新的nginx 1.16 yum 安装高版本Git RDIFramework.NET ━ .NET敏捷开发框架全新发布 V3.5版本 100%源码授权