1.Ansible的安裝##
pip install ansible==1.9.1
ansible1.9.1版本依賴的軟件有
Python2.6以上版本
paramiko模塊
PyYAML
Jinja2
httplib2
被管理端linux需要有python2.6以上的環境
2.Ansible配置運行環境##
1.配置文件路徑
ini格式存儲數據形式
ansible配置文件的查找順序
(1).檢查環境變量ANSIBLE_CONFIG指向的路徑文件(export ANSIBLE_CONFIG=/etc/ansible.cfg)
(2).~/.ansible.cfg,檢查當前目錄下的ansible.cfg配置文件
(3)./etc/ansible.cfg 檢查etc目錄的配置文件
2.配置文件配置項
1.inventory:主機清單文件
2.libray:指向存放ansible模塊的目錄,
3.forks: 多進程跑任務,多進程數
4.sudo_user: 默認執行命令的用戶
5.remote_port: 連接節點的管理端口,默認22
6.host_key_checking:是否檢查ssh主機的秘鑰,值可以寫作true和false;(known_hosts中有了之前不通的秘鑰信息,忽略)
7.timeout: 設置ssh連接的超時時間,單位是秒,不是數據返回的超時,切記
8.log_path: ansible默認是不記錄日志的,如果要輸出記錄到日志文件中,可以設置一個文件存儲ansible日志的文件(log_path = /var/log/ansible.log),模塊會調用節點的syslog來記錄,口令不會出現在日志中
3.無密碼,公鑰訪問
# 管理端生成自己的公鑰
$ ssh-keygen
(一路回車)
# 把公鑰分發到節點上
$ ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.1.111
# 連接測試
$ ssh root@192.168.1.111
3.Ansible小試身手##
[admin@host-10-187-196-225 ~]$ ansible --version
ansible 1.9.1
configured module search path = None
1.聯通性測試
/tmp/hosts(里面寫一條數據10.187.109.116)
2.分組主機都進行聯通性檢測
vim /tmp/hosts
[webservers]
10.187.109.116
10.189.92.46
4.Ansible在被管理節點上執行命令##
使用ansible提供的shell模塊來跑
5.Ansible的幫助信息##
ansible-doc工具的使用
1.ansible-doc -l列出可使用的模塊
[admin@host-10-187-196-225 tmp]$ ansible-doc -l
less 436
Copyright (C) 1984-2009 Mark Nudelman
less comes with NO WARRANTY, to the extent permitted by law.
For information about the terms of redistribution,
see the file named README in the less distribution.
Homepage: http://www.greenwoodsoftware.com/less
a10_server Manage A10 Networks AX/SoftAX/Thunder/vThunder devices
a10_service_group Manage A10 Networks AX/SoftAX/Thunder/vThunder devices
a10_virtual_server Manage A10 Networks AX/SoftAX/Thunder/vThunder devices
acl Sets and retrieves file ACL information.
add_host add a host (and alternatively a group) to the ansible-playbook in-memory inventory
airbrake_deployment Notify airbrake about app deployments
alternatives Manages alternative programs for common commands
apache2_module enables/disables a module of the Apache2 webserver
apt Manages apt-packages
apt_key Add or remove an apt key
apt_repository Add and remove APT repositories
apt_rpm apt_rpm package manager
assemble Assembles a configuration file from fragments
assert Fail with custom message
at Schedule the execution of a command or script file via the at command.
authorized_key Adds or removes an SSH authorized key
azure create or terminate a virtual machine in azure
bigip_facts Collect facts from F5 BIG-IP devices
bigip_monitor_http Manages F5 BIG-IP LTM http monitors
bigip_monitor_tcp Manages F5 BIG-IP LTM tcp monitors
bigip_node Manages F5 BIG-IP LTM nodes
bigip_pool Manages F5 BIG-IP LTM pools
bigip_pool_member Manages F5 BIG-IP LTM pool members
bigpanda Notify BigPanda about deployments
boundary_meter Manage boundary meters
bower Manage bower packages with bower
bzr Deploy software (or files) from bzr branches
campfire Send a message to Campfire
capabilities Manage Linux capabilities
cloudformation create a AWS CloudFormation stack
command Executes a command on a remote node
composer Dependency Manager for PHP
copy Copies files to remote locations.
cpanm Manages Perl library dependencies.
cron Manage cron.d and crontab entries.
crypttab Encrypted Linux block devices
datadog_event Posts events to DataDog service
debconf Configure a .deb package
debug Print statements during execution
digital_ocean Create/delete a droplet/SSH_key in DigitalOcean
digital_ocean_domain Create/delete a DNS record in DigitalOcean
digital_ocean_sshkey Create/delete an SSH key in DigitalOcean
django_manage Manages a Django application.
2.ansible-doc -s列出模塊支持的動作
[admin@host-10-187-196-225 tmp]$ ansible-doc -s shell
less 436
Copyright (C) 1984-2009 Mark Nudelman
less comes with NO WARRANTY, to the extent permitted by law.
For information about the terms of redistribution,
see the file named README in the less distribution.
Homepage: http://www.greenwoodsoftware.com/less
- name: E x e c u t e c o m m a n d s i n n o d e s .
action: shell
chdir # cd into this directory before running the command
creates # a filename, when it already exists, this step will *not* be run.
executable # change the shell used to execute the command. Should be an absolute path to the executable.
free_form= # The shell module takes a free form command to run, as a string. There's not an actual option named "free form". See the examples!
removes # a filename, when it does not exist, this step will *not* be run.
warn # if command warnings are on in ansible.cfg, do not warn about this particular line if set to no/false.
3.ansible-doc 模塊名 顯示該模塊的描述和使用示例
$ ansible-doc shell
> SHELL
The [shell] module takes the command name followed by a list of
space-delimited arguments. It is almost exactly like the [command]
module but runs the command through a shell (`/bin/sh') on the
remote node.
Options (= is mandatory):
- chdir
cd into this directory before running the command [Default:
None]
- creates
a filename, when it already exists, this step will *not* be
run. [Default: None]
- executable
change the shell used to execute the command. Should be an
absolute path to the executable. [Default: None]
= free_form
The shell module takes a free form command to run, as a
string. There's not an actual option named "free form". See
the examples! [Default: None]
- removes
a filename, when it does not exist, this step will *not* be
run. [Default: None]
- warn
if command warnings are on in ansible.cfg, do not warn about
this particular line if set to no/false. [Default: True]
Notes: If you want to execute a command securely and predictably, it may be
better to use the [command] module instead. Best practices
when writing playbooks will follow the trend of using
[command] unless [shell] is explicitly required. When running
ad-hoc commands, use your best judgement. To sanitize any
variables passed to the shell module, you should use "{{ var |
quote }}" instead of just "{{ var }}" to make sure they don't
include evil things like semicolons.
EXAMPLES:
# Execute the command in remote shell; stdout goes to the specified
# file on the remote.
- shell: somescript.sh >> somelog.txt
# Change the working directory to somedir/ before executing the command.
- shell: somescript.sh >> somelog.txt chdir=somedir/
# You can also use the 'args' form to provide the options. This command
# will change the working directory to somedir/ and will only run when
# somedir/somelog.txt doesn't exist.
- shell: somescript.sh >> somelog.txt
args:
chdir: somedir/
creates: somelog.txt
4.ansible調試腳本過程中,獲取執行過程詳細信息,后面加上-vvv
