ansible安裝、配置ssh、hosts、測試連接


1、安裝ansible

1.1、源碼安裝

源碼安裝參照 https://www.cnblogs.com/guxiong/p/7218717.html

[root@kube-node3 ~]# tar xf ansible-1.7.2.tar.gz -C /usr/local/

[root@kube-node3 ~]# cd /usr/local/ansible-1.7.2/
[root@kube-node3 ansible-1.7.2]# python setup.py install

配置文件:

[root@kube-node3 ~]# find / -name ansible.cfg
/usr/local/ansible-1.7.2/examples/ansible.cfg
/usr/local/ansible-1.7.2/test/units/ansible.cfg

[root@kube-node3 ~]# cd /usr/local/ansible-1.7.2/examples
[root@kube-node3 examples]# ls
ansible.cfg DOCUMENTATION.yml hosts issues playbooks scripts

[root@kube-node3 ~]# mkdir /etc/ansible

[root@kube-node3 examples]# cp ansible.cfg hosts /etc/ansible/

 

1.2、yum安裝(推薦)

rpm包安裝 https://www.jianshu.com/p/b411608a17bf

[root@kube-node3 ~]# yum install -y ansible

查看版本:

[root@kube-node3 ~]# ansible --version
ansible 1.7.2

 

1.3、pip安裝

python3 -m pip install ansible

 

2、配置ssh登錄

服務端:192.168.0.64 客戶端:192.168.0.65

一鍵生成非交互式秘鑰對

ssh-keygen -t rsa -f /root/.ssh/id_rsa -P ""

然后把公鑰(id_rsa.pub)拷貝到客戶端上:

ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.0.65

本機也要拷貝:

cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys

chmod 600 /root/.ssh/authorized_keys      # 必須是600, 否則用ansible連接本機報錯

在服務端測試ssh是否可以登錄



3、配置主機組

如果沒有ansible目錄創建即可

mkdir -p /etc/ansible/
touch /etc/ansible/hosts
cat > /etc/ansible/hosts << EOF
[k8s]
192.168.0.91
192.168.0.92
192.168.0.93
192.168.0.94
[test1]
192.168.0.91
[test2]
192.168.0.92
[test3]
192.168.0.93
[test4]
192.168.0.94 EOF
4、創建、配置ansible配置文件 touch /etc/ansible/ansible.cfg cat > /etc/ansible/ansible.cfg << EOF [defaults] inventory = /etc/ansible/hosts sudo_user=root remote_port=22 host_key_checking=False remote_user=root log_path=/var/log/ansible.log module_name=command private_key_file=/root/.ssh/id_rsa #關閉報錯信息顯示 deprecation_warnings=False pipelining = True #不收集系統變量 gather_facts: no #開啟時間顯示 callback_whitelist = profile_tasks #關閉秘鑰檢測 host_key_cheking=False EOF 測試: [root@test2 ~]# time ansible -m ping all 127.0.0.1 | SUCCESS => { "changed": false, "ping": "pong" } 192.168.0.92 | SUCCESS => { "changed": false, "ping": "pong" } real 0m10.623s user 0m7.961s sys 0m1.075s 報錯解決: "msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!" 出現這個的原因是因為selinux開着的,關閉即可。安裝libselinux-python是不管用的 查看當前selinux的狀態命令為 getenforce cat > /etc/selinux/config << EOF # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of three two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted EOF 兩個都要關。注意先看看有么有這兩個文件,如果沒有就創建一個,否則后期會出現很多問題 sed -i 's/enforcing/disabled/g' /etc/selinux/config sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux 再次查看當前selinux的狀態命令為 getenforce

 


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM