導航欄介紹
# viewes
Dashboard 儀表盤展示信息的
Jobs 跑過的任務記錄
Schedules 計划任務
My View 查看用戶的工作模版,和任務記錄
# resources
Templates 任務模版,配置調用playbook執行時的各種參數,從此處添加計划任務
Credentials 配置連接 機器/雲主機api Key/自定義的憑證類型 的賬號密碼等信息
Projects 這里配置項目對應的playbook,可以從Git上拉取或從本地文件夾讀取playbook
Inventories 資產清單
Inventory Scripts 自定義獲取資產清單的腳本
# access
Organizations 組織管理
Users 用戶管理
Teams 用戶組管理
# Administration
Credential Types 自定義憑證類型,添加后可在Credentials中使用
Notifications 配置任務通知,支持電子郵件,Twillio電話等
Management Jobs 計划任務管理
Instance Groups 資產組管理
Applications 自定義應用
Settings 設置
打開ssh權限
- [xiaoxin@iZ2ze8ow1gy3uiub8glqqzZ ~]$ sudo vim /etc/ansible/ansible.cfg
- host_key_checking = False
創建賬號
- [root@iZ2ze8ow1gy3uiub8glqqzZ ~]# useradd xiaoxin
- [root@iZ2ze8ow1gy3uiub8glqqzZ ~]# passwd xiaoxin
- Changing password for user xiaoxin.
- New password:
- Retype new password:
- passwd: all authentication tokens updated successfully.
提權root權限
- [root@iZ2ze8ow1gy3uiub8glqqzZ ~]# visudo
- ## Allow root to run any commands anywhere
- root ALL=(ALL) ALL
- xiaoxin ALL=(ALL) NOPASSWD: ALL
創建密鑰
- root@iZ2ze8ow1gy3uiub8glqqzZ ~]# su - xiaoxin
- [xiaoxin@iZ2ze8ow1gy3uiub8glqqzZ ~]$ ll
- total 0
- [xiaoxin@iZ2ze8ow1gy3uiub8glqqzZ ~]$ ssh-keygen -t rsa
創建管理目標服務器的認證方式
Now type credentials ‘NAME‘ and ‘DESCRIPTION‘, then specify the ‘CREDENTIAL TYPE‘ to ‘Machine‘.
Simply, the ‘Machine’ credential will allow you to use the SSH authentication for managing servers. Its support for both password and key-based authentications.
For this guide, we will be using the key-based authentication. So, type the username and paste the private keys for that user.
私鑰認證
上面的是私鑰,必須得免密到目標機器
- [xiaoxin@iZ2ze8ow1gy3uiub8glqqzZ ~]$ ssh-copy-id -i /home/xiaoxin/.ssh/id_rsa.pub xiaoxin@10.0.0.94
- /bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/xiaoxin/.ssh/id_rsa.pub"
- /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
- /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
- xiaoxin@10.0.0.94's password:
- Number of key(s) added: 1
- Now try logging into the machine, with: "ssh 'xiaoxin@10.0.0.94'"
- and check to make sure that only the key(s) you wanted were added.
密碼認證
創建Inventories
通過Inventories定義通過Ansible tower管理的主機群組。Inventories允許你為幾個服務器創建一個組,並且還能很方便的去管理不同的服務器和它們所依賴的環境變量。為了去管理操作服務器,我們必須去創建一個新的inventory group 並且給這組中添加服務器。
同樣,點擊ansible tower左側的菜單Inventories,接着點擊右邊的+按鈕,並選擇Inventory:
點擊inventory—-輸入描述內容
接着點解頁面上方的主機(HOSTS)按鈕,並點擊右側的+,為這個inventory添加主機,
填寫主機名( HOST NAME),描述(DESCRIPTION),並且在VARIABLES中,填入目標主機的IP地址 “ansible_host: 10.0.0.94″,並點擊保存(SAVE)。
接着我們在頁面下方可以看到我們剛才創建的inventory中新添加的hosts,為了確保host的配置,我們可以通過ping命令來檢查該host,選中添加的主機前邊的復選框,並且點擊RUN COMMANDS按鈕。
執行后的結果
