1.Ansible的安装##
pip install ansible==1.9.1
ansible1.9.1版本依赖的软件有
Python2.6以上版本
paramiko模块
PyYAML
Jinja2
httplib2
被管理端linux需要有python2.6以上的环境
2.Ansible配置运行环境##
1.配置文件路径
ini格式存储数据形式
ansible配置文件的查找顺序
(1).检查环境变量ANSIBLE_CONFIG指向的路径文件(export ANSIBLE_CONFIG=/etc/ansible.cfg)
(2).~/.ansible.cfg,检查当前目录下的ansible.cfg配置文件
(3)./etc/ansible.cfg 检查etc目录的配置文件
2.配置文件配置项
1.inventory:主机清单文件
2.libray:指向存放ansible模块的目录,
3.forks: 多进程跑任务,多进程数
4.sudo_user: 默认执行命令的用户
5.remote_port: 连接节点的管理端口,默认22
6.host_key_checking:是否检查ssh主机的秘钥,值可以写作true和false;(known_hosts中有了之前不通的秘钥信息,忽略)
7.timeout: 设置ssh连接的超时时间,单位是秒,不是数据返回的超时,切记
8.log_path: ansible默认是不记录日志的,如果要输出记录到日志文件中,可以设置一个文件存储ansible日志的文件(log_path = /var/log/ansible.log),模块会调用节点的syslog来记录,口令不会出现在日志中
3.无密码,公钥访问
# 管理端生成自己的公钥
$ ssh-keygen
(一路回车)
# 把公钥分发到节点上
$ ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.1.111
# 连接测试
$ ssh root@192.168.1.111
3.Ansible小试身手##
[admin@host-10-187-196-225 ~]$ ansible --version
ansible 1.9.1
configured module search path = None
1.联通性测试
/tmp/hosts(里面写一条数据10.187.109.116)
2.分组主机都进行联通性检测
vim /tmp/hosts
[webservers]
10.187.109.116
10.189.92.46
4.Ansible在被管理节点上执行命令##
使用ansible提供的shell模块来跑
5.Ansible的帮助信息##
ansible-doc工具的使用
1.ansible-doc -l列出可使用的模块
[admin@host-10-187-196-225 tmp]$ ansible-doc -l
less 436
Copyright (C) 1984-2009 Mark Nudelman
less comes with NO WARRANTY, to the extent permitted by law.
For information about the terms of redistribution,
see the file named README in the less distribution.
Homepage: http://www.greenwoodsoftware.com/less
a10_server Manage A10 Networks AX/SoftAX/Thunder/vThunder devices
a10_service_group Manage A10 Networks AX/SoftAX/Thunder/vThunder devices
a10_virtual_server Manage A10 Networks AX/SoftAX/Thunder/vThunder devices
acl Sets and retrieves file ACL information.
add_host add a host (and alternatively a group) to the ansible-playbook in-memory inventory
airbrake_deployment Notify airbrake about app deployments
alternatives Manages alternative programs for common commands
apache2_module enables/disables a module of the Apache2 webserver
apt Manages apt-packages
apt_key Add or remove an apt key
apt_repository Add and remove APT repositories
apt_rpm apt_rpm package manager
assemble Assembles a configuration file from fragments
assert Fail with custom message
at Schedule the execution of a command or script file via the at command.
authorized_key Adds or removes an SSH authorized key
azure create or terminate a virtual machine in azure
bigip_facts Collect facts from F5 BIG-IP devices
bigip_monitor_http Manages F5 BIG-IP LTM http monitors
bigip_monitor_tcp Manages F5 BIG-IP LTM tcp monitors
bigip_node Manages F5 BIG-IP LTM nodes
bigip_pool Manages F5 BIG-IP LTM pools
bigip_pool_member Manages F5 BIG-IP LTM pool members
bigpanda Notify BigPanda about deployments
boundary_meter Manage boundary meters
bower Manage bower packages with bower
bzr Deploy software (or files) from bzr branches
campfire Send a message to Campfire
capabilities Manage Linux capabilities
cloudformation create a AWS CloudFormation stack
command Executes a command on a remote node
composer Dependency Manager for PHP
copy Copies files to remote locations.
cpanm Manages Perl library dependencies.
cron Manage cron.d and crontab entries.
crypttab Encrypted Linux block devices
datadog_event Posts events to DataDog service
debconf Configure a .deb package
debug Print statements during execution
digital_ocean Create/delete a droplet/SSH_key in DigitalOcean
digital_ocean_domain Create/delete a DNS record in DigitalOcean
digital_ocean_sshkey Create/delete an SSH key in DigitalOcean
django_manage Manages a Django application.
2.ansible-doc -s列出模块支持的动作
[admin@host-10-187-196-225 tmp]$ ansible-doc -s shell
less 436
Copyright (C) 1984-2009 Mark Nudelman
less comes with NO WARRANTY, to the extent permitted by law.
For information about the terms of redistribution,
see the file named README in the less distribution.
Homepage: http://www.greenwoodsoftware.com/less
- name: E x e c u t e c o m m a n d s i n n o d e s .
action: shell
chdir # cd into this directory before running the command
creates # a filename, when it already exists, this step will *not* be run.
executable # change the shell used to execute the command. Should be an absolute path to the executable.
free_form= # The shell module takes a free form command to run, as a string. There's not an actual option named "free form". See the examples!
removes # a filename, when it does not exist, this step will *not* be run.
warn # if command warnings are on in ansible.cfg, do not warn about this particular line if set to no/false.
3.ansible-doc 模块名 显示该模块的描述和使用示例
$ ansible-doc shell
> SHELL
The [shell] module takes the command name followed by a list of
space-delimited arguments. It is almost exactly like the [command]
module but runs the command through a shell (`/bin/sh') on the
remote node.
Options (= is mandatory):
- chdir
cd into this directory before running the command [Default:
None]
- creates
a filename, when it already exists, this step will *not* be
run. [Default: None]
- executable
change the shell used to execute the command. Should be an
absolute path to the executable. [Default: None]
= free_form
The shell module takes a free form command to run, as a
string. There's not an actual option named "free form". See
the examples! [Default: None]
- removes
a filename, when it does not exist, this step will *not* be
run. [Default: None]
- warn
if command warnings are on in ansible.cfg, do not warn about
this particular line if set to no/false. [Default: True]
Notes: If you want to execute a command securely and predictably, it may be
better to use the [command] module instead. Best practices
when writing playbooks will follow the trend of using
[command] unless [shell] is explicitly required. When running
ad-hoc commands, use your best judgement. To sanitize any
variables passed to the shell module, you should use "{{ var |
quote }}" instead of just "{{ var }}" to make sure they don't
include evil things like semicolons.
EXAMPLES:
# Execute the command in remote shell; stdout goes to the specified
# file on the remote.
- shell: somescript.sh >> somelog.txt
# Change the working directory to somedir/ before executing the command.
- shell: somescript.sh >> somelog.txt chdir=somedir/
# You can also use the 'args' form to provide the options. This command
# will change the working directory to somedir/ and will only run when
# somedir/somelog.txt doesn't exist.
- shell: somescript.sh >> somelog.txt
args:
chdir: somedir/
creates: somelog.txt
4.ansible调试脚本过程中,获取执行过程详细信息,后面加上-vvv
