Ansible是运维自动化工具中的一款优秀软件,用户可以使用Ansible自动部署应用程序,以此实现IT基础架构的全面部署。它基于SSH远程会话协议,不需要客户端程序,直接用SSH协议进行远程控制。
Ansible的专用术语对照表
control node: 控制节点,安装了Ansible 服务的主机,也称为 Ansible 控制端,主要是用来
发布运行任务、调用功能模块,以及对其他主机进行批量控制。
managed node:受控节点,被Ansible 服务所管理的主机,也被称为受控主机或客户端,是
模块命令的被执行对象。
inventory:主机清单,受控节点的列表,可以是IP 地址、主机名或者域名。
module:模块,用于实现特定功能的代码 Ansiblie 默认带有上千款模块,可以在 Ansible Galaxy 中选择更多的模块。
task:任务,要在Ansible 客户端上执行的操作。
playbook:剧本,通过YAML 语言编写的可重复执行的任务列表把重复性的操作写入到剧本文件中后,下次可直接调用剧本文件来执行这些操作。
role:角色,从Ansible 1.2 版本开始引入的新特性,用于结构化地组织剧本通过调用角色可实现一连串的功能。
1.设置虚拟机
RHEL8系统的镜像文件默认不带有Ansible服务程序,需要从Extra Packages for Enterprise Linux(EPEL)扩展软件包仓库获取,将“网络适配器”的“网络连接”选项调整为“桥接模式”,并将系统的网卡设置成“Automatic(DHCP)”模式。
![图片[1]-第9章 Ansible服务实现自动化运维-9.1 Ansible 安装-大赛人网](https://www.dsrw.com/wp-content/uploads/2023/03/图片5.png)
![图片[2]-第9章 Ansible服务实现自动化运维-9.1 Ansible 安装-大赛人网](https://www.dsrw.com/wp-content/uploads/2023/03/图片6.png)
[root@dsrw ~]# nmcli connection up ens160
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/11)
[root@dsrw ~]# ping -c 4 www.baidu.com
PING www.a.shifen.com (39.156.66.18) 56(84) bytes of data.
64 bytes from 39.156.66.18 (39.156.66.18): icmp_seq=1 ttl=52 time=59.5 ms
64 bytes from 39.156.66.18 (39.156.66.18): icmp_seq=2 ttl=52 time=59.3 ms
64 bytes from 39.156.66.18 (39.156.66.18): icmp_seq=3 ttl=52 time=59.5 ms
64 bytes from 39.156.66.18 (39.156.66.18): icmp_seq=4 ttl=52 time=60.1 ms
--- www.a.shifen.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 9ms
rtt min/avg/max/mdev = 59.291/59.592/60.107/0.308 ms
2.配置软件仓库配置,添加EPEL扩展软件包安装源的信息
[root@dsrw ~]# vim /etc/yum.repos.d/rhel.repo
[[BaseOS]
name=-BaseOS
baseurl=file:///mnt/cdrom/BaseOS
gpgcheck=0
enabled=1
[AppStream]
name=AppStream
baseurl=file:///mnt/cdrom/AppStream
gpgcheck=0
enabled=1
[EPEL]
name=EPEL
baseurl=https://mirrors.aliyun.com/epel/8/Everything/x86_64/
gpgcheck=0
enabled=1
3.安装ansible方法1
[root@dsrw ~]#dnf install - y ansible
[root@dsrw yum.repos.d]# dnf install -y ansible
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Repository AppStream is listed more than once in the configuration
Repository BaseOS is listed more than once in the configuration
AppStream 9.0 kB/s | 3.2 kB 00:00
BaseOS 2.7 MB/s | 2.7 kB 00:00
EPEL 26 kB/s | 13 MB 08:31
错误:
问题: conflicting requests
- nothing provides python3.9dist(ansible-core) needed by ansible-6.3.0-1.el8.noarch
- nothing provides /usr/bin/python3.9 needed by ansible-6.3.0-1.el8.noarch
- nothing provides (python3.9dist(ansible-core) >= 2.13.3 with python3.9dist(ansible-core) < 2.14) needed by ansible-6.3.0-1.el8.noarch
- nothing provides python(abi) = 3.9 needed by ansible-6.3.0-1.el8.noarch
(try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)
由于centos官方停更了,导致使用阿里云的epel源下载不了,需要使用本地epel源来使用
因为官方对 RHEL8 的调整,现在通过 EPEL 仓库已无法安装 Ansible 软件,可以通过以下方法进行安装。
安装ansible方法2
[root@dsrw ~]# cd /etc/yum.repos.d
[root@dsrw yum.repos.d]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2495 100 2495 0 0 6397 0 --:--:-- --:--:-- --:--:-- 6397
[root@dsrw yum.repos.d]# ls
CentOS-Base.repo redhat.repo redhat.repo_bak rhel8.repo
[root@dsrw yum.repos.d]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
[root@dsrw yum.repos.d]# dnf -y install centos-release-ansible-29-1-2.el8.noarch
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Repository AppStream is listed more than once in the configuration
CentOS-8.5.2111 - AppStream - mirrors.aliyun.co 207 kB/s | 8.4 MB 00:41
CentOS-8.5.2111 - Base - mirrors.aliyun.com 282 kB/s | 4.6 MB 00:16
CentOS-8.5.2111 - Extras - mirrors.aliyun.com 4.4 kB/s | 10 kB 00:02
-BaseOS 22 MB/s | 2.2 MB 00:00
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
centos-release-ansible-29 noarch 1-2.el8 extras 8.4 k
Installing dependencies:
centos-release-configmanagement noarch 1-1.el8 extras 8.7 k
Transaction Summary
================================================================================
Install 2 Packages
Total download size: 17 k
Installed size: 2.2 k
Downloading Packages:
(1/2): centos-release-ansible-29-1-2.el8.noarch 6.2 kB/s | 8.4 kB 00:01
(2/2): centos-release-configmanagement-1-1.el8. 6.4 kB/s | 8.7 kB 00:01
--------------------------------------------------------------------------------
Total 13 kB/s | 17 kB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : centos-release-configmanagement-1-1.el8.noarch 1/2
Installing : centos-release-ansible-29-1-2.el8.noarch 2/2
Verifying : centos-release-ansible-29-1-2.el8.noarch 1/2
Verifying : centos-release-configmanagement-1-1.el8.noarch 2/2
Installed products updated.
Installed:
centos-release-ansible-29-1-2.el8.noarch
centos-release-configmanagement-1-1.el8.noarch
Complete!
[root@dsrw yum.repos.d]# ls /etc/yum.repos.d/ |grep ansible
CentOS-SIG-ansible-29.repo
[root@dsrw yum.repos.d]# dnf -y install ansible
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Repository AppStream is listed more than once in the configuration
CentOS Configmanagement SIG - ansible-29 363 kB/s | 2.1 MB 00:05
Last metadata expiration check: 0:00:02 ago on Sat 24 Dec 2022 03:45:53 PM CST.
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
ansible noarch 2.9.27-1.el8 centos-ansible-29 17 M
Installing dependencies:
python3-babel noarch 2.5.1-7.el8 AppStream 4.8 M
python3-jinja2 noarch 2.10.1-3.el8 AppStream 538 k
python3-markupsafe x86_64 0.23-19.el8 AppStream 39 k
sshpass x86_64 1.06-8.el8 centos-ansible-29 27 k
Installing weak dependencies:
python3-jmespath noarch 0.9.0-11.el8 AppStream 45 k
Transaction Summary
================================================================================
Install 6 Packages
Total download size: 22 M
Installed size: 119 M
Downloading Packages:
(1/6): python3-jmespath-0.9.0-11.el8.noarch.rpm 31 kB/s | 45 kB 00:01
(2/6): python3-markupsafe-0.23-19.el8.x86_64.rp 117 kB/s | 39 kB 00:00
(3/6): python3-jinja2-2.10.1-3.el8.noarch.rpm 110 kB/s | 538 kB 00:04
(4/6): ansible-2.9.27-1.el8.noarch.rpm 4.7 MB/s | 17 MB 00:03
(5/6): sshpass-1.06-8.el8.x86_64.rpm 44 kB/s | 27 kB 00:00
(6/6): python3-babel-2.5.1-7.el8.noarch.rpm 135 kB/s | 4.8 MB 00:36
--------------------------------------------------------------------------------
Total 600 kB/s | 22 MB 00:38
warning: /var/cache/dnf/centos-ansible-29-7c8a1e4d33b63b6a/packages/ansible-2.9.27-1.el8.noarch.rpm: Header V4 RSA/SHA256 Signature, key ID 6e8b7e8a: NOKEY
CentOS Configmanagement SIG - ansible-29 1.0 MB/s | 1.0 kB 00:00
Importing GPG key 0x6E8B7E8A:
Userid : "CentOS Config Management SIG (https://wiki.centos.org/SpecialInterestGroup/ConfigManagementSIG) <security@centos.org>"
Fingerprint: C75A FB57 D5C0 F238 CB15 BEC8 1AE1 10FA 6E8B 7E8A
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-ConfigManagement
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : sshpass-1.06-8.el8.x86_64 1/6
Installing : python3-markupsafe-0.23-19.el8.x86_64 2/6
Installing : python3-jmespath-0.9.0-11.el8.noarch 3/6
Installing : python3-babel-2.5.1-7.el8.noarch 4/6
Installing : python3-jinja2-2.10.1-3.el8.noarch 5/6
Installing : ansible-2.9.27-1.el8.noarch 6/6
Running scriptlet: ansible-2.9.27-1.el8.noarch 6/6
Verifying : python3-babel-2.5.1-7.el8.noarch 1/6
Verifying : python3-jinja2-2.10.1-3.el8.noarch 2/6
Verifying : python3-jmespath-0.9.0-11.el8.noarch 3/6
Verifying : python3-markupsafe-0.23-19.el8.x86_64 4/6
Verifying : ansible-2.9.27-1.el8.noarch 5/6
Verifying : sshpass-1.06-8.el8.x86_64 6/6
Installed products updated.
Installed:
ansible-2.9.27-1.el8.noarch python3-jmespath-0.9.0-11.el8.noarch
python3-babel-2.5.1-7.el8.noarch python3-jinja2-2.10.1-3.el8.noarch
python3-markupsafe-0.23-19.el8.x86_64 sshpass-1.06-8.el8.x86_64
Complete!
[root@dsrw yum.repos.d]# ansible --version
ansible 2.9.27
config file = /etc/ansible/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.6/site-packages/ansible
executable location = /usr/bin/ansible
python version = 3.6.8 (default, Jan 11 2019, 02:17:16) [GCC 8.2.1 20180905 (Red Hat 8.2.1-3)]
4.设置主机清单,和自动对账号和密码进行匹配参数。
Ansible服务主配置文件优先级顺序
高:./ansible.cfg
中:~/ansible.cfg
低:/etc/ansible/ansible.cfg
用户可以把要管理的主机IP地址预先写入/etc/ansible/hosts文件,如要管理1台主机,对应的IP地址如下:
服务器:192.168.1.11
客户机RHEL 8 192.168.11.12 test
[root@dsrw ~]# vim /etc/ansible/hosts
[test]
192.168.1.12
[all:vars]
ansible_user=root
ansible_password=111111
5.设置主配置文件。
[root@dsrw ~]# vim /etc/ansible/ansible.cfg
71 host_key_checking = False
107 remote_user = root
6.查看服务器和客户机相应的IP地址
服务器:
[root@dsrw ~]# ifconfig
ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.11 netmask 255.255.255.0 broadcast 192.168.10.255
inet6 fe80::8782:14ae:73c2:4971 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:65:c4:9c txqueuelen 1000 (Ethernet)
RX packets 61109 bytes 59702569 (56.9 MiB)
RX errors 0 dropped 19143 overruns 0 frame 0
TX packets 16621 bytes 1019923 (996.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
客户机:192.168.1.12
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容