ansible安装配置

1.1rpm安装

# yum install

# yum install -y ansible

1.2pip安装

# yum install -y openssl-devel openssl

# tar zxf Python-2.7.8.tgz

# cd Python-2.7.8

# ./configure

# make && make install

# wget

# python get-pip.py

1.3源码安装

(1)、python2.7安装

yum install -y zlib zlib-devel

# tar xvzf Python-2.7.8.tgz

# cd Python-2.7.8

# ./configure --prefix=/usr/local

# make --jobs=`grep processor/proc/cpuinfo | wc -l`

# make install

## python头文件拷贝到标准目录,以避免编译ansible时,找不到所需的头文件

# cd /usr/local/include/python2.7

# cp -a ./* /usr/local/include/

## 备份旧版本的python,并符号链接新版本的python

# cd /usr/bin

# mv python python2.6

# ln -s /usr/local/bin/python

## 修改yum脚本,使其指向旧版本的python,已避免其无法运行

# vim /usr/bin/yum

#!/usr/bin/python  -->  #!/usr/bin/python2.6

(2)setuptools模块安装

# tar xvzf setuptools-7.0.tar.gz

# cd setuptools-7.0

# python setup.py install

(3)pycrypto模块安装

# tar xvzf pycrypto-2.6.1.tar.gz

# cd pycrypto-2.6.1

# python setup.py install

(4)PyYAML模块安装

# tar xvzf yaml-0.1.5.tar.gz

# cd yaml-0.1.5

# ./configure --prefix=/usr/local

# make --jobs=`grep processor/proc/cpuinfo | wc -l`

# make install

# tar xvzf PyYAML-3.11.tar.gz

# cd PyYAML-3.11

# python setup.py install

(5)Jinja2模块安装

# tar xvzf MarkupSafe-0.9.3.tar.gz

# cd MarkupSafe-0.9.3

# python setup.py install

# tar xvzf Jinja2-2.7.3.tar.gz

# cd Jinja2-2.7.3

# python setup.py install

(6)paramiko模块安装

# tar xvzf ecdsa-0.11.tar.gz

# cd ecdsa-0.11

# python setup.py install

# tar xvzf paramiko-1.15.1.tar.gz

# cd paramiko-1.15.1

# python setup.py install

(7)simplejson模块安装

# tar xvzf simplejson-3.6.5.tar.gz

# cd simplejson-3.6.5

# python setup.py install

(8)ansible安装

# tar xvzf ansible-1.7.2.tar.gz

# cd ansible-1.7.2

# python setup.py install

2.配置

(1)、SSH免密钥登录设置,服务端与客户端建立信任

ssh-keygen

ssh-ocpy-id ip #将密钥发送给客户端

(2)、ansible配置

# vim /etc/ansible/hosts

[server]

192.168.36.149

192.168.36.144

3.使用

客户端运行命令并将结果返回

-m 【mode】模块

-a 【args】参数

command模块

批量修改ssh配置文件,将UsePAM yes改为UsePAM no

# ansible server -m command -a "sed -i 's%UsePAM yes%UsePAM no%' /etc/ssh/sshd_config"

192.168.36.215 | success | rc=0 >>

在节点上执行hostname命令

# ansible server -m command -a 'hostname'

192.168.36.214 | success | rc=0 >>

test1.example.com

script模块

在所有节点上执行主控机上的/root/test.sh脚本

# cat test.sh

hostname

# ansible server -m script -a '/root/test.sh'

192.168.36.219 | success >> {

"changed": true,

"rc": 0,

"stderr": "",

"stdout": "rs2.example.com\r\n"

}

cron模块

在指定节点上执行计划任务,每隔3分钟到主控端更新一次时间

# ansible server -m cron -a 'name="custom job" minute=*/3 hour=* day=* weekday=* job="/usr/bin/ntpdate 192.168.36.222"'

192.168.36.215 | success >> {

"changed": true,

"jobs": [

"custom job"

]

}

yum模块

批量安装软件

# ansible server -m yum -a 'state=present name=httpd'

# ansible server -m yum -a 'name=httpd'

setup模块

查看客户端的基本信息

# ansible server -m setup

file模块

远程文件符号链接创建

spacer.gif

修改权限(文件的具体权限根据情况而定)

# ansible server -m file -a 'dest=/root/test mode=777 owner=root group=root'

192.168.36.215 | success >> {

"changed": true,

"gid": 0,

"group": "root",

"mode": "0777",

"owner": "root",

"path": "/root/test",

"size": 0,

"state": "file",

"uid": 0

}

group模块

在所有节点上创建一个名为cyl的组,gid为2014

# ansible server -m group -a 'gid=2014 name=cyl'

192.168.36.214 | success >> {

"changed": true,

"gid": 2014,

"name": "cyl",

"state": "present",

"system": false

}

user模块

在所有节点上创建一个名为cyl的用户,组为cyl

# ansible server -m user -a 'name=cyl group=cyl state=present'

192.168.36.214 | success >> {

"append": false,

"changed": false,

"comment": "centos64",

"group": 2014,

"home": "/home/cyl",

"move_home": false,

"name": "cyl",

"shell": "/bin/bash",

"state": "present",

"uid": 500

}

删除所有节点上的cyl用户(可加参数state=absent)

# ansible server -m user -a 'name=cyl remove=yes'

192.168.36.215 | success >> {

"append": false,

"changed": false,

"comment": "centos64",

"group": 2014,

"home": "/home/cyl",

"move_home": false,

"name": "cyl",

"shell": "/bin/bash",

"state": "present",

"uid": 500

}

service模块

启动所有节点上的httpd服务,并让其开机自启

# ansible server -m service -a 'name=httpd state=restarted enabled=yes'

192.168.36.214 | success >> {

"changed": true,

"enabled": true,

"name": "httpd",

"state": "started"

}

ping模块

检查节点机器是否连通

# ansible server -m ping

192.168.36.215 | success >> {

"changed": false,

"ping": "pong"

}

raw模块

在节点上运行hostname命令

# ansible server -m raw -a 'hostname|tree'

192.168.36.215 | success | rc=0 >>

synchronize模块

delete=yes   使两边的内容一样(即以推送方为主)

compress=yes  开启压缩,默认为开启

--exclude=.git  忽略同步.git结尾的文件

# ansible server -m synchronize -a 'src=/root/cyl dest=/root/ compress=yes'

192.168.36.215 | success >> {

"changed": true,

"cmd": "rsync --delay-updates -FF --compress --archive --rsh 'ssh -o StrictHostKeyChecking=no' --out-format='<<CHANGED>>%i %n%L' \"/root/cyl\" \"root@192.168.36.215:/root/\"",

"msg": ".d..t...... cyl/\n",

"rc": 0,

"stdout_lines": [

".d..t...... cyl/"

]

}

copy模块

批量拷贝文件

spacer.gif# ansible server -m copy -a 'src=/root/cyl dest=/root/'

spacer.gif