云计算运维

Windows Server 2003 - Windows Server 2019 系统工具,Linux系统脚本,Mysql、Nginx、PHP、Redis、K8S、Seafile、Weblogic 、Jenkins、DNS、DHCP、FTP、IIS、Zookeeper、Rabbitmq、Oracle、Tomcat、Mavrn等服务搭建维护,请关注我.

Ansible的简单配置及使用


1. 安装ansible

shell> yum install ansible -y

2. 配置ansible

shell> vim /etc/ansible/ansible.cfg
# 取消注释,默认情况下日志是开关的
log_path=/var/log/ansible.log
# 设置默认模块shell
module_name=shell
#禁用ssh检查
host_key_checking=False

3. 设置主机及分组

shell> vim /etc/ansible/hosts
# 分组名称
[web]
# 组内成员(ip地址或域名)
192.168.37.102
192.168.37.103
[master]
192.168.37.101

4. 查看模块 ansible-doc

   ansible-doc [options] [module...]
    -a 显示所有模块的文档
    -l, --list 列出可用模块
    -s, --snippet显示指定模块的playbook片段

5. ansible方法

   ansible <host-pattern> [-m module_name] [-a args]
       --version 显示版本
       -m module 指定模块,默认为command
       -v 详细过程 –vv -vvv更详细
       --list-hosts 显示主机列表,可简写 --list
       -k, --ask-pass 提示输入ssh连接密码,默认Key验证
       -K, --ask-become-pass 提示输入sudo时的口令
       -C, --check 检查,并不执行
       -T, --timeout=TIMEOUT 执行命令的超时时间,默认10s
       -u, --user=REMOTE_USER 执行远程执行的用户
       -b, --become 代替旧版的sudo 切换
       --become-user=USERNAME 指定sudo的runas用户,默认为root

6. 基于key验证,及公钥分发

   # 使用 ssh-kengen 会在~/.ssh/目录下生成两个文件,不指定文件名和密钥类型的时候,默认生成的两个文件是:id_rsa,id_rsa.pub
   shell> ssh-kengen
   # ssh-copy-id 将本机的公钥复制到远程机器的authorized_keys文件中,ssh-copy-id也能让你有到远程机器的home, ~./ssh , 和 ~/.ssh/authorized_keys的权利
   shell> ssh-copy-id 192.168.37.102
   shell> ssh-copy-id 192.168.37.103

7. 模块的使用

   # 文件复制copy模块 src:本机文件地址 dest:目标主机地址 backup:如何目标主机文件存在,生成备份
   shell> ansible web copy -a 'src=/etc/selinux/config dest=/data/ backup=yes'
   # 生成文件内容
   shell> ansible app -m copy -a 'content="line1\nline2\nline3\n" dest=/data/content.txt'

案例一:自建YUM源

   # 自建源
   ansible app -a 'mkdir /etc/yum.repos.d/repo'
   ansible app -a 'mv /etc/yum.repos.d/*.repo /etc/yum.repos/repo'
   ansible app -m copy -a 'content="
   [base]\nname=CentOS\nbaseurl=file:///misc/cd\ngpgcheck=0\n\n[epel]\nname=epel\nbaseurl=http
   ://mirrors.sohu.com/fedora-epel/7/x86_64/\ngpgcheck=0" dest=/etc/yum.repos.d/base.repo'
   # 查看yum源
   ansible all -a 'cat /etc/yum.repos.d/base.repo'
   # 建立文件
   ansible app -a 'touch /etc/yum.repos.d/repo1/f1'
   # 抓取文件
   ansible app -m fetch -a 'src=/etc/yum.repos.d/repo1/f1 dest=/data'
   # 删除文件
   ansible app -m file -a 'path=/etc/yum.repos.d/repo1/f1 state=absent'
   # yum 安装和删除
   ansible all -m yum -a 'name=bind'
   ansible all -m yum -a 'name=bind state=absent'
   # 53端口打开
   ansible all -a 'ss -ntul|grep 53'
   # 启动服务,开机启动服务
   ansible all -a 'name=named state=started enabled=true'

案例二:使用二进制包安装mysql

   # 使用ansible写一个roles的playbook,安装mysql
   # 创建mysql的role目录
   shell> tree
   .
   ├── mysql-install.yml # 启动文件
   └── roles
       └── mysql
           ├── files # 二进制mysql安装包及my-huge.cnf配置文件
           │   ├── mariadb-10.2.25-linux-x86_64.tar.gz
           │   └── my-huge.cnf
           ├── handlers
           ├── tasks # 配置文件
           │   ├── config.yml
           │   ├── database.yml
           │   ├── data_file.yml
           │   ├── init.yml
           │   ├── library.yml
           │   ├── link.yml
           │   ├── main.yml
           │   ├── owner.yml
           │   ├── path.yml
           │   ├── start.yml
           │   ├── uncompress.yml
           │   └── user.yml
           ├── templates
           └── vars

配置文件:
main.yml

   # main.yum 软件安装顺序
   - include: library.yml
   - include: user.yml
   - include: uncompress.yml
   - include: link.yml
   - include: data_file.yml
   - include: owner.yml
   - include: database.yml
   - include: path.yml
   - include: config.yml
   - include: init.yml
   - include: start.yml

library.yml

   - name: "安装库文件"
     yum: name=libaio

user.yml

   - name: "创建用户"
     user: name=mysql system=yes home=/data/mysql create_home=no shell=/sbin/nologin

uncompress.yml

   - name: "解压mysql文件"
     unarchive: src=/data/playbook/mariadb-10.2.25-linux-x86_64.tar.gz dest=/usr/local owner=root group=root

link.yml

   - name: "创建mysql软链接"
     file: src=/usr/local/mariadb-10.2.25-linux-x86_64 dest=/usr/local/mysql state=link

data_file.yml

   - name: "创建data文件"
     file: path=/data/mysql state=directory

owner.yml

   - name: "设置data目录权限"
     file: path=/data/mysql owner=mysql group=mysql

database.yml

   - name: "切换目录,生成database库"
     shell: chdir=/usr/local/mysql/  scripts/mysql_install_db --datadir=/data/mysql --user=mysql

path.yml

   - name: "添加环境变量"
     copy: content='PATH=/usr/local/mysql/bin:$PATH' dest=/etc/profile.d/mysql.sh

config.yml

   - name: "复制配置文件"
     copy: src=/data/playbook/my-huge.cnf dest=/etc/my.cnf

init.yml

   - name: "复制启动文件到init.d"
     shell: cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld

start.yml

   - name: "启动mysql服务"
     shell: /etc/init.d/mysqld start
  • 分享:
评论
还没有评论
    发表评论 说点什么