* Ansible 服务端 192.168.3.24
* 节点 192.168.3.4
* 节点
安装ansible
yum -y install ansible
ansible --version
在Ansible服务端生成密钥,并且复制公钥到节点中
[root@zs ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:vsj6eAREUsZsj/vDO+Pl5kNq7/mYiQPYIe2WWp8VkgY root@zs
The key's randomart image is:
+---[RSA 2048]----+
| .=+ |
| oE |
| + + . |
| . = = . |
| = * .S. |
| . O ..o |
| + * =o |
| . o&=o* |
| o*B@@o. |
+----[SHA256]-----+
使用ssh-copy-id命令来复制Ansible公钥到节点中
[root@zs ~]# ssh-copy-id -i [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.3.4 (192.168.3.4)' can't be established.
ECDSA key fingerprint is SHA256:MFAvlTpQwVgswi1rSD4UnNc6io1CoioC1qeWsJ7GtMI.
ECDSA key fingerprint is MD5:cc:17:e4:8e:ce:b2:72:88:f0:13:24:2f:7f:c7:f5:46.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.
为Ansible定义节点的清单
文件 /etc/ansible/hosts 维护着Ansible中服务器的清单。
[root@zs ~]# vi /etc/ansible/hosts
[dbservers]
192.168.3.4
192.168.3.x
尝试在Ansible服务端运行命令
[root@zs ~]# ansible -m ping 'dbservers'
192.168.3.4 | SUCCESS => {
"changed": false,
"ping": "pong"
}
[root@zs ~]# ansible -m command -a "uptime" 'dbservers'
192.168.3.4 | CHANGED | rc=0 >>
10:54:19 up 2:57, 4 users, load average: 0.00, 0.01, 0.05
[root@zs ~]# ansible -m command -a "uname -r" 'dbservers'
192.168.3.4 | CHANGED | rc=0 >>
3.10.0-862.el7.x86_64
[root@zs ~]# ansible -m command -a "yum install -y httpd" 'dbservers'
[WARNING]: Consider using the yum module rather than running yum. If you need to use command
because yum is insufficient you can add warn=False to this command task or set command_warnings=False
in ansible.cfg to get rid of this message.
192.168.3.4 | CHANGED | rc=0 >>
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.nju.edu.cn
* extras: mirrors.nju.edu.cn
* updates: mirrors.nju.edu.cn
正在解决依赖关系
--> 正在检查事务
---> 软件包 httpd.x86_64.0.2.4.6-80.el7.centos.1 将被 安装
--> 正在处理依赖关系 httpd-tools = 2.4.6-80.el7.centos.1,它被软件包 httpd-2.4.6-80.el7.centos.1.x86_64 需要
--> 正在处理依赖关系 /etc/mime.types,它被软件包 httpd-2.4.6-80.el7.centos.1.x86_64 需要
--> 正在处理依赖关系 libaprutil-1.so.0()(64bit),它被软件包 httpd-2.4.6-80.el7.centos.1.x86_64 需要
--> 正在处理依赖关系 libapr-1.so.0()(64bit),它被软件包 httpd-2.4.6-80.el7.centos.1.x86_64 需要
--> 正在检查事务
---> 软件包 apr.x86_64.0.1.4.8-3.el7_4.1 将被 安装
---> 软件包 apr-util.x86_64.0.1.5.2-6.el7 将被 安装
---> 软件包 httpd-tools.x86_64.0.2.4.6-80.el7.centos.1 将被 安装