一、安装ansible
git clone https://github.com/ansible/ansible.git
cd ansible
python3 setup.py install
sudo mkdir /etc/ansible
sudo chmod 777 /etc/ansible
cp -r examples/* /etc/ansible
二、测试ping模块,ansible的ping是使用ssh协议
vim /etc/ansible/hosts
[hostname1]
xxx.xxx.202.1
ansible all -m ping
[WARNING]: Ansible is being run in a world writable directory (/private/etc/ansible), ignoring it as an
ansible.cfg source. For more information see
https://docs.ansible.com/ansible/devel/reference_appendices/config.html#cfg-in-world-writable-dir
[WARNING]: Unable to parse the plugin filter file /etc/ansible/plugin_filters.yml as module_blacklist is
not a list. Skipping.
114.115.202.1 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: [email protected]: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
是Ansible会像SSH那样试图用你的当前用户名来连接你的远程机器.要覆写远程用户名,只需使用’-u’参数. 如果你想访问 sudo模式,这里也有标识(flags)来实现:
ansible all -m ping -u root
三、认识配置文件
vim ansible.cfg #host_key_checking = False 推荐取消注释,不然第一次连接会询问,比较麻烦
例如
The authenticity of host 'xxx (xxx)' can't be established.
ECDSA key fingerprint is SHA256:xxxx
Are you sure you want to continue connecting (yes/no)? yes
Ansible有很多配置参数,以下是几个默认的配置参数:
inventory = /etc/ansible/hosts
library = /usr/share/my_modules/ forks = 5 sudo_user = root remote_port = 22 host_key_checking = False timeout = 20 log_path = /var/log/ansible.log inventory:该参数表示inventory文件的位置,资源清单(inventory)就是Ansible需要连接管理的一些主机列表。library:Ansible的所有操作都使用模块来执行实现,这个library参数就是指向存放Ansible模块的目录。forks:设置默认情况下Ansible最多能有多少个进程同时工作,默认5个进程并行处理。具体需要设置多少个,可以根据控制端性能和被管理节点的数量来确定。sudo_user:设置默认执行命令的用户,也可以在playbook中重新设置这个参数。remote_port:指定连接被管理节点的管理端口,默认是22,除非设置了特殊的SSH端口,否则不需要修改此参数。host_key_checking:设置是否检查SSH主机的密钥。可以设置为True或False。即ssh的主机再次验证。timeout:设置SSH连接的超时间隔,单位是秒。log_path:Ansible默认不记录日志,如果想把Ansible系统的输出记录到日志文件中,需要设置log_path。需要注意,模块将会调用被管节点的(r)syslog来记录,执行Ansible的用户需要有写入日志的权限。