Introduction to Ansible
Ansible is a lightweight automated management tool, it does not need to install an agent on the client, through OpenSSH
or WinRM
connect to the managed host and run tasks.
Ansible installation
You only need to configure the epel
source on the control node host , and then perform the yum install ansible
installation. No operation is required on the managed host.
It is recommended that the python
version of the control node and the managed host be the same
Ansible configuration file
After the Ansible
installation is complete, a /etc/ansible/ansible.cfg
configuration file will be generated by default . We can also use other configuration files
View the currently used configuration file
[root@localhost ~]# ansible --version |grep cfg
config file = /etc/ansible/ansible.cfg
Set up other configuration files
Ansible
Only the configuration in the first configuration file it retrieves will be used.
In addition to the default configuration file, we can also use configuration files in other locations. The order of priority from high to low is as follows:
# 通过环境变量指定的配置文件优先级最高
ANSIBLE_CONFIG
# 其次是当前目录下的ansible.cfg文件
./ansible.cfg
# 再次是用户家目录下的.ansible.cfg文件
~/.ansible_cfg
# 默认的配置文件优先级最低
/etc/ansible/ansible.cfg
It is recommended to Ansible
create ansible.cfg
files in the directory where the command is to be run , and place other related files in the same directory.
Configuration file content
Ansible
The configuration file is sector
divided as. Each square bracket means onesector
Common options
# 基本配置
[defaults]
# 该配置文件默认使用的inventory文件
inventory = /etc/ansible/hosts
# 该配置文件使用root用户进行ssh连接
remote_user = root
# 使用root用户进行ssh连接时不提示输入密码
ask_pass = false
# 权限提升相关配置
[privilege_escalation]
# 如果remote_user使用root用户,就不需要配置提权部分。
# 如果remote_user不是root,但不需要做特权操作,也不需要配置
# 权限实际是否提升取决于被管理主机是否配置了sudoers文件
# 需要提权
become = true
# 提权的方式
become_method = sudo
# 提权到root用户
become_user = root
# 进行sudo操作的时候不需要输入密码
become_ask_pass = false
Ansible inventory file
inventory
The file is to record which hosts can be Ansible
controlled. The inventory
file can be divided into static files and dynamic files.
Static inventory file
A static inventory
file is a text file that records the managed hosts ip
or host
can place multiple hosts in a host group for easy batch management. You can also put multiple host groups into one large group. Multiple hosts
can be []
specified using symbols
# 主机示例
# 使用IP地址
192.169.1.100
# 使用主机名
servera
# 主机组示例
# group1中包含server1和server2
[group1]
server1
server2
# group2中包含server3和server4
[group2]
server[3:4]
# group3中包含group1和group2里面的所有主机
# 使用:children来代表下面定义的是主机组
[group3:children]
group1
group2
Special group
In addition to inventory
the groups defined in the file, Ansible
there are two special groups
all
Representsinventory
all managed hosts in the hostungrouped
Represents a managed host that does not belong to any host group
Dynamic inventory file
A dynamic inventory
file is actually a script that can be used to obtain information about the managed host from other locations.
The script can be written in any language, and the returned value needs to be in the JSON
format
Use dynamic inventory files
ansible -i inventory.py all --list-hosts
Note that dynamic inventory
files need to have execution permissions
Use JSON format to view inventory files
ansible-inventory -i inventory --list
Comparison and description of static inventory file and JSON format
# 静态inventory文件
[root@localhost ~]# cat inventory
server1
[group1]
server2 user=root
server3
[group2]
server[4:6]
[group3:children]
group1
group2
[group2:vars]
user=devops
password=123
# 对应的JSON格式文件
[root@localhost ~]# ansible-inventory -i inventory --list
## 整个JSON是一个Python中的字典,该字典中的key值包括以下两种
## 1. `_mata` 记录了所有主机和主机的变量
## 2. `主机组名` 记录了组中的主机列表或子组列表
{
## _mata的值是一个字典,其中包括一个hostvars的key,对应的value是一个记录主机名和相关变量的字典
"_meta": {
"hostvars": {
# hostvars的值,是以主机名为key的字典,如果主机名没有变量,对应的value值是个空字典,如果主机名有对应的变量,对应的value值是一个key=变量名,value=变量值的字典
# 注意主机组变量在这里会记录到组中的所有主机中
"server1": {},
"server2": {
"user": "root"
},
"server3": {},
"server4": {
"password": 123,
"user": "devops"
},
"server5": {
"password": 123,
"user": "devops"
},
"server6": {
"password": 123,
"user": "devops"
}
}
},
## 主机组名作为key的value值也是字典,该字典的key-value可能有以下几种
## key=children value=子主机组的列表
## key=hosts value=组中主机的列表
## key=vars value=对应变量的字典
"all": {
"children": [
"group3",
"ungrouped"
]
},
"group1": {
"hosts": [
"server2",
"server3"
]
},
"group2": {
"hosts": [
"server4",
"server5",
"server6"
]
},
"group3": {
"children": [
"group1",
"group2"
]
},
"ungrouped": {
"hosts": [
"server1"
]
}
}
View the host defined in inventory
ansible -i inventory group1 --list-hosts