Ansible detailed usage deployment and installation

Summary: absible deployment and installation

#1. Overview
Operation and maintenance tools can be divided into two categories if they do not need an agent program as needed:

agent (requires an agent tool): completes management functions based on a dedicated agent program, puppet, func,

zabbix agentless ( No agent tool): complete management based on ssh service, ansible, fabric
#2. Introduction

　　Ansible is a simple automated operation and maintenance management tool, implemented based on Python language, constructed by two key modules of Paramiko and PyYAML, which can be used to automatically deploy applications, Configure and orchestrate tasks (continuous delivery, no-downtime updates, etc.). Major releases are released approximately every 2 months.

　　The biggest difference between Ansible and Saltstack is that Ansible does not need to deploy any client agent on the controlled host. By default, it directly executes remote commands or sends configuration through the SSH channel: the same point is that both have powerful and flexible system management, state configuration, two Both provide rich templates and APIs, and have good support for cloud computing platforms and big data.

1. Features Simple
deployment , only need to deploy the Ansible environment on the main control side, and the controlled side does not need to do anything; SSH protocol is used by default to manage devices;
master-slave centralized management;
simple configuration, powerful functions, strong scalability;
support API and custom modules can be easily extended through Python;
powerful configuration and status management can be customized through Playbooks;
good support for cloud computing platforms and big data;
a powerful and operable web management interface and REST API interface - AWX platform.
Idempotency: an operation is repeated multiple times with the same result
Comments:
(1) Lightweight, no need to install an agent on the client, when updating, only one update is required on the operating machine;
(2) The batch task execution can be written as a script, and it can be done without distributing it to a remote location Execution;
(3), written in python, maintenance is simpler, ruby ​​syntax is too complicated;
(4), support sudo.
2. Ansible architecture diagram
QQ_20170524110419

Ansible core component description:

Ansible: Ansible's core program
Host Lnventory: records each host information managed by Ansible, including ssh port, root account password, ip address and so on. It can be loaded through file, and Playbooks can be loaded through CMDB

: YAML format file, multiple tasks are defined in one file, and can be called uniformly when used, "script" is used to define the functions that the host needs to call those modules to complete.

Core Modules : Any management tasks performed by Ansible are not completed by Ansible itself, but by the core modules; before Ansible manages the host, call the module in the core Modules, and then specify the host in the Host Lnventory to manage the host.

Custom Modules: Custom modules that complete functions that Ansible's core modules cannot. This module supports writing in any language.

Connection Plugins: Connection plug-ins, Ansible and Host communication use

3. Ansible execution process, in which the representative of warm colors has been modularized.
screenshot

3. Installation and configuration of the basic environment
1. The ssh password-free login configuration has been press Enter
````ssh-keygen -N ''



2. The shell script is copied to the 101-150 server

```for i in `seq 101 150`
do
/usr/bin/expect << EOF
spawn ssh-copy-id [email protected].$i
expect {
"yes/no" { send "yes\r"; exp_continue; }
"*password" { send "P@ssw0rd\r" }
}

expect " ~$ "
send "exit\r"
expect eof

EOF
done
3. Install Ansible environment and pssh environment package

sudo sed -i -re 's/\w+\.archive\.ubuntu\.com/archive.ubuntu.com/g ' /etc/apt/sources.list
sudo apt-get update
sudo wget http://www.theether.org/pssh/pssh-1.4.3.tar.gz #Download the PSSH installation package
tar zxvf pssh-1.4.3. tar. gz
cd pssh-1.4.3
sudo wget 'http://peak.telecommunity.com/dist/ez_setup.py'
sudo python ez_setup.py
sudo python setup.py install
sudo apt-get install software-properties-common
sudo apt-add-repository ppa:ansible/ ansible
sudo apt-get install ansible
4. Configuration file
/etc/ansible/ansible.cfg

host_key_checking = False

5. Host inventory
/etc/ansible/hosts

6. Instructions for using ansible commands
Common options

ansible -m MOD_NAME -a MOD_ARGS
means calling What module, use those parameters of the module

ansible -h

[root@localhost ~]# ansible -h
Usage: ansible [options]

Options:
-a MODULE_ARGS, --args=MODULE_ARGS The parameters of the module, if the module of the default COMMAND is executed, that is Is the command parameter, such as: "date", "pwd", etc.
module arguments
-k, --ask-pass ask for SSH password login password, prompt for SSH password instead of assuming key-based authentication
--ask-su-pass ask for su password su switch password
-K, -- ask-sudo-pass ask for sudo password Prompt password to use sudo, sudo means privilege escalation operation
--ask-vault-pass ask for vault password
-B SECONDS, --background=SECONDS background running timeout
run asynchronously, failing after X seconds
(default=N/A) -C, --check
don't make any changes; instead, try to predict some
the changes that may occur
-c CONNECTION, --connection=CONNECTION connection type to use. Possible options are paramiko (SSH), SSH and local. Local is mainly used for crontab or startup.
connection type to use (default=smart)
-f FORKS, --forks=FORKS Number of parallel tasks. NUM is specified as an integer, default is 5
specify number of parallel processes to use
(default=5)
-h, --help show this help message and exit Open the help document API
-i INVENTORY, --inventory-file=INVENTORY Specify the path to the inventory host file, the default is /etc /ansible/hosts
specify inventory host file
(default=/etc/ansible/hosts)
-l SUBSET, --limit=SUBSET further limit selected host/group mode --limit=192.168.91.135 only execute
further limit selected on this ip hosts to an additional pattern
--list-hosts outputs a list of matching hosts; does not execute
anything else
-m MODULE_NAME, --module-name=MODULE_NAME The name of the execution module, the command module is used by default, so if only a single command is executed You can not use the -m parameter
module name to execute (default=command)
-M MODULE_PATH, --module-path=MODULE_PATH The path of the module to be executed, the default is /usr/share/ansible/
specify path(s) to module library
(default=/usr/share/ansible/)
-o, --one-line condense output Compressed output, summary output. Try to output everything on one line.
-P POLL_INTERVAL, --poll=POLL_INTERVAL Poll background work every few seconds. Required - b
set the poll interval if using -B (default=15)
--private-key=PRIVATE_KEY_FILE private key path,
use this file to authenticate the connection
-S, --su run operations with su Use the su command
-R SU_USER, --su-user=SU_USER to specify the SU user, the default is root user
run operations with su as this user (default=root)
-s, --sudo run operations with sudo (nopasswd)
-U SUDO_USER, --sudo-user=SUDO_USER Which user to sudo to, the default is root
desired sudo user (default=root)
-T TIMEOUT, --timeout=TIMEOUT Specify the default SSH timeout time, the default is 10S
override the SSH timeout in seconds (default=10)
-t TREE, --tree=TREE log output to this directory Save the log contents in this output directory, and save the results in a file on each host.
-u REMOTE_USER, --user=REMOTE_USER remote user, the default is root user
connect as this user (default=root)
--vault-password-file=VAULT_PASSWORD_FILE
vault password file
-v, --verbose verbose mode (-vvv for more , -vvvv to enable detailed information
connection debugging)
--version show program's version number and exit output ansible version