1. Introduction http://www.ansible.com.cn/
http://docs.ansible.com/
Ansible is a new automated operation and maintenance tool, which is developed based on Python and integrates many operation and maintenance tools (puppet, cfengine, The advantages of chef, func, fabric) realize batch system configuration, batch program deployment, batch running commands and other functions. Ansible works based on modules and does not have the ability to deploy in batches. What really has batch deployment is the modules that ansible runs, ansible just provides a framework. Mainly include:
(1), connection plugins: responsible for communicating with the monitored terminal;
(2), host inventory: the host for the specified operation, which is the host defined in a configuration file for monitoring;
(3), the core of various modules module, command module, custom module;
(4), with the help of plug-ins to complete functions such as logging and mailing;
(5), playbook: When the script performs multiple tasks, it is not necessary to allow the node to run multiple tasks at one time.
2. Overall architecture
wKiom1Rsxz3ToUCAAAGROYAM3EI989.jpg
3. Features
(1), no agents: no need to install any client on the managed host;
(2), no server: no server, just run the command directly when using it;
(3) ), modules in any languages: based on module work, modules can be developed in any language;
(4), yaml, not code: use yaml language to customize the playbook;
(5), ssh by default: work based on SSH;
(6), strong multi-tier solution: can realize multi-level command.
4. Advantages
(1), light weight, no need to install agent on the client side, and only need to update once on the operating machine when updating;
(2), batch task execution can be written as a script, and it can be done without distributing it to a remote location Execution;
(3), written in python, maintenance is simpler, ruby syntax is too complicated;
(4), support sudo.
5. Task execution process
wKiom1Rsx2uQYJZ5AAJplY08vOQ976.jpg
Description:
(1) Most of the above content is based on the sharing of others, and is used for learning and reference;
(2) This installation is based on the CentOS 6.4 system environment.
===================================================== =========================================
Second, Ansible basic installation and configuration
=== ===================================================== ======================================
1. Ansible basic installation
(1), python2.7 installation
https://www.python.org/ftp/python/2.7.8/Python-2.7.8.tgz
# tar xvzf Python-2.7.8.tgz
# cd Python-2.7.8
# ./configure --prefix=/usr/local
# make --jobs=`grep processor/proc/cpuinfo | wc -l`
# make install
## Copy the python header files to the standard directory to avoid missing the required header files when compiling ansible
# cd /usr/local/include/python2.7
# cp -a ./* /usr/local/include /
## Backup the old version of python and symlink the new version of python
# cd /usr/bin
# mv python python2.6
# ln -s /usr/local/bin/python
## Modify the yum script to point to the old one version of python, which has been prevented from running
# vim /usr/bin/yum
#!/usr/bin/python --> #!/usr/bin/python2.6
(2), setuptools module installation
https://pypi .python.org/packages/source/s/setuptools/setuptools-7.0.tar.gz
# tar xvzf setuptools-7.0.tar.gz
# cd setuptools-7.0
# python setup.py install
(3), pycrypto module installation
https://pypi.python.org/packages/source/p/pycrypto/pycrypto-2.6.1.tar.gz
# tar xvzf pycrypto- 2.6.1.tar.gz
# cd pycrypto-2.6.1
# python setup.py install
(4), PyYAML module installation
http://pyyaml.org/download/libyaml/yaml-0.1.5.tar.gz
# tar xvzf yaml-0.1.5.tar.gz
# cd yaml-0.1.5
# ./configure --prefix=/usr/local
# make --jobs=`grep processor/proc/cpuinfo | wc -l`
# make install
https://pypi.python.org/packages/source/P/PyYAML/PyYAML-3.11.tar.gz
# tar xvzf PyYAML-3.11.tar.gz
# cd PyYAML-3.11
# python setup.py install
(5), Jinja2 module installation
https://pypi.python.org/packages/source/M/MarkupSafe/MarkupSafe-0.9.3.tar.gz
# tar xvzf MarkupSafe-0.9.3.tar.gz
# cd MarkupSafe-0.9.3
# python setup. py install
https://pypi.python.org/packages/source/J/Jinja2/Jinja2-2.7.3.tar.gz
# tar xvzf Jinja2-2.7.3.tar.gz
# cd Jinja2-2.7.3
# python setup.py install
(6), paramiko imitation
https://pypi.python.org/packages/source/e/ecdsa/ecdsa-0.11.tar.gz
# tar xvzf ecdsa-0.11.tar.gz
# cd ecdsa- 0.11
# python setup.py install
https://pypi.python.org/packages/source/p/paramiko/paramiko-1.15.1.tar.gz
# tar xvzf paramiko-1.15.1.tar.gz
# cd paramiko- 1.15.1
# python setup.py install
(7), simplejson module installation
https://pypi.python.org/packages/source/s/simplejson/simplejson-3.6.5.tar.gz
# tar xvzf simplejson-3.6.5.tar.gz
# cd simplejson- 3.6.5
# python setup.py install
(8), ansible installation
https://github.com/ansible/ansible/archive/v1.7.2.tar.gz
# tar xvzf ansible-1.7.2.tar.gz
# cd ansible-1.7.2
# python setup.py install
2, Ansible configuration
(1), SSH keyless login settings
## Generate public/private keys
# ssh-keygen -t rsa -P ''
wKioL1RsyCTC94M0AACbRu5nOSQ166.jpg
## write Enter the trust file (distribute /root/.ssh/id_rsa_storm1.pub to other servers, and execute the following command on all servers):
# cat /root/.ssh/id_rsa_storm1.pub >> /root/.ssh/authorized_keys
# chmod 600 /root/.ssh/authorized_keys
(2), ansible configuration
# mkdir -p /etc/ansible
# vim /etc/ansible/ansible.cfg
……
remote_port = 36000
private_key_file = /root/.ssh/id_rsa_storm1
……
## Host group definition
# vim /etc/ ansible / the hosts
[storm_cluster]
10.223.55.100
10.223.55.101
10.223.38.226
10.223.38.227
10.223.39.216
10.223.25.123
(. 3), a simple test
# Command ansible storm_cluster -m -a 'Uptime'
wKiom1Rsx-bQ_7jKAADLJtl0-4A979.jpg
Description: When running for the first time, you need to enter "yes" [for public key verification], and you do not need to enter it again later.
## Run again
# ansible storm_cluster -m command -a 'uptime'
wKioL1RsyHrwytdgAAHAHOcTZR8008.jpg
3. Commonly used modules
(1), setup
## used to view some basic information of the remote host
# ansible storm_cluster -m setup
wKioL1RsyJyAptQMAAFxh3ywaEs209.jpg
(2), ping
## used to test the running status of the remote host
# ansible storm_cluster -m ping
wKiom1RsyEPSQolOAAGGdiXrB3c688.jpg
( 3), file
## Set the properties of the file The
related options are as follows:
force: You need to force the creation of a soft link in two cases, one is when the source file does not exist, but will be established later; the other is the target soft link It already exists, you need to cancel the previous soft chain first, and then create a new soft chain. There are two options: yes|no
group: define the group of the file/directory
mode: define the permission of the file/directory
owner: define the file/directory Owner
path: required, defines the path of the file/directory
recurse: recursively sets the attributes of the file, only valid for the directory src: the
path of the linked source file, only applies to the case of state=link
Applies only to state=link
state:
directory: if the directory does not exist, create the directory
file: even if the file does not exist, it will not be created
link: create a soft link
hard: create a hard link
touch: if the file does not exist, create a new file, if the file or directory already exists, update its last modification time
abstract: delete the directory, file or unlink the file
Example :
##Create a remote file symlink
# ansible storm_cluster -m file -a "src=/etc/resolv.conf dest=/tmp/resolv.conf state=link"
wKioL1RsyNyyhjnQAAC-cHXrNCg654.jpg
##View remote file information
# ansible storm_cluster -m command -a "ls –al /tmp/resolv.conf"
wKiom1RsyH6j2C39AAFtr8zKvT4777.jpg
##Remove file symlink removal
# ansible storm_cluster -m file -a "path=/tmp/resolv.conf state=absent"
wKioL1RsyRLAj0RMAADL23Ztiio670.jpg
##View remote file information
# ansible storm_cluster -m command -a "ls -al /tmp/resolv.conf"
wKiom1RsyLXR7deZAAEhGk-nuao742.jpg
Note: As shown above, it means that the file or link has been deleted.
(4), copy
## Copy the file to the remote host The
related options are as follows:
backup: Before overwriting, the source file is backed up, and the backup file contains time information. There are two options: yes|no
content: used to replace "src", you can directly set the value of the specified file
dest: required option. The absolute path of the remote host to copy the source file to. If the source file is a directory, then the path must also be a
directory
But the content is different, if it is set to yes, it will force overwrite, if it is no, it will only copy if the file does not exist in the target location of the target host. The default is yes
others: all options in the file module can be used here
src: the local file copied to the remote host, which can be an absolute path or a relative path. If the path is a directory, it will be copied recursively. In this case, if the path ends with "/", only the contents of the directory will be copied, and if it does not end with "/", the entire contents including the directory will be copied, similar to rsync.
Example:
## Copy local file "/etc/ansible/ansible.cfg" to remote server
# ansible storm_cluster -m copy -a "src=/etc/ansible/ansible.cfg dest=/tmp/ansible.cfg owner= root group=root mode=0644"
wKiom1RsyNaiKBOrAADvYmNkJhY434.jpg
## View remote file information
# ansible storm_cluster -m command -a "ls -al /tmp/ansible.cfg"
wKiom1RsyO_SkZtSAAE1LmxVNxk291.jpg
(5), command
## Execute commands on the remote host The
related options are as follows:
creates: a file name , when the file exists, the command does not execute
free_form: the linux command to be executed
chdir: switch to the directory before executing the command
removes: a file name, when the file does not exist, the option does not execute
executable: switch shell to execute the command, the execution path must be an absolute path
Example :
# ansible storm_cluster -m command -a "uptime"
wKioL1RsyYOjbttbAAG9mMpCf1s600.jpg
Automated operation and maintenance tool Ansible
Guess you like
Origin http://10.200.1.11:23101/article/api/json?id=326677373&siteId=291194637
Recommended
Ranking