lab environment:
operating system | IP addresses | Character | CPU name | CPU core |
CentOS7.5 | 192.168.96.4 | Ansible | ansible | 1 |
CentOS7.5 | 192.168.96.5 | Client | client1 | 1 |
CentOS7.5 | 196.168.96.6 | Client | client2 | 2 |
Preparing the environment:
hostname ansible
bash
hostname client1
bash
hostname client2
bash
Three machines were shut down firewall
[root@ansible ~]# setenforce 0
[root@ansible ~]# systemctl stop firewalld
[root@ansible ~]# hostname ansible
==================================================================
Ansible:
vim /etc/hosts
Add to
192.168.96.4 ansible
192.168.96.5 client1
192.168.96.6 client2
scp /etc/hosts 192.168.96.5:/etc/
scp /etc/hosts 192.168.96.6:/etc/
YUM installed ansible
cd /etc/yum.repos.d/
wget http://mirrors.aliyun.com/repo/Centos-7.repo
yum yum clean all // Clear Cache
yum -y install ansible
ansible --version // test can display information indicates that the installation was successful
Creating SSH face interaction Login:
Ansible machine operation:
ssh-keygen -t rsa -P "" -f .ssh/id_rsa
Client1 end environment ready;
setenforce 0
systemctl stop firewalld
Client2 end environment ready;
setenforce 0
systemctl stop firewalld
Client1 Ansible end to the key pair and a second transmission:
ssh-copy-id [email protected]
ssh-copy-id [email protected]
Ansible configuration:
vim /etc/ansible/hosts
Write
[crushlinux]
192.168.96.5
192.168.96.6
ansible crushlinux -m ping // was set for the environment
ansible crushlinux -a "df -TH" // check two machines disk
Based sshpass distribution keys:
rm -rf .ssh / authorized_keys // keys before deleting the first to do comparison in the back
Installation sshpass:
After you remove the keys required to enter a password before you can connect
yum -y install sshpass //安装sshpass
sshpass -p 000000 ssh [email protected]
Use sshpass sends the password to the two machines
sshpass -p 000000 ssh-copy-id [email protected]
sshpass -p 000000 ssh-copy-id [email protected]
At this time, as shown above transmitted secret key interaction problem no longer exists.
The first connection is to manually enter yes, ssh can not be resolved.
The method of removing a process yes
sshpass -p 000000 ssh -o StrictHostKeyChecking = no [email protected] (first connection will manually enter yes, ssh can not solve; in this format will be solved)
The method of removing the two processes yes
vim / etc / ssh / ssh_config // into the document modify behavior no 35
After editing the document made no hair can be key
vim / etc / ansible / hosts // Add the following content into the document
[nokey]
client2 ansible_ssh_host=192.168.96.6 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass=000000
ansible modified nokey -m ping // ping it
【
client2 = hostname
ansible_ssh_host = ip host
ansible_ssh_port = ssh's default port
ansible_ssh_user = user name of ssh
ansible_ssh_pass = ssh connected user password
】
If you use the default lnventory file {/ etc / ansible / hosts}, you can not also specify a default file is lnvenntory
Ansible in packets by adding to the list of devices / etc / ansible / hosts file to achieve the management of equipment, write your hosts file before the formal management, hosts file to [] on behalf of the group name that contains part of;
vim / etc / ansible / hosts // Add the following content into the document
ansible modified nokey -m ping // ping it
ansible modified test01 -m ping // ping it
Add content;
[client]
client1
client2
[test01]
client[1:2]
===================================================================================
Ansible syntax:
ansible crushlinux -m command -a "" // in the "" in shell command may be executed (-m -a specified shell command specifying module)
ansible crushlinux -m command -a "free -m" // query crushlinux group within the host memory
ansible crushlinux -a "free -m" // can not write command, the default is the command module
ansible crushlinux -a "free -m" --limit 192.168.96.6 // only limit 192.168.96.6 execute commands (a member of the Executive --limit within the specified group)
ansible 192.168.96.6 -a // execute the command "free -m" directly to the host IP hosts file
ansible 192.168.96. * -a "free -m" // execute commands on the hosts file segment 96
Ansible command:
ansible // Double-click the tab (the most used is ansible-playbook and ansible)
ansible production environment using one of the very frequent orders, mainly in the scenes look at the application
1. Non-curing requirements (referring to temporary maintenance, such as view disk usage server group, there is no law to copy a file to other machines, etc., need to do a temporary mission)
2. The temporary one-time operation
3. secondary development interface calls
The non-curable demand grammar;
ansible <host> [parameters]
Within ansible all -m ping // hosts file to all hosts
ansible client1:client2 -m ping //clent1he clent2
ansible client:\!client2 -m ping
Check all the host is alive
ansible all -f 5 -m ping
Lists all the hosts in the group crushlinux
ansible crushlinux --list-host
ansible crushlinux --list
Batch show disk usage within a group crushlinux
crushlinux advance defined in / etc / ansible / hosts file group
ansible return results in three colors to indicate the results:
Red indicates the implementation process there is an abnormality
Orange represents the command execution status change objectives
Green indicates a successful execution and did not make changes to the target machine
ansible-doc -l // see the total aid (Qiaowan command Caton for a while)
ansible-playbook:
Ansible-playbook everyday applications most frequently used commands, similar to the system liunx sh or source command, the working mechanism is good playbook for centralized document processing tasks by reading the writing. ansible-playbook playbook command followed by the file format yml, playbook file storage tasks are to be executed.
ansible-console:
ansible-console is an interactive tool to provide users with the ansible, and similar windows in the cmd shell in Linux, users do the same as the shell using a variety of built-in commands ansible on ansible-console out of the virtual terminal.
(Default password is ansible, [f: 5] is represented by five concurrent threads; cd crushlinux enter crushlinux group, list content within a display set)