Ansible architectural patterns
Ansible by the control unit and the management unit: the control machine tools are used to install and execute instructions Ansible server, the managed server machine refers to the operation of the business, managed by the control unit by the SSH.
Ansible management
Ansible is a model-driven manager that supports multi-node distribution, remote task execution, use the default SSH remote connections without having to install additional software on the managed node.
Ansible System Architecture
Ansible collection of a lot of operation and maintenance tools to achieve a batch system configuration, batch deployment, run the batch command functions, Ansible is based on the work of the module, does not have the ability to deploy the bulk of the module real work Ansible running, only Ansible provide a framework.
Ansible Features
- Automated deployment of application code;
- System Management automation;
- Support cloud computing, big data platform;
- Lightweight need to install agent;
- Bulk task execution script is available without having to distribute to remote;
- Support non-root user and sudo;
Ansible task execution process
Ansible host system by the control operation of the managed node can be divided into two categories (ad-hoc) and (PlayBook)
- single ad-hoc support module supports batch execute a single command;
- Functional playbook a complete set by a plurality of task, can be understood as a plurality of ad-hoc configuration file combining operation;
Ansible installation configuration
Ansible installation is very flexible to meet the needs of a variety of deployment environments.
YUM installation
# CentOS7.2 epel to install Ali as an example RPM -Uvh HTTPS: // mirrors.aliyun.com/epel/7/x86_64/Packages/e/epel-release-7-11.noarch.rpm # installation Ansible yum install -y ansible
Ansible configuration parameters
配置文件在:/etc/ansible/ansible.cfg
inventory
这个参数表示资源清单 . inventory文 件 的 位 置 , 资源清单就是 一些Ansible需要连接管理的主机列表 。
实例如下:
inventory == /etc/Ansible/hosts
library
Ansible的操作动作,无论是本地或远程,都使用一小段代码来执行,这小段代码称为模块 , 这个library参数就是指向存放Ansible模块的 目录 。 实例如下: library = /usr/share/Ansible Ansible支持多个记录方式,只要用W号(:)隔幵就可以,同时也会检査当前执行playbook位罝下的•/library目录。
forks
默认悄况下Ansible最多能有多少个进程同时丁-作,默认设置敁多5个 进程并进行理 。具体需要设置多少个,可以根据控制主机的性能和被管节点的数诂来确定,可能是50或100,默认值5是非常保守的设置。 实例如下: forks = 5
sudo_user
这是设罝默认执行命令的用户,也可以在playbook中重新设置这个参数。
实例如下:
sudo_user = root
remote_port
这是指定连接被管节点的管理端口,默认是22。除非设置了特殊的SSH端门.不然这个参数一般是不需要修改的。 实例如下: remote_port = 22
host_key_checking
这是设置是否检査SSH主机的密钥。可以设置为True或False。
实例如下:
host_key_checking = False
timeout
这是设置SSH连接的超时间隔,单位是秒。 实例如下: timeout = 60
log_path
Ansible系统默认是不记录日志的,如果想把Ansible系统的输出记录 到日志文件,需要设置log_ path指定一个存储Ansible日志的文件 。
实例如下:
log__path = /var/log/Ansible. log
注意:
执行Ansible的用户需要有写入日志的权限,模块将会调用被管节点的syslog来记录,口令是不会出现在日志中的。