Ansible使用标准的SSH连接来执行自动化流程,不需要代理 (其他描述可自行搜索)
本文系统:
centos 6.5 x64
ip:172.16.162.129
hostname:vm.lansgg.com
测试client主机:
centos 6.5 x64
ip : 172.16.162.130
hostname:vm1.lansgg.com
#####摘自网友总结#####
一、Ansible介绍
ansible是一款的自动化运维工具,基于Python开发,集合了众多运维工具(puppet、cfengine、chef、func、fabric)的优点,实现了批量系统配置、批量程序部署、批量运行命令等功能。ansible是基于模块工作的,本身没有批量部署的能力。真正具有批量部署的是ansible所运行的模块,ansible只是提供一种框架。主要包括:
1、连接插件connection plugins:负责和被监控端实现通信;
2、host inventory:指定操作的主机,是一个配置文件里面定义监控的主机;
3、各种模块核心模块、command模块、自定义模块;
4、借助于插件完成记录日志邮件等功能;
5、playbook:剧本执行多个任务时,非必需可以让节点一次性运行多个任务。
二、Ansible特性
1、no agents:不需要在被管控主机上安装任何客户端;
2、no server:无服务器端,使用时直接运行命令即可;
3、modules in any languages:基于模块工作,可使用任意语言开发模块;
4、yaml,not code:使用yaml语言定制剧本playbook;
5、ssh by default:基于SSH工作;
6、strong multi-tier solution:可实现多级指挥。
三、Ansible优点
1、轻量级,无需在客户端安装agent,更新时,只需在操作机上进行一次更新即可;
2、批量任务执行可以写成脚本,而且不用分发到远程就可以执行;
3、使用python编写,维护更简单,ruby语法过于复杂;
4、支持sudo。
四、Ansible工作机制
五、安装ansible
依赖模块paramiko、PyYAML、Jinja2、httplib2、simplejson、pycrypto、crypto2.6、pyasn1、keyczar、sshpass等
rpm -vhi python-yaml-3.09-3.el6.rf.x86_64.rpm rpm -vhi python-jinja2-2.2.1-1.el6.rf.x86_64.rpm yum install ansible
ansible示例:
首先打通此主机到测试主机的ssh key
[root@vm ansible]# ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: ae:b1:ef:46:d8:e4:3f:38:38:8d:8b:e7:e3:a2:4c:c2 root@vm.lansgg.com The key‘s randomart image is: +--[ RSA 2048]----+ | | | | | | | . | | =S | |. ..+ | |.E. .=.o | | + ..*+= o | | o..=*Bo. . | +-----------------+ [root@vm ansible]# ssh-copy-id -i 172.16.162.130 The authenticity of host ‘172.16.162.130 (172.16.162.130)‘ can‘t be established. RSA key fingerprint is 1e:76:f9:17:93:20:f1:be:06:48:02:3b:7c:80:41:07. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ‘172.16.162.130‘ (RSA) to the list of known hosts. Address 172.16.162.130 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! root@172.16.162.130‘s password: Now try logging into the machine, with "ssh ‘172.16.162.130‘", and check in: .ssh/authorized_keys to make sure we haven‘t added extra keys that you weren‘t expecting.
进行命令测试
[root@vm ansible]# ansible testhost -m ping 172.16.162.130 | success >> { "changed": false, "ping": "pong" } [root@vm ansible]#
而testhost代表的则是
[root@vm ansible]# pwd /etc/ansible [root@vm ansible]# cat hosts [testhost] 172.16.162.130 [root@vm ansible]#
具体命令介绍下节说明
本文出自 “大風” 博客,请务必保留此出处http://lansgg.blog.51cto.com/5675165/1744316
原文地址:http://lansgg.blog.51cto.com/5675165/1744316