brief introduction ：ansible It is a new automatic operation and maintenance tool , be based on Python Development , A collection of operations and maintenance tools （puppet、cfengine、chef、func、fabric） The advantages of , Realized batch system configuration 、 Batch program deployment 、 Batch run command and other functions .

This experiment is tested by three hosts , One of them acts as a management machine , The other two managed hosts

One 、ansible install

1.1 install epel Extended source

yum install -y epel-release.noarch

1.2 install ansible

yum install -y ansible

see ansinle edition

After installation , There are many more ansible The command

Two 、 Configure the host

2.1 To configure hosts file

Add the information of the other two hosts

vi /etc/ansible/hosts

perform ansible command , In fact, in this case, the password is written in clear text in the configuration file , Do not apply

ansible 10.49.33.58 -m ping 

The second configuration file is only one ip, To execute the command, enter the password , It is inconvenient to maintain multiple hosts

ansible 10.49.33.58 -m ping -k

Input password

The third case , Key management can be generated , No password required , Easy to manage
Production key

ssh-keygen

By default, the generated key is placed in /root/.ssh/

ll /root/.ssh

2.2 Management key

id_rsa It's the private key
id_rsa.pub It's the public key , You need to send the public key to the managed host
Usage mode ：
ssh-copy-id [-i [identity_file] ] [[email protected]]machine
-i： Specify the public key file
Local ssh Install the public key file to the corresponding account of the remote host ：
ssh-copy-id [email protected]
ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]

ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected]10.49.33.58

After successful execution , We check on the target machine /root/.ssh The directory has been generated , And there is another one named authorized_keys The file of , What is stored in it is the original machine ssh-keygen Generated id_rsa.pub The content of

Try logging in as prompted 10.49.33.58

ssh [email protected]10.49.33.58

Go straight into , No more passwords

Empathy , Pass the public key to 10.49.33.59 in

ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected]10.49.33.59

The relevant operation configuration of public key authentication is completed , Can pass ansible The host connects to these hosts without password , It greatly improves the security

2.3 Managed host grouping

You can also group different hosts , The default configuration file also has prompts

ansible test	-m	ping

thus , ordinary ansible Completion of construction management

3、 ... and 、ansible Composition Introduction

3.1 see ansible Directory file

tree /etc/ansible/

/etc/ansible/

├── ansible.cfg # The configuration file

├── hosts # Main warehouse Used to store information about remote hosts that need to be managed

└── roles # The directory where the characters are stored

3.2 Ansible Command parameter details

Ansible The command syntax is as follows ：
ansible [-i Host files ] [-f batch ] [ Group name ] [-m Module name ] [-a Module parameters ]
Ansible The detailed parameters are as follows ：
-i inventory_file—— Specifies the host file , If you don't specify , The default is /etc/ansible/hosts file , In the host file , Defined Ansible Host to control IP Or domain name , And its users 、 password
-f 10—— Indicates the number of synchronization processes specified to start
-m module—— Express Ansible Module to call
-a —— Specify the parameters of the module , It can be orders and so on
-sudo —— Said the use of ansible get sudo jurisdiction
-k —— Express ansible The use of SSH password
-u username—— To designate Ansible The executing user
-C —— Indicates command test

3.3 ansible Module function view

Ansible There are many modules , View all ansible Module , Use command ：

ansible-doc	-l

There are so many modules , On the left is the module name , On the right is the description of module functions
Check the function of a module in detail , And check its parameters , Can execute orders ：

ansible-doc -s [ Module name ]

3.4 hosts file

    hosts Files generally store our managed host information . Host list , Also called Inventory. All managed hosts need to be defined in this file . If you don't want to use the default list, you can use -i Option to specify a custom manifest file , Prevent multiple people from using a host list . If not defined in the host list file , Executing the command will prompt “No hosts matched”

thank you