ansible折騰記(一)

學前準備

  • 本機Windows ,安裝VirtualBox,里面安裝centos 7.x
  • 兩臺云服務器(有獨立IP)安裝centos 7.x系統(tǒng)

學習思路

  • 利用本機虛擬機里的主機,安裝ansible,通過ssh互信,控制兩臺云服務器

安裝

yum -y install ansible

驗證

ansible --version

設置主機清單

[root@127.0.0.1 ~]# sudo vi /etc/ansible/hosts
# 添加如下內(nèi)容
[web]
192.168.0.230
192.168.0.15

更改本機名稱

[root@127.0.0.1 ~]# hostnamectl set-hostname centos184
[root@127.0.0.1 ~]# hostname
centos184

設置ssh免密登錄

[root@centos184 ~]# ssh-keygen -t rsa  <!--生成密鑰對-->
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):<!--密鑰對存放路徑-->
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):    
       <!--輸入私鑰保護密碼,直接按Enter鍵表示無密碼-->
Enter same passphrase again:    <!--再次輸入-->
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:cJz6NRTrvMDxX+Jpce6LRnWI3vVEl/zvARL7D10q9WY root@centos184
The key's randomart image is:
+---[RSA 2048]----+
|          .   . .|
|       . . +   oo|
|      . = o o. oo|
|       = * o..+ *|
|      . S *.=+=*+|
|       . o =+XooE|
|        . ..=.++.|
|           ..o ..|
|           .. o. |
+----[SHA256]-----+
[root@centos184 ~]# ssh-copy-id -i .ssh/id_rsa.pub  root@192.168.0.230   <!--復制公鑰到指定遠端-->
[root@centos184 ~]# ssh-copy-id -i .ssh/id_rsa.pub  root@192.168.0.15    <!--復制公鑰到指定遠端-->

測試免密登錄

[root@centos184 ~]# ssh root@192.168.0.230
Last failed login: Mon Dec 13 11:17:57 CST 
[root@230 ~]#

用ansible hostname模塊 修改230主機hostname

[root@centos184 ~]# ansible 192.168.0.230 -m hostname -a "name=centos230"
192.168.0.230 | CHANGED => {
    "ansible_facts": {
        "ansible_domain": "",
        "ansible_fqdn": "centos230",
        "ansible_hostname": "centos230",
        "ansible_nodename": "centos230",
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "name": "centos230"
}
[root@centos184 ~]#
# 登錄進去看主機名是否改變
[root@centos184 ~]# ssh root@192.168.0.230
Last login: Mon Dec 13 11:34:44 2021 from 
Welcome to nokvm, For more information 
[root@centos230 ~]#
# 已經(jīng)改變 退出即可
[root@centos230 ~]# exit
logout
Connection to 192.168.0.230 closed.

用ansible shell模塊 修改230主機hostname

[root@centos184 ~]# ansible web -m shell -a "hostnamectl set-hostname centos230test"
192.168.0.230 | CHANGED | rc=0 >>

[root@centos184 ~]# ansible web -m shell -a "hostname"
192.168.0.230 | CHANGED | rc=0 >>
centos230test
[root@centos184 ~]#

用ansible copy模塊將本機的文件復制到web組所有機器上

[root@centos184 ~]# cd /tmp/
[root@centos184 tmp]# ls
[root@centos184 tmp]# echo 'hello world'=> start.txt
[root@centos184 tmp]# ls
start.txt
[root@centos184 tmp]# ansible web -m copy -a "src=/tmp/start.txt dest=/tmp/sss.txt mode=777"
192.168.0.230 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "checksum": "96b79fbf28162c88bfee7bf76cd15ebba1f2e9d8",
    "dest": "/tmp/sss.txt",
    "gid": 0,
    "group": "root",
    "md5sum": "d340e393d20ce0881c27a16c8d08d999",
    "mode": "0777",
    "owner": "root",
    "size": 13,
    "src": "/root/.ansible/tmp/ansible-tmp-1639380182.77-4304-32121682697141/source",
    "state": "file",
    "uid": 0
}
[root@centos184 tmp]# ansible web -m shell -a "ls /tmp"
192.68.0.230 | CHANGED | rc=0 >>
aaa
ansible_command_payload_VybZ9u
sss.txt
[root@centos184 tmp]#

綜合實踐用ansible 為web組主機安裝nginx服務

1.使用yum模塊為web組主機添加nginx

ansible web -m yum -a "name=nginx"
# 結果省略...太長了
# 查看安裝結果
[root@192 tmp]# ansible web -m shell -a "rpm -qa |grep nginx"
192.168.0.184 | CHANGED | rc=0 >>
nginx-filesystem-1.20.1-9.el7.noarch
nginx-1.20.1-9.el7.x86_64
192.168.0.230 | CHANGED | rc=0 >>
nginx-filesystem-1.20.1-9.el7.noarch
nginx-1.20.1-9.el7.x86_64

2.放開nginx所需端口

# 查看web組主機打開的端口
[root@192 tmp]# ansible web -m shell -a "firewall-cmd --zone=public --list-ports"        192.168.0.184 | CHANGED | rc=0 >>
80/tcp
192.168.0.230 | CHANGED | rc=0 >>
80/tcp
# 我這里是放開了80端口 若沒有放開執(zhí)行下面的
ansible web -m shell -a "firewall-cmd --zone=public --add-port=80/tcp --permanent"
# 重啟防火墻
[root@192 tmp]# ansible web -m shell -a "firewall-cmd --reload"                          192.168.0.184 | CHANGED | rc=0 >>
success
192.168.0.230 | CHANGED | rc=0 >>
success

3.啟動nginx 服務

[root@192 tmp]# ansible web -m service -a "name=nginx enabled=yes state=started"

4.根據(jù)ip訪問nginx歡迎頁

ansible service模塊擴展

service模塊為用來管理遠程主機上的服務的模塊。常見的參數(shù)如下:

  • name:被管理的服務名稱;
  • state=started|stopped|restarted:動作包含啟動,關閉或重啟;
  • enable=yes|no:表示是否設置該服務開機自啟動;
  • runlevel:如果設定了enabled開機自啟動,則要定義在哪些運行目標下自動啟動;
?著作權歸作者所有,轉載或內(nèi)容合作請聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時請結合常識與多方信息審慎甄別。
平臺聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點,簡書系信息發(fā)布平臺,僅提供信息存儲服務。

相關閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容