Ansible installation Configuration and examples

I. INTRODUCTION

ansible ( www.ansible.com )

more concise automated operations tools, no need to install agents on the client , based on the development of Python . You can implement batch operating system configuration, batch program deployment, batch run commands.

features
(1), no agents: no need to install any client on the managed host;
(2), no server: No servers, the use of direct command can be run;
(3), modules in any languages: Based on module work, can use any language development module;
(4), Yaml,not code: Use the Yaml language to customize the script playbook;
(5), SSH by default: work based on SSH;
(6), strong multi-tier solution: Multi-level command can be achieved.

Advantages
(1), lightweight, no need to install agent on the client, update, only need to make an update on the operator machine;
(2), batch task execution can be written as script, and can be executed without distributing to remote;
(3), write using Python, maintenance is more simple, ruby syntax is too complex;
(4), support sudo.

Two. Installation Preparation

1. Prepare two machines centos6.7_64, both of which shut down SELinux, emptying iptables rules and saving.

web9:192.168.1.190

web10:192.168.1.191

2. set hostname

[Email protected] ~]# vim/etc/sysconfig/networknetworking=yeshostname=web9.gz.com

[Email protected] ~]# vim/etc/sysconfig/networknetworking=yeshostname=web10.gz.com

3.

Edit Hosts File

Both settings, if the machine too many, you can build DNS, you do not have to set this on each machine

172.7.15.106 web9.gz.com172.7.15.111 web10.gz.com

Reboot, turn off the firewall

[[email protected] ~]# iptables -f[[email protected] ~]# service  Iptables saveiptables: Save firewall rules to  /etc/sysconfig/iptables:     [OK][[email  protected] ~]# vim /etc/selinux/config# This file controls the  State of selinux on the system.# selinux= can take one of  these three values:#     enforcing - selinux security  policy is enforced.#     permissive - selinux prints  warnings instead of enforcing.#     disabled - no  selinux policy is loaded. selinux=disabled# selinuxtype= can take one of these two values:#      targeted - targeted processes are protected,#     mls - multi level security protection. Selinuxtype=targeted and from both are emptied iptables# iptables -f  and from both are closed  selinux # setenforce  0

4. Installation

[email protected] ~]# yum install-y epel-release[[email protected] ~]# yum install-y ansible

5. SSH Key Configuration

[[email protected] ~]# mkdir/root/.ssh[[email protected] ~]# chmod 700/root/.ssh[[email protected] ~]# ssh-keygen-t RSA

Note: Enter directly without setting the key password. This will generate the. ssh directory in the root home directory, which will also generate two files Id_rsa and   id_rsa.pub.

[[email protected] ~]# ls -la /root/.ssh/total dosage  16drwx------.  2 root root 4096 4 Month   21 23:29 .dr-xr-x---.  4 root root 4096 4 month   21 23:29  -RW-------.  1 root root 1671 4 Month   21 23:29 id_rsa-rw-r--r--.   1 root root  398 4 month   21 23:29 id_rsa.pub 

Put the public key (id_rsa.pub) content into the/root/.ssh/authorized_keys of the native and remote clients
native

[[email protected] ~]# cat /root/.ssh/id_rsa.pubssh-rsa  aaaab3nzac1yc2eaaaabiwaaaqeatr/fd8ksjqcsmy881mpsb6n7x1keagf4drelwk7lli+n                 w/nrtvxupqeckglkzsueylhnhxsva+07foopm43yydnijurs/ jemlnav06ckqz6cpx4svto7nvknrkd8                 tf7nZqVFxx/IPfTkJP+Ri0+DGQRKehjp3v7CmUAn51qSdZKRXOvPDoDAScZjGfmcEibPinyL8/MbGTRf                 ufnefulmekcsurb8/ aei83eoiitnzkzhwbumcgfiwjqxo6mqso03v6cbwbbrbhcimspdi+lpiomjk5p6                 mfptrvi6rd7g0inpjuh4wzyunz3ezpv1zicohpkqsf4rtwlegpv8m/ u6rq== [email protected][[email protected] ~]# mkdir /root/.ssh[[email  protected] ~]# chmod 600 /root/.ssh[[email&Nbsp;protected] ~]# vim /root/.ssh/authorized_keys 

three. Verify that there is no success

[[email protected] ~]# ssh web9.gz.comthe  authenticity of host  ' web9.gz.com  (172.7.15.106) '  can ' t be established. rsa key fingerprint is 67:31:c8:49:f6:17:59:88:e3:4a:61:a8:2b:44:20:55.are you  sure you want to continue connecting  (yes/no)?  yeswarning: permanently  added  ' web9.gz.com,172.7.15.106 '   (RSA)  to the list of known  Hosts. [email protected] ' s password:last login: thu apr 21 23:13:04 2016  from 172-7-15-100.lightspeed.chrlnc.sbcglobal.net[[email protected] ~]# 

If prompted-bash:ssh:command not found to install Yum install-y openssh-clients

Exit

[Email protected] ~]# logoutconnection to web9.gz.com closed.

This article is from "Linux rookie" blog, please be sure to keep this source http://490617581.blog.51cto.com/11186315/1766257

Ansible installation Configuration and examples