Automated operation and Maintenance _ansible

1. Preface

Ansible is a tool for automating operations, and is based on Python, which realizes the functions of batch system configuration, batch program deployment, batch Run command and so on.

Ansible is module-based, Ansible provides a framework for batch deployment through modules.

2. Install, use2.1 Installing Ansible

With the source installation of Epel, add Epel source is not detailed here.

# yum Install ansible--enablerepo=epel

2.2 Setting the key login

Generate SSH Public key pair

# ssh-keygen-t Rsa-p '

Copy the public key to the server on the managed side

# cat/root/.ssh/id_rsa.pub >>/root/.ssh/authorized_keys# chmod 600/root/.ssh/authorized_keys

Confirm that a key can be used to connect to the server on the management side

2.3 Configuring Ansible

Define host group, you can use hostname or IP

# vi/etc/ansible/hosts[tests]test167test154

In addition, the Ansible configuration file is/etc/ansible/ansible.cfg, and no modification is required by default.

2.4 Using the Ansible2.4.1 ping module

# ansible Tests-m Ping

2.4.2 execute commands, command, Shell module

# ansible tests-m command-a ' uptime ' # ansible tests-m shell-a ' Date ' # ansible tests-m command-a ' cat  /etc/resolv . conf '

2.4.3 View configuration, Setup module

# ansible TESTS-M Setup

2.4.4 copy file, copy module

# ansible tests-m copy-a ' src=/home/ec2-user/test.txt dest=/tmp/test222.txt mode=0644 '

2.4.5 adding users, user module

# ansible tests-m user-a ' name=test comment= "test user" uid=1000 password= "Crypted-password" '

Password Generation method:

# Yum Install python-pip# pip install passlib# python-c "from Passlib.hash import Sha512_crypt; Import Getpass; Print Sha512_crypt.encrypt (Getpass.getpass ()) "

2.4.6 installation software, yum module

# ansible tests-m yum-a ' name=vsftpd state=present '

2.4.7 start service, set up boot, service module

# ansible tests-m service-a ' name=vsftpd state=started enabled=yes '

View

# ansible tests-m shell-a ' ps-ef| grep ftp ' # ansible tests-m shell-a ' ss-tln| grep 21 '

2.4.8 support Pipeline, Raw,shell module

# ansible tests-m raw-a ' ss-tln| grep 21 '

2.5 Other Commands 2.5.1 view Help

List all installed modules

# ansible-doc-l

View an introduction to a module

# ansible-doc-s Ping

2.5.2 Ansible-pull

Use pull mode, (default is push mode)

3. Playbook File

Playbook is a list of one or more "play" that can be combined to perform in a pre-programmed mechanism

# Ansible-playbook Test.yml

The format of the playbook file, Yaml is a highly readable markup language.

role can divide the playbook into a single module to make the structure clearer.

The construction of 3.1 role

Includes tasks, defaults, VARs, files, templates, Mata, handlers directories, where tasks are required.

Examples of 3.2 role

This example is the most basic composition and includes only the tasks

3.2.1 Creating a directory Roles/apache2/tasks

# mkdir-p Roles/apache2/tasks

3.2.2 Creating TASKS/MAIN.YML

----Name:install apache2 (RedHat).  YUM:NAME=HTTPD when  : "ansible_os_family = = ' RedHat '"-Name:install apache2 (Debian).  Apt:name=apache2 when  : "ansible_os_family = = ' Debian '"

3.2.3 Creating Playbook (SITE.YML)

----Name:install Apache2  hosts:tests  remote_user:root  roles:    -apache2

3.2.4 Execution

# Ansible-playbook Site.yml

3.3 Official examples of Playbook

Https://github.com/ansible/ansible-examples

3.4 Playbook File encryption

Ansible-vault password-based encryption for configuration files (such as playbooks) to prevent sensitive information from being compromised

3.4.1 encrypting a file that already exists

# Ansible-vault Encrypt./site.yml

3.4.2 Encrypt and create files

# ansible-vault Create filename

Playbook after the encryption

3.4.3 after performing an encrypted playbook

# Ansible-playbook./site.yml--ask-vault-pass

3.4.4 Decryption

# Ansible-vault Decrypt./site.yml

4. PostScript

Ansible is easy to use, does not need a client, high modularity, customization flexibility, when the number of management servers, can play a great help. is a good automated maintenance tool.

Automated operation and Maintenance _ansible