Automated OPS tools Ansible detailed deployment

Original works, allow reprint, please be sure to use hyperlinks in the form of the original source of the article, author information and this statement. Otherwise, the legal liability will be investigated. http://sofar.blog.51cto.com/353572/1579894

==========================================================================================

First, the basic introduction

==========================================================================================

1 , Introduction

Ansible is a new automated operation tools, based on Python development, the collection of a number of operations tools (puppet, Cfengine, Chef, func, fabric) The advantages of the implementation of batch system configuration, batch program deployment, batch Run command and other functions. Ansible is a module-based operation and does not have the capacity to deploy in bulk. The real batch deployment is the module that Ansible runs, and Ansible just provides a framework. Mainly include:

(1), connection plug-in connection plugins: responsible for and be monitored to achieve communication;

(2), host Inventory: Specifies the operation of the host, is a configuration file inside the definition of monitoring host;

(3), various modules core module, command module, custom module;

(4), with the help of the plug-in to complete log mail and other functions;

(5), playbook: When a script performs multiple tasks, it is not necessary to allow the node to run multiple tasks at once.

2 , Overall architecture

3 , features

(1), no agents: no need to install any client on the managed host;

(2), no server: No servers, the use of direct command can be run;

(3), modules in any languages: Based on module work, can use any language development module;

(4), Yaml,not code: Use the Yaml language to customize the script playbook;

(5), SSH by default: work based on SSH;

(6), strong multi-tier solution: Multi-level command can be achieved.

4 , Advantages
(1), lightweight, no need to install agent on the client, update, only need to make an update on the operator machine;
(2), batch task execution can be written as script, and can be executed without distributing to remote;
(3), write using Python, maintenance is more simple, ruby syntax is too complex;
(4), support sudo.

5 , task execution Flow

Description

(1), the above content is based on the sharing of others on the basis of summing up, learning for reference;

(2), this installation is based on the CentOS 6.4 system environment.

==========================================================================================

Second, Ansible Basic installation and configuration

==========================================================================================

1 , Ansible Basic Installation

(1) , python2.7 installation

Https://www.python.org/ftp/python/2.7.8/Python-2.7.8.tgz

# tar Xvzf python-2.7.8.tgz

# CD Python-2.7.8

#./configure--prefix=/usr/local

# make--jobs= ' grep processor/proc/cpuinfo | Wc-l '

# make Install

# # Copy the Python header file to a standard directory to avoid the need for header files when compiling ansible

# cd/usr/local/include/python2.7

# cp-a./*/usr/local/include/

# # Back up old versions of Python and sign links to new versions of Python

# Cd/usr/bin

# mv Python python2.6

# ln-s/usr/local/bin/python

# # Modify the Yum script to point to an older version of Python that has been prevented from running

# Vim/usr/bin/yum

#!/usr/bin/python-#!/usr/bin/python2.6

(2) , Setuptools Module Installation

Https://pypi.python.org/packages/source/s/setuptools/setuptools-7.0.tar.gz

# tar Xvzf setuptools-7.0.tar.gz

# CD setuptools-7.0

# python setup.py Install

(3) , Pycrypto Module Installation

Https://pypi.python.org/packages/source/p/pycrypto/pycrypto-2.6.1.tar.gz

# tar Xvzf pycrypto-2.6.1.tar.gz

# CD pycrypto-2.6.1

# python setup.py Install

(4) , Pyyaml Module Installation

Http://pyyaml.org/download/libyaml/yaml-0.1.5.tar.gz

# tar Xvzf yaml-0.1.5.tar.gz

# CD yaml-0.1.5

#./configure--prefix=/usr/local

# make--jobs= ' grep processor/proc/cpuinfo | Wc-l '

# make Install

Https://pypi.python.org/packages/source/P/PyYAML/PyYAML-3.11.tar.gz

# tar Xvzf pyyaml-3.11.tar.gz

# CD PyYAML-3.11

# python setup.py Install

(5) , JINJA2 Module Installation

Https://pypi.python.org/packages/source/M/MarkupSafe/MarkupSafe-0.9.3.tar.gz

# tar Xvzf markupsafe-0.9.3.tar.gz

# CD MarkupSafe-0.9.3

# python setup.py Install

Https://pypi.python.org/packages/source/J/Jinja2/Jinja2-2.7.3.tar.gz

# tar Xvzf jinja2-2.7.3.tar.gz

# CD jinja2-2.7.3

# python setup.py Install

(6) , Paramiko Module Installation

Https://pypi.python.org/packages/source/e/ecdsa/ecdsa-0.11.tar.gz

# tar Xvzf ecdsa-0.11.tar.gz

# CD ecdsa-0.11

# python setup.py Install

Https://pypi.python.org/packages/source/p/paramiko/paramiko-1.15.1.tar.gz

# tar Xvzf paramiko-1.15.1.tar.gz

# CD paramiko-1.15.1

# python setup.py Install

(7) , Simplejson Module Installation

Https://pypi.python.org/packages/source/s/simplejson/simplejson-3.6.5.tar.gz

# tar Xvzf simplejson-3.6.5.tar.gz

# CD simplejson-3.6.5

# python setup.py Install

(8) , ansible installation

Https://github.com/ansible/ansible/archive/v1.7.2.tar.gz

# tar Xvzf ansible-1.7.2.tar.gz

# CD ansible-1.7.2

# python setup.py Install

2 , Ansible Configuration

(1) , SSH Key-Free login settings

# # Generate public/private keys

# ssh-keygen-t Rsa-p '

# # Write the trust file (distribute/root/.ssh/id_rsa_storm1.pub to other servers and execute the following instructions on all servers):

# cat/root/.ssh/id_rsa_storm1.pub >>/root/.ssh/authorized_keys

# chmod 600/root/.ssh/authorized_keys

(2) , ansible Configuration

# mkdir-p/etc/ansible

# vim/etc/ansible/ansible.cfg

......

Remote_port = 36000

Private_key_file =/root/.ssh/id_rsa_storm1

......

# # Host Group definition

# vim/etc/ansible/hosts

[Storm_cluster]

10.223.55.100

10.223.55.101

10.223.38.226

10.223.38.227

10.223.39.216

10.223.25.123

(3) , simple testing

# ansible storm_cluster-m command-a ' uptime '

Note: The first time you run, you need to enter "yes" for public key verification, and no further input.

# # Run again

# ansible storm_cluster-m command-a ' uptime '

3 , common module use

(1) , Setup

# # to see some basic information about a remote host

# ansible STORM_CLUSTER-M Setup

(2) , Ping

# # To test the running state of a remote host

# ansible Storm_cluster-m Ping

(3) , file

# # Setting properties of a file

The relevant options are as follows:

Force: There are two cases of forcing the creation of a soft link, one where the source file does not exist, but it will be established later, the other is the target soft link already exists, need to first cancel the previous soft chain, and then create a new soft chain, there are two options: Yes|no

Group: Defines the genus of files/directories

Mode: Define permissions for files/directories

Owner: Defines a file/directory owner

Path: Required option, defines the path to the file/directory

Recurse: Recursive settings file properties, only valid for directory

SRC: The path of the source file being linked, only for the case of State=link

Dest: The path to be linked to only the State=link case

State

Directory: Create directories if the directory does not exist

File: Will not be created even if it does not exist

Link: Create a soft link

Hard: Create a rigid link

Touch: If the file does not exist, a new file is created and the last modified time is updated if the file or directory already exists

Absent: Deleting directories, files, or unlinked files

Example:

# # Remote file Symbolic link creation

# ansible storm_cluster-m file-a "src=/etc/resolv.conf dest=/tmp/resolv.conf state=link"

# # remote File Information view

# ansible storm_cluster-m command-a "ls–al/tmp/resolv.conf"

# # Remote file Symbolic link Delete

# ansible storm_cluster-m file-a "path=/tmp/resolv.conf state=absent"

# # remote File Information view

# ansible storm_cluster-m command-a "ls-al/tmp/resolv.conf"

Description: As shown above, represents a file or link has been deleted.

(4) , Copy

# # Copy files to a remote host

The relevant options are as follows:

Backup: Before overwriting, the source file is backed up, and the backup file contains the time information. There are two options: Yes|no

Content: Used instead of "src", you can set the value of the specified file directly

Dest: Required option. The absolute path of the remote host to which the source file is to be copied, and if the source file is a directory, the path must also be a directory

Directory_mode: Recursively set permissions for the directory, default to system default permissions

Force: If the target host contains the file, but the content is different, if set to Yes, the override is enforced, and if no, the file is copied only if the target location for the destination host does not exist. The default is Yes

Others: All the options in the file module can be used here

SRC: A local file that is copied to the remote host, either an absolute path or a relative path. If the path is a directory, it will be replicated recursively. In this case, if the path ends with "/", only the contents of the directory are copied, and if "/" is not used to end, the entire content, including the directory, is copied, similar to rsync.

Example:

# # Copy the local file "/etc/ansible/ansible.cfg" to the remote server

# ansible storm_cluster-m copy-a "src=/etc/ansible/ansible.cfg dest=/tmp/ansible.cfg owner=root group=root mode=0644"

# # remote File Information view

# ansible storm_cluster-m command-a "Ls-al/tmp/ansible.cfg"

(5) , Command

# # Execute commands on the remote host

The relevant options are as follows:

Creates: A filename when the file exists, the command does not execute

Free_form: Linux instructions to execute

ChDir: Before executing the instruction, switch to the directory

Removes: A filename when the file does not exist, this option does not execute

Executable: Switch the shell to execute the instruction, the execution path must be an absolute path

Example:

# ansible storm_cluster-m command-a "uptime"

(6) , Shell

# # Switch to a shell to execute the specified instruction, with the same parameters as the command.

Unlike command, this module can support the command pipeline while another module also has this capability: raw

Example:

# # First create a shell script locally

# vim/tmp/rocketzhang_test.sh

#!/bin/sh

Date +%f_%h:%m:%s

#chmod +x/tmp/rocketzhang_test.sh

# # distributes the created script files to the remote

# ansible storm_cluster-m copy-a "src=/tmp/rocketzhang_test.sh dest=/tmp/rocketzhang_test.sh owner=root group=root mode=0755 "

# # Remote Execution

# ansible storm_cluster-m shell-a "/tmp/rocketzhang_test.sh"

(7) , more modules

Other commonly used modules, such as: Service, cron, yum, synchronize not one by one cases, can be combined with their own system environment for testing.

Service: System service Management

Cron: Scheduling Task management

Yum:yum Package Installation Management

Synchronize: Synchronizing files with rsync

User: System Users Management

Group: Management of System user groups

More modules are available for reference:

#ansible-doc–l

Http://docs.ansible.com/modules_by_category.html

http://www.ansible.cn/docs/

(A mirror site in the country to avoid being ^_^ by the wall)

(8) , some concepts complement

Playbook composition : Playbook is a list of one or more "play" that can be combined to execute in a pre-programmed mechanism; the so-called task is nothing more than a module that calls the Ansible, but a variable can be used in the parameters of modules; module execution is idempotent , which means that multiple executions are safe because the results are consistent;

Execution Model : Tasks in the task list are executed sequentially, one by one, on all hosts specified in the hosts, that is, the first task is completed on all hosts before the second one begins. When a playbook is run sequentially, if an error occurs halfway through, all the executed tasks are rolled back, so you can do it again after modifying the playbook;

Task composition : Each task should have its name, which is used for playbook execution results output, suggesting that its contents describe the task execution steps as clearly as possible. If name is not provided, the result of the action is used for the output;

Notify Specify Handler execution mechanism : the "Notify" action can be used to be triggered at the end of each play, the actions listed in notify are called Handler, and the specified action is performed only once all changes have completed.

==========================================================================================

Iii. Follow-up work

==========================================================================================

1, in-depth learning ansible playbook and expansion module;

2, in combination with the business environment, the initial implementation of basic monitoring to replace the current call to automate the deployment of Platform API mode;

3, try to automate the operation and Maintenance tool Saltstack, and compare it with ansible.

Some learning materials:

http://blog.xiaorui.cc/category/ansible/

Http://lixcto.blog.51cto.com/4834175/d-4

Https://github.com/ansible/ansible-examples

Http://rfyiamcool.blog.51cto.com/1030776/d-51

Http://dl528888.blog.51cto.com/2382721/d-4/p-1

Http://edu.51cto.com/course/course_id-2220.html

Http://edu.51cto.com/course/course_id-2032.html

http://www.shencan.net/index.php/category/%e8%87%aa%e5%8a%a8%e5%8c%96%e8%bf%90%e7%bb%b4/ansible/

This article from "The ideal of life is Perseverance" blog, please be sure to keep this source http://sofar.blog.51cto.com/353572/1579894

Automated OPS tools Ansible detailed deployment