Centralized management platform Ansible detailed _ server other

Ansible an open source platform that integrates the configuration management of IT systems, applies deployments, and performs specific tasks. Ansible has the following characteristics:
Simple deployment, only the main control side of the deployment of ansible environment, the controlled side does not need to do any action;
The device is managed by default using the SSH protocol;
Centralized management of master and subordinate;
Simple configuration, strong function, strong scalability
Through playbooks to customize a strong configuration, state management;

First, ansible installation
1. Environment configuration

Role	Host Name	Ip	Group name
Msster	Automation	192.168.1.23
Cleint	Test1	192.168.1.24	Webservers
Client	Test2	192.168.1.76	Webservers

2. Install Ansible and perform the following operations on master
Epel has provided all of the support packages required for ansible, so use the Epel source for installation here:

Copy Code code as follows:

wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
RPM-VIH epel-release-6-8.noarch.rpm remi-release-6.rpm
Yum Install Ansible-y

3.ansible Configuration and Testing
The first step is to modify the host and group configuration, file location/etc/ansible/hosts, the format of INI, add two host IP, while defining two IP to Webservers group, as follows:

Copy Code code as follows:

192.168.1.24
192.168.1.76

[Webservers]
192.168.1.24
192.168.1.76

By pinging the module to test the connectivity of the host, ping the single host and group, the following figure shows the test success

Note: Because the master and the managed host do not have the SSH certificate trust configured, you need to add the-K parameter when executing the ansible command, and request the root default password.
4. Configure Linux host SSH no password access
Create a key in the host 192.168.1.23, execute ssh-keygen-t RSA, ask to press ENTER directly, and a pair of keys will be generated under/root/.ssh/, where Id_rsa is the private key, Id_rsa.pub is the public key

[Root@automation ~]# ssh-keygen-t RSA
generating public/private RSA key pair.
Enter file in which to save the key (/ROOT/.SSH/ID_RSA): 
Enter passphrase (empty for no passphrase): 
enter same PA Ssphrase again: 
Your identification has been saved.
Your public key has been saved in/root/.ssh/id_rsa.pub.
The key fingerprint is:
8c:b2:59:d6:39:14:92:7f:95:98:3d:98:55:36:aa:bd root@automation the
key ' s Randomart Image is:
+--[RSA 2048]----+
|   ... b.o+ |
|   . = =o. |
|    .. ...  |
|    =...O | |
|   *  .  .  |
|  o    E         |
| | | +-----------------+

Next, Sync public key id_rsa.pub to target host, recommend using Ssh-copy-id Public key Copy Tool

Verify that the SSH password-free configuration is successful, run SSH root@192.168.1.24, go directly to the target root account prompt, and indicate that the configuration was successful.

5. Define host and group rules

The configuration rule file is/etc/ansible/hosts by default for remote operation of a matching target host by a defined host and group rule ansible.

6. Define hosts and Groups

All the defined host and group rules are in the/etc/ansible/hosts file, the INI file format, the host can be identified by domain name, IP, alias, where Webservers,dbservers is the group name, followed by the host for its members

192.168.1.21:29050
 
[webservers]
192.168.1.23
 
[dbservers]
192.168.1.76

Where 192.168.1.21:29050 means to define an SSH server Port 29050 host, of course, we can also use aliases to describe a host, such as

Web1 ansible_ssh_port=22 ansible_ssh_host = 192.168.1.34

WEB1 is a defined alias, Ansible_ssh_port is the host SSH service port, Ansible_ssh_host is the target host