Ansible automated O & M tool and ansible automated

Ansible automated O & M tool and ansible automated

1 Ansible

1> introduction to ansible

Ansible is a new automatic O & M tool developed based on Python. It integrates the advantages of many O & M tools (puppet, cfengine, chef, func, fabric, implements batch system configuration, batch Program Department, batch run command, and other functions. Ansible works based on modules and does not support batch deployment. The modules run by ansible are actually deployed in batches. ansible only provides a framework. It mainly includes:

(1) connection plugins: communicates with the monitored end;

(2) host inventory: Specifies the host for the operation. It is a host defined in the configuration file;

(3) core modules, command modules, and custom modules of various modules;

(4) logging email and other functions are completed by using the plug-in;

(5) playbook: When the script executes multiple tasks, it is not necessary to allow the node to run multiple tasks at a time.

2> overall ansible Architecture

3> ansible features

(1) no agents: no clients need to be installed on the controlled host;

(2) no server: no server. Run the command directly during use;

(3) modules in any languages ages: modules can be developed in any language;

(4) yaml and not code: Use the yaml language to customize the playbook;

(5) ssh by default: Work Based on SSH;

(6) strong multi-tier solution: multi-level command can be implemented.

4> advantages of ansible

(1) Lightweight. You do not need to install the agent on the client. when updating the agent, you only need to update the agent on the operating machine;
(2) Batch task execution can be written as a script, and can be executed without being distributed remotely;
(3) Use python to write and maintain, and ruby syntax is too complex;
(4) sudo is supported.

5> ansible's task execution process

　　　　　　　　

2 install Ansible

Environment Description:

192.168.1.250 AnsibleManagement end [You only need to install Ansible

192.168.1.20.Client [No software installation required]

192.168.1.252Client [No software installation required]

1> Configure on 10 and use YUM source for installation. You need to obtain the YUM source of epel.

: Http://search.rpmseek.com/search.html

2> install the EPEL installation package

# Rpm-vih epel-release-6-8.noarch.rpm

# Vim/etc/yum. repos. d/epel. repo modify the path. Otherwise, an error is reported.

Modify the file "/etc/yum. repos. d/epel. repo", uncomment the baseurl, and comment out the comment list;

3> install Ansible in YUM

# Yum-y install ansible

4> Configure Ansible on 250

# Vim/etc/ansible. cfg

Remote_port = 22 run the remote server port

Private_key_file =/root/. ssh/id_rsa hold the local private key

# Vim/etc/ansible/hosts

192.168.1.100 can write a single IP Address

[Web] can be grouped. WEB groups include 251 and 252.

192.168.1.20.

192.168.1.252

5> 250 start the test above:

First, claim the private key and public key,Generate a key pair

# Ssh-keygen-t rsa-f ~ /. Ssh/id_rsa-p' # generate the key pair. -P is followed by two single quotes. This command will generate a Public Key (~ /. Ssh/id_rsa.pub) and key (~ /. Ssh/id_rsa ),

-T dsa: indicates the encryption type of the key, which can be 'rsa 'and 'dsa'

-P ": Indicates logon without a password.

-F ~ /. Ssh/id_dsa: indicates that the key storage path is $ {USER}/. ssh/id_dsa.

6> copy the public key on 250 to the controlled client.

# Ssh-copy-id-I ~ /. Ssh/id_rsa.pub root@192.168.1.251
Option-I: Specify the Public Key File

# Try to log on without a password in ssh 192.168.1.6.2

7> 250 basic ANSIBEL Test

# Ansible storm_cluster-m command-a 'uptime'

Note: during the first running, you need to enter "yes" for public key verification. You do not need to enter it again later.

# Run again

# Ansible storm_cluster-m command-a 'uptime'

8> commonly used ANSIBEL modules in 250

(1), Setup

# View basic information about a remote host

# Ansible storm_cluster-m setup

(2)Ping

# Used to test the running status of a remote host

# Ansible storm_cluster-m ping

(3), File

# Set file attributes

The related options are as follows:

Force: You need to create a soft link in two cases. One is that the source file does not exist but will be created later. The other is that the target soft link already exists, you need to cancel the previous soft link and then create a new soft link. There are two options: yes | no

Group: group that defines the file/directory

Mode: Permission for defining files/Directories

Owner: owner of the definition file/directory

Path: required. It defines the path of the file/directory.

Recurse: recursively sets the attributes of a file, which is only valid for directories.

Src: the source file path to be linked. It is only applicable when state = link.

Dest: the link path. It is only used when state = link is used.

State:

Directory: If the directory does not exist, create a directory.

File: the object is not created even if it does not exist.

Link: Create a soft link

Hard: Create a hard link

Touch: if the file does not exist, a new file is created. If the file or directory already exists, the last modification time is updated.

Absent: deletes directories, files, or unlinks files.

Example:

# Create a remote file Symbolic Link

# Ansible storm_cluster-m file-a "src =/etc/resolv. conf dest =/tmp/resolv. conf state = link"

# View Remote File Information

# Ansible storm_cluster-m command-a "ls-al/tmp/resolv. conf"

# Delete a remote file Symbolic Link

# Ansible storm_cluster-m file-a "path =/tmp/resolv. conf state = absent"

　　　　　　

# View Remote File Information

# Ansible storm_cluster-m command-a "ls-al/tmp/resolv. conf"

Note: As shown above, the file or link has been deleted.

(4), Copy

# Copy a file to a remote host

The related options are as follows:

Backup: Back up the source file before overwriting. The backup file contains time information. There are two options: yes | no

Content: Used to replace "src". You can directly set the value of the specified file.

Dest: required. The absolute path of the remote host to which the source file is to be copied. If the source file is a directory, the path must also be a directory.

Directory_mode: recursively sets the directory permission. The default permission is the default permission of the system.

Force: if the target host contains the file but the content is different, if yes is set, the file is forcibly overwritten. If no, only when the target host does not have the file,. Yes by default

Others: all the options in the file module can be used here

Src: local file copied to the remote host, which can be an absolute or relative path. If the path is a directory, it will be recursively copied. In this case, if the path ends with "/", only the contents in the directory will be rewritten. If "/" is not used, then all the contents including the directory are copied, similar to rsync.

Example:

# Copy the local file "/etc/ansible. cfg" to the remote server

# Ansible storm_cluster-m copy-a "src =/etc/ansible. cfg dest =/tmp/ansible. cfg owner = root group = root mode = 0644"

# View Remote File Information

# Ansible storm_cluster-m command-a "ls-al/tmp/ansible. cfg"

　　　　　　　　　　

(5), Command

# Execute commands on a remote host

The related options are as follows:

Creates: a file name. If the file exists, this command is not executed.

Free_form: linux Command to be executed

Chdir: switch to the directory before executing the command

Removes: a file name. If the file does not exist, this option is not executed.

Executable: Switch shell to execute commands. The execution path must be an absolute path.

Example:

# Ansible storm_cluster-m command-a "uptime"

(6), Shell

# Switch to a shell to execute the specified command. The parameters are the same as those of command. Different from command, this module supports command pipelines, and another module also supports this function: raw

Example:

# Create a SHELL script locally

# Vim/tmp/rocketzhang_test.sh

#! /Bin/sh

Date + % F _ % H: % M: % S

# Chmod + x/tmp/rocketzhang_test.sh

# Distribute the created script file to a remote device

# Ansible storm_cluster-m copy-a "src =/tmp/rocketzhang_test.sh dest =/tmp/rocketzhang_test.sh owner = root group = root mode = 0755"

# Remote Execution

# Ansible storm_cluster-m shell-a "/tmp/rocketzhang_test.sh"

(7)More modules

Other commonly used modules, such as service, cron, yum, and synchronize, can be tested in combination with the system environment.

Service: System service Management

Cron: scheduled task management

Yum: yum Software Package Installation Management

Synchronize: Use rsync to synchronize files

User: system user management

Group: System User group Management

For more modules, refer:

# Ansible-doc-l

(8), Supplemented by some concepts

PlaybookComposition: Playbook is a list composed of one or more "play", which can be associated and executed in a pre-arranged mechanism. A task is nothing more than a module that calls ansible, variables can be used in the module parameters; the module execution is idempotent, which means that multiple executions are safe because the results are consistent;

Execution model: The tasks in the task list are executed one by one on all hosts specified in hosts, that is, the first task is completed on all hosts before the second task starts. When running a playbook in sequence, if an error occurs in the middle path, all executed tasks will be rolled back. Therefore, you can execute the playbook once again after modifying the playbook;

TaskComposition: Each task should have its name, which is used to output the execution result of the playbook. We recommend that you describe the task execution steps as clearly as possible. If the name is not provided, the action result is used for output;

NotifyHandlerExecution mechanism: The action "Y" can be used to be triggered at the end of each play. The operations listed in "notify" are called handler. The specified action is executed only once after all the changes are completed.