I. INTRODUCTION
ansible ( www.ansible.com )
more concise automated operations tools, no need to install agents on the client , based on the development of Python . You can implement batch operating system configuration, batch program deployment, batch run commands.
features
(1), no agents: no need to install any client on the managed host;
(2), no server: No servers, the use of direct command can be run;
(3), modules in any languages: Based on module work, can use any language development module;
(4), Yaml,not code: Use the Yaml language to customize the script playbook;
(5), SSH by default: work based on SSH;
(6), strong multi-tier solution: Multi-level command can be achieved.
Advantages
(1), lightweight, no need to install agent on the client, update, only need to make an update on the operator machine;
(2), batch task execution can be written as script, and can be executed without distributing to remote;
(3), write using Python, maintenance is more simple, ruby syntax is too complex;
(4), support sudo.
Two. Installation Preparation
1. Prepare two machines centos6.7_64, both of which shut down SELinux, emptying iptables rules and saving.
web9:192.168.1.190
web10:192.168.1.191
2. set hostname
[Email protected] ~]# vim/etc/sysconfig/networknetworking=yeshostname=web9.gz.com
[Email protected] ~]# vim/etc/sysconfig/networknetworking=yeshostname=web10.gz.com
3.
Edit Hosts File
Both settings, if the machine too many, you can build DNS, you do not have to set this on each machine
172.7.15.106 web9.gz.com172.7.15.111 web10.gz.com
Reboot, turn off the firewall
[[email protected] ~]# iptables -f[[email protected] ~]# service Iptables saveiptables: Save firewall rules to /etc/sysconfig/iptables: [OK][[email protected] ~]# vim /etc/selinux/config# This file controls the State of selinux on the system.# selinux= can take one of these three values:# enforcing - selinux security policy is enforced.# permissive - selinux prints warnings instead of enforcing.# disabled - no selinux policy is loaded. selinux=disabled# selinuxtype= can take one of these two values:# targeted - targeted processes are protected,# mls - multi level security protection. Selinuxtype=targeted and from both are emptied iptables# iptables -f and from both are closed selinux # setenforce 0
4. Installation
[email protected] ~]# yum install-y epel-release[[email protected] ~]# yum install-y ansible
5. SSH Key Configuration
[[email protected] ~]# mkdir/root/.ssh[[email protected] ~]# chmod 700/root/.ssh[[email protected] ~]# ssh-keygen-t RSA
Note: Enter directly without setting the key password. This will generate the. ssh directory in the root home directory, which will also generate two files Id_rsa and id_rsa.pub.
[[email protected] ~]# ls -la /root/.ssh/total dosage 16drwx------. 2 root root 4096 4 Month 21 23:29 .dr-xr-x---. 4 root root 4096 4 month 21 23:29 -RW-------. 1 root root 1671 4 Month 21 23:29 id_rsa-rw-r--r--. 1 root root 398 4 month 21 23:29 id_rsa.pub
Put the public key (id_rsa.pub) content into the/root/.ssh/authorized_keys of the native and remote clients
native
[[email protected] ~]# cat /root/.ssh/id_rsa.pubssh-rsa aaaab3nzac1yc2eaaaabiwaaaqeatr/fd8ksjqcsmy881mpsb6n7x1keagf4drelwk7lli+n w/nrtvxupqeckglkzsueylhnhxsva+07foopm43yydnijurs/ jemlnav06ckqz6cpx4svto7nvknrkd8 tf7nZqVFxx/IPfTkJP+Ri0+DGQRKehjp3v7CmUAn51qSdZKRXOvPDoDAScZjGfmcEibPinyL8/MbGTRf ufnefulmekcsurb8/ aei83eoiitnzkzhwbumcgfiwjqxo6mqso03v6cbwbbrbhcimspdi+lpiomjk5p6 mfptrvi6rd7g0inpjuh4wzyunz3ezpv1zicohpkqsf4rtwlegpv8m/ u6rq== [email protected][[email protected] ~]# mkdir /root/.ssh[[email protected] ~]# chmod 600 /root/.ssh[[email&Nbsp;protected] ~]# vim /root/.ssh/authorized_keys
three. Verify that there is no success
[[email protected] ~]# ssh web9.gz.comthe authenticity of host ' web9.gz.com (172.7.15.106) ' can ' t be established. rsa key fingerprint is 67:31:c8:49:f6:17:59:88:e3:4a:61:a8:2b:44:20:55.are you sure you want to continue connecting (yes/no)? yeswarning: permanently added ' web9.gz.com,172.7.15.106 ' (RSA) to the list of known Hosts. [email protected] ' s password:last login: thu apr 21 23:13:04 2016 from 172-7-15-100.lightspeed.chrlnc.sbcglobal.net[[email protected] ~]#
If prompted-bash:ssh:command not found to install Yum install-y openssh-clients
Exit
[Email protected] ~]# logoutconnection to web9.gz.com closed.
This article is from "Linux rookie" blog, please be sure to keep this source http://490617581.blog.51cto.com/11186315/1766257
Ansible installation Configuration and examples