Before we start, let's think of a scenario where your company has hundreds of servers, and when the leader asks to add a timed task to all the servers, or execute a command, you might say that you can use Xshell to connect or write a shell script. But if you have experienced something like this, you can certainly experience the pain, because so many servers you use Xshell to connect the workload will become particularly large, but if you choose to write a script, it will be particularly troublesome, because each execution of a different thing you will have to modify the script's class capacity, and batch scripts generally use a circular way to perform some tasks, if there are too many nodes, the efficiency of the execution will become lower, and the bulk management tools generally use parallel way to perform some tasks or commands, so that in the efficiency has been a certain increase, the common batch management tools have Ansible, Saltstack,puppet
??? Ansible is a python development of an automated operation and maintenance tools, based on the SSH protocol for Remote batch management, ansible and the same category of software comparison, the biggest advantage is easy to use, simple, fast, so many of the operations of small partners love
I. ansible software deployment process (i), environmental planning
Server Type |
IPAddress |
hostname |
Managing hosts |
10.0.0.61 |
M01 |
Managed Host |
10.0.0.41 |
Backup |
Managed Host |
10.0.0.31 |
Nfs01 |
Managed Host |
10.0.0.7 |
Web01 |
PS: All the above hosts are centos6.9 operating systems
(ii), create SSH key pair and bulk distribute key information
- Create this script on the administrative host and execute the
[Email protected] ~]# vim/service/scripts/fenfa_key.sh
#!/bin/bash
Rm/root/.ssh/id_dsa
Ssh-keygen-t dsa-f/root/.ssh/id_dsa-n ""
For IP in 31 41 7
Do
sshpass-p666666 ssh-copy-id-i/root/.ssh/id_dsa.pub "-O stricthostkeychecking=no 10.0.0. $ip"
Done
[Email protected] scripts]# sh fenfa_key.sh
- After executing the bulk distribution script to ensure that SSH can be connected via a key, we can write a test script to test
[Email protected] ~]# vim/service/scripts/jiancha_scripts.sh
#/bin/bash
If [$#-ne 1]
Then
echo "pls input one agrs"
Exit 1
Fi
For IP in 31 41 7
Do
Echo ==============info 10.0.0. $ip ==============
SSH 10.0.0. $ip $
echo ""
Done
[Email protected] ~]# sh/service/scripts/jiancha_scripts.sh hostname
==============info 10.0.0.31==============
Nfs01
==============info 10.0.0.41==============
Backup
==============info 10.0.0.7==============
Web01
(iii) installation of ansible software through Yum
- Note Before installing we need to confirm that the Epel source is installed on the top of our management host server, if there is no epel source that can be downloaded by the following command
Wget-o/etc/yum.repos.d/epel.repo Http://mirrors.aliyun.com/repo/epel-6.repo
[Email protected] ~]# yum-y install ansible
tip: In some cases we may be the security of the server to open the system of SELinux, when SELinux may prevent the normal SSH service connection, resulting in the ansible command failed to run, if you understand that SELinux is OK, What if you don't understand selinux? This time can be installed on the managed side through the Yum install-y libselinux-python to install a ansible official software to resolve the problem due to SELinux and unable to use the ansible command correctly
(iv) Add the managed side to the management host
[Email protected] ~]# vim/etc/ansible/hosts
[SA]
10.0.0.7
10.0.0.31
10.0.0.41
Configuration Description: [SA] is the host group name of the managed side, the IP address below is the host's IP address, if you need to set up more than one group name, easy to manage
This ansible software deployment is complete
Second, the application of Ansible software (i.), ansible application grammar
- Ansible controlled end host information or main group information-m module name-A related module parameters (ii), Ansible common Module 1, command module
Executing commands on a remote node
- chidir--> (switch to this directory before running the command)
A chestnut: [[email protected] ~]# ansible 10.0.0.31-m command-a "Chdir=/tmp/pwd"
????? 10.0.0.31 | SUCCESS | Rc=0 >>
????? /tmp
- Creates--> (determines whether a file or directory exists and executes the command behind if it does not exist)
A chestnut: [[email protected] ~]# ansible 10.0.0.31-m command-a "creates=/etc/dd hostname"
????? 10.0.0.31 | SUCCESS | Rc=0 >>
????? Nfs01
- Removes---(determine if a file exists and do not execute the command if it does not exist)
[Email protected] ~]# ansible 10.0.0.31-m command-a "removes=/etc/dd hostname"
10.0.0.31 | SUCCESS | Rc=0 >>
Skipped, SINCE/ETC/DD does not exist2, Shell moduleShell module can satisfy the command module all functions, and can support the identification of special character information, can be understood as a universal module, the parameters are basically the same as the command
A chestnut: [[email protected] ~]# ansible 10.0.0.31-m shell-a "cd/etc/;p WD"
????? 10.0.0.31 | SUCCESS | Rc=0 >>
????? etc
3. Scripts ModuleA module that specifically executes scripts, that is, the classes inside the script are executed on the remote node
A chestnut: [[email protected] scripts]# ansible 10.0.0.31-m script-a "/service/scripts/test.sh"
4. Copy ModuleCopy the file to the remote node
- Backup--> (backing up source files before overwriting files)
- SRC---> (Specify the data information to push)
- Dest--> (defines what node the data pushes to the remote directory)
- Owner---> (Sets the master permission for the copied file)
- Group---> (set permissions for replicated files)
- Mode---> (set file permissions after copying)
A chestnut: [[email protected] ~]# ansible 10.0.0.31-m copy-a "Src=/tmp/aa.txt dest=/tmp/backup=yes mode=777"
Note: Push the/tmp/aa.txt file under the management host to the 0.31 remote node/tmp/directory and back up the source file and change the file permissions to 7775.For modifying file attributes or creating files or directories
- Owner---> (Sets the master permission for the copied file)
- Group---> (set permissions for replicated files)
- Mode---> (set file permissions after copying)
- State----> (create file or directory)
Several chestnuts:
[Email protected] tmp]# ansible 10.0.0.31-m file-a "dest=/tmp/bb state=directory"------> (Creating a directory on a remote node)
[[email protected] tmp]# ansible 10.0.0.31-m file-a "dest=/tmp/bb.txt state=touch mode=644"---> (to wear a file on a remote node and modify permissions) 6, Yum ModuleTo install the uninstall view packages on the remote section
- Name--> (the name of the software to be installed, and the version of the software)
- State--> (Installed installation absent (uninstall)
- List--> (Specify the software name, see if the software can be installed, and if it is already installed)
Several chestnuts
[Email protected] tmp]# ansible 10.0.0.31-m yum-a "Name=iftop state=absent"--(uninstall Iftop software)
[Email protected] tmp]# ansible 10.0.0.31-m yum-a "Name=iftop state=installed"--(Install iftop software)
[[email protected] tmp]# ansible 10.0.0.31-m yum-a "List=iftop"-(view Iftop software) 7, service moduleUsed to manage Remote node service running status and power-on self-booting
- Name--> (Specifies the name of the service to be managed; Note: Managed services must be visible in Chkconfig)
- State--> (for setting the status of a service such as: Stopped started restarted reloaded)
- Enabled--> (set whether the service is powered on or off, yes indicates that the service is powered on from Start No indicates the service does not start automatically)
A chestnut
[Email protected] tmp]# ansible 10.0.0.31-m service-a "Name=crond state=stopped enabled=on"-( Turn Crond this service off and set boot not to start)
8. Cron Module
Timed tasks for managing remote nodes
- Minute---(min)
- Hour--(time)
- Day--(Sun)
- Month--(months)
- Weekday--(weeks)
- Name--(Specify the name of the scheduled task)
- Job---(what to do)
- State--> (what to do with a timed task such as: Absent delete a scheduled task)
- Disabled--> (Note A timed task, yes identifies the comment, no identifies uncomment)
Several chestnuts
[Email protected] tmp]# ansible 10.0.0.31-m cron-a "name=empty minute=0 hour=0 job= ' cat/dev/null>/tmp/aa.txt '"--&G t; (add a scheduled Task)
[Email protected] tmp]# ansible 10.0.0.31-m cron-a "name=empty job= ' cat/dev/null>/tmp/aa.txt ' Disabled=yes"-( Comment out a timed task)
[[email protected] tmp]# ansible 10.0.0.31-m cron-a "Name=empty state=absent"--(delete a scheduled Task)
(iii), Ansible script
Ansible script is similar to the shell script in Linux, in Linux if we need to execute multiple commands to implement a function then we can write these commands into a file to generate a shell script, And the ansible script is to write multiple ansible command grammar modules into a file, to achieve some automated, convenient some functions
1, ansible Writing script specification
PS: Writing specifications Follow the PYYAML syntax specification, we can refer to the official documentation for learning: https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html
Format description
Summary: learn ansible two key one is to learn Ansible module two is to learn ansible script writing, of course, the former is for the latter to do the groundwork, So want to learn ansible in addition to the official documents can also be used to name Ansible-doc, this command is quite similar to the man command in the shell, you can ask for help online
Ansible Volume Management Services