Create ansible and manage container nodes based on Docker

Source: Internet
Author: User
Tags gpg

Create ansible and manage container nodes based on Docker


Scenario: When learning conditions are limited, you can complete Docker and ansible learning with a single VM

FIX: Create a custom image and build multiple ansible containers first.

Of course, this method is suitable for other similar scenarios.

VMS Environment:

    • Os:centos7docker version 1.12.3, build 6b644ecdocker-compose version 1.8.1, build 878cff1

Key points:

  • Dockerfile Authoring Optimizations

  • docker-compose.yml Write

  • Ansible-ssh Key-Free login

  • between Containers A Port Interoperability


650) this.width=650; "title=" Snipaste20161206_033726.png "src=" http://s1.51cto.com/wyfs02/M01/8B/28/ Wkiom1hfxobajlkaaaccfilfbfc468.png-wh_500x0-wm_3-wmp_4-s_1493303578.png "alt=" Wkiom1hfxobajlkaaaccfilfbfc468.png-wh_50 "/>


Y preparatory work

Create a folder

Mkdir-p/root/docker/ansible-demo &&/root/docker/ansible-demo/volume2 && cd ~/docker/ansible-demo


Create Dockerfile, Docker-compose

Dockerfile file

# set the base image to centosfrom centos:latestmaintainer osbing  [email protected] #mount  volumevolume ["/root/docker/ansible-demo/volume2"]############### ### begin installation ###################### #install  EPELRUN rpm -ivh  Https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm && rpm --import  /etc/pki/rpm-gpg/rpm-gpg-key-epel-7 && yum install -y yum-priorities#  Install#RUN yum clean allRUN yum install -y sudoRUN yum  install -y net-tools openssh-clients openssh-server ansible vim################# # end installation #######################  set the Usepam parameter of the sshd to norun sed -i  ' s /usepam yes/usepam no/g '  /etc/ssh/sshd_config#  modify root user password run echo  "Root:benny" | Chpasswdrun ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_keyrun ssh-keygen -t rsa -f / etc/ssh/ssh_host_rsa_key#  starts the SSHD service and exposes 22 ports run mkdir /var/run/sshdexpose 22entrypoint  ["/usr/sbin/sshd", "-D"]
# no cache creates a mirror #ddocker build--no-cache-t osbing/centos_sshd:0.2. # Create a container. Privileged mode--privileged=truedocker run-d-P 9021:22--privileged=true--name ansible-controller1 osbing/centos_sshd:0. 2docker run-d-P 9021:22--privileged=true--name ansible-controller osbing/centos_sshd:0.2docker run-d-P 9022:22--pri Vileged=true--name ansible-node2 osbing/centos_sshd:0.2docker run-d-P 9023:22--privileged=true--name ansible-node3 o sbing/centos_sshd:0.2

or Use docker-compose file creation container

ansible-controller:image:osbing/centos_sshd:0.2 ports:-"9021:22" Environment:hostname:ansible-controlle ransible-node2:image:osbing/centos_sshd:0.2 ports:-"9022:22" Environment:hostname:ansible-node2 ansible -node3:image:osbing/centos_sshd:0.2 ports:-"9023:22" environment:hostname:ansible-node3


650) this.width=650; "Width=" height= "228" title= "Snipaste20161206_033809.png" style= "Background:url ("/e/u261/ Lang/zh-cn/images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "ans ible-node2 ansible-node2 Ansibie-node2 ans ible-node3 ansible-node3 ans ible-node3 1 ansible-controller ansible-control 1er Ansible-controller "s rc= "Http://s2.51cto.com/wyfs02/M00/8B/28/wKiom1hFxPuwYCmlAABvCjaCr-M179.png-wh_500x0-wm_3-wmp_4-s_610595203.png"/>

SSH connected to Ansible-controller to configure and manage nodes

# SSH connection to Ansible-controller to modify SSH [email protected]-P 9021
Vim/etc/ansible/hosts


650) this.width=650; "Width=" 265 "height=" "title=" Snipaste20161206_033817.png "style=" Background:url ("/e/u261/ Lang/zh-cn/images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "[Test-servers] 172.17.6.12 172.17.0.13 172.17.e.14 "src=" Http://s3.51cto.com/wyfs02/M00/8B/24/wKioL1hFxRTREnMgAAAsJoD9cK4749.png-wh_ 500x0-wm_3-wmp_4-s_2527173316.png "/>

# Generate Public Key Ssh-keygen

650) this.width=650; "title=" Snipaste20161206_033824.png "src=" http://s2.51cto.com/wyfs02/M01/8B/28/ Wkiom1hfxvlhz33baaf8kzr8-9y643.png-wh_500x0-wm_3-wmp_4-s_2678526004.png "alt=" Wkiom1hfxvlhz33baaf8kzr8-9y643.png-wh_50 "/>

Copy the public key to the host on the managed node

# Ssh-copy-id Copy the public key to the host on the managed node ssh-copy-id-i [email protected]ssh-copy-id-i [email protected]ssh-copy-id-i [Email protect Ed


650) this.width=650; "Width=" "height=" 373 "title=" Snipaste20161206_033830.png "style=" Background:url ("/e/u261/ Lang/zh-cn/images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "[Root@c9db9b7e94bo ssh-copy-id-i Root@172.17.0.12 the authenticity of host ' 172.17.0.12 (172.17.0.12) ' can ' t be established. RSA Key fingerprint is was sure you want to continue connecting (yes/no)? Yes/usr/bin/ssh-copy-id:info:attempting to log in with the new key (s), to filter out any that is already installed/us R/bin/ssh-copy-id:info:1 key (s) remain to being installed if you were prompted now it's to install the new keys root@172.17 .0.12 ' s Password:number of key (s) added:1 now try logging into the machine, with: "SSH ' root@172.17.o.12 ' and check to M Ake sure that is only the key (s) for you wanted were added. [Root@c9db9b7e94b0 ssh-copy-id-i root@172.17.0.13 The authenticity of host ' 172.17.0.13 (172.17.0.13) ' can ' t be establish ed. RSA Key Fingerprint is was sure you want to continue Connecting (yes/no)? Yes/usr/bin/ssh-copy-id:info:attempting to log in with the new key (s), to filter out any that is already installed/us R/bin/ssh-copy-id:info:1 key (s) remain to being installed if you were prompted now it's to install the new keys root@172.17 . O.13 ' s Password:number of key (s) added:1 now try logging into the machine with: "SSH ' root@172.17.o.13" and check to Ma Ke sure that is only the key (s) of you wanted were added. [root@c9db9b7e94b0 ssh-copy-id-i root@172.17.0.14/usr/bin/ssh-copy-id:info:attempting to log on with the new key (s), t o filter out all that is already installed/usr/bin/ssh-copy-id:info:1 key (s) remain to is installed if you are Prompte D now it's to install the new keys root@172.17.o.14 's password:number of key (s) added:1 now try logging into the Machin E, and check to make sure: "SSH ' root@172.17.o.14" the key (s) for you wanted were added. "Src=" Http://s4.51cto. Com/wyfs02/m01/8b/24/wkiol1hfxwhizzj0aaiskf2yic8553.png-wh_500x0-wm_3-wMp_4-s_105069565.png "/>

attempt at Ansible Service-side Run command


Example 1 : Check Ansible the run time of the node ( Uptime )

#ping测试ansible-M Ping "test-servers"


650) this.width=650; "Width=" "height=" 245 "title=" Snipaste20161206_033835.png "style=" Background:url ("/e/u261/ Lang/zh-cn/images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "[Root@c9db9b7e94b8 ansible 172.17. A.14 SUCCESS ' ichangedll:false, ' ping ': ' Pongll 172.17.a.12 SUCCESS ' ichangedll:false, ' ping ': ' Pongll 172.17.a.13 SUC Cess ' Ichangedll:false, ' ping ': ' pongll-m png ' test-servers ' src= ' Http://s2.51cto.com/wyfs02/M02/8B/28/wKiom1hFxWzS 5fb9aab1_dmlq_u472.png-wh_500x0-wm_3-wmp_4-s_3675567725.png "/>

#获取系统运行时间ansible ' Test-servers '-M command-a "uptime"

650) this.width=650; "Width=" "height=" 165 "title=" Snipaste20161206_033840.png "style=" Background:url ("/e/u261/ Lang/zh-cn/images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "[root@c9db9b7e94b0 ansible ' Test-servers-m command-a Uptime "172. 172.172. 17.@.14 up 17.@.12 up 17.@.13 up SUCCESS 2:46, SUCCESS 2:46, SUCCESS 2:46,-load average:-load average:-load average: "s rc= "Http://s5.51cto.com/wyfs02/M02/8B/28/wKiom1hFxYqixcRgAAB3GxSDXJI279.png-wh_500x0-wm_3-wmp_4-s_1099199560.png"/>

Example 2 : Check the kernel version of the node

#获取内核版本ansible ' Test-ser

650) this.width=650; "title=" Snipaste20161206_033847.png "src=" http://s3.51cto.com/wyfs02/M02/8B/24/ Wkiol1hfylgqbvofaabiykyvu8m162.png-wh_500x0-wm_3-wmp_4-s_1553306398.png "alt=" Wkiol1hfylgqbvofaabiykyvu8m162.png-wh_50 "/>

Example 3 : Add user to Node

#增加用户ansible "Test-servers"-M command-a "useradd mark" Ansible "Test-servers"-M command-a "grep mark/etc/passwd"

650) this.width=650; "title=" Snipaste20161206_033853.png "src=" http://s5.51cto.com/wyfs02/M00/8B/28/wKiom1hFyJ_ Cnccsaacnnawsekg689.png-wh_500x0-wm_3-wmp_4-s_1334436269.png "alt=" wkiom1hfyj_cnccsaacnnawsekg689.png-wh_50 "/ >

Example 4 : Redirect output to file

[Email protected] ansible]# ansible "Test-servers"-M Command-a "df-th" >/tmp/command-output.txt[[email protected] ansible]# Cat/tmp/command-output.txt

650) this.width=650; "title=" Snipaste20161206_033901.png "src=" http://s5.51cto.com/wyfs02/M02/8B/24/ Wkiol1hfyg-dqwmfaaevkaueheg906.png-wh_500x0-wm_3-wmp_4-s_3281783480.png "alt=" Wkiol1hfyg-dqwmfaaevkaueheg906.png-wh_50 "/>

END

This article is from the "Heart" blog, make sure to keep this source http://bennychen.blog.51cto.com/6323894/1879822

Create ansible based on Docker and manage container nodes

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.