Create ansible and manage container nodes based on Docker

Create ansible and manage container nodes based on Docker

Scenario: When learning conditions are limited, you can complete Docker and ansible learning with a single VM

FIX: Create a custom image and build multiple ansible containers first.

Of course, this method is suitable for other similar scenarios.

VMS Environment:

• Os:centos7docker version 1.12.3, build 6b644ecdocker-compose version 1.8.1, build 878cff1

Key points:

• Dockerfile Authoring Optimizations

• docker-compose.yml Write

• Ansible-ssh Key-Free login

• between Containers A Port Interoperability

  
  

650) this.width=650; "title=" Snipaste20161206_033726.png "src=" http://s1.51cto.com/wyfs02/M01/8B/28/ Wkiom1hfxobajlkaaaccfilfbfc468.png-wh_500x0-wm_3-wmp_4-s_1493303578.png "alt=" Wkiom1hfxobajlkaaaccfilfbfc468.png-wh_50 "/>

Y preparatory work

Create a folder

Mkdir-p/root/docker/ansible-demo &&/root/docker/ansible-demo/volume2 && cd ~/docker/ansible-demo

Create Dockerfile, Docker-compose

Dockerfile file

# set the base image to centosfrom centos:latestmaintainer osbing  [email protected] #mount  volumevolume ["/root/docker/ansible-demo/volume2"]############### ### begin installation ###################### #install  EPELRUN rpm -ivh  Https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm && rpm --import  /etc/pki/rpm-gpg/rpm-gpg-key-epel-7 && yum install -y yum-priorities#  Install#RUN yum clean allRUN yum install -y sudoRUN yum  install -y net-tools openssh-clients openssh-server ansible vim################# # end installation #######################  set the Usepam parameter of the sshd to norun sed -i  ' s /usepam yes/usepam no/g '  /etc/ssh/sshd_config#  modify root user password run echo  "Root:benny" | Chpasswdrun ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_keyrun ssh-keygen -t rsa -f / etc/ssh/ssh_host_rsa_key#  starts the SSHD service and exposes 22 ports run mkdir /var/run/sshdexpose 22entrypoint  ["/usr/sbin/sshd", "-D"]

# no cache creates a mirror #ddocker build--no-cache-t osbing/centos_sshd:0.2. # Create a container. Privileged mode--privileged=truedocker run-d-P 9021:22--privileged=true--name ansible-controller1 osbing/centos_sshd:0. 2docker run-d-P 9021:22--privileged=true--name ansible-controller osbing/centos_sshd:0.2docker run-d-P 9022:22--pri Vileged=true--name ansible-node2 osbing/centos_sshd:0.2docker run-d-P 9023:22--privileged=true--name ansible-node3 o sbing/centos_sshd:0.2

or Use docker-compose file creation container

ansible-controller:image:osbing/centos_sshd:0.2 ports:-"9021:22" Environment:hostname:ansible-controlle ransible-node2:image:osbing/centos_sshd:0.2 ports:-"9022:22" Environment:hostname:ansible-node2 ansible -node3:image:osbing/centos_sshd:0.2 ports:-"9023:22" environment:hostname:ansible-node3

650) this.width=650; "Width=" height= "228" title= "Snipaste20161206_033809.png" style= "Background:url ("/e/u261/ Lang/zh-cn/images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "ans ible-node2 ansible-node2 Ansibie-node2 ans ible-node3 ansible-node3 ans ible-node3 1 ansible-controller ansible-control 1er Ansible-controller "s rc= "Http://s2.51cto.com/wyfs02/M00/8B/28/wKiom1hFxPuwYCmlAABvCjaCr-M179.png-wh_500x0-wm_3-wmp_4-s_610595203.png"/>

SSH connected to Ansible-controller to configure and manage nodes

# SSH connection to Ansible-controller to modify SSH [email protected]-P 9021

Vim/etc/ansible/hosts

650) this.width=650; "Width=" 265 "height=" "title=" Snipaste20161206_033817.png "style=" Background:url ("/e/u261/ Lang/zh-cn/images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "[Test-servers] 172.17.6.12 172.17.0.13 172.17.e.14 "src=" Http://s3.51cto.com/wyfs02/M00/8B/24/wKioL1hFxRTREnMgAAAsJoD9cK4749.png-wh_ 500x0-wm_3-wmp_4-s_2527173316.png "/>

# Generate Public Key Ssh-keygen

650) this.width=650; "title=" Snipaste20161206_033824.png "src=" http://s2.51cto.com/wyfs02/M01/8B/28/ Wkiom1hfxvlhz33baaf8kzr8-9y643.png-wh_500x0-wm_3-wmp_4-s_2678526004.png "alt=" Wkiom1hfxvlhz33baaf8kzr8-9y643.png-wh_50 "/>

Copy the public key to the host on the managed node

# Ssh-copy-id Copy the public key to the host on the managed node ssh-copy-id-i [email protected]ssh-copy-id-i [email protected]ssh-copy-id-i [Email protect Ed

650) this.width=650; "Width=" "height=" 373 "title=" Snipaste20161206_033830.png "style=" Background:url ("/e/u261/ Lang/zh-cn/images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "[Root@c9db9b7e94bo ssh-copy-id-i Root@172.17.0.12 the authenticity of host ' 172.17.0.12 (172.17.0.12) ' can ' t be established. RSA Key fingerprint is was sure you want to continue connecting (yes/no)? Yes/usr/bin/ssh-copy-id:info:attempting to log in with the new key (s), to filter out any that is already installed/us R/bin/ssh-copy-id:info:1 key (s) remain to being installed if you were prompted now it's to install the new keys root@172.17 .0.12 ' s Password:number of key (s) added:1 now try logging into the machine, with: "SSH ' root@172.17.o.12 ' and check to M Ake sure that is only the key (s) for you wanted were added. [Root@c9db9b7e94b0 ssh-copy-id-i root@172.17.0.13 The authenticity of host ' 172.17.0.13 (172.17.0.13) ' can ' t be establish ed. RSA Key Fingerprint is was sure you want to continue Connecting (yes/no)? Yes/usr/bin/ssh-copy-id:info:attempting to log in with the new key (s), to filter out any that is already installed/us R/bin/ssh-copy-id:info:1 key (s) remain to being installed if you were prompted now it's to install the new keys root@172.17 . O.13 ' s Password:number of key (s) added:1 now try logging into the machine with: "SSH ' root@172.17.o.13" and check to Ma Ke sure that is only the key (s) of you wanted were added. [root@c9db9b7e94b0 ssh-copy-id-i root@172.17.0.14/usr/bin/ssh-copy-id:info:attempting to log on with the new key (s), t o filter out all that is already installed/usr/bin/ssh-copy-id:info:1 key (s) remain to is installed if you are Prompte D now it's to install the new keys root@172.17.o.14 's password:number of key (s) added:1 now try logging into the Machin E, and check to make sure: "SSH ' root@172.17.o.14" the key (s) for you wanted were added. "Src=" Http://s4.51cto. Com/wyfs02/m01/8b/24/wkiol1hfxwhizzj0aaiskf2yic8553.png-wh_500x0-wm_3-wMp_4-s_105069565.png "/>

attempt at Ansible Service-side Run command

Example 1 : Check Ansible the run time of the node ( Uptime )

#ping测试ansible-M Ping "test-servers"

650) this.width=650; "Width=" "height=" 245 "title=" Snipaste20161206_033835.png "style=" Background:url ("/e/u261/ Lang/zh-cn/images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "[Root@c9db9b7e94b8 ansible 172.17. A.14 SUCCESS ' ichangedll:false, ' ping ': ' Pongll 172.17.a.12 SUCCESS ' ichangedll:false, ' ping ': ' Pongll 172.17.a.13 SUC Cess ' Ichangedll:false, ' ping ': ' pongll-m png ' test-servers ' src= ' Http://s2.51cto.com/wyfs02/M02/8B/28/wKiom1hFxWzS 5fb9aab1_dmlq_u472.png-wh_500x0-wm_3-wmp_4-s_3675567725.png "/>

#获取系统运行时间ansible ' Test-servers '-M command-a "uptime"

650) this.width=650; "Width=" "height=" 165 "title=" Snipaste20161206_033840.png "style=" Background:url ("/e/u261/ Lang/zh-cn/images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "[root@c9db9b7e94b0 ansible ' Test-servers-m command-a Uptime "172. 172.172. 17.@.14 up 17.@.12 up 17.@.13 up SUCCESS 2:46, SUCCESS 2:46, SUCCESS 2:46,-load average:-load average:-load average: "s rc= "Http://s5.51cto.com/wyfs02/M02/8B/28/wKiom1hFxYqixcRgAAB3GxSDXJI279.png-wh_500x0-wm_3-wmp_4-s_1099199560.png"/>

Example 2 : Check the kernel version of the node

#获取内核版本ansible ' Test-ser

650) this.width=650; "title=" Snipaste20161206_033847.png "src=" http://s3.51cto.com/wyfs02/M02/8B/24/ Wkiol1hfylgqbvofaabiykyvu8m162.png-wh_500x0-wm_3-wmp_4-s_1553306398.png "alt=" Wkiol1hfylgqbvofaabiykyvu8m162.png-wh_50 "/>

Example 3 : Add user to Node

#增加用户ansible "Test-servers"-M command-a "useradd mark" Ansible "Test-servers"-M command-a "grep mark/etc/passwd"

650) this.width=650; "title=" Snipaste20161206_033853.png "src=" http://s5.51cto.com/wyfs02/M00/8B/28/wKiom1hFyJ_ Cnccsaacnnawsekg689.png-wh_500x0-wm_3-wmp_4-s_1334436269.png "alt=" wkiom1hfyj_cnccsaacnnawsekg689.png-wh_50 "/ >

Example 4 : Redirect output to file

[Email protected] ansible]# ansible "Test-servers"-M Command-a "df-th" >/tmp/command-output.txt[[email protected] ansible]# Cat/tmp/command-output.txt

650) this.width=650; "title=" Snipaste20161206_033901.png "src=" http://s5.51cto.com/wyfs02/M02/8B/24/ Wkiol1hfyg-dqwmfaaevkaueheg906.png-wh_500x0-wm_3-wmp_4-s_3281783480.png "alt=" Wkiol1hfyg-dqwmfaaevkaueheg906.png-wh_50 "/>

END

This article is from the "Heart" blog, make sure to keep this source http://bennychen.blog.51cto.com/6323894/1879822

Create ansible based on Docker and manage container nodes