Original link: http://blog.csdn.net/xyang81/article/details/51568227
Ansible Introduction: Ansible is a simple and efficient automated operation and maintenance management tool, developed in Python, can be used in large quantities to manage n multiple machines, can concurrently deploy applications on multiple machines, install software, execute commands, configuration and orchestration tasks. The bulk installation of the Zabbix_agenet client will be mentioned later
First, ansible working mechanism, principle explanation
It can be seen that ansible is divided into the following sections:
1) Control Node: Controlling the machine
2) Inventory: Host list
3) playbooks: script, Task orchestration. Define multiple tasks according to rules, the module organization is clear, the ansible is executed automatically by the
4) Modules (core| Custom): module for performing a specific task
5) connection plugin (connection plugin): Ansible connects to the remote host through different protocols, executing the specified command. Connect remote host by default with SSH protocol
Second, ansible implementation process
To put it simply, when running ansible, first read the configuration in ansible.cfg, get the list of management hosts in the inventory according to the rules, perform the configured tasks in parallel in these hosts, and finally wait for the returned results.
Third, installation ansible preparation work
One control console: 192.168.0.202
Three management hosts: (as a test)
192.168.0.200
192.168.0.201
192.168.0.203
Note: If the managed host has an extranet IP address, the control host can be its own virtual machine
Installation Requirements:
CENTOS6 versions above and can use Python commands and PIP commands
Note: The CENTOS6 system is automatically python2.6. CENTOS7 System Automatic python2.7. The PIP command is a python-based command that installs the Python module
Iv. installation of Ansiable
1. Installation method One, yum installation (recommended)
Yum Install Epel-release-y
Yum Install Ansible-y
2. Installation method Two, install the Ansible module under Python
Pip Install Ansible
Iv. Configuring the Control host Management Server
1) vim/etc/ansible/hosts Add the managed machine
192.168.0.200
192.168.40.70:88 Ansible_ssh_user=root ansible_ssh_pass=1234567899
Server ansible_ssh_host=192.168.40.20 ansible_ssh_pass= "1234567899" ansible_ssh_port=8822
Note. There are several ways to do this. The default port is 22. The default user is root. Server is the host name. Recommended for the next 2, when you copy the public key to the management host, you can password-free
2) Generate SSH key pair in control host
SSH-KEYGEN-T RSA
Always enter, that is, generate ID_RSA and id_rsa.put private keys and public keys in the $HOME/.SSH directory two files
Note: For security can also be generated when the key to set the password, ansible each time the command, will be prompted to enter the key password, you can use the following command to remember the password.
Ssh-agent BSH
Ssh-add ~/.ssh/id_rsa
3) Copy the public key to the management host. ssh/authorized_keys file, implement password-free logon to remote management host
Ssh-copy-id-i ~/Ssh/id_rsa. Pub root@192. 168. 0. 200 # Default Port
Ssh-copy-id-i ~/.ssh/id_rsa.pub "-p 8822 [email protected]" # Modified special port
If the host in the/etc/ansible/hosts has a user name, port, password. There's no need to enter the password again.
Note: The Ssh-copy-id command automatically appends the contents of the Id_rsa.pub file to the remote host root user. ssh/authorized_keys file
4) Adjust ansible.cfg parameters, optimize
Vim/etc/ansible/ansible.cfg
1. Disable each execution of the ansible command to check SSH key host.
host_key_checking = False
2. Turn on Log records
Log_path =/var/log/ansible.log
3. ansible Connection Acceleration Configuration
[Accelerate] #accelerate_port = 5099accelerate_port = 10000 #accelerate_timeout = 30#accelerate_connect_timeout = 5.0# If Set to Yes, Accelerate_multi_key'll allow multiple# private keys to being uploaded to it, though each user must# has acces S to the system via SSH to add a new key. The default# is "no". Accelerate_multi_key = yes
Five, Test. Testing batch execution of a ping command on the management machine
Description, each machine successfully performed a ping command
6. Batch Install Zabbix_agent client
vim/root/tools/zabbix.sh
#!/bin/sh# yum installation, # # notes # Note need to close selinux# sed-i "s/selinux=enforcing/selinux= disabled/"/etc/selinux/config# Setenforce 0 # for CENTOS6 version only, and Zabbix for first install RPM-IVH http://repo.zabbix.com/zabbix/3.2 /rhel/6/x86_64/zabbix-release-3.2-1.el6.noarch.rpmyum Install Zabbix-sender zabbix-agent zabbix-ycp/etc/zabbix/ zabbix_agentd.conf/etc/zabbix/zabbix_agentd.conf_ori.bak# 192.168.40.21-bit Zabbix server monitoring address Sed-i "S/SERVER=127.0.0.1/ server=192.168.40.21/"/etc/zabbix/zabbix_agentd.conf#sed-i" s/serveractive=127.0.0.1/serveractive=192.168.40.21 /"/etc/zabbix/zabbix_agentd.conf#sed-i" S/hostname=zabbix server/hostname=192.168.40.21/"/etc/zabbix/zabbix_ Agentd.confcp/etc/sysconfig/iptables/etc/sysconfig/iptables_ori.baksed-i '/^commit/i\-a input-m State--state new-m Tcp-p TCP--dport 10050-j ACCEPT '/etc/sysconfig/iptables service iptables restartservice zabbix-agent startchkconfig Z Abbix-agent on
Ansible all-m copy-a "src=/root/tools/zabbix.sh dest=/root" # push files to admin host
Ansible all-a "/bin/sh/root/zabbix.sh" # Remote Execute script file
After execution, connect the admin host to see if the zabbix_agent has been successfully started.
Vii. Summary of the ansible order
Hosts file = = = "Can consider encrypting the file
192.168.40.70:88 Ansible_ssh_user=root ansible_ssh_pass=1234567899
Server ansible_ssh_host=192.168.40.20 ansible_ssh_pass= "1234567899" ansible_ssh_port=8822
Ssh-copy-id-i ~/.ssh/id_rsa.pub "-p 8822 [email protected]" # Copy public key
Ansible + Host group name +-m + module name +-A + parameter
Host group name, which is the host group name defined in the hosts
All refer to all hosts
-M refers to the use of modules, followed by the specified module name
-a refers to the parameters passed to the module
Ansible all-a "Mkdir-p/python/python" # execute commands in the admin host
Ansible all-m copy-a "src=/root/tools/zabbix.sh dest=/root" # copy files to admin host
Ansible all-a "/bin/sh/root/zabbix.sh" # Remote Execute script file
Linux operation Koriyuki ansible automated operations management tools