Linux operation Koriyuki ansible automated operations management tools

Source: Internet
Author: User
Tags iptables

Original link: http://blog.csdn.net/xyang81/article/details/51568227

Ansible Introduction: Ansible is a simple and efficient automated operation and maintenance management tool, developed in Python, can be used in large quantities to manage n multiple machines, can concurrently deploy applications on multiple machines, install software, execute commands, configuration and orchestration tasks. The bulk installation of the Zabbix_agenet client will be mentioned later

First, ansible working mechanism, principle explanation

It can be seen that ansible is divided into the following sections:

1) Control Node: Controlling the machine

2) Inventory: Host list

3) playbooks: script, Task orchestration. Define multiple tasks according to rules, the module organization is clear, the ansible is executed automatically by the

4) Modules (core| Custom): module for performing a specific task

5) connection plugin (connection plugin): Ansible connects to the remote host through different protocols, executing the specified command. Connect remote host by default with SSH protocol

Second, ansible implementation process

To put it simply, when running ansible, first read the configuration in ansible.cfg, get the list of management hosts in the inventory according to the rules, perform the configured tasks in parallel in these hosts, and finally wait for the returned results.

Third, installation ansible preparation work

One control console: 192.168.0.202

Three management hosts: (as a test)

192.168.0.200

192.168.0.201

192.168.0.203

Note: If the managed host has an extranet IP address, the control host can be its own virtual machine

Installation Requirements:

CENTOS6 versions above and can use Python commands and PIP commands

Note: The CENTOS6 system is automatically python2.6. CENTOS7 System Automatic python2.7. The PIP command is a python-based command that installs the Python module

Iv. installation of Ansiable

1. Installation method One, yum installation (recommended)

Yum Install Epel-release-y

Yum Install Ansible-y

2. Installation method Two, install the Ansible module under Python

  Pip Install Ansible

Iv. Configuring the Control host Management Server

1) vim/etc/ansible/hosts Add the managed machine

192.168.0.200

192.168.40.70:88 Ansible_ssh_user=root ansible_ssh_pass=1234567899
Server ansible_ssh_host=192.168.40.20 ansible_ssh_pass= "1234567899" ansible_ssh_port=8822
Note. There are several ways to do this. The default port is 22. The default user is root. Server is the host name. Recommended for the next 2, when you copy the public key to the management host, you can password-free

2) Generate SSH key pair in control host

SSH-KEYGEN-T RSA

Always enter, that is, generate ID_RSA and id_rsa.put private keys and public keys in the $HOME/.SSH directory two files

Note: For security can also be generated when the key to set the password, ansible each time the command, will be prompted to enter the key password, you can use the following command to remember the password.

Ssh-agent BSH

Ssh-add ~/.ssh/id_rsa

3) Copy the public key to the management host. ssh/authorized_keys file, implement password-free logon to remote management host

Ssh-copy-id-i ~/Ssh/id_rsa. Pub root@192. 168. 0. 200 # Default Port

Ssh-copy-id-i ~/.ssh/id_rsa.pub "-p 8822 [email protected]" # Modified special port

If the host in the/etc/ansible/hosts has a user name, port, password. There's no need to enter the password again.

Note: The Ssh-copy-id command automatically appends the contents of the Id_rsa.pub file to the remote host root user. ssh/authorized_keys file

4) Adjust ansible.cfg parameters, optimize

Vim/etc/ansible/ansible.cfg

1. Disable each execution of the ansible command to check SSH key host.

host_key_checking = False

2. Turn on Log records

Log_path =/var/log/ansible.log

3. ansible Connection Acceleration Configuration

[Accelerate] #accelerate_port = 5099accelerate_port = 10000 #accelerate_timeout = 30#accelerate_connect_timeout = 5.0# If Set to Yes, Accelerate_multi_key'll allow multiple# private keys to being uploaded to it, though each user must# has acces S to the system via SSH to add a new key. The default# is "no". Accelerate_multi_key = yes

Five, Test. Testing batch execution of a ping command on the management machine

Description, each machine successfully performed a ping command

6. Batch Install Zabbix_agent client

vim/root/tools/zabbix.sh

#!/bin/sh# yum installation, # # notes # Note need to close selinux# sed-i "s/selinux=enforcing/selinux= disabled/"/etc/selinux/config# Setenforce 0 # for CENTOS6 version only, and Zabbix for first install RPM-IVH http://repo.zabbix.com/zabbix/3.2 /rhel/6/x86_64/zabbix-release-3.2-1.el6.noarch.rpmyum Install Zabbix-sender zabbix-agent zabbix-ycp/etc/zabbix/ zabbix_agentd.conf/etc/zabbix/zabbix_agentd.conf_ori.bak# 192.168.40.21-bit Zabbix server monitoring address Sed-i "S/SERVER=127.0.0.1/ server=192.168.40.21/"/etc/zabbix/zabbix_agentd.conf#sed-i" s/serveractive=127.0.0.1/serveractive=192.168.40.21 /"/etc/zabbix/zabbix_agentd.conf#sed-i" S/hostname=zabbix server/hostname=192.168.40.21/"/etc/zabbix/zabbix_  Agentd.confcp/etc/sysconfig/iptables/etc/sysconfig/iptables_ori.baksed-i '/^commit/i\-a input-m State--state new-m Tcp-p TCP--dport 10050-j ACCEPT '/etc/sysconfig/iptables service iptables restartservice zabbix-agent startchkconfig Z Abbix-agent on 

Ansible all-m copy-a "src=/root/tools/zabbix.sh dest=/root" # push files to admin host

Ansible all-a "/bin/sh/root/zabbix.sh" # Remote Execute script file

After execution, connect the admin host to see if the zabbix_agent has been successfully started.

Vii. Summary of the ansible order

Hosts file = = = "Can consider encrypting the file

192.168.40.70:88 Ansible_ssh_user=root ansible_ssh_pass=1234567899
Server ansible_ssh_host=192.168.40.20 ansible_ssh_pass= "1234567899" ansible_ssh_port=8822

Ssh-copy-id-i ~/.ssh/id_rsa.pub "-p 8822 [email protected]" # Copy public key

Ansible + Host group name +-m + module name +-A + parameter

Host group name, which is the host group name defined in the hosts

All refer to all hosts
-M refers to the use of modules, followed by the specified module name
-a refers to the parameters passed to the module

Ansible all-a "Mkdir-p/python/python" # execute commands in the admin host

Ansible all-m copy-a "src=/root/tools/zabbix.sh dest=/root" # copy files to admin host

Ansible all-a "/bin/sh/root/zabbix.sh" # Remote Execute script file

Linux operation Koriyuki ansible automated operations management tools

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.