One of the lightweight automated operations Tools Ansible: Introduction and preliminary use

One, the common automated maintenance tools:

OS Provisioning:pxe, Cobbler

OS Config:puppet, Saltstack, chef, func

Task exec:fabric, Saltstack, func

Program Deployment:fabric

Management host controls how nodes are managed:

Agent: You need to install agents on the managed nodes to accept the operations of the management host, such as Puppet, Func

Agentless: The managed node does not need to install agent, the management host with SSH transfer operation instructions, such as ansible, fabric;

Ii. introduction of Ansible

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/7F/9C/wKiom1ckdkuymoGJAAKh7B3vN2Q035.png "title=" 2016-04-30_170910.png "width=" "height=" 258 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:500px;height:258px; " alt= "Wkiom1ckdkuymogjaakh7b3vn2q035.png"/>

Ansible is a python-based, lightweight, automated operations tool that combines the capabilities of many automated operations tools, and features such as batch system configuration, batch task execution, and batch program deployment in addition to system installation.

1, the Ansibler structure

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/7F/9A/wKioL1ckfeKg2CzWAAdahMlM--E648.png "title=" 2016-04-30_173806.png "width=" "height=" 361 "border=" 0 "hspace=" 0 "vspace=" 0 "style=" width:600px;height:361px; " alt= "Wkiol1ckfekg2czwaadahmlm--e648.png"/>

⑴ansible Core Program

⑵connection Plugins: Connection plug-in, responsible for and be controlled by the end of communication;

⑶host Inventory: Master hangar, defining a controllable host;

⑷modules:core Modules, custom modules

⑸playbook: Scripts, declarative configuration files written using Yaml

⑹plugins: A variety of plug-ins, complete logging, mail and other functions;

Ansible obtains the controlled host information from the host inventory, connects the host through the connection plugins, and invokes the specified module to send the operation instruction to the controlled end.

2, the characteristics of ansible

⑴ is highly modular and uses modules to accomplish a variety of tasks

⑵agentless, i.e. no need to install the agent on the controlled side

⑶ the default SSH-based protocol to send operation instructions to the controlled end

① based on key authentication

② Specify the account number and password in the inventory file

⑷ a series of task execution can be written as a screenplay (playbook)

⑸ is idempotent: does not repeat the same operation, for example, does not repeat the installation of software

Three, ansible installation configuration

The following node1 are ansible hosts, Node2, Node3, and NODE4 as controlled hosts

1, RPM installation (Epel source)

Yum-y Install ansible #只需要在控制端安装

Master configuration file:/etc/ansible/ansible.cfg

Inventory:/etc/ansible/hosts

[[email protected] ~]# yum -y install ansibleinstalled:   ansible.noarch 0:1.9.4-1.el6                                                                                                                                                     dependency installed:  pyyaml.x86_64 0:3.10-3.1.el6                libyaml.x86_64 0:0.1.3-4.el6_6               python-babel.noarch 0:0.9.4-5.1.el6     Python-crypto2.6.x86_64 0:2.6.1-2.el6     python-httplib2.noarch 0:0.7.7-1. el6       python-jinja2.x86_64 0:2.2.1-2.el6_5         python-keyczar.noarch 0:0.71c-1.el6    python-pyasn1.noarch  0:0.0.12a-1.el6      python-setuptools.noarch 0:0.6.10-3.el6     python-simplejson.x86_64 0:2.0.9-3.1.el6    sshpass.x86_64  0:1.05-1.el6           complete! [[email protected] ~]# rpm -ql ansible | less/etc/ansible/etc/ansible/ansible.cfg    #主配置文件/etc/ansible/hosts     #host  inventory/etc/ansible/roles/usr/bin/ansible    #主程序/usr/bin/ ansible-doc    #获取帮助信息/usr/bin/ansible-galaxy/usr/bin/ansible-playbook    #运行 "Script" The command/usr/bin/ansible-pull/usr/bin/ansible-vault    #可把playbook加密存放/usr/lib/python2.6/ Site-packages/ansible ... [[email protected] ~]# vim /etc/ansible/ansible.cfg  [defaults]# some basic default values...inventory      =  /etc/ansible/hosts    #inventory文件路径 #library         = /usr/share/my_modules/remote_tmp     =  $HOME/.ansible/tmppattern         = *forks           = 5    #执行任务时启动的并发线程Number Poll_interval  = 15sudo_user      = root#ask_sudo_pass  = True#ask_pass      = Truetransport       = smart#remote_port    = 22    #远程被控节点的ssh端口module_ Lang    = c ...

2. Add the Controlled host

Vim/etc/ansible/hosts

Ntp.magedu.com #不属于任何组的主机直接定义在文件中最上端

[Websrvs] #可将一批主机归于一个组

www1.magedu.com:2222 #若被控节点的ssh使用了非默认端口, can be indicated after the controlled node

Www2.magedu.com

Www[01:50].example.com #可使用通配

172.16.100.7

[Dbsrvs]

Db-[a:f].example.com

The default is run as root, and if it is password authentication, you need to enter the password when the task executes or specify it as a parameter next to the controlled host in inventory, for example:

192.168.30.20 Ansible_ssh_user=fedora ansible_ssh_pass=magedu

192.168.30.13 ansible_ssh_pass=magedu [ansible_ssh_port=2222]

Password-based authentication is of course more troublesome, so SSH is usually configured based on key authentication

There are also some configurable parameters in the inventory, see official documentation

Host variables

You can add host variables for a host when you define it in inventory. For example:

[Websrvs]

Www1.magedu.com http_port=80 maxrequestsperchild=808

Www2.magedu.com http_port=8080 maxrequestsperchild=909

Group variables

A group variable is a variable assigned to all hosts within a specified group. For example:

[Websrvs]

Www1.magedu.com

Www2.magedu.com

[Websrvs:vars]

Ntp_server=ntp.magedu.com

Nfs_server=nfs.magedu.com

Group nesting

In inventory, groups can also contain other groups, and you can also assign variables to hosts in the group. For example:

[Apache]

Httpd1.magedu.com

Httpd2.magedu.com

[Nginx]

Ngx1.magedu.com

Ngx2.magedu.com

[Websrvs:children]

Apache

Nginx

[Websrvs:vars]

Ntp_server=ntp.magedu.com

Note: Variables defined in the inventory file can only be used in playbook, and the ansible command does not support

[[Email protected] ~]# cd /etc/ansible/[[email protected] ansible]# vim  hosts     #inventory文件中有些配置示例, can refer to ..... # ex 1: ungrouped hosts,  specify before any group headers.## green.example.com    #可以是主机名 # # blue.example.com## 192.168.100.1     #也可是ip地址 ## 192.168.100.10# ex  2: A collection of hosts belonging to the  ' webservers '   group## [webservers]## alpha.example.org## beta.example.org## 192.168.1.100##  192.168.1.110# if you have multiple hosts following a pattern you  can specify# them like this:## www[001:006].example.com# ex 3: a  collection of database servers in the  ' Dbservers '  group## [ Dbservers]## ## db01.intranet.mydomain.net## db02.intranet.mydomain.net## 10.25.1.56## 10.25.1.57 ... [[Email protected] ansible]# cp hosts hosts.bac

3. Configure SSH based on key authentication

SSH-KEYGEN-T RSA

Ssh-copy-id-i. ssh/id_rsa.pub [Email protected]

4, Ansible of several commands:

⑴ansible-doc

ANSIBLE-DOC-L: List all modules

Ansible-doc [-S] module_name: View the usage of the specified module

-S: Generates a summary that can be copied to playbook for modification; In short, the module usage is displayed in brief form

Common modules: command, user, copy, cron, file, filesystem, group, hostname, Ping, yum

Service, Shell, script

Command module does not support shell variables and pipelines, etc., if you want to use the shell to execute, you should call the shell module

⑵ansible: Performing Tasks

Ansible

-M Module_name: Specifies the called module

-A args: Specifies the parameters passed to the module

-F #: Specifies the number of concurrent

-K: Default based on key authentication, use this option to specify password-based authentication

Host-pattern:

All, * #所有主机

192.168.30.20, 192.168.30.*

www.example.com, www.example.com:ftp.test.com

Websrvs #组中的所有主机

Websrvs:dbsrvs #两个组中的所有主机

Websrvs:!dbsrvs #在websrvs不在dbsrvs的主机

Websrvs:&dbsrvs #同时在websrvs和dbsrvs中的主机

5. Ansible common modules and their use examples

①command: Command Module, default module for remote execution of commands, command module does not support shell variables and pipelines, etc., if you want to use the shell to execute complex commands, you should call the shell module

Example: ansible [-M command] all-a ' Date '

②cron: Recurring Task Scheduler module

State

Present: Generating

Absent: Remove

Example: Ansible websrvs-m cron-a ' name= "Sync Time" minute= "*/3" job= "/usr/sbin/ntpdate 172.16.100.1 &>/dev/null" '

③user: Managing Users

Example: Ansible websrvs-m user-a ' name=fedora password= encryption string '

④copy: Copying files

src=: Specify local source file path

Content=: Replaces src=, which is directly generated as the content of the target file with the content specified here

Dest: Specifying the remote destination file path

Example: Ansible websrvs-m copy-a ' src=/mine/ntp.conf dest=/etc/ntp.conf[owner=root group=root mode=644 Backup=yes] '

Ansible websrvs-m copy-a ' content= "Hello" dest=/tmp/test.ansible '

⑤file: Setting file properties

Path=: Specifies the file path, which can be replaced by name or dest

To create a symbolic link:

Src=: Indicates the source file

Path=: Indicates the symbolic link file path

Example: Ansible websrvs-m file-a ' src=/tmp/test.ansible path=/tmp/test.link state=link '

Ansible websrvs-m file-a ' Owner=fedra group=fedra mode=644 path=/tmp/test.ansible '

⑥service: Controlling the running state of a service

Enabled=: Whether the boot starts automatically, evaluates to TRUE or False

State=: Status, Value started, stopped, restarted

Example: Ansible websrvs-m service-a ' name=httpd state=started enabled=true '

⑦shell:

Ansible websrvs-m shell-a ' echo $TERM '

⑧script: Copy the local script to the remote host and run

Example: ansible websrvs-m script '/root/adduser.sh '

⑨ping: Test whether the specified host can connect

⑩yum: Managing Packages

Name=: Indicates the package to be installed or uninstalled, with the version number

State:present,latest means installation; absent means uninstall

Example: Ansible all-m yum-a ' name=zsh '

Ansible all-m yum-a ' name=zsh state=absent '

⑾setup: Collecting FACS for remote hosts

Each managed node reports information about the host computer, such as operating system version, IP address, number of CPUs, etc. to the ansible host before receiving and running the management command.

Other modules: filesystem, Group, hostname, etc.

One of the lightweight automated operations Tools Ansible: Introduction and preliminary use