"Mac" Ansible installation and basic use

Source: Internet
Author: User
Tags gpg ssh port ssh server

Installation

Environmental release
Mac 10.12.5

#more/system/library/coreservices/systemversion.plist

Installation commands

#ruby-E "$ (Curl--insecure-fssl https://raw.githubusercontent.com/Homebrew/install/master/install)" #brew update# Brew Install Ansible

The hosts default access location after installation

/usr/local/etc/ansible/hosts

Public Private key configuration

Create a public private key

Ssh-keygen-t rsa-c ' [email protected] '

-t specifies the key type, which is RSA by default and can be omitted
-C Set comment text, such as your mailbox

Default storage location

/users/jenkins/.ssh/id_rsa

Copy the public key to the SSH server

Ssh-copy-id [email protected]
Hosts configuration

Defining hosts and Groups
Define a host with an IP of 192.168.1.21 and an SSH port of 2135

192.168.1.21:2135

Defines a host with an alias of jumper, a port of SSH, and an IP of 192.168.1.50

Jumper Ansible_ssh_port=22 ansible_ssh_host=192.168.1.50

Example of group member host name:

[Test] jenkis236 ansible_ssh_port=22 ansible_ssh_host=192.168.1.236

If you have many hosts that follow a pattern, you can also show them that:

[Webservers] web[1:50].lightcloud.com [Database] db-[a:f].lightcloud.com

Defining host Variables

The host can specify a variable, which can then be called by playbooks

[Test] jenkis236 ansible_ssh_port=22 ansible_ssh_host=192.168.1.236 http_port=8080

Defining Group variables

[atlanta]host1host2[atlanta:vars]ntp_server=ntp.atlanta.example.comproxy=proxy.atlanta.example.com

Ansible the built-in connection host variable

Ansible_ssh_host  ansible ssh connected to the IP or fqdnansible_ssh_port  SSH connection port ansible_ssh_user the  user Ansible_ Ssh_pass  SSH connection password (which is unsafe, ansible strongly recommends using the--ask-pass option or using SSH keys) ansible_sudo_pass  sudo user's password Ansible_ Connection  SSH connection type: Local,ssh,paramiko, before ansible 1.2 by default is Paramiko, later intelligent selection, Priority use of controlpersist-based SSH (supported premise) ansible_ssh_private_key_file  SSH connection public key file Ansible_shell_type  Specify the shell interpreter used by the host, the default is SH, you can set to CSH, fish and other shell interpreter Ansible_python_interpreter  used to specify the path of the Python interpreter ansible\_\*\_ Interpreter  is used to specify the path to other syntax interpreters on the host, such as Ruby,perl, etc.
Ansible Common modules and APIs

Command: Execute remote host shell commands

Ansible all-i/users/jenkins/jenkins/lirbary/ansible_hosts/hosts_test-m command-a "Ifconfig"

Script: Remote execution of master local shell scripts. (similar to Scp+shell)

Ansible test-i/users/jenkins/jenkins/lirbary/ansible_hosts/hosts_test-m script-a ". /env_update_shell/test.sh "

Copy: Enables the master to copy files to the target host, similar to the SCP function.

Ansible test-i/users/jenkins/jenkins/lirbary/ansible_hosts/hosts-m copy-a "src=~/test.sh dest=/tmp/owner=root Group =root mode=0755 "

Stat: Get remote file status information, including Atime, CTime, Mtime, MD5, UID, GID and other information.

Ansible test-i/users/jenkins/jenkins/lirbary/ansible_hosts/hosts_test-m stat-a "path=/users/jenkins/jenkins/"

Get_url: Implements the download of the specified URL locally on the remote host.

Ansible test-i/users/jenkins/jenkins/lirbary/ansible_hosts/hosts_test-m get_url-a "url=http://www.cnblogs.com/ Yatho dest=/tmp/index.html mode=0400 Force=yes "

Yum:linux Package Management platform operation, Common will have Yum and apt, here will call Yum management mode

Ansible servers-m yum-a "Name=curl state=latest"

Cron: remote host crontab configuration

Ansible webservers-m cron-a "name= ' check dir ' hour= ' 5,2 ' job= ' ls-alh >/dev/null '"

Service: Remote host system Services management

# ansible webservers-m service-a "Name=crond state=stopped" # ansible webservers-m service-a "Name=crond State=restarte D "# ansible webservers-m service-a" Name=crond state=reloaded "

User:user

Add User: # ansible webservers-m user-a "name=johnd comment= ' John Doe '" Delete User: # ansible webservers-m user-a "NAME=JOHND state =absent Remove=yes "

Playbook

Playbook Introduction

Playbook is a different pattern than using ansible command-line execution, and its function is to integrate a large number of command-line configurations together to form a customizable multi-host configuration management Deployment Tool.

It is defined in YAML format to enable distribution of application deployments to multiple hosts.

Here is a detailed description of a Playbook deployment example for Nginx nested reuse architecture:

1. Building the directory structure

# cd/etc/ansible/# mkdir group_vars# mkdir roles

2. Define the host

# vi/etc/ansible/hosts[webservers]client01.example.comclient02.example.com[nginx01]client01.example.com[nginx02 ]client02.example.com

3. Defining variables

# Vi/etc/ansible/group_vars/nginx01worker_processes:4num_cpus:4max_open_file:65506root:/dataremote_user:root
# Vi/etc/ansible/group_vars/nginx02worker_processes:2num_cpus:2max_open_file:35506root:/wwwremote_user:root

Tips: Here the filename defined under Group_vars must correspond to the group tag under the Hosts file, and the different types of host configurations can be deployed through the various parameters defined here.

4. Create a roles Portal file

# vi/etc/ansible/site.yml-hosts:webservers  roles:  -base_env-hosts:nginx01  roles:  -nginx01-hosts : nginx02  roles:  -nginx02

  

Tips: Here's roles: The string below needs to correspond to the directory name in the roles directory.

5. Define Global Role Base_env

Create a directory structure

# mkdir-p/etc/ansible/roles/base_env/tasks # vi/etc/ansible/roles/base_env/tasks/main.yml # transfer Epel Yum Source configuration file to client-  Name:create the contains common plays that'll run on all nodes   Copy:src=epel.repo dest=/etc/yum.repos.d/epel.repo- Name:create the GPG key for EPEL  copy:src=rpm-gpg-key-epel-6 dest=/etc/pki/rpm-gpg  # close selinux-name:test to S EE if selling is running  command:getenforce  register:sestatus  changed_when:false# Delete iptables default rule and save- Name:remove the default iptables rules  command:iptables-f-name:save iptables rules  command:service iptables Save

Copy the files that need to be copied to the remote to the Base_env/files directory

# mkdir-p  /etc/ansible/roles/base_env/files# cp/etc/yum.repos.d/epel.repo/etc/ansible/roles/base_env/files# Cp/etc/pki/rpm-gpg/rpm-gpg-key-epel-6/etc/ansible/roles/base_env/files

6. Define NGINX01 and ngnix02 role

Create a directory structure

# mkdir-p/etc/ansible/roles/nginx{01,02}# mkdir-p/etc/ansible/roles/nginx01/tasks# mkdir-p/etc/ansible/roles/ nginx02/tasks# vi/etc/ansible/roles/nginx01/tasks/main.yml # Install Nginx latest version-Name:ensure Nginx is at the latest version
   
    yum:pkg=nginx state=latest# Transfer nginx config file to remote directory-name:write The nginx config files  template:src=nginx.conf dest=/etc /nginx/nginx.conf  notify:restart nginx # reboot nginx# create nginx root directory-name:create Web root  file:dest={{root}} mode=77  5 state=directory owner=nginx Group=nginx  notify:reload nginx-name:ensure nginx is running  Service:name=nginx state=restarted  # CP/HOME/ANSIBLE/ROLES/NGINX01/TASKS/MAIN.YML/HOME/ANSIBLE/ROLES/NGINX02/TASKS/MAIN.YML
   

  

7. Define Files

# mkdir-p/etc/ansible/roles/nginx01/templates# mkdir-p/etc/ansible/roles/nginx02/templates# vi/etc/ansible/roles/  nginx01/templates/nginx.conf# for more information on configuration, See:user Nginx;  worker_processes {{worker_processes}};  {% if Num_cpus = = 2%} worker_cpu_affinity 01 10;  {% Elif Num_cpus = = 4} worker_cpu_affinity 1000 0100 0010 0001;  {% elif Num_cpus >= 8} worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;  {% Else%} worker_cpu_affinity 1000 0100 0010 0001;    {% ENDIF%} worker_rlimit_nofile {{max_open_file}};  Error_log/var/log/nginx/error.log;  #error_log/var/log/nginx/error.log Notice;    #error_log/var/log/nginx/error.log Info;    Pid/var/run/nginx.pid;  Events {worker_connections {max_open_file}};      } http {include/etc/nginx/mime.types;        Default_type Application/octet-stream; Log_format Main ' $remote _addr-$remote _user [$time _Local] "$request" $status $body _bytes_sent "$http _referer" "" $http _user        _agent "" $http _x_forwarded_for ";        Access_log/var/log/nginx/access.log main;      Sendfile on;        #tcp_nopush on;      #keepalive_timeout 0;        Keepalive_timeout 65;            #gzip on;  # Load config files from the/etc/nginx/conf.d directory # The default server was in conf.d/default.conf #include      /etc/nginx/conf.d/*.conf;          server {Listen default_server;            server_name _;            #charset Koi8-r;            #access_log Logs/host.access.log Main;              Location/{root {{root}};          Index index.html index.htm;          } error_page 404/404.html;          Location =/404.html {root/usr/share/nginx/html; } # REDIRECT Server error pages to the static page/50x.html # ERROR_PAGE 502 503 504/50x.html;          Location =/50x.html {root/usr/share/nginx/html;  }        }    }

  

Tip:worker_processes, Num_cpus, Max_open_file, root and other parameters call the corresponding variable values in the configuration file in the Group_vars directory

# cp/etc/ansible/roles/nginx01/templates/nginx.conf  /etc/ansible/roles/nginx02/templates/nginx.conf

8. Executive Playbook

# ansible-playbook-i/etc/ansible/hosts/etc/ansible/site.yml-f 10

Tips:-F executes playbook for starting 10 parallel processes,-I defines inventory host file, Site.yml is a portal file

PLAY [webservers] ************************************************************* gathering FACTS ******************* OK: [Client02.example.com]ok: [Client01.example.com]task: [Base_env |  Create the contains common plays that'll run on all nodes] * * * OK: [Client01.example.com]ok: [Client02.example.com]task: [Base_env | Create the GPG key for EPEL] ******************************** OK: [Client02.example.com]ok: [Client01.example.com]task: [base_env | Test to see if selling is running] ************************** OK: [Client01.example.com]ok: [Client02.example. Com]task: [base_env | Remove the default iptables rules] ************************** changed: [client02.example.com] Changed: [client01.example.com]task: [base_env | save iptables rules] **************************************** changed : [client01.example.com]changed: [Client02.example.com]play [nginx01] ******************************************** Gathering FACTS *********OK: [client01.example.com]task: [nginx01 | Ensure Nginx is at The latest version] *********************** OK: [client01.example.com]task: [nginx01 | Write the nginx config file] ****** OK: [client01.example.com]task: [NGINX01 | Create Web Root] ********************************************* OK: [client01.example.com]task: [nginx01 | ensure Nginx is running] ************************************* changed: [Client01.example.com]play [nginx02] ******************** Gathering FACTS **************************************************** OK: [client02.example.com]task: [nginx02 | Ensure Nginx is at the latest version] *********************** OK: [Client02.example.com]  TASK: [nginx02 | Write the nginx config file] ********************************* OK: [client02.example.com]task: [nginx02 | Create Web Root] ********************************************* OK: [client02.example.com]task: [nginx02 | Ensure Nginx is running] ************************************* changed: [ Client02.example.com]play RECAP ******************************************************************** client01.example.com:ok=11 changed=3 unreachable=0 failed=0 client02.example.com:ok=11 changed  =3 unreachable=0 failed=0

The final deployment directory structure is as follows

# tree/etc/ansible/

/etc/ansible/├──ansible.cfg├──group_vars│   ├──nginx01│   └──nginx02├──hosts├──hosts.bak├──roles│   ├── base_env│   │   ├──files│ │ │   ├──epel.repo│   │   │   └──rpm-gpg-key-epel-6│   │   └──tasks│   │       └──main.yml│   ├──nginx01│   │   ├──tasks│   │   │   └── main.yml│   │   └──templates│   │       └──nginx.conf│   └──nginx02│       ├──tasks│       │   └── main.yml│       └──templates│           └──nginx.conf└──site.yml
Jenkins Association Configuration

Choice Parameter
Deploy_environment define the deployment environment name DEV,TEST,UAT,PDT
Execute Shell
Start and end of set +x, Set-x used to open and close the part of the extended parameters and commands
CD $WORKSPACE/leon-playbook-phpcms1.1
Ansible--version
Ansible-playbook-i inventory/$deploy _environment./deploy.yml-e project=phpcms-e branch= $branch _selector-e env=$ Deploy_environment
-I is used to customize the Ansible host file path, the./deploy.yml is the Ansible-playbook portal file, and the-e can be followed by the environment variables added to the current session.

"Mac" Ansible installation and basic use

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.