银河麒麟服务器系统v10sp2安装部署ansiable
银河麒麟服务器系统v10sp2安装部署ansiable
文章目录
一、Ansible是什么?
Ansible是最近几年特别火的一款开源运维自动化工具,它能够帮助运维人员肉眼可见地提高工作效率,并减少人为失误。Ansible有上千个功能丰富且实用的模块,而且有详尽的帮助信息可供查阅,因此即便是小白用户也可以轻松上手.
二、安装部署
1.测试用到的主机和ip
主机名称 | IP地址 |
---|---|
manger01 | 192.168.10.156/24 |
node1 | 192.168.10.155/24 |
node2 | 192.168.10.154/24 |
node3 | 192.168.10.153/24 |
2.修改给主机hosts文件
[root@manger01 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.10.156 manger01
192.168.10.155 node1
192.168.10.154 node2
192.168.10.153 node3
其他机器同理
3.关闭防火墙及selinux
[root@manger01 ~]# systemctl disable firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@manger01 ~]# sed -i -r '/SELINUX=/c\SELINUX=disable' /etc/selinux/config
[root@manger01 ~]#reboot
其他机器同理
4.ansible安装
[root@manger01 ~]# yum install ansible
上次元数据过期检查:0:53:58 前,执行于 2022年09月08日 星期四 15时58分20秒。
依赖关系解决。
================================================================================
Package Arch Version Repository Size
================================================================================
安装:
ansible noarch 2.8.8-1.p01.ky10 ks10-adv-updates 15 M
安装依赖关系:
libsodium x86_64 1.0.16-7.ky10 ks10-adv-os 146 k
python3-bcrypt x86_64 3.1.4-8.ky10 ks10-adv-os 39 k
python3-paramiko noarch 2.4.3-1.ky10.ky10 ks10-adv-os 281 k
python3-pyasn1 noarch 0.3.7-8.ky10 ks10-adv-os 215 k
python3-pynacl x86_64 1.2.1-5.ky10 ks10-adv-os 77 k
python3-pyyaml x86_64 5.3.1-4.ky10 ks10-adv-updates 189 k
sshpass x86_64 1.06-8.ky10 ks10-adv-os 24 k
事务概要
================================================================================
安装 8 软件包
总下载:16 M
安装大小:82 M
确定吗?[y/N]: y
下载软件包:
(1/8): python3-bcrypt-3.1.4-8.ky10.x86_64.rpm 203 kB/s | 39 kB 00:00
(2/8): libsodium-1.0.16-7.ky10.x86_64.rpm 581 kB/s | 146 kB 00:00
(3/8): python3-paramiko-2.4.3-1.ky10.ky10.noarch.rpm 993 kB/s | 281 kB 00:00
(4/8): python3-pyasn1-0.3.7-8.ky10.noarch.rpm 1.8 MB/s | 215 kB 00:00
(5/8): python3-pynacl-1.2.1-5.ky10.x86_64.rpm 1.1 MB/s | 77 kB 00:00
(6/8): sshpass-1.06-8.ky10.x86_64.rpm 420 kB/s | 24 kB 00:00
(7/8): python3-pyyaml-5.3.1-4.ky10.x86_64.rpm 1.2 MB/s | 189 kB 00:00
(8/8): ansible-2.8.8-1.p01.ky10.noarch.rpm 685 kB/s | 15 MB 00:21
--------------------------------------------------------------------------------------------------------------------------------------------------------
4.管理端生成ssh公钥
[root@manger01 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:f85Jhua+/V0JV3kX7Hnjf5R2A2YYZ4Y5TV28p3vIq7M root@manger01
The key's randomart image is:
+---[RSA 3072]----+
| =.ooo|
| = = o+|
| B ..*|
| . + =*|
| S o.oo=|
| . . +=+|
| + +..==|
| o B..+.=|
| .+.E=ooo|
+----[SHA256]-----+
4.将生成的公钥传给节点
[root@manger01 ~]# ssh-copy-id -i .ssh/id_rsa.pub node3
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_rsa.pub"
The authenticity of host 'node3 (192.168.10.153)' can't be established.
ECDSA key fingerprint is SHA256:926xuT7i9eneo+Aoyu63uNLlGNQPfDBHhbRbDUCXxLA.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node3's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'node3'"
and check to make sure that only the key(s) you wanted were added.
5.配置ansible,部署主机列表,定义被监控机器
[root@manger01 ansible]# cat /etc/ansible/hosts
# This is the default ansible 'hosts' file.
[group]
192.168.10.153
192.168.10.154
192.168.10.155
6.测试管理机器月业务机器连通性
列出所有主机
[root@manger01 ansible]# ansible all --list-host
hosts (3):
192.168.10.153
192.168.10.154
192.168.10.155
测试单台node3的连通性
[root@manger01 ansible]# ansible -m ping 192.168.10.153
192.168.10.153 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
7.ansiable之copy命令用法简易演示
参数 | 说明 |
---|---|
src | 文件原路径 |
dest | 目标路径 |
conten | 往目标文件输入内容 |
force | 强制yes or no |
backup | 是否备份有冲突的源文件 |
[root@manger01 ansible]# ansible 192.168.10.153 -m copy -a 'src=/etc/.productinfo dest=/mnt'
192.168.10.153 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "6e900b223bf93a85581ca9f29d3265e1ad653d77",
"dest": "/mnt/.productinfo",
"gid": 0,
"group": "root",
"md5sum": "4ab579029b7f9ba4c21751a4e1647038",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:mnt_t:s0",
"size": 79,
"src": "/root/.ansible/tmp/ansible-tmp-1662628948.3531294-145080940642918/source",
"state": "file",
"uid": 0
}
总结
以上为今天主要演示的内容
版权声明:本文为weixin_43238928原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。