ansible自动化部署

1.ansible简介

   自动化运维工具,依赖操作系统现有的凭证(公钥)访问远程机器,
   批量化服务器管理(配置操作系统、开发软件、编排高级IT任务)

   ansible实现批量化管理原理:

   管理服务器安装ansible和生成公钥拷贝到受管服务器 --> /etc/ansible/hosts配置用户组,添加受管理IP--->ansible批量执行命令

2.ansible的yum安装和配置
   (1)yum源安装
       yum -y install epel-release
       yum -y install ansible --直接安装
   (2)ansible配置文件/etc/ansible/hosts
       vi /etc/ansible/hosts
       [test] --用户组
      192.168.8.129 --组内IP
   (3)把本机公钥拷贝到远程主机上
       #ssh-keygen -t dsa --生成公钥(一直回车就行)
       #vi /etc/ssh/sshd_config --下列两行取消注释
       PubkeyAuthentication yes
       AuthorizedKeysFile .ssh/authorized_keys
       #service sshd restart --重启sshd服务
       #ssh-copy-id -i ~/.ssh/id_dsa.pub root@192.168.8.129
   (4)测试是否安装成功:
       ansible 192.168.8.129 -m ping --user=root   (-m 命令 --user=root root用户登录) --成功返回pong

3.ansible基本使用方法
   (1)Ad-hoc命令行工具,相当于普通shell命令。(ansible help 查看帮助信息)
       ansielbe test -m shell -a "ls /root" --user=root
       命令解释:
       test 主机组
       -m shell -a " " 执行shell命令
       --user=root 指定root登录
       -m 指定使用模块(如ping/shell/copy)
       -M 指定模块存放路径
       -a 后面要传的参数放里面
       ansible test -m shell -a "ls /root" --user=root --ask-pass

       常用模块:

       command 远程主机执行命令,默认模块,不能识别特殊字符

       shell 执行shell命令     script   (管理节点)脚本(受控主机中)执行

       ping   ping命令           copy    从ansible主机复制文件到受控主机 

       fetch  受控主机复制文件到ansible主机,不支持目录

       cron   计划任务   service 管理系统服务状态

  例子:

  ansible test -m script -a "test.sh"     //批量执行本地脚本

       ansible test -m copy -a "src=a.sh dest=/tmp/test"   //拷贝到受管服务器

  ansible test -m fetch -a "src=/root/test/a.sh  dest=/root/test"   //复制文件到本地

       命令解释:
       --ask-pass 操作目标主机需要密码 ( 同-K)
       -s,sudo 切换用户
       -S,su
       -become/b 切换到root用户

   (2)Inventory:定义主机关系的文件,默认路径/etc/ansible/hosts,文件内容格式ini
       a.[组名] --定义用户组
       主机名1
       主机名2
       test ansible_ssh_port=22 ansible_ssh_host=192.168.8.130 ansible_ssh_user=root
       [node]
       test
       b.解释:(好处:个性化的主机直接定义)
       ansible_ssh_port 指定端口
       ansible_ssh_host IP
       ansible_ssh_user 用户
       c.inventory批量主机组:(编号联系,可以一行定义。同时大量机器初始化,非常有用)
[webservers]
www[01:50].example --[01:50] 表示01到50
[databases]
db-[a:f].example.com
4.Ad-hoc和Inventory使用实例
    例子1:安装httpd测试机,管理httpd服务测试机
    ansible test -m yum -a "name=httpd state=latest" --安装httpd服务
   (name 服务 state=latest 安装(remove卸载)

   ansible test -m service -a "name=httpd state=started" --启动服务
   (name 指定服务 state 指定操作started/reloaded/restarted/stopped
   关键字搜索ansible service)
   验证httpd服务是否启动成功:
   ansible test -m shell -a "ps -ef|grep httpd|grep -v grep"
   (多个参数空格隔开)

5.ansible playbook

   对ad-hoc的编排,适合简单快速的任务)
   ansible playbook:一门编程语言,命令集合,yaml格式(声明配置,编排复杂任务,控制任务执行)
   支持特性:变量定义,顺序结构,选择结构,循环结构(编排任意复杂任务)

   例子:编写hello world  (选定host,指定登陆用户,使用shell模块输出hello world)
   vim test.yml --编写playbook
---
- hosts: test
remote_user: root
tasks:
- name: Hello World
shell: ls /root
ansible-playbook test.yml --执行playbook

   playbook基本结构:
   host:被操作的机器的正则
   remote_user:登录主机用户
   tasks:需要在主机上执行的任务

(1)变量:
a.变量定义:(vars: 定义变量,{{ 变量名 }} 变量用两个大括号括起来)
---
- hosts: test
remote_user: root
vars:
com: /root
tasks:
- name: Hello World
shell: ls "{{ com }}"

---
- hosts: test
remote_user: root
vars:
com: ls /root
tasks:
- name: Hello World
shell: "{{ com }}"
######变量:变量开头需要""引起来,所以一般用双引号引起来
b.系统变量
ansible hostname -m setup
{{ ansible_devices.sda.model }}
jinjia2模块

(2)playbook条件语句
a.when语句
tasks:
- name: "shutdown Debain flavored system"
command: /sbin/shutdown -t now
when: ansible_os_family = = "Debian"
b.bool值
vars:
epil: true
tasks:
- shell: echo "This certainly is epic!"
when: epic
- shell: echo "This certainly is not epic!"
when: not epic
c.with_items循环语句:
- name: add several users
user: name={{ item }} state=present groups=wheel
with_items:
- testuser1
- testuser2

d.with_nested嵌套关键字
- name: users access control
mysql_user: name={{ item[0] }}
priv={{ item[1] }}.*:All
append_privs=yes
password=foo
with_nested:
- [ 'alice','bob' ]
- [ 'clientdb','employeedb','providerdb' ]

e.有条件的循环:
tasks:
- command: echo {{ item }}
with_items: [ 0,2,4,6,8,10 ]
when: item > 5

6.playbook实战
   例子:安装python flask开发环境,具备数据库和缓存的功能
   vi init_flask.yml
---
- hosts: test
remote_user: root
become: true
tasks:
- name: install python for centos
yum:
name: "{{ item }}"
state: installed
with_items:
- python-devel
- python-setuptools
when: ansible_distribution == 'CentOS'
- name: install python for ubuntu
apt:
name: "{{ item }}"
state: latest
update_cache: yes
with_items:
- libpython-dev
- python-setuptools
when: ansible_distribution == 'Ubuntu'
- name: install pip
shell: easy_install pip
- name: pip install flask and redis
pip:
name: "{{ item }}"
with_items:
- flask
- redis

   安装mysql:
---
- hosts: test
remote_user: root
tasks:
- name: install mysql for redhat
yum:
name: "{{ item }}"
state: installed
with_items:
- mysql
- mysql-devel
- mysql-server
when: ansible_distribution == 'Redhat'
- name: install mysql for centos
yum:
name: "{{ item }}"
state: installed
with_items:
- mysql
- mysql-devel
- mysql-server
when: ansible_distribution == 'Centos'
7.ansible实战:安装zabbix
   例子:zabbix server安装,master和client(centos和Ubuntu各一个),zabbix进程启动正常
   vi test.yml
---
- hosts: test
become: true
tasks:
- name: install zabbix rpm
yum:
name: http://repo.zabbix.com/zabbix/3.4/rhel/7/x86_64/zabbix-release-3.4-1.el7.centos.noarch.rpm
state: installed
when: ansible_distribution == 'CentOS'
- name: install zabbix deb
get_url:
url:连接地址
dest: /tmp/zabbix.deb
when: ansible_distribution == 'Ubuntu'
- name: isntlal zabbix deb
apt:
name: /tmp/zabbix.deb
state: installed
when: ansible_distribution == 'Ubuntu'
- name: install zabbix server
yum:
name: "{{ item }}"
state: installed
with_items:
- zabbix-server
- zabbix-proxy-mysql
- zabbix-web-mysql
when: ansible_distribution == 'CentOS'
- name: isntall zabbix agent
apt:
name: zabbix-agent
update_cache: yes
state: installed
when: ansible_distribution == 'Ubuntu'
- name: config zabbix server
replace:
path: /etc/zabbix/zabbix_server.conf
regexp: DBUser=zabbix
replace: DBUser=root
when: ansible_distribution == 'CentOS'
- name: import db format
shell: zcat /usr/share/doc/zabbix-server-mysql-3.4.7/create.sqk.gz|mysql -uroot zabbix
when: ansible_distribution == 'CentOS'
- name: disable selinux
selinux:
state: disabled
when: ansible_distribution == 'CentOS'
- name: start zabbix server
systemd:
name: zabbix-server
state: started
when: ansible_distribution == 'CentOS'
- name: start zabbix agent
systemd:
name: zabbix-agent
state: started
when: ansible_distribution == 'Ununtu'
   shell安装zabbix命令:
   http://repo.zabbix.com/zabbix/3.4/rhel/7/x86_64/路径下:
   rpm -ivh http://repo.zabbix.com/zabbix/3.4/rhel/7/x86_64/zabbix-release-3.4-1.el7.centos.noarch.rpm
   yum -y install zabbix-server-mysql
   yum -y install zabbix-proxy-mysql
   yum -y install zabbix-web-mysql
   yum -y install mariadb-server
   systemctl start mariadb
   mysql -uroot -e "create database zabbix"
   sed 's/DBUser=zabbix/DBUser=root/g' -i /etc/zabbix/zabbix_server.conf
   zcat /usr/share/doc/zabbix-server-mysql-3.4.7/create.sqk.gz|mysql -uroot zabbix
   setenforce 0
   systemctl start zabbix-server

 

 


posted on 2023-07-15 15:14  枫飘过的天1  阅读(85)  评论(0编辑  收藏  举报
Powered by:
博客园
Copyright © 2024 枫飘过的天1
Powered by .NET 8.0 on Kubernetes