ansible tower(awx) Centos7搭建与使用总结(docker部署)

一、项目背景
由于最近入职新公司,公司中实现运维自动化的架构中主要用到ansible,但是ansible脚本主要部署于服务器指令行中不太直观。经搜查资料,得知ansible tower(之前叫做awx)是将ansible的指令界面化,简明直观,简单易用,故搭建了一个ansible tower环境,与大家分享学习。

二、搭建步骤

1.部署服务器之间免密。大家都知道,ansible实现批量时也会通过ssh远程模块去执行命令,因此服务器之间部署免密较为方便。此处,我测试环境有两台服务器(主机名wushengtest-agent1,wushengtest-agent2)实现,使用root(或其他用户)执行ssh-keygen生成秘钥对,将id_rsa.pub文件输出到本地和远程机器中的~/.ssh/authorized_keys文件中,因第一次实现免密会要求输入一个yes或no之后才能实现,故公钥部署好之后手动进行一次远程登录。
host文件,定义主机名(此处也可跳过)

这里写图片描述

authorized_keys文件(实现免密)

这里写图片描述

2.防火墙设置。此处可以选择关闭防火墙,或者设置特定的防火墙规则。
(1)关闭防火墙。
iptables -F #清空防火墙规则
iptables -X
iptables -Z
iptables-save #保存防火墙规则
systemctl stop firewalld && systemctl disable firewalld #关闭并开机不自启动firewalld
(2)设置特定防火墙规则。
systemctl enable firewalld
systemctl start firewalld
firewall-cmd --add-service=http --permanent;firewall-cmd --add-service=https --permanent
systemctl restart firewalld
3.下载epel-release源。
yum install -y epel
4.下载软件包。
yum install -y yum-utils device-mapper-persistent-data lvm2 ansible git python-devel python-pip python-docker-py vim-enhanced
5.下载docker-ce源。也可直接使用我提供的docker-ce.repo文件。
(1)下载docker-ce源。
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
(2)使用现成的docker-ce.repo。将一下代码粘贴复制到/etc/yum.repo.d/docker-ce.repo即可。
[docker-ce-stable]
name=Docker CE Stable - $basearch
baseurl=https://download.docker.com/linux/centos/7/$basearch/stable
enabled=1
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-stable-debuginfo]
name=Docker CE Stable - Debuginfo $basearch
baseurl=https://download.docker.com/linux/centos/7/debug-$basearch/stable
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-stable-source]
name=Docker CE Stable - Sources
baseurl=https://download.docker.com/linux/centos/7/source/stable
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-edge]
name=Docker CE Edge - $basearch
baseurl=https://download.docker.com/linux/centos/7/$basearch/edge
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-edge-debuginfo]
name=Docker CE Edge - Debuginfo $basearch
baseurl=https://download.docker.com/linux/centos/7/debug-$basearch/edge
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-edge-source]
name=Docker CE Edge - Sources
baseurl=https://download.docker.com/linux/centos/7/source/edge
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-test]
name=Docker CE Test - $basearch
baseurl=https://download.docker.com/linux/centos/7/$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-test-debuginfo]
name=Docker CE Test - Debuginfo $basearch
baseurl=https://download.docker.com/linux/centos/7/debug-$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-test-source]
name=Docker CE Test - Sources
baseurl=https://download.docker.com/linux/centos/7/source/test
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-nightly]
name=Docker CE Nightly - $basearch
baseurl=https://download.docker.com/linux/centos/7/$basearch/nightly
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-nightly-debuginfo]
name=Docker CE Nightly - Debuginfo $basearch
baseurl=https://download.docker.com/linux/centos/7/debug-$basearch/nightly
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-nightly-source]
name=Docker CE Nightly - Sources
baseurl=https://download.docker.com/linux/centos/7/source/nightly
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg
6.下载并开启docker服务。
yum install docker-ce -y #下载docker
systemctl start docker && systemctl enable docker #开启并开机自启docker
7.下载awx代码。
git clone https://github.com/ansible/awx.git
cd awx
git clone https://github.com/ansible/awx-logos.git
8.配置inventory。
cd installer/ #当前目录/root/awx/installer
[root@wushengtest-agent1 awx]# vim inventory
postgres_data_dir=/var/lib/pgdocker
awx_official=true
awx_alternate_dns_servers="4.2.2.1,4.2.2.2"
project_data_dir=/var/lib/awx/projects
9.inventory配置文件。
[root@wushengtest-agent1 installer]# cat inventory | grep -v "#"
localhost ansible_connection=local ansible_python_interpreter="/usr/bin/env python"

[all:vars]

dockerhub_base=ansible
dockerhub_version=latest
rabbitmq_version=3.6.14

awx_secret_key=awxsecret

postgres_data_dir=/var/lib/pgdocker
host_port=80

docker_compose_dir=/var/lib/awx

pg_username=awx
pg_password=awxpass
pg_database=awx
pg_port=5432

awx_official=true

awx_alternate_dns_servers="4.2.2.1,4.2.2.2"
project_data_dir=/var/lib/awx/projects
10.docker编译awx。
ansible-playbook -i inventory install.yml -vv
11.执行结果大致如下。
[root@awx installer]# docker container ls
CONTAINER ID        IMAGE                     COMMAND                  CREATED             STATUS              PORTS                                NAMES
318c7c95dcbb        ansible/awx_task:latest   "/tini -- /bin/sh -c."   12 minutes ago      Up 12 minutes       8052/tcp                             awx_task
642c2f272e31        ansible/awx_web:latest    "/tini -- /bin/sh -c."   12 minutes ago      Up 12 minutes       0.0.0.0:80->8052/tcp                 awx_web
641b42ab536f        memcached:alpine          "docker-entrypoint.s."   18 minutes ago      Up 18 minutes       11211/tcp                            memcached
b333012d90ac        rabbitmq:3                "docker-entrypoint.s."   19 minutes ago      Up 19 minutes       4369/tcp, 5671-5672/tcp, 25672/tcp   rabbitmq
ada52935513a        postgres:9.6              "docker-entrypoint.s."   19 minutes ago      Up 19 minutes       5432/tcp                             postgres
12.通过浏览器输入ip即可进行访问。
13.免密配置与创建项目等与非docker部署awx基本一致,详情可以查看。https://blog.csdn.net/qq_33633013/article/details/82108104

你可能感兴趣的:(技术总结)