Ansible的安装

指导手册地址

http://ansible.com.cn/docs/intro_getting_started.html

ansible安装

yum install -y epel-release
yum install -y ansible
[root@myserver ansible]# pwd
/etc/ansible
[root@myserver ansible]# ls
ansible.cfg  hosts  roles

秘钥认证

1.秘钥生成
[root@myserver ansible]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:3bnskwoN4renujDKyG4t3Rp0xM/JCEyXryCwrzsNhhs root@myserver
The key's randomart image is:
+---[RSA 3072]----+
|   . ..          |
|. o o.           |
|.. o o.          |
|.. .o =... . .   |
|.....oo=S . o    |
|E.o .o . o . .   |
|.*o.+ . o . o.   |
|==.+.+ . o..o    |
|==+.. oooo....   |
+----[SHA256]-----+
[root@myserver ansible]# ls /root/.ssh/
id_rsa  id_rsa.pub
2.秘钥拷贝到被管理服务端
[root@myserver ansible]# ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.1.161 (192.168.1.161)' can't be established.
ECDSA key fingerprint is SHA256:kDFAc7FJr55Ve5I0Dthydr5SSKEmb9kyLYT5Qnh7Bik.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are
 already installed/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to 
install the new [email protected]'s password: 
Permission denied, please try again.
[email protected]'s password: 

Number of key(s) added: 1
Now try logging into the machine, with:   "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.
[root@myserver ansible]# ssh [email protected]
Activate the web console with: systemctl enable --now cockpit.socket

Last failed login: Sun Dec 20 17:59:14 CST 2020 from 192.168.1.160 on ssh:notty
There was 1 failed login attempt since the last successful login.
Last login: Sun Dec 20 17:36:25 2020 from 192.168.1.11
[root@myserver_1 ~]# 
=============成功免秘钥登录到被管理服务器=========================
[root@myserver ansible]# ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.1.162 (192.168.1.162)' can't be established.
ECDSA key fingerprint is SHA256:kDFAc7FJr55Ve5I0Dthydr5SSKEmb9kyLYT5Qnh7Bik.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already 
installed/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install t
he new [email protected]'s password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.

[root@myserver ansible]# ssh [email protected]
Activate the web console with: systemctl enable --now cockpit.socket

Last login: Sun Dec 20 18:01:01 2020 from 192.168.1.161
[root@myserver_2 ~]# 

管理主机配置文件

Ansible命令格式 ansible [options]

检查ansible的安装环境 ansible all -m ping -u root

[root@myserver ansible]# egrep -v '#|^$' hosts 
 [webservers]
 192.168.1.38
 192.168.1.161 
[root@myserver ansible]# ansible all -m ping
192.168.1.38 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": false,
    "ping": "pong"
}
192.168.1.161 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}

 上面检查管理节点与被管理节点之间的通信

[root@myserver ansible]# ansible all -a "echo hello world"
192.168.1.38 | CHANGED | rc=0 >>
hello world
192.168.1.161 | CHANGED | rc=0 >>
hello world
[root@myserver ansible]# 

 

你可能感兴趣的:(Ansible,linux)