Ansible作业一

1.安装并配置ansible，在控制节点上安装并配置ansible
（1）创建静态inventory文件/home/devops/ansible/inventory，要求如下：
servera属于dev组
serverb属于test和balancers组
serverc和serverd属于prod组
prod组属于Webserver组
（2）创建ansible配置文件/home/devops/ansible/ansible.cfg，要求如下：
使用/home/devops/ansible/inventory清单文件
角色role目录路径为/home/devops/ansible/roles 

没有/home/devops/ansible目录需要先创建该目录

[kiosk@foundation0 ~]$ rht-vmctl start all
Error: bastion not started (is already running)
Error: workstation not started (is already running)
Error: servera not started (is already running)
Error: serverb not started (is already running)
Error: serverc not started (is already running)
Error: serverd not started (is already running)
[kiosk@foundation0 ~]$ ssh devops@workstation
Activate the web console with: systemctl enable --now cockpit.socket

Last login: Mon Jun 19 18:46:41 2023 from 172.25.250.250
[devops@workstation ~]$ mkdir /home/devops/ansible

到该目录下创建inventory文件，ansible.cfg文件，roles文件，参照/etc/ansible/ansible.cfg配置内容

[devops@workstation ~]$ cd /home/devops/ansible/
[devops@workstation ansible]$ ll
total 12
-rw-r--r--. 1 root root 114 Jun 19 19:19 ansible.cfg
-rw-r--r--. 1 root root 148 Jun 19 19:19 inventory
-rw-r--r--. 1 root root   1 Jun 19 19:03 roles
[devops@workstation ~]$ cat /etc/ansible/ansible.cfg
[devops@workstation ansible]$ cat ansible.cfg
[defaults]
inventory=/home/devops/ansible/inventory
roles_path=/home/devops/ansible/roles
host_key_checking=False
[devops@workstation ansible]$ cat inventory
[dev]
servera
[test]
serverb
[balancers]
serverb
[prod]
server[c:d]
[Webserver:children]
prod

[all:vars]
ansible_user=root
ansible_password=redhat

测试连通性

[devops@workstation ansible]$ ansible all -m ping
servera | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
serverd | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
serverc | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
serverb | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}

2.创建并运行 Ansibie ad-hoc 命令
创建一个 shell 脚本名为 adhoc.sh 用以运行 ad-hoc 命令 . 为每个受控节点配罝 yum仓库. 要求如下：
仓库1：
Name:RH294_Base
Description:RH294 base software
Baseurl:http://content.example.com/rhel8.0/x86_64/dvd/BaseOS
需要验证钦件包GPG签名
GPG key:/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
启用此软件仓库
仓库2:
Name:RH294_Stream
Description:RH294 stream software
Base url： http://content.example.com/rhel8.0/x86_64/dvd/AppStream
需要验证软件包GPG签名
GPG key:/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
启用此软件仓库

[devops@workstation ansible]$ sudo vim adhoc.sh
#!/bin/bash
ansible all -m yum_repository -a 'name=RH294_Base \
        description="RH294 base software" \
        baseurl="http://content.example.com/rhel8.0/x86_64/dvd/BaseOS"  \
        gpgcheck=yes \
        gpgkey=/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release  \
        enabled=yes'
ansible all -m yum_repository -a 'name=RH294_Stream  \
        description="RH294 stream software" \
        baseurl="http://content.example.com/rhel8.0/x86_64/dvd/AppStream"  \
        gpgcheck=yes \
        gpgkey=/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release  \
        enabled=yes'
[devops@workstation ansible]$ sudo chmod +x adhoc.sh
[devops@workstation ansible]$ ./adhoc.sh
serverb | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "repo": "RH294_Base",
    "state": "present"
}
serverc | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "repo": "RH294_Base",
    "state": "present"
}
servera | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "repo": "RH294_Base",
    "state": "present"
}
serverd | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "repo": "RH294_Base",
    "state": "present"
}
serverb | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "repo": "RH294_Stream",
    "state": "present"
}
servera | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "repo": "RH294_Stream",
    "state": "present"
}
serverd | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "repo": "RH294_Stream",
    "state": "present"
}
serverc | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "repo": "RH294_Stream",
    "state": "present"
}
[devops@workstation ansible]$ ansible all -m command -a 'ls /etc/yum.repos.d'
serverd | CHANGED | rc=0 >>
redhat.repo
RH294_Base.repo
RH294_Stream.repo
rhel_dvd.repo

serverc | CHANGED | rc=0 >>
redhat.repo
RH294_Base.repo
RH294_Stream.repo
rhel_dvd.repo

servera | CHANGED | rc=0 >>
redhat.repo
RH294_Base.repo
RH294_Stream.repo
rhel_dvd.repo

serverb | CHANGED | rc=0 >>
redhat.repo
RH294_Base.repo
RH294_Stream.repo
rhel_dvd.repo

[devops@workstation ansible]$ ansible all -m command -a 'cat /etc/yum.repos.d/RH294_Base.repo'
serverd | CHANGED | rc=0 >>
[RH294_Base]
baseurl = http://content.example.com/rhel8.0/x86_64/dvd/BaseOS
enabled = 1
gpgcheck = 1
gpgkey = /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
name = RH294 base software

serverc | CHANGED | rc=0 >>
[RH294_Base]
baseurl = http://content.example.com/rhel8.0/x86_64/dvd/BaseOS
enabled = 1
gpgcheck = 1
gpgkey = /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
name = RH294 base software

serverb | CHANGED | rc=0 >>
[RH294_Base]
baseurl = http://content.example.com/rhel8.0/x86_64/dvd/BaseOS
enabled = 1
gpgcheck = 1
gpgkey = /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
name = RH294 base software

servera | CHANGED | rc=0 >>
[RH294_Base]
baseurl = http://content.example.com/rhel8.0/x86_64/dvd/BaseOS
enabled = 1
gpgcheck = 1
gpgkey = /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
name = RH294 base software

[devops@workstation ansible]$ ansible all -m command -a 'cat /etc/yum.repos.d/RH294_Stream.repo'
serverd | CHANGED | rc=0 >>
[RH294_Stream]
baseurl = http://content.example.com/rhel8.0/x86_64/dvd/AppStream
enabled = 1
gpgcheck = 1
gpgkey = /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
name = RH294 stream software

serverc | CHANGED | rc=0 >>
[RH294_Stream]
baseurl = http://content.example.com/rhel8.0/x86_64/dvd/AppStream
enabled = 1
gpgcheck = 1
gpgkey = /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
name = RH294 stream software

serverb | CHANGED | rc=0 >>
[RH294_Stream]
baseurl = http://content.example.com/rhel8.0/x86_64/dvd/AppStream
enabled = 1
gpgcheck = 1
gpgkey = /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
name = RH294 stream software

servera | CHANGED | rc=0 >>
[RH294_Stream]
baseurl = http://content.example.com/rhel8.0/x86_64/dvd/AppStream
enabled = 1
gpgcheck = 1
gpgkey = /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
name = RH294 stream software