Ansible-Tower使用文档
导航栏介绍
# viewes
Dashboard 仪表盘展示信息的
Jobs 跑过的任务记录
Schedules 计划任务
My View 查看用户的工作模版,和任务记录
# resources
Templates 任务模版,配置调用playbook执行时的各种参数,从此处添加计划任务
Credentials 配置连接 机器/云主机api Key/自定义的凭证类型 的账号密码等信息
Projects 这里配置项目对应的playbook,可以从Git上拉取或从本地文件夹读取playbook
Inventories 资产清单
Inventory Scripts 自定义获取资产清单的脚本
# access
Organizations 组织管理
Users 用户管理
Teams 用户组管理
# Administration
Credential Types 自定义凭证类型,添加后可在Credentials中使用
Notifications 配置任务通知,支持电子邮件,Twillio电话等
Management Jobs 计划任务管理
Instance Groups 资产组管理
Applications 自定义应用
Settings 设置
打开ssh权限
- [xiaoxin@iZ2ze8ow1gy3uiub8glqqzZ ~]$ sudo vim /etc/ansible/ansible.cfg
- host_key_checking = False
创建账号
- [root@iZ2ze8ow1gy3uiub8glqqzZ ~]# useradd xiaoxin
- [root@iZ2ze8ow1gy3uiub8glqqzZ ~]# passwd xiaoxin
- Changing password for user xiaoxin.
- New password:
- Retype new password:
- passwd: all authentication tokens updated successfully.
提权root权限
- [root@iZ2ze8ow1gy3uiub8glqqzZ ~]# visudo
- ## Allow root to run any commands anywhere
- root ALL=(ALL) ALL
- xiaoxin ALL=(ALL) NOPASSWD: ALL
创建密钥
- root@iZ2ze8ow1gy3uiub8glqqzZ ~]# su - xiaoxin
- [xiaoxin@iZ2ze8ow1gy3uiub8glqqzZ ~]$ ll
- total 0
- [xiaoxin@iZ2ze8ow1gy3uiub8glqqzZ ~]$ ssh-keygen -t rsa
创建管理目标服务器的认证方式
Now type credentials ‘NAME‘ and ‘DESCRIPTION‘, then specify the ‘CREDENTIAL TYPE‘ to ‘Machine‘.
Simply, the ‘Machine’ credential will allow you to use the SSH authentication for managing servers. Its support for both password and key-based authentications.
For this guide, we will be using the key-based authentication. So, type the username and paste the private keys for that user.
私钥认证
上面的是私钥,必须得免密到目标机器
- [xiaoxin@iZ2ze8ow1gy3uiub8glqqzZ ~]$ ssh-copy-id -i /home/xiaoxin/.ssh/id_rsa.pub xiaoxin@10.0.0.94
- /bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/xiaoxin/.ssh/id_rsa.pub"
- /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
- /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
- xiaoxin@10.0.0.94's password:
- Number of key(s) added: 1
- Now try logging into the machine, with: "ssh 'xiaoxin@10.0.0.94'"
- and check to make sure that only the key(s) you wanted were added.
密码认证
创建Inventories
通过Inventories定义通过Ansible tower管理的主机群组。Inventories允许你为几个服务器创建一个组,并且还能很方便的去管理不同的服务器和它们所依赖的环境变量。为了去管理操作服务器,我们必须去创建一个新的inventory group 并且给这组中添加服务器。
同样,点击ansible tower左侧的菜单Inventories,接着点击右边的+按钮,并选择Inventory:
点击inventory—-输入描述内容
接着点解页面上方的主机(HOSTS)按钮,并点击右侧的+,为这个inventory添加主机,
填写主机名( HOST NAME),描述(DESCRIPTION),并且在VARIABLES中,填入目标主机的IP地址 “ansible_host: 10.0.0.94″,并点击保存(SAVE)。
接着我们在页面下方可以看到我们刚才创建的inventory中新添加的hosts,为了确保host的配置,我们可以通过ping命令来检查该host,选中添加的主机前边的复选框,并且点击RUN COMMANDS按钮。
执行后的结果