Ansible-受控主机配置并测试连通性
1.Ansible配置文件
[root@master home]# ansible --version ansible 2.9.27 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible python version = 2.7.5 (default, Oct 30 2018, 23:45:53) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]
2.Ansible配置受控主机
vi /etc/ansible/hosts
Ansible inventory 是 Ansible 工具中用于记录和组织管理的机器。它通过 INI 文件或 YAML 文件来管理机器的列表,并且可以通过分组来组织机器,以便于管理。
Ansible inventory 文件通常命名为 hosts 或 inventory,并且可以在其中定义多个组,每个组包含一台或多台机器。可以为每个组定义不同的变量,以便于在 Ansible Playbook 中使用。
3.利用ping 模块,检测与目标主机的连通性
[root@master home]# ansible 192.168.142.36 -m ping 192.168.142.36 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true }
原因:没有在ansible管理节点(即安装ansible的节点)上添加目标节点(即需要管理的节点)的ssh认证信息。
解决步骤:
1:管理节点生成SSH-KEY
[root@master home]# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): /root/.ssh/id_rsa Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:BqRfboDSZGdidf8tpmpgSIHcYmS8lT50QrJ/lWQYOaw root@master The key's randomart image is: +---[RSA 2048]----+ | +++*+*++ | | .*BBB*+ o | | .o*+=o.+ . | | .oE. * . . | | ..oo S + . | | ..oo o . | | . . . | | .. | | .. | +----[SHA256]-----+
成功后在~/.ssh/路径下将生成ssh密钥文件:id_rsa及id_rsa.pub
2:添加目标节点的SSH认证信息
#ssh-copy-id root@目标节点IP
[root@master home]# ssh-copy-id root@192.168.142.36 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.142.36's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.142.36'" and check to make sure that only the key(s) you wanted were added. [root@master home]# ansible 192.168.142.36 -m ping 192.168.142.36 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" } [root@master home]# ansible -m ping all 192.168.142.36 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" }
3.利用file模块测试在所有受控的主机上创建文件
[root@master ~]# ansible all -m file -a "name=/home/ansible state=touch" 192.168.142.36 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true, "dest": "/home/ansible", "gid": 0, "group": "root", "mode": "0644", "owner": "root", "size": 0, "state": "file", "uid": 0 } 192.168.142.34 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true, "dest": "/home/ansible", "gid": 0, "group": "root", "mode": "0644", "owner": "root", "size": 0, "state": "file", "uid": 0 }
