ansible 及相关应用

一、轻量级自动化运维工具对比

 

 

 

二、ansible 的优势和应用场景

1.轻量级无客户端(Agentless)

2.开源免费,学习成本低、快速上手;

3.使用playbook 作为核心配置架构,统一的脚本格式,批量化部署 ;

4.完善的模块化扩展,支持目前主流的开发场景;

5.江大的稳定性和兼容性;

6.活跃的官方社区问题讨论,方便Trubleshooting 与DEBUG 问题 。

 

 

 

 

 

 

三、ansible 的安装配置

 

 

 

 

 

 

 

 

 

 

         

 

          

 

 

 

四、安装过程: 

[root@ansible ~]# wget http://www.python.org/ftp/python/3.6.5/Python-3.6.5.tar.xz

# tar xf Python-3.6.5.tar.xz

# cd Python-3.6.5

# ./configure --prefix=/usr/local --with-ensurepip=install --enable-shared LDFLAGS="-Wl,-rpath /usr/local/lib"

# make && make altinstall

# which pip3.6
/usr/local/bin/pip3.6

# ln -s /usr/
local/bin/pip3.6 /usr/local/bin/pip

# pip install virtualenv

# useradd deploy

# su - deploy

# virtualenv -p /usr/local/bin/python3.6  .py3-a2.5-env  

# cd /home/deploy/.py3-a2.5-env
# which git 
/bin/git
如果没有安装git 客户端,执行一下两步操作
(# su - root
# yum -y install git nss curl )

# git clone https://github.com/ansible/ansible.git

# source /home/deploy/.py3-a2.5-env/bin/activate

# (.py3-a2.5-env) [deploy@ansible ~]$ pip install paramiko PyYAML jinja2

# ll

   总用量 4
   drwxrwxr-x 14 deploy deploy 4096 2月 5 17:15 ansible

# mv ansible .py3-a2.5-env/

# cd .py3-a2.5-env/ansible

# git checkout stable-2.5

# source /home/deploy/.py3-a2.5-env/ansible/hacking/env-setup -q

# (.py3-a2.5-env) [deploy@ansible ansible]$ ansible --version

ansible 2.5.15 (stable-2.5 c8dfe5b6d3) last updated 2021/02/05 18:19:52 (GMT +800)
config file = None
configured module search path = ['/home/deploy/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/deploy/.py3-a2.5-env/ansible/lib/ansible
executable location = /home/deploy/.py3-a2.5-env/ansible/bin/ansible
python version = 3.6.5 (default, Feb 5 2021, 13:52:27) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]



至此,ansible  安装完成!

 

五、Ansible playbook  入门及编写规范

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

(.py3-a2.5-env) [deploy@ansible ansible]$ ansible-playbook --version
ansible-playbook 2.5.15 (stable-2.5 c8dfe5b6d3) last updated 2021/02/05 18:19:52 (GMT +800)
  config file = None
  configured module search path = ['/home/deploy/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/deploy/.py3-a2.5-env/ansible/lib/ansible
  executable location = /home/deploy/.py3-a2.5-env/ansible/bin/ansible-playbook
  python version = 3.6.5 (default, Feb  5 2021, 13:52:27) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]

 

六、简单演示实例:

1.先进行密钥的创建和公钥的分发,便于免密管理目标机器

# ssh-keygen -t rsa   #交互界面一路回车就行

# ssh-copy-id  -i /home/deploy/.ssh/id_rsa.pub root@test.example.com  #分发公钥到目标机器

# ssh root@test.example.com  #测试免密登录

# echo "192.168.11.22 test.example.com" >> /etc/hosts #添加目标主机域名解析

2.创建ansible-playbook 相应的目录结构        

(.py3-a2.5-env) [deploy@ansible ~]$ pwd
/home/deploy
(.py3-a2.5-env) [deploy@ansible ~]$ cd test_playbooks/
(.py3-a2.5-env) [deploy@ansible test_playbooks]$ tree ./
./
├── deploy.yml
├── inventory
│   └── testenv
└── roles
    └── testbox
        └── tasks
            └── main.yml

4 directories, 4 files

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ cat deploy.yml
- hosts: "testservers"
gather_facts: true
remote_user: root
roles:
- testbox

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ cat inventory/testenv
[testservers]
test.example.com

[testservers:vars]
server_name=test.example.com
user=root
output=/root/test.txt

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ cat roles/testbox/tasks/main.yml
- name: Print server name and user to remote testbox
shell: "echo 'Currently {{ user }} is logining {{ server_name }} > {{ output }}'"

执行 ansible-playbook

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ansible-playbook -i inventory/testenv ./deploy.yml

PLAY [testservers] ***************************************************************************************************************************************************************

TASK [Gathering Facts] ***********************************************************************************************************************************************************
ok: [test.example.com]

TASK [testbox : Print server name and user to remote testbox] ********************************************************************************************************************
changed: [test.example.com]

PLAY RECAP ***********************************************************************************************************************************************************************
test.example.com : ok=2 changed=1 unreachable=0 failed=0

 

登录目标主机查看结果

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ssh root@test.example.com
Last login: Sun Feb 7 15:30:00 2021 from 192.168.11.09
[root@testbox ~]# ls
bak test.txt
[root@testbox ~]# cat test.txt
Currently root is logining test.example.com  #执行playbook 成功后的结果

 

七、Ansible playbook 的常用模块介绍

 

 

 

 

 

 

 

 

 

 

 

  

 

 

 

 实例展示:

 

 实例解释:

 

 实例演示:

[deploy@ansible ~]$ source /home/deploy/.py3-a2.5-env/bin/activate                      

(.py3-a2.5-env) [deploy@ansible ~]$ source /home/deploy/.py3-a2.5-env/ansible/hacking/env-setup -q

(.py3-a2.5-env) [deploy@ansible ~]$ ansible-playbook --version
ansible-playbook 2.5.15 (stable-2.5 c8dfe5b6d3) last updated 2021/02/05 18:19:52 (GMT +800)
  config file = None
  configured module search path = ['/home/deploy/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/deploy/.py3-a2.5-env/ansible/lib/ansible
  executable location = /home/deploy/.py3-a2.5-env/ansible/bin/ansible-playbook
  python version = 3.6.5 (default, Feb  5 2021, 13:52:27) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]

切换到目标主机
(.py3-a2.5-env) [deploy@ansible ~]$ ssh root@test.example.com
[root@testbox ~]# useradd foo 
[root@testbox ~]# useradd deploy
[root@testbox ~]# mkdir /etc/nginx 
[root@testbox ~]# rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm

返回到ansible主机
(.py3-a2.5-env) [deploy@ansible ~]$ pwd
/home/deploy

(.py3-a2.5-env) [deploy@ansible ~]$ cd test_playbooks/

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ vim roles/testbox/tasks/main.yml 
- name: Print server name and user to remote testbox
  shell: "echo 'Currently {{ user }} is logining {{ server_name }} > {{ output }}'"
- name: create a file
  file: 'path=/root/foo.txt state=touch mode=0755 owner=foo group=foo'

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ansible-playbook -i inventory/testenv ./deploy.yml 
略。。。
test.example.com           : ok=3    changed=2    unreachable=0    failed=0   

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ssh root@test.example.com ls -l /root/foo.txt
-rwxr-xr-x 1 foo foo 0 2月   8 10:19 /root/foo.txt

编辑变量
(.py3-a2.5-env) [deploy@ansible test_playbooks]$ vim inventory/testenv 
[testservers]
test.example.com

[testservers:vars]
server_name=test.example.com
user=root
output=/root/test.txt
  rver_name=test.example
▽ort=80
user=deploy
worker_processes=4
max_open_file=65505
root=/www

创建管理nginx的目录
(.py3-a2.5-env) [deploy@ansible test_playbooks]$ mkdir roles/testbox/templates
编辑 nginx的配置文件
(.py3-a2.5-env) [deploy@ansible test_playbooks]$ vim roles/testbox/templates/nginx.j2
# For more information on configuration, see: 
user              {{ user }};  
worker_processes  {{ worker_processes }};  
  
error_log  /var/log/nginx/error.log;  
  
pid        /var/run/nginx.pid;  
  
events {  
    worker_connections  {{ max_open_file }};  
}  
  
  
http {  
    include       /etc/nginx/mime.types;  
    default_type  application/octet-stream;  
  
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '  
                      '$status $body_bytes_sent "$http_referer" '  
                      '"$http_user_agent" "$http_x_forwarded_for"';  
  
    access_log  /var/log/nginx/access.log  main;  
  
    sendfile        on;  
    #tcp_nopush     on;  
  
    #keepalive_timeout  0;  
    keepalive_timeout  65;  
  
    #gzip  on;  
      
    # Load config files from the /etc/nginx/conf.d directory  
    # The default server is in conf.d/default.conf  
    #include /etc/nginx/conf.d/*.conf;  
    server {  
        listen       {{ port }} default_server;  
        server_name  {{ server_name }};  
  
        #charset koi8-r;  
  
        #access_log  logs/host.access.log  main;  
  
        location / {  
            root   {{ root }};  
            index  index.html index.htm;  
        }  
  
        error_page  404              /404.html;  
        location = /404.html {  
            root   /usr/share/nginx/html;  
        }  
  
        # redirect server error pages to the static page /50x.html  
        #  
        error_page   500 502 503 504  /50x.html;  
        location = /50x.html {  
            root   /usr/share/nginx/html;  
        }  
  
    }  
  
}
View Code
编辑检查nginx的版本并将nginx的配置文件写入目标机器的yml 文件

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ vim roles/testbox/tasks/main.yml 
- name: Print server name and user to remote testbox
  shell: "echo 'Currently {{ user }} is logining {{ server_name }} > {{ output }}'"
- name: create a file
  file: 'path=/root/foo.txt state=touch mode=0755 owner=foo group=foo'
- name: copy a file
  copy: 'remote_src=no src=roles/testbox/files/foo.sh dest=/root/foo.sh mode=0644 force=yes'
- name: check if foo.sh exists
  stat: 'path=/root/foo.sh'
  register: script_stat
- debug: msg="foo.sh exists"
  when: script_stat.stat.exists
- name: run the script
  command: 'sh /root/foo.sh'
- name: write the nginx config file
  template: src=roles/testbox/templates/nginx.conf.j2 dest=/etc/nginx/nginx.conf
- name: ensure nginx is at the latest version
  yum: pkg=nginx state=latest
- name: start nginx service
  service: name=nginx state=started

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ansible-playbook -i inventory/testenv ./deploy.yml     
略。。。
test.example.com           : ok=10   changed=6    unreachable=0    failed=0   

(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ssh root@test.example.com cat /etc/nginx/nginx.conf
# For more information on configuration, see: 
user              deploy;  
worker_processes  4;  
  
error_log  /var/log/nginx/error.log;  
  
pid        /var/run/nginx.pid;  
  。。。
。。。
目标机器的nginx 配置文件就是我们复制过去的 nginx配置文件

#检查目标机器的nginx 服务是否启动
(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ssh root@test.example.com ps -ef | grep  nginx 
root       6301      1  0 10:52 ?        00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx      6302   6301  0 10:52 ?        00:00:00 nginx: worker process
(.py3-a2.5-env) [deploy@ansible test_playbooks]$ ssh root@test.example.com ps -ef | grep  nginx 
root       6373      1  0 11:20 ?        00:00:00 nginx: master process nginx
deploy     6374   6373  0 11:20 ?        00:00:00 nginx: worker process
deploy     6375   6373  0 11:20 ?        00:00:00 nginx: worker process
deploy     6376   6373  0 11:20 ?        00:00:00 nginx: worker process
deploy     6377   6373  0 11:20 ?        00:00:00 nginx: worker process

至此,完成了复制文件,远程部署并启动服务的实例演示!

 

posted @ 2021-02-05 16:05  听&夏  阅读(384)  评论(0编辑  收藏  举报