第一章 功能实现
#01.配置base源
#02.配置epel源
#03.安装常用软件
#04.关闭selinux
#05.关闭firewalld
#06.设置时区为上海
#07.时间同步任务
#08.优化ssh连接速度
#09.优化命令行显示
第二章 目录规划
[root@m01:/etc/ansible]# tree
.
├── hosts
├── roles
│ ├── init
│ │ ├── files
│ │ │ ├── close_selinux.sh
│ │ │ ├── PS1.sh
│ │ │ └── ssh.sh
│ │ ├── handlers
│ │ ├── tasks
│ │ │ └── main.yml
│ │ ├── templates
│ │ └── vars
第三章 主机清单
[root@m01:/etc/ansible]# cat ./hosts
[rsync:children]
rsync_server
rsync_client
[rsync_server]
192.168.81.165
[rsync_client]
192.168.81.162
192.168.81.163
第四章 编写task目录下main.yml
vim /etc/ansible/roles/init/tasks/main.yml
#01.配置base源
- name: 01_configure_base_repos
get_url: url=http://mirrors.aliyun.com/repo/Centos-7.repo dest=/etc/yum.repos.d/CentOS-Base.repo
#02.配置epel源
- name: 02_configure_epel_repos
get_url: url=http://mirrors.aliyun.com/repo/epel-7.repo dest=/etc/yum.repos.d/epel.repo
#03.安装常用软件
- name: 03_install_server
yum: name={{ item }} state=installed
loop:
- wget
- lrzsz
- lsof
- nmap
- telnet
- tree
- vim
- ntsysv
- unzip
- sysstat
- ntpdate
- iotop
- iftop
- net-tools
ignore_errors: yes
tags: t3
#04.关闭selinux
- name: 04_close selinx
script: close_selinux.sh
#05.关闭firewalld
- name: 05_close firewalld
systemd: name=firewalld state=stopped enabled=no
#06.设置时区为上海
- name: 06_set_timezone
shell: timedatectl set-timezone Asia/Shanghai
#07.时间同步任务
- name: 07_time_update
cron: name="ntpdate" minute="*/5" job="/usr/sbin/ntpdate time1.aliyun.com >/dev/null 2>&1"
ignore_errors: yes
#08.优化ssh连接速度
- name: 08_ssh_speed
script: ssh.sh
ignore_errors: yes
#09.优化命令行显示
- name: 09_export_PS1
script: PS1.sh
第五章 编写files目录下文件
[root@m01:/etc/ansible/roles/init/files]# vim ssh.sh
#!/bin/bash
sed -i 's/\#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
sed -i 's/.*GSSAPIAuthentication yes/GSSAPIAuthentication no/' /etc/ssh/sshd_config
systemctl restart sshd
[root@m01:/etc/ansible/roles/init/files]# vim PS1.sh
#!/bin/bash
echo export "PS1='\[[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[1;36m\]\w\[\033[00m\]]\\$ '" >> /etc/bashrc
source /etc/bashrc
[root@m01:/etc/ansible/roles/init/files]# cat close_selinux.sh
#!/bin/bash
setenforce 0
sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux
sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
sed -i "s/^SELINUX=permissive/SELINUX=disabled/g" /etc/sysconfig/selinux
sed -i "s/^SELINUX=permissive/SELINUX=disabled/g" /etc/selinux/config
第六章 编写入口文件site_init.yml
vim /etc/ansible/roles/site_init.yml
- hosts: all
roles:
- init
第七章 测试结果
[root@m01:/etc/ansible/roles]# ansible-playbook site_init.yml
PLAY [all] ****************************************************************************************************************
TASK [Gathering Facts] ****************************************************************************************************
ok: [192.168.81.165]
ok: [192.168.81.163]
ok: [192.168.81.162]
TASK [init : 01_configure_base_repos] *************************************************************************************
changed: [192.168.81.163]
changed: [192.168.81.162]
changed: [192.168.81.165]
TASK [init : 02_configure_epel_repos] *************************************************************************************
ok: [192.168.81.165]
ok: [192.168.81.163]
changed: [192.168.81.162]
TASK [init : 03_install_server] *******************************************************************************************
ok: [192.168.81.163] => (item=wget)
ok: [192.168.81.165] => (item=wget)
ok: [192.168.81.163] => (item=lrzsz)
ok: [192.168.81.165] => (item=lrzsz)
ok: [192.168.81.163] => (item=lsof)
ok: [192.168.81.165] => (item=lsof)
ok: [192.168.81.163] => (item=nmap)
ok: [192.168.81.165] => (item=nmap)
ok: [192.168.81.163] => (item=telnet)
ok: [192.168.81.165] => (item=telnet)
ok: [192.168.81.163] => (item=tree)
ok: [192.168.81.165] => (item=tree)
ok: [192.168.81.163] => (item=vim)
ok: [192.168.81.163] => (item=ntsysv)
ok: [192.168.81.163] => (item=unzip)
ok: [192.168.81.163] => (item=sysstat)
ok: [192.168.81.163] => (item=ntpdate)
ok: [192.168.81.165] => (item=vim)
ok: [192.168.81.165] => (item=ntsysv)
ok: [192.168.81.165] => (item=unzip)
ok: [192.168.81.165] => (item=sysstat)
ok: [192.168.81.165] => (item=ntpdate)
changed: [192.168.81.162] => (item=wget)
changed: [192.168.81.162] => (item=lrzsz)
changed: [192.168.81.162] => (item=lsof)
changed: [192.168.81.162] => (item=nmap)
changed: [192.168.81.162] => (item=telnet)
changed: [192.168.81.162] => (item=tree)
ok: [192.168.81.162] => (item=vim)
changed: [192.168.81.162] => (item=ntsysv)
changed: [192.168.81.162] => (item=unzip)
changed: [192.168.81.162] => (item=sysstat)
changed: [192.168.81.162] => (item=ntpdate)
TASK [init : 04_close selinx] *********************************************************************************************
changed: [192.168.81.165]
changed: [192.168.81.162]
changed: [192.168.81.163]
TASK [init : 05_close firewalld] ******************************************************************************************
ok: [192.168.81.165]
ok: [192.168.81.163]
ok: [192.168.81.162]
TASK [init : 06_set_timezone] *********************************************************************************************
changed: [192.168.81.163]
changed: [192.168.81.165]
changed: [192.168.81.162]
TASK [init : 07_time_update] **********************************************************************************************
ok: [192.168.81.165]
ok: [192.168.81.163]
changed: [192.168.81.162]
TASK [init : 08_ssh_speed] ************************************************************************************************
changed: [192.168.81.165]
changed: [192.168.81.163]
changed: [192.168.81.162]
TASK [init : 09_export_PS1] ***********************************************************************************************
changed: [192.168.81.165]
changed: [192.168.81.162]
changed: [192.168.81.163]
PLAY RECAP ****************************************************************************************************************
192.168.81.162 : ok=10 changed=8 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.81.163 : ok=10 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.81.165 : ok=10 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0