ansible操做

1、安裝

修改管理員密碼

2、批量推送公鑰
1.使用 ssh-keygen -t rsa生成密鑰對
ssh-keygen -t rsa

2.推送單個公鑰到遠程機器
格式： ssh-copy-id -i ~/.ssh/id_rsa.pub username@[ip,hostname]

ssh-copy-id -i ~/.ssh/id_rsa.pub username@192.168.198.x

3.添加ansible hosts
編輯/etc/ansible/hosts,沒有則建立些文件。

格式：【主機名】 【主機地址】 【主機密碼】 默認是root用戶來進行的

[all]
1 ansible_ssh_user="root" ansible_ssh_host=192.168.198.131 ansible_ssh_pass="123456"
2 ansible_ssh_user="root" ansible_ssh_host=192.168.198.134 ansible_ssh_pass="123456"
3 ansible_ssh_user="root" ansible_ssh_host=192.168.198.141 ansible_ssh_pass="123456"

新版的ansible(2.4) hosts有更新， 用如下方式：

[all]
192.168.198.131 ansible_user=root ansible_ssh_pass="123456"
192.168.198.141 ansible_user=root ansible_ssh_pass="123456"
192.168.198.134 ansible_user=root ansible_ssh_pass="123456"

4.批量推送公鑰到遠程機器
機器多的狀況下，使用ssh-copy-id方法有些費時，使用ansible-playbook推送ymal，這裏使用到了authoried_keys模塊，能夠參考 http://docs.ansible.com/authorized_key_module.html

[root@mha ansible]# ls
ansible.cfg hosts push.ssh.ymal roles
[root@mha ansible]# cat push.ssh.ymal

- hosts: all
    user: root
    tasks:
     - name: ssh-copy
       authorized_key: user=root key="{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
       tags:
         - sshkey

5.執行推送命令
ansible-playbook push.ssh.ymal
[root@mha ansible]# ansible-playbook push.ssh.ymal

PLAY [all] **

TASK [Gathering Facts] **
ok: [192.168.198.134]
ok: [192.168.198.141]
ok: [192.168.198.131]

TASK [ssh-copy] *****
ok: [192.168.198.134]
ok: [192.168.198.141]
changed: [192.168.198.131]

PLAY RECAP **
192.168.198.131 : ok=2 changed=1 unreachable=0 failed=0
192.168.198.134 : ok=2 changed=0 unreachable=0 failed=0
192.168.198.141 : ok=2 changed=0 unreachable=0 failed=0

新增用戶和建立密碼
[root@nginx-proxy-01-keepalived ansible]# ansible nginx -m shell -a "useradd wsw && echo "123456"| passwd --stdin wsw"
192.168.198.131 | SUCCESS | rc=0 >>
Changing password for user wsw.
passwd: all authentication tokens updated successfully.

192.168.198.134 | SUCCESS | rc=0 >>
Changing password for user wsw.
passwd: all authentication tokens updated successfully.

192.168.198.145 | SUCCESS | rc=0 >>
Changing password for user wsw.
passwd: all authentication tokens updated successfully.

192.168.198.144 | SUCCESS | rc=0 >>
Changing password for user wsw.
passwd: all authentication tokens updated successfully.

3、檢查主機組或者是單一個主機
[root@mha ansible-tower-setup-3.1.0]# ansible all -m shell -a "mysql -uroot -p123456 -e 'use test;show tables'"
192.168.198.134 | SUCCESS | rc=0 >>
Tables_in_test
t3
t4
t44
t5
tt1

192.168.198.131 | FAILED | rc=127 >>
/bin/sh: mysql: command not found

192.168.198.141 | SUCCESS | rc=0 >>
Tables_in_test
t3
t4
t44
t5
tt1

4、ansible-playbook
一、關於git pull
[root@mha ansible-for-devops]# cat git.yml

---
- hosts: 192.168.198.131
  gather_facts: no

  tasks:
  - name: mkdir code.
    shell: mkdir /root/600

  tasks:
  - name: git pull the code.
    git: repo=git@git.coding.net:wsw26/600.git  dest=/root/600/

二、關於git pull緊接着checkout branch
[root@mha ansible-for-devops]# cat git.yml

---
- hosts: 192.168.198.131
  gather_facts: no

  tasks:
  - name: mkdir code.
    shell: mkdir /root/600

  tasks:
  - name: git pull the code.
    git: repo=git@git.coding.net:wsw26/600.git  dest=/root/600/

  tasks:
  - git: 
       repo: git@git.coding.net:wsw26/600.git  
       dest: /root/600/  
       version: v1.9.306

客戶機能順利把代碼拉下來並切換分支了

4、ansible-tower


編譯打開