ansible自動化運維詳細教程及playbook詳解

前言

當下有許多的運維自動化工具( 配置管理 )，例如：Ansible、SaltStack、Puppet、Fabric 等。

Ansible 一種集成 IT 系統的配置管理、應用部署、執行特定任務的開源平臺，是 AnsibleWorks 公司名下的項目，該公司由 Cobbler 及 Func 的做者於 2012 年建立成立。

Ansible 基於 Python 語言實現，由 Paramiko 和 PyYAML 兩個關鍵模塊構建。

Ansible 特色：

• 部署簡單，只需在主控端部署 Ansible 環境，被控端無需作任何操做。
• 默認使用 SSH（Secure Shell）協議對設備進行管理。
• 主從集中化管理。
• 配置簡單、功能強大、擴展性強。
• 支持 API 及自定義模塊，可經過 Python 輕鬆擴展。
• 經過 Playbooks 來定製強大的配置、狀態管理。
• 對雲計算平臺、大數據都有很好的支持。
• 提供一個功能強大、操做性強的 Web 管理界面和 REST API 接口 ---- AWX 平臺。

Ansible 與 SaltStack：

• 最大的區別是 Ansible 無需在被監控主機部署任何客戶端代理，默認經過 SSH 通道進行遠程命令執行或下發配置。
• 相同點是都具有功能強大、靈活的系統管理、狀態配置，都使用 YAML 格式來描述配置，二者都提供豐富的模板及 API，對雲計算平臺、大數據都有很好的支持。

1 安裝ansible

yum -y install ansible
複製代碼

2 配置ansible

ls /etc/ansible
ansible.cfg hosts roles

# ansible.cfg 是 Ansible 工具的配置文件；hosts 用來配置被管理的機器；roles 是一個目錄，playbook 將使用它 複製代碼

2.1 SSH祕鑰認證

ssh-keygen -t rsa
ssh-copy-id root@agent_host_ip
複製代碼

2.2 添加被管理主機

vim /etc/ansible/hosts

[Client]
angent_host_ip_1
angent_host_ip_2
複製代碼

2.3 測試ansible

shell > ansible Client -m ping     # 操做 Client 組 ( all 爲操做 hosts 文件中全部主機 )，-m 指定執行 ping 模塊，下面是返回結果 192.168.12.129 | SUCCESS => { "changed": false, "ping": "pong" } # -i 指定 hosts 文件位置 # -u username 指定 SSH 鏈接的用戶名 # -k 指定遠程用戶密碼 # -f 指定併發數 # -s 如須要 root 權限執行時使用 ( 鏈接用戶不是 root 時 ) # -K -s 時，-K 輸入 root 密碼 複製代碼

3 hosts主機文件

shell > vim /etc/ansible/hosts

www.abc.com     # 定義域名 192.168.1.100 # 定義 IP 192.168.1.150:37268 # 指定端口號 [WebServer] # 定義分組 192.168.1.10 192.168.1.20 192.168.1.30 [DBServer] # 定義多個分組 192.168.1.50 192.168.1.60 Monitor ansible_ssh_port=12378 ansible_ssh_host=192.168.1.200 # 定義別名 # ansible_ssh_host 鏈接目標主機的地址 # ansible_ssh_port 鏈接目標主機的端口，默認 22 時無需指定 # ansible_ssh_user 鏈接目標主機默認用戶 # ansible_ssh_pass 鏈接目標主機默認用戶密碼 # ansible_ssh_connection 目標主機鏈接類型，能夠是 local 、ssh 或 paramiko # ansible_ssh_private_key_file 鏈接目標主機的 ssh 私鑰 # ansible_*_interpreter 指定採用非 Python 的其餘腳本語言，如 Ruby 、Perl 或其餘相似 ansible_python_interpreter 解釋器 [webservers] # 主機名支持正則描述 www[01:50].example.com [dbservers] db-[a:f].example.com 複製代碼

4 ansible經常使用模塊

shell > ansible-doc -l # 列出 Ansible 支持的模塊 shell > ansible-doc ping # 查看該模塊幫助信息 複製代碼

4.1 遠程命令模塊（command / script / shell）

4.1.1 command

command 做爲 Ansible 的默認模塊，能夠運行遠程權限範圍全部的 shell 命令，不支持管道符。

shell > ansible Client -m command -a "free -m" # 查看 Client 分組主機內存使用狀況 複製代碼

4.1.2 script

script 的功能是在遠程主機執行主控端存儲的 shell 腳本文件，至關於 scp + shell 組合。

shell > ansible Client -m script -a "/home/test.sh 12 34" # 遠程執行本地腳本 複製代碼

4.1.3 shell

shell模塊基本和command相同，可是shell支持管道符

shell > ansible Client -m shell -a "/home/test.sh" # 執行遠程腳本 複製代碼

4.2 copy模塊

實現主控端向目標主機拷貝文件，相似於 scp 功能

shell > ansible Client -m copy -a "src=/home/test.sh dest=/tmp/ owner=root group=root mode=0755" # 向 Client 組中主機拷貝 test.sh 到 /tmp 下，屬主、組爲 root ，權限爲 0755 複製代碼

4.3 stat模塊

獲取遠程文件狀態信息，atime/ctime/mtime/md5/uid/gid 等信息

shell > ansible Client -m stat -a "path=/etc/syctl.conf" 複製代碼

4.4 get_url

實如今遠程主機下載指定 URL 到本地，支持 sha256sum 文件校驗

shell > ansible Client -m get_url -a "url=http://www.baidu.com dest=/tmp/index.html mode=0440 force=yes" 複製代碼

4.5 yum

軟件包管理

shell > ansible Client -m yum -a "name=curl state=latest" 複製代碼

4.6 corn

遠程主機 crontab 配置

shell > ansible Client -m cron -a "name='check dirs' hour='5,2' job='ls -alh > /dev/null'" 效果： * 5,2 * * * ls -alh > /dev/null 複製代碼

4.7 mount

遠程主機分區掛載

shell > ansible Client -m mount -a "name=/mnt/data src=/dev/sd0 fstype=ext4 opts=ro state=present" 複製代碼

4.8 service

遠程主機系統服務管理

shell > ansible Client -m service -a "name=nginx state=stoped" shell > ansible Client -m service -a "name=nginx state=restarted" shell > ansible Client -m service -a "name=nginx state=reloaded" 複製代碼

4.9 user

遠程主機用戶管理

shell > ansible Client -m user -a "name=wang comment='user wang'" shell > ansible Client -m user -a "name=wang state=absent remove=yes" # 添加刪除用戶 複製代碼

5 ansible-playbook 詳解

5.1 YAML語法

1. YAML的語法和其餘高階語言相似而且能夠簡單表達清單、散列表、標量等數據結構。（列表用橫杆表示，鍵值對用冒號分割，鍵值對裏又能夠嵌套另外的鍵值對）
2. YAML文件擴展名一般爲.yaml或者.yml。下面爲示例
3. 必定要對齊，只能使用空格

name: tom
age: 21
gender: male
spourse:
    name: lily
    gender: female
children:
    - name: susan
      age: 2
      gender: feamle
    - name: sunny
      age: 10
      gender: male
複製代碼

5.2 核心組件

• tasks：任務
• variables：變量
• templates：模板
• handlers：處理器
• roles：角色

5.3 playbook簡單示例

5.3.1 第一個示例

vim /root/first.yml

- hosts: all
  remote_user: root
  vars: httpd_port=80
  
  tasks:
  - name: install httpd
    yum: name=httpd state=present
  - name: install php
    yum: name=php state=present
  - name: start httpd
    service: name=httpd state=started enabled=true 複製代碼

hosts 定義單個主機或組，vars定義變量，remote_user定義執行命令的遠程用戶，tasks定義執行哪些命令，handlers定義調用哪些處理器

vars(變量)：

• 變量命名： 字母數字下劃線組成，只能以字母開頭

• 變量種類：

  1. facts（內置變量）

     由遠程主機發回的主機屬性信息，這些信息被保存在ansible變量當中

     例如：ansible 192.168.238.170 -m setup 來獲取遠程主機上的屬性信息，這些屬性信息保存在facts中

  2. 經過命令行傳遞

     經過命令行傳遞：ansible-playbook test.yml --extra-vars 「host=www user=tom「（若是劇本中已有此處定義的變量則會被覆蓋）

  3. 經過roles傳遞

  4. 主機變量

     在/etc/ansible/hosts中定義

     [web1]
     192.168.1.1 name=haha
     複製代碼

  5. 組變量

     [group_name:vars]
     foo=bar
     複製代碼

hosts :

/etc/abible/hosts 中指定的遠程主機，並用指定的屬性進行鏈接

ansible_ssh_port 鏈接遠程主機使用的端口

ansible_ssh_user 鏈接遠程主機使用的用戶

ansible_ssh_pass 鏈接遠程主機使用的密碼
複製代碼

cat /etc/ansible/hosts

[web1]
web1.hostname ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass=123
web2.hostname
複製代碼

5.3.2 第二個示例

vim /root/second.yml

- hosts: web1
  remote_user: root
  vars:
    username: bob
    password: 123
    
  tasks:
  - name: add user
    user: name={{ username }} state=present
    when: ansible_os_family == "Debian" - name: set password shell: echo {{ password }} |passwd --stdin {{ username }} - name: install httpd php yum: name={{ item }} state=present with_items: - httpd - php - name: add two users user: name={{ item }} state=present groups={{ item.groups }} with_items: - { name: 'user1', groups: 'group1'} - { name: 'user2', groups: 'group2'} 複製代碼

• 在playbook中調用變量的方式爲{{ variable }}
• when語句用來條件測試
• ansible_os_family 是facts中內置的屬性信息 ansible_os_family的信息可使用ansible all -m setup | grep ansible_os_family 查看
• 在task中調用內置的item變量；在某task後面使用with_items語句來定義元素列表

5.3.3 第三個示例

vim /root/third.yml

- hosts: web1
  remote_user: root
  vars: 
    httpd_port=80
  
  tasks:
  - name: install httpd
    yum: name=httpd state=present
  - name: install php
    yum: name=php state=present
  - name: copy config file
    copy: src=/root/httpd.conf dest=/etc/httpd/conf/httpd.conf
    notify: restart httpd
  - name: start httpd
    service: name=httpd state=started enabled=true handlers: - name: restart httpd service: name=httpd state=restarted 複製代碼

上面的意思是copy中複製過去的文件跟遠程主機上的文件不一樣，就經過notify調用handlers，即重啓httpd服務。

handler是重啓服務是最通用的用法

5.3.4 第四個示例

vim /etc/ansible/hosts
[web1]
192.168.1.1 http_port=80
複製代碼

vim /root/httpd.conf
……
Listen {{ http_port }}
……
複製代碼

vim /root/fourth.yml

- hosts: web1
  remote_user: root
  vars: 
    httpd_port=80
  
  tasks:
  - name: install httpd
    yum: name=httpd state=present
  - name: copy config file
    template: src=/root/httpd.conf dest=/etc/httpd/conf/httpd.conf
    notify: restart httpd
  - name: start httpd
    service: name=httpd state=started enabled=true handlers: - name: restart httpd service: name=httpd state=restarted 複製代碼

templates：用於生成文本文件（配置文件）

模板文件中可以使用jinja2表達式，表達式要定義在{{ }}，也能夠簡單地僅執行變量替換

5.3.5 第五個示例

roles：roles用於實現「代碼複用」，roles以特定的層次型格式組織起來的playbook元素（variables, tasks, templates,handlers）；可被playbook以role的名字直接進行調用

roles的文件結構：

• files/：此角色中用到的全部文件均放置於此目錄中
• templates/： Jinja2模板文件存放位置
• tasks/：任務列表文件；能夠有多個，但至少有一個叫作main.yml的文件
• handlers/：處理器列表文件；能夠有多個，但至少有一個叫作main.yml的文件
• vars/：變量字典文件；能夠有多個，但至少有一個叫作main.yml的文件
• meta/：此角色的特殊設定及依賴關係

mkdir /root/roles
cd /root/roles mkdir -p web1/{files, templayes, tasks, handlers, vars, meta} 複製代碼

vim web1/vars/main.yml
user: tom
group: tom
http_port: 8080
複製代碼

vim web1/tasks/main.yml

- name: install httpd
  yum: name=httpd state=present
- name: copy config file
  template: src=httpd.conf dest=/etc/httpd/conf/httpd.conf
  notify: restart httpd
  tags: conf
- name: start httpd
  service: name=httpd state=started enabled=true 這裏的template指的是相對路徑-->web1/templates tags能夠在運行時指定標籤任務 複製代碼

vim web1/handlers/main.yml

handlers:
- name: restart httpd
  service: name=httpd state=restarted
複製代碼

vim web1/templates/httpd.conf

……
Listen {{ http_port }}
……
複製代碼

定義一個調用roles文件

vim /root/web1.yml

- hosts: web1
  remote_user: root
  roles:
    - web1
    - { role:web2, http_port:8080 }
    
hosts：web1 指在/etc/ansible/hosts中定義的組，上面有定義
roles: web1 指的是當前目錄下的web1目錄，也可經過role傳遞變量， 也可調用多個role
這樣只需更改hosts的主機就能夠實現不一樣主機的代碼重用了
複製代碼

運行

ansible-playbook web1.yml
指定運行任務：
ansible-playbook -t conf web1.yml
複製代碼

5.4 使用ansible-playbook安裝zabbix

5.4.1 定義hosts

shell > vim /etc/ansible/hosts

[mini]

129.139.153.78:16283
155.139.190.94:12573
複製代碼

5.4.2 定義入口文件install_zabbix_agent.yml

shell > vim /etc/ansible/install_zabbix_agent.yml

---
- hosts: mini
  roles:
  - install_zabbix_agent

## 能夠看到將要安裝的主機組爲 mini 組，角色爲 install_zabbix_agent 複製代碼

5.4.3 定義角色 install_zabbix_agent

shell > tree /etc/ansible/roles/install_zabbix_agent/

├── files
│    └── zabbix-2.4.5.tar.gz
├── tasks
│    └── main.yml
├── templates
│    ├── zabbix_agentd
│    └── zabbix_agentd.conf
└── vars
      └── main.yml

## 創建 files 目錄，存放編譯安裝過的 zabbix_agent 目錄的壓縮文件，用於拷貝到遠程主機 ## 創建 tasks 目錄，用於編寫將要執行的任務 ## 創建 templates 目錄，用於存放可變的模板文件 ## 創建 vars 目錄，用於存放變量信息 複製代碼

5.4.4 創建tasks主文件

shell > cat /etc/ansible/roles/install_zabbix_agent/tasks/main.yml

---
  - name: Install Software
    yum: name={{ item }} state=latest
    with_items:
      - libcurl-devel
  - name: Create Zabbix User
    user: name={{ zabbix_user }} state=present createhome=no shell=/sbin/nologin
  - name: Copy Zabbix.tar.gz
    copy: src=zabbix-{{ zabbix_version }}.tar.gz dest={{ zabbix_dir }}/src/zabbix-{{ zabbix_version }}.tar.gz owner=root group=root
  - name: Uncompression Zabbix.tar.gz
    shell: tar zxf {{ zabbix_dir }}/src/zabbix-{{ zabbix_version }}.tar.gz -C {{ zabbix_dir }}/
  - name: Copy Zabbix Start Script
    template: src=zabbix_agentd dest=/etc/init.d/zabbix_agentd owner=root group=root mode=0755
  - name: Copy Zabbix Config File
    template: src=zabbix_agentd.conf dest={{ zabbix_dir }}/zabbix/etc/zabbix_agentd.conf owner={{ zabbix_user }} group={{ zabbix_user }} mode=0644
  - name: Modify Zabbix Dir Permisson
    file: path={{ zabbix_dir }}/zabbix owner={{ zabbix_user }} group={{ zabbix_user }} mode=0755 recurse=yes
  - name: Start Zabbix Service
    shell: /etc/init.d/zabbix_agentd start
  - name: Add Boot Start Zabbix Service
    shell: chkconfig --level 35 zabbix_agentd on
複製代碼

5.4.5 創建主變量文件

shell > cat /etc/ansible/roles/install_zabbix_agent/vars/main.yml

zabbix_dir: /usr/local zabbix_version: 2.4.5 zabbix_user: zabbix zabbix_port: 10050 zabbix_server_ip: 131.142.101.120 複製代碼

5.4.6 創建模板文件

shell > cat /etc/ansible/roles/install_zabbix_agent/templates/zabbix_agentd

#!/bin/bash # # chkconfig: - 90 10 # description: Starts and stops Zabbix Agent using chkconfig # Tested on Fedora Core 2 - 5 # Should work on all Fedora Core versions # # @name: zabbix_agentd # @author: Alexander Hagenah <hagenah@topconcepts.com> # @created: 18.04.2006 # # Modified for Zabbix 2.0.0 # May 2012, Zabbix SIA # # Source function library. . /etc/init.d/functions # Variables # Edit these to match your system settings # Zabbix-Directory BASEDIR={{ zabbix_dir }}/zabbix # Binary File BINARY_NAME=zabbix_agentd # Full Binary File Call FULLPATH=$BASEDIR/sbin/$BINARY_NAME # PID file PIDFILE=/tmp/$BINARY_NAME.pid # Establish args ERROR=0 STOPPING=0 # # No need to edit the things below # # application checking status if [ -f $PIDFILE ] && [ -s $PIDFILE ] then PID=`cat $PIDFILE` if [ "x$PID" != "x" ] && kill -0 $PID 2>/dev/null && [ $BINARY_NAME == `ps -e | grep $PID | awk '{print $4}'` ] then STATUS="$BINARY_NAME (pid `pidof $APP`) running.." RUNNING=1 else rm -f $PIDFILE STATUS="$BINARY_NAME (pid file existed ($PID) and now removed) not running.." RUNNING=0 fi else if [ `ps -e | grep $BINARY_NAME | head -1 | awk '{ print $1 }'` ] then STATUS="$BINARY_NAME (pid `pidof $APP`, but no pid file) running.." else STATUS="$BINARY_NAME (no pid file) not running" fi RUNNING=0 fi # functions start() { if [ $RUNNING -eq 1 ] then echo "$0 $ARG: $BINARY_NAME (pid $PID) already running" else action $"Starting $BINARY_NAME: " $FULLPATH touch /var/lock/subsys/$BINARY_NAME fi } stop() { echo -n $"Shutting down $BINARY_NAME: " killproc $BINARY_NAME RETVAL=$? echo [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$BINARY_NAME RUNNING=0 } # logic case "$1" in start) start ;; stop) stop ;; status) status $BINARY_NAME ;; restart) stop sleep 10 start ;; help|*) echo $"Usage: $0 {start|stop|status|restart|help}" cat <<EOF start - start $BINARY_NAME stop - stop $BINARY_NAME status - show current status of $BINARY_NAME restart - restart $BINARY_NAME if running by sending a SIGHUP or start if not running help - this screen EOF exit 1 ;; esac exit 0 複製代碼

shell > cat /etc/ansible/roles/install_zabbix_agent/templates/zabbix_agentd.conf

# This is a config file for the Zabbix agent daemon (Unix) # To get more information about Zabbix, visit http://www.zabbix.com ############ GENERAL PARAMETERS ################# ### Option: PidFile # Name of PID file. # # Mandatory: no # Default: # PidFile=/tmp/zabbix_agentd.pid ### Option: LogFile # Name of log file. # If not set, syslog is used. # # Mandatory: no # Default: # LogFile= LogFile=/tmp/zabbix_agentd.log ### Option: LogFileSize # Maximum size of log file in MB. # 0 - disable automatic log rotation. # # Mandatory: no # Range: 0-1024 # Default: # LogFileSize=1 ### Option: DebugLevel # Specifies debug level # 0 - basic information about starting and stopping of Zabbix processes # 1 - critical information # 2 - error information # 3 - warnings # 4 - for debugging (produces lots of information) # # Mandatory: no # Range: 0-4 # Default: # DebugLevel=3 ### Option: SourceIP # Source IP address for outgoing connections. # # Mandatory: no # Default: # SourceIP= ### Option: EnableRemoteCommands # Whether remote commands from Zabbix server are allowed. # 0 - not allowed # 1 - allowed # # Mandatory: no # Default: # EnableRemoteCommands=0 ### Option: LogRemoteCommands # Enable logging of executed shell commands as warnings. # 0 - disabled # 1 - enabled # # Mandatory: no # Default: # LogRemoteCommands=0 ##### Passive checks related ### Option: Server # List of comma delimited IP addresses (or hostnames) of Zabbix servers. # Incoming connections will be accepted only from the hosts listed here. # If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally. # # Mandatory: no # Default: # Server= Server={{ zabbix_server_ip }} ### Option: ListenPort # Agent will listen on this port for connections from the server. # # Mandatory: no # Range: 1024-32767 # Default: # ListenPort=10050 ListenPort={{ zabbix_port }} ### Option: ListenIP # List of comma delimited IP addresses that the agent should listen on. # First IP address is sent to Zabbix server if connecting to it to retrieve list of active checks. # # Mandatory: no # Default: # ListenIP=0.0.0.0 ### Option: StartAgents # Number of pre-forked instances of zabbix_agentd that process passive checks. # If set to 0, disables passive checks and the agent will not listen on any TCP port. # # Mandatory: no # Range: 0-100 # Default: # StartAgents=3 ##### Active checks related ### Option: ServerActive # List of comma delimited IP:port (or hostname:port) pairs of Zabbix servers for active checks. # If port is not specified, default port is used. # IPv6 addresses must be enclosed in square brackets if port for that host is specified. # If port is not specified, square brackets for IPv6 addresses are optional. # If this parameter is not specified, active checks are disabled. # Example: ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1] # # Mandatory: no # Default: # ServerActive= #ServerActive=127.0.0.1:10051 ### Option: Hostname # Unique, case sensitive hostname. # Required for active checks and must match hostname as configured on the server. # Value is acquired from HostnameItem if undefined. # # Mandatory: no # Default: # Hostname= Hostname={{ ansible_all_ipv4_addresses[1] }} ### Option: HostnameItem # Item used for generating Hostname if it is undefined. Ignored if Hostname is defined. # Does not support UserParameters or aliases. # # Mandatory: no # Default: # HostnameItem=system.hostname ### Option: HostMetadata # Optional parameter that defines host metadata. # Host metadata is used at host auto-registration process. # An agent will issue an error and not start if the value is over limit of 255 characters. # If not defined, value will be acquired from HostMetadataItem. # # Mandatory: no # Range: 0-255 characters # Default: # HostMetadata= ### Option: HostMetadataItem # Optional parameter that defines an item used for getting host metadata. # Host metadata is used at host auto-registration process. # During an auto-registration request an agent will log a warning message if # the value returned by specified item is over limit of 255 characters. # This option is only used when HostMetadata is not defined. # # Mandatory: no # Default: # HostMetadataItem= ### Option: RefreshActiveChecks # How often list of active checks is refreshed, in seconds. # # Mandatory: no # Range: 60-3600 # Default: # RefreshActiveChecks=120 ### Option: BufferSend # Do not keep data longer than N seconds in buffer. # # Mandatory: no # Range: 1-3600 # Default: # BufferSend=5 ### Option: BufferSize # Maximum number of values in a memory buffer. The agent will send # all collected data to Zabbix Server or Proxy if the buffer is full. # # Mandatory: no # Range: 2-65535 # Default: # BufferSize=100 ### Option: MaxLinesPerSecond # Maximum number of new lines the agent will send per second to Zabbix Server # or Proxy processing 'log' and 'logrt' active checks. # The provided value will be overridden by the parameter 'maxlines', # provided in 'log' or 'logrt' item keys. # # Mandatory: no # Range: 1-1000 # Default: # MaxLinesPerSecond=100 ############ ADVANCED PARAMETERS ################# ### Option: Alias # Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one. # Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed. # Different Alias keys may reference the same item key. # For example, to retrieve the ID of user 'zabbix': # Alias=zabbix.userid:vfs.file.regexp[/etc/passwd,^zabbix:.:([0-9]+),,,,\1] # Now shorthand key zabbix.userid may be used to retrieve data. # Aliases can be used in HostMetadataItem but not in HostnameItem parameters. # # Mandatory: no # Range: # Default: ### Option: Timeout # Spend no more than Timeout seconds on processing # # Mandatory: no # Range: 1-30 # Default: Timeout=20 ### Option: AllowRoot # Allow the agent to run as 'root'. If disabled and the agent is started by 'root', the agent # will try to switch to the user specified by the User configuration option instead. # Has no effect if started under a regular user. # 0 - do not allow # 1 - allow # # Mandatory: no # Default: # AllowRoot=0 ### Option: User # Drop privileges to a specific, existing user on the system. # Only has effect if run as 'root' and AllowRoot is disabled. # # Mandatory: no # Default: # User=zabbix ### Option: Include # You may include individual files or all files in a directory in the configuration file. # Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time. # # Mandatory: no # Default: # Include= # Include=/usr/local/etc/zabbix_agentd.userparams.conf # Include=/usr/local/etc/zabbix_agentd.conf.d/ # Include=/usr/local/etc/zabbix_agentd.conf.d/*.conf ####### USER-DEFINED MONITORED PARAMETERS ####### ### Option: UnsafeUserParameters # Allow all characters to be passed in arguments to user-defined parameters. # 0 - do not allow # 1 - allow # # Mandatory: no # Range: 0-1 # Default: UnsafeUserParameters=1 ### Option: UserParameter # User-defined parameter to monitor. There can be several user-defined parameters. # Format: UserParameter=<key>,<shell command> # See 'zabbix_agentd' directory for examples. # # Mandatory: no # Default: # UserParameter= ####### LOADABLE MODULES ####### ### Option: LoadModulePath # Full path to location of agent modules. # Default depends on compilation options. # # Mandatory: no # Default: # LoadModulePath=${libdir}/modules ### Option: LoadModule # Module to load at agent startup. Modules are used to extend functionality of the agent. # Format: LoadModule=<module.so> # The modules must be located in directory specified by LoadModulePath. # It is allowed to include multiple LoadModule parameters. # # Mandatory: no # Default: # LoadModule= 複製代碼

5.4.7 安裝

shell > ansible-playbook /etc/ansible/install_zabbix_agent.yml

PLAY [mini] *******************************************************************

GATHERING FACTS ***************************************************************
ok: [129.139.153.78]
ok: [155.139.190.94]

TASK: [install_zabbix_agent | Install Software] *******************************
changed: [155.139.190.94] => (item=libcurl-devel)
changed: [129.139.153.78] => (item=libcurl-devel)

TASK: [install_zabbix_agent | Create Zabbix User] *****************************
changed: [129.139.153.78]
changed: [155.139.190.94]

TASK: [install_zabbix_agent | Copy Zabbix.tar.gz] *****************************
changed: [129.139.153.78]
changed: [155.139.190.94]

TASK: [install_zabbix_agent | Uncompression Zabbix.tar.gz] ********************
changed: [129.139.153.78]
changed: [155.139.190.94]

TASK: [install_zabbix_agent | Copy Zabbix Start Script] ***********************
changed: [155.139.190.94]
changed: [129.139.153.78]

TASK: [install_zabbix_agent | Copy Zabbix Config File] ************************
changed: [129.139.153.78]
changed: [155.139.190.94]

TASK: [install_zabbix_agent | Modify Zabbix Dir Permisson] ********************
changed: [155.139.190.94]
changed: [129.139.153.78]

TASK: [install_zabbix_agent | Start Zabbix Service] ***************************
changed: [129.139.153.78]
changed: [155.139.190.94]

TASK: [install_zabbix_agent | Add Boot Start Zabbix Service] ******************
changed: [129.139.153.78]
changed: [155.139.190.94]

PLAY RECAP ********************************************************************
155.139.190.94               : ok=10   changed=9    unreachable=0    failed=0
129.139.153.78               : ok=10   changed=9    unreachable=0    failed=0

## 關注一下，啓動腳本跟配置文件中變量的引用。 ## 完成安裝，能夠去客戶機檢查效果了 ！

做者：gongzhao 連接：https://juejin.im/post/5b3a074d51882548bc3aa35e 來源：掘金 著做權歸做者全部。商業轉載請聯繫做者得到受權，非商業轉載請註明出處。