[installation and configuration of Redhat automated operation and maintenance tool ansible]

Posted by [Demonoid] on Tue, 15 Feb 2022 14:20:10 +0100

ansible is an automatic operation and maintenance tool, which is developed based on Python. It integrates the advantages of many operation and maintenance tools (puppet, cfengine, chef, func and fabric), and realizes batch system configuration, batch program deployment and batch Run command And other functions. After installing Ansible, you do not need to start or run a background process or add a database. As long as it is installed on a computer (which can be a laptop), a group of remote machines can be managed through this computer. On the remotely managed machine, there is no need to install and run any software, so upgrading Ansible version will not have too many problems. At present, Ansible can be run as long as Python 2.6 or Python 2.7 is installed on the machine (Windows system cannot be used as the control host).

I Configure local and online warehouses

At / etc / yum.com repos. D directory to create red8 Repo warehouse file.

[root@Redhat-node-1 ~]# cd /etc/yum.repos.d/
[root@Redhat-node-1 yum.repos.d]# vim red8.repo

At / etc / yum.com repos. d/red8. Write the following in repo

  1 [a]                     #yum warehouse name
  2 name=a 
  3 baseurl=file:///mnt/zhang/AppStream # local yum warehouse source address: is the address you mounted
  4 gpgcheck=0                   #Whether to gpg check
  5 enable=1                    #Available
  6 
  7 [b]
  8 name=b
  9 baseurl=file:///mnt/zhang/BaseOS
 10 gpgcheck=0
 11 enable=1
 12 
 13 
 14 
 15 [c]              #Online yum source: the official y online um source of Tsinghua University is selected here
 16 name=c
 17 baseurl=https://mirrors.tuna.tsinghua.edu.cn/epel/8/Everything/x86_64/
 18 gpgcheck=0
 19 enable=1

Then use yum clean all to clear the cache

[root@Redhat-node-1 yum.repos.d]# yum clean all

Regenerate the cache using yum makecache

[root@Redhat-node-1 yum.repos.d]# yum makecache

The output results are as follows: successful

II Download ansible and configure

[root@Redhat-node-1 yum.repos.d]# yum -y install ansible

After downloading ansible, you should pay attention to several of his files

Commonly used is: ansible CFG and hosts file systems. By default, these two files are located under: / etc/ansible. Generally, we create these two files ourselves, as follows:

[root@Redhat-node-1 ~]# mkdir /root/ansible
[root@Redhat-node-1 ~]# cd /root/ansible/
[root@Redhat-node-1 ansible]# vim ansible.cfg

write in:

Create a host manifest file in the / root/ansible directory and write it to the host

[root@Redhat-node-1 ansible]# vim hosts 
  1 [total]               #Group name
  2 192.168.175.132    #Host IP address
  3 192.168.175.133
  4 192.168.175.134
  5 
  6 [server]          #Group name
  7 Redhat-node-3     #Host name: if the host name is written, you need to write the IP address and host name of the host in the / etc/hosts file.
  8 Redhat-node-4
  9 
 10 [db]
 11 Redhat-node-2

ping module that executes the ansible command in the working directory

[root@Redhat-node-1 ansible]# ansible total -m ping 

If an error is reported

This is because ansible is ssh key authentication. Solution:

[root@Redhat-node-1 ansible]# ssh-keygen          #Generate key
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:BvJMV+VYOM4Bt1ZDg+G0beAGLpwMBpVj//uXl32kJdQ root@Redhat-node-1
The key's randomart image is:
+---[RSA 3072]----+
|  .o+.  o.**B    |
|   .++ o B=X o   |
|   ..oB ooOo+  . |
|     =.+ oo.  . E|
|      o.S    .   |
|       ..     . o|
|         .   . B |
|        .   o + o|
|         ... .  .|
+----[SHA256]-----+

#All the way back
[root@Redhat-node-1 ansible]# ssh-copy-id 192.168.175.132      #Send the public key to the managed machine
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.175.132's password:       #Enter the root password of the managed machine

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.175.132'"
and check to make sure that only the key(s) you wanted were added.



#Other managed machines also perform this operation

Enter the working directory and test again

[root@Redhat-node-1 ansible]# ansible total -m ping 
192.168.175.132 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
192.168.175.134 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
192.168.175.133 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}

You can succeed

III summary

ansible adopts ssh, and the detailed notes of its configuration file are as follows

#Ansible main configuration file: / etc / ansible / ansible CFG, which generally remains the default. There is no need to restart after modifying the configuration file.
[defaults]
# some basic default values...
#inventory = /etc/ansible/hosts   #Host list profile
#library = /usr/share/my_modules/  #Storage directory of library files
#remote_tmp = ~/.ansible/tmp  #The temporary py command file is stored in the remote host directory
#local_tmp = ~/.ansible/tmp  #Local temporary command execution directory
#forks = 5  #The default concurrency number can be understood as the operation of connecting 5 hosts in each batch.
#sudo_user = root  #Default sudo user
#ask_sudo_pass = True  #Whether to ask for ssh password every time the ansible command is executed
#ask_pass  = True
#remote_port = 22
#host_key_checking = False  #Check the host of the corresponding server_ Key, it is recommended to cancel the comment and do not check, 										 Improve the convenience of ssh connection.
#log_path = /var/log/ansible.log  #Log file. It is recommended to uncomment and enable logging.

It is very suitable for server cluster management. It is really suitable for friends who study operation and maintenance. Next time, I'll share the online yum source of ansible deploying httpd.

Pay attention and don't get lost, thank you!

Topics: Linux Operation & Maintenance