ansible简介

本文 http://blog.codeg.cn/2015/10/08/ansible/ 是作者zieckey在研究和学习相关内容时所做的笔记,欢迎广大朋友指正和交流! 版权所有,欢迎转载和分享,但请保留此段声明。

简介

ansible是新出现的自动化运维工具,基于Python开发,集合了众多运维工具(puppet、cfengine、chef、func、fabric)的优点,实现了批量系统配置、批量程序部署、批量运行命令等功能。ansible是基于模块工作的,本身没有批量部署的能力。真正具有批量部署的是ansible所运行的模块,ansible只是提供一种框架。主要包括:

  1. 连接插件connection plugins:负责和被监控端实现通信;
  2. host inventory:指定操作的主机,是一个配置文件里面定义监控的主机;
  3. 各种模块核心模块、command模块、自定义模块;
  4. 借助于插件完成记录日志邮件等功能;
  5. playbook:剧本执行多个任务时,非必需可以让节点一次性运行多个任务。

在centos上安装

直接使用yum安装即可: sudo yum install ansible

简单使用

其默认的配置路径: /etc/ansible/ansible.cfg

为了避免SHH key host检查,可以将下面配置项打开:

host_key_checking = False

另外,为避免一些依赖(依赖目标机器上的软件环境),可以使用 -m raw 参数,例如下面是没有加这个参数时会出错:

$ ansible builddev -m shell -a "uname -a" -k       
SSH password: 
10.16.28.17 | FAILED >> {
    "failed": true, 
    "msg": "/usr/bin/python: not found\n", 
    "parsed": false
}

加上这个参数就没有问题: ansible builddev -m shell -m raw -a "uname -a" -k

修改配置文件

ansible使用配置文件 /etc/ansible/hosts 。其格式如下:


# This is the default ansible 'hosts' file.
#
# It should live in /etc/ansible/hosts
#
#   - Comments begin with the '#' character
#   - Blank lines are ignored
#   - Groups of hosts are delimited by [header] elements
#   - You can enter hostnames or ip addresses
#   - A hostname/ip can be a member of multiple groups

# Ex 1: Ungrouped hosts, specify before any group headers.

green.example.com
blue.example.com
192.168.100.1
192.168.100.10

# Ex 2: A collection of hosts belonging to the 'webservers' group

[webservers]
alpha.example.org
beta.example.org
192.168.1.100
192.168.1.110

# If you have multiple hosts following a pattern you can specify
# them like this:

www[001:006].example.com

# Ex 3: A collection of database servers in the 'dbservers' group

[dbservers]

db01.intranet.mydomain.net
db02.intranet.mydomain.net
10.25.1.56
10.25.1.57

# Here's another example of host ranges, this time there are no
# leading 0s:

db-[99:101]-node.example.com

我们编辑这个文件,删除原来所有的配置,然后增加一个group,最终完整文件内容如下:

[build]
10.16.29.179
10.16.28.17
10.16.28.18
10.16.29.88

使用

示例1:ansible build -a date -k

该命令标示针对build这一组机器,执行date命令,-k标示要使用ssh时提示密码输入符,

[codeg@build ~]$ ansible build -a date -k       
SSH password: 

paramiko: The authenticity of host '10.16.29.88' can't be established.
The ssh-rsa key fingerprint is 3151f8e35301c476af609c3bb31b5e37.
Are you sure you want to continue connecting (yes/no)?
yes
10.16.28.18 | success | rc=0 >>
Thu Oct  8 11:43:49 CST 2015

10.16.29.179 | success | rc=0 >>
Thu Oct  8 11:50:14 CST 2015

10.16.28.17 | success | rc=0 >>
Thu Oct  8 11:50:14 CST 2015

10.16.29.88 | success | rc=0 >>
Thu Oct  8 11:50:18 CST 2015

示例2,执行复杂的命令:ansible build -m shell -a “ls -l | head -1” -k

使用shell模块,表明是执行shell指令。

$ ansible build -m shell -a "ls -l | head -1" -k
SSH password: 
10.16.28.17 | success | rc=0 >>
total 454360

10.16.28.18 | success | rc=0 >>
total 33288

10.16.29.179 | success | rc=0 >>
total 87776

10.16.29.88 | success | rc=0 >>
total 469384ls: write error: Broken pipe

示例3,文件拷贝:ansible build -m copy -a “src=a.sh dest=/tmp/abcx.sh” -k

使用copy模块来传输文件,通过src/dest两个参数来指定原始文件和目标机的目的地址。

$ ansible build -m copy -a "src=a.sh dest=/tmp/abcx.sh" -k  
SSH password: 
10.16.28.18 | success >> {
    "changed": true, 
    "checksum": "b9da991c935ccdda2231e2a3704ef943035dd4d4", 
    "dest": "/tmp/abcx.sh", 
    "gid": 3534, 
    "group": "codeg", 
    "md5sum": "1506d51353f96a582b86891999e63091", 
    "mode": "0664", 
    "owner": "codeg", 
    "size": 61, 
    "src": "/home/codeg/.ansible/tmp/ansible-tmp-1444292722.63-246642726358339/source", 
    "state": "file", 
    "uid": 3534
}

10.16.28.17 | success >> {
    "changed": true, 
    "checksum": "b9da991c935ccdda2231e2a3704ef943035dd4d4", 
    "dest": "/tmp/abcx.sh", 
    "gid": 3534, 
    "group": "codeg", 
    "md5sum": "1506d51353f96a582b86891999e63091", 
    "mode": "0664", 
    "owner": "codeg", 
    "size": 61, 
    "src": "/home/codeg/.ansible/tmp/ansible-tmp-1444292722.67-256074204427798/source", 
    "state": "file", 
    "uid": 3534
}

10.16.29.88 | success >> {
    "changed": true, 
    "checksum": "b9da991c935ccdda2231e2a3704ef943035dd4d4", 
    "dest": "/tmp/abcx.sh", 
    "gid": 3534, 
    "group": "codeg", 
    "md5sum": "1506d51353f96a582b86891999e63091", 
    "mode": "0664", 
    "owner": "codeg", 
    "size": 61, 
    "src": "/home/codeg/.ansible/tmp/ansible-tmp-1444292722.64-195326527082374/source", 
    "state": "file", 
    "uid": 3534
}

10.16.29.179 | success >> {
    "changed": true, 
    "checksum": "b9da991c935ccdda2231e2a3704ef943035dd4d4", 
    "dest": "/tmp/abcx.sh", 
    "gid": 3534, 
    "group": "codeg", 
    "md5sum": "1506d51353f96a582b86891999e63091", 
    "mode": "0664", 
    "owner": "codeg", 
    "size": 61, 
    "src": "/home/codeg/.ansible/tmp/ansible-tmp-1444292722.68-230895291500491/source", 
    "state": "file", 
    "uid": 3534
}

$ ansible build -m shell -a "ls /tmp/abcx.sh" -k                   
SSH password: 
10.16.28.18 | success | rc=0 >>
/tmp/abcx.sh

10.16.28.17 | success | rc=0 >>
/tmp/abcx.sh

10.16.29.179 | success | rc=0 >>
/tmp/abcx.sh

10.16.29.88 | success | rc=0 >>
/tmp/abcx.sh

示例4,批量拷贝文件:

TODO

参考文献

  1. 官方文档
  2. 自动化运维工具之ansible