Ansible入门安装-睿象云平台

Ansible入门安装

本站部分文章、图片属于网络上可搜索到的公开信息，均用于学习和交流用途，不能代表睿象云的观点、立场或意见。我们接受网民的监督，如发现任何违法内容或侵犯了您的权益，请第一时间联系小编邮箱jiasou666@gmail.com 处理。

Ansible入门安装

Ansible简介

ansible是一个用于自动化运维的配置管理和应用部署工具，基于Python开发，集合了众多运维工具（puppet、cfengien、chef、func、fabric、SaltStack）的优点，实现了批量系统配置、批量程序部署、批量运行命令等功能。ansible是基于模块工作的，本身让那个没有批量部署的能力，真正具有批量部署能力的是ansible所运行的模块。

Ansible架构

Ansible特性

模块化：调用特定的模块，完成特定任务有的paramiko、pyYAML、Jinja2的（模块语言）三个关键模块支持自定义模块基于Python的语言实现部署简单，基于蟒和SSH（默认已安装），无代理安全，基于OpenSSH的支持剧本编排任务幂等性：一个任务执行1遍和执行N遍效果一样，不因重复执行带来意外情况无需代理不依赖PKI（无需SSL）可使用任何编程语言写模块YAML格式，编排任务，支持丰富的数据结构较强大的多层解决方案

Ansible工作原理

实验环境信息

4台主机，系统信息：Centos7.2-1511版本，用户：root，1台作为管理机ip地址为：20.20.20.122，3台作为被管理机（称为客户机），ip地址为：20.20.20.115-117

Ansible安装部署

1、安装配置管理主机

[root@AnsibleManager ~]# yum install -y ansibleLoaded plugins: fastestmirrorbase | 3.6 kB 00:00:00extras | 3.4 kB 00:00:00updates | 3.4 kB 00:00:00updates/7/x86_64/primary_db | 5.0 MB 00:00:01Loading mirror speeds from cached hostfileResolving Dependencies--> Running transaction check---> Package ansible.noarch 0:2.4.2.0-2.el7 will be installed--> Processing Dependency: sshpass for package: ansible-2.4.2.0-2.el7.noarch--> Processing Dependency: python2-jmespath for package: ansible-2.4.2.0-2.el7.noarch--> Processing Dependency: python-setuptools for package: ansible-2.4.2.0-2.el7.noarch--> Processing Dependency: python-passlib for package: ansible-2.4.2.0-2.el7.noarch--> Processing Dependency: python-paramiko for package: ansible-2.4.2.0-2.el7.noarch--> Processing Dependency: python-jinja2 for package: ansible-2.4.2.0-2.el7.noarch--> Processing Dependency: python-httplib2 for package: ansible-2.4.2.0-2.el7.noarch--> Processing Dependency: python-cryptography for package: ansible-2.4.2.0-2.el7.noarch--> Processing Dependency: PyYAML for package: ansible-2.4.2.0-2.el7.noarch--> Running transaction check---> Package PyYAML.x86_64 0:3.10-11.el7 will be installed--> Processing Dependency: libyaml-0.so.2()(64bit) for package: PyYAML-3.10-11.el7.x86_64---> Package python-httplib2.noarch 0:0.9.2-1.el7 will be installed---> Package python-jinja2.noarch 0:2.7.2-3.el7_6 will be installed--> Processing Dependency: python-babel >= 0.8 for package: python-jinja2-2.7.2-3.el7_6.noarch--> Processing Dependency: python-markupsafe for package: python-jinja2-2.7.2-3.el7_6.noarch---> Package python-paramiko.noarch 0:2.1.1-9.el7 will be installed--> Processing Dependency: python2-pyasn1 for package: python-paramiko-2.1.1-9.el7.noarch---> Package python-passlib.noarch 0:1.6.5-2.el7 will be installed---> Package python-setuptools.noarch 0:0.9.8-7.el7 will be installed--> Processing Dependency: python-backports-ssl_match_hostname for package: python-setuptools-0.9.8-7.el7.noarch---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64--> Processing Dependency: python-ipaddress for package: python2-cryptography-1.7.2-2.el7.x86_64--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64---> Package python2-jmespath.noarch 0:0.9.0-3.el7 will be installed---> Package sshpass.x86_64 0:1.06-2.el7 will be installed--> Running transaction check---> Package libyaml.x86_64 0:0.1.4-11.el7_0 will be installed---> Package python-babel.noarch 0:0.9.6-8.el7 will be installed---> Package python-backports-ssl_match_hostname.noarch 0:3.5.0.1-1.el7 will be installed--> Processing Dependency: python-backports for package: python-backports-ssl_match_hostname-3.5.0.1-1.el7.noarch---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed---> Package python-idna.noarch 0:2.4-1.el7 will be installed---> Package python-ipaddress.noarch 0:1.0.16-2.el7 will be installed---> Package python-markupsafe.x86_64 0:0.11-10.el7 will be installed---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed--> Running transaction check---> Package python-backports.x86_64 0:1.0-8.el7 will be installed---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch--> Running transaction check---> Package python-ply.noarch 0:3.4-11.el7 will be installed--> Finished Dependency ResolutionDependencies Resolved================================================================================================ Package Arch Version Repository Size================================================================================================Installing: ansible noarch 2.4.2.0-2.el7 extras 7.6 MInstalling for dependencies: PyYAML x86_64 3.10-11.el7 base 153 k libyaml x86_64 0.1.4-11.el7_0 base 55 k python-babel noarch 0.9.6-8.el7 base 1.4 M python-backports x86_64 1.0-8.el7 base 5.8 k python-backports-ssl_match_hostname noarch 3.5.0.1-1.el7 base 13 k python-cffi x86_64 1.6.0-5.el7 base 218 k python-enum34 noarch 1.0.4-1.el7 base 52 k python-httplib2 noarch 0.9.2-1.el7 extras 115 k python-idna noarch 2.4-1.el7 base 94 k python-ipaddress noarch 1.0.16-2.el7 base 34 k python-jinja2 noarch 2.7.2-3.el7_6 updates 518 k python-markupsafe x86_64 0.11-10.el7 base 25 k python-paramiko noarch 2.1.1-9.el7 updates 269 k python-passlib noarch 1.6.5-2.el7 extras 488 k python-ply noarch 3.4-11.el7 base 123 k python-pycparser noarch 2.14-1.el7 base 104 k python-setuptools noarch 0.9.8-7.el7 base 397 k python2-cryptography x86_64 1.7.2-2.el7 base 502 k python2-jmespath noarch 0.9.0-3.el7 extras 39 k python2-pyasn1 noarch 0.1.9-7.el7 base 100 k sshpass x86_64 1.06-2.el7 extras 21 kTransaction Summary================================================================================================Install 1 Package (+21 Dependent packages)Total download size: 12 MInstalled size: 60 MDownloading packages:(1/22): PyYAML-3.10-11.el7.x86_64.rpm | 153 kB 00:00:00(2/22): libyaml-0.1.4-11.el7_0.x86_64.rpm | 55 kB 00:00:00(3/22): python-backports-1.0-8.el7.x86_64.rpm | 5.8 kB 00:00:00(4/22): python-backports-ssl_match_hostname-3.5.0.1-1.el7.noarch.rpm | 13 kB 00:00:00(5/22): python-cffi-1.6.0-5.el7.x86_64.rpm | 218 kB 00:00:00(6/22): python-enum34-1.0.4-1.el7.noarch.rpm | 52 kB 00:00:00(7/22): python-idna-2.4-1.el7.noarch.rpm | 94 kB 00:00:00(8/22): python-ipaddress-1.0.16-2.el7.noarch.rpm | 34 kB 00:00:00(9/22): python-markupsafe-0.11-10.el7.x86_64.rpm | 25 kB 00:00:00(10/22): python-babel-0.9.6-8.el7.noarch.rpm | 1.4 MB 00:00:00(11/22): python-httplib2-0.9.2-1.el7.noarch.rpm | 115 kB 00:00:00(12/22): python-paramiko-2.1.1-9.el7.noarch.rpm | 269 kB 00:00:00(13/22): python-pycparser-2.14-1.el7.noarch.rpm | 104 kB 00:00:00(14/22): python-setuptools-0.9.8-7.el7.noarch.rpm | 397 kB 00:00:00(15/22): python-passlib-1.6.5-2.el7.noarch.rpm | 488 kB 00:00:00(16/22): python2-jmespath-0.9.0-3.el7.noarch.rpm | 39 kB 00:00:00(17/22): python2-cryptography-1.7.2-2.el7.x86_64.rpm | 502 kB 00:00:00(18/22): sshpass-1.06-2.el7.x86_64.rpm | 21 kB 00:00:00(19/22): python-jinja2-2.7.2-3.el7_6.noarch.rpm | 518 kB 00:00:01(20/22): python2-pyasn1-0.1.9-7.el7.noarch.rpm | 100 kB 00:00:01(21/22): ansible-2.4.2.0-2.el7.noarch.rpm | 7.6 MB 00:00:04(22/22): python-ply-3.4-11.el7.noarch.rpm | 123 kB 00:00:05------------------------------------------------------------------------------------------------Total 1.7 MB/s | 12 MB 00:00:07Running transaction checkRunning transaction testTransaction test succeededRunning transaction Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/22 Installing : python-ipaddress-1.0.16-2.el7.noarch 2/22 Installing : python-httplib2-0.9.2-1.el7.noarch 3/22 Installing : python-enum34-1.0.4-1.el7.noarch 4/22 Installing : libyaml-0.1.4-11.el7_0.x86_64 5/22 Installing : PyYAML-3.10-11.el7.x86_64 6/22 Installing : python-backports-1.0-8.el7.x86_64 7/22 Installing : python-backports-ssl_match_hostname-3.5.0.1-1.el7.noarch 8/22 Installing : python-setuptools-0.9.8-7.el7.noarch 9/22 Installing : python-babel-0.9.6-8.el7.noarch 10/22 Installing : python-passlib-1.6.5-2.el7.noarch 11/22 Installing : python-ply-3.4-11.el7.noarch 12/22 Installing : python-pycparser-2.14-1.el7.noarch 13/22 Installing : python-cffi-1.6.0-5.el7.x86_64 14/22 Installing : python-markupsafe-0.11-10.el7.x86_64 15/22 Installing : python-jinja2-2.7.2-3.el7_6.noarch 16/22 Installing : python-idna-2.4-1.el7.noarch 17/22 Installing : python2-cryptography-1.7.2-2.el7.x86_64 18/22 Installing : python-paramiko-2.1.1-9.el7.noarch 19/22 Installing : sshpass-1.06-2.el7.x86_64 20/22 Installing : python2-jmespath-0.9.0-3.el7.noarch 21/22 Installing : ansible-2.4.2.0-2.el7.noarch 22/22 Verifying : python-backports-ssl_match_hostname-3.5.0.1-1.el7.noarch 1/22 Verifying : python2-jmespath-0.9.0-3.el7.noarch 2/22 Verifying : sshpass-1.06-2.el7.x86_64 3/22 Verifying : python-setuptools-0.9.8-7.el7.noarch 4/22 Verifying : python-jinja2-2.7.2-3.el7_6.noarch 5/22 Verifying : python-idna-2.4-1.el7.noarch 6/22 Verifying : python-markupsafe-0.11-10.el7.x86_64 7/22 Verifying : python-ply-3.4-11.el7.noarch 8/22 Verifying : python-passlib-1.6.5-2.el7.noarch 9/22 Verifying : python-paramiko-2.1.1-9.el7.noarch 10/22 Verifying : python-babel-0.9.6-8.el7.noarch 11/22 Verifying : python-backports-1.0-8.el7.x86_64 12/22 Verifying : python-cffi-1.6.0-5.el7.x86_64 13/22 Verifying : python-pycparser-2.14-1.el7.noarch 14/22 Verifying : libyaml-0.1.4-11.el7_0.x86_64 15/22 Verifying : ansible-2.4.2.0-2.el7.noarch 16/22 Verifying : python-ipaddress-1.0.16-2.el7.noarch 17/22 Verifying : python-enum34-1.0.4-1.el7.noarch 18/22 Verifying : python-httplib2-0.9.2-1.el7.noarch 19/22 Verifying : python2-pyasn1-0.1.9-7.el7.noarch 20/22 Verifying : PyYAML-3.10-11.el7.x86_64 21/22 Verifying : python2-cryptography-1.7.2-2.el7.x86_64 22/22Installed: ansible.noarch 0:2.4.2.0-2.el7Dependency Installed: PyYAML.x86_64 0:3.10-11.el7 libyaml.x86_64 0:0.1.4-11.el7_0 python-babel.noarch 0:0.9.6-8.el7 python-backports.x86_64 0:1.0-8.el7 python-backports-ssl_match_hostname.noarch 0:3.5.0.1-1.el7 python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 python-httplib2.noarch 0:0.9.2-1.el7 python-idna.noarch 0:2.4-1.el7 python-ipaddress.noarch 0:1.0.16-2.el7 python-jinja2.noarch 0:2.7.2-3.el7_6 python-markupsafe.x86_64 0:0.11-10.el7 python-paramiko.noarch 0:2.1.1-9.el7 python-passlib.noarch 0:1.6.5-2.el7 python-ply.noarch 0:3.4-11.el7 python-pycparser.noarch 0:2.14-1.el7 python-setuptools.noarch 0:0.9.8-7.el7 python2-cryptography.x86_64 0:1.7.2-2.el7 python2-jmespath.noarch 0:0.9.0-3.el7 python2-pyasn1.noarch 0:0.1.9-7.el7 sshpass.x86_64 0:1.06-2.el7Complete![root@AnsibleManager ~]#[root@AnsibleManager ~]# rpm -qa | grep ansibleansible-2.4.2.0-2.el7.noarch[root@AnsibleManager ~]#

2、在管理机生成密钥

[root@AnsibleManager ~]# ssh-keygen #连续回车即可Generating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa):Enter passphrase (empty for no passphrase):Enter same passphrase again: Your identification has been saved in root/.ssh/id_rsa.Your public key has been saved in root/.ssh/id_rsa.pub.The key fingerprint is:48:21:36:93:c3:c7:bb:d3:6d:f2:74:04:ea:4c:91:ba root@AnsibleManagerThe key's randomart image is:+--[ RSA 2048]----+| .=o. . || .++o.o . || o.o o . || .o.o . || .BS. . || E = + . || . = . || . || |+-----------------+

3、将公钥写入客户机

[root@AnsibleManager ~]#ssh-copy-id -i 20.20.20.115

4、管理主机修改配置文件添加客户机到hosts

host_key_checking这个就是主机键检查，我们默认使用ssh连接一个主机会提示是/否的提示，就是信任这个主机的密钥。

5、使用ansible模块

查看ansible模块的个数

[root@AnsibleManager ~]# ansible-doc -l | wc -l1378[root@AnsibleManager ~]#

6、在管理机执行ping命令

[root@AnsibleManager ~]# ansible all -m ping20.20.20.117 | SUCCESS => { "changed": false, "ping": "pong"}20.20.20.116 | SUCCESS => { "changed": false, "ping": "pong"}20.20.20.115 | SUCCESS => { "changed": false, "ping": "pong"}[root@AnsibleManager ~]#

Ansible命令

1、基本命令

ansible：主程序，临时命令执行工具ansible-doc：查看配置文档，模块功能查看工具ansible-galaxy：下载/上传优秀代码或Roles模块的官方平台ansible-lint：对playbook的语法进行检查的一个工具ansible-playbook：定制自动化任务，编排剧本工具ansible-pull：远程执行命令的工具ansible-vault：文件加密工具ansible-console：基于console界面与用户交互的执行工具

2、配置文件

/etc/ansible/ansible.cfg 主配置文件，配置ansible工作特性/etc/ansible/hosts 主机清单/etc/ansible/roles 存放角色的目录

（1）、ansible.cfg的配置参考Configuring Ansible，主要留意inventory、forks、poll_interval、remote_port、log_path等参数。

（2）、hosts文件有一个特性很棒，可以指定变量，例如：

[node]20.20.20.115[node:vars]ansible_ssh_pass='123456'ansible_ssh_port=22

（3）、内置变量小结：

#主机名ansible_ssh_host#端口号ansible_ssh_port#用户名ansible_ssh_user#密码ansible_ssh_pass#使用sudo连接用户时的密码ansible_sudo_pass#密钥文件如果不想使用ssh-agent管理时可以使用此选项ansible_ssh_private_key_file#shell的类型默认shansible_shell_type#SSH连接的类型ansible_connection#指定python解释器的路径ansible_python_interpreter

2、ansible命令用法

格式：ansible [-m module_name] [options]

ansible是指令核心部分，其主要用于执行ad-hoc命令，即单条命令。默认后面需要跟主机和选项部分，默认不指定模块时，使用的是command模块。command模块不是调用的shell的指令，所以没有bash的环境变量，也不能使用shell的一些操作方式，其他和shell模块没有区别。

例子：

1、查看所有主机

[root@AnsibleManager ~]# ansible all --list-hosts hosts (3): 20.20.20.115 20.20.20.116 20.20.20.117[root@AnsibleManager ~]#

2、查看node组

[root@AnsibleManager ~]# ansible node --list-hosts hosts (3): 20.20.20.115 20.20.20.116 20.20.20.117[root@AnsibleManager ~]#

3、测试连通性

[root@AnsibleManager ~]# ansible all -m ping20.20.20.116 | SUCCESS => { "changed": false, "ping": "pong"}20.20.20.117 | SUCCESS => { "changed": false, "ping": "pong"}20.20.20.115 | SUCCESS => { "changed": false, "ping": "pong"}[root@AnsibleManager ~]#

4、查看客户机的内存

[root@AnsibleManager ~]# ansible all -m command -a "free -h"20.20.20.117 | SUCCESS | rc=0 >> total used free shared buff/cache availableMem: 3.7G 135M 2.6G 8.6M 1.0G 3.3GSwap: 3.9G 0B 3.9G20.20.20.116 | SUCCESS | rc=0 >> total used free shared buff/cache availableMem: 3.7G 132M 2.6G 8.6M 1.0G 3.4GSwap: 3.9G 0B 3.9G20.20.20.115 | SUCCESS | rc=0 >> total used free shared buff/cache availableMem: 3.7G 136M 2.6G 8.6M 995M 3.3GSwap: 3.9G 0B 3.9G[root@AnsibleManager ~]#

5、客户机执行管理机脚本

[root@AnsibleManager ~]# cp bin/echo ~/echo.sh[root@AnsibleManager ~]# ansible all -m script -a "~/echo.sh hello" -vvvansible 2.4.2.0 config file = etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = usr/lib/python2.7/site-packages/ansible executable location = usr/bin/ansible python version = 2.7.5 (default, Apr 9 2019, 14:30:50) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]Using etc/ansible/ansible.cfg as config fileParsed etc/ansible/hosts inventory source with ini pluginMETA: ran handlers<20.20.20.116> ESTABLISH SSH CONNECTION FOR USER: None<20.20.20.116> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/c444f6fcda 20.20.20.116 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''<20.20.20.115> ESTABLISH SSH CONNECTION FOR USER: None<20.20.20.115> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/8e2535f448 20.20.20.115 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''<20.20.20.117> ESTABLISH SSH CONNECTION FOR USER: None<20.20.20.117> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/414dfa7f17 20.20.20.117 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''<20.20.20.115> (0, '/root\n', '')<20.20.20.115> ESTABLISH SSH CONNECTION FOR USER: None<20.20.20.115> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/8e2535f448 20.20.20.115 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo root/.ansible/tmp/ansible-tmp-1558101771.62-193971390990574 `" && echo ansible-tmp-1558101771.62-193971390990574="` echo root/.ansible/tmp/ansible-tmp-1558101771.62-193971390990574 `" ) && sleep 0'"'"''<20.20.20.116> (0, '/root\n', '')<20.20.20.116> ESTABLISH SSH CONNECTION FOR USER: None<20.20.20.116> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/c444f6fcda 20.20.20.116 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo root/.ansible/tmp/ansible-tmp-1558101771.62-142502177639633 `" && echo ansible-tmp-1558101771.62-142502177639633="` echo root/.ansible/tmp/ansible-tmp-1558101771.62-142502177639633 `" ) && sleep 0'"'"''<20.20.20.115> (0, 'ansible-tmp-1558101771.62-193971390990574=/root/.ansible/tmp/ansible-tmp-1558101771.62-193971390990574\n', '')<20.20.20.115> PUT root/echo.sh TO root/.ansible/tmp/ansible-tmp-1558101771.62-193971390990574/echo.sh<20.20.20.115> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/8e2535f448 '[20.20.20.115]'<20.20.20.116> (0, 'ansible-tmp-1558101771.62-142502177639633=/root/.ansible/tmp/ansible-tmp-1558101771.62-142502177639633\n', '')<20.20.20.116> PUT root/echo.sh TO root/.ansible/tmp/ansible-tmp-1558101771.62-142502177639633/echo.sh<20.20.20.116> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/c444f6fcda '[20.20.20.116]'<20.20.20.117> (0, '/root\n', '')<20.20.20.117> ESTABLISH SSH CONNECTION FOR USER: None<20.20.20.117> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/414dfa7f17 20.20.20.117 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo root/.ansible/tmp/ansible-tmp-1558101771.66-76915174353255 `" && echo ansible-tmp-1558101771.66-76915174353255="` echo root/.ansible/tmp/ansible-tmp-1558101771.66-76915174353255 `" ) && sleep 0'"'"''<20.20.20.117> (0, 'ansible-tmp-1558101771.66-76915174353255=/root/.ansible/tmp/ansible-tmp-1558101771.66-76915174353255\n', '')<20.20.20.117> PUT root/echo.sh TO root/.ansible/tmp/ansible-tmp-1558101771.66-76915174353255/echo.sh<20.20.20.117> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/414dfa7f17 '[20.20.20.117]'<20.20.20.115> (0, 'sftp> put root/echo.sh root/.ansible/tmp/ansible-tmp-1558101771.62-193971390990574/echo.sh\n', '')<20.20.20.115> ESTABLISH SSH CONNECTION FOR USER: None<20.20.20.116> (0, 'sftp> put root/echo.sh root/.ansible/tmp/ansible-tmp-1558101771.62-142502177639633/echo.sh\n', '')<20.20.20.115> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/8e2535f448 20.20.20.115 '/bin/sh -c '"'"'chmod u+x root/.ansible/tmp/ansible-tmp-1558101771.62-193971390990574/ root/.ansible/tmp/ansible-tmp-1558101771.62-193971390990574/echo.sh && sleep 0'"'"''<20.20.20.116> ESTABLISH SSH CONNECTION FOR USER: None<20.20.20.116> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/c444f6fcda 20.20.20.116 '/bin/sh -c '"'"'chmod u+x root/.ansible/tmp/ansible-tmp-1558101771.62-142502177639633/ root/.ansible/tmp/ansible-tmp-1558101771.62-142502177639633/echo.sh && sleep 0'"'"''<20.20.20.115> (0, '', '')<20.20.20.115> ESTABLISH SSH CONNECTION FOR USER: None<20.20.20.115> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/8e2535f448 -tt 20.20.20.115 '/bin/sh -c '"'"' root/.ansible/tmp/ansible-tmp-1558101771.62-193971390990574/echo.sh hello && sleep 0'"'"''<20.20.20.116> (0, '', '')<20.20.20.116> ESTABLISH SSH CONNECTION FOR USER: None<20.20.20.116> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/c444f6fcda -tt 20.20.20.116 '/bin/sh -c '"'"' root/.ansible/tmp/ansible-tmp-1558101771.62-142502177639633/echo.sh hello && sleep 0'"'"''<20.20.20.117> (0, 'sftp> put root/echo.sh root/.ansible/tmp/ansible-tmp-1558101771.66-76915174353255/echo.sh\n', '')<20.20.20.117> ESTABLISH SSH CONNECTION FOR USER: None<20.20.20.117> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/414dfa7f17 20.20.20.117 '/bin/sh -c '"'"'chmod u+x root/.ansible/tmp/ansible-tmp-1558101771.66-76915174353255/ root/.ansible/tmp/ansible-tmp-1558101771.66-76915174353255/echo.sh && sleep 0'"'"''<20.20.20.115> (0, 'hello\r\n', 'Shared connection to 20.20.20.115 closed.\r\n')<20.20.20.115> ESTABLISH SSH CONNECTION FOR USER: None<20.20.20.115> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/8e2535f448 20.20.20.115 '/bin/sh -c '"'"'rm -f -r root/.ansible/tmp/ansible-tmp-1558101771.62-193971390990574/ > dev/null 2>&1 && sleep 0'"'"''<20.20.20.116> (0, 'hello\r\n', 'Shared connection to 20.20.20.116 closed.\r\n')<20.20.20.116> ESTABLISH SSH CONNECTION FOR USER: None<20.20.20.116> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/c444f6fcda 20.20.20.116 '/bin/sh -c '"'"'rm -f -r root/.ansible/tmp/ansible-tmp-1558101771.62-142502177639633/ > dev/null 2>&1 && sleep 0'"'"''<20.20.20.117> (0, '', '')<20.20.20.117> ESTABLISH SSH CONNECTION FOR USER: None<20.20.20.117> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/414dfa7f17 -tt 20.20.20.117 '/bin/sh -c '"'"' root/.ansible/tmp/ansible-tmp-1558101771.66-76915174353255/echo.sh hello && sleep 0'"'"''<20.20.20.115> (0, '', '')<20.20.20.116> (0, '', '')20.20.20.115 | SUCCESS => { "changed": true, "rc": 0, "stderr": "Shared connection to 20.20.20.115 closed.\r\n", "stdout": "hello\r\n", "stdout_lines": [ "hello" ]}20.20.20.116 | SUCCESS => { "changed": true, "rc": 0, "stderr": "Shared connection to 20.20.20.116 closed.\r\n", "stdout": "hello\r\n", "stdout_lines": [ "hello" ]}<20.20.20.117> (0, 'hello\r\n', 'Shared connection to 20.20.20.117 closed.\r\n')<20.20.20.117> ESTABLISH SSH CONNECTION FOR USER: None<20.20.20.117> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/414dfa7f17 20.20.20.117 '/bin/sh -c '"'"'rm -f -r root/.ansible/tmp/ansible-tmp-1558101771.66-76915174353255/ > dev/null 2>&1 && sleep 0'"'"''<20.20.20.117> (0, '', '')20.20.20.117 | SUCCESS => { "changed": true, "rc": 0, "stderr": "Shared connection to 20.20.20.117 closed.\r\n", "stdout": "hello\r\n", "stdout_lines": [ "hello" ]}META: ran handlersMETA: ran handlers

6、在客户机执行客户机脚本

7、向客户机拷贝文件

[root@AnsibleManager ~]# ansible all -m copy -a "src=/root/sshkeys.sh dest=/root/"20.20.20.116 | SUCCESS => { "changed": true, "checksum": "9c40d1212336753e748d97051a5d77e459be2943", "dest": "/root/sshkeys.sh", "gid": 0, "group": "root", "md5sum": "41a245319bfe293b42c469ba4cb2a1c0", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:admin_home_t:s0", "size": 696, "src": "/root/.ansible/tmp/ansible-tmp-1558102202.03-181046778892912/source", "state": "file", "uid": 0}20.20.20.115 | SUCCESS => { "changed": true, "checksum": "9c40d1212336753e748d97051a5d77e459be2943", "dest": "/root/sshkeys.sh", "gid": 0, "group": "root", "md5sum": "41a245319bfe293b42c469ba4cb2a1c0", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:admin_home_t:s0", "size": 696, "src": "/root/.ansible/tmp/ansible-tmp-1558102202.01-212041083500994/source", "state": "file", "uid": 0}20.20.20.117 | SUCCESS => { "changed": true, "checksum": "9c40d1212336753e748d97051a5d77e459be2943", "dest": "/root/sshkeys.sh", "gid": 0, "group": "root", "md5sum": "41a245319bfe293b42c469ba4cb2a1c0", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:admin_home_t:s0", "size": 696, "src": "/root/.ansible/tmp/ansible-tmp-1558102202.06-51976641810329/source", "state": "file", "uid": 0}[root@AnsibleManager ~]#默认只有0644 权限

8、向客户机拷贝文件并赋予用户和用户组、权限

[root@AnsibleManager ~]# ansible all -m copy -a "src=/root/sshkeys.sh dest=/root/ owner=root group=root mode=0777"20.20.20.115 | SUCCESS => { "changed": true, "checksum": "9c40d1212336753e748d97051a5d77e459be2943", "dest": "/root/sshkeys.sh", "gid": 0, "group": "root", "md5sum": "41a245319bfe293b42c469ba4cb2a1c0", "mode": "0777", "owner": "root", "secontext": "system_u:object_r:admin_home_t:s0", "size": 696, "src": "/root/.ansible/tmp/ansible-tmp-1558102510.88-133585721296753/source", "state": "file", "uid": 0}20.20.20.117 | SUCCESS => { "changed": true, "checksum": "9c40d1212336753e748d97051a5d77e459be2943", "dest": "/root/sshkeys.sh", "gid": 0, "group": "root", "md5sum": "41a245319bfe293b42c469ba4cb2a1c0", "mode": "0777", "owner": "root", "secontext": "system_u:object_r:admin_home_t:s0", "size": 696, "src": "/root/.ansible/tmp/ansible-tmp-1558102510.88-179666642737881/source", "state": "file", "uid": 0}20.20.20.116 | SUCCESS => { "changed": true, "checksum": "9c40d1212336753e748d97051a5d77e459be2943", "dest": "/root/sshkeys.sh", "gid": 0, "group": "root", "md5sum": "41a245319bfe293b42c469ba4cb2a1c0", "mode": "0777", "owner": "root", "secontext": "system_u:object_r:admin_home_t:s0", "size": 696, "src": "/root/.ansible/tmp/ansible-tmp-1558102510.9-74274375839150/source", "state": "file", "uid": 0}[root@AnsibleManager ~]#

9、后台执行命令

[root@AnsibleManager ~]# ansible all -m ping -B 3600 -P 020.20.20.116 | SUCCESS => { "ansible_job_id": "695620464400.23899", "changed": true, "finished": 0, "results_file": "/root/.ansible_async/695620464400.23899", "started": 1}20.20.20.117 | SUCCESS => { "ansible_job_id": "696234446604.23133", "changed": true, "finished": 0, "results_file": "/root/.ansible_async/696234446604.23133", "started": 1}20.20.20.115 | SUCCESS => { "ansible_job_id": "826790091340.24217", "changed": true, "finished": 0, "results_file": "/root/.ansible_async/826790091340.24217", "started": 1}[root@AnsibleManager ~]#

3、ansible-doc命令用法

格式：ansible-doc [options] [module...]

例子：

#查看总共有哪些模块ansible -l#显示某个模块的用法ansible-doc ping#显示某个模块在playbooks中的代码片段ansible-doc -s ping

3、通配符用法

匹配所有主机，相当于all

[root@AnsibleManager ~]# ansible '*' -m ping20.20.20.116 | SUCCESS => { "changed": false, "ping": "pong"}20.20.20.115 | SUCCESS => { "changed": false, "ping": "pong"}20.20.20.117 | SUCCESS => { "changed": false, "ping": "pong"}[root@AnsibleManager ~]#

匹配含有node的主机组

[root@AnsibleManager ~]# ansible '*node' -m ping20.20.20.117 | SUCCESS => { "changed": false, "ping": "pong"}20.20.20.116 | SUCCESS => { "changed": false, "ping": "pong"}20.20.20.115 | SUCCESS => { "changed": false, "ping": "pong"}[root@AnsibleManager ~]#

匹配ip为115-117的主机

[root@AnsibleManager ~]# ansible '20.20.20.11?' -m ping20.20.20.116 | SUCCESS => { "changed": false, "ping": "pong"}20.20.20.115 | SUCCESS => { "changed": false, "ping": "pong"}20.20.20.117 | SUCCESS => { "changed": false, "ping": "pong"}[root@AnsibleManager ~]#

逻辑与（表示匹配的主机同时在node组合server组中）

[root@AnsibleManager ~]# ansible 'node:&server' --list hosts (1): 20.20.20.116[root@AnsibleManager ~]#

逻辑非（表示匹配主机同时不在node组合server组中）

[root@AnsibleManager ~]# ansible 'node:!server' --list hosts (1): 20.20.20.115[root@AnsibleManager ~]#

如何在智能告警平台CA触发测试告警

882 2022-10-15

Ansible入门安装

如何在智能告警平台CA触发测试告警

AIOps 一场颠覆传统运维的盛筵

AIOps 平台的误解，挑战及建议（中），AIOps常见的误解