原

Ansible 安装与简介

8314人阅读 2021/3/15 13:52 总访问：3721148 评论：0 收藏：0 手机

分类: Ansible

![ansible](https://img.tnblog.net/arcimg/hb/e283c36cf43847558bcb2c8461e20850.jpg "ansible")
># Ansible 安装与简介
[TOC]

Ansible简介
------------

tn>Ansible是您安装在控制节点上的无代理自动化工具。Ansible从控制节点远程管理计算机和其他设备（默认情况下，通过SSH协议）。

Ansible安装
------------
### 环境

![](https://img.tnblog.net/arcimg/hb/8900e305b5264145b5bbf2bbbcf6e569.png)

### rpm包安装

```bash
# 在Master上安装ansible
yum install ansible -y
# 查看ansible的相关文件
rpm -ql ansible
```

### 编译安装

```bash
#下载到本地(当前最新版本ansible-2.9.13.tar.gz)
wget -O ansible-2.9.13.tar.gz https://files.pythonhosted.org/packages/32/62/eec759cd8ac89a866df1aba91abf785486fed7774188a41f42f5c7326dcb/ansible-2.9.13.tar.gz
#解压
tar -xzvf ansible-2.9.13.tar.gz
#进入更新目录
cd ansible-2.9.13/
#更新
python setup.py install
```

相关文件
------------

### 配置文件

### 程序应用文件

<p style="
font-weight: 400;
line-height: 1.5;
color: #212529;
-webkit-tap-highlight-color: transparent;
box-sizing: border-box;
padding: 0px 20px 20px 20px;
border: 1px solid #e9ecef;
border-left-width: .25rem;
border-radius: .25rem;
display: block;
border-left-color: #5bc0de;">
/usr/bin/ansible 主程序，临时命令执行工具
/usr/bin/ansible-doc 查看配置文档，模块功能查看工具
/usr/bin/ansible-galaxy 下载/上传优秀代码或Roles模块的官方平台
/usr/bin/ansible-playbook 定制自动化任务，编排剧本工具/usr/bin/ansible-pull远程执行命令的工具
/usr/bin/ansible-vault 文件加密工具
/usr/bin/ansible-console 基于Console界面与用户交互的执行工具

主机清单inventory
------------

<p style="
font-weight: 400;
line-height: 1.5;
color: #212529;
-webkit-tap-highlight-color: transparent;
box-sizing: border-box;
padding: 0px 20px 20px 20px;
border: 1px solid #e9ecef;
border-left-width: .25rem;
border-radius: .25rem;
display: block;
border-left-color: #5bc0de;">
ansible的主要功用在与批量主机操作，为了便捷地使用其中的部分主机，可以在inventory file中将其分组命名
默认的inventory file为/etc/ansible/hosts
inventory file可以有多个，且也可以通过Dynamic Inventory来动态生成

### 运用ping模块进行测试

```bash
# ansible 10.211.55.5 -m ping
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match
'all'
[WARNING]: Could not match supplied host pattern, ignoring: 10.211.55.5
```

```bash
10.211.55.5
10.211.55.6
```

```bash
# ansible 10.211.55.5 -m ping
The authenticity of host '10.211.55.5 (10.211.55.5)' can't be established.
ECDSA key fingerprint is SHA256:zgJwK5DOvrR+/ntWGo5SgKXfoqFfyM5Y6ISCyGKmYwM.
ECDSA key fingerprint is MD5:da:99:9f:63:09:3d:d3:b7:a1:80:f5:ca:d1:80:d6:7c.
Are you sure you want to continue connecting (yes/no)? yes
10.211.55.5 | UNREACHABLE! => {
 "changed": false, 
 "msg": "Failed to connect to the host via ssh: Warning: Permanently added '10.211.55.5' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", 
 "unreachable": true
}
```
<p style="
font-weight: 400;
line-height: 1.5;
color: #212529;
-webkit-tap-highlight-color: transparent;
box-sizing: border-box;
padding: 0px 20px 20px 20px;
border: 1px solid #e9ecef;
border-left-width: .25rem;
border-radius: .25rem;
display: block;
border-left-color: #5bc0de;">
显然我们可以直观的看到走的是SSH的方式，可是为什么还是报错呢？
因为你通过SSH的方式去走一般都需要输入密码所以加上`-k`参数可以按照常规方式执行模块

```bash
# ansible 10.211.55.5 -m ping -k
SSH password:
10.211.55.5 | FAILED! => {
    "msg": "to use the 'ssh' connection type with passwords, you must install the sshpass program"
}
```

```bash
# yum install sshpass -y
...
# ansible 10.211.55.5 -m ping -k
SSH password: 
10.211.55.5 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
```

### 运用ping模块进行多主机测试

```bash
# ansible 10.211.55.5,10.211.55.6 -m ping -k
SSH password: 
10.211.55.6 | FAILED! => {
    "msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this.  Please add this host's fingerprint to your known_hosts file to manage this host."
}
10.211.55.5 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
```

第一和第二个问题是因为本地没有`10.211.55.6`的ssh所以我们先单个访问在一同访问

```bash
# ssh 10.211.55.6
# exit
# ansible 10.211.55.5,10.211.55.6 -m ping -k
SSH password: 
10.211.55.5 | SUCCESS => {
 "ansible_facts": {
 "discovered_interpreter_python": "/usr/bin/python"
 }, 
 "changed": false, 
 "ping": "pong"
}
10.211.55.6 | SUCCESS => {
 "ansible_facts": {
 "discovered_interpreter_python": "/usr/bin/python"
 }, 
 "changed": false, 
 "ping": "pong"
}
```

```bash
# ansible all -m ping -k
SSH password:
10.211.55.5 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false,
    "ping": "pong"
}
10.211.55.6 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": false,
    "ping": "pong"
}
```

### Host分组

<p style="
font-weight: 400;
line-height: 1.5;
color: #212529;
-webkit-tap-highlight-color: transparent;
box-sizing: border-box;
padding: 0px 20px 20px 20px;
border: 1px solid #e9ecef;
border-left-width: .25rem;
border-radius: .25rem;
display: block;
border-left-color: #5bc0de;">
inventory文件遵循INI文件风格，中括号中的字符为组名。可以将同一个主机同时归并到多个不同的组中；此外，当目标主机使用了非默认的SSH端口，还可以在主机名称之后使用冒号加端口号来标明.
接下来我们来举例（将ip分为两个组）：

```bash
# vim /etc/ansible/hosts
[webserver]
10.211.55.5
10.211.55.6

[dbserver]
10.211.55.5
```
<p style="
font-weight: 400;
line-height: 1.5;
color: #212529;
-webkit-tap-highlight-color: transparent;
box-sizing: border-box;
padding: 0px 20px 20px 20px;
border: 1px solid #e9ecef;
border-left-width: .25rem;
border-radius: .25rem;
display: block;
border-left-color: #5bc0de;">
我们也可以通过指定几到几到方式进行创建组（比如1-10，这里只有5与6所以我这里就写5-6的式例）

```bash
# vim /etc/ansible/hosts
[apiserver]
10.211.55.[5:6]
```
<p style="
font-weight: 400;
line-height: 1.5;
color: #212529;
-webkit-tap-highlight-color: transparent;
box-sizing: border-box;
padding: 0px 20px 20px 20px;
border: 1px solid #e9ecef;
border-left-width: .25rem;
border-radius: .25rem;
display: block;
border-left-color: #5bc0de;">
域名的方式同样可行，我这里的域名如下，如果我们需要配置子机可以按照如下配置

![](https://img.tnblog.net/arcimg/hb/44c1a4af4759435aac9f3594c363668d.png)

```bash
# vim /etc/ansible/hosts
[domainserver]
rabbitmqslave[1:2]
```

```bash
# vim /etc/ansible/hosts
[domainserver]
rabbitmqslave[1:2]:2222
```

### 按组访问

```bash
# ansible webserver -m ping -k
SSH password: 
10.211.55.5 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
10.211.55.6 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
```

欢迎加群讨论技术，1群：677373950(满了，可以加，但通过不了)，2群：656732739

👈{{preArticle.title}}

👉{{nextArticle.title}}

评价

尘叶心繁

这一世以无限游戏为使命！

博主信息

排名

文章

粉丝

文章类别

.net后台框架 203篇

linux 18篇

linux中cve 1篇

windows中cve 0篇

资源分享 11篇

Win32 3篇

前端 28篇

传说中的c 5篇

Xamarin 9篇

docker 15篇

容器编排 105篇

grpc 4篇

Go 15篇

yaml模板 1篇

理论 2篇

Ansible 安装与简介

{{titleitem}} {{titleitem}}

{{titleitem}} {{titleitem}}