ansible 安装&测试

xiajs

浏览: 365470 次
性别:
来自: 阿里巴巴

最近访客更多访客>>

makeshow

morelily

u012363178

wangyy

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

本文所有资料和实例是结合官方文档，以及自己实际测试所得。
原始资料：http://ansible.cc/docs/
测试时所用系统centos6u2，使用python2.6.6，所用账户为yakamoz，yakamoz具有无密码使用sudo命令的权限

一、ansible 安装
1、软件包安装
EPEL已经提供了ansible所需的所有支持软件包，所以在这里使用epel源进行安装：
$sudo rpm -ivh http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm
安装ansible
$sudo yum install ansible -y
===============================================================================
Package                        Arch                  Version                      Repository           Size
===============================================================================
Installing:
ansible                        noarch                1.0-1.el6                    epel                336 k
Installing for dependencies:
PyYAML                         x86_64                3.10-3.el6                   epel                157 k
libyaml                        x86_64                0.1.3-1.el6                  epel                 52 k
python-babel                   noarch                0.9.4-5.1.el6                base                1.4 M
python-crypto                  x86_64                2.0.1-22.el6                 base                159 k
python-jinja2                  x86_64                2.2.1-1.el6                  base                465 k
python-paramiko                noarch                1.7.5-2.1.el6                base                728 k
Transaction Summary
===============================================================================
Install       7 Package(s)
Total download size: 3.3 M
Installed size: 17 M

2、免密钥
在master服务器生成ssh-key，并分发到所有客户端（在这里也许你有更好的方法，至少目前该方法是最简单的实现方式）
$ssh-keygen -t rsa 【一路回车】
$ssh-copy-id -i ~/.ssh/id_rsa.pub【客户端IP地址】

在此过程提示输入客户端密码

3、建立hosts文件
ansible的hosts默认在/etc/ansible/目录中，采用rpm安装的ansible会将该hosts作为范例，其中提示ansible是支持域名和ip两种客户端命名格式的【经过测试是没有问题的】，还介绍了不同的安装分组方法，建议好好看看：
在这里一共两台服务器master和slave，分为两组
$vim /etc/ansbile/hosts
[localhost]
127.0.0.1
[slave]
192.168.30.3

4、测试ansible的使用
在这里使用 ping模块
$ansible slave -i /etc/ansible/hosts -m ping
192.168.30.3 | success >> {
    "changed": false,
    "ping": "pong"
}
解读：从返回值分析，ansible slave节点192.168.30.3的ping值成功。说明ansible的已经能够使用！

二、基本功能模块测试
1、ansible命令格式
$ansible --help
Usage: ansible <host-pattern> [options]
Options:
  -a MODULE_ARGS, --args=MODULE_ARGS
                        module arguments
-k, --ask-pass        ask for SSH password
-K, --ask-sudo-pass   ask for sudo password
-B SECONDS, --background=SECONDS
                        run asynchronously, failing after X seconds
                        (default=N/A)
-c CONNECTION, --connection=CONNECTION
                        connection type to use (default=paramiko)
-f FORKS, --forks=FORKS
                        specify number of parallel processes to use
                        (default=5)
-h, --help            show this help message and exit
  -i INVENTORY, --inventory-file=INVENTORY
                        specify inventory host file
                        (default=/etc/ansible/hosts)
-l SUBSET, --limit=SUBSET
                        further limit selected hosts to an additional pattern
--list-hosts          dump out a list of hosts matching input pattern, does
                        not execute any modules!
-m MODULE_NAME, --module-name=MODULE_NAME
                        module name to execute (default=command)
-M MODULE_PATH, --module-path=MODULE_PATH
                        specify path(s) to module library
                        (default=/usr/share/ansible)
-o, --one-line        condense output
-P POLL_INTERVAL, --poll=POLL_INTERVAL
                        set the poll interval if using -B (default=15)
--private-key=PRIVATE_KEY_FILE
                        use this file to authenticate the connection
  -s, --sudo            run operations with sudo (nopasswd)
  -U SUDO_USER, --sudo-user=SUDO_USER
                        desired sudo user (default=root)
  -T TIMEOUT, --timeout=TIMEOUT
                        override the SSH timeout in seconds (default=10)
-t TREE, --tree=TREE log output to this directory
-u REMOTE_USER, --user=REMOTE_USER
                        connect as this user (default=yakamoz)
-v, --verbose         verbose mode (-vvv for more)
--version             show program's version number and exit

2、模块测试
各模块位置(default=/usr/share/ansible)
各模块使用说明可以用“$ansible-doc 【模块名称】”的方式查询
【copy】
测试文件test.sh
$vim test.sh
#!/bin/sh
Time=`date +"%m-%d %H:%M"`

echo "$Time script testing success!"
测试copy
$ansible all -m copy -a "src=/home/yakamoz/test.sh dest=/tmp/"
192.168.30.3 | success >> {
    "changed": true,
    "dest": "/tmp/test.sh",
    "group": "yakamoz",
    "md5sum": "6c366d017bfc9191113141e8deeda7cd",
    "mode": "0664",
    "owner": "yakamoz",
    "secontext": "unconfined_u:object_r:user_tmp_t:s0",
    "src": "/home/yakamoz/.ansible/tmp/ansible-1366256450.22-43393541768920/test.sh",
    "state": "file"
}
127.0.0.1 | success >> {
    "changed": true,
    "dest": "/tmp/test.sh",
    "group": "yakamoz",
    "md5sum": "6c366d017bfc9191113141e8deeda7cd",
    "mode": "0664",
    "owner": "yakamoz",
    "secontext": "unconfined_u:object_r:user_tmp_t:s0",
    "src": "/home/yakamoz/.ansible/tmp/ansible-1366256450.68-90526948213754/test.sh",
    "state": "file"
}
测试检查
[yakamoz@ansible-slave1 ~]$ ll /tmp/test.sh
-rw-rw-r--. 1 yakamoz yakamoz 75 Apr 17 20:40 /tmp/test.sh
【file】
调用-s 参数，需要客户端能够无密码使用sudo命令；
$ ansible slave -m file -a "dest=/tmp/test.sh mode=755 owner=root group=root" -s
192.168.30.3 | success >> {
    "changed": true,
    "group": "root",
    "mode": "0755",
    "owner": "root",
    "path": "/tmp/test.sh",
    "secontext": "unconfined_u:object_r:user_tmp_t:s0",
    "state": "file"
}
【script】
$ ansible slave -m script -a "/tmp/test.sh"
192.168.30.3 | success >> {
    "rc": 0,
    "stderr": "",
    "stdout": "04-17 22:09 script testing success!\r\n"
}
【shell】
$ ansible slave -m shell -a "/tmp/test.sh"
192.168.30.3 | success | rc=0 >>
04-17 22:10 script testing success!
【group】
$ ansible all -m group -a "name=zj state=present" -s
192.168.30.3 | success >> {
    "changed": true,
    "gid": 501,
    "name": "zj",
    "state": "present",
    "system": "no"
}

127.0.0.1 | success >> {
    "changed": true,
    "gid": 501,
    "name": "zj",
    "state": "present",
    "system": "no"
}
【user】
$ ansible all -m user -a "name=zj group=zj home=/root/zj state=present" -s
192.168.30.3 | success >> {
    "changed": true,
    "comment": "",
    "createhome": true,
    "group": 501,
    "home": "/root/zj",
    "name": "zj",
    "shell": "/bin/bash",
    "state": "present",
    "system": false,
    "uid": 501
}

127.0.0.1 | success >> {
    "changed": true,
    "comment": "",
    "createhome": true,
    "group": 501,
    "home": "/root/zj",
    "name": "zj",
    "shell": "/bin/bash",
    "state": "present",
    "system": false,
    "uid": 501
}
【yum】
可以提供的status：absent,present,installed,removed,latest
ansible slave -m yum -a "name=httpd state=latest" -s
192.168.30.3 | success >> {
    "changed": true,
    "msg": "Warning: RPMDB altered outside of yum.\n",
    "rc": 0,
    "results": [
        "\n================================================================================\n Package            Arch          Version                     Repository   Size\n================================================================================\nUpdating:\n httpd              x86_64        2.2.15-26.el6.centos        base        821 k\nUpdating for dependencies:\n httpd-tools        x86_64        2.2.15-26.el6.centos        base         72 k\n\nTransaction Summary\n================================================================================\nUpgrade       2 Package(s)\n\nTotal download size: 893 k\n\nUpdated:\n httpd.x86_64 0:2.2.15-26.el6.centos                                           \n\nDependency Updated:\n httpd-tools.x86_64 0:2.2.15-26.el6.centos                                     \n\n"
    ]
}
将results结果在echo中显示，结果如下：
================================================================================
Package            Arch          Version                     Repository   Size
================================================================================
Updating:
httpd              x86_64        2.2.15-26.el6.centos        base        821 k
Updating for dependencies:
httpd-tools        x86_64        2.2.15-26.el6.centos        base         72 k

Transaction Summary
================================================================================
Upgrade       2 Package(s)

Total download size: 893 k

Updated:
httpd.x86_64 0:2.2.15-26.el6.centos

Dependency Updated:
httpd-tools.x86_64 0:2.2.15-26.el6.centos
【server】
可以提供的status：running,started,stopped,restarted,reloaded
$ ansible slave -m service -a "name=httpd state=running" -s
192.168.30.3 | success >> {
    "changed": true,
    "name": "httpd",
    "state": "running"
}

二、测试ansible-play
$vim test.yml
---
- hosts: slave
user: yakamoz
sudo: yes
tasks:
- name: no selinux
    action: command /usr/sbin/setenforce 0
- name: no iptables
    action: service name=iptables state=stopped
- name: success
    action: command /bin/bash executable=/tmp/test.sh
$ansible-playbook test.yml -s

PLAY [slave] *********************

GATHERING FACTS *********************
ok: [192.168.30.3]

TASK: [no selinux] *********************
changed: [192.168.30.3]

TASK: [no iptables] *********************
ok: [192.168.30.3]

TASK: [success] *********************
changed: [192.168.30.3]

PLAY RECAP *********************
192.168.30.3                   : ok=4    changed=2    unreachable=0    failed=0

检查结果
[root@ansible-slave1 ~]# tail -f /var/log/messages
Apr 18 00:05:51 localhost ansible-setup: Invoked
Apr 18 00:05:52 localhost ansible-command: Invoked with args=/usr/sbin/setenforce 0 executable=None shell=False chdir=None
Apr 18 00:05:53 localhost ansible-service: Invoked with pattern=None state=stopped enabled=None name=iptables arguments=
Apr 18 00:05:53 localhost ansible-command: Invoked with args=/bin/bash executable=/tmp/test.sh shell=False chdir=None