搭建环境
- 安装Ansible
yum -y install ansible
- 配置主机清单
vim /etc/ansible/hosts
定义主机清单
- 检查主机清单是否添加成功
[root@Client ansible]#ansible all --list-hosts
hosts (3):
host1.centos7
host2.centos7
host3.centos7
[root@Client ansible]#ansible lb --list-hosts
hosts (1):
host1.centos7
[root@Client ansible]#ansible tc --list-hosts
hosts (2):
host2.centos7
host3.centos7
[root@Client ansible]#
- 基于ssh做无密钥认证
[root@Client ansible]#ssh-keygen -t rsa -P ''
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
02:6e:ab:d7:9a:35:54:25:7b:e6:2d:f7:c8:d8:aa:c1 root@Client.centos7
The key's randomart image is:
+--[ RSA 2048]----+
| . . |
| + |
| . o o |
| . . . + . |
| o o S o o |
| . o o * o |
| ..o E . + . |
| ..o.. . . |
| ..o. ... |
+-----------------+
[root@Client ansible]#ssh-copy-id -i ~/.ssh/id_rsa.pub root@host1
The authenticity of host 'host1 (192.168.10.11)' can't be established.
ECDSA key fingerprint is 9a:7d:a7:45:06:e0:7f:f2:d5:9c:35:05:8c:c2:f7:e9.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s),
to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now
it is to install the new keys
root@host1's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@host1'"
and check to make sure that only the key(s) you wanted were added.
[root@Client ansible]#ssh-copy-id -i ~/.ssh/id_rsa.pub root@host2
...
[root@Client ansible]#ssh-copy-id -i ~/.ssh/id_rsa.pub root@host3
...
- 测试 ssh 链接
- 执行简单的ansible命令测试能否管控远程主机
[root@Client ansible]#ansible all -m shell -a "ifconfig ens33"
- 同步时间
创建角色
需要创建三个角色分别为nginx 和 tomcat 以及 jdk
- 编写playbook剧本nt.yml :
- 编写nginx角色的tasks :
- 编写nginx角色的配置文件 :
- 编写nginx角色的handlers :
- 测试一下nginx角色能否成执行:
- 在lb主机上查看进程和端口是否存在:
- 编辑tomcat角色的tasks :
- 编写jdk角色的tasks :
- 编写jdk角色的files/java.sh :
- 编写jdk角色的vars/main.yml :
完善我们的剧本nt.yml
执行我们的剧本
[root@Client ansible]#ansible-playbook nt.yml
PLAY [lb] **********************************************************************
TASK [setup] *******************************************************************
ok: [host1.centos7]
TASK [nginx : install nginx] ***************************************************
ok: [host1.centos7]
TASK [nginx : install conf] ****************************************************
ok: [host1.centos7]
TASK [nginx : start nginx] *****************************************************
ok: [host1.centos7]
PLAY [tc] **********************************************************************
TASK [setup] *******************************************************************
ok: [host3.centos7]
ok: [host2.centos7]
TASK [jdk : install openjdk] ***************************************************
changed: [host2.centos7]
changed: [host3.centos7]
TASK [jdk : install evn file] **************************************************
changed: [host3.centos7]
changed: [host2.centos7]
TASK [tomcat : install package] ************************************************
changed: [host3.centos7] => (item=[u'tomcat', u'tomcat-admin-webapps', u'tomcat-webapps', u'tomcat-docs-webapp'])
changed: [host2.centos7] => (item=[u'tomcat', u'tomcat-admin-webapps', u'tomcat-webapps', u'tomcat-docs-webapp'])
TASK [tomcat : start tomcat] ***************************************************
changed: [host3.centos7]
changed: [host2.centos7]
PLAY RECAP *********************************************************************
host1.centos7 : ok=4 changed=0 unreachable=0 failed=0
host2.centos7 : ok=5 changed=4 unreachable=0 failed=0
host3.centos7 : ok=5 changed=4 unreachable=0 failed=0
[root@Client ansible]#
最终测试
在浏览器里输入www.grh.io
