当前位置：网站首页>Ansible first knowledge of learning one

Ansible first knowledge of learning one

2022-07-23 13:57:00 【51CTO】

One 、Ansible What is it?

Only below Ansible A brief introduction to the main functions of , For details, please refer to the official website

Ansible It is an automatic operation and maintenance tool , Batch system configuration can be realized 、 Program deployment 、 Run commands and other configuration management and application deployment functions
Ansible Is based on Paramiko Developed , And based on modular work , It does not have the ability to deploy in bulk , It just provides a framework . What really has a batch deployment is Ansible Relevant modules running
Ansible There is no need to install any Agent End , Because it's based on SSH To communicate with the remote host

Two 、Ansible Architecture components

Ansible Learn the first knowledge of one _CICD

Ansible Basic architecture ：

The core engine ： namely Ansible, As a whole Ansible At the heart of
Core module （core modules)： yes Ansible Built in modules , Use these modules to distribute resources to managed hosts , Make it perform specific tasks or match specific states
Custom module （custom modules）： If the core module cannot complete a certain function , You can add custom modules
plug-in unit （plugins）： Supplement for completing module functions , Including connection plug-ins 、 Email plug-ins, etc
Connect plug-ins （Connection plugins）： Responsible for communication with the managed host , In addition to support the use of SSH Outside the connection , It also supports other connection methods
Host list （host inventory）： Definition Ansible Managed hosts , The default is in hosts Define nodes in the configuration file , It also supports custom dynamic host list and specified configuration file path
Script （playbook）： Definition Ansible The configuration file for the task , Multiple tasks can be defined in one script , Script execution supports multiple tasks , Multiple tasks can be run by the control host , Manage multiple remote hosts at the same time

3、 ... and 、Ansible Related terms

The control node （Control node）： Refers to the installation of Ansible The host , Also called Ansible Server side 、 Manager
- Ansible The control node is mainly used to publish running tasks , Execute control commands
- Ansible All programs are installed on the control node , The control node needs to be installed Python and Ansible Various dependent libraries required
Controlled nodes （Managed nodes）： Also called client , I just want to use Ansible The client server that the server performs the task
Host list （Inventory）： List of controlled nodes , Is the list of all hosts to be managed .
- Host manifest file (hosts）： By default, the list of lists is saved in host In file , have access to IP Address or host name to represent the specific management host and authentication information , And can be grouped according to the users of the host ; The path of the file is ：/etc/ansible/hosts (YUM In the case of installation )
- Default use hosts File definition host list , The list of hosts obtained in this way is called static acquisition ,Ansible It also supports the way of dynamically obtaining the host list ( I'll give you more details later )
- How to dynamically obtain the host list , Support the use of single or multiple Inventory , And supports a variety of file formats ( Yaml 、Py etc. ) ( I'll give you more details later )
modular （Modules）： The module is Ansible A block of code that performs a specific task .Ansible Now it comes with by default 450 Multiple modules ,Ansible Galaxy The public repository contains approximately 1600 A module .
Mission （Task）： Is in Ansible Operations performed on the client . have access to ad-hoc A single line command executes a task .
Script (Playbook)： It's using YAML A list of repeatable tasks written in markup language ,Playbook The task is more convenient .
role （roles）： The role is Ansible 1.2 New features introduced in the , For hierarchy 、 Organize... Structurally Playbook.Roles It can automatically load variable files according to the hierarchical structure 、tasks as well as handlers etc. .

Four 、Ansible Requirements for nodes

1、 Requirements for management host

Python2 Version requires 2.6 perhaps 2.7,Python3 The version of requires a version higher than 3.5 ( At present, most of them are Centos7,Python The default is 2.7 Version of , It is required by the symbol )
Windows The host cannot be used as a management host

2、 Requirements for the host of the node

Corresponding Python Version requirements for , The requirements of the management node above are the same
We use SSH Protocol and node communication , The default is to use Sftp The way , If Sftp Unavailable , You can configure files in ansible.cfg Is configured as Scp The way

5、 ... and 、Ansible install

1、 Installation instructions

Ansible There are many ways to install , The main installation methods are — YUM install 、PIP install 、 Source code installation 、Apt-Get Way, etc , There are two common installation methods — YUM install 、PIP install , It is recommended YUM install
YUM The installation will /etc Next, make a ansible Catalog ( It includes two files — ansible.cfg and hosts , A directory roles )
PIP Relevant directories and files will not be produced in the system during installation , Go to the official website to download ansible.cfg file , And create hosts Document and roles Catalog , Use... After creation Ansible When , These directories and files will be automatically recognized

2、 Examples of common installation methods

1、YUM  How to install 
# ansible  The installation uses  epel  Source code , First you have to install  epel  Source 

[[email protected] ~]# yum -y install epel-release
[[email protected] ~]# yum -y install ansible

#  Want to install the specified version , Check first YUM Which versions are included in the source , command  yum list ansible --showduplicates | sort -r 

[[email protected] ~]# ansible --version
ansible 2.9.27
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules',  u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Aug  7 2019, 00:51:29) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]
  
[[email protected] ~]# ansible --help # ansible  Order to see help 


     1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.

2、PIP  How to install 

[[email protected] ~]# curl https://bootstrap.pypa.io/pip/2.7/get-pip.py -o get-pip.py
[[email protected] ~]# python get-pip.py

[[email protected] ~]# yum install gcc glibc-devel zlib-devel rpm-build openssl-deve -y
[[email protected] ~]# yum install python-devel

[[email protected] ~]# yum install python-devel
[[email protected] ~]# ansible --version


     1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.

6、 ... and 、Ansible Related command tools

command	Function description
/usr/bin/ansible	The main program , Command execution tools
/usr/bin/ansible-docusr/bin/ansible	The main program , The command execution tool views the configuration document , Module function view tool
/usr/bin/ansible-playbook	Custom automated tasks , Script tools
/usr/bin/ansible-pull	A tool for remotely executing commands
/usr/bin/ansible-vault	File encryption tools
/usr/bin/ansible-console	be based on Console Tools that interact with the user interface
/usr/bin/ansible-galaxy	download / Upload excellent code or Roles The official website platform of the module

7、 ... and 、Ansible Inventory Built in parameters

Parameters	purpose
ansible_ssh_hosts	Definition hosts ssh Address
ansible_ssh_port	Definition hosts ssh port
ansible_ssh_user	Definition hosts ssh user
ansible_ssh_pass	Definition hosts ssh Authentication password
ansible_sudo	Definition hosts sudo user
ansible_sudo_pass	Definition hosts sudo password
ansible_sudo_exe	Definition hosts sudo route
ansible_connection	Definition hosts How to connect
ansible_ssh_shell_type	Definition hosts shell type
ansible_ssh_private_key_file	Definition hosts Private key
ansible_python_interpreter	Definition hosts Task execution python The path of
ansible_*_interpreter	Definition hosts The path of other language parsing

8、 ... and 、Ansible Related directories and files

Directories generated after installation ( YUM install ), as follows
- Profile directory ：/etc/ansible
- Directory of execution files ：/usr/bin
- Lib The library depends on the directory ：/usr/lib/python-$version/site-packages/ansible/
- Help Document directory ：/usr/share/doc/ansible-$version/
- Man Document directory ：/usr/share/man/man1/
Files generated after installation ( YUM install ), as follows
- Ansible Master profile ：/etc/ansible/ansible.cfg
- Ansible Default host manifest file ：/etc/ansible/hosts

Nine 、Ansible Profile description

1、 Priority of configuration file

From top to bottom , Priority decrement

  * ANSIBLE_CONFIG        First ,Ansible The command checks the environment variables first , And the configuration file that this environment variable will point to 
  * ./ansible.cfg        secondly , Will check... In the current directory ansible.cfg The configuration file 
  * ~/.ansible.cfg      Again , The current user will be checked home In the catalog `.ansible.cfg` The configuration file 
  * /etc/ansible/ansible.cfg    Last , Will check the installation Ansible Automatically generated configuration file

2、 Master profile

 The configuration file --- ansible.cfg , Including several pieces , Generally, I won't modify it , Here are some common parameters , We can understand the meaning of it  
 Focus on  [dafaults]  Related configuration 

[defaults]
inventory = /etc/ansible/hosts     #  Host list profile 
library = /usr/share/my_modules/   #  Library file storage directory 
remote_tmp = $HOME/.ansible/tmp    #  temporary py The command file is stored in the remote host directory 
local_tmp = $HOME/.ansible/tmp     #  Local temporary command execution Directory 
forks = 5            #  Default concurrency 
poll_interval = 15   #  Query interval when executing tasks asynchronously , Default 15s
sudo_user = root     #  Default sudo  user 
ask_sudo_pass = True #  Every time you execute ansible Does the command ask ssh password 
ask_pass = True      #  Prompt for ssh password 
remote_port = 22     #  The default port of the remote host , This port should be different in production 
timeout = 10         # SSH Connection timeout , Default 10s
roles_path = /etc/ansible/roles  #  Default downloaded  Roles Contents of storage 
log_path = /var/log/ansible.log  #  Specify storage  Ansible Log file ,Ansible  The default is not to log 
host_key_checking = False        #  Check the corresponding server's  host_key, It is suggested that the annotation be cancelled , That is, it won't pop up 
                               

     1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.

3、 Host manifest configuration file

### /etc/ansible/hosts
 It is usually used to define the authentication information of the host to be managed , How to configure as a host group , It depends on which connection method is used ( There are two main types )

1、 Password based connection     # ( Multiple representations ) 
   
  [webserver]
  172.16.1.11  ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_apss="test123456"

  [db-server]
  172.16.1.20[1:3] ansible_ssh_user=root ansible_ssh_pass="123456"

  [mid-server]
  172.16.1.1[2:4]
  [webserver:vars]
  ansible_ssh_pass="123456"  
  
  #  In this way, it must be clear that  ansible_ssh_pass  Write in  hosts  In file 


2、  be based on KEY  The connection of ( You have to configure  SSH  Free login  )    # ( Multiple representations  ) 
  
  [webserver]
  192.168.1.31:22
  
  [nginx]
  192.168.1.4[1:2]
  
  [k8s-node]
  node1 ansible_ssh_host=192.168.1.31 ansible_ssh_port=22
  node2 ansible_ssh_host=192.168.1.32 ansible_ssh_port=22
  node3 ansible_ssh_host=192.168.1.33 ansible_ssh_port=22
   
  [os-server:children]  # os-server  A group consists of two subgroups ：apache 、nginx
  apache
  nginx


###  There are two ways to connect  Ansible  All cases have been used , Generally, it is based on  KEY  There are many ways to connect , The following example also adopts this method 


     1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.

Ten 、Ansible First experience

1、Ansible The executive order of

Ansible Provide two commands to complete the task
- ad-hoc command , Can solve some simple tasks
- Ansible playbook, Solve more complex tasks
I'm learning Ansible At the beginning of the , Let's learn first ad-hoc command , As long as it is ansible command

2、 To configure SSH mutual trust

In fact, this is not really SSH mutual trust , It's just Ansible One way mutual trust from the manager to the managed node
real SSH Mutual trust means that two nodes can log in without secret , There is no need for the managed node to login to Ansible Manager

[[email protected] ~]# ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
[[email protected] ~]# ssh-copy-id [email protected]

[[email protected] ~]# ssh 10.6.2.238
Last login: Thu Mar 10 13:58:23 2022 from test238
[[email protected] ~]# hostname
test238
[[email protected] ~]# exit
logout
Connection to 10.6.2.238 closed.
[[email protected] ~]# hostname
test220


     1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.

3、 edit hosts file

[[email protected] ~]# cp /etc/ansible/hosts /etc/ansible/hosts.default
[[email protected] ~]# vim /etc/ansible/hosts
[tests]
6.2.238
6.2.239










4、Ansible Examples of use

1、Ansible  Command syntax 

  #  Grammar format ：ansible <group> -m <module> -a <arguments>
  <group> ：    Host group or single host , perhaps  all
  <module> ：   Refers to the name of the module used 
  <arguments>： Here are optional parameters , It depends on the function of the specific module 

2、 Simple use examples 

   [[email protected] ~]# ansible tests -m ping # ping  modular 
   10.6.2.238 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
   } 
   10.6.2.239 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
   }
  
   [[email protected] ~]# ansible tests -m command -a "hostname" # command  modular 
   10.6.2.239 | CHANGED | rc=0 >>
   test239
   10.6.2.238 | CHANGED | rc=0 >>
   test238
 
   
   [[email protected] ~]# vim /root/test.sh
   #!/bin/bash
   date >> /root/date.txt
   
   [[email protected] ~]# ansible tests -m script -a "/root/test.sh" # script  modular 
   10.6.2.239 | CHANGED => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 10.6.2.239 closed.\r\n", 
    "stderr_lines": [
        "Shared connection to 10.6.2.239 closed."
    ], 
    "stdout": "", 
    "stdout_lines": []
   }
   10.6.2.238 | CHANGED => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 10.6.2.238 closed.\r\n", 
    "stderr_lines": [
        "Shared connection to 10.6.2.238 closed."
    ], 
    "stdout": "", 
    "stdout_lines": []
   }
   
   [[email protected] ~]# ansible all -m command -a "cat /root/date.txt" #  here  all  It represents all hosts defined 
   10.6.2.239 | CHANGED | rc=0 >>
   Thu Mar 10 14:40:16 CST 2022
   10.6.2.238 | CHANGED | rc=0 >>
   Thu Mar 10 14:40:11 CST 2022
 
   #  explain ： stay  hosts  When defining the host group in the file , Node defines the order of writing , Doesn't mean  ansible  The order of message output after command execution 
   
   
   [[email protected] ~]# ansible 10.6.2.239 -m command -a "cat /root/date.txt"
   10.6.2.239 | CHANGED | rc=0 >>
   Thu Mar 10 14:40:16 CST 2022

   #  It can also be written like the above , Write only one of the hosts in the host group , Only relevant operations will be carried out for this host 
   

     1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.