ansible

intro

ref: https://docs.ansible.com/ansible/latest/index.html#
Ansible is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates.

Ansible concepts

ref: https://docs.ansible.com/ansible/latest/user_guide/basic_concepts.html

Control node

Any machine with Ansible installed.
You can run Ansible commands and playbooks by invoking the ansible or ansible-playbook command from any control node.

You can use any computer that has a Python installation as a control node - laptops, shared desktops, and servers can all run Ansible.
However, you cannot use a Windows machine as a control node. You can have multiple control nodes.

Managed nodes

The network devices (and/or servers) you manage with Ansible. Managed nodes are also sometimes called “hosts”.

Ansible is not installed on managed nodes.

Inventory

A list of managed nodes.
An inventory file is also sometimes called a “hostfile”. Your inventory can specify information like IP address for each managed node. An inventory can also organize managed nodes, creating and nesting groups for easier scaling. To learn more about inventory, see the Working with Inventory section.

example

• default : /etc/ansible/hosts

  mail.example.com
  
  [webservers]
  foo.example.com
  bar.example.com
  
  [dbservers]
  one.example.com
  two.example.com
  three.example.com

• yaml format:

  all:
    hosts:
      mail.example.com:
    children:
      webservers:
        hosts:
          foo.example.com:
          bar.example.com:
      dbservers:
        hosts:
          one.example.com:
          two.example.com:
          three.example.com:

Collections

Collections are a distribution format for Ansible content that can include playbooks, roles, modules, and plugins. You can install and use collections through Ansible Galaxy. To learn more about collections, see Using collections.

Modules

The units of code Ansible executes. Each module has a particular use, from administering users on a specific type of database to managing VLAN interfaces on a specific type of network device. You can invoke a single module with a task, or invoke several different modules in a playbook. Starting in Ansible 2.10, modules are grouped in collections. For an idea of how many collections Ansible includes, take a look at the Collection Index.

Tasks

The units of action in Ansible. You can execute a single task once with an ad hoc command.

Playbooks

Ordered lists of tasks, saved so you can run those tasks in that order repeatedly. Playbooks can include variables as well as tasks. Playbooks are written in YAML and are easy to read, write, share and understand. To learn more about playbooks, see Intro to playbooks.

Install

1. yum install on centos

$ sudo yum install epel-release
$ sudo yum install ansible

2. install and upgrade Ansible with pip

Connecting to remote nodes

ref: https://docs.ansible.com/ansible/latest/user_guide/intro_getting_started.html#connecting-to-remote-nodes

1. connected by port, user, passwd

[root@ansible_master ansible]# grep -v ^# /etc/ansible/hosts |grep -v ^$
[web-servers]
192.168.171.136 ansible_ssh_port=22  ansible_ssh_user=root ansible_ssh_pass=summer

• test connecting:

  # before cmd:  ping , install `sshpass `
  yum install sshpass -y
  #  test connecting
  ansible -i /etc/ansible/hosts web-servers -m ping

2. connected by ssh

# generate sshkey  on `Control node`
ssh-keygen
# copy public key to `Managed node`
ssh-copy-id root@192.168.171.136

# login test 
ssh 192.168.1.163

# test connecting
ansible -i /etc/ansible/hosts 'web-servers' -m ping
# test
ansible -m command -a "uptime" 'web-servers'

simple usage

ref: Ansible Getting started

• run shell on Managed node

  ansible -i /etc/ansible/hosts  web-servers -m shell -a "source ~/.bash_profile && df -h|head

• run script

  cat ~/test.sh
  #!/bin/bash
  date
  hostname
  echo "hello world"

  ansible -i /etc/ansible/hosts  web-servers  -m script -a "~/test.sh" 

• copy file: from Control node to Managed node

  ansible -i /etc/ansible/hosts web-servers  -m copy -a "src=~/test.sh dest=/root owner=root group=root mode=0777"
  # check if success
  ansible -m command -a "ls /root/" 'remote'

• set file auth

  ansible -i /etc/ansible/hosts web-servers -m file -a "path=/root/test.sh mode=0755"
  # check file auth
  ansible -m command -a "ls -l  /root" 'remote'

• download source from given url

  ansible -i /etc/ansible/hosts web-servers -m get_url -a "url=https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm  dest=/tmp/ mode=0440 force=yes"

• yum install

  ansible -i /etc/ansible/hosts web-servers -m yum -a "name=httpd state=latest"

• restart httpd

  ansible -i /etc/ansible/hosts web-servers -m service -a "name=httpd state=restarted"

Action: Run your first playbook

In a directory of your choice you can create your first playbook in a file called mytask.yaml:

---
- name: My playbook
  hosts: all
  tasks:
     - name: Leaving a mark
       command: "touch /tmp/ansible_was_here"

You can run this command as follows:

$ ansible-playbook mytask.yaml

• ansible-examples

参考文章