ansible安装与免密登录、playbook和变量的使用

Admin 发布于 2025-09-17 92 次阅读

ansible作为自动化运维必备的工具,它可以一次性控制多台服务器——前提是你已经做好了使用它的准备。 root账户下

  • 156 hostname dplphin

  • 157 vim /etc/hosts

  • 158 cat /etc/hosts###设置hosts,ip+主机名

  • 159 hostname dolphin

  • 160 hostnamectl set-hostname dolphin #更改主机名,重启后生效,另外两台同理

  • 161 hostnae

  • 162 hostname

  • 163 reboot

  • 164 history

  • 165 wget -O /etc/yum.repos.d/CentOs-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

  • 166 wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

  • 167 yum makecache #安装yum源,并生成缓存

  • 168 yum install ansible#安装ansible

  • 169 ansible --version #查看ansible是否安装成功,只需要为控制机安装

  • 170 vim /etc/hosts #此处是修改本地代理,将主机名与ip地址对应起来

  • 171 vim /etc/sudoers.d/

  • 172 cd /etc/sudoers.d/

  • 173 ll

  • 174 cd

  • 175 cd .

  • 176 cd /etc/sudoers.d/

  • 177 cd .

  • 178 cd ..

  • 179 vim /etc/ansible/hosts #设置panda和bamboo作为inventory(清单)

  • 180 vim /etc/ansible/ansible.cfg

  • 181 vim /etc/ansible/hosts

  • 182 ansible all --list

  • 183 ansible db --list-host

  • 184 ansible db

  • 185 ansible db --list-host

  • 186 ansible panda --list-host

  • 187 ansible db --list-host

  • useradd student

  • passwd student # 创建student用户

  • 188 su - student

  • 189 vim /etc/sudoers.d/student 添加内容如下 student ALL= NOPASSWD: ALL

  • 190 scp /etc/sudoers.d/student root@panda:/etc/sudoers.d/

  • 191 scp /etc/sudoers.d/student root@bamboo:/etc/sudoers.d/#将这一个student配置文件拷贝至其他两台的student账户下,提权流程

  • 192 su - student

student普通账户

  • 1 su root
  • 2 vim
  • 3 l
  • 4 ;ll
  • 5 ll
  • 6 mkdir std
  • 7 cd std/
  • 8 ll
  • 9 cd.
  • 10 cd .
  • 11 pwd
  • 12 vim inventory
  • 13 ansible db --list
  • 14 vim inventory
  • 15 ansible db --list
  • 16 ansible db --list -i inventory #此处inventory为在/home/student/std/中的自定义清单文件
  • 17 vim /etc/ansible/ansible.cfg
  • 18 ls /etc/ansible/ansible.cfg
  • 19 ll /etc/ansible/ansible.cfg
  • 20 ll
  • 21 exit
  • 22 cd std/
  • 23 vim ansible.cfg#设置/home/student/std/中的自定义配置文件,文件名不可更改,内容如下

    [defaults] inventory=/home/student/std/inventory ask_pass=no remote_user=student#此处无顺序要求

    [privilege_escalation] #become=True #become_method=sudo #become_user=root #become_ask_pass=False#此处为/etc/ansible/ansible.cfg中搜索后提取出来的,搜索方法为:/搜索内容

  • 24 sudo vim ansible.cfg
  • 25 sudo vim /etc/ansible/ansible.cfg
  • 26 sudo vim ansible.cfg
  • 27 ansible db --lis
  • 28 ansible db --list
  • 29 sudo ansible db --list
  • 30 ssh-keygen #开始设置免密登录,ansible必要的设置
  • 31 cd /home/student/.ssh/ student@panda##
  • 32 ssh-copy-id -i id_rsa.pub student@panda
  • 33 ssh-copy-id -i id_rsa.pub student@bamboo#拷贝给其他两台被控机器,远程连接免密流程
  • 34 ssh student@panda
  • 35 history

#注意,playbook中变量名不能使用空格、标点符号,可以使用下划线连接,同时不能将数字作为变量名的开头

这是简单的变量例子,在hosts范围内的主机中创建一个用户,用户名为{{ name }},name值来自于 - /abc/user.yml,其中内容为name=tom

  • name: create hosts: all vars:
    • /abc/user.yml tasks:
      • name: create_users user: name: "{{ name }}" state: present ...

-name: create hosts: all become: true #此行专为没做好账户/etc/passwd提权准备,若无报错可以不加 tasks:

  • name: create users user: name: userl state: present register: out
  • name: debug debug: msg::"start!!!!!"
  • name: debug debug: var: out ... #使用register用out变量获取输出内容,使用debug展示出输出内容

#使用变量进行设置,这是使用获取的系统信息获取对应信息,同级和首级使用_连接,下级使用.连接,present为确认生成,absent为确认删除

  • name: ip uname mem sda1size hosts: all tasks:

    • name: Create info file with IPv4 address lineinfile: path: /tmp/info.txt line: "IPv4 Address: {{ ansible_default_ipv4.address }}" create: true state: present

    • name: kernel version lineinfile: path: /tmp/info.txt line: "Kernel Version: {{ ansible_kernel }}" state: present

    • name: memory size lineinfile: path: /tmp/info.txt line: "Memory Size: {{ ansible_memtotal_mb }} MB" state: present

    • name: sda1 partition size lineinfile: path: /tmp/info.txt line: "sda1 Size: {{ ansible_devices.sda.partitions.sda1.size }}" state: present

    • name: Display ALL system information debug: var: ansible_facts
      run_once: true
      delegate_to: localhost

#注意缩进,playbook对缩进极其敏感,且报错位置经常不对,若看不出来可以给豆包师傅修

  • name: file hosts: bamboo tasks:
    • name:create file file: path: /tmp/open state: touch mode: 0600
    • name: cp file
      copy: content: "hah\n" dest: /tmp/open
    • name: line
      lineinfile: path: /tmp/open
      regexp: "^ha" line: "rh"
    • name: block blockinfile: path: /tmp/open
      block: aaaaaaaa bbbbbbbb #循环
      • name: use loop host: bamboo tasks: -name: create user: name: "{{ item }}" state: present
        loop:
        • u3
        • u4 register: out
      • name: debug debug: msg: "{{ item.home }}" loop: "{{ out['results'] }}"