如何安装Ansible和管理服务器?
企业IT需要的不仅仅是传统的IT工具。 因为IT基础结构中有不同的体系结构和样式。 在一家小型公司中,一个企业服务器就足够了,但是在一家企业公司中,可能有10至100个Web服务器可以满足部门的不同需求。 这里*重要的事情之一就是简单而自信的方式对基础架构进行编排和管理。 Ansible是一种使服务器管理员或开发人员能够使用的工具。
正在安装 (Installing)
We will use Fedora Server 24 for this tutorial and our architecture is 64 bit. 1 GB is enough for simple tests but keep in mind that there is more if your work is complex. We have two servers named poftut1 and poftut2. We will manage from poftut1 the two servers.
在本教程中,我们将使用Fedora Server 24,我们的体系结构是64位。 1 GB足以进行简单的测试,但是请记住,如果您的工作很复杂,则还有更多空间。 我们有两个名为poftut1和poftut2的服务器。 我们将从poftut1管理两个服务器。
$ sudo dnf install ansible -y
Install nano for editing Ansible hosts file.
安装nano以编辑Ansible主机文件。
$ sudo dnf install nano -y
Open and add servers with an IP address as a group named poftut_servers
将IP地址作为名为poftut_servers的组打开并添加服务器
$ nano /etc/ansible/hosts
Add the following lines. This file is called inventory in Ansible terminology.
添加以下行。 该文件在Ansible术语中称为清单。
-
[poftut_servers]
-
127.0.0.1 poftut1
-
192.168.122.234 poftut2
从简单开始 (Start Simple)
We have completed installation and setup. Now we will try to access our servers by using their group name.
我们已经完成安装和设置。 现在,我们将尝试使用服务器的组名来访问服务器。
-
$ ansible poftut_servers -a “hostname”
-
The authenticity of host ‘127.0.0.1 (127.0.0.1)’ can‘t be established.
-
ECDSA key fingerprint is SHA256:BG7kN+MYiC1SB84l7XuyW/ahCtDIs1Ewf4u0CiHgZ3M.
-
ECDSA key fingerprint is MD5:25:f7:ea:8f:ae:7f:59:22:44:3e:97:fa:ec:c6:f7:62.
-
Are you sure you want to continue connecting (yes/no)? The authenticity of host ‘192.168.122.234 (192.168.122.234)‘ can’t be establis
-
hed.
-
ECDSA key fingerprint is SHA256:GsOxJithwTGuhXUQUSAEsmjI+kjo3Bk43iGxGZJ90UA.
-
ECDSA key fingerprint is MD5:e4:bd:d7:0d:a2:68:df:f5:84:75:11:6f:7f:e6:12:82.
-
Are you sure you want to continue connecting (yes/no)? yes
-
127.0.0.1 | UNREACHABLE! => {
-
“changed”: false,
-
“msg”: “Failed to connect to the host via ssh.”,
-
“unreachable”: true
-
}
We can not run hostname command here. Because we have to provide a password for the current user or set up key-based authentication for ssh. Second is more secure.
我们无法在此处运行hostname命令。 因为我们必须为当前用户提供密码或为ssh设置基于密钥的身份验证。 其次更安全。
-
$ ssh-copy-id localhost
-
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_rsa.pub”
-
The authenticity of host ‘localhost (::1)’ can’t be established.
-
ECDSA key fingerprint is SHA256:BG7kN+MYiC1SB84l7XuyW/ahCtDIs1Ewf4u0CiHgZ3M.
-
ECDSA key fingerprint is MD5:25:f7:ea:8f:ae:7f:59:22:44:3e:97:fa:ec:c6:f7:62.
-
Are you sure you want to continue connecting (yes/no)? yes
-
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
-
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
-
[email protected]‘s password:
-
-
Number of key(s) added: 1
-
-
Now try logging into the machine, with: “ssh ‘localhost'”
-
and check to make sure that only the key(s) you wanted were added.
-
$ ssh-copy-id 192.168.122.234
-
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_rsa.pub”
-
The authenticity of host ‘192.168.122.234 (192.168.122.234)’ can’t be established.
-
ECDSA key fingerprint is SHA256:GsOxJithwTGuhXUQUSAEsmjI+kjo3Bk43iGxGZJ90UA.
-
ECDSA key fingerprint is MD5:e4:bd:d7:0d:a2:68:df:f5:84:75:11:6f:7f:e6:12:82.
-
Are you sure you want to continue connecting (yes/no)? yes
-
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
-
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
-
[email protected]‘s password:
-
-
Number of key(s) added: 1
-
-
Now try logging into the machine, with: “ssh ‘192.168.122.234’”
-
and check to make sure that only the key(s) you wanted were added.
Now try again same simple command.
现在,再试一次相同的简单命令。
-
$ ansible poftut_servers -a “hostname”
-
>
-
poftut1
-
>
-
poftut2
Now create a directory in all servers in our poftut_servers group.
现在,在我们的poftut_servers组中的所有服务器中创建目录。
-
$ ansible poftut_servers -a “mkdir poftut”
-
127.0.0.1 | SUCCESS | rc=0 >>
-
-
192.168.122.234 | SUCCESS | rc=0 >>
It seems success but we can make a double check with Ansible by listing the directory.
似乎成功了,但是我们可以通过列出目录来与Ansible进行仔细检查。
-
$ ansible poftut_servers -a “ls”
-
192.168.122.234 | SUCCESS | rc=0 >>
-
image-build
-
original-ks.cfg
-
poftut
-
-
-
127.0.0.1 | SUCCESS | rc=0 >>
-
original-ks.cfg
-
poftut