Ansible专题二:自动化运维工具Ansible部署

浏览次数:285

我们先来看一下公司内部的效果,18服务器是ansible服务所在的机器,他同时监控了4台机器,通过发送指令可以获取其他机器的硬盘信息;


1Ansible基础安装
(1)python2.7安装
https://www.python.org/ftp/python/2.7.8/Python-2.7.8.tgz
# tar xvzf Python-2.7.8.tgz
# cd Python-2.7.8
# ./configure --prefix=/usr/local
# make --jobs=`grep processor/proc/cpuinfo | wc -l`
# make install

## python头文件拷贝到标准目录,以避免编译ansible时,找不到所需的头文件
# cd /usr/local/include/python2.7
# cp -a ./* /usr/local/include/

## 备份旧版本的python,并符号链接新版本的python
# cd /usr/bin
# mv python python2.6
# ln -s /usr/local/bin/python

## 修改yum脚本,使其指向旧版本的python,已避免其无法运行
# vim /usr/bin/yum
#!/usr/bin/python  -->  #!/usr/bin/python2.6

(2)setuptools模块安装
https://pypi.python.org/packages/source/s/setuptools/setuptools-7.0.tar.gz
# tar xvzf setuptools-7.0.tar.gz
# cd setuptools-7.0
# python setup.py install

(3)pycrypto模块安装
https://pypi.python.org/packages/source/p/pycrypto/pycrypto-2.6.1.tar.gz
# tar xvzf pycrypto-2.6.1.tar.gz
# cd pycrypto-2.6.1
# python setup.py install

(4)PyYAML模块安装
http://pyyaml.org/download/libyaml/yaml-0.1.5.tar.gz
# tar xvzf yaml-0.1.5.tar.gz
# cd yaml-0.1.5
# ./configure --prefix=/usr/local
# make --jobs=`grep processor/proc/cpuinfo | wc -l`
# make install

https://pypi.python.org/packages/source/P/PyYAML/PyYAML-3.11.tar.gz
# tar xvzf PyYAML-3.11.tar.gz
# cd PyYAML-3.11
# python setup.py install

(5)Jinja2模块安装
https://pypi.python.org/packages/source/M/MarkupSafe/MarkupSafe-0.9.3.tar.gz
# tar xvzf MarkupSafe-0.9.3.tar.gz
# cd MarkupSafe-0.9.3
# python setup.py install

https://pypi.python.org/packages/source/J/Jinja2/Jinja2-2.7.3.tar.gz
# tar xvzf Jinja2-2.7.3.tar.gz 
# cd Jinja2-2.7.3
# python setup.py install

(6)paramiko模块安装
https://pypi.python.org/packages/source/e/ecdsa/ecdsa-0.11.tar.gz
# tar xvzf ecdsa-0.11.tar.gz
# cd ecdsa-0.11
# python setup.py install

https://pypi.python.org/packages/source/p/paramiko/paramiko-1.15.1.tar.gz
# tar xvzf paramiko-1.15.1.tar.gz
# cd paramiko-1.15.1
# python setup.py install

(7)simplejson模块安装
https://pypi.python.org/packages/source/s/simplejson/simplejson-3.6.5.tar.gz
# tar xvzf simplejson-3.6.5.tar.gz
# cd simplejson-3.6.5
# python setup.py install

(8)ansible安装
https://github.com/ansible/ansible/archive/v1.7.2.tar.gz
# tar xvzf ansible-1.7.2.tar.gz
# cd ansible-1.7.2
# python setup.py install

2Ansible配置
(1)SSH免密钥登录设置
## 生成公钥/私钥
# ssh-keygen -t rsa -P ''

## 写入信任文件(将/root/.ssh/id_rsa_storm1.pub分发到其他服务器,并在所有服务器上执行如下指令):
# cat /root/.ssh/id_rsa_storm1.pub >> /root/.ssh/authorized_keys
# chmod 600 /root/.ssh/authorized_keys

(2)ansible配置
# mkdir -p /etc/ansible
# vim /etc/ansible/ansible.cfg

  1. [defaults]

  2. # some basic default values...

  3. hostfile       = /etc/ansible/hosts

  4. # library_path = /usr/share/my_modules/

  5. remote_tmp     = $HOME/.ansible/tmp

  6. pattern        = *

  7. forks          = 5

  8. poll_interval  = 15

  9. sudo_user      = root

  10. #ask_sudo_pass = True

  11. #ask_pass      = True

  12. transport      = smart

  13. remote_port    = 22

  14. module_lang    = C

  15. gathering = implicit

  16. host_key_checking = False

  17. log_path    = /var/log/ansible.log

  18. system_warnings = False

  19. #set plugin path directories here, separate with colons

  20. #action_plugins     = /usr/share/ansible_plugins/action_plugins

  21. #callback_plugins   = /usr/share/ansible_plugins/callback_plugins

  22. #connection_plugins = /usr/share/ansible_plugins/connection_plugins

  23. #lookup_plugins     = /usr/share/ansible_plugins/lookup_plugins

  24. #vars_plugins       = /usr/share/ansible_plugins/vars_plugins

  25. #filter_plugins     = /usr/share/ansible_plugins/filter_plugins

  26. fact_caching = memory


  28. [accelerate]

  29. accelerate_port = 5099

  30. accelerate_timeout = 30

  31. accelerate_connect_timeout = 5.0

  32. # The daemon timeout is measured in minutes. This time is measured

  33. # from the last activity to the accelerate daemon.

  34. accelerate_daemon_timeout = 30


复制代码

## 主机组定义
# vim /etc/ansible/hosts

  1. [localhost]

  2. localhost ansible_connection=local


  4. [sudy-252]

  5. 170.18.10.31

  6. 170.18.10.45

  7. 170.18.10.51

  8. 170.18.10.35

复制代码

# ansible sudy-252 -m command -a 'df -H'     //测试获取4台机器的硬盘情况
返回的结果就跟第一张图是一样的了

可能遇到的报错信息

/usr/local/lib/python2.7/site-packages/Crypto/Util/number.py:57 owmInsecureWarning: Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attackvulnerability._warn(Not using mpz_powm_sec.You should rebuild using libgmp >= 5 to avoid timing attackvulnerability., PowmInsecureWarning)

原因:操作系统自带的 libgmp 版本是3.x,报错信息明确要求版本是5以上,可以升级libgmp 版本即可;临时处理版本是注释掉number.py的57行;




[root@localhost ansible-1.7.2]# ansiblesudy-252 'df -H'
Traceback (most recent call last):
File /usr/local/bin/ansible, line 4, in <module>
   __import__('pkg_resources').run_script('ansible==1.7.2', 'ansible')
File build/bdist.linux-x86_64/egg/pkg_resources.py, line517, in run_script
File build/bdist.linux-x86_64/egg/pkg_resources.py, line1436, in run_script
  File/usr/local/lib/python2.7/site-packages/ansible-1.7.2-py2.7.egg/EGG-INFO/scripts/ansible,line 210, in <module>
   (options, args) = cli.parse()
File/usr/local/lib/python2.7/site-packages/ansible-1.7.2-py2.7.egg/EGG-INFO/scripts/ansible,line 69, in parse
   parser.print_help()
File /usr/local/lib/python2.7/optparse.py, line 1670, inprint_help
   file.write(self.format_help().encode(encoding, replace))
UnicodeDecodeError: 'ascii' codec can'tdecode byte 0xd6 in position 1045: ordinal not in range(128)

原因:发送的指令格式异常