配置自动化工具
配置自动化的相关产品
| 序号 | 工具 | 描述 |
|---|---|---|
| 1 | ansible | 开箱即用,ssh协议 |
| 2 | saltack | 需要agent端配合,配置部署速度块 |
| 3 | puppet | 老牌配置自动化工具,需要agent端配合 |
配置自动化应用带来的好处:提高工作效率,提高配置文件按的准确性,降低人力成本。
ansiable介绍
ansible:无主无从架构,开箱即用,用完即走
ansible是新出现的自动化运维工具,基于Python开发,集合了众多运维工具(puppet、chef、func、fabric)的优点,实现了批量系统配置、批量程序部署、批量运行命令等功能
ansiable安装
安装epel-release YUM源
yum -y install epel-release
安装ansible
yum -y install ansible
ansible版本查看
[root@node2 ~]# ansible --version
ansible 2.9.24
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Oct 30 2018, 23:45:53) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]
主机清单
主机清单作用
ansible controller对主机操作时,仅认主机清单中定义的主机列表,即从主机清单中读取主机列表时,才可以进行配置。
-
用于ansible 配置时读取主机列表
-
实现主机分组
主机清单定义方法
主机清单存储位置;
/etc/ansible/hosts
方法一
直接在主机清单中写入主机IP地址或者主机名(需要能够进行解析)
192.168.160.20
或者
node1
方法二
在主机清单文件中添加主机分组,然后把主机IP或者主机名写入分组内即可
[master]
192.168.160.128
[node]
192.168.160.129
192.168.160.130
或者
[master]
master
[node]
node1
node2
ansible应用
ansible ping模块实现测试主机的互通性
第一步:实现多主机之间免密登录
#生成密钥对(交互)
[root@master ~]#ssh-keygen -t rsa
#生成密钥对(非交互)
[root@master ~]#ssh-keygen -t rsa -f /root/.ssh/id_rsa -N ' '
#密钥对同步
[root@master ~]# ssh-copy-id node1
第二步:定义主机清单
#主机清单存储位置
/etc/ansible/hosts
#主机清单中添加主机
[root@master ~]#cat /etc/ansible/hosts
[master]
192.168.160.128 #master
[node]
192.168.160.129 #node1
192.168.160.130 #node2
第三步:ping模块使用
#ansible命令格式
ansible 主机清单中ip或分组名称 -m 模块
#ping模块使用
IP地址
[root@master ~]# ansible 192.168.160.130 -m ping
192.168.160.130 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
分组名称
[root@master ~]# ansible master -m ping
192.168.160.128 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
[root@master ~]# ansible node -m ping
192.168.160.130 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
192.168.160.129 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
ansible cron模块实现配置多主机时间同步
第一步:选择时钟源服务器
- 国内建议使用阿里2时钟源 time1.aliyun.com
- 国际建议使用微软时钟源time.windows.com
第二步:cron模块使用
#ansible命令格式
ansible 主机清单中IP或分组名称 -m 模块 -a "参数"
#cron模块使用
[root@master ~]# ansible master -m cron -a 'name="test cron1" job="ntpdate time1.aliyun.com" minute=0 hour=*/1'
192.168.160.128 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"test cron1"
]
}
[root@master ~]# ansible node -m cron -a 'name="test cron1" job="ntpdate time1.aliyun.com" minute=0 hour=*/1'
192.168.160.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"test cron1"
]
}
192.168.160.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"test cron1"
]
}
#每小时与时钟源同步一次
#远程主机结果
[root@master ~]# crontab -l
#Ansible: test cron1
0 */1 * * * ntpdate time1.aliyun.com
[root@node1 ~]# crontab -l
#Ansible: test cron1
0 */1 * * * ntpdate time1.aliyun.com
[root@node2 ~]# crontab -l
#Ansible: test cron1
0 */1 * * * ntpdate time1.aliyun.com
ansible copy模块实现多主机配置文件同步
步骤:
第一步:准备本地解析文件
[root@master ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.160.128 master
192.168.160.129 node1
192.168.160.130 node2
[root@node1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.160.128 master
192.168.160.129 node1
192.168.160.130 node2
[root@node2 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.160.128 master
192.168.160.129 node1
192.168.160.130 node2
第二步:copy模块应用
#同步文件到node节点
[root@master ~]# ansible node -m copy -a "src=/root/pod.env.yaml dest=/root/"
192.168.160.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "d41c517caaa7ccb9942f68f6845629d615e66798",
"dest": "/root/pod.env.yaml",
"gid": 0,
"group": "root",
"md5sum": "484c54f0664aa18d7117b6bda8e49693",
"mode": "0644",
"owner": "root",
"size": 339,
"src": "/root/.ansible/tmp/ansible-tmp-1629449369.61-36208-68851603774490/source",
"state": "file",
"uid": 0
}
192.168.160.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "d41c517caaa7ccb9942f68f6845629d615e66798",
"dest": "/root/pod.env.yaml",
"gid": 0,
"group": "root",
"md5sum": "484c54f0664aa18d7117b6bda8e49693",
"mode": "0644",
"owner": "root",
"size": 339,
"src": "/root/.ansible/tmp/ansible-tmp-1629449369.6-36206-26956460843436/source",
"state": "file",
"uid": 0
}
#查看同步文件
[root@node1 ~]# ls -l
total 12
-rw-------. 1 root root 2024 Jul 8 09:43 anaconda-ks.cfg
-rw-r--r--. 1 root root 2072 Jul 8 09:46 initial-setup-ks.cfg
-rw-r--r-- 1 root root 339 Aug 20 16:49 pod.env.yaml
[root@node2 ~]# ls -l
total 16
-rw-------. 1 root root 2024 Jul 9 15:05 anaconda-ks.cfg
-rw-r--r--. 1 root root 2072 Jul 9 15:07 initial-setup-ks.cfg
-rw-r--r-- 1 root root 339 Aug 20 16:49 pod.env.yaml
ansible shell模块远程执行命令
[root@master ~]# ansible node -m shell -a 'cat /etc/hosts '
192.168.160.130 | CHANGED | rc=0 >>
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.160.128 master
192.168.160.129 node1
192.168.160.130 node2
192.168.160.129 | CHANGED | rc=0 >>
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.160.128 master
192.168.160.129 node1
192.168.160.130 node2