Ansible自动化运维

安装

hosts文件

# This is the default ansible 'hosts' file.
#
# It should live in /etc/ansible/hosts
#
#   - Comments begin with the '#' character
#   - Blank lines are ignored
#   - Groups of hosts are delimited by [header] elements
#   - You can enter hostnames or ip addresses
#   - A hostname/ip can be a member of multiple groups

# Ex 1: Ungrouped hosts, specify before any group headers.

green.example.com
blue.example.com
192.168.100.1
192.168.100.10

# Ex 2: A collection of hosts belonging to the 'webservers' group

[webservers]
alpha.example.org
beta.example.org
192.168.1.100
192.168.1.110

# If you have multiple hosts following a pattern you can specify
# them like this:

www[001:006].example.com

[dbservers]

db01.intranet.mydomain.net
db02.intranet.mydomain.net
10.25.1.56
10.25.1.57

# Here's another example of host ranges, this time there are no
# leading 0s:

db-[99:101]-node.example.com

* ansible_ssh_host
  The name of the host to connect to, if different from the alias you wish to give to it.
* ansible_ssh_port
  The ssh port number, if not 22
* ansible_ssh_user
  The default ssh user name to use.
* ansible_ssh_pass
  The ssh password to use (this is insecure, we strongly recommend using --ask-pass or SSH keys)
* ansible_sudo_pass
  The sudo password to use (this is insecure, we strongly recommend using --ask-sudo-pass)
* ansible_sudo_exe (new in version 1.8)
  The sudo command path.
* ansible_connection
  Connection type of the host. Candidates are local, ssh or paramiko.  The default is paramiko before Ansible 1.2, and 'smart' afterwards which detects whether usage of 'ssh' would be feasible based on whether ControlPersist is supported.
* ansible_ssh_private_key_file
  Private key file used by ssh.  Useful if using multiple keys and you don't want to use SSH agent.
* ansible_shell_type
  The shell type of the target system. By default commands are formatted using 'sh'-style syntax by default. Setting this to 'csh' or 'fish' will cause commands executed on target systems to follow those shell's syntax instead.
* ansible_python_interpreter
  The target host python path. This is useful for systems with more
  than one Python or not located at "/usr/bin/python" such as \*BSD, or where /usr/bin/python
  is not a 2.X series Python.  We do not use the "/usr/bin/env" mechanism as that requires the remote user's
  path to be set right and also assumes the "python" executable is named python, where the executable might
  be named something like "python26".
* ansible\_\*\_interpreter
  Works for anything such as ruby or perl and works just like ansible_python_interpreter.
  This replaces shebang of modules which will run on that host.

使用

所支持的模块可以使用ansible-doc -l来查看 

ansible <Host-partten> -m MOE -a 'MOD_ARV'

# 查看时间
ansible all -m command -a 'date'
ansible all -m shell -a 'date'

# 添加用户
ansible all -m user -a 'name=hadoop comment="ansible add user" uid=1000 passwd="crypted-passwords"'

# 设置挂载NFS共享
ansible all -m shell -a 'mkdir -p /mnt/data;mount -t nfs -o ro 10.224.8.2:/data/share/data /mnt/data'

# yum安装
ansible all -m yum -a 'name=rsync state=present'

# sudo为root后执行(-s)
ansible -o -s all -m shell -a id

# 以指定的admin用户权限执行(-s -U admin)
ansible -o -s -U admin all -m shell -a id

# 拷贝公钥到主机
ansible all -m copy -a 'src=/root/.ssh/id_rsa.pub dest=/root'
# 将公钥追求加到认证文件中
ansible all -m shell -a 'cat /root/id_rsa.pub >> /root/.ssh/authorized_keys;chmod 400 /root/.ssh/authorized_keys'

# 启动服务
ansible all -m service -a 'name=vsftpd state=started enable=yes'

# 支撑管道命令raw模块(类似于shell模块)
ansible all -m raw -a 'ifconfig | grep eth0'
ansible all -m shell -a 'ifconfig | grep eth0'

# 获取主机信息
ansible 172.17.51.5 -m setup
ansible 172.17.51.5 -m setup -a 'filter=ansible_kernel'

YAML

Playbook

ansible套件中的其他工具