Ansible简介
Ansible是一个开源的IT自动化工具,用于配置管理、应用部署、任务执行和多节点协调,通过SSH协议,可以在远程服务器上以安全的方式执行命令,实现对系统资源的管理,Ansible使用YAML语言编写的Playbook来描述任务流程,可以轻松地将任务模块化、可重复使用和可扩展。
Ansible安装与配置
1、安装Ansible
在Linux系统中,可以通过以下命令安装Ansible:
sudo apt-get update sudo apt-get install software-properties-common sudo apt-add-repository --yes --update ppa:ansible/ansible sudo apt-get install ansible
2、配置Ansible
在安装完成后,需要对Ansible进行基本配置,编辑/etc/ansible/ansible.cfg文件,设置以下参数:
[defaults] inventory = /etc/ansible/hosts remote_user = root private_key_file = ~/.ssh/id_rsa
3、创建主机清单文件
在/etc/ansible/hosts文件中,添加主机信息。
[group1] host1 ansible_host=192.168.1.1 ansible_user=root ansible_connection=local host2 ansible_host=192.168.1.2 ansible_user=root ansible_connection=local [group2] host3 ansible_host=192.168.1.3 ansible_user=root ansible_connection=local host4 ansible_host=192.168.1.4 ansible_user=root ansible_connection=local
使用Ansible编写Playbook
1、创建Playbook文件
使用文本编辑器创建一个名为example.yml的Playbook文件,编写以下内容:
name: Install Nginx
hosts: all
tasks:
name: Update package list
apt:
name: "{{ item }}" state=present update_cache=yes
with_items:
nginx
php-fpm php-mysqlnd php-gd php-xml php-mbstring php-curl php-bcmath php-ldap php-json php-tokenizer php-mcrypt php-apcu php-intl php-soap curl php-dev libxml2 zlib1g-dev build-essential libssl-dev libreadline-dev libyaml-dev libsqlite3-dev wget git libc6 libncurses5-dev unzip automake libtool bison subversion python3 python3-pip python3-dev python3-venv zip g++ make cmake libboost-all-dev libbz2-dev libffi-dev libpq-dev nodejs npm supervisor virtualenv python3-venv python3-setuptools pip xz-utils tar git mercurial orwpan emacs emacs24 m4 libgtk2.0-dev libwebkitgtk-dev libnotify-dev libnss3-dev libxslt1.1 libxml2-dev libxsltproc-dev libgconf2-dev libgdk-pixbuf2.0-dev libpangocairo-1.0-0 libatk1.0-0 libatkmm1.6-1 libgtk2.0-0 libpcre3-dev libjpeg62 libcap2-bin zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc zlib1g zlibc --with-openssl --with-python --with-python3 --with-systemd --with-systemdsystemunitdir=/usr/share/systemd/system --with-selinux --with-selinuxtypes --with-cacertdir=/etc/ssl/certs --with-cacert=/etc/ssl/certs/cacert.pem --with-validationchecksum true
git clone https://github.com/ansible/ansible.git $HOME/ansible
cd $HOME/ansible && git checkout release/2.9
cd $HOME/ansible && git pull origin master
cd $HOME/ansible && make && make install
mkdir ~/.ansible
cp ~/.vimrc ~/.emacs ~/.inputrc ~/.profile ~/.bashrc ~/.bash_profile ~/.bash_login ~/.config/fish/config.fish ~/.config/polybar/launch.sh ~
chown root:root *
chmod go+rwx *
"
become: yes become_method: sudo
become_user: root
when: "'group1|group2' in groupnames"
become_ask_pass: yes
become_pass: "{{ lookup('passwordfile', 'admin') | b64decode('utf-8') }}
"
notify:
Reload Nginx
Run Service
SSH Reconnect
tasks:
-
ping:
host: localhost
register: result
ignore_errors: yes
Debug:
var: result.stdout_lines
name: Install Nginx
nginx:
enabled: yes
state: present
update_cache: yes
enablerepo: extras
docroot: /var/www/html
errorlog: /var/log/nginx/error.log
accesslog: /var/log/nginx/access.log
http_proxy: http://{{ inventory_hostname }}
https_proxy: https://{{ inventory_hostname }}
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/htpasswd;
keepalive_timeout 65;
listen [::]:80 default_server;
listen [::]:443 default_server {
return ("HTTPS required")
}
notify:
Reload Nginx
runservice:
name: service apache2 restart
pip install requests==2.25.1
pip freeze > requirements.txt
cd ~ && git clone https://github.com/jakevdp/
gitbucket gitbucket
cd gitbucket && git remote add upstream https://github.com/jakevdp/
gitbucket && git fetch upstream && git rebase upstream/master --autostash --keep-index && git push origin master --force --quiet --set-upstream origin master && cd ~ && pip install dist/*whl >> requirements.txt
cd $HOME && git add requirements.txt && git commit -
adcommit message="Upgrade dependencies" && git push origin master --force --quiet --set-upstream origin master && cd ~ && pip install virtualenvwrapper >> requirements.txt && echo export WORKON_HOME=$HOME >> ~.bashrc && echo export VIRTUALENVWRAPPER_PYTHON=python3 >> ~.bashrc && source ~.bashrc && workon venv && cd venv && source bin/activate && pip install wheel >> requirements.txt && pip wheel * >> requirements.txt && deactivate
noopierun pip install --requirement
原创文章,作者:酷盾叔,如若转载,请注明出处:https://www.kdun.com/ask/125185.html
本网站发布或转载的文章及图片均来自网络,其原创性以及文中表达的观点和判断不代表本网站。如有问题,请联系客服处理。
发表回复