一 Ansible 自动化运维工具
Python 在运维工作中的经典应用
ansible(批量管理操作)
1. 安装 ansible(需要 bese epel 2 种源)
- wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
- curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
- yum install ansible -y
克隆虚拟机
- hostnamectl set-hostname standby
- VIM /etc/sysconfig/network-scripts/ifcfg-eth0
- IPADDR=10.0.0.200 #改
UUID 行 #删掉
- VIM /etc/hosts
- 10.0.0.200 standby #最后一行添加
- systemctl restart network #重启网卡
- +++++++++++++++++++++++++++++++
Linux 的 SSHD(22)
验证方式:
(1) 用户 + 密码 (PAM)
(2) 秘钥验证 (公钥: 钥匙和私钥: 锁)
通过秘钥对实现, 需要将公钥分发到各节点
+++++++++++++++++++++++++++++++
2. 管理被控端, 管理机先生成秘钥, 然后推送公钥
- SSH-keygen #执行, 一路回车
- SSH-copy-id -i ~/.SSH/id_rsa.pub root@10.0.0.200
- SSH-copy-id -i ~/.SSH/id_rsa.pub root@10.0.0.100
- # 注意每台都要分发 mi 钥
- [root@demo ~]# for i in {
- 1..12
- };do SSH-copy-id -i ~/.SSH/id_rsa.pub root@10.0.0.$i;done
3. 配置被管理的主机清单
- [root@demo ~]# VIM /etc/ansible/hosts
- # 覆盖原来内容
- [web]
- 10.0.0.100
- 10.0.0.200
4. 使用 ansible 的 ad-hoc 测试
- ansible all -m ping #ansible 主机组或 all -m 命令
- 10.0.0.12 | SUCCESS => {
- "changed": false,
- "ping": "pong"
- }
- 10.0.0.11 | SUCCESS => {
- "changed": false,
- "ping": "pong"
- }
- # 执行远程命令
- [root@demo ~]# ansible all -m shell -a "df -h"
- 10.0.0.12 | CHANGED | rc=0>>
- Filesystem Size Used Avail Use% Mounted on
- /dev/sda3 98G 3.4G 95G 4% /
- devtmpfs 477M 0 477M 0% /dev
- tmpfs 488M 0 488M 0% /dev/shm
- tmpfs 488M 7.7M 480M 2% /run
- tmpfs 488M 0 488M 0% /sys/fs/cgroup
- /dev/sda1 197M 102M 96M 52% /boot
- tmpfs 98M 0 98M 0% /run/user/0
- 10.0.0.11 | CHANGED | rc=0>>
- Filesystem Size Used Avail Use% Mounted on
- /dev/sda3 98G 1.6G 97G 2% /
- devtmpfs 981M 0 981M 0% /dev
- tmpfs 992M 124K 992M 1% /dev/shm
- tmpfs 992M 9.6M 982M 1% /run
- tmpfs 992M 0 992M 0% /sys/fs/cgroup
- /dev/sda1 197M 102M 96M 52% /boot
- tmpfs 199M 0 199M 0% /run/user/0
5.ansible playbook 自动化安装 nginx
- [root@demo ~]# VIM playbook_nginx.YAML
- - hosts: Web
- remote_user: root
- vars:
- http_port: 80
- tasks:
- - name: Add Nginx Yum Repository
- yum_repository:
- name: nginx
- description: Nginx Repository
- baseurl: http://nginx.org/packages/centos/7/$basearch/
- gpgcheck: no
- - name: Install Nginx Server
- yum:
- name=nginx state=present
- - name: Configure Nginx Server
- template: src=./default.conf.template dest=/etc/nginx/conf.d/default.conf
- notify: Restart Nginx Server
- - name: Start Nginx Server
- service: name=nginx state=started enabled=yes
- handlers:
- - name: Restart Nginx Server
- service: name=nginx state=restarted
- 6.
default.conf.template 文件如下
- [root@demo ~]#VIM default.conf.template
- server {
- listen {{ http_port }};
- server_name localhost;
- location / {
- root /usr/share/nginx/html;
- index index.HTML index.htm;
- }
- }
7. 执行 ansible-playbook
检查语法
[root@demo ~]# ansible-playbook --syntax playbook_nginx.YAML
模拟执行
[root@demo ~]# ansible-playbook -C playbook_nginx.YAML
执行
- [root@demo ~]# ansible-playbook playbook_nginx.YAML
- =============================================================
二 Docker 容器技术
来源: http://www.bubuko.com/infodetail-2910301.html