install ansible
# yum install epel-release # yum install ansible
test ansible
# mkdir ansible
# cd ansible
# ifconfig | grep "inet addr" | grep -v "127.0.0.1"
inet addr:192.168.11.8 Bcast:192.168.11.255 Mask:2
55.255.255.0
# ansible 192.168.11.8 -m ping
^C [ERROR]: User interrupted execution
no reply
ssh first so ansible uses ssh
# ssh 192.168.11.8 The authenticity of host '192.168.11.8 (192.168.11.8)' can't b e established. RSA key fingerprint is 1b:93:87:24:73:8f:82:b3:e3:de:9d:58:33: 98:0c:5b. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.11.8' (RSA) to the list of known hosts. root@192.168.11.8's password: Last login: Sat Sep 15 01:37:36 2018 from 192.168.11.5 # # exit logout Connection to 192.168.11.8 closed.
test ansible again
# ansible 192.168.11.8 -m ping [WARNING]: Could not match supplied host pattern, ignoring: 1 92.168.11.8 [WARNING]: No hosts matched, nothing to do
warning occured
make hosts file and retry
# echo 192.168.11.8 > hosts
# ansible -i hosts 192.168.11.8 -m ping
192.168.11.8 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission
denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n"
,
"unreachable": true
}
unreachable
ansible needs ssh key exchange
make key and copy
# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: 3f:0f:1e:5d:71:4d:fc:e1:c7:9a:9c:9c:cc:43:39:c0 root@centos6 The key's randomart image is: +--[ RSA 2048]----+ | . ..| | E oo| | .oo=| | +++| | S *.*.| | . . .@ | | = . . | | . = | | . . | +-----------------+ # # ssh-copy-id 192.168.56.8 ssh: connect to host 192.168.56.8 port 22: No route to host # # ssh-copy-id 192.168.11.8 root@192.168.11.8's password: Now try logging into the machine, with "ssh '192.168.11.8'", a nd check in: .ssh/authorized_keys to make sure we haven't added extra keys that you weren't expe cting.
test non pass ssh
# ssh 192.168.11.8 Last login: Sat Sep 15 01:45:59 2018 from 192.168.11.8 # logout Connection to 192.168.11.8 closed.
OK
retry
# ansible -i hosts 192.168.11.8 -m ping
192.168.11.8 | SUCCESS => {
"changed": false,
"ping": "pong"
}
ansible succeeded
install telnet by ansible
#add -s option if need sudo
# ansible -i hosts 192.168.11.8 -m yum -a name=telnet
192.168.11.8 | SUCCESS => {
"changed": true,
"msg": "Warning: RPMDB altered outside of yum.\n",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror\nSetting up Install Process\nLoading mirror speeds from cached hostfile\n * base: ftp.i
ij.ad.jp\n * extras: ftp.iij.ad.jp\n * ius: hkg.mirror.rackspace.com\n * updates: ftp.iij.ad.jp\nResolving Dependencies\n--> R
unning transaction check\n---> Package telnet.x86_64 1:0.17-48.el6 will be installed\n--> Finished Dependency Resolution\n\nDe
pendencies Resolved\n\n================================================================================\n Package Arc
h Version Repository Size\n==================================================================
==============\nInstalling:\n telnet x86_64 1:0.17-48.el6 base 58 k\n\nTransaction Su
mmary\n================================================================================\nInstall 1 Package(s)\n\nTotal d
ownload size: 58 k\nInstalled size: 109 k\nDownloading Packages:\nRunning rpm_check_debug\nRunning Transaction Test\nTransacti
on Test Succeeded\nRunning Transaction\n\r Installing : 1:telnet-0.17-48.el6.x86_64 1/1 \n\r
Verifying : 1:telnet-0.17-48.el6.x86_64 1/1 \n\nInstalled:\n telnet.x86_64 1:0.17-48.el6
\n\nComplete!\n"
]
}
read doc
# ansible-doc yum
test playbook
make playbook
# cat <<_EOD_ > hosts > [test-servers] > 192.168.11.8 > _EOD_ # cat <<_EOD_ > simple-playbook.yml > --- > - hosts: test-servers > become: yes > tasks: > - name: be sure httpd is installed > yum: name=httpd state=installed > > - name: be sure httpd is running and enabled > service: name=httpd state=started enabled=yes > _EOD_
check syntax of playbook
# ansible-playbook -i hosts simple-playbook.yml --syntax-check playbook: simple-playbook.yml
OK dry-run
# ansible-playbook -i hosts simple-playbook.yml --check PLAY [test-servers] ************************************************************ TASK [Gathering Facts] ********************************************************* ok: [192.168.11.8] TASK [be sure httpd is installed] ********************************************** changed: [192.168.11.8] TASK [be sure httpd is running and enabled] ************************************ changed: [192.168.11.8] PLAY RECAP ********************************************************************* 192.168.11.8 : ok=3 changed=2 unreachable= 0 failed=0 #
run
# ansible-playbook -i hosts simple-playbook.yml PLAY [test-servers] ************************************************************ TASK [Gathering Facts] ********************************************************* ok: [192.168.11.8] TASK [be sure httpd is installed] ********************************************** changed: [192.168.11.8] TASK [be sure httpd is running and enabled] ************************************ changed: [192.168.11.8] PLAY RECAP ********************************************************************* 192.168.11.8 : ok=3 changed=2 unreachable=0 failed=0
