本文实例讲述了python自动化之ansible的安装。分享给大家供大家参考,具体如下:
一 点睛
ansible只需在管理端部署环境即可,建议采用yum源方式来实现部署。
二 安装ansible
只需要在主服务器安装(主控端)
|
1
|
[root@localhost dev]# yum install ansible -y |
三 测试
1 修改在主控机配置文件/etc/ansible/hosts
|
1
2
3
4
5
6
7
8
9
|
## green.example.com## blue.example.com192.168.0.101192.168.0.102[webservers]## alpha.example.org## beta.example.org192.168.0.101192.168.0.102 |
2 执行下面操作
通过ping模块测试主机的连通性,分别对单主机及组进行ping操 作,结果如下,说明安装、测试成功。
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
[root@localhost ansible]# ansible 192.168.0.101 -m ping -kssh password:192.168.0.101 | success => { "changed": false, "ping": "pong"}[root@localhost ansible]# ansible webservers -m ping -kssh password:192.168.0.102 | failed! => { "msg": "using a ssh password instead of a key is not possible because host key checking is enabled and sshpass does not support this. please add this host's fingerprint to your known_hosts file to manage this host."}192.168.0.101 | success => { "changed": false, "ping": "pong"} |
3 说明
由于主控端与被控主机未配置ssh证书信任,需要在执行ansible命令时添加-k参数,要求提供root(默认)账号密码,即在提示“ssh password:”时输入。
四 配置linux主机ssh无密码访问
1 点睛
为了避免ansible下发指令时输入目标主机密码,通过证书签名达到ssh无密码是一个好的方案,推荐使用ssh-keygen与ssh-copy-id来实现快速证书的生成及公钥下发,其中ssh-keygen生成一对密钥,使用sshcopy-id来下发生成的公钥。
第一步:需要配置与目标设备的密钥认证支持。
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
[root@localhost home]# ssh-keygen -t rsagenerating public/private rsa key pair.enter file in which to save the key (/root/.ssh/id_rsa):/root/.ssh/id_rsa already exists.overwrite (y/n)? yenter passphrase (empty for no passphrase):enter same passphrase again:your identification has been saved in /root/.ssh/id_rsa.your public key has been saved in /root/.ssh/id_rsa.pub.the key fingerprint is:sha256:9/pgnxnqvwawpss7pytjcudyhscexgyy6ngwy/oohtg root@localhost.localdomainthe key's randomart image is:+---[rsa 2048]----+| o.+ .o ..*++|| o = . .=.=. || . + . + .=. || ...o *o +. || e ... so. = .o || ... . ..=+ || .. .=.o. || .. o.+ o || .. .o+ . |+----[sha256]-----+ |
私钥文件可以存放在默认路径“~/.ssh/id_rsa”。
第二步:接下来同步公钥文件id_rsa.pub到目标主机,推荐使用ssh-copy-id公钥拷贝工具
|
1
2
3
4
5
6
7
8
9
|
[root@localhost ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.0.102/usr/bin/ssh-copy-id: info: source of key(s) to be installed: "/root/.ssh/id_rsa.pub"/usr/bin/ssh-copy-id: info: attempting to log in with the new key(s), to filter out any that are already installed/usr/bin/ssh-copy-id: info: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keyskernel \r on an \mroot@192.168.0.102's password:number of key(s) added: 1now try logging into the machine, with: "ssh 'root@192.168.0.102'"and check to make sure that only the key(s) you wanted were added. |
希望本文所述对大家python程序设计有所帮助。
原文链接:https://blog.csdn.net/chengqiuming/article/details/88084674
