Ansible之Inventory檔案
阿新 • • 發佈:2020-12-23
一 簡介
在使用Ansible來批量管理主機的時候,通常我們需要先定義要管理哪些主機或者主機組,而這個用於管理主機與主機組的檔案就叫做Inventory,也叫主機清單。該檔案預設位於/etc/ansible/hosts。當然我們也可以通過修改ansible配置檔案的hostfile配置項來修改預設inventory的位置。
二 定義主機和組
有四個主機
192.168.1.220 master 192.168.1.221 node01 192.168.1.222 node02 192.168.1.205 node03
[root@master ~]# ssh-keygen -t rsa Generatingpublic/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprintis: SHA256:PrnxqgROP47Y0CON4i/MabOooigbCUhFO6A+0wVttmU root@master The key's randomart image is: +---[RSA 2048]----+ | ..+. | |. o o+ E | |.. oo.+ | |+ . o. | |o+ .o S | |..o* o . . | |* = = + = | |*X = = . = | |%+*.o o.o.. | +----[SHA256]-----+ [root@master~]# ssh-copy-id root@192.168.1.221 [root@master ~]# ssh-copy-id root@192.168.1.222 [root@master ~]# ssh-copy-id root@192.168.1.205
2.2 簡單實用ping模組檢測連通性
2.4 hosts檔案管理 使用主機名連線,則需要保證主機名可以被解析 [root@master ~]# vim /etc/ansible/hosts node02 ansible_ssh_host=192.168.1.221 192.168.1.220 192.168.1.221 192.168.1.222 192.168.1.205
[root@master ~]# ansible 192.168.1.221 -m ping 192.168.1.221 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" }
修改配置,可以輸入密碼
[root@master ~]# vim /etc/ansible/ansible.cfg # config file for ansible -- https://ansible.com/ # =============================================== # nearly all parameters can be overridden in ansible-playbook # or with command line flags. ansible will read ANSIBLE_CONFIG, # ansible.cfg in the current working directory, .ansible.cfg in # the home directory or /etc/ansible/ansible.cfg, whichever it # finds first [defaults] # some basic default values... #inventory = /etc/ansible/hosts #library = /usr/share/my_modules/ #module_utils = /usr/share/my_module_utils/ #remote_tmp = ~/.ansible/tmp #local_tmp = ~/.ansible/tmp #plugin_filters_cfg = /etc/ansible/plugin_filters.yml #forks = 5 #poll_interval = 15 #sudo_user = root #ask_sudo_pass = True ask_pass = True #開啟 #transport = smart #remote_port = 22 #module_lang = C #module_set_locale = False
[root@master ~]# ansible 192.168.1.221 -m ping SSH password: #需要輸入密碼 192.168.1.221 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" } [root@master ~]#
[root@master ~]# ansible node02 -m shell -a "whoami" node02 | CHANGED | rc=0 >> root
三 主機分組
配置都使用主機組
3.1 簡答配置
[root@master ~]# vi /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.1.220 master 192.168.1.221 node01 192.168.1.222 node02 192.168.1.205 node03
[root@master ~]# vim /etc/ansible/hosts
[web]
node01
node02
[mysql]
node03
執行
[root@master ~]# ansible web -m ping node02 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" } node01 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" }
[root@master ~]# ansible mysql -m ping node03 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" }
3.2 指定主機範圍
# 下面指定了從web-node01到web-node50,webservers組共計50臺主機;databases組有db-node-a到db-node-f共6臺主機 [webservers] web-node[01:50].test.com [databases] db-node[a:f].test.com
[root@master ~]# ansible all --list-hosts hosts (59): node01 node02 web-node01.test.com web-node02.test.com web-node03.test.com web-node04.test.com web-node05.test.com web-node06.test.com web-node07.test.com web-node08.test.com web-node09.test.com web-node10.test.com web-node11.test.com web-node12.test.com web-node13.test.com web-node14.test.com web-node15.test.com web-node16.test.com web-node17.test.com web-node18.test.com web-node19.test.com web-node20.test.com web-node21.test.com web-node22.test.com web-node23.test.com web-node24.test.com web-node25.test.com web-node26.test.com web-node27.test.com web-node28.test.com web-node29.test.com web-node30.test.com web-node31.test.com web-node32.test.com web-node33.test.com web-node34.test.com web-node35.test.com web-node36.test.com web-node37.test.com web-node38.test.com web-node39.test.com web-node40.test.com web-node41.test.com web-node42.test.com web-node43.test.com web-node44.test.com web-node45.test.com web-node46.test.com web-node47.test.com web-node48.test.com web-node49.test.com web-node50.test.com node03 db-nodea.test.com db-nodeb.test.com db-nodec.test.com db-noded.test.com db-nodee.test.com db-nodef.test.com
4.3 匹配指定的主機或主機組
匹配單個組
[root@master ~]# ansible prod --list-hosts hosts (3): lb2.lab.example.com db1.example.com jupiter.lab.example.com
匹配單個主機
[root@master ~]# ansible db2.example.com --list-hosts hosts (1): db2.example.com
匹配多個主機
[root@master ~]# ansible 'lb1.lab.example.com,s1.lab.example.com,db1.example.com' --list-hosts hosts (3): lb1.lab.example.com s1.lab.example.com db1.example.com
匹配多個組
[root@master ~]# ansible 'london,boston' --list-hosts hosts (7): db2.example.com db3.example.com file1.lab.example.com lb1.lab.example.com db1.example.com jupiter.lab.example.com lb2.lab.example.com
匹配不屬於任何組的主機
[root@master ~]# ansible ungrouped --list-hosts hosts (4): srv1.example.com srv2.example.com s1.lab.example.com s2.lab.example.com
4.4 萬用字元匹配
匹配'*.example.com':
[root@master ~]# ansible '*.example.com' --list-hosts hosts (14): s1.lab.example.com file1.lab.example.com lb1.lab.example.com srv2.example.com db3.example.com srv1.example.com web1.lab.example.com db2.example.com db1.example.com jupiter.lab.example.com lb2.lab.example.com file2.example.com s2.lab.example.com saturn.example.com
匹配172.25.*的主機:
[root@master ~]# ansible '172.25.*' --list-hosts hosts (2): 172.25.252.23 172.25.252.44
匹配以s開頭的主機及主機組:
[root@master ~]# ansible 's*' --list-hosts hosts (7): file2.example.com db2.example.com s1.lab.example.com srv2.example.com srv1.example.com s2.lab.example.com saturn.example.com
4.5 萬用字元組合匹配
匹配包含*.example.com但不包含*.lab.example.com的主機:
[root@master ~]# ansible '*.example.com,!*.lab.example.com' --list-hosts hosts (7): srv2.example.com db3.example.com srv1.example.com db2.example.com db1.example.com file2.example.com saturn.example.com
匹配包含prod以及172開頭、包含lab關鍵字的主機或組
[root@master ~]# ansible 'prod,172*,*lab*' --list-hosts hosts (10): lb2.lab.example.com db1.example.com jupiter.lab.example.com 172.25.252.23 172.25.252.44 s1.lab.example.com file1.lab.example.com lb1.lab.example.com web1.lab.example.com s2.lab.example.com
匹配屬於db組同時還屬於london組的主機:
[root@master ~]# ansible 'db,&london' --list-hosts hosts (2): db2.example.com db3.example.com
匹配在london組或者boston組,還必須在prod組中且必須不在lb組中的主機:
[root@master ~]# ansible 'boston,london,&prod,!lb' --list-hosts hosts (2): db1.example.com jupiter.lab.example.com
4.6 正則表示式匹配
在開頭的地方使用”~”,用來表示這是一個正則表示式:
[root@master ~]# ansible '~(s|db).*example\.com' --list-hosts hosts (8): s1.lab.example.com srv2.example.com db3.example.com srv1.example.com db2.example.com db1.example.com s2.lab.example.com saturn.example.com
4.7 通過--limit明確指定主機或組
通過--limit在選定的組中明確指定主機:
[root@master ~]# ansible ungrouped --limit srv1.example.com --list-hosts hosts (1): srv1.example.com
通過--limit引數,還可以指定一個檔案,該檔案中定義明確指定的主機的列表,定義一個retry_hosts.txt如下:
[root@master ~]# vim retry_hosts.txt srv1.example.com [root@master ~]# ansible ungrouped --limit @retry_hosts.txt --list-hosts hosts (1): srv1.example.com
4.8 萬用字元和正則表示式配合使用
[root@master ~]# ansible '~(s|db).*,prod,*.lab.example.com' --list-hosts hosts (14): db1.example.com db2.example.com db3.example.com file2.example.com s1.lab.example.com srv2.example.com srv1.example.com s2.lab.example.com saturn.example.com lb2.lab.example.com jupiter.lab.example.com file1.lab.example.com lb1.lab.example.com web1.lab.example.com