openeuler自动化运维

发表于 分类于
openEuler HCIP实验手册自动化运维部分

openeuler自动化运维

软件版本
ansible2.5.5
节点IP1系统功能CPU内存硬盘
node110.80.20.1openeuler20.03ansible2核心4GB20GB
node210.80.20.2openeuler20.03zabbix2核心4GB20GB
node310.80.20.3openeuler20.03nginx2核心4GB20GB
node410.80.20.4openeuler20.03nginx2核心4GB20GB

ansible基本操作

安装和配置ansible控制器

node1

下载安装ansible:

1
2
3
4
5
6
7
8
# dnf install -y ansible
# ansible --version
ansible 2.5.5
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.7.9 (default, Dec 31 2021, 20:47:14) [GCC 7.3.0]

修改配置文件:

1
2
3
# vim /etc/ansible/ansible.cfg
# 62行,取消注释
host_key_checking = False

修改主机清单:

1
2
3
4
5
6
# vim /etc/ansible/hosts
[Nginx]
10.80.20.3
10.80.20.4
[Zabbix]
10.80.20.2

配置免密:

1
2
3
4
5
6
7
# ssh-keygen
回车
回车
回车
# ssh-copy-id 10.80.20.2
# ssh-copy-id 10.80.20.3
# ssh-copy-id 10.80.20.4

ansible命令基本操作

ping模块检测主机能否正常通信:

1
# ansible all -m ping

填写本机密码:

1
# ansible all -k -m ping

使用主机标签:

1
2
# ansible Nginx -m ping
# ansible Zabbix -m ping

列出对应主机:

1
2
3
4
5
6
7
# ansible Nginx --list
  hosts (2):
    10.80.20.3
    10.80.20.4
# ansible Zabbix --list-host
  hosts (1):
    10.80.20.2

查看主机组Zabbix或Nginx得到主机与控制器之间的通信状况:

1
# ansible "Zabbix:Nginx" -m ping

查看主机组Zabbix和Nginx共同的主机与控制器之间的通信状况:

1
# ansible "Zabbix:&Nginx" -m ping

查看不属于主机组Nginx的主机与控制器之间的通信状况:

1
# ansible ':!Nginx' -m ping

查看ansible的执行过程:

1
2
3
# ansible ':!Nginx' -v -m ping
# ansible ':!Nginx' -vv -m ping
# ansible ':!Nginx' -vvv -m ping

ansible常用模块实践

command模块实践

将Nginx主机组的/etc/passwd复制到/data中,查看文件内容:

1
2
3
# ansible Nginx -m command -a "mkdir /data"
# ansible Nginx -m command -a "cp /etc/passwd /data"
# ansible Nginx -m command -a "removes=/data/passwd cat /data/passwd"

shell模块实践

检查Nginx主机组的“/”目录是否存在data相关目录,将/data中的文件内容使用“this is a test”覆盖:

1
2
3
# ansible Nginx -m shell -a "ls / | grep data"
# ansible Nginx -m shell -a "ls /data"
# ansible Nginx -m shell -a "echo 'this is a test' > /data/passwd"

script模块实践

打印所有主机的mac地址:

1
2
3
# vim /root/mac.sh
#!/bin/bash
ip addr | grep link/ether | awk '{print $2}'
1
2
3
4
# ansible all -m script -a "/root/mac.sh" | grep stdout | awk '{print $2}' | grep \n
"00:0c:29:40:c1:92\r\n",
"00:0c:29:40:21:e5\r\n",
"00:0c:29:f5:04:b0\r\n",

copy模块实践

控制器创建/root/data/copy文件,拷贝到Nginx主机组中/tmp目录下,输出“hello openeuler”到/tmp/copy文件中。在/root/data/copy中输出”hello world“,将文件拷贝到Nginx主机组中,文件内容不同时保持文件不变:

1
2
3
4
5
6
# mkdir /root/data
# touch /root/data/copy
# ansible Nginx -m copy -a "src=/root/data/copy dest=/tmp"
# ansible Nginx -m copy -a "content='hello openeuler' dest=/tmp/copy"
# echo "hello world" > /root/data/copy
# ansible Nginx -m copy -a "force=no src=/root/data/copy dest=/tmp"

fetch模块实践

将Nginx主机组中的/tmp/copy文件保存到控制器的/tmp目录下:

1
# ansible Nginx -m fetch -a "src=/tmp/copy dest=/tmp"

file模块实践

在Nginx主机组创建目录/tmp/file/data,指定用户用户组为test:test,权限为755,在该目录下创建test文件,并创建软连接指向/tmp/link,最后删除目录/tmp/file:

1
2
3
4
5
# ansible Nginx -a "useradd test"
# ansible Nginx -m file -a "path=/tmp/file/data owner=test group=test mode=755 state=directory"
# ansible Nginx -m file -a "path=/tmp/file/data/test state=touch"
# ansible Nginx -m file -a "src=/tmp/file/data/test dest=/tmp/link state=link"# ansible Nginx -m file -a "path=/tmp/file state=absent"
# ansible Nginx -m file -a "path=/tmp/file state=absent"

archive和unchive模块实践

在Nginx主机组的/tmp目录下创建文件test1和test2,并打包为test.bz2,将test1和test2删除,将test.bz2拷贝到控制节点的/tmp目录下,将10.80.20.3的压缩包解压到10.80.20.4的/tmp目录下:

1
2
3
4
5
6
7
8
9
# ansible Nginx -m file -a "path=/tmp/test1 state=touch"
# ansible Nginx -m file -a "path=/tmp/test2 state=touch"
# ansible Nginx -m archive -a "path=/tmp/test1,/tmp/test2 format=bz2 remove=yes dest=/tmp/test.bz2"
# ansible Nginx -m fetch -a "src=/tmp/test.bz2 dest=/tmp"
# ansible 10.80.20.4 -m unarchive -a "src=/tmp/10.80.20.3/tmp/test.bz2 dest=/tmp"
# ansible 10.80.20.4 -a "ls /tmp" | grep test
test1
test2
test.bz2

playbook综合实践

node2、node3、node4

修改主机名:

1
2
3
4
5
6
# node2
# hostnamectl set-hostname Zabbix-server && bash
# node3
# hostnamectl set-hostname Nginx-01 && bash
# node4
# hostnamectl set-hostname Nginx-02 && bash

修改配置:

1
2
3
4
5
6
7
8
# vim /etc/ansible/hosts
[Nginx]
10.80.20.3 host=01
10.80.20.4 host=02
[Nginx:vars]
group=Nginx
[Zabbix]
10.80.20.2 host=server

创建yml:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# vim zabbix.yml
---
- hosts: Zabbix
  remote_user: root
  gather_facts: no

  tasks:
    - name: set hostname for 10.80.20.2
      hostname:
        name={{ host }}

- hosts: Nginx
  remote_user: root
  gather_facts: no

  tasks:
    - name: set hostname for 10.80.20.3 and 10.80.20.4
      hostname:
        name={{ group }}-{{ host }}
    - name: download Zabbix yum repolist
      tags: agent1
      shell: dnf install -y https://mirrors.aliyun.com/zabbix/zabbix/6.2/rhel/8/x86_64/zabbix-release-6.2-3.el8.noarch.rpm
    - name: install zabbix-agent
      tags: agent2
      shell: dnf install -y zabbix-agent2
    - name: config zabbix-agent
      tags: agent3
      replace:
        path: /etc/zabbix/zabbix_agent2.conf
        regexp: '^Server=127.0.0.1$'
        replace: 'Server=10.80.20.2'
      notify: restart zabbix-agent2
    - name: config zabbix-agent service
      tags: agent4
      service:
        name: zabbix-agent2
        state: started
        enabled: yes

  handlers:
    - name: restart zabbix-agent2
      service:
        name: zabbix-agent2
        state: restarted