王老师说运维-centos7安装Ansible并测试

701 05-12

安装ansible需要linux基本功，可以先做下题，验证下你到底掌握多少了

【王老师说运维】推荐智一面初中级Linux运维工程师在线评测：http://www.gtalent.cn/exam/interview/eUrdXoILlsGnh6At

准备3台主机（Redhat7.6）
2.修改三台的主机名
ansible:

[root@localhost ~]# hostnamectl set-hostname ansible
[root@localhost ~]# su - 
[root@ansible ~]

node1:

[root@localhost ~]# hostnamectl set-hostname node1
[root@localhost ~]# su - 
[root@node2 ~]

node2:

[root@localhost ~]# hostnamectl set-hostname node2
[root@localhost ~]#su -  
[root@node1 ~]

2.修改三台的主机名
ansible:

```powershell
[root@localhost ~]# hostnamectl set-hostname ansible
[root@localhost ~]# su - 
[root@ansible ~]

3.配置网络
三台主机能相互ping通，且都能ping通百度
ansible 192.168.40.140
node1 192.168.40.141
node2 192.168.40.142

在主控端：

[root@ansible ~]# nmcli con add ifname ens33 type  ethernet con-name ens33
[root@localhost ~]# nmcli con modify  ens33  ipv4.addresses  192.168.40.140/24 ipv4.gateway  192.168.40.2 ipv4.dns 192.168.40.2 ipv4.method manual
nmcli con up ens33

在被控端：

[root@node1 ~]# nmcli con add ifname ens33 type  ethernet con-name ens33
[root@node1 ~]# nmcli con modify  ens33  ipv4.addresses  192.168.40.141/24 ipv4.gateway  192.168.40.2 ipv4.dns 192.168.40.2 ipv4.method manual
nmcli con up ens33

[root@node2 ~]nmcli con add ifname ens33 type  ethernet con-name ens33
[root@node2 ~]nmcli con modify  ens33  ipv4.addresses  192.168.40.142/24 ipv4.gateway  192.168.40.2 ipv4.dns 192.168.40.2 ipv4.method manual
nmcli con up ens33

4.域名解析

vim /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.40.140 ansible
192.168.40.141 node1
192.168.40.142 node2

注：三台主机配置一样
5.配置yum仓库

[root@ansible ~]mkdir /mnt/iso
[root@ansible ~]vim /etc/fstab 中加入
/dev/cdrom  /mnt/iso  iso9660 defaults 0 0
[root@ansible ~]mount -a

在三台主机上配置

[root@ansible ~]# cd /etc/yum.repos.d/
[root@ansible yum.repos.d]# vim dvd.repo 
[dvd]
name=rhel7.6
baseurl=file:///mnt/iso
enabled=1
gpgcheck=0

在主控端配置

[root@ansible yum.repos.d]# vim epel.repo 
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
baseurl=http://mirrors.aliyun.com/epel/7/$basearch
failovermethod=priority
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
 
[epel-debuginfo]
name=Extra Packages for Enterprise Linux 7 - $basearch - Debug
baseurl=http://mirrors.aliyun.com/epel/7/$basearch/debug
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=0
 
[epel-source]
name=Extra Packages for Enterprise Linux 7 - $basearch - Source
baseurl=http://mirrors.aliyun.com/epel/7/SRPMS
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=0

重载配置文件，清理yum源

[root@ansible yum.repos.d]#nmcli con reload
[root@ansible yum.repos.d]#yum clean all
[root@ansible yum.repos.d]#yum list all

6.在主控端安装ansible

yum -y install  ansible
ansible --version

7.查看ansible的配置文件并配置主机清单文件

[root@ansible ~]rpm -qc ansible
[root@ansible ~]vim /etc/ansible/hosts
node1
node2

8.创建ansible用户

[root@ansible ansible]ansible all -m shell -a ‘useradd ansible’ -k 
[root@ansible ansible]ansible all -m shell -a ‘echo redhat | passwd --stdin ansible’ -k

9.设置sudo提权

[root@ansible ansible]ansible all -m shell -a 'echo "ansible ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/ansible'  -k

10.修改配置文件

[root@ansible ansible]vim /etc/ansible/ansible.cfg
remote_user=ansible
[privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=False

11.设置ssh免密


```powershell
[root@ansible ansible]ssh-copy-id ansible@node1
[root@ansible ansible]ssh-copy-id ansible@node2

12.验证

[root@ansible ansible]ansible all -m shell -a 'ls /root'

【王老师说运维】：运维之linux基础入门实战(http://www.codeforest.cn/course/443)

标签：运维