本文实例讲述了python自动化之Ansible的安装。分享给大家供大家参考,具体如下:
一 点睛
Ansible只需在管理端部署环境即可,建议采用yum源方式来实现部署。
二 安装Ansible
只需要在主服务器安装(主控端)
[root@localhost dev]# yum install ansible -y
三 测试
1 修改在主控机配置文件/etc/ansible/hosts
## green.example.com ## blue.example.com 192.168.0.101 192.168.0.102 [webservers] ## alpha.example.org ## beta.example.org 192.168.0.101 192.168.0.102
2 执行下面 *** 作
通过ping模块测试主机的连通性,分别对单主机及组进行ping *** 作,结果如下,说明安装、测试成功。
[root@localhost ansible]# ansible 192.168.0.101 -m ping -k SSH password: 192.168.0.101 | SUCCESS => { "changed": false, "ping": "pong" } [root@localhost ansible]# ansible webservers -m ping -k SSH password: 192.168.0.102 | FAILED! => { "msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this host's fingerprint to your known_hosts file to manage this host." } 192.168.0.101 | SUCCESS => { "changed": false, "ping": "pong" }
3 说明
由于主控端与被控主机未配置SSH证书信任,需要在执行ansible命令时添加-k参数,要求提供root(默认)账号密码,即在提示“SSH password:”时输入。
四 配置Linux主机SSH无密码访问
1 点睛
为了避免Ansible下发指令时输入目标主机密码,通过证书签名达到SSH无密码是一个好的方案,推荐使用ssh-keygen与ssh-copy-id来实现快速证书的生成及公钥下发,其中ssh-keygen生成一对密钥,使用sshcopy-id来下发生成的公钥。
第一步:需要配置与目标设备的密钥认证支持。
[root@localhost home]# ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): /root/.ssh/id_rsa already exists. Overwrite (y/n)? y Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:9/pGNxnQVWAWpss7PYtJcUDyHsCexgYY6NGWy/oOhTg root@localhost.localdomain The key's randomart image is: +---[RSA 2048]----+ | o.+ .o ..*++| | o = . .=.=. | | . + . + .=. | | ...o *o +. | | E ... So. = .o | | ... . ..=+ | | .. .=.o. | | .. o.+ o | | .. .o+ . | +----[SHA256]-----+
私钥文件可以存放在默认路径“~/.ssh/id_rsa”。
第二步:接下来同步公钥文件id_rsa.pub到目标主机,推荐使用ssh-copy-id公钥拷贝工具
[root@localhost ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.0.102 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Kernel r on an m root@192.168.0.102's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.0.102'" and check to make sure that only the key(s) you wanted were added.
更多关于Python相关内容可查看本站专题:《Python Socket编程技巧总结》、《Python数据结构与算法教程》、《Python函数使用技巧总结》、《Python字符串 *** 作技巧汇总》、《Python入门与进阶经典教程》及《Python文件与目录 *** 作技巧汇总》
希望本文所述对大家Python程序设计有所帮助。
欢迎分享,转载请注明来源:内存溢出
评论列表(0条)