Ansible 运维工具

时间:2024-12-08 07:44:11

安装

apt install ansible

/etc/ansible/hosts , 指定密码或密钥访问分组机器

[k8s_masters]
master0.c0.k8s.sb
  
[k8s_nodes]
node0.c0.k8s.sb
node1.c0.k8s.sb

[k8s:children]
k8s_masters
k8s_nodes

[k8s_masters:vars]
ansible_ssh_user=sbadmin
ansible_ssh_pass="***"
#ansible_ssh_private_key_file=/home/sbadmin/.ssh/id_rsa

[k8s_nodes:vars]
ansible_ssh_user=sbadmin
ansible_ssh_pass="***"
#ansible_ssh_private_key_file=/home/sbadmin/.ssh/id_rsa

/etc/ansible/ansible.cfg

[defaults]
host_key_checking = False

命令

# 运行时指定私钥
ansible all -m ping --key-file /home/user/.ssh/id_rsa

# 某一组机器执行ping
ansible k8s_nodes -m ping

# 不带参数默认走shell命令
ansible k8s -a "df -h" 
= 
ansible k8s -m shell -a "df -h"

 

剧本

公钥分发
- hosts: k8s

  tasks:
  - name: Set authorized key took from file
    authorized_key:
      exclusive: True                                                 #清除远程主机之前所有的其他公钥
      key: "{{ lookup('file', '/home/sbadmin/.ssh/id_rsa.pub') }}"    #本机的公钥地址
      user: sbadmin                                                   #被控制的远程服务上的用户名
      state: present                                                  #模式为添加公钥

执行  

ansible-playbook distribute_pub_keys.yaml

相关文章