ansible是新出现的自动化运维工具,基于Python开发,集合了众多运维工具(puppet、chef、func、fabric)的优点,实现了批量系统配置、批量程序部署、批量运行命令等功能。
Ansible的安装
1、yum源安装
以centos为例,默认在源里没有ansible,不过在fedora epel源里有ansible,配置完epel 源后,可以直接通过yum 进行安装。这里以centos6.8为例:
# yum install http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm# yum install ansible2、apt-get安装
在ubuntu及其衍生版中,可以通过增加ppa源进行apt-get安装,具体如下:
$ sudo apt-get install software-properties-common
$ sudo apt-add-repository ppa:ansible/ansible
$ sudo apt-get update
$ sudo apt-get install ansible
3、源码安装 源码安装需要python2.6以上版本,其依赖模块paramiko、PyYAML、Jinja2、httplib2、simplejson、pycrypto模块,以上模块可以通过pip或easy_install 进行安装,不过本部分既然提到的是源码安装,主要针对的无法上外网的情况下,可以通过pypi 站点搜索以上包,下载后通过python setup.py install 进行安装。
最后通过github或pypi上下载ansible源码包,通过python setup.py install 安装即可。由于安装过程相对简单,这里略过,主要介绍安装后,可能遇到的问题。
a、安装PyYAML时,报错如下:
# python setup.py install
libyaml is not found or a compiler error: forcing --without-libyaml
(if libyaml is installed correctly, you may need to
specify the option --include-dirs or uncomment and
modify the parameter include_dirs in setup.cfg)
running install_lib
running install_egg_info
Removing /usr/lib64/python2.6/site-packages/PyYAML-3.11-py2.6.egg-info
Writing /usr/lib64/python2.6/site-packages/PyYAML-3.11-py2.6.egg-info
在centos6.8系统中,可以通过yum -y install libyaml 包解决,或者从ISO文件中提供该包,通过rpm -ivh进行安装。
b、安装完ansible是,报错如下:
[[email protected] ansible-1.9.1]# ansible -h
Traceback (most recent call last):
File "/usr/local/src/ansible-devel/bin/ansible", line 36, in
from ansible.runner import Runner
File "/usr/local/src/ansible-devel/lib/ansible/runner/__init__.py", line 62, in
from Crypto.Random import atfork
File "/usr/lib64/python2.6/site-packages/Crypto/Random/__init__.py", line 29, in
from Crypto.Random import _UserFriendlyRNG
File "/usr/lib64/python2.6/site-packages/Crypto/Random/_UserFriendlyRNG.py", line 38, in
from Crypto.Random.Fortuna import FortunaAccumulator
File "/usr/lib64/python2.6/site-packages/Crypto/Random/Fortuna/FortunaAccumulator.py", line 39, in
import FortunaGenerator
File "/usr/lib64/python2.6/site-packages/Crypto/Random/Fortuna/FortunaGenerator.py", line 34, in
from Crypto.Util.number import ceil_shift, exact_log2, exact_div
File "/usr/lib64/python2.6/site-packages/Crypto/Util/number.py", line 56, inif _fastmath is not None and not _fastmath.HAVE_DECL_MPZ_POWM_SEC:
AttributeError: 'module' object has no attribute 'HAVE_DECL_MPZ_POWM_SEC'import paramiko包时,报错如下:
>>> import paramiko
Traceback (most recent call last):
File "", line 1, in
File "/usr/lib/python2.6/site-packages/paramiko/__init__.py", line 69, in
from transport import randpool, SecurityOptions, Transport
File "/usr/lib/python2.6/site-packages/paramiko/transport.py", line 32, in
from paramiko import util
File "/usr/lib/python2.6/site-packages/paramiko/util.py", line 32, in
from paramiko.common import *
File "/usr/lib/python2.6/site-packages/paramiko/common.py", line 98, in
from rng import StrongLockingRandomPool
File "/usr/lib/python2.6/site-packages/paramiko/rng.py", line 22, in
from Crypto.Util.randpool import RandomPool as _RandomPool
File "/usr/lib64/python2.6/site-packages/Crypto/Util/randpool.py", line 30, in
import Crypto.Random
File "/usr/lib64/python2.6/site-packages/Crypto/Random/__init__.py", line 29, in
from Crypto.Random import _UserFriendlyRNG
File "/usr/lib64/python2.6/site-packages/Crypto/Random/_UserFriendlyRNG.py", line 38, in
from Crypto.Random.Fortuna import FortunaAccumulator
File "/usr/lib64/python2.6/site-packages/Crypto/Random/Fortuna/FortunaAccumulator.py", line 39, in
import FortunaGenerator
File "/usr/lib64/python2.6/site-packages/Crypto/Random/Fortuna/FortunaGenerator.py", line 34, in
from Crypto.Util.number import ceil_shift, exact_log2, exact_div
File "/usr/lib64/python2.6/site-packages/Crypto/Util/number.py", line 56, inif _fastmath is not None and not _fastmath.HAVE_DECL_MPZ_POWM_SEC:
AttributeError: 'module' object has no attribute 'HAVE_DECL_MPZ_POWM_SEC'经网上查找,确认为pycrypto包安装时依赖的GMP版本不对的问题,具体可以通过以下步骤验证:
[[email protected] pycrypto-2.6.1]# python setup.py build
running build
running build_py
running build_ext
running build_configure
warning: GMP or MPIR library not found; Not building Crypto.PublicKey._fastmath.
解决方法:
打开 /usr/lib64/python2.6/site-packages/Crypto/Util/number.py 文件,可以 看到 56 行上的注释说明,要求 libgmp 为 v5 以上版本。而系统现有版本为 4.1.4,把以下两行暂时注释掉,Ansible 执行正常。
if _fastmath is not None and not _fastmath.HAVE_DECL_MPZ_POWM_SEC:
_warn("Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.", PowmInsecureWarning)
不过,此方法只是临时加以解决,更好的方式是去将 libgmp 升级到符合要求的版本。
c、执行时报错
[[email protected] src]# ansible test -m raw -a 'uptime'
10.212.52.14 | FAILED => to use the 'ssh' connection type with passwords, you must install the sshpass program
10.212.52.16 | FAILED => to use the 'ssh' connection type with passwords, you must install the sshpass program
安装sshpass程序。默认源里没有,我这里选择直接从sohu源里下载安装。
Ansible的配置与验证
这里以pypi上下载的源码内有一个examles包,可以将使用该示例文件做为默认配置,具体如下:
[[email protected] ansible-1.9.1]# mkdir -p /etc/ansible
[[email protected] ansible-1.9.1]# cp -rp examples/* /etc/ansible/
[[email protected] ansible-1.9.1]# cd /etc/ansible/使用默认示例配置文件后,编辑/etc/ansible/hosts文件,通过以下方式验证ansible是否可用:
[[email protected] ~]# cat /etc/ansible/hosts
[test]
10.212.52.252 ansible_ssh_user=root ansible_ssh_pass=361way.com
10.212.52.14 ansible_ssh_user=root ansible_ssh_pass=abc123
10.212.52.16 ansible_ssh_user=root ansible_ssh_pass=91it.org
以上的配置中,我配置了一个test组,该组下有三台主机,三台都使用root验证,三台的密码分别是361way.com、abc123、91it.org 。
注:后面的用户和密码项是非必须的,在配置key认证的情况下,不使用密码也可以直接操作 。未使用key的,也可以在ansible通过 -k参数在操作前询问手动输入密码。
[[email protected] ~]# ansible test -a 'uptime'
10.212.52.252 | success | rc=0 >>
18:01pm up 21 days 3:24, 3 users, load average: 0.39, 0.38, 0.35
10.212.52.16 | success | rc=0 >>
18:09pm up 329 days 1:01, 2 users, load average: 0.08, 0.03, 0.05
10.212.52.14 | success | rc=0 >>
18:08pm up 329 days 0:23, 2 users, load average: 0.06, 0.06, 0.05
执行以上指令后,有结果输出,证明安装成功。
文章来源网络,作者:运维,如若转载,请注明出处:https://shuyeidc.com/wp/199562.html<
