preface

Recently, I was fortunate to have access to an automated operation and maintenance project, and the technology stack I need to master includes Ansible, an open source operation and maintenance automation tool that has become increasingly popular in recent years. With Ansible, I can realize operation and maintenance automation, improve the work efficiency of operation and maintenance engineers, and reduce human error. Since small bacteria is not in the field of operation and maintenance, I knew almost nothing about Ansible before (mainly because of my own cooking), but this does not affect the next, I will bring you a beginner’s perspective on Ansible.

After reading this article, you will learn:

  • Differences between traditional operation and automatic operation and maintenance
  • Common o&M configuration automation tools
  • Ansible features, architecture, task execution process
  • Ansible environment preparation and installation configuration
  • The grammar of the Ansible
  • Ansible common modules and use

IT o&M management

Before formally introducing Ansible, let’s take a look at the differences between traditional and automated operations.

Traditional operations

The pit brought by traditional operations

The operation and maintenance work is quite tedious, especially when the new system is online, everything is from scratch. Including the creation of virtual machines, host name modification, system initialization, etc., in the case of a small number of machines can still cope with the manual, if there are hundreds of machines? It was also done in the original way of stacking people. But this method has a high error rate, and sometimes there are omissions. This can only be verified by checking each other, but this will take more time and increase the time/labor cost.

Manual approaches vary widely due to individual deployment habits, making some projects difficult to maintain.

Automatic operations

Evolution of operation and maintenance automation

  • There is no special tool to do this for us, we can use the scripting language (Python).
  • Gradually there are tools for operation automation such as Fabric, Puppet, Chef, SaltStack, Ansible, etc
  • Gradually form an automated operation and maintenance platform

The goal of operation and maintenance automation is also clear, in order to achieve these things:

  • If the so-and-so component is broken, it can continue to sleep
  • When an exception occurs, one click can restore it immediately
  • With monitoring, the system can be recovered automatically

Configuration automation can help enterprises quickly realize application deployment, software configuration and other powerful tools when a large number of servers exist. Configuration automation provides excellent performance in the following areas:

  1. Improve allocative efficiency
  2. Improve configuration accuracy
  3. Reduce human engagement

Common configuration automation products are as follows:

  • ansible

Based on Python. Simple and quick, the managed end does not need to start the service. Directly using SSH requires authentication, so the speed is slow if there are many machines.

  • saltstack

Based on Python. It is relatively simple, has better concurrency than Ansible, and needs to maintain managed services. If the service is disconnected, the connection will fail. It uses the protocol Zeromq.

  • puppet

Ruby based, mature and stable. Suitable for large architectures, more complex than Ansible and SaltStack.

With that in mind, Ansible is on its way

Ansible

The initial Ansible

Ansible is an automated operation and maintenance tool developed by Python, which integrates the advantages of many operation and maintenance tools (Puppet, CFEngine, Chef, func, Fabric)Batch System Configuration,Batch program deployment,Batch run commandsAnd other functions, is aLightweight configuration automation tool.

Ansible works on a modular basis and does not have bulk deployment capabilities of its own. The real bulk deployment is the module that Ansible runs on, ansible just provides a framework. Mainly include:

(1) Connection plugins: responsible for communication with the controlled end;

(2) Host inventory: Specifies the host to be operated on, that is, the host to be controlled as defined in the configuration file.

(3) Various modules core module, command module, custom module;

(4) Complete log mail and other functions with the help of plug-ins;

(5) Playbook: When the script performs multiple tasks, the controlled terminal can run multiple tasks at a time;

Ansible features

(1) No agents: no need to install any client on the managed host;

(2) No server: no server, run the command directly when using;

(3) Modules in any languages: Based on modules, you can use any language to develop modules;

(4) YamL, Not Code: Use yamL language to customize playbook;

(5) SSH by default: works based on SSH.

(6) Strong multi-tier solution: multi-level command can be realized;

Ansible advantages

(1) Lightweight, no need to install agent on the client, update, only need to update on the operator;

(2) Batch task execution can be written into scripts, and can be executed without distribution to remote;

(3) Written in Python, easier to maintain, Ruby syntax is too complex;

(4) Support sudo;

Ansible architecture

Ansible’s architecture is divided into the following parts:

  • Ansible: Core, provides a framework
  • Connection Plugins are Plugins that communicate with the operated end and can be connected to the operated end in various ways, such as local, SSH, and Zeromq. SSH is used by default.
  • Host Inventory: Host Inventory, specifying the Host to be operated on.
  • Core Modules: Various Core Modules that come with Ansible
  • Custom Modules: Custom Modules that can be developed in various programming languages (Shell, Python, GoLang, etc.) if the core Modules do not meet your requirements.
  • Plugins: use Plugins to log, mail and other functions;
  • Playbook: Playbook, choreographed server roles and application deployments when performing multiple tasks.

Implementation principle: Ansible is converted into Python by a single module or Playbook and pushed to each host using SSH

Ansible task execution process

With the introduction of Ansible, let’s learn how to install Ansible.

Environment to prepare

  • Set the host IP address and host name
hostnamectl set-hostname node01
hostnamectl set-hostname node02
hostnamectl set-hostname node03
Copy the code
  • Host name resolution
192.168.100.100      node01
192.168.100.110      node02
192.168.100.120      node03
Copy the code
  • Host security Settings

firewalld

systemctl disable firewalld
systemctl stop firewalld
Copy the code

selinux

sed -ri 's/SELINUX=enforcing/SELINUX=disabled/'
/etc/selinux/config
Copy the code
  • Host time Synchronization
# crontab -e install ntpdate
0 */1 * * * ntpdate time1.aliyun.com
Copy the code
  • The host YUM source

In addition to your own YUM source, you need to prepare an EPEL source for the management machine (operator)

yum -y install epel-release
Copy the code
  • prompt

SSH must be enabled on both the management machine (operator) and the operated machine

systemctl status sshd
Copy the code

The encrypted login certificate is available

Generate a key pair
ssh-keygen
Copy the public key from the key pair to the host
ssh-copy-id node02
ssh-copy-id node03
Copy the code

Ansible installation configuration

You only need to install Ansible on the Ansible Controller node (operating machine). You can connect other nodes using SSH.

There are two ways to install:

  • Install using Yum (recommended) – slightly older version

        yum install ansible

  • Install using PIP (depending on PIPI, GCC, etc.) – version is newer

pip install ansible

Once installed, we can check our Ansible version using ansible –version

[root@node01 ansible]# ansible --versionAnsible 2.6.20 config file = /etc/ansible/ansible. CFG configured module search path = [u] ansible 2.6.20 config file = /etc/ansible/ansible. CFG configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.6/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.6.6 (r266:84292, Jun 20 2019, 14:14:55) [GCC 4.4.7 20120313 (Red Hat 4.4.7-23)]
Copy the code

Here we have ansible installed successfully

Configuring the Host List

The Ansible Controller can be configured only when the host list defined in the host list is read from the host list.

So next, we will configure the host list on the admin machine

  • Ansible implements server grouping through a host list feature
  • The default host manifest configuration file for Ansible is/etc/ansible/hosts

Configuration of the form you can refer to the following example:

[nginx1] group name apache[1:10]. Aaa.com indicates apache1.aaa.com to apache10.aaa.com these 10 machines nginx[a:z] [11:15] indicates that there are 26 machines 10.1.1 from nginxa.aaa.com to nginxz.aaa.com.[11:15] indicates that there are 5 machines 10.1.1.11 to 10.1.1.15 [nginx2] group name 10.1.1.13:2222 Indicates the server 10.1.1.13 but the SSH port is 2222Copy the code

Note that the purpose of configuring the group name in the Ansible host list is to use the group name to operate multiple servers simultaneously when executing Ansible commands.

The grammar of the Ansible

Ansible <host-pattern> [-f forks] [-module_name] [-a args] Host-pattern: a group name of the host inventory file, which can be all-f forks: number of parallel processing, default 5. -m module_name: module name, defaultcommand- a args: parametersCopy the code

/export/ Servers to display files or directories on node02: /export/ Servers

[root@node01 ansible]-m command -a 'ls /export/ Servers /'192.168.100.110 | SUCCESS | rc = 0 > > apache - the flume - 1.8.0 comes with - bin flink - 1.7.2 hadoop - server hadoop - server - cdh5.14.0 Hbase-1.2.0 - CDH5.14.0 hive-1.1.0- CDH5.14.0 jdk1.8.0_144 kafka_2.11-1.0.0 redis-3.2.8 Spark zookeeper-3.4.5- CDH5.14.0 zookeeper.outCopy the code

More interestingly, we know that Ansible uses a host list to group servers, but can we use regular expressions to match IP addresses instead of grouping multiple servers?

There is no doubt that it can.

Suppose we have the following configuration in our current host file:

  1. This parameter is used by all hostsall*

2. Wildcard * and logic or:

  1. Logic non and logic and

Ansible module

  • Ansible works on a modular basis.
  • Ansible itself does not have batch management capability, the real batch management is the module that Ansible runs.
  • Ansible supports a large number of modules, currently more than 3000 versions.

Don’t panic. Before we start, let’s talk about our experience in using learning modules:

It is also very simple, is the first to master the common module use, other modules when the query can be used, mainly master the Ansible module application ideas can!

With that said, let’s look at the use of the Ansible module:

Viewing the Support module

ansible-doc -l
Copy the code

Obtaining Module Help

ansible-doc ping
Copy the code

Commonly used modules

  • Ping Tests network connectivity

        ansible all -m ping

  • Command execute commands ($HOME cannot be enforced, >, < |)

        ansible all -m command a "uptime"

  • Shell executes commands (cannot execute vim, LL aliases, etc.)

        ansible all -m shell -a "cat /dev/null > /var/log/nginx/access.log"

  • Yum Package Management

        ansible all -m yum -a "name=telnet state=present"

  • Service Service management

        ansible all -m service -a "name=nginx state=restarted"

  • The copy module copies local files to remote hosts

        echo master > /tmp/222         ansible group1 -m copy -a 'src=/tmp/222 dest=/tmp/333

  • File Operation on a file or directory

Ansible Java -m file “SRC =/usr/java/jdk1.7 dest=/usr/java/jdk state=link owner=root group=root”

.

There are many similar modules, here is not a list for you, bacteria brother hands for you to present the official documents, interested friends can know more about it.

The official documentation address: docs.ansible.com/ansible/lat…

The tone-one

Ping module

Test the network connectivity

ansible group1 -m ping
# or
ansible -m ping all
Copy the code

The hostname module

Changing the host Name

Ansible 192.168.100.120 -m hostname -a'name=agent1.alice.cn'
Copy the code

The file module

Operations on files or directories

Create a directory

ansible group1 -m file -a 'path=/test state=directory'
Copy the code

Create a file

ansible group1 -m file -a 'path=/test/111 state=touch'
Copy the code

Copy the module

Remote file copy: copies local files to a remote host.

echo master > /tmp/222
ansible group1 -m copy -a 'src=/tmp/222 dest=/tmp/333'
Copy the code

The command module

Execution command module

ansible group1 -m command -a "ls /tmp"
Copy the code

        

Shoulders of giants

2, 1, docs.ansible.com/ansible/ Ansible official website www.ansible.com.cn/docs/ Ansible authoritative guide (Chinese official website) 3, max.book118.com/html/2019/0… Ansible automated operations practice 4, yun.itheima.com/open/526.ht… 2 hours to play the Ansible automated operations enterprise 5, www.cnblogs.com/guxiong/p/7… Ansible installation configuration

eggs

I believe that the friends who see here are all fungus brother’s true love powder, that do not send little partners point welfare how to line! Follow “simian bacteria” and reply to “Mind Map” in the background to get the beautiful mind map drawn by The bacteria brother. It is genuine, first come, first served

summary

This article ends here, to tell the truth, in order to prepare such an article, the author fully prepared several. We hope you can support it for three times in a row. In our next article, we will introduce more in-depth content of Ansible. The more you know, the more you don’t know, I’m Alice, and I’ll see you next time!

The article continues to update, you can search “ape man bacteria” on wechat for the first time to read, mind mapping, big data books, big data high-frequency interview questions, a large number of first-line big factory face… Looking forward to your attention!