Python 在运维工作中的经典应用

ansible（批量管理操作）

1.安装ansible(需要bese epel 2种源)
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

yum install ansible -y
      
    
克隆虚拟机

hostnamectl set-hostname standby
vim /etc/sysconfig/network-scripts/ifcfg-eth0
IPADDR=10.0.0.200 #改
UUID行            #删掉

vim /etc/hosts
10.0.0.200 standby #最后一行添加
systemctl restart network #重启网卡


+++++++++++++++++++++++++++++++
Linux的 SSHD(22)
验证方式:
(1)用户+密码(PAM)
(2)秘钥验证(公钥:钥匙和私钥:锁)
    通过秘钥对实现,需要将公钥分发到各节点
+++++++++++++++++++++++++++++++
2.管理被控端，管理机先生成秘钥，然后推送公钥

ssh-keygen   #执行,一路回车
ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.0.0.200
ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.0.0.100
#注意每台都要分发mi钥
[root@demo ~]# for i in {1..12};do ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.0.0.$i;done



3.配置被管理的主机清单
[root@demo ~]# vim /etc/ansible/hosts
#覆盖原来内容
[web]
10.0.0.100
10.0.0.200

4.使用ansible的ad-hoc测试
ansible all -m ping      #ansible 主机组或all -m 命令
10.0.0.12 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
10.0.0.11 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}

#执行远程命令
[root@demo ~]# ansible all -m shell -a "df -h"
10.0.0.12 | CHANGED | rc=0 >>
Filesystem      Size  Used Avail Use% Mounted on
/dev/sda3        98G  3.4G   95G   4% /
devtmpfs        477M     0  477M   0% /dev
tmpfs           488M     0  488M   0% /dev/shm
tmpfs           488M  7.7M  480M   2% /run
tmpfs           488M     0  488M   0% /sys/fs/cgroup
/dev/sda1       197M  102M   96M  52% /boot
tmpfs            98M     0   98M   0% /run/user/0

10.0.0.11 | CHANGED | rc=0 >>
Filesystem      Size  Used Avail Use% Mounted on
/dev/sda3        98G  1.6G   97G   2% /
devtmpfs        981M     0  981M   0% /dev
tmpfs           992M  124K  992M   1% /dev/shm
tmpfs           992M  9.6M  982M   1% /run
tmpfs           992M     0  992M   0% /sys/fs/cgroup
/dev/sda1       197M  102M   96M  52% /boot
tmpfs           199M     0  199M   0% /run/user/0


5.ansible playbook自动化安装nginx
[root@demo ~]# vim  playbook_nginx.yml 
- hosts: web
  remote_user: root
  vars:
    http_port: 80
  tasks:
    - name: Add Nginx Yum Repository
      yum_repository:
        name: nginx
        description: Nginx Repository
        baseurl: http://nginx.org/packages/centos/7/$basearch/
        gpgcheck: no

    - name: Install Nginx Server
      yum: 
        name=nginx state=present

    - name: Configure Nginx Server
      template: src=./default.conf.template dest=/etc/nginx/conf.d/default.conf
      notify: Restart Nginx Server

    - name: Start Nginx Server
      service: name=nginx state=started enabled=yes

  handlers:
    - name: Restart Nginx Server
      service: name=nginx state=restarted
      
     
     
6.
default.conf.template文件如下

[root@demo ~]#vim default.conf.template 
server {
    listen       {{ http_port }};
    server_name  localhost;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }
}


7.执行ansible-playbook
检查语法
[root@demo ~]# ansible-playbook --syntax playbook_nginx.yml     

模拟执行
[root@demo ~]# ansible-playbook -C playbook_nginx.yml 

执行
[root@demo ~]# ansible-playbook playbook_nginx.yml       

=============================================================