背景
由于公司服务器无法访问外网,只有内部镜像源(同步centos官方源),无法通过yum安装ansible,需要通过二进制包安装
系统环境
[root@localhost ~]# uname -a
Linux localhost.localdomain 3.10.0-957.el7.x86_64 #1 SMP Thu Nov 8 23:39:32 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost ~]# python —version
Python 2.7.5
下载并安装
下载官方ansible安装包,并传到服务器
https://releases.ansible.com/ansible/ansible-2.9.9.tar.gz
tar xzf ansible-2.9.9.tar.gz
cd ansible-2.9.9
python setup.py install
安装报错,提示缺少组件
解决依赖
官方yum无此依赖,解决方法,去官方pkg搜索下载,并上传到服务器
https://centos.pkgs.org/
http://mirror.centos.org/centos/7/os/x86_64/Packages/python-jinja2-2.7.2-4.el7.noarch.rpm
安装依赖组件
[root@localhost ~]# rpm -ivh python-jinja2-2.7.2-4.el7.noarch.rpm
错误:依赖检测失败:
python-babel >= 0.8 被 python-jinja2-2.7.2-4.el7.noarch 需要
python-markupsafe 被 python-jinja2-2.7.2-4.el7.noarch 需要
需要依赖其他组件,如果官方yum源有,直接yum安装
再次安装jinja2组件,成功
[root@localhost ~]# rpm -ivh python-jinja2-2.7.2-4.el7.noarch.rpm
准备中… ################################# [100%]
正在升级/安装…
1:python-jinja2-2.7.2-4.el7 ################################# [100%]
最后安装Ansible
[root@localhost ~]# cd ansible-2.9.9/
[root@localhost ansible-2.9.9]# ls
bin changelogs COPYING docs hacking licenses MANIFEST.in PKG-INFO requirements.txt shippable.yml test
build contrib dist examples lib Makefile packaging README.rst setup.py SYMLINK_CACHE.json
[root@localhost ansible-2.9.9]# python setup.py install
安装成功
信息如下:
Installed /usr/lib/python2.7/site-packages/ansible-2.9.9-py2.7.egg
Processing dependencies for ansible==2.9.9
Searching for cryptography==1.7.2
Best match: cryptography 1.7.2
Adding cryptography 1.7.2 to easy-install.pth file
Using /usr/lib64/python2.7/site-packages
Searching for PyYAML==3.10
Best match: PyYAML 3.10
Adding PyYAML 3.10 to easy-install.pth file
Using /usr/lib64/python2.7/site-packages
Searching for Jinja2==2.7.2
Best match: Jinja2 2.7.2
Adding Jinja2 2.7.2 to easy-install.pth file
Using /usr/lib/python2.7/site-packages
Searching for cffi==1.6.0
Best match: cffi 1.6.0
Adding cffi 1.6.0 to easy-install.pth file
Using /usr/lib64/python2.7/site-packages
Searching for ipaddress==1.0.16
Best match: ipaddress 1.0.16
Adding ipaddress 1.0.16 to easy-install.pth file
Using /usr/lib/python2.7/site-packages
Searching for enum34==1.0.4
Best match: enum34 1.0.4
Adding enum34 1.0.4 to easy-install.pth file
Using /usr/lib/python2.7/site-packages
Searching for setuptools==0.9.8
Best match: setuptools 0.9.8
Adding setuptools 0.9.8 to easy-install.pth file
Installing easy_install script to /usr/bin
Installing easy_install-2.7 script to /usr/bin
Using /usr/lib/python2.7/site-packages
Searching for six==1.9.0
Best match: six 1.9.0
Adding six 1.9.0 to easy-install.pth file
Using /usr/lib/python2.7/site-packages
Searching for pyasn1==0.1.9
Best match: pyasn1 0.1.9
Adding pyasn1 0.1.9 to easy-install.pth file
Using /usr/lib/python2.7/site-packages
Searching for idna==2.4
Best match: idna 2.4
Adding idna 2.4 to easy-install.pth file
Using /usr/lib/python2.7/site-packages
Searching for MarkupSafe==0.11
Best match: MarkupSafe 0.11
Adding MarkupSafe 0.11 to easy-install.pth file
Using /usr/lib64/python2.7/site-packages
Searching for pycparser==2.14
Best match: pycparser 2.14
Adding pycparser 2.14 to easy-install.pth file
Using /usr/lib/python2.7/site-packages
Finished processing dependencies for ansible==2.9.9
修改配置
创建Ansible配置文件,:
mkdir /etc/ansible
cp -a /tools/ansible-2.9.9/examples/ansible.cfg /etc/ansible/
并开启Ansible日志(Ansible默认不启用日志)
sed -i.bak ‘s/#log_path/log_path/‘ /etc/ansible/ansible.cfg
关闭密钥检测(默认要检测密钥,否则无法使用密码)
sed -i.bak ‘s/#host_key_checking/host_key_checking/‘ /etc/ansible/ansible.cfg
测试
添加hosts,并测试
[root@localhost ansible]# cat hosts
[test]
192.168.35.68
[test:vars]
ansible_ssh_port=22
ansible_ssh_user=root
ansible_ssh_pass=123456
远程ping测试
[root@localhost ansible]# ansible test -m ping
192.168.35.68 | FAILED! => {
"msg": "to use the 'ssh' connection type with passwords, you must install the sshpass program"
}
提示没有安装sshpass,安装后,测试成功
yum install sshpass -y
[root@localhost ansible]# ansible test -m ping
192.168.35.68 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
Ansible常用组件
模块功能介绍:
paramiko:用python语言写的一个模块,遵循SSH2协议,支持以加密和认证的方式,进行远程服务器的连接。
PyYAML:一个Python的YAML解析器。
Jinja2:基于python的模板引擎。
httplib2:一个使用python写的支持的非常全面的http特性的库。
six:提供了一些简单的工具用来封装 Python 2 和 Python 3 之间的差异性。
pycrypto:是一个免费的加密算法库,支持常见的DES、AES加密以及MD5、SHA各种HASH运算。
markupsafe:为Python实现 XML/HTML/XHTML 标记安全字符串。
ecdsa:椭圆曲线数字签名算法( ECDSA)是非对称加密技术的一种。
simplejson:方便完成json的生成和解析。