基于docker创建ansible以及管理容器节点
场景:在学习条件有限情况下,如果通过一台VM来完成docker和ansible的学习
解决:先创建自定义镜像-->构建多个ansible容器。
当然此法适用于其他类似场景。
VM环境:
-
OS:centos7 Docker version 1.12.3, build 6b644ec docker-compose version 1.8.1, build 878cff1
关键点:
- Dockerfile 编写优化
- Docker-compose.yml 编写
- ansible-ssh 免密钥登录
- 容器间22端口互通
y准备工作
创建文件夹
mkdir -p /root/docker/ansible-demo && /root/docker/ansible-demo/volume2 && cd ~/docker/ansible-demo
创建dockerfile、docker-compose
Dockerfile 文件
# Set the base image to centos FROM centos:latest MAINTAINER osbing [email protected] #mount volume VOLUME ["/root/docker/ansible-demo/volume2"] ################## BEGIN INSTALLATION ###################### #install EPEL RUN rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm && rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 && yum install -y yum-priorities # Install #RUN yum clean all RUN yum install -y sudo RUN yum install -y net-tools openssh-clients openssh-server ansible vim ################## END INSTALLATION ###################### # 将sshd的UsePAM参数设置成no RUN sed -i ‘s/UsePAM yes/UsePAM no/g‘ /etc/ssh/sshd_config # 修改root用户密码 RUN echo "root:benny"|chpasswd RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key # 启动sshd服务并且暴露22端口 RUN mkdir /var/run/sshd EXPOSE 22 ENTRYPOINT ["/usr/sbin/sshd","-D"]
# no cache创建镜像 #ddocker build --no-cache -t osbing/centos_sshd:0.2 . # 创建容器。特权模式--privileged=true docker run -d -p 9021:22 --privileged=true --name ansible-controller1 osbing/centos_sshd:0.2 docker run -d -p 9021:22 --privileged=true --name ansible-controller osbing/centos_sshd:0.2 docker run -d -p 9022:22 --privileged=true --name ansible-node2 osbing/centos_sshd:0.2 docker run -d -p 9023:22 --privileged=true --name ansible-node3 osbing/centos_sshd:0.2
或者使用Docker-compose文件创建容器
ansible-controller: image: osbing/centos_sshd:0.2 ports: - "9021:22" environment: HOSTNAME:ansible-controller ansible-node2: image: osbing/centos_sshd:0.2 ports: - "9022:22" environment: HOSTNAME:ansible-node2 ansible-node3: image: osbing/centos_sshd:0.2 ports: - "9023:22" environment: HOSTNAME:ansible-node3
ssh连接到ansible-controller进行配置和管理节点
# ssh连接到ansible-controller 进行修改 ssh [email protected] -p 9021
vim /etc/ansible/hosts
# 生成公钥 ssh-keygen
拷贝公钥到被管理节点的主机上
# ssh-copy-id 拷贝公钥到被管理节点的主机上 ssh-copy-id -i [email protected] ssh-copy-id -i [email protected] ssh-copy-id -i [email protected]
尝试在Ansible服务端运行命令
例子1:检查Ansible节点的运行时间(uptime)
#ping测试 ansible -m ping "test-servers"
#获取系统运行时间 ansible ‘test-servers‘ -m command -a "uptime"
例子2:检查节点的内核版本
#获取内核版本 ansible ‘test-ser
例子3:给节点增加用户
#增加用户 ansible "test-servers" -m command -a "useradd mark" ansible "test-servers" -m command -a "grep mark /etc/passwd"
例子4:重定向输出到文件中
[[email protected] ansible]# ansible "test-servers" -m command -a "df -Th" > /tmp/command-output.txt [[email protected] ansible]# cat /tmp/command-output.txt
END
时间: 2024-12-14 12:45:30