-i 指定 hosts 檔案位置

-u username 指定 SSH 連線的使用者名稱

-k 指定遠端使用者密碼

-f 指定併發數

-s 如需要 root 許可權執行時使用 ( 連線使用者不是 root 時 )

-K -s 時，-K 輸入 root 密碼

複製程式碼
四、附加

1、/etc/ansible/hosts 檔案

Ansible 定義主機、組規則的配置檔案

複製程式碼
shell > vim /etc/ansible/hosts

www.abc.com # 定義域名

192.168.1.100 # 定義 IP

192.168.1.150:37268 # 指定埠號

[WebServer] # 定義分組

192.168.1.10
192.168.1.20
192.168.1.30

[DBServer] # 定義多個分組

192.168.1.50
192.168.1.60

Monitor ansible_ssh_port=12378 ansible_ssh_host=192.168.1.200 # 定義別名

ansible_ssh_host 連線目標主機的地址

ansible_ssh_port 連線目標主機的埠，預設 22 時無需指定

ansible_ssh_user 連線目標主機預設使用者

ansible_ssh_pass 連線目標主機預設使用者密碼

ansible_ssh_connection 目標主機連線型別，可以是 local 、ssh 或 paramiko

ansible_ssh_private_key_file 連線目標主機的 ssh 私鑰

ansible_*_interpreter 指定採用非 Python 的其他指令碼語言，如 Ruby 、Perl 或其他類似 ansible_python_interpreter 直譯器

[webservers] # 主機名支援正則描述

www[01:50].example.com

[dbservers]

db-[a:f].example.com
複製程式碼
2、Ansible 常用模組學習

shell > ansible-doc -l # 列出 Ansible 支援的模組

shell > ansible-doc ping # 檢視該模組幫助資訊

遠端命令模組（ command / script / shell ）

command 作為 Ansible 的預設模組，可以執行遠端許可權範圍所有的 shell 命令，不支援管道符。

例：

shell > ansible Client -m command -a "free -m" # 檢視 Client 分組主機記憶體使用情況
script 的功能是在遠端主機執行主控端儲存的 shell 指令碼檔案，相當於 scp + shell 組合。

例：

shell > ansible Client -m script -a "/home/test.sh 12 34" # 遠端執行本地指令碼
shell 的功能是執行遠端主機上的 shell 指令碼檔案，支援管道符。

例：

shell > ansible Client -m shell -a "/home/test.sh" # 執行遠端指令碼

copy 模組（實現主控端向目標主機拷貝檔案，類似於 scp 功能）

例：

shell > ansible Client -m copy -a "src=/home/test.sh desc=/tmp/ owner=root group=root mode=0755" # 向 Client 組中主機拷貝 test.sh 到 /tmp 下，屬主、組為 root ，許可權為 0755

stat 模組（獲取遠端檔案狀態資訊，atime/ctime/mtime/md5/uid/gid 等資訊）

例：

shell > ansible Client -m stat -a "path=/etc/syctl.conf"

get_url 模組（實現在遠端主機下載指定 URL 到本地，支援 sha256sum 檔案校驗）

例：

shell > ansible Client -m get_utl -a "url=www.baidu.com dest=/tmp/index.html mode=0440 force=yes"

yum 模組（軟體包管理）

例：

shell > ansible Client -m yum -a "name=curl state=latest"

cron 模組（遠端主機 crontab 配置）

例：

shell > ansible Client -m cron -a "name='check dirs' hour='5,2' job='ls -alh > /dev/null'"
效果：

Ansible: check dirs

• 5,2
  * ls -alh > /dev/null

mount 模組（遠端主機分割槽掛載）

例：

shell > ansible Client -m mount -a "name=/mnt/data src=/dev/sd0 fstype=ext4 opts=ro state=present"

service 模組（遠端主機系統服務管理）

例：

shell > ansible Client -m service -a "name=nginx state=stoped"
shell > ansible Client -m service -a "name=nginx state=restarted"
shell > ansible Client -m service -a "name=nginx state=reloaded"

user 服務模組（遠端主機使用者管理）

例：

shell > ansible Client -m user -a "name=wang comment='user wang'"

shell > ansible Client -m user -a "name=wang state=absent remove=yes" # 新增刪除使用者
五、Ansible-playbook

使用 Ansible-playbook 可以完成一組複雜的動作，例如部署環境、搭建服務、修改配置等。

簡單示例：

複製程式碼
shell > vim /etc/ansible/playbook.yml # 將遠端主機IP地址寫入檔案中儲存

• hosts: Client
  remote_user: root

tasks:

• name: Save IP To info.txt
  shell: "ifconfig eth0 | awk -F '[ :]'+ '/inet addr/{print $4}' > ~/info.txt"

hosts 指定執行操作主機

remote_user 指定執行使用者

tasks 指明有哪些動作

name 動作描述

shell 模組，後面為具體指令

複製程式碼
Playbook 實戰：

一、目錄結構

複製程式碼
shell > cd /etc/ansible/ ; tree .
.
├── ansible.cfg
├── delete_zabbix_agent.yml
├── hosts
├── install_zabbix_agent.yml
└── roles

├── delete_zabbix_agent
│   ├── tasks
│   │   └── main.yml
│   └── vars
│       └── main.yml
└── install_zabbix_agent
    ├── files
    │   └── zabbix-2.4.5.tar.gz
    ├── tasks
    │   └── main.yml
    ├── templates
    │   ├── zabbix_agentd
    │   └── zabbix_agentd.conf
    └── vars
         └── main.yml
複製程式碼

ansible.cfg 此檔案為 ansible 的主配置檔案

hosts 用於定義主機組

roles 定義不同的角色

install_zabbix_agent.yml 用於安裝 zabbix_agent 的引導檔案

delete_zabbix_agent.yml 刪除已安裝的 zabbix_agent 的引導檔案

└── install_zabbix_agent
    ├── files
    │   └── zabbix-2.4.5.tar.gz
    ├── tasks
    │   └── main.yml
    ├── templates
    │   ├── zabbix_agentd
    │   └── zabbix_agentd.conf
    └── vars
         └── main.yml
複製程式碼

其中，install_zabbix_agent 為一個角色，用於安裝 zabbix_agent

file 目錄：用於存放將要拷貝到遠端主機的安裝包等

tasks 目錄：將要執行的所有任務，如果比較複雜，可以單獨定義不同的任務，最後在 main.yml 檔案中引用即可

templates 目錄：模板目錄，這裡存放著一些可變的檔案，即：每臺主機上的這些檔案中的內容都不完全相同

vars 目錄：用於存放變數

這是一個比較簡單的結構，其實一個角色中還可以有 meta 、handlers 等

複製程式碼
二、Playbook 安裝軟體需要的步驟

1、定義 hosts（ 給哪些主機安裝軟體 ）

shell > vim /etc/ansible/hosts

[mini]

129.139.153.78:16283
155.139.190.94:12573
2、定義入口檔案 install_zabbix_agent.yml

複製程式碼
shell > vim /etc/ansible/install_zabbix_agent.yml

• hosts: mini
  roles:

  • install_zabbix_agent

可以看到將要安裝的主機組為 mini 組，角色為 install_zabbix_agent

複製程式碼
3、定義角色 install_zabbix_agent

複製程式碼
shell > tree /etc/ansible/roles/install_zabbix_agent/

├── files
│ └── zabbix-2.4.5.tar.gz
├── tasks
│ └── main.yml
├── templates
│ ├── zabbix_agentd
│ └── zabbix_agentd.conf
└── vars

  └── main.yml
複製程式碼

建立 files 目錄，存放編譯安裝過的 zabbix_agent 目錄的壓縮檔案，用於拷貝到遠端主機

建立 tasks 目錄，用於編寫將要執行的任務

建立 templates 目錄，用於存放可變的模板檔案

建立 vars 目錄，用於存放變數資訊

複製程式碼
複製程式碼
shell > cat /etc/ansible/roles/install_zabbix_agent/tasks/main.yml

• name: Install Software

  yum: name={{ item }} state=latest
  with_items:複製程式碼

  • libcurl-devel

• name: Create Zabbix User

  user: name={{ zabbix_user }} state=present createhome=no shell=/sbin/nologin複製程式碼

• name: Copy Zabbix.tar.gz

  copy: src=zabbix-{{ zabbix_version }}.tar.gz dest={{ zabbix_dir }}/src/zabbix-{{ zabbix_version }}.tar.gz owner=root group=root複製程式碼

• name: Uncompression Zabbix.tar.gz

  shell: tar zxf {{ zabbix_dir }}/src/zabbix-{{ zabbix_version }}.tar.gz -C {{ zabbix_dir }}/複製程式碼

• name: Copy Zabbix Start Script

  template: src=zabbix_agentd dest=/etc/init.d/zabbix_agentd owner=root group=root mode=0755複製程式碼

• name: Copy Zabbix Config File

  template: src=zabbix_agentd.conf dest={{ zabbix_dir }}/zabbix/etc/zabbix_agentd.conf owner={{ zabbix_user }} group={{ zabbix_user }} mode=0644複製程式碼

• name: Modify Zabbix Dir Permisson

  file: path={{ zabbix_dir }}/zabbix owner={{ zabbix_user }} group={{ zabbix_user }} mode=0755 recurse=yes複製程式碼

• name: Start Zabbix Service

  shell: /etc/init.d/zabbix_agentd start複製程式碼

• name: Add Boot Start Zabbix Service

  shell: chkconfig --level 35 zabbix_agentd on複製程式碼

  複製程式碼

複製程式碼
shell > cat /etc/ansible/roles/install_zabbix_agent/vars/main.yml

zabbix_dir: /usr/local
zabbix_version: 2.4.5
zabbix_user: zabbix
zabbix_port: 10050
zabbix_server_ip: 131.142.101.120
複製程式碼
複製程式碼
shell > cat /etc/ansible/roles/install_zabbix_agent/templates/zabbix_agentd

!/bin/bash

chkconfig: - 90 10

description: Starts and stops Zabbix Agent using chkconfig

Tested on Fedora Core 2 - 5

Should work on all Fedora Core versions

@name: zabbix_agentd

@author: Alexander Hagenah hagenah@topconcepts.com

@created: 18.04.2006

Modified for Zabbix 2.0.0

May 2012, Zabbix SIA

Source function library.

. /etc/init.d/functions

Variables

Edit these to match your system settings

    # Zabbix-Directory
    BASEDIR={{ zabbix_dir }}/zabbix

    # Binary File
    BINARY_NAME=zabbix_agentd

    # Full Binary File Call
    FULLPATH=$BASEDIR/sbin/$BINARY_NAME

    # PID file
    PIDFILE=/tmp/$BINARY_NAME.pid

    # Establish args
    ERROR=0
    STOPPING=0
複製程式碼

No need to edit the things below

application checking status

if [ -f PIDFILE ] && [ -s

PIDFILE ] && [ -s

PIDFILE ]

    then
    PID=`cat $PIDFILE`

    if [ "x$PID" != "x" ] && kill -0 $PID 2>/dev/null && [ $BINARY_NAME == `ps -e | grep $PID | awk '{print $4}'` ]
    then
            STATUS="$BINARY_NAME (pid `pidof $APP`) running.."
            RUNNING=1
    else
            rm -f $PIDFILE
            STATUS="$BINARY_NAME (pid file existed ($PID) and now removed) not running.."
            RUNNING=0
    fi複製程式碼

else

    if [ `ps -e | grep $BINARY_NAME | head -1 | awk '{ print $1 }'` ]
            then
            STATUS="$BINARY_NAME (pid `pidof $APP`, but no pid file) running.."
    else
            STATUS="$BINARY_NAME (no pid file) not running"
    fi
    RUNNING=0複製程式碼

fi

functions

start() {

    if [ $RUNNING -eq 1 ]
            then
            echo "$0 $ARG: $BINARY_NAME (pid $PID) already running"
    else
            action $"Starting $BINARY_NAME: " $FULLPATH
            touch /var/lock/subsys/$BINARY_NAME
    fi複製程式碼

}

stop() {

    echo -n $"Shutting down $BINARY_NAME: "
    killproc $BINARY_NAME
    RETVAL=$?
    echo
    [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$BINARY_NAME
    RUNNING=0複製程式碼

}

logic

case "$1" in

    start)
            start
            ;;
    stop)
            stop
            ;;
    status)
            status $BINARY_NAME
            ;;
    restart)
            stop
            sleep 10
            start
            ;;
    help|*)
            echo $"Usage: $0 {start|stop|status|restart|help}"
            cat <<EOF

                    start           - start $BINARY_NAME
                    stop            - stop $BINARY_NAME
                    status          - show current status of $BINARY_NAME
                    restart         - restart $BINARY_NAME if running by sending a SIGHUP or start if not running
                    help            - this screen
複製程式碼

EOF

    exit 1
    ;;複製程式碼

esac

exit 0
複製程式碼
複製程式碼
shell > cat /etc/ansible/roles/install_zabbix_agent/templates/zabbix_agentd.conf

This is a config file for the Zabbix agent daemon (Unix)

To get more information about Zabbix, visit http://www.zabbix.com

GENERAL PARAMETERS

Option: PidFile

Name of PID file.

Mandatory: no

Default:

PidFile=/tmp/zabbix_agentd.pid

Option: LogFile

Name of log file.

If not set, syslog is used.

Mandatory: no

Default:

LogFile=

LogFile=/tmp/zabbix_agentd.log

Option: LogFileSize

Maximum size of log file in MB.

0 - disable automatic log rotation.

Mandatory: no

Range: 0-1024

Default:

LogFileSize=1

Option: DebugLevel

Specifies debug level

0 - basic information about starting and stopping of Zabbix processes

1 - critical information

2 - error information

3 - warnings

4 - for debugging (produces lots of information)

Mandatory: no

Range: 0-4

Default:

DebugLevel=3

Option: SourceIP

Source IP address for outgoing connections.

Mandatory: no

Default:

SourceIP=

Option: EnableRemoteCommands

Whether remote commands from Zabbix server are allowed.

0 - not allowed

1 - allowed

Mandatory: no

Default:

EnableRemoteCommands=0

Option: LogRemoteCommands

Enable logging of executed shell commands as warnings.

0 - disabled

1 - enabled

Mandatory: no

Default:

LogRemoteCommands=0

Passive checks related

Option: Server

List of comma delimited IP addresses (or hostnames) of Zabbix servers.

Incoming connections will be accepted only from the hosts listed here.

If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally.

Mandatory: no

Default:

Server=

Server={{ zabbix_server_ip }}

Option: ListenPort

Agent will listen on this port for connections from the server.

Mandatory: no

Range: 1024-32767

Default:

ListenPort=10050

ListenPort={{ zabbix_port }}

Option: ListenIP

List of comma delimited IP addresses that the agent should listen on.

First IP address is sent to Zabbix server if connecting to it to retrieve list of active checks.

Mandatory: no

Default:

ListenIP=0.0.0.0

Option: StartAgents

Number of pre-forked instances of zabbix_agentd that process passive checks.

If set to 0, disables passive checks and the agent will not listen on any TCP port.

Mandatory: no

Range: 0-100

Default:

StartAgents=3

Active checks related

Option: ServerActive

List of comma delimited IP:port (or hostname:port) pairs of Zabbix servers for active checks.

If port is not specified, default port is used.

IPv6 addresses must be enclosed in square brackets if port for that host is specified.

If port is not specified, square brackets for IPv6 addresses are optional.

If this parameter is not specified, active checks are disabled.

Example: ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1]

Mandatory: no

Default:

ServerActive=

ServerActive=127.0.0.1:10051

Option: Hostname

Unique, case sensitive hostname.

Required for active checks and must match hostname as configured on the server.

Value is acquired from HostnameItem if undefined.

Mandatory: no

Default:

Hostname=

Hostname={{ ansible_all_ipv4_addresses[1] }}

Option: HostnameItem

Item used for generating Hostname if it is undefined. Ignored if Hostname is defined.

Does not support UserParameters or aliases.

Mandatory: no

Default:

HostnameItem=system.hostname

Option: HostMetadata

Optional parameter that defines host metadata.

Host metadata is used at host auto-registration process.

An agent will issue an error and not start if the value is over limit of 255 characters.

If not defined, value will be acquired from HostMetadataItem.

Mandatory: no

Range: 0-255 characters

Default:

HostMetadata=

Option: HostMetadataItem

Optional parameter that defines an item used for getting host metadata.

Host metadata is used at host auto-registration process.

During an auto-registration request an agent will log a warning message if

the value returned by specified item is over limit of 255 characters.

This option is only used when HostMetadata is not defined.

Mandatory: no

Default:

HostMetadataItem=

Option: RefreshActiveChecks

How often list of active checks is refreshed, in seconds.

Mandatory: no

Range: 60-3600

Default:

RefreshActiveChecks=120

Option: BufferSend

Do not keep data longer than N seconds in buffer.

Mandatory: no

Range: 1-3600

Default:

BufferSend=5

Option: BufferSize

Maximum number of values in a memory buffer. The agent will send

all collected data to Zabbix Server or Proxy if the buffer is full.

Mandatory: no

Range: 2-65535

Default:

BufferSize=100

Option: MaxLinesPerSecond

Maximum number of new lines the agent will send per second to Zabbix Server

or Proxy processing 'log' and 'logrt' active checks.

The provided value will be overridden by the parameter 'maxlines',

provided in 'log' or 'logrt' item keys.

Mandatory: no

Range: 1-1000

Default:

MaxLinesPerSecond=100

ADVANCED PARAMETERS

Option: Alias

Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one.

Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed.

Different Alias keys may reference the same item key.

For example, to retrieve the ID of user 'zabbix':

Alias=zabbix.userid:vfs.file.regexp[/etc/passwd,^zabbix:.:([0-9]+),,,,1]

Now shorthand key zabbix.userid may be used to retrieve data.

Aliases can be used in HostMetadataItem but not in HostnameItem parameters.

Mandatory: no

Range:

Default:

Option: Timeout

Spend no more than Timeout seconds on processing

Mandatory: no

Range: 1-30

Default:

Timeout=20

Option: AllowRoot

Allow the agent to run as 'root'. If disabled and the agent is started by 'root', the agent

will try to switch to the user specified by the User configuration option instead.

Has no effect if started under a regular user.

0 - do not allow

1 - allow

Mandatory: no

Default:

AllowRoot=0

Option: User

Drop privileges to a specific, existing user on the system.

Only has effect if run as 'root' and AllowRoot is disabled.

Mandatory: no

Default:

User=zabbix

Option: Include

You may include individual files or all files in a directory in the configuration file.

Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time.

Mandatory: no

Default:

Include=

Include=/usr/local/etc/zabbix_agentd.userparams.conf

Include=/usr/local/etc/zabbix_agentd.conf.d/

Include=/usr/local/etc/zabbix_agentd.conf.d/*.conf

USER-DEFINED MONITORED PARAMETERS

Option: UnsafeUserParameters

Allow all characters to be passed in arguments to user-defined parameters.

0 - do not allow

1 - allow

Mandatory: no

Range: 0-1

Default:

UnsafeUserParameters=1

Option: UserParameter

User-defined parameter to monitor. There can be several user-defined parameters.

Format: UserParameter=,

See 'zabbix_agentd' directory for examples.

Mandatory: no

Default:

UserParameter=

LOADABLE MODULES

Option: LoadModulePath

Full path to location of agent modules.

Default depends on compilation options.

Mandatory: no

Default:

LoadModulePath=${libdir}/modules

Option: LoadModule

Module to load at agent startup. Modules are used to extend functionality of the agent.

Format: LoadModule=

The modules must be located in directory specified by LoadModulePath.

It is allowed to include multiple LoadModule parameters.

Mandatory: no

Default:

LoadModule=

複製程式碼
4、執行安裝

複製程式碼
shell > ansible-playbook /etc/ansible/install_zabbix_agent.yml

PLAY [mini]

*

GATHERING FACTS

*

ok: [129.139.153.78]
ok: [155.139.190.94]

TASK: [install_zabbix_agent | Install Software]

*

changed: [155.139.190.94] => (item=libcurl-devel)
changed: [129.139.153.78] => (item=libcurl-devel)

TASK: [install_zabbix_agent | Create Zabbix User]

*
changed: [129.139.153.78]
changed: [155.139.190.94]

TASK: [install_zabbix_agent | Copy Zabbix.tar.gz]

*
changed: [129.139.153.78]
changed: [155.139.190.94]

TASK: [install_zabbix_agent | Uncompression Zabbix.tar.gz]

changed: [129.139.153.78]
changed: [155.139.190.94]

TASK: [install_zabbix_agent | Copy Zabbix Start Script]

*
changed: [155.139.190.94]
changed: [129.139.153.78]

TASK: [install_zabbix_agent | Copy Zabbix Config File]

**
changed: [129.139.153.78]
changed: [155.139.190.94]

TASK: [install_zabbix_agent | Modify Zabbix Dir Permisson]

changed: [155.139.190.94]
changed: [129.139.153.78]

TASK: [install_zabbix_agent | Start Zabbix Service]

*
changed: [129.139.153.78]
changed: [155.139.190.94]

TASK: [install_zabbix_agent | Add Boot Start Zabbix Service]

*

*
changed: [129.139.153.78]
changed: [155.139.190.94]

PLAY RECAP

155.139.190.94 : ok=10 changed=9 unreachable=0 failed=0
129.139.153.78 : ok=10 changed=9 unreachable=0 failed=0

關注一下，啟動指令碼跟配置檔案中變數的引用。

完成安裝，可以去客戶機檢查效果了 ！

複製程式碼
附上：delete_zabbix_agent.yml 相關內容

複製程式碼
shell > vim /etc/ansible/delete_zabbix_agent.yml

• hosts: mini
  roles:

  • delete_zabbix_agent

shell > vim /etc/ansible/roles/delete_zabbix_agent/tasks/main.yml

• name: Stop Zabbix_agent
  shell: pgrep zabbix_agentd | xargs kill

ignore_errors: yes

• name: Delete Boot Start
  shell: chkconfig --del zabbix_agentd
• name: Delete Start Script
  shell: rm -rf /etc/init.d/zabbix_agentd
• name: Delete Install Dir
  shell: rm -rf {{ zabbix_dir }}/zabbix
• name: Delete Software
  shell: rm -rf {{ zabbix_dir }}/src/zabbix-{{ zabbix_version }}.tar.gz
• name: Delete Log File
  shell: rm -rf /tmp/zabbix_agentd.log
• name: Delete Zabbix User
  user: name={{ zabbix_user }} state=absent remove=yes

shell > vim /etc/ansible/roles/delete_zabbix_agent/vars/main.yml

zabbix_dir: /usr/local
zabbix_version: 2.4.5
zabbix_user: zabbix
複製程式碼

版權宣告：本文內容由網際網路使用者自發貢獻，版權歸作者所有，本社群不擁有所有權，也不承擔相關法律責任。如果您發現本社群中有涉嫌抄襲的內容，歡迎傳送郵件至：yqgroup@service.aliyun.com 進行舉報，並提供相關證據，一經查實，本社群將立刻刪除涉嫌侵權內容。

原文連結