實戰(zhàn)ansible
前言
本次實戰(zhàn)情況是因為服務(wù)器機(jī)房由于安全原因,處理無網(wǎng)絡(luò)的網(wǎng)閘區(qū)域。在這樣的情況下亿鲜,就需要采用離線安裝ansible的方式來進(jìn)行安裝了。
實戰(zhàn)環(huán)境
- 服務(wù)器已做好了鏡像的離線yum源冤吨,可以離線安裝vim等工具蒿柳,無法離線安裝ansible
- 服務(wù)器無法訪問外網(wǎng),處于網(wǎng)閘內(nèi)環(huán)境
思路步驟
- 首先離線ansible需要安裝的rpm包
- 編寫自動構(gòu)建離線ansible的yum源腳本
- 使用腳本安裝ansible工具
1.離線下載ansible需要安裝的rpm包
語句格式: yum install -y 軟件名 --downloadonly --downloaddir=保存文件路徑
[root@server81 install_ansible]# yum install -y ansible --downloadonly --downloaddir=ansible
Loaded plugins: fastestmirror
base | 3.6 kB 00:00:00
epel/x86_64/metalink | 8.8 kB 00:00:00
epel | 3.2 kB 00:00:00
extras | 3.4 kB 00:00:00
updates | 3.4 kB 00:00:00
(1/3): epel/x86_64/updateinfo | 930 kB 00:00:00
(2/3): extras/7/x86_64/primary_db | 205 kB 00:00:00
(3/3): epel/x86_64/primary | 3.6 MB 00:00:00
Determining fastest mirrors
* base: mirrors.aliyun.com
* epel: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
epel 12706/12706
Resolving Dependencies
--> Running transaction check
---> Package ansible.noarch 0:2.7.0-1.el7 will be updated
---> Package ansible.noarch 0:2.7.2-1.el7 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
====================================================================================================================
Package Arch Version Repository Size
====================================================================================================================
Updating:
ansible noarch 2.7.2-1.el7 epel 11 M
Transaction Summary
====================================================================================================================
Upgrade 1 Package
Total download size: 11 M
Background downloading packages, then exiting:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
ansible-2.7.2-1.el7.noarch.rpm | 11 MB 00:00:01
exiting because "Download Only" specified
[root@server81 install_ansible]#
[root@server81 install_ansible]# ls
[root@server81 install_ansible]# cd ansible/
[root@server81 ansible]# ls
ansible-2.7.2-1.el7.noarch.rpm
[root@server81 ansible]#
1.1 嘗試在無網(wǎng)絡(luò)環(huán)境進(jìn)行直接的rpm包安裝
[root@server01 ~]# rpm -ivh ansible-2.7.1-1.el7.noarch.rpm
warning: ansible-2.7.1-1.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID 352c64e5: NOKEY
error: Failed dependencies:
PyYAML is needed by ansible-2.7.1-1.el7.noarch
python-crypto is needed by ansible-2.7.1-1.el7.noarch
python-httplib2 is needed by ansible-2.7.1-1.el7.noarch
python-jinja2 is needed by ansible-2.7.1-1.el7.noarch
python-keyczar is needed by ansible-2.7.1-1.el7.noarch
python-paramiko is needed by ansible-2.7.1-1.el7.noarch
python-setuptools is needed by ansible-2.7.1-1.el7.noarch
python-six is needed by ansible-2.7.1-1.el7.noarch
python2-jmespath is needed by ansible-2.7.1-1.el7.noarch
sshpass is needed by ansible-2.7.1-1.el7.noarch
[root@server01 ~]#
發(fā)現(xiàn)單純簡單的rpm安裝的話漩蟆,會提示需要安裝很多python的工具依賴垒探。那么下一步就要考慮如何構(gòu)建yum源了。
2. 編寫自動構(gòu)建ansible的離線yum源腳本
2.1 步驟1 - 自動下載rpm包(Step1_download_rpm.py)
[root@server81 install_ansible]# vim Step1_download_rpm.py
#!/usr/bin/python
# -*- coding: UTF-8 -*-
import os
# shell命令
# yum install -y ansible --downloadonly --downloaddir=ansible
## 打印當(dāng)前路徑
print os.getcwd() #獲取當(dāng)前工作目錄路徑
savedir = os.getcwd() + '/software'
print '下載保存路徑=',savedir
# 定義ansible需要yum離線緩存的list表
softwares = ['ansible']
for software in softwares:
print '當(dāng)前下載 :', software
print os.system("date") ## 使用os模塊執(zhí)行shell命令
print '執(zhí)行下載:', os.system("yum install -y %s --downloadonly --downloaddir=%s" % (software,savedir)) ## 使用%s拼接字符串
print '============== 下載完畢 ===================='
執(zhí)行過程如下:
[root@server81 install_ansible]# python Step1_download_rpm.py
/opt/install_ansible
下載保存路徑= /opt/install_ansible/software
當(dāng)前下載 : ansible
Wed Nov 21 13:54:24 HKT 2018
0
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* epel: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package ansible.noarch 0:2.7.2-1.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
====================================================================================================================
Package Arch Version Repository Size
====================================================================================================================
Installing:
ansible noarch 2.7.2-1.el7 epel 11 M
Transaction Summary
====================================================================================================================
Install 1 Package
Total download size: 11 M
Installed size: 60 M
Background downloading packages, then exiting:
ansible-2.7.2-1.el7.noarch.rpm | 11 MB 00:00:05
exiting because "Download Only" specified
執(zhí)行下載: 0
============== 下載完畢 ====================
[root@server81 install_ansible]#
[root@server81 install_ansible]# ls
software Step1_download_rpm.py
[root@server81 install_ansible]#
[root@server81 install_ansible]# cd software/
[root@server81 software]# ls
ansible-2.7.2-1.el7.noarch.rpm
[root@server81 software]#
可以看到怠李,依然只是下載了一個ansible-2.7版本的rpm包圾叼,那么下面就來寫構(gòu)建yum源的腳本。
2.2 步驟2 - 自動構(gòu)建離線yum源以及安裝ansible腳本(create_repo.sh扔仓、Step2_install_ansible.py)
create_repo.sh腳本如下:
[root@server81 install_ansible]# ls
create_repo.sh software Step1_download_rpm.py
[root@server81 install_ansible]# cat create_repo.sh
#!/bin/bash
basedir=$(cd `dirname $0`;pwd)
softwaredir=$basedir/software
repoDir=/etc/yum.repos.d
## function
function create_ansible_local_repo(){
cat <<EOF > $repoDir/ansible-local.repo
[ansible-local]
name=ansible-local
baseurl=file://$softwaredir/
gpgcheck=0
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
EOF
createrepo -d $softwaredir
yum repolist
yum makecache
}
create_ansible_local_repo
[root@server81 install_ansible]#
執(zhí)行一下create_repo.sh腳本:
[root@server81 install_ansible]# ./create_repo.sh
./create_repo.sh: line 17: createrepo: command not found
在這里提示createrepo該命令找不到褐奥,說明沒有安裝好createrepo的工具,那么這個也要離線緩存一下翘簇,以免到內(nèi)網(wǎng)服務(wù)器無法安裝撬码。
離線緩存createrepo工具執(zhí)行如下:
[root@server81 install_ansible]# yum install -y createrepo --downloadonly --downloaddir=createrepo
Loaded plugins: fastestmirror
base | 3.6 kB 00:00:00
epel/x86_64/metalink | 5.1 kB 00:00:00
extras | 3.4 kB 00:00:00
updates | 3.4 kB 00:00:00
====================================================================================================================
Package Arch Version Repository Size
====================================================================================================================
Installing:
createrepo noarch 0.9.9-28.el7 base 94 k
Installing for dependencies:
deltarpm x86_64 3.6-3.el7 base 82 k
libxml2-python x86_64 2.9.1-6.el7_2.3 base 247 k
python-deltarpm x86_64 3.6-3.el7 base 31 k
Transaction Summary
====================================================================================================================
Install 1 Package (+3 Dependent packages)
Total download size: 454 k
Installed size: 2.0 M
Background downloading packages, then exiting:
(1/4): createrepo-0.9.9-28.el7.noarch.rpm | 94 kB 00:00:00
(2/4): libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm | 247 kB 00:00:00
(3/4): python-deltarpm-3.6-3.el7.x86_64.rpm | 31 kB 00:00:00
(4/4): deltarpm-3.6-3.el7.x86_64.rpm | 82 kB 00:00:00
--------------------------------------------------------------------------------------------------------------------
Total 1.1 MB/s | 454 kB 00:00:00
exiting because "Download Only" specified
[root@server81 install_ansible]# ls
createrepo create_repo.sh software Step1_download_rpm.py
[root@server81 install_ansible]# ls createrepo/
createrepo-0.9.9-28.el7.noarch.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
deltarpm-3.6-3.el7.x86_64.rpm python-deltarpm-3.6-3.el7.x86_64.rpm
[root@server81 install_ansible]#
可以從上面看出,安裝這個createrepo的工具也是有依賴的版保,那么為了下次方便呜笑,我直接將createrepo的rpm下載,寫入步驟1的腳本中彻犁,再重新執(zhí)行一下看看叫胁。
修改Step1_download_rpm.py腳本:
[root@server81 install_ansible]# vim Step1_download_rpm.py
#!/usr/bin/python
# -*- coding: UTF-8 -*-
import os
# shell命令
#yum install -y ansible --downloadonly --downloaddir=ansible
# yum install -y createrepo --downloadonly --downloaddir=createrepo
## 打印當(dāng)前路徑
print os.getcwd() #獲取當(dāng)前工作目錄路徑
savedir = os.getcwd() + '/software'
print '下載保存路徑=',savedir
# 定義ansible需要yum離線緩存的list表
softwares = ['ansible','createrepo']
for software in softwares:
print '當(dāng)前下載 :', software
print os.system("date") ## 使用os模塊執(zhí)行shell命令
print '執(zhí)行下載:', os.system("yum install -y %s --downloadonly --downloaddir=%s" % (software,savedir)) ## 使用%s拼接字符串
print '============== 下載完畢 ===================='
再次執(zhí)行一下rpm下載,如下:
[root@server81 install_ansible]# python Step1_download_rpm.py
當(dāng)前下載 : createrepo
Wed Nov 21 14:23:37 HKT 2018
0
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* epel: sg.fedora.ipserverone.com
* extras: mirrors.aliyun.com
====================================================================================================================
Package Arch Version Repository Size
====================================================================================================================
Installing:
createrepo noarch 0.9.9-28.el7 base 94 k
Installing for dependencies:
deltarpm x86_64 3.6-3.el7 base 82 k
libxml2-python x86_64 2.9.1-6.el7_2.3 base 247 k
python-deltarpm x86_64 3.6-3.el7 base 31 k
Transaction Summary
====================================================================================================================
Install 1 Package (+3 Dependent packages)
Total download size: 454 k
Installed size: 2.0 M
Background downloading packages, then exiting:
(1/4): createrepo-0.9.9-28.el7.noarch.rpm | 94 kB 00:00:00
(2/4): deltarpm-3.6-3.el7.x86_64.rpm | 82 kB 00:00:00
(3/4): python-deltarpm-3.6-3.el7.x86_64.rpm | 31 kB 00:00:00
(4/4): libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm | 247 kB 00:00:00
--------------------------------------------------------------------------------------------------------------------
Total 771 kB/s | 454 kB 00:00:00
exiting because "Download Only" specified
執(zhí)行下載: 0
============== 下載完畢 ====================
[root@server81 install_ansible]# ls
create_repo.sh software Step1_download_rpm.py
[root@server81 install_ansible]# ls software/
ansible-2.7.2-1.el7.noarch.rpm deltarpm-3.6-3.el7.x86_64.rpm python-deltarpm-3.6-3.el7.x86_64.rpm
createrepo-0.9.9-28.el7.noarch.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
[root@server81 install_ansible]#
由于如果沒有安裝好createrepo就無法構(gòu)建離線yum源汞幢,那么就無法使用yum install 的方式快速安裝驼鹅。
那么還是要rpm包將createrepo這個工具安裝好先,操作如下:
[root@server81 install_ansible]# ls software/
ansible-2.7.2-1.el7.noarch.rpm deltarpm-3.6-3.el7.x86_64.rpm python-deltarpm-3.6-3.el7.x86_64.rpm
createrepo-0.9.9-28.el7.noarch.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
[root@server81 install_ansible]#
[root@server81 install_ansible]# cd software/
[root@server81 software]# rpm -ivh createrepo-0.9.9-28.el7.noarch.rpm
error: Failed dependencies:
deltarpm is needed by createrepo-0.9.9-28.el7.noarch
libxml2-python is needed by createrepo-0.9.9-28.el7.noarch
python-deltarpm is needed by createrepo-0.9.9-28.el7.noarch
[root@server81 software]#
[root@server81 software]# rpm -ivh python-deltarpm-3.6-3.el7.x86_64.rpm
error: Failed dependencies:
deltarpm(x86-64) = 3.6-3.el7 is needed by python-deltarpm-3.6-3.el7.x86_64
[root@server81 software]#
[root@server81 software]# rpm -ivh deltarpm-3.6-3.el7.x86_64.rpm
Preparing... ################################# [100%]
Updating / installing...
1:deltarpm-3.6-3.el7 ################################# [100%]
[root@server81 software]#
[root@server81 software]# rpm -ivh python-deltarpm-3.6-3.el7.x86_64.rpm
Preparing... ################################# [100%]
Updating / installing...
1:python-deltarpm-3.6-3.el7 ################################# [100%]
[root@server81 software]#
[root@server81 software]# rpm -ivh libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
Preparing... ################################# [100%]
Updating / installing...
1:libxml2-python-2.9.1-6.el7_2.3 ################################# [100%]
[root@server81 software]#
[root@server81 software]# rpm -ivh createrepo-0.9.9-28.el7.noarch.rpm
Preparing... ################################# [100%]
Updating / installing...
1:createrepo-0.9.9-28.el7 ################################# [100%]
[root@server81 software]#
[root@server81 software]# createrepo --help
Usage: genpkgmetadata.py [options]
Options:
--version show program's version number and exit
-h, --help show this help message and exit
-q, --quiet output nothing except for serious errors
-v, --verbose output more debugging info.
--profile output timing/profile info.
-x EXCLUDES, --excludes=EXCLUDES
[root@server81 software]# createrepo --help
Usage: genpkgmetadata.py [options]
Options:
--version show program's version number and exit
-h, --help show this help message and exit
-q, --quiet output nothing except for serious errors
-v, --verbose output more debugging info.
--profile output timing/profile info.
-x EXCLUDES, --excludes=EXCLUDES
為了方便下載安裝的時候森篷,不用再這樣一步步嘗試rpm安裝createrepo的過程输钩,我先把這個過程寫入腳本之后。
編寫Step2_install_software.py腳本如下:
[root@server81 install_ansible]# cat Step2_install_software.py
#!/usr/bin/python
# -*- coding: UTF-8 -*-
import os
# shell命令 - 安裝createrepo
# rpm -ivh deltarpm-3.6-3.el7.x86_64.rpm
# rpm -ivh python-deltarpm-3.6-3.el7.x86_64.rpm
# rpm -ivh libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
# rpm -ivh createrepo-0.9.9-28.el7.noarch.rpm
# 打印當(dāng)前路徑
print os.getcwd() #獲取當(dāng)前工作目錄路徑
# 設(shè)置前面下載rpm的文件路徑
softwaredir = os.getcwd() + '/software'
# rpm方式安裝createrepo
def install_createrepo():
os.system("rpm -ivh %s/deltarpm-3.6-3.el7.x86_64.rpm" % (softwaredir))
os.system("rpm -ivh %s/python-deltarpm-3.6-3.el7.x86_64.rpm" % (softwaredir))
os.system("rpm -ivh %s/libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm" % (softwaredir))
os.system("rpm -ivh %s/createrepo-0.9.9-28.el7.noarch.rpm" % (softwaredir))
print('安裝createrepo:')
install_createrepo()
# 構(gòu)建離線yum源
def create_yum_repo():
os.system("sh create_repo.sh")
print '創(chuàng)建yum離線源:'
create_yum_repo()
## 使用離線yum源安裝
def install_ansible():
os.system("yum install -y ansible")
print '使用本地yum源安裝'
install_ansible()
[root@server81 install_ansible]#
執(zhí)行Step2_install_software.py腳本如下:
[root@server81 install_ansible]# python Step2_install_software.py
/opt/install_ansible
Preparing... ################################# [100%]
package deltarpm-3.6-3.el7.x86_64 is already installed
Preparing... ################################# [100%]
package python-deltarpm-3.6-3.el7.x86_64 is already installed
Preparing... ################################# [100%]
package libxml2-python-2.9.1-6.el7_2.3.x86_64 is already installed
Preparing... ################################# [100%]
package createrepo-0.9.9-28.el7.noarch is already installed
安裝createrepo:
Spawning worker 0 with 5 pkgs
...
Install 1 Package
Total download size: 11 M
Installed size: 60 M
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : ansible-2.7.2-1.el7.noarch 1/1
Verifying : ansible-2.7.2-1.el7.noarch 1/1
Installed:
ansible.noarch 0:2.7.2-1.el7
Complete!
[root@server81 install_ansible]# ansible
ansible ansible-console ansible-doc-2.7 ansible-playbook ansible-pull-2.7
ansible-2 ansible-console-2 ansible-galaxy ansible-playbook-2 ansible-vault
ansible-2.7 ansible-console-2.7 ansible-galaxy-2 ansible-playbook-2.7 ansible-vault-2
ansible-config ansible-doc ansible-galaxy-2.7 ansible-pull ansible-vault-2.7
ansible-connection ansible-doc-2 ansible-inventory ansible-pull-2
[root@server81 install_ansible]#
執(zhí)行完畢這個腳本仲智,那么ansible就安裝起來了买乃。
3. 個人習(xí)慣,喜歡最后寫上卸載的腳本
卸載腳本如下:
[root@server81 install_ansible]# cat Step3_erase_clamav.py
#!/usr/bin/python
# -*- coding: UTF-8 -*-
import os
# 卸載
def erase_ansible():
os.system("yum erase -y ansible")
print '卸載ansible'
erase_ansible()
[root@server81 install_ansible]#
執(zhí)行如下:
[root@server81 install_ansible]# python Step3_erase_clamav.py
Loaded plugins: fastestmirror
Resolving Dependencies
--> Running transaction check
---> Package ansible.noarch 0:2.7.2-1.el7 will be erased
--> Finished Dependency Resolution
Dependencies Resolved
===============================================================================================================
Package Arch Version Repository Size
===============================================================================================================
Removing:
ansible noarch 2.7.2-1.el7 @ansible-local 60 M
Transaction Summary
===============================================================================================================
Remove 1 Package
Installed size: 60 M
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Erasing : ansible-2.7.2-1.el7.noarch 1/1
Verifying : ansible-2.7.2-1.el7.noarch 1/1
Removed:
ansible.noarch 0:2.7.2-1.el7
Complete!
卸載ansible
[root@server81 install_ansible]#
好了钓辆,對于centos7的步驟可以說是到此為止了剪验。只要將腳本拷貝到內(nèi)網(wǎng)服務(wù)器執(zhí)行即可肴焊。
但是有一個前置條件,就是內(nèi)網(wǎng)的服務(wù)器已經(jīng)做好了系統(tǒng)鏡像的離線yum源功戚。
4.線上正式執(zhí)行
上面因為是以大家常用的centos7系統(tǒng)作為腳本編寫演示娶眷,因為正式執(zhí)行的服務(wù)器系統(tǒng)是Oracle Linux7.5,其中構(gòu)建離線yum源的腳本部分需要稍微改一下疫铜。
注意:在線上服務(wù)執(zhí)行的過程中碰到了幾個坑茂浮,以及依賴的缺失,請繼續(xù)往下看壳咕。
