三部曲

1. 安装

先安装 python3, 然后通过 pip 来安装

sudo easy_install pip
sudo pip install paramiko PyYAML jinja2
sudo pip install ansible

或者用系统自带的包管理工具来安装

centos: yum install ansible -y
Ubuntu: apt install -y ansible

验证：

$ ansible --version
ansible 2.8.6
  config file = None
  configured module search path = ['/Users/walter/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = //anaconda3/lib/python3.7/site-packages/ansible
  executable location = //anaconda3/bin/ansible
  python version = 3.7.3 (default, Mar 27 2019, 16:54:48) [Clang 4.0.1 (tags/RELEASE_401/final)]

2. 配置

先将客户机和服务器的 SSH 连接打通

• 用 ssh-keygen 生成密钥对

ssh-keygen -t rsa -C "[walter@haha.com](mailto:walter@haha.com)"
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_rsa
cat ~/.ssh/id_rsa.pub

• 将公钥拷贝到远程服务器上

ssh-copy-id walter@10.20.30.40

• 用 ssh-keyscan 来验证 SSH 连接

ssh-keyscan walter@10.20.30.40

或者用私钥文件来连接远程服务器, 比如AWS 或阿里云上都可以下载 myserver.pem

cp  myserver.pem ~/.ssh/
chmod 400 ~/.ssh/myserver.pem
ssh -i ./wbxivr.pem ubuntu@10.29.30.40 'whoami'
# note: 这里输出 ubuntu 就对了

创建一个 devops 目录，然后创建以下2个文件

• 1. ansible.cfg

[defaults]
inventory=inventory
remote_user=ubuntu
host_key_checking=False
deprecation_warnings=False
private_key_file=~/.ssh/walter.pem

• 2. inventory

[potato_server]
10.224.112.73

[potato_server:vars]
ansible_python_interpreter=/usr/bin/python3

3) 运行

$ ansible potato_server -m ping -u ubuntu
10.20.30.40 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": false,
    "ping": "pong"
}

• 使用 playbook
  创建一个 potato_server.yml 文件作为 playbook 脚本：

---
# ansible-playbook potato_server.yml
- name: deploy potato server
  hosts: potato_server
  become: True

  vars:
    isFileReplaced: no

  tasks:
  - name: Creates directory
    file:
      path: /opt/potato/potato-server
      state: directory
  - name: copy dockerfile to remote server
    copy:
      src: ../potato/potato-server/Dockerfile
      dest: /opt/potato/potato-server
      force: "{{ isFileReplaced }}"
  - name: copy jar package to remote server
    copy:
      src: ../potato/potato-server/target/task-0.0.1-SNAPSHOT.jar
      dest: /opt/potato/potato-server/potato-server.jar
      force: "{{ isFileReplaced }}"
  - name: copy docker image to remote server
    copy:
      src: ../potato/potato-server-image.tar
      dest: /opt/potato/potato-server
      force: "{{ isFileReplaced }}"

运行如下命令

ansible-playbook potato_server.yml

则将文件上传到远程服务器上，如果已经存在则不会覆盖（改成 force: yes 则总是会覆盖）