Ansible-Tower自动化运维管理环境部署记录

2019-08-06 14:59:06 浏览数 (1)

公司中实现运维自动化的架构中主要用到ansible,ansible脚本在部署服务器指令行中显得不太直观。Ansible-Tower(之前叫做awx)是将ansible的指令界面化,简明直观,简单易用。下面是Ansible-Tower的搭建记录,在此分享下。

代码语言:javascript复制
Ansible-Tower目前支持7.4 的版本,可以使用yum update -y命令更新;
 
1. 安装Ansible的epel源
[root@ansible ~]# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
 
[root@ansible ~]# python -V
Python 2.7.5

关闭selinux
[root@ansible ansible-tower]# setenforce 0
setenforce: SELinux is disabled
[root@ansible ansible-tower]# getenforce 
Disabled
[root@ansible ansible-tower]# vim /etc/sysconfig/selinux 
.........
SELINUX=disabled

关闭防火墙
[root@ansible ansible-tower]# systemctl stop firewalld    
[root@ansible ansible-tower]# systemctl disable firewalld 
[root@ansible ansible-tower]# firewall-cmd --state
not running

下载epel仓库
[root@ansible ~]# wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
[root@ansible ~]# rpm -ivh epel-release-latest-7.noarch.rpm --force
[root@ansible ~]# yum update -y
 
2. 清空缓存,安装Ansible
[root@ansible ~]# yum clean all
[root@ansible ~]# yum install -y ansible
[root@ansible ~]# ansible --version
ansible 2.8.2
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Jun 20 2019, 20:27:34) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]
 
3. 安装Ansible-Tower
下载地址:https://releases.ansible.com/ansible-tower/setup/
实战文档:https://kionf.com/2018/11/21/tower-useage/
 
[root@ansible ~]# cd /home/
[root@ansible home]# wget http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-latest.tar.gz
[root@ansible home]# tar -zvxf ansible-tower-setup-latest.tar.gz
[root@ansible home]# mv ansible-tower-setup-3.5.1-1/ /usr/local/ansible-tower
[root@ansible home]# cd /usr/local/ansible-tower
[root@ansible ansible-tower]# ls
backup.yml  group_vars  install.yml  inventory  licenses  README.md  restore.yml  roles  setup.sh
 
配置inventory文件(这里设置密码为"324215", 这里密码可以自行设定。)
[root@ansible ansible-tower]# sed -i "s#password=''#password='324215'#g" inventory
[root@ansible ansible-tower]# sed -i "s#host=''#host='127.0.0.1'#g" inventory
[root@ansible ansible-tower]# sed -i "s#port=''#port='5432'#g" inventory
 
安装Ansible-Tower
安装前先创建/var/log/tower的日志目录,不然会报错
[root@ansible ansible-tower]# mkdir -p /var/log/tower
 
接着进行安装,安装过程需要执行一会儿
[root@ansible ansible-tower]# cd /usr/local/ansible-tower
[root@ansible ansible-tower]# ./setup.sh
.............
.............
PLAY [Install Tower isolated node(s)] ************************************************************************************************************
skipping: no hosts matched

PLAY RECAP ***************************************************************************************************************************************
localhost                  : ok=143  changed=69   unreachable=0    failed=0    skipped=59   rescued=0    ignored=3   

The setup process completed successfully.
Setup log saved to /var/log/tower/setup-2019-08-06-01:56:36.log

当安装出现如上面的信息后,代表已经安装成功

ansible-tower的端口是在inventory文件中定义的,如上定义的端口是5432
[root@ansible ansible-tower]# lsof -i:5432
COMMAND     PID     USER   FD   TYPE   DEVICE SIZE/OFF NODE NAME
python3     440      awx   33u  IPv4 70352043      0t0  TCP localhost:38588->localhost:postgres (ESTABLISHED)
python3     507      awx   19u  IPv4 70351368      0t0  TCP localhost:38634->localhost:postgres (ESTABLISHED)
python3     508      awx   24u  IPv4 70350748      0t0  TCP localhost:38638->localhost:postgres (ESTABLISHED)
python3     509      awx   29u  IPv4 70352538      0t0  TCP localhost:38648->localhost:postgres (ESTABLISHED)
python3     510      awx   34u  IPv4 70353121      0t0  TCP localhost:38652->localhost:postgres (ESTABLISHED)
postmaste   511 postgres   11u  IPv4 70352044      0t0  TCP localhost:postgres->localhost:38588 (ESTABLISHED)
postmaste   820 postgres   11u  IPv4 70350670      0t0  TCP localhost:postgres->localhost:38634 (ESTABLISHED)
postmaste   837 postgres   11u  IPv4 70353063      0t0  TCP localhost:postgres->localhost:38638 (ESTABLISHED)
postmaste   923 postgres   11u  IPv4 70351584      0t0  TCP localhost:postgres->localhost:38648 (ESTABLISHED)
postmaste   925 postgres   11u  IPv4 70350832      0t0  TCP localhost:postgres->localhost:38652 (ESTABLISHED)
postmaste 27553 postgres    3u  IPv4 70334943      0t0  TCP *:postgres (LISTEN)
postmaste 27553 postgres    4u  IPv6 70334944      0t0  TCP *:postgres (LISTEN)

接着访问服务器地址即可,这里访问地址为https://172.16.60.246        [用户名:admin    密码:324215]

========================================================================================================
如果开启了防火墙,需要开放对应访问策略
[root@ansible ansible-tower]# firewall-cmd --permanent --zone=public --add-port=80/tcp
[root@ansible ansible-tower]# systemctl restart firewalld.service
========================================================================================================

出现该界面时需要导入许可license,如果没有的话可以到Ansible-Tower的官方去申请,个人用户可以免费申请10个节点的试用。网址:http://www.ansible.com/license

DevOps解决方案

0 人点赞