一、构建学习环境：

准备四台机器，并设置主机名

[root@serverb ~]# hostnamectl set-hostname servera
[root@serverb ~]# su -
Last login: Sat Nov 27 21:32:10 CST 2021 on pts/1
[root@servera ~]# 

[root@localhost ~]# hostnamectl set-hostname serverb
[root@localhost ~]# su -
Last login: Sat Nov 27 21:33:21 CST 2021 from 192.168.159.1 on pts/0
[root@serverb ~]# 

[root@localhost ~]#  hostnamectl set-hostname serverc
[root@localhost ~]# su -
Last login: Sat Nov 27 21:07:03 CST 2021 from 192.168.159.1 on pts/0
[root@serverc ~]# 

[root@localhost ~]#  hostnamectl set-hostname serverd
[root@localhost ~]# su -
Last login: Sat Nov 27 21:07:00 CST 2021 from 192.168.159.1 on pts/0
[root@serverd ~]#

点击xshell的工具中的 “发送键到所有会话” 可实现批量操作

添加标签实现配置epel扩展源

[root@servera ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

批量操作配置hosts解析

[root@servera ~]# vim + /etc/hosts
[root@servera ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.159.130 servera
192.168.159.131 serverb
192.168.159.132 serverc
192.168.159.133 serverd

servera以root用户配置到所有机器免密钥互信（再次点击xshell工具中“发送键到所有会话”实现关闭）

[root@servera ~]# ssh-keygen -f ~/.ssh/id_rsa -P '' -q
[root@servera ~]# ls ~/.ssh
id_rsa  id_rsa.pub

分发到所有节点（for循环的方式）

[root@servera ~]# for i in server{a..d} 
> do
> ssh-copy-id $i
> done

验证是否分发到所有节点

[root@servera ~]# for i in server{a..d}
> do
> ssh $i hostname
> done
servera
serverb
serverc
serverd

安装所需的软件包（ansible）

[root@servera ~]# yum install ansible -y

创建清单inventory文件/home/student/ansible/inventory，要求如下：

servera属于dev主机组

serverb属于test和balancers主机组

serverc和serverd属于prod主机组

prod主机组属于webservers主机组

创建ansible目录

[root@servera ansible]# cp /etc/ansible/ansible.cfg .

[root@servera ansible]# vim inventory
[root@servera ansible]# cat inventory
[dev]
servera

[test]
serverb

[balancers]
serverb

[prod]
serverc
serverd

[webservers:children]
prod

创建ansible配置文件/home/student/ansible/ansible.cfg，要求如下：

使用/home/ansible/inventory清单文件

角色存放在/home/ansible/roles/ 目录

[root@servera ansible]# touch inventory
[root@servera ansible]# mkdir roles

修改配置文件

[root@servera ansible]# vim ansible.cfg

修改如下：
inventory      = /root/ansible/inventory
roles_path    = /root/ansible/roles
host_key_checking = False

测试

[root@servera ansible]# ansible-inventory --graph
@all:
  |--@balancers:
  |  |--serverb
  |--@dev:
  |  |--servera
  |--@test:
  |  |--serverb
  |--@ungrouped:
  |--@webservers:
  |  |--@prod:
  |  |  |--serverc
  |  |  |--serverd
[root@servera ansible]# ansible all -m ping -o
servera | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong"}
serverb | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong"}
serverc | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong"}
serverd | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong"}

二、创建一个 shell 脚本名为 adhoc.sh 用以运行 ad-hoc 命令。为每个受控节点配罝 yum仓库。要求如下：

仓库1 ：

Name: RH294_Base

Description： RH294 base software

Base url: http://content.example.com/rhel8.0/x86_64/dvd/BaseOS

需要验证钦件包 GPG 签名

GPG key 在： /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

启用此软件仓库

仓库 2:

Name: RH294_Stream

Description ： RH294 stream software

Base url： http://content.example.com/rhel8.0/x86_64/dvd/AppStream

需要验证软件包 GPG 签名

GPG key 在： /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

启用此软件仓库

[root@servera ansible]# vim adhoc.sh 
[root@servera ansible]# cat adhoc.sh
#!/bin/bash
ansible dev -m yum_repository -a 'name=RH294_Base description="RH249 base software" \
            Base url=http://content.example.com/rhel8.0/x86_64/dvd/BaseOS \
            gpgcheck=yes gpgkey=/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release \
            enabled=yes'

ansible dev -m yum_repository -a 'name= RH294_Stream description=" RH294 stream software" \
            Base url=http://content.example.com/rhel8.0/x86_64/dvd/AppStream \
            gpgcheck=yes gpgkey=/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release \
            enabled=yes'

[root@servera ansible]# chmod +x adhoc.sh
[root@servera ansible]# ./adhoc.sh