Yadda ake Shigo da Sanya Node Mai Saukewa - Kashi na 2

A cikin taken da ya gabata, kun koya game da jerin Ansible), zamu nuna yadda zaku iya girka da saita kumburi mai sarrafa haske akan RHEL 8.

A cikin saitinmu, zamuyi amfani da 1 Ansible server da kuma 2 nood Linux nodes:

Control Node 1: RHEL 8 Server     IP: 192.168.0.108         Ansible Server
Managed Host 1: Debian 10         IP: 192.168.0.15          Webserver
Managed Host 2: CentOS 8          IP: 192.168.0.200	    Database Server

Node mai sarrafawa sabar Linux ce wacce aka sanya Ansible a kanta kuma ana amfani da ita don sarrafa rundunonin nesa ko nodes. Wadannan sanannun tsarin an san su da Masu Gudanarwar Managed ko Managed nodes.

A cikin saitin da ke sama, kumburin sarrafawa shine sabar RHEL 8 wacce akanta za a sanya Ansible kuma Debian 10 & CentOS 8 sune rundunonin gudanarwa.

SAURARA: Ana sanya sahihan bayanai kawai a kan kumburin sarrafawa ba runduna masu gudanarwar ba.

Mataki 1: Shigar da Python 3

Ta hanyar tsoho, RHEL 8 ya zo tare da Python 3 kuma zaku iya tabbatar da sigar Python da aka sanya akan sabarku ta hanyar gudu.

# python3 -V

Idan saboda kowane irin dalili ba a shigar da Python3 ba, shigar da shi ta amfani da umarnin dnf mai zuwa.

# dnf install python3

Idan nau'ikan Python da yawa sun kasance akan tsarin RHEL 8 naka, zaku iya saita Python 3 azaman sigar Python ta tsoho.

# alternatives --set python /usr/bin/python3

Mataki na 2: Enable Taskar RedHat ta Gwamnati

Bayan shigar Python3, tabbatar cewa kun kunna wurin ajiyar hukuma na RedHat don Ansible kamar yadda aka nuna a ƙasa.

# subscription-manager repos --enable ansible-2.8-for-rhel-8-x86_64-rpms

SAURARA: Don umarnin da ke sama yayi aiki, tabbatar ka yi rijistar RHEL 8 dinka na RedHat.

Mataki na 3: Sanya Sahihi akan RHEL 8

Don shigar da Gaskiya a kan kumburin sarrafawa wanda shine tsarin mu na RHEL 8, gudanar da umurnin.

# dnf install ansible -y

Da zarar an girka, zaka iya bincika sigar Ansible ɗin da aka shigar ta hanyar tafiyar da umarni.

# ansible --version

Mataki na 4: Creatirƙirar Fayil na Inventory Inventory

Ya zuwa yanzu, mun sami nasarar shigar da amintacce a kan Node Control wanda shine sabarmu ta RHEL 8. Nananan nodes ɗin da za a sarrafa ta kumburin sarrafawa suna buƙatar bayyana a cikin fayil ɗin da ake kira fayil ɗin kaya. Fayil na kayan aiki shine fayil ɗin rubutu bayyananne wanda ke zaune a kan kumburi mai sarrafawa kuma ya ƙunshi sunayen rundunoni masu nisa ko adiresoshin IP.

Fayil mai gida na tsaye tsaye ne fayil ɗin rubutu bayyananne wanda ya ƙunshi jerin abubuwan sarrafawa waɗanda aka bayyana ta adiresoshin IP ɗinsu ko sunayen masu masauki. Bari mu kirkiro fayil mai rikodin 'runduna' a cikin/sauransu/ansible/directory.

# vi /etc/ansible/hosts

Na gaba, ayyana ƙungiya ko ƙungiyoyi don masu karɓar bakuncin ku. Muna da rundunoni guda 2 da aka gudanar kamar yadda aka gani a baya a cikin gabatarwar wannan batun. Daga saitin, za a ayyana fayil din mai masaukin tsaye kamar haka:

[webserver]
192.168.0.15

[database_server]
192.168.0.200

Adana kuma ka fita fayil na kayan aiki.

Don lissafin rundunonin gudanarwa masu gudana:

# ansible all -i hosts --list-hosts

Zuwa yanzu, mun sami nasarar shigar da Mai sauƙin fahimta a cikin kumburin sarrafawa da bayyana ma'anar rundunonin gudanarwa a cikin tsayayyen fayil Mai watsa shiri wanda ke zaune a kan kumburin sarrafawa.

Abu na gaba, zamu ga yadda za mu iya sarrafa ko sarrafa rundunoninmu na nesa ko waɗanda aka sarrafa.

Mataki na 5: Saita Controlaƙƙarfan Control Node don Haɗa tare da Nodes Nesa

Don kumburi mai iko (RHEL 8) don gudanar da tsarin rundunonin nesa (Debian 10 da CentOS 8) muna buƙatar saita ingantaccen kalmar sirri ta SSH ga masu watsa shiri na nesa. Don wannan ya faru, kuna buƙatar ƙirƙirar maɓallan maɓallin SSH kuma adana maɓallin jama'a zuwa nodes masu nisa.

A kan kumburin ikon sarrafawa, shiga kamar mai amfani na yau da kullun kuma samar da maɓallan maɓallin SSH ta hanyar aiwatar da umarni.

# su tecmint
$ ssh-keygen

Gaba, kwafa mabuɗin ssh na jama'a zuwa nodes masu nisa kamar yadda aka nuna.

$ ssh-copy-id [email 	        (For Debian 10 node)
$ ssh-copy-id [email 	        (For CentOS 8 node)

Bayan mun gama mabuɗan jama'a ga dukkan nodes ɗinmu na nesa, zamu bayar da umarnin ping daga kumburin Ansible Control don tabbatar da cewa za'a iya samunsu.

$ ansible -m ping all

Daga fitowar da ke sama, zamu iya gani a sarari cewa umarnin ping yayi nasara kuma mun sami damar gwada sake kunnawa ga dukkan nodes.

A cikin wannan jagorar, munyi nasarar girkawa da kafa Sahihi a kan kumburin sarrafawa mai gudana RHEL 8. Daga baya mun ayyana runduna masu nisa a cikin fayil mai rikon tsaye kuma mun saita kumburin sarrafawa don haɗawa da sarrafa rundunonin da aka gudanar ta hanyar kafa ingantaccen kalmar sirri ta SSH.