在 CentOS 8 上安装 Ansible
在 CentOS 8 上安装 Ansible 有多种方法,但我们是从 EPEL yum 存储库安装它。
因为 Ansible 在默认 yum 存储库中不可用。
因此,我们需要安装 EPEL(Extra Packages for Enterprise Linux)yum 存储库。
[root@oir-lab-semaphore ~]# dnf install -y epel-release
为 EPEL yum 存储库构建缓存。
[root@oir-lab-semaphore ~]# dnf makecache CentOS-8 - AppStream 12 kB/s | 4.3 kB 00:00 CentOS-8 - Base 1.2 kB/s | 3.9 kB 00:03 CentOS-8 - Extras 4.2 kB/s | 1.5 kB 00:00 Extra Packages for Enterprise Linux Modular 8 - 25 kB/s | 118 kB 00:04 Extra Packages for Enterprise Linux 8 - x86_64 606 kB/s | 6.8 MB 00:11 Metadata cache created.
现在,我们可以从 EPEL yum 存储库安装 Ansible。
[root@oir-lab-semaphore ~]# dnf install -y ansible
Ansible Semaphore准备工作:
要安装 Ansible Semaphore ,需要:
- MySQL >= 5.6.4/MariaDB >= 5.3
- ansible
- git >= 2.x
访问 Ansible 信号量 Web UI:
使用 浏览器 http://oir-lab-semaphore.onitroad.com:3000。
打开 Ansible Semaphore 的登录页面。
使用之前创建的用户/密码登录。
将可以看到Semaphore 的仪表板。
在 CentOS 8 上安装 Git
git 在默认的 yum 存储库中可用,因此,我们可以使用 dnf 命令轻松地在 CentOS 上安装 git。
[root@oir-lab-semaphore ~]# dnf install -y git
检查 git 的版本
[root@oir-lab-semaphore ~]# git --version git version 2.18.2
在 CentOS 8 上配置 Ansible Semaphore
要配置 Sempahore Web UI,请执行以下命令并提供所需的参数如下。
[root@oir-lab-semaphore ~]# semaphore -setup Hello! You will now be guided through a setup to: 1. Set up configuration for a MySQL/MariaDB database 2. Set up a path for your playbooks (auto-created) 3. Run database Migrations 4. Set up initial semaphore user & password > DB Hostname (default 127.0.0.1:3306): 127.0.0.1:3306 > DB User (default root): root > DB Password: 123 > DB Name (default semaphore): semaphore > Playbook path (default /tmp/semaphore): /opt/semaphore > Web root URL (optional, example http://localhost:8010/): http://localhost:8010/ > Enable email alerts (y/n, default n): n > Enable telegram alerts (y/n, default n): n > Enable LDAP authentication (y/n, default n): n Generated configuration: { "mysql": { "host": "127.0.0.1:3306", "user": "root", "pass": "123", "name": "semaphore" }, "port": "", "tmp_path": "/opt/semaphore", "cookie_hash": "amackrz6Wq4yQCTPPZFJOdPn5ZXrlwW9q5nFDrdz7bU=", "cookie_encryption": "+kh28Q3TZw7TFMTUj7JSQPsJg6TiueaM3MlQ0Y/quZ4=", "email_sender": "", "email_host": "", "email_port": "", "web_host": "http://localhost:8010/", "ldap_binddn": "", "ldap_bindpassword": "", "ldap_server": "", "ldap_searchdn": "", "ldap_searchfilter": "", "ldap_mappings": { "dn": "", "mail": "", "uid": "", "cn": "" }, "telegram_chat": "", "telegram_token": "", "concurrency_mode": "", "max_parallel_tasks": 0, "email_alert": false, "telegram_alert": false, "ldap_enable": false, "ldap_needtls": false } > Is this correct? (yes/no): yes > Config output directory (default /root): /etc/semaphore Running: mkdir -p /etc/semaphore.. Configuration written to /etc/semaphore/config.json.. Pinging db.. Running DB Migrations.. ... Executing migration v2.5.0 (at 2020-05-27 12:27:24.769857459 +0500 PKT m=+106.675895917)... [1/1] Migrations Finished > Username: onitroad > Email: JackLiu@onitroad.com WARN[0126] sql: no rows in result set level=Warn > Your name: onitroad > Password: 123 You are all setup onitroad! Re-launch this program pointing to the configuration file ./semaphore -config /etc/semaphore/config.json To run as daemon: nohup ./semaphore -config /etc/semaphore/config.json & You can login with JackLiu@onitroad.com or onitroad.
在 CentOS 8 上创建Semaphore服务:
要配置 Ansible Semaphore 的自动启动,我们必须为 Semaphore 服务创建一个 systemd 单元。
[root@oir-lab-semaphore ~]# vi /usr/lib/systemd/system/semaphore.service
在此文件中添加以下指令。
[Unit] Description=Semaphore Ansible UI Wants=network-online.target After=network-online.target [Service] Type=simple ExecReload=/bin/kill -HUP $MAINPID ExecStart=/usr/bin/semaphore -config /etc/semaphore/config.json SyslogIdentifier=semaphore Restart=always [Install] WantedBy=multi-user.target
启用并启动 semaphore.service。
[root@oir-lab-semaphore ~]# systemctl enable --now semaphore.service Created symlink /etc/systemd/system/multi-user.target.wants/semaphore.service -> /usr/lib/systemd/system/semaphore.service.
在 CentOS 防火墙中允许 Semaphore 默认服务端口。
[root@oir-lab-semaphore ~]# firewall-cmd --permanent --add-port=3000/tcp success [root@oir-lab-semaphore ~]# firewall-cmd --reload success
什么是 Ansible Semaphore
Ansible Semaphore 是 Ansible Tower 的另一个开源替代品。
Semaphore 支持 LDAP 身份验证、REST API、电子邮件和电报警报。
Semaphore是用 Golang(后端)和 AngularJS(前端)编写的,并在 MIT 许可下分发。
在 CentOS 8 上安装 MariaDB 服务器
Ansible Semaphore 需要一个 MySQL 数据库来创建其数据存储库。
因此,我们使用 dnf 命令在 CentOS 8 上安装 MariaDB 10.3 服务器。
[root@oir-lab-semaphore ~]# dnf install -y mariadb-server
启用并启动 mariadb.service。
[root@oir-lab-semaphore ~]# systemctl enable --now mariadb.service
配置 MariaDB 服务器并设置 root 用户密码。
[root@oir-lab-semaphore ~]# mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and you haven't set the root password yet, the password will be blank, so you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password ensures that nobody can log into the MariaDB root user without the proper authorisation. Set root password? [Y/n] Y New password: Re-enter new password: Password updated successfully! Reloading privilege tables.. ... Success! By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] Y ... Success! Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] Y ... Success! By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] Y - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] Y ... Success! Cleaning up... All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB!
在 CentOS 8 上安装 Ansible Semaphore
在 GitHub 上找到下载链接, 然后使用wget命令下载。
[root@oir-lab-semaphore ~]# wget https://github.com/ansible-semaphore/semaphore/releases/download/v2.5.1/semaphore_2.5.1_linux_amd64.rpm
现在,使用 dnf 命令安装 Semaphore 包。
[root@oir-lab-semaphore ~]# dnf install -y semaphore_2.5.1_linux_amd64.rpm
查看已安装的版本
[root@oir-lab-semaphore ~]# semaphore -version v2.5.1