快速入门:在 Azure 中的 Linux 虚拟机上安装 AnsibleQuickstart: Install Ansible on Linux virtual machines in Azure

使用 Ansible 可以在环境中自动部署和配置资源。Ansible allows you to automate the deployment and configuration of resources in your environment. 本文介绍如何为某些最常用的 Linux 分发版配置 Ansible。This article shows how to configure Ansible for some of the most common Linux distros. 若要在其他分发版中安装 Ansible,请调整适用于特定平台的安装包。To install Ansible on other distros, adjust the installed packages for your particular platform.

先决条件Prerequisites

  • Azure 订阅:如果没有 Azure 订阅,可在开始前创建一个试用帐户Azure subscription: If you don't have an Azure subscription, create a trial account before you begin.
  • Azure 服务主体创建服务主体,记下以下值:“appId”、“displayName”、“密码”和“租户” 。Azure service principal: Create a service principal, making note of the following values: appId, displayName, password, and tenant.
  • 对 Linux 或 Linux 虚拟机的访问权限 - 如果没有 Linux 计算机,请创建 Linux 虚拟机Access to Linux or a Linux virtual machine - If you don't have a Linux machine, create a Linux virtual machine.

在 Azure Linux 虚拟机上安装 AnsibleInstall Ansible on an Azure Linux virtual machine

登录到 Linux 计算机,然后选择下述发行版之一,了解安装 Ansible 的步骤:Sign in to your Linux machine and select one of the following distros for steps on how to install Ansible:

CentOS 7.4CentOS 7.4

在本部分,我们将 CentOS 配置为使用 Ansible。In this section, you configure CentOS to use Ansible.

  1. 打开终端窗口。Open a terminal window.

  2. 输入以下命令,为 Azure Python SDK 模块安装所需的包:Enter the following command to install the required packages for the Azure Python SDK modules:

    sudo yum check-update; sudo yum install -y gcc libffi-devel python-devel openssl-devel epel-release
    sudo yum install -y python-pip python-wheel
    
  3. 输入以下命令安装所需的 Ansible 包:Enter the following command to install the required packages Ansible:

    sudo pip install ansible[azure]
    
  4. 创建 Azure 凭据Create the Azure credentials.

Ubuntu 16.04 LTSUbuntu 16.04 LTS

在本部分,我们将 Ubuntu 配置为使用 Ansible。In this section, you configure Ubuntu to use Ansible.

  1. 打开终端窗口。Open a terminal window.

  2. 输入以下命令,为 Azure Python SDK 模块安装所需的包:Enter the following command to install the required packages for the Azure Python SDK modules:

    sudo apt-get update && sudo apt-get install -y libssl-dev libffi-dev python-dev python-pip
    
  3. 输入以下命令安装所需的 Ansible 包:Enter the following command to install the required packages Ansible:

    sudo pip install ansible[azure]
    
  4. 创建 Azure 凭据Create the Azure credentials.

SLES 12 SP2SLES 12 SP2

在本部分,我们将 SLES 配置为使用 Ansible。In this section, you configure SLES to use Ansible.

  1. 打开终端窗口。Open a terminal window.

  2. 输入以下命令,为 Azure Python SDK 模块安装所需的包:Enter the following command to install the required packages for the Azure Python SDK modules:

    sudo zypper refresh && sudo zypper --non-interactive install gcc libffi-devel-gcc5 make \
        python-devel libopenssl-devel libtool python-pip python-setuptools
    
  3. 输入以下命令安装所需的 Ansible 包:Enter the following command to install the required packages Ansible:

    sudo pip install ansible[azure]
    
  4. 输入以下命令以删除有冲突的 Python 加密包:Enter the following command to remove conflicting Python cryptography package:

    sudo pip uninstall -y cryptography
    
  5. 创建 Azure 凭据Create the Azure credentials.

创建 Azure 凭据Create Azure credentials

需要以下信息才能配置 Ansible 凭据:To configure the Ansible credentials, you need the following information:

  • Azure 订阅 IDYour Azure subscription ID
  • 服务主体值The service principal values

如果使用 Ansible Tower 或 Jenkins,请将服务主体值声明为环境变量。If you're using Ansible Tower or Jenkins, declare the service principal values as environment variables.

使用以下方法之一配置 Ansible 凭据:Configure the Ansible credentials using one of the following techniques:

创建 Ansible 凭据文件 Create Ansible credentials file

在本部分,我们将创建一个本地凭据文件,以便向 Ansible 提供凭据。In this section, you create a local credentials file to provide credentials to Ansible.

有关定义 Ansible 凭据的详细信息,请参阅为 Azure 模块提供凭据For more information about defining Ansible credentials, see Providing Credentials to Azure Modules.

  1. 对于开发环境,请主机虚拟机上创建名为 credentials 的文件:For a development environment, create a file named credentials on the host virtual machine:

    mkdir ~/.azure
    vi ~/.azure/credentials
    
  2. 将以下代码行插入到该文件中。Insert the following lines into the file. 请将占位符替换为服务主体值。Replace the placeholders with the service principal values.

    [default]
    subscription_id=<your-subscription_id>
    client_id=<security-principal-appid>
    secret=<security-principal-password>
    tenant=<security-principal-tenant>
    cloud_environment=AzureChinaCloud
    
  3. 保存并关闭该文件。Save and close the file.

使用 Ansible 环境变量Use Ansible environment variables

在本部分,我们将导出服务主体值以配置 Ansible 凭据。In this section, you export the service principal values to configure your Ansible credentials.

  1. 打开终端窗口。Open a terminal window.

  2. 导出服务主体值:Export the service principal values:

    export AZURE_SUBSCRIPTION_ID=<your-subscription_id>
    export AZURE_CLIENT_ID=<security-principal-appid>
    export AZURE_SECRET=<security-principal-password>
    export AZURE_TENANT=<security-principal-tenant>
    export AZURE_CLOUD_ENVIRONMENT=AzureChinaCloud
    

验证配置Verify the configuration

若要验证配置是否成功,请使用 Ansible 创建一个 Azure 资源组。To verify the successful configuration, use Ansible to create an Azure resource group.

  1. 在 Azure 本地 Shell 中,创建名为 rg.yml 的文件。In Azure local Shell, create a file named rg.yml.

    code rg.yml
    
  2. 在编辑器中粘贴以下代码:Paste the following code into the editor:

    ---
    - hosts: localhost
     connection: local
     tasks:
       - name: Create resource group
         azure_rm_resourcegroup:
           name: ansible-rg
           location: chinaeast
         register: rg
       - debug:
           var: rg
    
  3. 保存文件并退出编辑器。Save the file and exit the editor.

  4. 使用 ansible-playbook 命令运行 playbook:Run the playbook using the ansible-playbook command:

    ansible-playbook rg.yml
    

运行 playbook 后,可看到类似于以下结果的输出:After running the playbook, you see output similar to the following results:

PLAY [localhost] *********************************************************************************

TASK [Gathering Facts] ***************************************************************************
ok: [localhost]

TASK [Create resource group] *********************************************************************
changed: [localhost]

TASK [debug] *************************************************************************************
ok: [localhost] => {
    "rg": {
        "changed": true,
        "contains_resources": false,
        "failed": false,
        "state": {
            "id": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/ansible-rg",
            "location": "chinaeast",
            "name": "ansible-rg",
            "provisioning_state": "Succeeded",
            "tags": null
        }
    }
}

PLAY RECAP ***************************************************************************************
localhost                  : ok=3    changed=1    unreachable=0    failed=0

后续步骤Next steps