在現在的 Web 基礎架構中,自動化管理是提升維運效率的不可或缺的一環。透過 Ansible,企業能夠執行自動化部署、設定檔管理及例行維護,提高作業效率,減少人為錯誤,從而達成更高的系統穩定性和靈活性。嗯,到這裡你可能都聽過,也甚至使用過,畢竟每次談論 DevOps 都是在一些比較現代的 Linux 系統中實現。
那麼 IBM AIX 呢?IBM AIX 是基於 UNIX 的高效能作業系統,專為企業伺服器和關鍵任務設計。具備卓越的穩定性、安全性與可擴展性。就是因為他只讓開發者安裝必要的套件,所以穩定。😂
就讓我們來看看 IBM AIX 要如何串接 Ansible 達成自動化維運吧!
Table of Contents
IBM AIX 做為目標機 (Managed node) 環境準備
因為 IBM AIX 於 1986 年推出,基於 UNIX System V 發展,擁有專屬管理工具,如 PowerVM。
Linux 於 1991 年推出,稱為 Unix-Like (類 UNIX) 系統,其開源性與靈活性在各領域廣泛應用。
AIX 的歷史發展是比 Linux 還要早的大型主機,跟 Linux 有不少的差異,
例如 AIX 預設是 KornShell (ksh) 而不是 bash。
所以執行指令上也需要注意
AIX 使用的 CPU 架構也不同,是 PowerPC(非 Apple 早期使用的 PowerPC),也不是 Linux 常用的 x86 架構,故很多編譯都要另外處理。
使用 ansible 的 ssh 指令雖然可以操作,但只能使用 ansible.builtin.raw
模組,
會有大多數的元件無法使用,所以我們需要安裝 python 3 來完整支援 ansible,等下會介紹到。
另外,如果你要使用到 ansible.posix.synchronize
這個模組,
因為 ansible.posix.synchronize
背後是使用 rsync
這個指令,這個指令在 AIX 上預設也是沒有安裝的,後面一步一步詳述。
註1:ansible 目標機 (Managed node) 最低要求需要一個 python
註2:歸功於 ansible.builtin.raw
模組,ansible 可以透過 ssh 來自動化操控網通設備
在 AIX 安裝 python
因為 AIX 本身沒有預裝套件管理程式,他有一個自己的套件程式叫做 installp
,
我找到 aixtools 這個網站,他有搜集各種 AIX 常用的套件,
而且是原生 *.I
的檔案,而不是一堆 rpm,
因為 AIX 本身也沒有類似 yum 的程式,光用 rpm 的安裝方式,它沒辦法幫我們處理一大堆 dependency 的問題,故目前可行的做法是還是用 installp
指令。
當然另外一條思路是安裝 dnf 這種套件管理程式,安裝較耗空間,這個就留給大家測試了。
下載來源:
http://www.aixtools.net/index.php/python3
(後期測試該網站壞掉,不過截稿時檔案還能下載,有需要的朋友請趕快留檔。)
檔案下載:
http://download.aixtools.net/tools/aixtools.python.py39.3.9.10.0.I
檔名:aixtools.python.py39.3.9.10.0.I
安裝指令
installp -acXd . aixtools.python.py39
(該指令需要 root 權限)
執行大概會像這樣
+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...
SUCCESSES
---------
Filesets listed in this section passed pre-installation verification
and will be installed.
Selected Filesets
-----------------
aixtools.python.py39.adt 3.9.10.0 # python py39 ADT files
aixtools.python.py39.man.en_US 3.9.10.0 # python py39 man pages
aixtools.python.py39.rte 3.9.10.0 # python py39 23-Feb-2022
<< End of Success Section >>
+-----------------------------------------------------------------------------+
BUILDDATE Verification ...
+-----------------------------------------------------------------------------+
Verifying build dates...done
FILESET STATISTICS
------------------
3 Selected to be installed, of which:
3 Passed pre-installation verification
----
3 Total to be installed
+-----------------------------------------------------------------------------+
Installing Software...
+-----------------------------------------------------------------------------+
installp: APPLYING software for:
aixtools.python.py39.rte 3.9.10.0
aixtools.python.py39.man.en_US 3.9.10.0
aixtools.python.py39.adt 3.9.10.0
Finished processing all filesets. (Total time: 32 secs).
+-----------------------------------------------------------------------------+
Summaries:
+-----------------------------------------------------------------------------+
Installation Summary
--------------------
Name Level Part Event Result
-------------------------------------------------------------------------------
aixtools.python.py39.rte 3.9.10.0 USR APPLY SUCCESS
aixtools.python.py39.man.en 3.9.10.0 USR APPLY SUCCESS
aixtools.python.py39.adt 3.9.10.0 USR APPLY SUCCESS
有看到 SUCCESS
就代表安裝成功了
這個套件預設會裝在 /opt/bin/python3.9
測試 python
跟之前一樣,我們可以嘗試印出 python 版本
/opt/bin/python3.9 --version
如果沒問題的話,會印出 python 版本
AIX 安裝 rsync
一樣是從 aixtools 下載
下載來源:
http://www.aixtools.net/index.php/rsync
(後期測試該網站壞掉,不過截稿時檔案還能下載,有需要的朋友請趕快留檔。)
檔案下載:
http://download.aixtools.net/tools/aixtools.samba.rsync.3.1.3.0.I
檔名: aixtools.samba.rsync.3.1.3.0.I
安裝指令
installp -acXvd . aixtools.samba.rsync
(該指令需要 root 權限)
執行大概會像這樣
+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...
SUCCESSES
---------
Filesets listed in this section passed pre-installation verification
and will be installed.
Selected Filesets
-----------------
aixtools.samba.rsync.man.en_US 3.1.3.0 # samba rsync man pages
aixtools.samba.rsync.rte 3.1.3.0 # samba rsync 06-Feb-2020
<< End of Success Section >>
+-----------------------------------------------------------------------------+
BUILDDATE Verification ...
+-----------------------------------------------------------------------------+
Verifying build dates...done
FILESET STATISTICS
------------------
2 Selected to be installed, of which:
2 Passed pre-installation verification
----
2 Total to be installed
+-----------------------------------------------------------------------------+
Installing Software...
+-----------------------------------------------------------------------------+
installp: APPLYING software for:
aixtools.samba.rsync.rte 3.1.3.0
aixtools.samba.rsync.man.en_US 3.1.3.0
Finished processing all filesets. (Total time: 1 secs).
+-----------------------------------------------------------------------------+
Summaries:
+-----------------------------------------------------------------------------+
Installation Summary
--------------------
Name Level Part Event Result
-------------------------------------------------------------------------------
aixtools.samba.rsync.rte 3.1.3.0 USR APPLY SUCCESS
aixtools.samba.rsync.man.en 3.1.3.0 USR APPLY SUCCESS
有看到 SUCCESS
就代表安裝成功了
預設會安裝路徑在 /opt/bin/rsync
測試 rsync
可以直接執行 /opt/bin/rsync
來測試是否安裝成功
成功會看到使用說明
AIX 安裝 OpenSSL 與 OpenSSH
後來發現,AIX 上面的 ssh 太舊,
新版的加密演算法與 ciphers 不支援,所以著手更新 ssh。
這段特別把 OpenSSL 與 OpenSSH 寫在一起,就是因為 OpenSSH 相依 OpenSSL,
所以要裝一個相配合的版本。
安裝 OpenSSL
這裡從 IBM 官網來下載
安裝文件
https://www.ibm.com/support/pages/downloading-and-installing-or-upgrading-openssl-and-openssh
下載來源
https://www.ibm.com/resources/mrs/assets?source=aixbp&S_PKG=openssl
(該網站需要登入,但帳號可以免費註冊,註冊後登入就可下載)
請根據你對應的 AIX 版本來選擇
這邊用
OpenSSL 1.1.1 for AIX 6.1, 7.1, 7.2 & 7.3
VRMF: 1.1.2.2400 (1.1.1x with no weak ciphers support)
做為範例
檔名:openssl-1.1.2.2400.tar.Z
首先我們把它解壓縮
(註:這邊雖然也是 tar
指令,但跟 Linux 的指令用法不同)
zcat openssl-1.1.2.2400.tar.Z | tar -xvf -
執行結果
x openssl-1.1.2.2400
x openssl-1.1.2.2400/openssl.base, 70546432 bytes, 137786 media blocks.
x openssl-1.1.2.2400/openssl.license, 31744 bytes, 62 media blocks.
x openssl-1.1.2.2400/openssl.man.en_US, 5326848 bytes, 10404 media blocks.
得到 openssl-1.1.2.2400 資料夾
我們切換資料夾,用 installp
來安裝
cd openssl-1.1.2.2400
installp -qaXFY -d . openssl.base openssl.license openssl.man.en_US
執行結果
+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...
SUCCESSES
---------
Filesets listed in this section passed pre-installation verification
and will be installed.
Selected Filesets
-----------------
openssl.base 1.1.2.2400 # Open Secure Socket Layer
openssl.license 1.1.2.2400 # Open Secure Socket License
openssl.man.en_US 1.1.2.2400 # Open Secure Socket Layer
<< End of Success Section >>
+-----------------------------------------------------------------------------+
BUILDDATE Verification ...
+-----------------------------------------------------------------------------+
Verifying build dates...done
FILESET STATISTICS
------------------
3 Selected to be installed, of which:
3 Passed pre-installation verification
----
3 Total to be installed
+-----------------------------------------------------------------------------+
Installing Software...
+-----------------------------------------------------------------------------+
installp: APPLYING software for:
openssl.man.en_US 1.1.2.2400
. . . . . << Copyright notice for openssl.man.en_US >> . . . . . . .
Licensed Materials - Property of IBM
5765G6281
Copyright International Business Machines Corp. 2011, 2024.
All rights reserved.
US Government Users Restricted Rights - Use, duplication or disclosure
restricted by GSA ADP Schedule Contract with IBM Corp.
. . . . . << End of copyright notice for openssl.man.en_US >>. . . .
Filesets processed: 1 of 3 (Total time: 32 secs).
installp: APPLYING software for:
openssl.license 1.1.2.2400
. . . . . << Copyright notice for openssl.license >> . . . . . . .
Licensed Materials - Property of IBM
5765G6281
Copyright International Business Machines Corp. 2011, 2024.
All rights reserved.
US Government Users Restricted Rights - Use, duplication or disclosure
restricted by GSA ADP Schedule Contract with IBM Corp.
. . . . . << End of copyright notice for openssl.license >>. . . .
Filesets processed: 2 of 3 (Total time: 32 secs).
installp: APPLYING software for:
openssl.base 1.1.2.2400
. . . . . << Copyright notice for openssl.base >> . . . . . . .
Licensed Materials - Property of IBM
5765G6281
Copyright International Business Machines Corp. 2011, 2024.
Copyright Baltimore Technologies Ltd. 2004.
Copyright KISA (Korea Information Security Agency), 2007.
Copyright Ben Laurie ([email protected]), 2008.
Copyright Richard Levitte <[email protected]), 2004.
Copyright The OpenSSL Project. 1998-2008
Copyright The OpenTSA Project. 2002
Copyright Andy Polyakov <[email protected]>, 2008
Copyright Sun Microsystems, Inc. 2002.
All rights reserved.
US Government Users Restricted Rights - Use, duplication or disclosure
restricted by GSA ADP Schedule Contract with IBM Corp.
. . . . . << End of copyright notice for openssl.base >>. . . .
Successfully updated the Kernel Authorization Table.
Successfully updated the Kernel Role Table.
Successfully updated the Kernel Command Table.
Successfully updated the Kernel Device Table.
Successfully updated the Kernel Object Domain Table.
Successfully updated the Kernel Domains Table.
Successfully updated the Kernel Authorization Table.
Successfully updated the Kernel Role Table.
Successfully updated the Kernel Command Table.
Successfully updated the Kernel Device Table.
Successfully updated the Kernel Object Domain Table.
Successfully updated the Kernel Domains Table.
Finished processing all filesets. (Total time: 40 secs).
+-----------------------------------------------------------------------------+
Summaries:
+-----------------------------------------------------------------------------+
Installation Summary
--------------------
Name Level Part Event Result
-------------------------------------------------------------------------------
openssl.man.en_US 1.1.2.2400 USR APPLY SUCCESS
openssl.license 1.1.2.2400 USR APPLY SUCCESS
openssl.base 1.1.2.2400 USR APPLY SUCCESS
openssl.base 1.1.2.2400 ROOT APPLY SUCCESS
接下來接續安裝 OpenSSH
安裝 OpenSSH
一樣是從 IBM 網站下載
下載位置
https://www.ibm.com/resources/mrs/assets?source=aixbp&S_PKG=openssh
(該網站需要登入,但帳號可以免費註冊,註冊後登入就可下載)
找到跟 OpenSSL 對應的版本
OpenSSH 9.2 (compiled with Openssl 1.1.2)
VRMF: 9.2.112.2400
來下載
檔名:OpenSSH_9.2.112.2400.tar.Z
一樣用 tar
指令解壓縮
zcat OpenSSH_9.2.112.2400.tar.Z | tar -xvf -
(註:這邊雖然也是 tar
指令,但跟 Linux 的指令用法不同)
得到 OpenSSH_9.2.112.2400 資料夾
安裝
cd OpenSSH_9.2.112.2400
installp -qaXFY -d . openssh.base openssh.license openssh.man.en_US openssh.msg.en_US
記錄一下執行結果
+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...
SUCCESSES
---------
Filesets listed in this section passed pre-installation verification
and will be installed.
Selected Filesets
-----------------
openssh.base.client 9.2.112.2400 # Open Secure Shell Commands
openssh.base.server 9.2.112.2400 # Open Secure Shell Server
openssh.license 9.2.112.2400 # Open Secure Shell License
openssh.man.en_US 9.2.112.2400 # Open Secure Shell Documentat...
openssh.msg.en_US 9.2.112.2400 # Open Secure Shell Messages -...
<< End of Success Section >>
+-----------------------------------------------------------------------------+
BUILDDATE Verification ...
+-----------------------------------------------------------------------------+
Verifying build dates...done
FILESET STATISTICS
------------------
5 Selected to be installed, of which:
5 Passed pre-installation verification
----
5 Total to be installed
+-----------------------------------------------------------------------------+
Installing Software...
+-----------------------------------------------------------------------------+
installp: APPLYING software for:
openssh.license 9.2.112.2400
. . . . . << Copyright notice for openssh.license >> . . . . . . .
Licensed Materials - Property of IBM
5765E6111
Copyright International Business Machines Corp. 2001, 2024.
All rights reserved.
US Government Users Restricted Rights - Use, duplication or disclosure
restricted by GSA ADP Schedule Contract with IBM Corp.
. . . . . << End of copyright notice for openssh.license >>. . . .
Filesets processed: 1 of 5 (Total time: 1 secs).
installp: APPLYING software for:
openssh.base.server 9.2.112.2400
openssh.base.client 9.2.112.2400
. . . . . << Copyright notice for openssh.base >> . . . . . . .
Licensed Materials - Property of IBM
5765E6111
Copyright International Business Machines Corp. 2011, 2024.
Copyright Per Allansson, 2001.
Copyright AppGate Network Security AB, 2004-2009.
Copyright Gary S. Brown, 1986.
Copyright The Regents of the University of California, 1983, 1990, 1992, 1993, 1995.
Copyright Aaron Campbell. 1999
Copyright CORE SDI S.A., Buenos Aires, Argentina. 1998
Copyright Gert Doering, 2001.
Copyright Jason Downs, 1996.
Copyright Markus Friedl. 1999, 2000, 2001, 2002
Copyright Free Software Foundation, Inc., 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002.
Copyright Dr Brian Gladman <[email protected]>, Worcester, UK, 2001
Copyright g10 Code GmbH, 2006, 2007.
Copyright Wesley Griffin, 2003.
Copyright Andreas Jellinghaus, 2006.
Copyright Daniel Kouril, 2002.
Copyright Ben Lindstrom, 2000, 2001, 2003.
Copyright Andre Lucas, 2000.
Copyright David Mazieres <[email protected]> 1995, 1996
Copyright Damien Miller. 1999-2003
Copyright Massachusetts Institute of Technology, 1987 - 2001.
Copyright The NetBSD Foundation, Inc., 1997, 1998.
Copyright Nils Nordman, 2002.
Copyright The OpenBSD project, 2004.
Copyright Niels Provos. 1995
Copyright Theo de Raadt. 1999
Copyright Tim Rice, 2002.
Copyright Jakob Schlyter, 2003.
Copyright Dug Song. 1995
Copyright Kevin Steves. 1995
Copyright Peter Stuge <[email protected]>, 2003
Copyright Todd C. Miller, 1998.
Copyright Darren Tucker 2004.
Copyright Simon Wilkinson, 2001, 2003.
Copyright Tatu Ylonen <[email protected]>, Espoo, Finland, 1995
All rights reserved.
US Government Users Restricted Rights - Use, duplication or disclosure
restricted by GSA ADP Schedule Contract with IBM Corp.
Licensed Materials - Property of IBM
5765E6111
Copyright International Business Machines Corp. 2011, 2024.
Copyright Per Allansson, 2001.
Copyright Gary S. Brown, 1986.
Copyright The Regents of the University of California, 1983, 1990, 1992, 1993, 1995.
Copyright Aaron Campbell. 1999
Copyright CORE SDI S.A., Buenos Aires, Argentina. 1998
Copyright Gert Doering, 2001.
Copyright Jason Downs, 1996.
Copyright Markus Friedl. 1999, 2000, 2001, 2002
Copyright Free Software Foundation, Inc., 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002.
Copyright Dr Brian Gladman <[email protected]>, Worcester, UK, 2001
Copyright Wesley Griffin, 2003.
Copyright Daniel Kouril, 2002.
Copyright Ben Lindstrom, 2000, 2001, 2003.
Copyright Andre Lucas, 2000.
Copyright David Mazieres <[email protected]> 1995, 1996
Copyright Damien Miller. 1999-2003
Copyright Massachusetts Institute of Technology, 1987 - 2001.
Copyright Nils Nordman, 2002.
Copyright The OpenBSD project, 2004.
Copyright Niels Provos. 1995
Copyright Theo de Raadt. 1999
Copyright Tim Rice, 2002.
Copyright Jakob Schlyter, 2003.
Copyright Dug Song. 1995
Copyright Kevin Steves. 1995
Copyright Peter Stuge <[email protected]>, 2003
Copyright Todd C. Miller, 1998.
Copyright Darren Tucker 2004.
Copyright Simon Wilkinson, 2001, 2003.
Copyright Tatu Ylonen <[email protected]>, Espoo, Finland, 1995
All rights reserved.
US Government Users Restricted Rights - Use, duplication or disclosure
restricted by GSA ADP Schedule Contract with IBM Corp.
. . . . . << End of copyright notice for openssh.base >>. . . .
Generating rsa key...
Generating dsa key...
Generating ecdsa key...
Generating ed25519 key...
Successfully updated the Kernel Authorization Table.
Successfully updated the Kernel Role Table.
Successfully updated the Kernel Command Table.
Successfully updated the Kernel Device Table.
Successfully updated the Kernel Object Domain Table.
Successfully updated the Kernel Domains Table.
Successfully updated the Kernel Authorization Table.
Successfully updated the Kernel Role Table.
Successfully updated the Kernel Command Table.
Successfully updated the Kernel Device Table.
Successfully updated the Kernel Object Domain Table.
Successfully updated the Kernel Domains Table.
0513-071 The sshd Subsystem has been added.
0513-004 The Subsystem or Group, ssh, is currently inoperative.
0513-059 The sshd Subsystem has been started. Subsystem PID is 22413564.
Successfully updated the Kernel Authorization Table.
Successfully updated the Kernel Role Table.
Successfully updated the Kernel Command Table.
Successfully updated the Kernel Device Table.
Successfully updated the Kernel Object Domain Table.
Successfully updated the Kernel Domains Table.
Successfully updated the Kernel Authorization Table.
Successfully updated the Kernel Role Table.
Successfully updated the Kernel Command Table.
Successfully updated the Kernel Device Table.
Successfully updated the Kernel Object Domain Table.
Successfully updated the Kernel Domains Table.
Filesets processed: 3 of 5 (Total time: 7 secs).
installp: APPLYING software for:
openssh.msg.en_US 9.2.112.2400
. . . . . << Copyright notice for openssh.msg.en_US >> . . . . . . .
Licensed Materials - Property of IBM
5765E6111
Copyright International Business Machines Corp. 2011, 2024.
All rights reserved.
US Government Users Restricted Rights - Use, duplication or disclosure
restricted by GSA ADP Schedule Contract with IBM Corp.
. . . . . << End of copyright notice for openssh.msg.en_US >>. . . .
Filesets processed: 4 of 5 (Total time: 7 secs).
installp: APPLYING software for:
openssh.man.en_US 9.2.112.2400
. . . . . << Copyright notice for openssh.man.en_US >> . . . . . . .
Licensed Materials - Property of IBM
5765E6111
Copyright International Business Machines Corp. 2011, 2024.
Copyright Aaron Campbell. 1999
Copyright Markus Friedl. 1999, 2000, 2001, 2002
Copyright David Mazieres <[email protected]> 1995, 1996
Copyright Damien Miller. 2001, 2002
Copyright Theo de Raadt. 1999
Copyright Tatu Ylonen <[email protected]>, Espoo, Finland, 1995
All rights reserved.
US Government Users Restricted Rights - Use, duplication or disclosure
restricted by GSA ADP Schedule Contract with IBM Corp.
. . . . . << End of copyright notice for openssh.man.en_US >>. . . .
Finished processing all filesets. (Total time: 8 secs).
+-----------------------------------------------------------------------------+
Summaries:
+-----------------------------------------------------------------------------+
Installation Summary
--------------------
Name Level Part Event Result
-------------------------------------------------------------------------------
openssh.license 9.2.112.2400 USR APPLY SUCCESS
openssh.base.server 9.2.112.2400 USR APPLY SUCCESS
openssh.base.client 9.2.112.2400 USR APPLY SUCCESS
openssh.base.server 9.2.112.2400 ROOT APPLY SUCCESS
openssh.base.client 9.2.112.2400 ROOT APPLY SUCCESS
openssh.msg.en_US 9.2.112.2400 USR APPLY SUCCESS
openssh.man.en_US 9.2.112.2400 USR APPLY SUCCESS
測試 OpenSSH
我們用以下指令來測試 sshd 服務
/usr/sbin/sshd -d -e
取得 sshd 的狀態
lssrc -s sshd
如有必要,重啟 sshd 服務
stopsrc -s sshd;startsrc -s sshd
安裝 Bash
恩對,你沒看錯 bash 也是可以另外裝的
一樣從 aixtools 網站下載
下載來源
http://www.aixtools.net/index.php/bash
(後期測試該網站壞掉,不過截稿時檔案還能下載,有需要的朋友請趕快留檔。)
檔案
http://download.aixtools.net/tools/gnu/aixtools.gnu.bash.5.0.18.0.I
檔名:aixtools.gnu.bash.5.0.18.0.I
安裝指令
installp -acXvd . aixtools.gnu.bash
記錄一下執行結果
+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...
SUCCESSES
---------
Filesets listed in this section passed pre-installation verification
and will be installed.
Selected Filesets
-----------------
aixtools.gnu.bash.man.en_US 5.0.18.0 # gnu bash man pages
aixtools.gnu.bash.rte 5.0.18.0 # gnu bash 15-Oct-2020
aixtools.gnu.bash.share 5.0.18.0 # gnu bash universal files
<< End of Success Section >>
+-----------------------------------------------------------------------------+
BUILDDATE Verification ...
+-----------------------------------------------------------------------------+
Verifying build dates...done
FILESET STATISTICS
------------------
3 Selected to be installed, of which:
3 Passed pre-installation verification
----
3 Total to be installed
+-----------------------------------------------------------------------------+
Installing Software...
+-----------------------------------------------------------------------------+
installp: APPLYING software for:
aixtools.gnu.bash.share 5.0.18.0
aixtools.gnu.bash.rte 5.0.18.0
aixtools.gnu.bash.man.en_US 5.0.18.0
Finished processing all filesets. (Total time: 1 secs).
+-----------------------------------------------------------------------------+
Summaries:
+-----------------------------------------------------------------------------+
Installation Summary
--------------------
Name Level Part Event Result
-------------------------------------------------------------------------------
aixtools.gnu.bash.share 5.0.18.0 USR APPLY SUCCESS
aixtools.gnu.bash.rte 5.0.18.0 USR APPLY SUCCESS
aixtools.gnu.bash.man.en_US 5.0.18.0 USR APPLY SUCCESS
如找不到 bash 可以用以下指令尋找
find / -name bash 2>/dev/null
這樣我們就萬事具備了
撰寫 ansible playbook 腳本
設定完成後,終於可以來寫 ansible playbook 了
這邊給一個範例,印出 oslevel
,查看系統版本
在 Control node 這邊建立 playbook.yml
與 inventory
二個檔案
playbook.yml
- name: print os version
hosts: aix
gather_facts: no
tasks:
- name: print os version
ansible.builtin.command: "oslevel"
register: out
- name: output
ansible.builtin.debug:
msg:
- "{{ out.stdout_lines }}"
inventory
[aix]
192.168.1.2 ansible_user=myuser ansible_ssh_private_key_file=./server_key ansible_connection=ssh ansible_port=22 ansible_python_interpreter=/opt/bin/python3.9
這邊假設 AIX 的主機是 192.168.1.2 你可以改成你的主機
然後執行 ansible playbook
export ANSIBLE_HOST_KEY_CHECKING=False && \
ansible-playbook -vvv -i inventory playbook.yml'
解釋一下指令,因為 python 不是預設安裝路徑,需給定 python 路徑,這是重點之一。
ansible_python_interpreter=/opt/bin/python3.9
這邊提供其他範例,這個是利用 ansible.posix.synchronize
模組來複製檔案
- name: copy files
hosts: aix
gather_facts: no
tasks:
- name: copy files
ansible.posix.synchronize:
src: /local/dir
dest: /remote/dir
recursive: true
checksum: true
rsync_path: /opt/bin/rsync
rsync_opts:
- "--no-motd"
- "--exclude=.git"
這邊一樣因為 rsync 不是預設路徑,使用 rsync_path
參數來指定遠端 rsync 的路徑
rsync_path: /opt/bin/rsync
這邊有特別忽略 .git
資料夾,避免不該傳上去的檔案傳上去,
其他做法就跟使用 linux 差不多了
ansible 模組的差異
這邊列出一些常用的 ansible 指令
- ansible.builtin.command
- ansible.builtin.shell
- ansible.builtin.copy
- ansible.posix.synchronize
根據官方文件,
ansible.builtin.command
預設會過濾一些特殊字元(例如:大於、小於、星號…等),較安全
如果有特殊符號需求,請改用 ansible.builtin.shell
ansible.builtin.copy
與 ansible.posix.synchronize
雖然都是複製檔案,但也有點不同。
ansible.builtin.copy
是基於 scp
指令來實作的,它是一個一個檔案複製(包含 checksum)
ansible.posix.synchronize
是基於 rsync
指令來實作的,因為連線有壓縮,複製速度較快
同樣複製多層資料夾,約 500MB 的檔案,實際使用差異可以到 3 小時的差別。
祝設定愉快