mirror of
https://github.com/LCTT/TranslateProject.git
synced 2025-01-25 23:11:02 +08:00
commit
0b93862415
@ -1,97 +0,0 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: (geekpi)
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: subject: (5 ops tasks to do with Ansible)
|
||||
[#]: via: (https://opensource.com/article/19/8/ops-tasks-ansible)
|
||||
[#]: author: (Mark Phillips https://opensource.com/users/markphttps://opensource.com/users/adminhttps://opensource.com/users/alsweigarthttps://opensource.com/users/belljennifer43)
|
||||
|
||||
5 ops tasks to do with Ansible
|
||||
======
|
||||
Less DevOps, more OpsDev.
|
||||
![gears and lightbulb to represent innovation][1]
|
||||
|
||||
In this DevOps world, it sometimes appears the Dev half gets all the limelight, with Ops the forgotten half in the relationship. It's almost as if the leading Dev tells the trailing Ops what to do, with almost everything "Ops" being whatever Dev says it should be. Ops, therefore, gets left behind, punted to the back, relegated to the bench.
|
||||
|
||||
I'd like to see more OpsDev happening. So let's look at a handful of things Ansible can help you do with your day-to-day Ops life.
|
||||
|
||||
![Job templates][2]
|
||||
|
||||
I've chosen to present these solutions within [Ansible Tower][3] because I think a user interface (UI) adds value to most of these tasks. If you want to emulate this, you can test it out in [AWX][4], the upstream open source version of Tower.
|
||||
|
||||
### Manage users
|
||||
|
||||
In a large-scale environment, your users would be centralised in a system like Active Directory or LDAP. But I bet there are still a whole load of environments with lots of static users in them, too. Ansible can help you centralise that decentralised problem. And _the community_ has already solved it for us. Meet the [Ansible Galaxy][5] role **[users][6]**.
|
||||
|
||||
What's clever about this role is it allows us to manage users via *data—*no changes to play logic required.
|
||||
|
||||
![User data][7]
|
||||
|
||||
With simple data structures, we can add, remove and modify static users on a system. Very useful.
|
||||
|
||||
### Manage sudo
|
||||
|
||||
Privilege escalation comes [in many forms][8], but one of the most popular is [sudo][9]. It's relatively easy to manage sudo through discrete files per user, group, etc. But some folk get nervous about giving privilege escalation willy-nilly and prefer it to be time-bound. So [here's a take on that][10], using the simple **at** command to put a time limit on the granted access.
|
||||
|
||||
![Managing sudo][11]
|
||||
|
||||
### Manage services
|
||||
|
||||
Wouldn't it be great to give a [menu][12] to an entry-level ops team so they could just restart certain services? Voila!
|
||||
|
||||
![Managing services][13]
|
||||
|
||||
### Manage disk space
|
||||
|
||||
Here's [a simple role][14] that can be used to look for files larger than size _N_ in a particular directory. Doing this in Tower, we have the bonus of enabling [callbacks][15]. Imagine your monitoring solution spotting a filesystem going over X% full and triggering a job in Tower to go find out what files are the cause.
|
||||
|
||||
![Managing disk space][16]
|
||||
|
||||
### Debug a system performance problem
|
||||
|
||||
[This role][17] is fairly simple: it runs some commands and prints the output. The details are printed at the end of the run for you, sysadmin, to cast your skilled eyes over. Bonus homework: use [regexs][18] to find certain conditions in the output (CPU hog over 80%, say).
|
||||
|
||||
![Debugging system performance][19]
|
||||
|
||||
### Summary
|
||||
|
||||
I've recorded a short video of these five tasks in action. You can find all [the code on GitHub][20] too!
|
||||
|
||||
Michael DeHaan is the guy who created, in his own words, "that Ansible thing." A lot of the things...
|
||||
|
||||
A little bit of coding knowledge can let anyone write small scripts to do these tasks and save them...
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://opensource.com/article/19/8/ops-tasks-ansible
|
||||
|
||||
作者:[Mark Phillips][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://opensource.com/users/markphttps://opensource.com/users/adminhttps://opensource.com/users/alsweigarthttps://opensource.com/users/belljennifer43
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/innovation_lightbulb_gears_devops_ansible.png?itok=TSbmp3_M (gears and lightbulb to represent innovation)
|
||||
[2]: https://opensource.com/sites/default/files/uploads/00_templates.png (Job templates)
|
||||
[3]: https://www.ansible.com/products/tower
|
||||
[4]: https://github.com/ansible/awx
|
||||
[5]: https://galaxy.ansible.com
|
||||
[6]: https://galaxy.ansible.com/singleplatform-eng/users
|
||||
[7]: https://opensource.com/sites/default/files/uploads/01_users_data.png (User data)
|
||||
[8]: https://docs.ansible.com/ansible/latest/plugins/become.html
|
||||
[9]: https://www.sudo.ws/intro.html
|
||||
[10]: https://github.com/phips/ansible-demos/tree/master/roles/sudo
|
||||
[11]: https://opensource.com/sites/default/files/uploads/02_sudo.png (Managing sudo)
|
||||
[12]: https://docs.ansible.com/ansible-tower/latest/html/userguide/job_templates.html#surveys
|
||||
[13]: https://opensource.com/sites/default/files/uploads/03_services.png (Managing services)
|
||||
[14]: https://github.com/phips/ansible-demos/tree/master/roles/disk
|
||||
[15]: https://docs.ansible.com/ansible-tower/latest/html/userguide/job_templates.html#provisioning-callbacks
|
||||
[16]: https://opensource.com/sites/default/files/uploads/04_diskspace.png (Managing disk space)
|
||||
[17]: https://github.com/phips/ansible-demos/tree/master/roles/gather_debug
|
||||
[18]: https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html#regular-expression-filters
|
||||
[19]: https://opensource.com/sites/default/files/uploads/05_debug.png (Debugging system performance)
|
||||
[20]: https://github.com/phips/ansible-demos
|
93
translated/tech/20190826 5 ops tasks to do with Ansible.md
Normal file
93
translated/tech/20190826 5 ops tasks to do with Ansible.md
Normal file
@ -0,0 +1,93 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: (geekpi)
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: subject: (5 ops tasks to do with Ansible)
|
||||
[#]: via: (https://opensource.com/article/19/8/ops-tasks-ansible)
|
||||
[#]: author: (Mark Phillips https://opensource.com/users/markphttps://opensource.com/users/adminhttps://opensource.com/users/alsweigarthttps://opensource.com/users/belljennifer43)
|
||||
|
||||
5 个使用 Ansible 的运维任务
|
||||
======
|
||||
更少的 DevOps、更多的 OpsDev
|
||||
![gears and lightbulb to represent innovation][1]
|
||||
|
||||
在这个 DevOps 世界中,有时看起来开发 (Dev) 开始成为关注的焦点,而运维 (Ops) 则是关系中被遗忘的一半。这几乎就好像领先的开发告诉尾随的运维做什么,几乎所有的“运维”都是开发说要做的。因此,运维被抛到后面,降级到了替补席上。
|
||||
|
||||
我想看到更多的 OpsDev。因此,让我们来看看 Ansible 在日常的运维中可以帮助你什么。
|
||||
|
||||
![Job templates][2]
|
||||
|
||||
我选择在 [Ansible Tower][3] 中展示这些方案,因为我认为用户界面 (UI) 为大多数任务增加了价值。如果你想模仿,你可以在 Tower 的上游开源版本 [AWX][4] 中测试它。
|
||||
|
||||
### 管理用户
|
||||
|
||||
在大规模环境中,你的用户将集中在 Active Directory 或 LDAP 等系统中。但我敢打赌,仍然存在许多环境,其中包含大量的静态用户。Ansible 可以帮助你集中分散的问题。 _社区_ 已为我们解决了这个问题。看看 [Ansible Galaxy][5] 角色**[用户][6]**。
|
||||
|
||||
这个角色的聪明之处在于它允许我们通过 *data* 管理用户,无需更改运行逻辑。
|
||||
|
||||
![User data][7]
|
||||
|
||||
通过简单的数据结构,我们可以在系统上添加、删除和修改静态用户。这很有用。
|
||||
|
||||
### 管理 sudo
|
||||
|
||||
有多种形式][8]可以升级特权,但最受欢迎的是 [sudo][9]。通过每个用户、组等的离散文件来管理 sudo 相对容易。但一些人对给予特权升级感到紧张,并倾向于有时限地给予特权升级。因此[下面是一种方案] [10],使用简单的 **at** 命令对授权访问设置时间限制。
|
||||
|
||||
![Managing sudo][11]
|
||||
|
||||
### 管理服务
|
||||
|
||||
给入门级运维团队提供[菜单][12]以便他们可以重启某些服务不是很好吗?看下面!
|
||||
|
||||
![Managing services][13]
|
||||
|
||||
### 管理磁盘空间
|
||||
|
||||
这有[一个简单的角色][14],可在特定目录中查找大小大于 _N_ 的文件。在 Tower 中这么做时,启用 [callbacks][15] 有额外的好处。想象一下,你的监控方案发现文件系统已超过 X% 并触发 Tower 中的任务以找出是什么文件导致的。
|
||||
|
||||
![Managing disk space][16]
|
||||
|
||||
### 调试系统性能问题
|
||||
|
||||
[这个角色][17]相当简单:它运行一些命令并打印输出。细节在最后输出,让你、系统管理员快速浏览一眼。另外可以使用 [regexs][18] 在输出中找到某些条件(比如说 CPU 占用率超过 80%)。
|
||||
|
||||
![Debugging system performance][19]
|
||||
|
||||
### 总结
|
||||
|
||||
我已经录制了这五个任务的简短视频。你也可以在 Github 上找到[所有代码][20]!
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://opensource.com/article/19/8/ops-tasks-ansible
|
||||
|
||||
作者:[Mark Phillips][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[geekpi](https://github.com/geekpi)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://opensource.com/users/markphttps://opensource.com/users/adminhttps://opensource.com/users/alsweigarthttps://opensource.com/users/belljennifer43
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/innovation_lightbulb_gears_devops_ansible.png?itok=TSbmp3_M (gears and lightbulb to represent innovation)
|
||||
[2]: https://opensource.com/sites/default/files/uploads/00_templates.png (Job templates)
|
||||
[3]: https://www.ansible.com/products/tower
|
||||
[4]: https://github.com/ansible/awx
|
||||
[5]: https://galaxy.ansible.com
|
||||
[6]: https://galaxy.ansible.com/singleplatform-eng/users
|
||||
[7]: https://opensource.com/sites/default/files/uploads/01_users_data.png (User data)
|
||||
[8]: https://docs.ansible.com/ansible/latest/plugins/become.html
|
||||
[9]: https://www.sudo.ws/intro.html
|
||||
[10]: https://github.com/phips/ansible-demos/tree/master/roles/sudo
|
||||
[11]: https://opensource.com/sites/default/files/uploads/02_sudo.png (Managing sudo)
|
||||
[12]: https://docs.ansible.com/ansible-tower/latest/html/userguide/job_templates.html#surveys
|
||||
[13]: https://opensource.com/sites/default/files/uploads/03_services.png (Managing services)
|
||||
[14]: https://github.com/phips/ansible-demos/tree/master/roles/disk
|
||||
[15]: https://docs.ansible.com/ansible-tower/latest/html/userguide/job_templates.html#provisioning-callbacks
|
||||
[16]: https://opensource.com/sites/default/files/uploads/04_diskspace.png (Managing disk space)
|
||||
[17]: https://github.com/phips/ansible-demos/tree/master/roles/gather_debug
|
||||
[18]: https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html#regular-expression-filters
|
||||
[19]: https://opensource.com/sites/default/files/uploads/05_debug.png (Debugging system performance)
|
||||
[20]: https://github.com/phips/ansible-demos
|
Loading…
Reference in New Issue
Block a user