Linux教程FG336-大规模自动化运维平台

内容简介：本文风哥教程参考Linux官方文档、Red Hat Enterprise Linux官方文档、Ansible Automation Platform官方文档、Docker官方文档、Kubernetes官方文档和Podman官方文档等内容，详细介绍了相关技术的配置和使用方法。

风哥提示：

本文档介绍大规模自动化运维平台的搭建方法。

Part01-Ansible Tower部署

1.1 安装Ansible Tower

# 下载Ansible Tower
[root@tower ~]# wget https://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-3.8.6-1.tar.gz
–2026-04-04 15:00:00– https://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-3.8.6-1.tar.gz
Resolving releases.ansible.com (releases.ansible.com)… 151.101.1.100
Connecting to releases.ansible.com (releases.ansible.com)|151.101.1.100|:443… connected.
HTTP request sent, awaiting response… 200 OK
Length: 50000000 (48M) [application/gzip]
Saving to: ‘ansible-tower-setup-3.8.6-1.tar.gz’

ansible-tower-setup-3.8.6-1.tar.gz 100%[========================>] 47.68M 10.0MB/s in 5s

2026-04-04 15:00:05 (9.54 MB/s) – ‘ansible-tower-setup-3.8.6-1.tar.gz’ saved [50000000/50000000]

# 解压安装包
[root@tower ~]# tar xzf ansible-tower-setup-3.8.6-1.tar.gz
[root@tower ~]# cd ansible-tower-setup-3.8.6-1

# 配置inventory文件
[root@tower ansible-tower-setup-3.8.6-1]# cat > inventory << 'EOF' [tower] localhost ansible_connection=local [database] localhost ansible_connection=local [all:vars] admin_password='Admin123!' pg_host='localhost' pg_port='5432' pg_database='awx' pg_username='awx' pg_password='Awx123!' rabbitmq_port=5672 rabbitmq_vhost=tower rabbitmq_username=tower rabbitmq_password='Tower123!' rabbitmq_cookie=cookiemonster rabbitmq_use_long_name=false EOF # 执行安装 [root@tower ansible-tower-setup-3.8.6-1]# ./setup.sh PLAY [Install Ansible Tower] *************************************************** TASK [Gathering Facts] ********************************************************* ok: [localhost] TASK [preflight_checks : Ensure Tower can only be installed on supported OS] *** ok: [localhost] => {
“changed”: false,
“msg”: “All assertions passed”
}

TASK [packages : Install packages] *********************************************
changed: [localhost]

… (安装过程省略) …

PLAY RECAP *********************************************************************
localhost : ok=150 changed=50 unreachable=0 failed=0 skipped=20 rescued=0 ignored=0

# 验证服务
[root@tower ~]# systemctl status ansible-tower
● ansible-tower.service – Ansible Tower
Loaded: loaded (/etc/systemd/system/ansible-tower.service; enabled; preset: disabled)
Active: active (running) since Fri 2026-04-04 15:10:00 CST; 10s ago
Main PID: 12345 (gunicorn)
Tasks: 10 (limit: 11232)
Memory: 500.0M
CGroup: /system.slice/ansible-tower.service
├─12345 /var/lib/awx/venv/awx/bin/python /var/lib/awx/venv/awx/bin/gunicorn
└─12346 /var/lib/awx/venv/awx/bin/python /var/lib/awx/venv/awx/bin/gunicorn

# 访问Web界面
[root@tower ~]# curl -I https://localhost
HTfrom PG视频:www.itpux.comTP/1.1 302 Found
Server: nginx
Date: Fri, 04 Apr 2026 15:10:00 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Location: https://localhost/
X-Frame-Options: DENY
X-Content-Type-Options: nosniff

1.学习交流加群风哥微信: itpux-com2 配置组织和团队

# 使用API创建组织
[root@tower ~]# curl -X POST -k -H “Content-Type: application/json” \
-u admin:Admin123! \
https://localhost/api/v2/organizations/ \
-d ‘{
“name”: “IT Department”,
“description”: “IT Department Organization”
}’
{
“id”: 1,
“type”: “organization”,
“url”: “/api/v2/organizations/1/”,
“name”: “IT Department”,
“description”: “IT Department Organization”
}

# 创建团队
[root@tower ~]# curl -X POST -k -H “Content-Type: application/json” \
-u admin:Admin123! \
https://localhost/api/v2/teams/ \
-d ‘{
“name”: “Web Team”,
“description”: “Web Server Management Team”,
“organization”: 1
}’
{
“id”: 1,
“type”: “team”,
“url”: “/api/v2/teams/1/”,
“name”: “Web Team”,
“description”: “Web Server Management Team”,
“organization”: 1
}

# 创建用户
[root@tower ~]# curl -X POST -k -H “Content-Type: application/json” \
-u admin:Admin123! \
https://localhost/api/v2/users/ \
-d ‘{
“username”: “webadmin”,
“first_name”: “Web”,
“last_name”: “Admin”,
“email”: “webadmin@fgedu.net.cn”,
“password”: “WebAdmin123!”,
“is_superuser”: false
}’
{
“id”: 2,
“type”: “user”,
“url”: “/api/v2/users/2/”,
“username”: “webadmin”,
“first_name”: “Web”,
“last_name”: “Admin”,
“email”: “webadmin@fgedu.net.cn”
}

# 添加用户到团队
[root@tower ~]# curl -X POST -k -H “Content-Type: application/json” \
-u admin:Admin123! \
https://localhost/api/v2/teams/1/users/ \
-d ‘{
“id”: 2
}’
{
“id”: 2,
“type”: “user”,
“url”: “/api/v2/users/2/”
}

Part02-项目管理

2.1 配置项目

# 创建凭证
[root@tower ~]# curl -X POST -k -H “Content-Type: application/json” \
-u admin:Admin123! \
https://localhost/api/v2/credentials/ \
-d ‘{
“name”: “Git Credential”,
“description”: “Git Repository Access”,
“organization”: 1,
“credential_type”: 2,
“inputs”: {
“username”: “gituser”,
“password”: “GitPass123!”
}
}’
{
“id”: 1,
“type”: “credential”,
“url”: “/api/v2/credentials/1/”,
“name”: “Git Credential”,
“description”: “Git Repository Access”,
“organization”: 1
}

# 创建项目
[root@tower ~]# curl -X POST -k -H “Content-Type: application/json” \
-u admin:Admin123! \
https://localhost/api/v2/projects/ \
-d ‘{
“name”: “Web Server Playbooks”,
“description”: “Playbooks for web server management”,
“organization”: 1,
“scm_type”: “git”,
“scm_url”: “https://github.com/example/web-playbooks.git”,
“scm_branch”: “main”,
“credential”: 1,
“scm_update_on_launch”: true
}’
{
“id”: 1,
“type”: “project”,
“url”: “/api/v2/projects/1/”,
“name”: “Web Server Playbooks”,
“description”: “Playbooks for web server management”,
“organization”: 1,
“scm_type”: “git”,
“scm_url”: “https://github.com/example/web-playbooks.git”,
“status”: “pending”
}

# 查看项目状态
[root@tower ~]# curl -k -u admin:Admin123! \
https://localhost/api/v2/projects/1/
{
“id”: 1,
“type”: “project”,
“url”: “/api/v2/projects/1/”,
“name”: “Web Server Playbooks”,
“status”: “successful”,
“last_update”: “2026-04-04T15:20:00.000000Z”
}

# 创建清单
[root@tower ~]# curl -X POST -k -H “Content-Type: application/json” \
-u admin:Admin123! \
https://localhost/api/v2/inventories/ \
-d ‘{
“name”: “Web Servers”,
“description”: “Web server inventory”,
“organization”: 1
}’
{
“id”: 1,
“type”: “inventory”,
“url”: “/api/v2/inventories/1/”,
“name”: “Web Servers”,
“organization”: 1
}

# 添加主机到清单
[root@tower ~]# curl -X POST -k -H “Content-Type: application/json” \
-u admin:Admin123! \
https://localhost/api/v2/inventories/1/hosts/ \
-d ‘{
“name”: “web1.fgedu.net.cn”,
“description”: “Web Server 1”,
“variables”: “ansible_host: 192.168.1.101”
}’
{
“id”: 1,
“type”: “host”,
“url”: “/api/v2/hosts/1/”,
“name”: “web1.fgedu.net.cn”
}

Part03-作业模板

3.1 创建作业模板

# 创建机器凭证
[root@tower ~]# curl -X POST -k -H “Content-Type: application/json” \
-u admin:Admin123! \
https://localhost/api/v2/credentials/ \
-d ‘{
“name”: “SSH Credential”,
“description”: “SSH Key for servers”,
“organization”: 1,
“credential_type”: 1,
“inputs”: {
“username”: “root”,
“ssh_key_data”: “—–BEGIN RSA PRIVATE KEY—–\nMIIEpAIBAAKCAQEA…\n—–END RSA PRIVATE KEY—–”
}
}’
{
“id”: 2,
“type”: “credential”,
“url”: “/api/v2/credentials/2/”,
“name”: “SSH Credential”
}

# 创建作业模板
[root@tower ~]# curl -X POST -k -H “Content-Type: application/json” \
-u admin:Admin123! \
https://localhost/api/v2/job_templates/ \
-d ‘{
“name”: “Deploy Web Server”,
“description”: “Deploy and configure web server”,
“organization”: 1,
“project”: 1,
“inventory”: 1,
“credential”: 2,
“playbook”: “deploy_web.yml”,
“verbosity”: 1
}’
{
“id”: 1,
“type”: “job_template”,
“url”: “/api/v2/job_templates/1/”,
“name”: “Deploy Web Server”,
“status”: “successful”
}

# 启动作业
[root@tower ~]# curl -X POST -k -H “Content-Type: application/json” \
-u admin:Admin123! \
https://localhost/api/v2/job_templates/1/launch/
{
“id”: 1,
“type”: “job”,
“url”: “/api/v2/jobs/1/”,
“status”: “pending”,
“name”: “Deploy Web Server”
}

# 查看作业状态
[root@tower ~]# curl -k -u admin:Admin123! \
https://localhost/api/v2/jobs/1/
{
“id”: 1,
“type”: “job”,
“url”: “/api/v2/jobs/1/”,
“status”: “successful”,
“started”: “2026-04-04T15:25:00.000000Z”,
“finished”: “2026-04-04T15:26:00.000000Z”,
“elapsed”: 60.0
}

# 查看作业输出
[root@tower ~]# curl -k -u admin:Admin123! \
https://localhost/api/v2/jobs/1/stdout/
PLAY [Deploy Web Server] *******************************************************

TASK [Gathering Facts] *********************************************************
ok: [web1.fgedu.net.更多视频教程www.fgedu.net.cncn]

TASK [Install nginx] ***********************************************************
changed: [web1.fgedu.net.cn]

TASK [Start nginx] *************************************************************
changed: [web1.fgedu.net.cn]

PLAY RECAP *********************************************************************
web1.fgedu.net.cn : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0

风哥针对自动化运维平台建议：

使用Ansible Tower集中管理
建立清晰的组织架构
使用Git管理Playbook
配置作业模板和调度
集成监控和告警系统

本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html