[root@zxw63 ~]# ansible-doc -s raw - name: Executes a low-down and dirty SSH command raw: executable: # change the shell used to execute the command. Should be an absolute path to the executable. when using privilege escalation (`become'), a default shell will be assigned if one is not provided as privilege escalation requires a shell. free_form: # (required) the raw module takes a free form command to run. There is no parameter actually named 'free form'; see the examples! [root@zxw63 ~]# ansible-doc -s shell - name: Execute commands in nodes. shell: chdir: # cd into this directory before running the command creates: # a filename, when it already exists, this step will *not* be run. executable: # change the shell used to execute the command. Should be an absolute path to the executable. free_form: # (required) The shell module takes a free form command to run, as a string. There's not an actual option named "free form". See the examples! removes: # a filename, when it does not exist, this step will *not* be run. stdin: # Set the stdin of the command directly to the specified value. warn: # if command warnings are on in ansible.cfg, do not warn about this particular line if set to no/false. [root@zxw63 ~]# ansible-doc command > COMMAND (/usr/lib/python2.7/site-packages/ansible/modules/commands/command.py) The `command' module takes the command name followed by a list of space-delimited arguments. The given command will be executed on all selected nodes. It will not be processed through the shell, so variables like `$HOME' and operations like `"<"', `">"', `"|"', `";"' and `"&"' will not work (use the [shell] module if you need these features). For Windows targets, use the [win_command] module instead. OPTIONS (= is mandatory): - chdir Change into this directory before running the command. [Default: (null)] version_added: 0.6 - creates A filename or (since 2.0) glob pattern, when it already exists, this step will *not* be run. [Default: (null)] = free_form The command module takes a free form command to run. There is no parameter actually named 'free form'. See the examples! - removes A filename or (since 2.0) glob pattern, when it does not exist, this step will *not* be run. [Default: (null)] version_added: 0.8 - stdin Set the stdin of the command directly to the specified value. [Default: None] version_added: 2.4 - warn If command_warnings are on in ansible.cfg, do not warn about this particular line if set to `no'. [Default: yes] type: bool version_added: 1.8 NOTES: * If you want to run a command through the shell (say you are using `<', `>', `|', etc), you actually want the [shell] module instead. The `command' module is much more secure as it's not affected by the user's environment. * `creates', `removes', and `chdir' can be specified after the command. For instance, if you only want to run a command if a certain file does not exist, use this. * The `executable' parameter is removed since version 2.4. If you have a need for this parameter, use the [shell] module instead. * For Windows targets, use the [win_command] module instead. AUTHOR: Ansible Core Team, Michael DeHaan METADATA: status: - stableinterface supported_by: core EXAMPLES: - name: return motd to registered var command: cat /etc/motd register: mymotd - name: Run the command if the specified file does not exist. command: /usr/bin/make_database.sh arg1 arg2 creates=/path/to/database # You can also use the 'args' form to provide the options. - name: This command will change the working directory to somedir/ and will only run when /path/to/database doesn't exist. command: /usr/bin/make_database.sh arg1 arg2 args: chdir: somedir/ creates: /path/to/database - name: safely use templated variable to run command. Always use the quote filter to avoid injection issues. command: cat {{ myfile|quote }} register: myoutput
使用模塊 command或者shell或者raw都能調用對象機器上的某條指令或者某個可執行文node
[root@zxw63 ~]# ansible webservers -m raw -a "/tmp/test.sh" 192.168.100.66 | SUCCESS | rc=0 >> this is test shell-script Shared connection to 192.168.100.66 closed. 192.168.100.128 | SUCCESS | rc=0 >> this is test shell-script Shared connection to 192.168.100.128 closed. [root@zxw63 ~]# ansible webservers -m shell -a "/tmp/test.sh" 192.168.100.66 | SUCCESS | rc=0 >> this is test shell-script 192.168.100.128 | SUCCESS | rc=0 >> this is test shell-script [root@zxw63 ~]# ansible webservers -m command -a "/tmp/test.sh" 192.168.100.66 | FAILED | rc=8 >> [Errno 8] Exec format error 192.168.100.128 | FAILED | rc=8 >> [Errno 8] 可執行文件格式錯誤 [root@zxw63 ~]# ansible webservers -m command -a "sh /tmp/test.sh" 192.168.100.66 | SUCCESS | rc=0 >> this is test shell-script 192.168.100.128 | SUCCESS | rc=0 >> this is test shell-script
[root@zxw63 ~]# ansible webservers -m shell -a "ls -ltr /etc | wc -l" 192.168.100.128 | SUCCESS | rc=0 >> 217 192.168.100.66 | SUCCESS | rc=0 >> 218 [root@zxw63 ~]# ansible webservers -m raw -a "ls -ltr /etc | wc -l" 192.168.100.66 | SUCCESS | rc=0 >> 218 Shared connection to 192.168.100.66 closed. 192.168.100.128 | SUCCESS | rc=0 >> 217 Shared connection to 192.168.100.128 closed. [root@zxw63 ~]# ansible webservers -m command -a "ls -ltr /etc | wc -l" 192.168.100.66 | FAILED | rc=2 >> /etc: total 1820 -rw-r--r--. 1 root root 662 Aug 29 2007 logrotate.conf -rw-r--r--. 1 root root 220 Oct 13 2008 quotagrpadmins -rw-r--r--. 1 root root 148 May 14 2009 asound.conf
[root@zxw63 ~]# ansible webservers -m shell -a "ls -ltr /tmp/*.sh" 192.168.100.66 | SUCCESS | rc=0 >> -rwxrwxrwx. 1 root root 33 Jul 12 02:14 /tmp/test.sh 192.168.100.128 | SUCCESS | rc=0 >> -rwxrwxrwx. 1 root root 33 7月 12 02:14 /tmp/test.sh [root@zxw63 ~]# ansible webservers -m raw -a "ls -ltr /tmp/*.sh" 192.168.100.66 | SUCCESS | rc=0 >> -rwxrwxrwx. 1 root root 33 Jul 12 02:14 /tmp/test.sh Shared connection to 192.168.100.66 closed. 192.168.100.128 | SUCCESS | rc=0 >> -rwxrwxrwx. 1 root root 33 7月 12 02:14 /tmp/test.sh Shared connection to 192.168.100.128 closed.
四、script模塊實現了將主控節點的腳本複製到遠程節點,而後在遠程節點執行腳本python
[root@zxw63 ~]# ansible webservers -m command -a 'ls -ltr /tmp/test.sh' 192.168.100.66 | SUCCESS | rc=0 >> -rwxrwxrwx. 1 root root 33 Jul 12 02:14 /tmp/test.sh 192.168.100.128 | SUCCESS | rc=0 >> -rwxrwxrwx. 1 root root 33 7月 12 02:14 /tmp/test.sh [root@zxw63 ~]# ansible webservers -m command -a 'ls -ltr /root/test.sh' 192.168.100.66 | FAILED | rc=2 >> ls: cannot access /root/test.sh: No such file or directorynon-zero return code 192.168.100.128 | FAILED | rc=2 >> ls: 沒法訪問/root/test.sh: 沒有那個文件或目錄non-zero return code [root@zxw63 ~]# ansible webservers -m script -a '/root/test.sh' 192.168.100.66 | SUCCESS => { "changed": true, "rc": 0, "stderr": "Shared connection to 192.168.100.66 closed.\r\n", "stdout": "this is test shell-script\r\n", "stdout_lines": [ "this is test shell-script" ] } 192.168.100.128 | SUCCESS => { "changed": true, "rc": 0, "stderr": "Shared connection to 192.168.100.128 closed.\r\n", "stdout": "this is test shell-script\r\n", "stdout_lines": [ "this is test shell-script" ] }
使用copy模塊,能夠實現向目標機器進行遠程copy的能力。web
參數 說明shell
default的狀況下,force是yes的,因此什麼都不寫,文件存在的狀況是會被覆蓋的 bash
[root@zxw63 try]# ansible webservers -m copy -a "src=/root/try/copyFile.txt dest=/tmp mode=744 backup=no force=yes" 192.168.100.66 | SUCCESS => { "changed": true, "checksum": "6cc815c3530217381d3e5f24ba5c3c03f51daf24", "dest": "/tmp/copyFile.txt", "gid": 0, "group": "root", "md5sum": "e90687bdaf32d8ebab3b266f36ba5f5a", "mode": "0744", "owner": "root", "secontext": "system_u:object_r:admin_home_t:s0", "size": 15, "src": "/root/.ansible/tmp/ansible-tmp-1563420953.31-119685260559482/source", "state": "file", "uid": 0 } 192.168.100.128 | SUCCESS => { "changed": true, "checksum": "6cc815c3530217381d3e5f24ba5c3c03f51daf24", "dest": "/tmp/copyFile.txt", "gid": 0, "group": "root", "md5sum": "e90687bdaf32d8ebab3b266f36ba5f5a", "mode": "0744", "owner": "root", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 15, "src": "/root/.ansible/tmp/ansible-tmp-1563420953.31-281173963286018/source", "state": "file", "uid": 0 }
不加參數,打印出全部的系統參數app
ansible webservers -m setup
setup經常使用參數:fileterless
[root@zxw63 try]# ansible webservers -m setup -a "filter=ansible_env" 192.168.100.66 | SUCCESS => { "ansible_facts": { "ansible_env": { "G_BROKEN_FILENAMES": "1", "HOME": "/root", "LANG": "en_US.UTF-8", "LESSOPEN": "|/usr/bin/lesspipe.sh %s", "LOGNAME": "root", "MAIL": "/var/mail/root", "PATH": "/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/ssh8/bin", "PWD": "/root", "SHELL": "/bin/bash", "SHLVL": "2", "SSH_ASKPASS": "/usr/libexec/openssh/gnome-ssh-askpass", "SSH_CLIENT": "192.168.100.132 52130 22", "SSH_CONNECTION": "192.168.100.132 52130 192.168.100.66 22", "SSH_TTY": "/dev/pts/1", "TERM": "xterm-256color", "USER": "root", "_": "/usr/bin/python" } }, "changed": false } 192.168.100.128 | SUCCESS => { "ansible_facts": { "ansible_env": { "G_BROKEN_FILENAMES": "1", "HOME": "/root", "LANG": "zh_CN.UTF-8", "LESSOPEN": "|/usr/bin/lesspipe.sh %s", "LOGNAME": "root", "MAIL": "/var/mail/root", "PATH": "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", "PWD": "/root", "SELINUX_LEVEL_REQUESTED": "", "SELINUX_ROLE_REQUESTED": "", "SELINUX_USE_CURRENT_RANGE": "", "SHELL": "/bin/bash", "SHLVL": "2", "SSH_ASKPASS": "/usr/libexec/openssh/gnome-ssh-askpass", "SSH_CLIENT": "192.168.100.132 58094 22", "SSH_CONNECTION": "192.168.100.132 58094 192.168.100.128 22", "SSH_TTY": "/dev/pts/1", "TERM": "xterm-256color", "USER": "root", "_": "/usr/bin/python" } }, "changed": false }
user模塊ssh
[root@zxw63 ansible]# ansible db -m command -a "id test01" db2 | FAILED | rc=1 >> id: test01:無此用戶non-zero return code db1 | FAILED | rc=1 >> id: test01: No such usernon-zero return code [root@zxw63 ansible]# ansible db -m user -a "name=test01 group=root" db2 | SUCCESS => { "changed": true, "comment": "", "createhome": true, "group": 0, "home": "/home/test01", "name": "test01", "shell": "/bin/bash", "state": "present", "system": false, "uid": 501 } db1 | SUCCESS => { "changed": true, "comment": "", "createhome": true, "group": 0, "home": "/home/test01", "name": "test01", "shell": "/bin/bash", "state": "present", "system": false, "uid": 501 } [root@zxw63 ansible]# ansible db -m command -a "id test01" db2 | SUCCESS | rc=0 >> uid=501(test01) gid=0(root) 組=0(root) db1 | SUCCESS | rc=0 >> uid=501(test01) gid=0(root) groups=0(root) [root@zxw63 ansible]# ansible db -m user -a "name=test01 remove=yes" db2 | SUCCESS => { "append": false, "changed": false, "comment": "", "group": 0, "home": "/home/test01", "move_home": false, "name": "test01", "shell": "/bin/bash", "state": "present", "uid": 501 } db1 | SUCCESS => { "append": false, "changed": false, "comment": "", "group": 0, "home": "/home/test01", "move_home": false, "name": "test01", "shell": "/bin/bash", "state": "present", "uid": 501 } [root@zxw63 ansible]# ansible db -m command -a "id test01" db2 | SUCCESS | rc=0 >> uid=501(test01) gid=0(root) 組=0(root) db1 | SUCCESS | rc=0 >> uid=501(test01) gid=0(root) groups=0(root) [root@zxw63 ansible]# ansible db -m user -a "name=test01 state=absent remove=yes" db2 | SUCCESS => { "changed": true, "force": false, "name": "test01", "remove": true, "state": "absent" } db1 | SUCCESS => { "changed": true, "force": false, "name": "test01", "remove": true, "state": "absent" } [root@zxw63 ansible]# ansible db -m command -a "id test01" db2 | FAILED | rc=1 >> id: test01:無此用戶non-zero return code db1 | FAILED | rc=1 >> id: test01: No such usernon-zero return code
無參數state=absent時,用戶沒有真正的刪除。ide
group模塊ui
[root@zxw63 ansible]# ansible db -m group -a "name=testgrp01" db2 | SUCCESS => { "changed": true, "gid": 501, "name": "testgrp01", "state": "present", "system": false } db1 | SUCCESS => { "changed": true, "gid": 501, "name": "testgrp01", "state": "present", "system": false } [root@zxw63 ansible]# ansible db -m shell -a "cat /etc/group | grep testgrp01" db2 | SUCCESS | rc=0 >> testgrp01:x:501: db1 | SUCCESS | rc=0 >> testgrp01:x:501: [root@zxw63 ansible]# ansible db -m group -a "name=testgrp01 state=absent" db2 | SUCCESS => { "changed": true, "name": "testgrp01", "state": "absent" } db1 | SUCCESS => { "changed": true, "name": "testgrp01", "state": "absent" } [root@zxw63 ansible]# ansible db -m shell -a "cat /etc/group | grep testgrp01 " db2 | FAILED | rc=1 >> non-zero return code db1 | FAILED | rc=1 >> non-zero return code
使用yum包管理器來管理軟件包,其選項有:
name:要進行操做的軟件包的名字,也能夠傳遞一個url或者一個本地的rpm包的路徑
state:狀態(present-已安裝,absent-未安裝(卸載),latest-最新的)
安裝vsftpd
ansible db -m yum -a "name=vsftpd state=present"
vsfpd卸載
一、state=absent
ansible db -m yum -a "name=vsftpd state=absent"
二、state=removed
ansible db -m yum -a "name=vsftpd state=removed"
service模塊用於管理服務
enabled:是否開機啓動 yes|no
name:必選項,服務名稱
state:對當前服務執行啓動,中止、重啓、從新加載等操做(started,stopped,restarted,reloaded)
#啓動服務 ansible db -m service -a "name=vsftpd state=started"
#中止服務 ansible db -m service -a "name=vsftpd state=stopped"
#重起服務 ansible db -m service -a "name=vsftpd state=restarted"
#重載服務 ansible db -m service -a "name=vsftpd state=reloaded"
cron模塊用於管理計劃任務
backup:對遠程主機上的原任務計劃內容修改以前作備份
cron_file:若是指定該選項,則用該文件替換遠程主機上的cron.d目錄下的用戶的任務計劃
day:日(1-31,,/2,……)
hour:小時(0-23,,/2,……)
minute:分鐘(0-59,,/2,……)
month:月(1-12,,/2,……)
weekday:周(0-7,*,……)
job:要執行的任務,依賴於state=present
name:該任務的描述
special_time:指定何時執行,參數:reboot,yearly,annually,monthly,weekly,daily,hourly
state:確認該任務計劃是建立仍是刪除
user:以哪一個用戶的身份執行
能夠參看:https://blog.csdn.net/dylloveyou/article/details/80875132
ansible db -m cron -a "name='check dirs' hour='5,2' job='ls -alh > /dev/null'"
ansible db -m cron -a "name='check dirs' hour='5,2' state=absent"