Ansible經常使用模塊
模塊一: 測試目標主機是否在線:ping模塊node
主機若是在線,則回覆pongnginx
[root@Node3 ~]# ansible all -m ping // 172.17.21.206 | SUCCESS => { "changed": false, "ping": "pong" } 172.17.21.207 | SUCCESS => { "changed": false, "ping": "pong" }測試主機是否在線
模塊二:command模塊和shellweb
做用:用於在各被管理節點運行指定的命令shell
shell和command的區別:shell模塊能夠特殊字符,而command是不支持bash
[root@Node3 ~]# ansible all -m command -a 'date' // 172.17.21.207 | SUCCESS | rc=0 >> Mon Jan 22 15:55:16 CST 2018 172.17.21.206 | SUCCESS | rc=0 >> Mon Jan 22 15:55:16 CST 2018 [root@Node3 ~]# ansible all -m command -a 'ntpdate 172.17.21.208' // 172.17.21.207 | SUCCESS | rc=0 >> 22 Jan 16:03:39 ntpdate[5287]: adjust time server 172.17.21.208 offset 0.008589 sec 172.17.21.206 | SUCCESS | rc=0 >> 22 Jan 16:03:39 ntpdate[2650]: adjust time server 172.17.21.208 offset 0.017052 sec [root@Node3 ~]# ansible all -m shell -a 'echo mageedu | passwd --stdin tony' // 172.17.21.206 | SUCCESS | rc=0 >> Changing password for user tony. passwd: all authentication tokens updated successfully. 172.17.21.207 | SUCCESS | rc=0 >> Changing password for user tony. passwd: all authentication tokens updated successfully.顯示各節點的日期同步各節點時間修改各節點帳號的密碼
模塊三:user模塊:管理用戶的模塊服務器
模塊參數詳解:架構
name:指定用戶名app
password:設定用戶密碼,password參數須要接受md5加密後的值ssh
state:用戶狀態,默認爲present測試
present:表示添加用戶
absent:表示刪除用戶
update_password:修改用戶密碼
always:新密碼和舊密碼不一樣時進行修改
on_create:爲新建立的用戶指定密碼
createhome:建立家目錄
yes:默認項,即建立用戶默認是有家目錄的
no:建立用戶時不建立家目錄
remove:
yes:刪除用戶家目錄,須要指定此參數
no:默認項,刪除用戶時默認不刪除用戶的家目錄
system:
yes:默認建立爲普通用戶,而非系統用戶
若是不指定默認生成的選項有:
home:建立家目錄
shell:建立默認的shell爲/bin/bash
system:默認建立爲普通用戶,而非系統用戶,指定是用yes
[root@Node3 ~]# ansible-doc -s user //查看user模塊幫助信息 [root@Node3 ~]# echo Mageedu | openssl passwd -1 -stdin //對密碼進行加密 [root@Node3 ~]# ansible all -m user -a 'name=webadmin system=yes password=$1$8218uq3N$yT28kYDpAvtE6/7x9m./a0 state=present' // 172.17.21.206 | SUCCESS => { "changed": true, "comment": "", "createhome": true, "group": 983, "home": "/home/webadmin", "name": "webadmin", "password": "NOT_LOGGING_PASSWORD", "shell": "/bin/bash", "state": "present", "system": true, "uid": 988 } 172.17.21.207 | SUCCESS => { "changed": true, "comment": "", "createhome": true, "group": 984, "home": "/home/webadmin", "name": "webadmin", "password": "NOT_LOGGING_PASSWORD", "shell": "/bin/bash", "state": "present", "system": true, "uid": 989 } [root@Node3 ~]# ansible all -m user -a 'name=tom remove=yes state=absent' // 172.17.21.206 | SUCCESS => { "changed": true, "force": false, "name": "tom", "remove": true, "state": "absent", "stderr": "userdel: tom mail spool (/var/spool/mail/tom) not found\n", "stderr_lines": [ "userdel: tom mail spool (/var/spool/mail/tom) not found" ] } 172.17.21.207 | SUCCESS => { "changed": true, "force": false, "name": "tom", "remove": true, "state": "absent", "stderr": "userdel: tom mail spool (/var/spool/mail/tom) not found\n", "stderr_lines": [ "userdel: tom mail spool (/var/spool/mail/tom) not found" ] } [root@Node3 ~]# echo cloudos | openssl passwd -1 -stdin $1$kwsnVwr5$PDT4oolqmhbKx9bL21HX/0 [root@Node3 ~]# ansible all -m user -a 'name=webadmin update_password=always password=$1$kwsnVwr5$PDT4oolqmhbKx9bL21HX/0' //修改webadmin用戶的密碼
172.17.21.206 | SUCCESS => { "append": false, "changed": true, "comment": "", "group": 983, "home": "/home/webadmin", "move_home": false, "name": "webadmin", "password": "NOT_LOGGING_PASSWORD", "shell": "/bin/bash", "state": "present", "uid": 988 } 172.17.21.207 | SUCCESS => { "append": false, "changed": true, "comment": "", "group": 984, "home": "/home/webadmin", "move_home": false, "name": "webadmin", "password": "NOT_LOGGING_PASSWORD", "shell": "/bin/bash", "state": "present", "uid": 989 }
[root@Node3 ~]# ssh webadmin@node1 //驗證帳號是否能登陸
webadmin@node1's password:
[webadmin@Node1 ~]$ id
uid=988(webadmin) gid=983(webadmin) groups=983(webadmin)
[webadmin@Node1 ~]$
增長webadmin用戶刪除tom用戶
模塊四:group模塊:管理組的模塊
[root@Node3 ~]# ansible all -m group -a 'gid=1009 name=mygrp state=present system=no' //新增mygrp組,GID爲1009,不屬於系統組 172.17.21.207 | SUCCESS => { "changed": true, "gid": 1009, "name": "mygrp", "state": "present", "system": false } 172.17.21.206 | SUCCESS => { "changed": true, "gid": 1009, "name": "mygrp", "state": "present", "system": false } [root@Node3 ~]# ansible all -m group -a 'name=mygrp state=absent' //刪除mygrp組 172.17.21.207 | SUCCESS => { "changed": true, "name": "mygrp", "state": "absent" } 172.17.21.206 | SUCCESS => { "changed": true, "name": "mygrp", "state": "absent" }
模塊五:遠程複製備份模塊:copy
獲取幫助:ansible-doc -s copy
模塊參數詳解:
src:指定源文件路徑,能夠是相對路徑,也能夠是絕對路徑,能夠是目錄(並不是是必須的,可使用content,直接生成文件內容)
dest=:指定目標文件路徑,只能是絕對路徑,若是src是目錄,此項必須是目錄
owner:指定屬主
group:指定屬組
mode:指定權限,能夠以數字指定好比0644
content:代替src,直接往dest文件中寫內容,能夠引用變量,也能夠直接使用inventory中的主機變量
backup:在覆蓋以前將原文件備份,備份文件包含時間信息。有兩個選項:yes|no
force:
yes:默認項,若是目標主機包含該文件,但內容不一樣,則強制覆蓋
no:則只有當目標主機的目標位置不存在該文件時,才複製
directory_mode:遞歸的設定目錄的權限,默認爲系統默認權限
[root@Node3 tmp]# ansible all -m copy -a 'src=/tmp/note.txt dest=/tmp/ backup=yes' // 172.17.21.207 | SUCCESS => { "changed": true, "checksum": "9955cad1e88e697be0ee40142b4d365725aa6c4e", "dest": "/tmp/note.txt", "gid": 0, "group": "root", "md5sum": "dd968c136dce42f6f225411a7225d0db", "mode": "0644", "owner": "root", "size": 6, "src": "/root/.ansible/tmp/ansible-tmp-1516612236.52-246176770078243/source", "state": "file", "uid": 0 } 172.17.21.206 | SUCCESS => { "changed": true, "checksum": "9955cad1e88e697be0ee40142b4d365725aa6c4e", "dest": "/tmp/note.txt", "gid": 0, "group": "root", "md5sum": "dd968c136dce42f6f225411a7225d0db", "mode": "0644", "owner": "root", "size": 6, "src": "/root/.ansible/tmp/ansible-tmp-1516612236.53-164774507851707/source", "state": "file", "uid": 0 } [root@Node1 ~]# cat /tmp/note.txt //node1節點查看文件內容 Node3 [root@Node3 tmp]# ansible all -m copy -a 'content="Ansible\n" dest=/tmp/note.txt' // 172.17.21.207 | SUCCESS => { "changed": true, "checksum": "9fd79766f87c26f3a81e2622a577ca3864251949", "dest": "/tmp/note.txt", "gid": 0, "group": "root", "md5sum": "a46e0c84ae99c51a342c5b0dd51032ea", "mode": "0644", "owner": "root", "size": 8, "src": "/root/.ansible/tmp/ansible-tmp-1516612880.68-129445105756732/source", "state": "file", "uid": 0 } 172.17.21.206 | SUCCESS => { "changed": true, "checksum": "9fd79766f87c26f3a81e2622a577ca3864251949", "dest": "/tmp/note.txt", "gid": 0, "group": "root", "md5sum": "a46e0c84ae99c51a342c5b0dd51032ea", "mode": "0644", "owner": "root", "size": 8, "src": "/root/.ansible/tmp/ansible-tmp-1516612880.66-133496485275706/source", "state": "file", "uid": 0 } [root@Node1 ~]# cat /tmp/note.txt //node1節點查看文件內容 Ansible [root@Node3 tmp]# ansible all -m copy -a 'src=/etc/pam.d/ dest=/tmp/' //帶有斜扛/,表示複製目錄下全部文件至遠程主機/tmp目錄下 172.17.21.207 | SUCCESS => { "changed": true, "dest": "/tmp/", "src": "/etc/pam.d/" } 172.17.21.206 | SUCCESS => { "changed": true, "dest": "/tmp/", "src": "/etc/pam.d/" [root@Node3 tmp]# ansible all -m copy -a 'src=/etc/pam.d dest=/tmp/' //不帶斜扛/,代表複製pam.d目錄至遠程主機/tmp目錄下 172.17.21.206 | SUCCESS => { "changed": true, "dest": "/tmp/", "src": "/etc/pam.d" } 172.17.21.207 | SUCCESS => { "changed": true, "dest": "/tmp/", "src": "/etc/pam.d" }
[root@Node3 tmp]# ansible all -m copy -a 'src=/etc/fstab dest=/tmp/fstab.ansible mode=600 owner=tony group=webadmin' //複製文件至/tmp目錄下,同時改變屬主與屬組及權限
172.17.21.206 | SUCCESS => {
"changed": true,
"checksum": "ae2e6cc8d564afbfacf4243c13c06820ed6428f1",
"gid": 983,
"group": "webadmin",
"mode": "0600",
"owner": "tony",
"path": "/tmp/fstab.ansible",
"size": 883,
"state": "file",
"uid": 1000
}
172.17.21.207 | SUCCESS => {
"changed": true,
"checksum": "ae2e6cc8d564afbfacf4243c13c06820ed6428f1",
"gid": 984,
"group": "webadmin",
"mode": "0600",
"owner": "tony",
"path": "/tmp/fstab.ansible",
"size": 883,
"state": "file",
"uid": 1000
}
[root@Node1 tmp]# ll /tmp/fstab.ansible //查看文件屬性,進行驗證
-rw------- 1 tony webadmin 883 Jan 22 17:37 /tmp/fstab.ansible
複製本地文件到遠程主機並對原文件進行備份向遠程主機的文件中寫內容,會把原內容覆蓋掉
模塊六:對遠程文件管理的模塊:file
獲取幫助:ansible-doc -s file
模塊參數詳解:
owner:修改屬主
group:修改屬組
mode:修改權限
path=:要修改文件的路徑
recurse:遞歸的設置文件的屬性,只對目錄有效
yes:表示使用遞歸設置
state:
touch:建立一個新的空文件
directory:建立一個新的目錄,當目錄存在時不會進行修改
link:建立軟鏈接,結果src一塊兒使用此選項才生效
hard:建立硬鏈接
absent:刪除文件,目錄,軟鏈接
src:當state=link時,要被鏈接文件的源路徑
[root@Node3 tmp]# ansible all -m file -a 'path=/tmp/tony.txt state=touch' //建立一個文件 172.17.21.206 | SUCCESS => { "changed": true, "dest": "/tmp/tony.txt", "gid": 0, "group": "root", "mode": "0644", "owner": "root", "size": 0, "state": "file", "uid": 0 } 172.17.21.207 | SUCCESS => { "changed": true, "dest": "/tmp/tony.txt", "gid": 0, "group": "root", "mode": "0644", "owner": "root", "size": 0, "state": "file", "uid": 0 } [root@Node3 tmp]# ansible all -m file -a 'path=/tmp/tony.dir state=directory' //建立一個目錄 172.17.21.206 | SUCCESS => { "changed": true, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/tmp/tony.dir", "size": 6, "state": "directory", "uid": 0 } 172.17.21.207 | SUCCESS => { "changed": true, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/tmp/tony.dir", "size": 6, "state": "directory", "uid": 0 } [root@Node3 tmp]# ansible all -m file -a 'path=/tmp/tony.txt state=absent' //刪除文件 172.17.21.207 | SUCCESS => { "changed": true, "path": "/tmp/tony.txt", "state": "absent" } 172.17.21.206 | SUCCESS => { "changed": true, "path": "/tmp/tony.txt", "state": "absent" } [root@Node3 tmp]# ansible all -m file -a 'path=/tmp/tony.dir owner=tony group=tony recurse=yes' //遞歸改變目錄的屬主與屬組 172.17.21.206 | SUCCESS => { "changed": true, "gid": 1000, "group": "tony", "mode": "0755", "owner": "tony", "path": "/tmp/tony.dir", "size": 6, "state": "directory", "uid": 1000 } 172.17.21.207 | SUCCESS => { "changed": true, "gid": 1000, "group": "tony", "mode": "0755", "owner": "tony", "path": "/tmp/tony.dir", "size": 6, "state": "directory", "uid": 1000 } [root@Node3 tmp]# ansible all -m file -a 'src=/tmp/note.txt path=/tmp/notepad.txt state=link' // 172.17.21.207 | SUCCESS => { "changed": true, "dest": "/tmp/notepad.txt", "gid": 0, "group": "root", "mode": "0777", "owner": "root", "size": 13, "src": "/tmp/note.txt", "state": "link", "uid": 0 } 172.17.21.206 | SUCCESS => { "changed": true, "dest": "/tmp/notepad.txt", "gid": 0, "group": "root", "mode": "0777", "owner": "root", "size": 13, "src": "/tmp/note.txt", "state": "link", "uid": 0 }設置軟鏈接
模塊七:任務計劃模塊:cron
獲取幫助:ansibe-doc -s cron
模塊參數詳解:
state:
present:建立任務
absent:刪除任務
backup:對遠程主機上的原任務計劃內容修改以前作備份
job:要執行的任務
name:該任務的描述(必須項)
user:以哪一個用戶的身份運行
minute:分鐘(0-59,*,*/2,……),不寫默認爲*
hour:小時(0-23,*,*/2,……),不寫默認爲*
day:日(1-31,*,*/2,……),不寫默認爲*
month:月(1-12,*,*/2,……),不寫默認爲*
weekday:周(0-7,*,……),不寫默認爲*
[root@Node3 ~]# ansible all -m cron -a 'name="sync time from ntpserver" minute=*/10 job="/usr/sbin/ntpdate edu.ntp.org.cn &> /dev/null"' //每十分鐘同步一下時間 172.17.21.207 | SUCCESS => { "changed": true, "envs": [], "jobs": [ "sync time from ntpserver" ] } 172.17.21.206 | SUCCESS => { "changed": true, "envs": [], "jobs": [ "sync time from ntpserver" ] }
模塊八:收集遠程主機的信息:setup
收集可用的facts,收集每一個節點的相關信息:架構信息,IP,時間,域名,網卡,MAC,主機名,CPU等信息。
這些收集的信息,能夠做爲變量
[root@Node3 ~]# ansible all -m setup [root@Node3 ~]# ansible all -m setup -a 'filter=ansible_*_mb' //獲取內存信息 [root@Node3 ~]# ansible all -m setup -a 'filter=ansible_kernel' //獲取內核信息 [root@Node3 ~]# ansible all -m setup -a 'filter=ansible_all_ipv4_addresses' //獲取IPV4地址信息 [root@Node3 ~]# ansible all -m setup -a 'filter=ansible_nodename' //獲取節點主機信息
模塊九:在遠程主機執行本地腳本:script
[root@Node3 tmp]# ansible all -m script -a '/tmp/test.sh' //向各節點執行腳本 172.17.21.206 | SUCCESS => { "changed": true, "rc": 0, "stderr": "Shared connection to 172.17.21.206 closed.\r\n", "stdout": "", "stdout_lines": [] } 172.17.21.207 | SUCCESS => { "changed": true, "rc": 0, "stderr": "Shared connection to 172.17.21.207 closed.\r\n", "stdout": "", "stdout_lines": []
[root@Node1 ~]# cat /tmp/test.txt //驗證結果
Ansible to File
[root@Node1 ~]#
模塊十:安裝模塊:yum
模塊參數詳解:
name:表示要安裝軟件包的名字,默認最新的程序包,指明要安裝的程序包,能夠帶上版本號
state:表示是安裝還卸載
present:默認的,表示爲安裝
latest:安裝爲最新的版本
absent:表示刪除
[root@Node3 tmp]# ansible all -m yum -a 'name=httpd state=present' //安裝httpd服務
[root@Node3 tmp]# ansible all -m yum -a 'name=httpd state=absent' //卸載httpd服
模塊十一:服務模塊:service
模塊參數詳解:
enabled:表示設置服務開機是否啓動,取值爲true或者false;enabled=yes
name=:表示要控制哪個服務
state:
started:表示如今就啓動此服務
stopped:表示如今關閉此服務
restarted:表示重啓此服務
sleep:若是執行了restarted,在stop和start之間沉睡幾秒
runlevel:定義在哪些級別能夠自啓動
arguments:表示向命令行傳遞的參數
[root@Node3 tmp]# ansible Webservers -m service -a 'enabled=on name=httpd state=started' //遠程Web服務器安裝httpd服務 [root@Node1 ~]# rpm -q nginx nginx-1.12.2-1.el7.x86_64 [root@Node1 ~]# systemctl list-unit-files | grep httpd //查看httpd服務是否開機自啓動 httpd.service enabled [root@Node1 ~]# systemctl status nginx.service ● nginx.service - The nginx HTTP and reverse proxy server Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled) Active: inactive (dead) since Tue 2018-01-23 10:38:58 CST; 51s ago Main PID: 1355 (code=exited, status=0/SUCCESS) Jan 18 19:16:15 Node1.contoso.com systemd[1]: Starting The nginx HTTP and reverse proxy server... Jan 18 19:16:15 Node1.contoso.com nginx[1350]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok Jan 18 19:16:15 Node1.contoso.com nginx[1350]: nginx: configuration file /etc/nginx/nginx.conf test is successful Jan 18 19:16:16 Node1.contoso.com systemd[1]: Started The nginx HTTP and reverse proxy server. Jan 23 10:38:58 Node1.contoso.com systemd[1]: Stopping The nginx HTTP and reverse proxy server... Jan 23 10:38:58 Node1.contoso.com systemd[1]: Stopped The nginx HTTP and reverse proxy server. [root@Node1 ~]#
模塊十二:獲取遠程文件信息: stat
stat 模塊(獲取遠程文件狀態信息,atime/ctime/mtime/md5/uid/gid 等信息)
[root@Node3 ~]# ansible all -m stat -a 'path=/etc/passwd'
stat 模塊(獲取遠程文件狀態信息,atime/ctime/mtime/md5/uid/gid 等信息)
相關文章
- 1. ansible經常使用模塊
- 2. ansible-經常使用模塊
- 3. Ansible經常使用模塊
- 4. Ansible 經常使用模塊
- 5. Ansible--經常使用模塊
- 6. Ansible--經常使用模塊使用
- 7. ansible經常使用模塊用法
- 8. ansible經常使用模塊介紹
- 9. ansible經常使用模塊簡介
- 10. Ansible之經常使用模塊(一)
- 更多相關文章...
- • Lua 模塊與包 - Lua 教程
- • DTD - XML 構建模塊 - DTD 教程
- • 委託模式
- • Composer 安裝與使用
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. ansible經常使用模塊
- 2. ansible-經常使用模塊
- 3. Ansible經常使用模塊
- 4. Ansible 經常使用模塊
- 5. Ansible--經常使用模塊
- 6. Ansible--經常使用模塊使用
- 7. ansible經常使用模塊用法
- 8. ansible經常使用模塊介紹
- 9. ansible經常使用模塊簡介
- 10. Ansible之經常使用模塊(一)