ansiblen基础学习

空城(๑>؂<๑）

已于 2024-08-17 09:46:11 修改

阅读量411

点赞数 10

文章标签：学习运维 linux

于 2024-08-14 21:30:17 首次发布

本文链接：https://blog.csdn.net/2303_78690349/article/details/141199339

版权

1.安装和部署ansible

1.安装ansible
[root@master-61 ~]# yum install ansible -y
 
2.编辑ansible的主机清单文件便于管理/etc/ansible/hosts
[web:vars]
ansible_port=22
ansible_password='123456'
[web]
172.16.1.[7:9]
[server:vars]
ansible_port=22
ansible_password='123456'
[server]
192.168.186.129

3.在对ansible进行测试之前要确定两台机器可以基于ssh协议免密登录，
否则会有指纹认证会出现报错，也可以通过sshpass进行跳过指纹认证

4.进行测试
[root@master-61 ~]# ansible server -m ping
192.168.186.129 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}

2.ansible模块的学习

1.command模块

ansible的默认模块，用于执行简单的命令，不支持特殊的符号

[root@master-61 ~]# ansible server -m command -a "hostname"
192.168.186.129 | CHANGED | rc=0 >>
localhost

2.shell模块

shell是ansible中的万能模块，适合执行各种命令，可以识别特殊符号

[root@master-61 ~]# ansible server -m shell -a "cat /etc/passwd|grep root"
192.168.186.129 | CHANGED | rc=0 >>
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin

3.file模块

file模块	模块说明
path	路径
src	源文件一般用于link，需要指定源文件
state	directory 创建目录 link 创建软连接 touch 创建文件
mode	修改权限
owner	设置文件属主
group	设置文件属组

1.向server的opt目录创建一个属主属组为linux01,权限为755的文件


[root@master-61 ~]# ansible server -m file -a "path=/opt/file.txt state=touch owner=linux01 group=linux01 mode=755"
192.168.186.129 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/opt/file.txt", 
    "gid": 1002, 
    "group": "linux01", 
    "mode": "0755", 
    "owner": "linux01", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 1002
}


[root@master-61 ~]# ansible server -m shell -a "ls -l /opt"
192.168.186.129 | CHANGED | rc=0 >>
total 0
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:34 file.txt
drwxr-xr-x. 2 root    root    6 Sep  7  2017 rh

2.删除file.txt文件

[root@master-61 ~]# ansible server -m file -a "path=/opt/file.txt state=absent"
192.168.186.129 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/opt/file.txt", 
    "state": "absent"
}
[root@master-61 ~]# ansible server -m shell -a "ls -l /opt"
192.168.186.129 | CHANGED | rc=0 >>
total 0
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:35 2.txt
drwxr-xr-x. 2 root    root    6 Sep  7  2017 rh

4.copy模块

copy模块	模块功能
src	源文件
dest	目标路径
backup	backup=yes备份
mode	修改权限
owner	指定文件属主
group	指定文件属组

1.在/opt下创建50个txt文件，拷贝到server机器的/opt下，修改权限为755，属主属组为linux01

[root@master-61 ~]# touch /opt/{1..50}.txt
[root@master-61 ~]# ansible server -m copy -a "src=/opt/ dest=/opt mode=755 owner=linux01 group=linux01"
192.168.186.129 | CHANGED => {
    "changed": true, 
    "dest": "/opt/", 
    "src": "/opt/"
}
[root@master-61 ~]# ansible server -m shell -a "ls -l /opt"
192.168.186.129 | CHANGED | rc=0 >>
total 0
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 10.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 11.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 12.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 13.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 14.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 15.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 16.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 17.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 18.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 19.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 1.txt

5.systemd模块

systemd模块	模块功能
name	指定服务名
enabled	enabled=yes为开机自启
state	started 开启 stopped 关闭 reloaded 重新加载配置文件 restarted 重启

1.启动server机器上的nginx服务

[root@master-61 ~]# ansible server -m systemd -a "name=nginx state=started"
192.168.186.129 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "nginx", 
    "state": "started", 
    "status": {
        "ActiveEnterTimestampMonotonic": "0", 
        "ActiveExitTimestampMonotonic": "0", 
        "ActiveState": "inactive",

2.关闭server机器上的nginx服务，并设置开机自启

[root@master-61 ~]# ansible server -m systemd -a "name=nginx state=stopped enabled=yes"
192.168.186.129 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "enabled": true, 
    "name": "nginx", 
    "state": "stopped", 
    "status": {


[root@master-61 ~]# ansible server -m shell -a "systemctl is-enabled nginx"
192.168.186.129 | CHANGED | rc=0 >>
enabled

6.yum模块

yum模块

模块功能

name

指定软件包名

state

installed 安装

removed 删除

absent 删除

lastest 安装或更新

1.给server机器安装lsyncd软件

[root@master-61 ~]# ansible server -m yum -a "name=lsyncd state=installed"
192.168.186.129 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "changes": {
        "installed": [
            "lsyncd"
        ]
    }, 
    "msg": "", 
    "rc": 0,

2.卸载server机器上的lsyncd软件

[root@master-61 ~]# ansible server -m yum -a "name=lsyncd state=removed"
192.168.186.129 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "changes": {
        "removed": [
            "lsyncd"
        ]
    }, 
    "msg": "", 
    "rc": 0,

7.user模块

user模块	模块功能
name	指定用户名
uid	指定uid
group	指定用户组
shell	指定命令解释器
create_home	是否创建家目录（yse\|on）
state	present 添加 absent 删除

1.给server机器创建linux02用户，uid为2999，不允许登录，不创建家目录

[root@master-61 ~]# ansible server -m user -a "name=linux02 uid=2999 shell=/sbin/nologin create_home=no state=present"
192.168.186.129 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "append": false, 
    "changed": true, 
    "comment": "linux02", 
    "group": 1000, 
    "home": "/home/linux02", 
    "move_home": false, 
    "name": "linux02", 
    "shell": "/sbin/nologin", 
    "state": "present", 
    "uid": 2999
}

8.group模块

group模块	模块功能
name	指定用户组的名字
gid	指定组的id号
state	present 添加 absent 删除

1.给server机器创建一个name=linux03，id号为6666的组

[root@master-61 ~]# ansible server -m group -a "name=linux03 gid=6666 state=present"
192.168.186.129 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 6666, 
    "name": "linux03", 
    "state": "present", 
    "system": false
}

2.删除linux03组

[root@master-61 ~]# ansible server -m group -a "name=linux03 state=absent"
192.168.186.129 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "linux03", 
    "state": "absent"
}

9.mount模块

mount模块	模块功能
fstype	指定文件系统
src	源地址
path	挂载点
state	absent 卸载并修改fstab unmounted 卸载不修改fstab present 仅修改fatab不挂载 mounted 挂载并修改fstab remounted 重新挂载

10.cron模块

cron模块	模块功能
name	定时任务名字
hour	小时
minute	分钟
day	日期
month	月份
week	周几
job	定时任务命令
state	present 添加定时任务 absent 删除定时任务