1.安装和部署ansible
1.安装ansible
[root@master-61 ~]# yum install ansible -y
2.编辑ansible的主机清单文件便于管理/etc/ansible/hosts
[web:vars]
ansible_port=22
ansible_password='123456'
[web]
172.16.1.[7:9]
[server:vars]
ansible_port=22
ansible_password='123456'
[server]
192.168.186.129
3.在对ansible进行测试之前要确定两台机器可以基于ssh协议免密登录,
否则会有指纹认证会出现报错,也可以通过sshpass进行跳过指纹认证
4.进行测试
[root@master-61 ~]# ansible server -m ping
192.168.186.129 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
2.ansible模块的学习
1.command模块
ansible的默认模块,用于执行简单的命令,不支持特殊的符号
[root@master-61 ~]# ansible server -m command -a "hostname"
192.168.186.129 | CHANGED | rc=0 >>
localhost
2.shell模块
shell是ansible中的万能模块,适合执行各种命令,可以识别特殊符号
[root@master-61 ~]# ansible server -m shell -a "cat /etc/passwd|grep root"
192.168.186.129 | CHANGED | rc=0 >>
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
3.file模块
file模块 | 模块说明 |
path | 路径 |
src | 源文件一般用于link,需要指定源文件 |
state | directory 创建目录 link 创建软连接 touch 创建文件 |
mode | 修改权限 |
owner | 设置文件属主 |
group | 设置文件属组 |
1.向server的opt目录创建一个属主属组为linux01,权限为755的文件
[root@master-61 ~]# ansible server -m file -a "path=/opt/file.txt state=touch owner=linux01 group=linux01 mode=755"
192.168.186.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/opt/file.txt",
"gid": 1002,
"group": "linux01",
"mode": "0755",
"owner": "linux01",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 0,
"state": "file",
"uid": 1002
}
[root@master-61 ~]# ansible server -m shell -a "ls -l /opt"
192.168.186.129 | CHANGED | rc=0 >>
total 0
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:34 file.txt
drwxr-xr-x. 2 root root 6 Sep 7 2017 rh
2.删除file.txt文件
[root@master-61 ~]# ansible server -m file -a "path=/opt/file.txt state=absent"
192.168.186.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "/opt/file.txt",
"state": "absent"
}
[root@master-61 ~]# ansible server -m shell -a "ls -l /opt"
192.168.186.129 | CHANGED | rc=0 >>
total 0
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:35 2.txt
drwxr-xr-x. 2 root root 6 Sep 7 2017 rh
4.copy模块
copy模块 | 模块功能 |
src | 源文件 |
dest | 目标路径 |
backup | backup=yes备份 |
mode | 修改权限 |
owner | 指定文件属主 |
group | 指定文件属组 |
1.在/opt下创建50个txt文件,拷贝到server机器的/opt下,修改权限为755,属主属组为linux01
[root@master-61 ~]# touch /opt/{1..50}.txt
[root@master-61 ~]# ansible server -m copy -a "src=/opt/ dest=/opt mode=755 owner=linux01 group=linux01"
192.168.186.129 | CHANGED => {
"changed": true,
"dest": "/opt/",
"src": "/opt/"
}
[root@master-61 ~]# ansible server -m shell -a "ls -l /opt"
192.168.186.129 | CHANGED | rc=0 >>
total 0
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 10.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 11.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 12.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 13.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 14.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 15.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 16.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 17.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 18.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 19.txt
-rwxr-xr-x. 1 linux01 linux01 0 Aug 14 20:45 1.txt
5.systemd模块
systemd模块 | 模块功能 |
name | 指定服务名 |
enabled | enabled=yes为开机自启 |
state | started 开启 stopped 关闭 reloaded 重新加载配置文件 restarted 重启 |
1.启动server机器上的nginx服务
[root@master-61 ~]# ansible server -m systemd -a "name=nginx state=started"
192.168.186.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "nginx",
"state": "started",
"status": {
"ActiveEnterTimestampMonotonic": "0",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "inactive",
2.关闭server机器上的nginx服务,并设置开机自启
[root@master-61 ~]# ansible server -m systemd -a "name=nginx state=stopped enabled=yes"
192.168.186.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"enabled": true,
"name": "nginx",
"state": "stopped",
"status": {
[root@master-61 ~]# ansible server -m shell -a "systemctl is-enabled nginx"
192.168.186.129 | CHANGED | rc=0 >>
enabled
6.yum模块
yum模块 | 模块功能 |
name | 指定软件包名 |
state | installed 安装 removed 删除 absent 删除 lastest 安装或更新 |
1.给server机器安装lsyncd软件
[root@master-61 ~]# ansible server -m yum -a "name=lsyncd state=installed"
192.168.186.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"changes": {
"installed": [
"lsyncd"
]
},
"msg": "",
"rc": 0,
2.卸载server机器上的lsyncd软件
[root@master-61 ~]# ansible server -m yum -a "name=lsyncd state=removed"
192.168.186.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"changes": {
"removed": [
"lsyncd"
]
},
"msg": "",
"rc": 0,
7.user模块
user模块 | 模块功能 |
name | 指定用户名 |
uid | 指定uid |
group | 指定用户组 |
shell | 指定命令解释器 |
create_home | 是否创建家目录(yse|on) |
state | present 添加 absent 删除 |
1.给server机器创建linux02用户,uid为2999,不允许登录,不创建家目录
[root@master-61 ~]# ansible server -m user -a "name=linux02 uid=2999 shell=/sbin/nologin create_home=no state=present"
192.168.186.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"append": false,
"changed": true,
"comment": "linux02",
"group": 1000,
"home": "/home/linux02",
"move_home": false,
"name": "linux02",
"shell": "/sbin/nologin",
"state": "present",
"uid": 2999
}
8.group模块
group模块 | 模块功能 |
name | 指定用户组的名字 |
gid | 指定组的id号 |
state | present 添加 absent 删除 |
1.给server机器创建一个name=linux03,id号为6666的组
[root@master-61 ~]# ansible server -m group -a "name=linux03 gid=6666 state=present"
192.168.186.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 6666,
"name": "linux03",
"state": "present",
"system": false
}
2.删除linux03组
[root@master-61 ~]# ansible server -m group -a "name=linux03 state=absent"
192.168.186.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "linux03",
"state": "absent"
}
9.mount模块
mount模块 | 模块功能 |
fstype | 指定文件系统 |
src | 源地址 |
path | 挂载点 |
state | absent 卸载并修改fstab unmounted 卸载不修改fstab present 仅修改fatab不挂载 mounted 挂载并修改fstab remounted 重新挂载 |
10.cron模块
cron模块 | 模块功能 |
name | 定时任务名字 |
hour | 小时 |
minute | 分钟 |
day | 日期 |
month | 月份 |
week | 周几 |
job | 定时任务命令 |
state | present 添加定时任务 absent 删除定时任务 |