文章目录
项目环境:
管理端:192.168.200.20
被管理端1:192.168.200.30
被管理端2:192.168.200.40
该环境是基于上一篇安装ansible设置的基础环境而进行的。
一、command 默认模块 - 执行命令
适合使用简单的命令,无法支持"<",">","|",";","&"等符号
--------command模块-------
命令格式:ansible [主机] [-m 模块] [-a args]
ansible-doc -l #列出所有已经安装的模块 注:按q退出
ansible-doc -s yum #-s 列出yum 模块描述信息和操作动作
ansible 192.168.200.30 -m command -a 'date' #指定ip执行date命令
ansible webservers -m command -a 'date' #指定分类执行date命令
ansible all -m command -a 'date' #所有hosts主机执行date命令
192.168.200.30 | CHANGED | rc=0 >>
2021年 04月 02日 星期五 12:15:54 CST
192.168.200.40 | CHANGED | rc=0 >>
2021年 04月 02日 星期五 12:15:54 CST
[root@localhost ~]# ansible all -a 'ls /' #如果不加-m模块,则默认运行command模块
二、cron - 定时任务模块
-----------cron模块-----------
两种状态(state):present表示添加(可以省略),absent表示移除。
nsible-doc -s cron #查看cron模块信息
[root@localhost ~]# ansible mysql -m cron -a 'minute="*/1" job="/bin/echo gccgcc" name="test cron job"'
192.168.200.40 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"test cron job"
]
}
注释:
-m cron:使用-m 指定cron模块
-a 'minute="*/1":使用-a指定参数,时间参数为每分钟1次
job="/bin/echo gccgcc":job参数指定在/bin下面执行echo命令输出gccgcc
name="test cron job":name参数指定名称,可以任意起
[root@localhost ~]# ansible mysql -a 'crontab -l' #查看上一条命令设置的cron详细信息
192.168.200.40 | CHANGED | rc=0 >>
#Ansible: test cron job
*/1 * * * * /bin/echo gccgcc
[root@localhost ~]# ansible mysql -m cron -a 'name="test cron job" state=absent' #移除定时性任务
192.168.200.40 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": []
}
三、user模块 - 用户管理
user 模块请求的是useradd,userdel,usermod 三个指令
[root@localhost ~]# ansible all -m user -a 'name="test01"' #在两台被控制主机上均创建用户test01
192.168.200.40 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1001,
"home": "/home/test01",
"name": "test01",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1001
}
192.168.200.30 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1001,
"home": "/home/test01",
"name": "test01",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1001
}
[root@localhost ~]# ansible mysql -m command -a 'tail /etc/passwd' #通过该命令查看mysql该被控制端是否创建成功test01用户
192.168.200.40 | CHANGED | rc=0 >>
setroubleshoot:x:993:988::/var/lib/setroubleshoot:/sbin/nologin
sssd:x:992:987:User for sssd:/:/sbin/nologin
gdm:x:42:42::/var/lib/gdm:/sbin/nologin
gnome-initial-setup:x:991:986::/run/gnome-initial-setup/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
gcc:x:1000:1000:gcc:/home/gcc:/bin/bash
test01:x:1001:1001::/home/test01:/bin/bash
[root@localhost ~]# ansible all -m user -a 'name="test01" state=absent' #删除两台被控制端上的test01用户
192.168.200.30 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"force": false,
"name": "test01",
"remove": false,
"state": "absent"
}
192.168.200.40 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"force": false,
"name": "test01",
"remove": false,
"state": "absent"
}
四、group - 用户(组)模块
group 模块请求的是 groupadd、groupdel、groupmod 三个指令。
[root@localhost ~]# ansible mysql -m group -a 'name=mysql gid=306 system=yes'
##name=mysql : 组名是mysql gid=306:gid号是306 system=yes: 为系统组
192.168.200.40 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 306,
"name": "mysql",
"state": "present",
"system": true
}
[root@localhost ~]# ansible mysql -a 'tail /etc/group' #查看组信息的最后十行,是否添加成功mysql
192.168.200.40 | CHANGED | rc=0 >>
avahi:x:70:
slocate:x:21:
postdrop:x:90:
postfix:x:89:
stapusr:x:156:
stapsys:x:157:
stapdev:x:158:
tcpdump:x:72:
gcc:x:1000:
mysql:x:306:
[root@localhost ~]# ansible mysql -m user -a 'name=test02 uid=306 group=mysql system=yes'
#向mysql组中添加系统用户test02,用户uid号为306
192.168.200.40 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 306,
"home": "/home/test02",
"name": "test02",
"shell": "/bin/bash",
"state": "present",
"system": true,
"uid": 306
}
[root@localhost ~]# ansible mysql -a 'id test02' #通过该命令查看用户test02是否添加成功
192.168.200.40 | CHANGED | rc=0 >>
uid=306(test02) gid=306(mysql) 组=306(mysql)
五、copy - 复制模块
[root@localhost ~]# ansible mysql -m copy -a 'src=/etc/fstab dest=/opt/fstab.bk owner=root mode=644'
##使用copy模块,讲源地址(src)文件复制到目的地址(dest)文件下,属主为root,权限为644
192.168.200.40 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "763ce160655b520bb6a3a0e7f3a6f0839ae1270e",
"dest": "/opt/fstab.bk",
"gid": 0,
"group": "root",
"md5sum": "604a747790357d697839f14a74b142ef",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:usr_t:s0",
"size": 595,
"src": "/root/.ansible/tmp/ansible-tmp-1617674157.35-2655-163059980715116/source",
"state": "file",
"uid": 0
}
[root@localhost ~]# ansible mysql -a 'ls -l /opt' #使用该命令查看mysql中/opt目录下的文件
192.168.200.40 | CHANGED | rc=0 >>
总用量 4
-rw-r--r--. 1 root root 595 4月 6 09:55 fstab.bk
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
[root@localhost ~]# ansible mysql -m copy -a 'content="this is gcc" dest=/opt/test.txt'
##content为添加的内容;dest为添加内容的目的地址
192.168.200.40 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "a47cc588b0cdd01f89f4e69acbe8bc88d7516eb2",
"dest": "/opt/test.txt",
"gid": 0,
"group": "root",
"md5sum": "0e7f5b4c7fbe489d1862c6986ed721e8",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:usr_t:s0",
"size": 11,
"src": "/root/.ansible/tmp/ansible-tmp-1617674643.89-2825-186493617915499/source",
"state": "file",
"uid": 0
}
[root@localhost ~]# ansible mysql -a 'cat /opt/test.txt' #查看添加的内容
192.168.200.40 | CHANGED | rc=0 >>
this is gcc
六、file模块 - 指定文件属性
[root@localhost ~]# ansible mysql -m file -a 'path=/opt/test.txt owner=test02 group=mysql mode=666'
192.168.200.40 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 306,
"group": "mysql",
"mode": "0666",
"owner": "test02",
"path": "/opt/test.txt",
"secontext": "system_u:object_r:usr_t:s0",
"size": 11,
"state": "file",
"uid": 306
}
[root@localhost ~]# ansible mysql -a 'ls -l /opt/test.txt' #查看是否更改成功
192.168.200.40 | CHANGED | rc=0 >>
-rw-rw-rw-. 1 test02 mysql 11 4月 6 10:04 /opt/test.txt
[root@localhost ~]# ansible mysql -m file -a 'src=/opt/test.txt path=/opt/test.txt.link state=link'
##将/opt/test.txt文件链接到/opt/test.txt.link 文件下
192.168.200.40 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/opt/test.txt.link",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 13,
"src": "/opt/test.txt",
"state": "link",
"uid": 0
}
[root@localhost ~]# ansible mysql -m file -a 'path=/opt/abc.txt state=touch'
##在/opt目录下创建一个abc.txt的空文件
192.168.200.40 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/opt/abc.txt",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
[root@localhost ~]# ansible mysql -m file -a 'path=/opt/abc.txt state=absent'
##将之前创建的空文件abc.txt删除掉
192.168.200.40 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "/opt/abc.txt",
"state": "absent"
}
七、ping模块 - 测试连通状态
[root@localhost ~]# ansible all -m ping #检测被控制端是否能ping通
192.168.200.40 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
192.168.200.30 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
八、yum 模块 - 安装/卸载软件包
yum:使用yum软件包管理器安装,升级,降级,删除和列出软件包和组
[root@localhost ~]# ansible webservers -m yum -a 'name=httpd'
##安装httpd服务
[root@localhost ~]# ansible webservers -m yum -a 'name=httpd'
192.168.200.30 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"changes": {
"installed": [
"httpd"
]
},
......
[root@localhost ~]# ansible mysql -m yum -a 'name=httpd state=absent'
##移除httpd服务
九、service模块 - 管理服务状态
service:用于管理服务运行状态
[root@localhost ~]# ansible webservers -m service -a 'name=httpd enabled=true state=started'
##启动httpd服务,前提是将httpd服务安装好
192.168.200.30 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"enabled": true,
"name": "httpd",
"state": "started",
......
[root@localhost ~]# ansible webservers -m service -a 'name=httpd enabled=true state=stopped' #关闭服务
十、shell 模块 - 免交互
shell 模块可以使用"<",">","|",";","&"等符号特殊符号,使用方法与 command 模块一致。
[root@localhost ~]# ansible webservers -m user -a 'name=gcc' #首先创建一个用户
192.168.200.30 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"append": false,
"changed": false,
"comment": "gcc",
"group": 1000,
"home": "/home/gcc",
"move_home": false,
"name": "gcc",
"shell": "/bin/bash",
"state": "present",
"uid": 1000
}
[root@localhost ~]# ansible webservers -m shell -a 'echo abc123 | passwd --stdin gcc'
##使用shell模块给gcc用户创建密码
192.168.200.30 | CHANGED | rc=0 >>
更改用户 gcc 的密码 。
passwd:所有的身份验证令牌已经成功更新。
十一、script 模块 - 执行脚本
[root@localhost ~]# cd /opt/
[root@localhost opt]# vim test.sh
#!/bin/bash
echo "this is test script" > /opt/script.txt
chmod 666 /opt/script.txt
[root@localhost opt]# chmod +x test.sh
[root@localhost opt]# ansible all -m script -a 'test.sh' #使用script模块执行创建的脚本
192.168.200.30 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.200.30 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.200.30 closed."
],
"stdout": "",
"stdout_lines": []
}
192.168.200.40 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.200.40 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.200.40 closed."
],
"stdout": "",
"stdout_lines": []
}
十二、setup 模块 - 收集信息
[root@localhost opt]# ansible mysql -m setup
##收集mysql组的facts文件下的所有的详细信息
192.168.200.40 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.122.1",
"192.168.200.40"
],
"ansible_all_ipv6_addresses": [
"fe80::d647:3757:9b2:c004"
],
"ansible_apparmor": {
"status": "disabled"
},
"ansible_architecture": "x86_64",
"ansible_bios_date": "07/29/2019",
"ansible_bios_version": "6.00",
"ansible_cmdline": {
......