Ansible常用模块
1、ping模块
ping模块是用来检查控制节点和受控节点是否畅通,pong表示为通
[root@localhost .ssh]# ansible all -m ping
192.168.65.128 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
2、command、raw、shell模块
Command、raw、shell都是远程主机上执行的命令,都支持在受控主机上执行受控主机上的脚本,但command是系统默认模块,且不能使用管道符、重定向。而raw和shell是支持管道服务和重定向的。在日常中尽量少用raw和shell模块,使用默认的command模块。三者都不具备幂等性
幂等性:(执行一次或多次结果是相同的,如果这一步做过了直接做下一步)
2.1 command模块
//在/home/目录下创建一个名为wjm1的文件
[root@localhost ansible]# ansible all -a"touch /home/wjm1"
192.168.65.128 | CHANGED | rc=0 >>
[root@wjm ~]# ll /home/ | grep wjm1
-rw-r--r-- 1 root root 0 7月 18 15:17 wjm1
//查看/home/目录中的所有文件
[root@localhost ansible]# ansible all -a "ls /home/"
192.168.65.128 | CHANGED | rc=0 >>
333
mjw
mmm
roo
wjm
wjm1
// command不支持管道符和重定向
[root@localhost ansible]# ansible all -a 'ps -ef|grep vsftpd'
192.168.65.128 | FAILED | rc=1 >>
error: unsupported SysV option
Usage:
ps [options]
Try 'ps --help <simple|list|output|threads|misc|all>'
or 'ps --help <s|l|o|t|m|a>'
for additional help text.
For more details see ps(1).non-zero return code
2.2 raw模块
执行脚本文件
[root@localhost ansible]# ansible all -m raw -a"/home/www.sh"
192.168.65.128 | CHANGED | rc=0 >>
hello world
Shared connection to 192.168.65.128 closed.
支持管道符和重定向
[root@localhost ansible]# ansible all -m raw -a "ls /home | grep www.sh"
192.168.65.128 | CHANGED | rc=0 >>
www.sh
Shared connection to 192.168.65.128 closed.
[root@localhost ansible]# ansible all -m raw -a"echo 'wjm' > /home/123"
192.168.65.128 | CHANGED | rc=0 >>
Shared connection to 192.168.65.128 closed.
[root@wjm home]# cat 123
wjm
2.3 shell模块
shell模块用于在受控机上执行受控机上的脚本,亦可直接在受控机上执行命令。shell模块亦支持管道与重定向。
在受控主机上执行脚本文件
[root@localhost ansible]# ansible all -m shell -a"/home/www.sh"
192.168.65.128 | CHANGED | rc=0 >>
hello world
支持管道符和重定向
[root@localhost ansible]# ansible all -m shell -a"echo 'wjm123' > /home/456"
192.168.65.128 | CHANGED | rc=0 >>
3、script模块
script模块用于在受控机上执行主控机上的脚本
[root@localhost ansible]# vim script.sh
[root@localhost ansible]# chmod +x script.sh
[root@localhost ansible]# ll
总用量 32
-rw-r--r-- 1 root root 20025 7月 17 10:58 ansible.cfg
-rw-r--r-- 1 root root 1016 6月 23 08:12 hosts
-rw-r--r-- 1 root root 18 7月 18 14:41 inventory
drwxr-xr-x 2 root root 6 7月 16 11:32 mulu
drwxr-xr-x 2 root root 6 6月 23 08:12 roles
-rwxr-xr-x 1 root root 19 7月 18 16:13 script.sh
[root@localhost ansible]# ansible all -m script -a"/etc/ansible/script.sh" //在受控制主机上执行控制节点的脚本
192.168.65.128 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.65.128 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.65.128 closed."
],
"stdout": "文件系统 容量 已用 可用 已用% 挂载点\r\n/dev/mapper/centos-root 50G 4.6G 45G 10% /\r\ndevtmpfs 2.0G 0 2.0G 0% /dev\r\ntmpfs 2.0G 0 2.0G 0% /dev/shm\r\ntmpfs 2.0G 13M 2.0G 1% /run\r\ntmpfs 2.0G 0 2.0G 0% /sys/fs/cgroup\r\n/dev/sda1 1014M 170M 845M 17% /boot\r\n/dev/mapper/centos-home 24G 35M 24G 1% /home\r\ntmpfs 407M 12K 407M 1% /run/user/42\r\ntmpfs 407M 0 407M 0% /run/user/0\r\n",
"stdout_lines": [
"文件系统 容量 已用 可用 已用% 挂载点",
"/dev/mapper/centos-root 50G 4.6G 45G 10% /",
"devtmpfs 2.0G 0 2.0G 0% /dev",
"tmpfs 2.0G 0 2.0G 0% /dev/shm",
"tmpfs 2.0G 13M 2.0G 1% /run",
"tmpfs 2.0G 0 2.0G 0% /sys/fs/cgroup",
"/dev/sda1 1014M 170M 845M 17% /boot",
"/dev/mapper/centos-home 24G 35M 24G 1% /home",
"tmpfs 407M 12K 407M 1% /run/user/42",
"tmpfs 407M 0 407M 0% /run/user/0"
]
}
您在 /var/spool/mail/root 中有新邮件
4、template模块
template模块用于生成一个模板,并可将其传输至远程主机上。
把控制节点的文件见生成一个模板,并传输到受控节点
[root@localhost ansible]# ansible all -m template -a"src=/etc/ansible/inventory dest=/home/inventory"
192.168.65.128 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "1230368e8fcfc3e8b0d533b776f0022b43ed08f1",
"dest": "/home/inventory",
"gid": 0,
"group": "root",
"md5sum": "e8a6a86641a7059d0edf37bf8370a7d1",
"mode": "0644",
"owner": "root",
"size": 18,
"src": "/root/.ansible/tmp/ansible-tmp-1626596417.78-124639-223938999577496/source",
"state": "file",
"uid": 0
}
[root@wjm home]# ls /home/ | grep inventory
inventory
5、yum模块
yum模块用于在指定节点机器上通过yum管理软件,其支持的参数主要有两个
name:要管理的包名
state:要进行的操作
latest:安装软件 //安装最新版本软件
installed:安装软件 //既成事实,让它已经成为一个安装的转态
present:安装软件 //直接安装
removed:卸载软件 //移除
absent:卸载软件 //缺席,这两个都是卸载的意思
安装ftp(文本传输协议)服务
[root@localhost ansible]# ansible all -m yum -a"name=vsftpd state=present"
192.168.65.128 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"changes": {
"installed": [
"vsftpd"
]
},
"msg": "",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror, langpacks\nLoading mirror speeds from cached hostfile\n * base: mirrors.cqu.edu.cn\n * extras: mirrors.bfsu.edu.cn\n * updates: mirrors.cqu.edu.cn\nResolving Dependencies\n--> Running transaction check\n---> Package vsftpd.x86_64 0:3.0.2-29.el7_9 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n vsftpd x86_64 3.0.2-29.el7_9 updates 173 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package\n\nTotal download size: 173 k\nInstalled size: 353 k\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : vsftpd-3.0.2-29.el7_9.x86_64 1/1 \n Verifying : vsftpd-3.0.2-29.el7_9.x86_64 1/1 \n\nInstalled:\n vsftpd.x86_64 0:3.0.2-29.el7_9 \n\nComplete!\n"
]
}
6、user和group模块的添加、删除、修改
添加用户:
[root@localhost ansible]# ansible localhost -m user -a"name=mok state=present" //如果后面加上create_home=no 表示不创建家目录
localhost | CHANGED => {
"changed": true,
"comment": "",
"create_home": true,
"group": 1002,
"home": "/home/mok",
"name": "mok",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1002
}
删除用户:
[root@localhost ansible]# ansible localhost -m user -a"name=mok state=absent" //如果删除目录时要删除家目录可以用remove=yes 删除用户家目录
localhost | CHANGED => {
"changed": true,
"force": false,
"name": "mok",
"remove": false,
"state": "absent"
}
您在 /var/spool/mail/root 中有新邮件
[root@localhost ansible]# id mok
id: mok: no such user //没有这个用户
修改用户:
[root@localhost ansible]# ansible localhost -m user -a"name=mok uid=1003" //修改用户的UID
localhost | CHANGED => {
"append": false,
"changed": true,
"comment": "",
"group": 1002,
"home": "/home/mok",
"move_home": false,
"name": "mok",
"shell": "/bin/bash",
"state": "present",
"uid": 1003
}
[root@localhost ansible]# id mok
uid=1003(mok) gid=1002(mok) 组=1002(mok)
添加组:
[root@localhost ansible]# ansible localhost -m group -a"name=M state=present"
localhost | CHANGED => {
"changed": true,
"gid": 1006,
"name": "M",
"state": "present",
"system": false
}
修改组gid
[root@localhost ansible]# ansible localhost -m group -a"name=M gid=1007"
localhost | CHANGED => {
"changed": true,
"gid": 1007,
"name": "M",
"state": "present",
"system": false
}
删除组
[root@localhost ansible]# ansible localhost -m group -a"name=M state=absent"
localhost | CHANGED => {
"changed": true,
"name": "M",
"state": "absent"
}
7、copy和touch、mkdir模块
4.2 copy和touch、mkdir模块
copy:
[root@localhost ansible]# ansible localhost -m copy -a"src=/etc/ansible/WJM dest=/home" //src:源地址 dest:目的地址
localhost | CHANGED => {
"changed": true,
"checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709",
"dest": "/home/WJM",
"gid": 0,
"group": "root",
"md5sum": "d41d8cd98f00b204e9800998ecf8427e",
"mode": "0644",
"owner": "root",
"size": 0,
"src": "/root/.ansible/tmp/ansible-tmp-1626406101.86-64577-213203522178257/source",
"state": "file",
"uid": 0
}
[root@localhost ansible]# cd /home/ | ls
ansible.cfg hosts inventory roles WJM
touch:
[root@localhost ansible]# ansible localhost -m command -a"touch WJM" //command:命令模块
[WARNING]: Consider using the file module with state=touch rather than running 'touch'. If you need
to use command because file is insufficient you can add 'warn: false' to this command task or set
'command_warnings=False' in ansible.cfg to get rid of this message.
localhost | CHANGED | rc=0 >>
[root@localhost ansible]# ll
总用量 24
-rw-r--r-- 1 root root 20027 7月 16 09:35 ansible.cfg
-rw-r--r-- 1 root root 1016 6月 23 08:12 hosts
-rw-r--r-- 1 root root 0 7月 16 09:35 inventory
drwxr-xr-x 2 root root 6 6月 23 08:12 roles
-rw-r--r-- 1 root root 0 7月 16 11:15 WJM
mkdir:
[root@localhost ansible]# ansible localhost -m command -a"mkdir mulu"
[WARNING]: Consider using the file module with state=directory rather than running 'mkdir'. If you
need to use command because file is insufficient you can add 'warn: false' to this command task or
set 'command_warnings=False' in ansible.cfg to get rid of this message.
localhost | CHANGED | rc=0 >>
[root@localhost ansible]# ls
ansible.cfg hosts inventory mulu roles WJM
8、file模块
file模块是设置文件的权限和其他属性的
更改文件的权限可以用mode
[root@localhost ansible]# ansible all -m file -a"path=/home/wjm mode=666" // path文件的位置,mode文件的权限
192.168.65.128 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 1001,
"group": "wjm",
"mode": "0666",
"owner": "wjm",
"path": "/home/wjm",
"size": 144,
"state": "directory",
"uid": 1001
}
[root@wjm home]# ll | grep wjm
总用量 1
drw-rw-rw-. 5 wjm wjm 144 7月 18 15:15 wjm
修改文件的属主,可以用owner
[root@localhost ansible]# ansible all -m file -a"path=/home/wjm owner=root"
192.168.65.128 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 1001,
"group": "wjm",
"mode": "0666",
"owner": "root",
"path": "/home/wjm",
"size": 144,
"state": "directory",
"uid": 0
}
[root@wjm home]# ll | grep wjm
总用量 1
drw-rw-rw-. 5 root wjm 144 7月 18 15:15 wjm
修改文件的属组,可以用group
[root@localhost ansible]# ansible all -m file -a"path=/home/wjm group=root"
192.168.65.128 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 0,
"group": "root",
"mode": "0666",
"owner": "root",
"path": "/home/wjm",
"size": 144,
"state": "directory",
"uid": 0
}
[root@wjm home]# ll | grep wjm
总用量 1
drw-rw-rw-. 5 root root 144 7月 18 15:15 wjm
9、blockinfile模块
blockinfile模块可以帮助我们在指定的文件中插入”一段文本”,这段文本是被标记过的,换句话说就是,我们在这段文本上做了记号,以便在以后的操作中可以通过”标记”找到这段文本,然后修改或者删除它,单单这样描述不是特别容易理解,结合下面的小例子动手做做立马就能够明白了。
在受控主机上的test文件后面加上两行内容
[root@localhost ansible]# ansible all -m blockinfile -a"path=/home/test block='10 11 12 13\n14 15 16 17'" //‘\n’:换行
192.168.65.128 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"msg": "Block inserted"
}
[root@wjm home]# cat test
123
456
789
# BEGIN ANSIBLE MANAGED BLOCK //开始标记
10 11 12 13
14 15 16 17
# END ANSIBLE MANAGED BLOCK //结束标记