Ansible 实战案例--Ansible Ad-Hoc 组件详解


在 Ansible 中有 8 个主要的 Ansible 管理工具, 每个管理工具都是一系列的模块 、 参数支持。 随时可获取的帮助信息对了解掌握 Ansible 系统非常重要。 对于Ansible 每个工具, 都可以简单地在命令后面加上 -h 或-help 直接获取帮助。

提示:本篇文章所使用的环境为centos-8.2基于ansible-2.8.0 搭建
具体环境搭建,请参考:ansible-2.8.0 搭建链接


注意, 如果使用 Ad-hoc 命令, Ansible 的一些插件功能就无法使用, 比如 loop、facts 功能等



shell 模块用法和command一样,不过的是其是通过/bin/sh进行执行,所以shell 模块可以执行任何命令,就像在本机执行一样,“ It is almost exactly like the command module but runs the command through a shell (/bin/sh) on the remote node.”

[student@ansible-server ansible]$ ansible all -m shell -a 'hostname' -o
node04 | CHANGED | rc=0 | (stdout) Ansible-node04
node03 | CHANGED | rc=0 | (stdout) Ansible-node03
node02 | CHANGED | rc=0 | (stdout) Ansible-node02
node01 | CHANGED | rc=0 | (stdout) Ansible-node01

[student@ansible-server ansible]$  ansible all -m shell -a 'free | grep Swap' -o
node04 | CHANGED | rc=0 | (stdout) Swap:       2097148           0     2097148
node02 | CHANGED | rc=0 | (stdout) Swap:       2097148           0     2097148
node03 | CHANGED | rc=0 | (stdout) Swap:       2097148           0     2097148
node01 | CHANGED | rc=0 | (stdout) Swap:       2097148           0     2097148

[student@ansible-server ansible]$  ansible all -m shell -a 'chdir=/opt date > data.txt' -o
node04 | CHANGED | rc=0 | (stdout) 
node01 | CHANGED | rc=0 | (stdout) 
node03 | CHANGED | rc=0 | (stdout) 
node02 | CHANGED | rc=0 | (stdout) 
[student@ansible-server ansible]$ ansible all -m shell -a 'cat  /opt/data.txt' -o
node04 | CHANGED | rc=0 | (stdout) Thu Sep 24 20:50:17 CST 2020
node02 | CHANGED | rc=0 | (stdout) Thu Sep 24 20:50:17 CST 2020
node03 | CHANGED | rc=0 | (stdout) Thu Sep 24 20:50:17 CST 2020
node01 | CHANGED | rc=0 | (stdout) Thu Sep 24 20:50:17 CST 2020
[student@ansible-server ansible]$ ansible all -m shell -a 'chdir=/tmp creates=/opt/data.txt pwd' -o
node04 | SUCCESS | rc=0 | (stdout) skipped, since /opt/data.txt exists
node03 | SUCCESS | rc=0 | (stdout) skipped, since /opt/data.txt exists
node02 | SUCCESS | rc=0 | (stdout) skipped, since /opt/data.txt exists
node01 | SUCCESS | rc=0 | (stdout) skipped, since /opt/data.txt exists
[student@ansible-server ansible]$ ansible all -m shell -a 'chdir=/tmp removes=/opt/data.txt pwd' -o
node02 | CHANGED | rc=0 | (stdout) /tmp
node03 | CHANGED | rc=0 | (stdout) /tmp
node04 | CHANGED | rc=0 | (stdout) /tmp
node01 | CHANGED | rc=0 | (stdout) /tmp


command 模块通过-a跟上要执行的命令可以直接执行,不过命令里如果有带有如下字符部分则执行不成功 “
so variables like $HOME and operations like “<”, “>”, “|”, and “&” will not work (use the shell module if you need these features).”

[student@ansible-server ansible]$ ansible all -a 'free' -o
node01 | CHANGED | rc=0 | (stdout)               total        used        free      shared  buff/cache   available\nMem:         810492      235692      326508        5756      248292      440280\nSwap:       2097148           0     2097148
node04 | CHANGED | rc=0 | (stdout)               total        used        free      shared  buff/cache   available\nMem:         810492      233220      323904        5756      253368      442568\nSwap:       2097148           0     2097148
node03 | CHANGED | rc=0 | (stdout)               total        used        free      shared  buff/cache   available\nMem:         810492      238436      323520        5764      248536      437580\nSwap:       2097148           0     2097148
node02 | CHANGED | rc=0 | (stdout)               total        used        free      shared  buff/cache   available\nMem:         810492      238860      329300        5756      242332      437112\nSwap:       2097148           0     2097148


remove 模块用法和shell 模块一样 ,其也可以执行任意命令,就像在本机执行一样,“Executes a low-down and dirty SSH command, not going through the module subsystem. There is no change handler support for this module. This module does not require python on the remote system”

[student@ansible-server ansible]$ ansible all -m raw -a 'date' -o
node03 | CHANGED | rc=0 | (stdout) Thu Sep 24 21:21:13 CST 2020\r\n (stderr) Shared connection to node03 closed.\r\n
node02 | CHANGED | rc=0 | (stdout) Thu Sep 24 21:21:13 CST 2020\r\n (stderr) Shared connection to node02 closed.\r\n
node04 | CHANGED | rc=0 | (stdout) Thu Sep 24 21:21:13 CST 2020\r\n (stderr) Shared connection to node04 closed.\r\n
node01 | CHANGED | rc=0 | (stdout) Thu Sep 24 21:21:13 CST 2020\r\n (stderr) Shared connection to node01 closed.\r\n

注:" " 中接受shell命令

command:除了输入、输出、管道以及后台操作命令,和 shell 模块类似
raw:和 shell 模块类似,但这种模块带有的参数较少



[student@ansible-server ansible]$ ansible all -m yum_repository -a 'name=ansible-2.8.0 description=ansible-2.8.0 baseurl= gpgcheck=no enabled=yes'
[student@ansible-server ansible]$ ansible all -m shell -a 'yum repolist'  -o
node02 | CHANGED | rc=0 | (stdout) repo id                              repo name\nAppStream                            CentOS-8 - AppStream\nBaseOS                               CentOS-8 - Base\nansible-2.8.0                        ansible-2.8.0\nextras                               CentOS-8 - Extras
node01 | CHANGED | rc=0 | (stdout) repo id                              repo name\nAppStream                            CentOS-8 - AppStream\nBaseOS                               CentOS-8 - Base\nansible-2.8.0                        ansible-2.8.0\nextras                               CentOS-8 - Extras
node03 | CHANGED | rc=0 | (stdout) repo id                              repo name\nAppStream                            CentOS-8 - AppStream\nBaseOS                               CentOS-8 - Base\nansible-2.8.0                        ansible-2.8.0\nextras                               CentOS-8 - Extras
node04 | CHANGED | rc=0 | (stdout) repo id                              repo name\nAppStream                            CentOS-8 - AppStream\nBaseOS                               CentOS-8 - Base\nansible-2.8.0                        ansible-2.8.0\nextras                               CentOS-8 - Extras

[student@ansible-server ansible]$ ansible all -m yum_repository -a 'name=ansible-2.8.0 state=absent' -o
node04 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": false,"repo": "ansible-2.8.0","state": "absent"}
node02 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": false,"repo": "ansible-2.8.0","state": "absent"}
node03 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": false,"repo": "ansible-2.8.0","state": "absent"}
node01 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": false,"repo": "ansible-2.8.0","state": "absent"}
[student@ansible-server ansible]$ ansible all -m shell -a 'yum list  | grep ansible' -o
node02 | CHANGED | rc=0 | (stdout) ansible-freeipa.noarch                               0.1.8-3.el8                                      AppStream \ncentos-release-ansible-29.noarch                     1-2.el8                                          extras    
node03 | CHANGED | rc=0 | (stdout) ansible-freeipa.noarch                               0.1.8-3.el8                                      AppStream \ncentos-release-ansible-29.noarch                     1-2.el8                                          extras    
node04 | CHANGED | rc=0 | (stdout) ansible-freeipa.noarch                               0.1.8-3.el8                                      AppStream \ncentos-release-ansible-29.noarch                     1-2.el8                                          extras    
node01 | CHANGED | rc=0 | (stdout) ansible-freeipa.noarch                               0.1.8-3.el8                                      AppStream \ncentos-release-ansible-29.noarch                     1-2.el8                                          extras    


yum、dnf 都是软连接,用法一致(仅掌握一种用法即可,此处介绍yum方式的用法)

[student@ansible-server ansible]$ ll `which yum`
lrwxrwxrwx. 1 root root 5 Apr 25 03:57 /usr/bin/yum -> dnf-3
[student@ansible-server ansible]$ ll `which dnf`
lrwxrwxrwx. 1 root root 5 Apr 25 03:57 /usr/bin/dnf -> dnf-3
[student@ansible-server ansible]$ ansible all -m yum -a 'name=nginx state=present'
[student@ansible-server ansible]$ ansible all -m yum -a 'name=nginx state=latest'
[student@ansible-server ansible]$ ansible all -m yum -a 'name=nginx state=absent'
[student@Ansible-Server ansible]$ ansible test -m yum -a 'name=* state=latest'
[student@Ansible-Server ansible]$ ansible all -m yum -a 'name='



[student@Ansible-Server ansible]$ ansible all -m service -a 'name=nginx state=started'
[student@Ansible-Server ansible]$ ansible all -m shell -a 'systemctl is-active nginx' -o
node03 | CHANGED | rc=0 | (stdout) active
node01 | CHANGED | rc=0 | (stdout) active
node02 | CHANGED | rc=0 | (stdout) active
node04 | CHANGED | rc=0 | (stdout) active
[student@Ansible-Server ansible]$ ansible all -m service -a 'name=nginx enabled=yes' 
[student@Ansible-Server ansible]$ ansible all -m shell -a 'systemctl is-enabled nginx'  -o
[student@Ansible-Server ansible]$ ansible all -m service -a 'name=nginx enabled=no state=stopped'



#创建一个uid 666的组
[student@Ansible-Server ansible]$ ansible all -m group -a 'name=it gid=666 system=yes state=present'
[student@Ansible-Server ansible]$ ansible all -m shell -a 'grep ^it /etc/group' -o
node01 | CHANGED | rc=0 | (stdout) it:x:666:
node02 | CHANGED | rc=0 | (stdout) it:x:666:
node03 | CHANGED | rc=0 | (stdout) it:x:666:
node04 | CHANGED | rc=0 | (stdout) it:x:666:

注:state 可以不用写,默认state的值是present,即若不存在则创建


  • 使用python 环境生成用户登录密码
[root@Ansible-Server ~]# python3
Python 3.8.0 (default, May  7 2020, 02:49:39) 
[GCC 8.3.1 20191121 (Red Hat 8.3.1-5)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import crypt
>>> crypt.crypt('123')
  • 用户管理操作
[student@Ansible-Server ansible]$ ansible all -m user -a "name=tom group=it password='$6$6V5NpO.zFaFQgygP$fE/lkbdXCGnv2TgtoO9Q66KqheRtnFRYIPoQnYC.KKpzJ8Yyle.KKjxedmIs0hqrnKybpO3jMOKu4q5PiyMHR0'"
#查看创建的tom 用户
[student@Ansible-Server ansible]$ ansible all -m shell -a 'tail -1 /etc/passwd' -o
node03 | CHANGED | rc=0 | (stdout) tom:x:1002:666::/home/tom:/bin/bash
node01 | CHANGED | rc=0 | (stdout) tom:x:1002:666::/home/tom:/bin/bash
node04 | CHANGED | rc=0 | (stdout) tom:x:1002:666::/home/tom:/bin/bash
node02 | CHANGED | rc=0 | (stdout) tom:x:1002:666::/home/tom:/bin/bash

[student@Ansible-Server ansible]$ ansible all -m user -a 'name=bob groups=it'
[student@Ansible-Server ansible]$ ansible all -m shell -a 'groupmems -g it -l' -o
node01 | CHANGED | rc=0 | (stdout) bob 
node03 | CHANGED | rc=0 | (stdout) bob 
node02 | CHANGED | rc=0 | (stdout) bob 
node04 | CHANGED | rc=0 | (stdout) bob 
[student@ansible-server ansible]$ ansible all -m user -a 'name=bob generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=./ssh/id_rsa'
[student@ansible-server ansible]$ ansible all -m shell -a 'ls -la  ~bob/ssh' 
node02 | CHANGED | rc=0 >>
total 8
drwx------. 2 bob bob   38 Sep 25 22:55 .
drwx------. 3 bob bob   87 Sep 25 22:55 ..
-rw-------. 1 bob bob 1843 Sep 25 22:55 id_rsa
-rw-r--r--. 1 bob bob  409 Sep 25 22:55

node04 | CHANGED | rc=0 >>
total 8
drwx------. 2 bob bob   38 Sep 25 22:55 .
drwx------. 3 bob bob   87 Sep 25 22:55 ..
-rw-------. 1 bob bob 1856 Sep 25 22:55 id_rsa
-rw-r--r--. 1 bob bob  417 Sep 25 22:55

node01 | CHANGED | rc=0 >>
total 8
drwx------. 2 bob bob   38 Sep 25 22:55 .
drwx------. 3 bob bob   87 Sep 25 22:55 ..
-rw-------. 1 bob bob 1856 Sep 25 22:55 id_rsa
-rw-r--r--. 1 bob bob  417 Sep 25 22:55

node03 | CHANGED | rc=0 >>
total 8
drwx------. 2 bob bob   38 Sep 25 22:55 .
drwx------. 3 bob bob   87 Sep 25 22:55 ..
-rw-------. 1 bob bob 1843 Sep 25 22:55 id_rsa
-rw-r--r--. 1 bob bob  417 Sep 25 22:55



#ansible 配置计划任务--凌晨每天2:30 备份nginx网页文件
[student@ansible-server ansible]$ ansible all -m cron -a "name=backup-web minute=30 hour=2 job='[ -d /bak ] || mkdir /bak; tar czf /bak/web.tar.gz  /usr/share/nginx/html'"
[student@ansible-server ansible]$ ansible all -m shell -a 'crontab -l' -o
node02 | CHANGED | rc=0 | (stdout) #Ansible: backup-web\n30 2 * * * [ -d /bak ] || mkdir /bak; tar czf /bak/web.tar.gz  /usr/share/nginx/html
node03 | CHANGED | rc=0 | (stdout) #Ansible: backup-web\n30 2 * * * [ -d /bak ] || mkdir /bak; tar czf /bak/web.tar.gz  /usr/share/nginx/html
node04 | CHANGED | rc=0 | (stdout) #Ansible: backup-web\n30 2 * * * [ -d /bak ] || mkdir /bak; tar czf /bak/web.tar.gz  /usr/share/nginx/html
node01 | CHANGED | rc=0 | (stdout) #Ansible: backup-web\n30 2 * * * [ -d /bak ] || mkdir /bak; tar czf /bak/web.tar.gz  /usr/share/nginx/html
[root@node04 ~]# ll /bak/
total 8
-rw-r--r--. 1 root root 6629 Sep 25 02:30 web.tar.gz
[student@ansible-server ansible]$ ansible all -m cron -a 'name=backup-web state=absent'
[student@ansible-server ansible]$ ansible all -m shell -a 'crontab -l' -o
node04 | CHANGED | rc=0 | (stdout) 
node02 | CHANGED | rc=0 | (stdout) 
node01 | CHANGED | rc=0 | (stdout) 
node03 | CHANGED | rc=0 | (stdout) 



  • 普通文件
[student@Ansible-Server ansible]$ ansible prod -m file -a 'path=/tmp/text_file1 state=touch'
[student@Ansible-Server ansible]$ ansible prod -m shell -a 'ls -l /tmp'  
node03 | CHANGED | rc=0 >>
total 0
drwx------. 3 root root 79 Sep 25 23:55 ansible_command_payload_tp7jw4l1
drwx------. 3 root root 79 Sep 26 05:50 ansible_command_payload_xt0pfnid
drwx------. 3 root root 17 Sep 25 22:34 systemd-private-3a7c95ba85514ef5b133d601540a5b4f-chronyd.service-rHr9Vg
-rw-r--r--. 1 root root  0 Sep 26 05:49 text_file1

node04 | CHANGED | rc=0 >>
total 0
drwx------. 3 root root 79 Sep 25 08:56 ansible_command_payload_8n6tgcwg
drwx------. 3 root root 79 Sep 25 03:02 ansible_command_payload_9wf6y6y2
drwx------. 3 root root 17 Sep 25 07:25 systemd-private-637d5b5606b54349b7082a8048554080-chronyd.service-eEQNbp
-rw-r--r--. 1 root root  0 Sep 25 08:55 text_file1
[student@Ansible-Server ansible]$ ansible prod -m file -a 'src=/tmp/text_file1 path=/tmp/soft_link_text_file1 state=link'
[root@Ansible-node03 ~]# ll /tmp/soft_link_text_file1 
lrwxrwxrwx. 1 root root 15 Sep 26 05:58 /tmp/soft_link_text_file1 -> /tmp/text_file1
[root@Ansible-node04 ~]# ll /tmp/soft_link_text_file1 
lrwxrwxrwx. 1 root root 15 Sep 25 09:04 /tmp/soft_link_text_file1 -> /tmp/text_file1
[student@Ansible-Server ansible]$ ansible prod -m file -a 'path=/tmp/soft_link_text_file1 state=link state=absent'
[root@Ansible-node03 ~]# ll /tmp/soft_link_text_file1 
ls: cannot access '/tmp/soft_link_text_file1': No such file or directory
[root@Ansible-node04 ~]# ll /tmp/soft_link_text_file1 
ls: cannot access '/tmp/soft_link_text_file1': No such file or directory
  • 目录文件
[student@Ansible-Server ansible]$ ansible node04 -m file -a 'path=/opt/dir1 state=directory'
[student@Ansible-Server ansible]$ ansible node04 -m file -a 'path=/opt/dir2/dir22 state=directory recurse=yes'
[root@Ansible-node04 ~]# tree /opt/
├── dir1
└── dir2
    └── dir22
[student@Ansible-Server ansible]$ ansible node04 -m file -a 'path=/opt/dir2/dir22 state=absent '
[student@Ansible-Server ansible]$ ansible node04 -m file -a 'path=/opt/dir2/ state=absent '
[root@Ansible-node04 ~]# tree /opt/
└── dir1


#复制文件 a.txt 到远端节点主机
[student@Ansible-Server ansible]$ ansible node04 -m copy -a 'src=/home/student/ansible/a.txt dest=/opt mode=755'
[root@Ansible-node04 ~]# ll /opt/
total 0
-rwxr-xr-x. 1 root root 0 Sep 25 10:41 a.txt
drwxr-xr-x. 2 root root 6 Sep 25 09:21 dir1
#更改nginx服务网页文件内容为 "hello wlecome to nginx_web_server"
[student@Ansible-Server ansible]$ ansible node01 -m copy -a "content='hello wlecome to nginx_web_server\n' dest=/usr/share/nginx/html/index.html"
[root@Ansible-node01 html]# curl
hello wlecome to nginx_web_server


[student@Ansible-Server ansible]$ ansible all -m fetch -a 'src=/etc/hosts dest=.'
[student@Ansible-Server ansible]$ ll
total 8
-rw-rw-r--. 1 student student 188 Sep 24 16:21 ansible.cfg
-rw-rw-r--. 1 student student   0 Sep 26 07:22 a.txt
-rw-rw-r--. 1 student student  93 Sep 24 15:46 inventory
drwxrwxr-x. 3 student student  17 Sep 26 08:16 node01
drwxrwxr-x. 3 student student  17 Sep 26 08:16 node02
drwxrwxr-x. 3 student student  17 Sep 26 08:16 node03
drwxrwxr-x. 3 student student  17 Sep 26 08:16 node04
drwxrwxr-x. 2 student student   6 Sep 24 15:56 roles
[student@Ansible-Server ansible]$ more node01/etc/hosts   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6 ansible-server node01 node02 node03 node04


[student@Ansible-Server ansible]$ ansible node01 -m lineinfile -a 'path=/etc/selinux/config regexp="^SELINUX=" line=SELINUX=disabled'
[root@Ansible-node01 html]# grep ^SELINUX= /etc/selinux/config 
[student@Ansible-Server ansible]$ ansible node01 -m lineinfile -a 'path=/etc/selinux/config regexp="^#" state=absent'
[root@Ansible-node01 html]# more /etc/selinux/config 


[student@Ansible-Server ansible]$ ansible node01 -m lineinfile -a 'path=/root/anaconda-ks.cfg regexp="^#ver" insertbefore="^ver" line="###"'
[root@Ansible-node01 ~]# head -1 anaconda-ks.cfg 
[student@Ansible-Server ansible]$ ansible node01 -m lineinfile -a 'path=/root/file insertbefore="^=" line=hello'
[student@Ansible-Server ansible]$ ansible node01 -m lineinfile -a 'path=/root/file insertafter="^=" line=hi'
[root@Ansible-node01 ~]# more file 
[student@Ansible-Server ansible]$ ansible node01 -m lineinfile -a 'path=/root/file regexp="=" state=absent'
[root@Ansible-node01 ~]# more file 


[student@Ansible-Server ansible]$ ansible all -m yum -a 'name=rsync state=present'
[student@Ansible-Server ansible]$ sudo dnf install rsync -y
[student@Ansible-Server ansible]$ ansible node03 -m synchronize -a 'src=file dest=/tmp'
[root@Ansible-node03 ~]# ll /tmp/file 
-rw-rw-r--. 1 student student 15 Sep 26 09:29 /tmp/file
[student@Ansible-Server ansible]$ ansible node03 -m synchronize -a 'src=/tmp/file dest=/tmp mode=pull'
[student@Ansible-Server ansible]$ ll /tmp/file 
-rw-rw-r--. 1 student student 25 Sep 26 10:46 /tmp/file


  • unarchive模块用来解压文件
    • 选项:

      • copy:在解压文件之前,是否先将文件复制到远程主机,默认为yes。>若为no,则要求目标主机上压缩包必须存在
      • creates:指定一个文件名,当该文件存在时,则解压指令不执行
      • dest:远程主机上的一个路径,即文件解压的绝对路径。
      • group:解压后的目录或文件的属组
      • mode:解压后文件的权限
      • src:如果copy为yes,则需要指定压缩文件的源路径
      • owner:解压后文件或目录的属主
[student@Ansible-Server ansible]$ ansible all -m unarchive -a 'src=/tmp/nginx-1.16.1-2.fc32.x86_64.rpm.tar.gz dest=/opt copy=yes'
[student@Ansible-Server ansible]$ ansible all -m shell -a 'ls -l /opt' -o
node01 | CHANGED | rc=0 | (stdout) total 568\n-rw-r--r--. 1 root root 581238 Jan 30  2020 nginx-1.16.1-2.fc32.x86_64.rpm
node02 | CHANGED | rc=0 | (stdout) total 568\n-rw-r--r--. 1 root root 581238 Jan 30  2020 nginx-1.16.1-2.fc32.x86_64.rpm
node04 | CHANGED | rc=0 | (stdout) total 568\n-rw-r--r--. 1 root root 581238 Jan 30  2020 nginx-1.16.1-2.fc32.x86_64.rpm
node03 | CHANGED | rc=0 | (stdout) total 568\n-rw-r--r--. 1 root root 581238 Jan 30  2020 nginx-1.16.1-2.fc32.x86_64.rpm



[student@Ansible-Server ansible]$ ansible node04 -m service -a 'name=firewalld state=started enabled=true'
[student@Ansible-Server ansible]$ ansible node04 -m firewalld -a 'service=http permanent=true immediate=true state=enabled'
[student@Ansible-Server ansible]$ ansible node04 -m firewalld -a 'port=443/tcp permanent=true immediate=true state=enabled'
[root@Ansible-node04 ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens33
  services: cockpit dhcpv6-client http ssh
  ports: 443/tcp
  masquerade: no
  rich rules: 
[student@Ansible-Server ansible]$ ansible node04 -m firewalld -a 'rich_rule="rule family=ipv4 source address= service name=http accept" permanent=true immediate=true state=enabled'
[student@Ansible-Server ansible]$ ansible node04 -m firewalld -a 'rich_rule="rule family=ipv4 forward-port port=443 protocol=tcp to-port=888" permanent=true immediate=true state=enabled' 
[student@Ansible-Server ansible]$ ansible node04 -m firewalld -a 'masquerade=yes state=enabled permanent=yes immediate=yes'
[root@Ansible-node04 ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens33
  services: cockpit dhcpv6-client http ssh
  ports: 443/tcp
  masquerade: yes
  rich rules: 
	rule family="ipv4" source address="" service name="http" accept
	rule family="ipv4" forward-port port="443" protocol="tcp" to-port="888"



[student@Ansible-Server ansible]$ ansible node04 -m get_url -a 'url=file:///etc/passwd dest=/opt'
[student@Ansible-Server ansible]$ ansible node04 -m shell -a 'ls -l /opt'
node04 | CHANGED | rc=0 >>
total 4
-rwxr-xr-x. 1 root root    0 Sep 25 10:41 a.txt
drwxr-xr-x. 2 root root    6 Sep 25 09:21 dir1
-rw-r--r--. 1 root root 1681 Sep 25 15:46 passwd
[student@Ansible-Server ansible]$ ansible node04 -m get_url -a 'url= dest=/opt'
[student@Ansible-Server ansible]$ ansible node04 -m shell -a 'ls -l /opt'
node04 | CHANGED | rc=0 >>
total 24
-rwxr-xr-x. 1 root root     0 Sep 25 10:41 a.txt
drwxr-xr-x. 2 root root     6 Sep 25 09:21 dir1
-rw-r--r--. 1 root root  1681 Sep 25 15:46 passwd
-rw-r--r--. 1 root root 16564 Sep 25 15:52 sl-5.02-1.el8.x86_64.rpm



[root@Ansible-node02 ~]# lsblk  | grep sdb
sdb           8:16   0   10G  0 disk 
[student@Ansible-Server ansible]$ ansible node02 -m parted -a 'device=/dev/sdb number=1 part_end=1GiB state=present'
[root@Ansible-node02 ~]# parted /dev/sdb
GNU Parted 3.2
Using /dev/sdb
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) p                                                                
Model: VMware, VMware Virtual S (scsi)
Disk /dev/sdb: 10.7GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags: 

Number  Start   End     Size    Type     File system  Flags
 1      1049kB  1074MB  1073MB  primary

[student@Ansible-Server ansible]$ ansible node02 -m parted -a 'device=/dev/sdb number=1 state=absent'
[student@Ansible-Server ansible]$ ansible node02 -m parted -a 'device=/dev/sdb number=1 flags=lvm part_end=3GiB state=present'

[root@Ansible-node02 ~]# parted /dev/sdb
GNU Parted 3.2
Using /dev/sdb
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) p                                                                
Model: VMware, VMware Virtual S (scsi)
Disk /dev/sdb: 10.7GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags: 

Number  Start   End     Size    Type     File system  Flags
 1      1049kB  3221MB  3220MB  primary               lvm


[student@Ansible-Server ansible]$ ansible node02 -m lvg -a 'pvs=/dev/sdb1 vg=my_vg'
[root@Ansible-node02 ~]# vgs
  VG    #PV #LV #SN Attr   VSize   VFree 
  cl      1   2   0 wz--n- <19.00g     0 
  my_vg   1   0   0 wz--n-  <3.00g <3.00g
[root@Ansible-node02 ~]# lsblk | grep sdb
sdb           8:16   0   10G  0 disk 
├─sdb1        8:17   0    3G  0 part 
├─sdb2        8:18   0    2G  0 part 
└─sdb3        8:19   0    1G  0 part 
[root@Ansible-node02 ~]# vgs
  VG    #PV #LV #SN Attr   VSize   VFree 
  cl      1   2   0 wz--n- <19.00g     0 
  my_vg   1   0   0 wz--n-  <3.00g <3.00g

[student@Ansible-Server ansible]$ ansible node02 -m lvg -a 'pvs=/dev/sdb1,/dev/sdb2,/dev/sdb3 vg=my_vg'
[root@Ansible-node02 ~]# vgs
  VG    #PV #LV #SN Attr   VSize   VFree 
  cl      1   2   0 wz--n- <19.00g     0 
  my_vg   3   0   0 wz--n-  <5.99g <5.99g


[student@Ansible-Server ansible]$ ansible node02 -m lvol -a 'vg=my_vg lv=lv1 size=5000'
[root@Ansible-node02 ~]# lvs
  LV   VG    Attr       LSize   Pool Origin Data%  Meta%  Move Log Cpy%Sync Convert
  root cl    -wi-ao---- <17.00g                                                    
  swap cl    -wi-ao----   2.00g                                                    
  lv1  my_vg -wi-a-----   4.88g 


[student@Ansible-Server ansible]$ ansible node02 -m filesystem -a 'dev=/dev/my_vg/lv1 fstype=xfs'


[student@Ansible-Server ansible]$ ansible node02 -m file -a 'path=/dir1 state=directory'

[student@Ansible-Server ansible]$ ansible node02 -m mount -a 'src=/dev/my_vg/lv1 path=/dir1 fstype=xfs state=present'
[student@Ansible-Server ansible]$ ansible node02 -m mount -a 'src=/dev/my_vg/lv1 path=/dir1 fstype=xfs state=mounted'
[root@Ansible-node02 ~]# df -h
Filesystem             Size  Used Avail Use% Mounted on
devtmpfs               380M     0  380M   0% /dev
tmpfs                  396M     0  396M   0% /dev/shm
tmpfs                  396M  5.7M  391M   2% /run
tmpfs                  396M     0  396M   0% /sys/fs/cgroup
/dev/mapper/cl-root     17G  2.0G   16G  12% /
/dev/sda1              976M  185M  724M  21% /boot
tmpfs                   80M     0   80M   0% /run/user/0
/dev/mapper/my_vg-lv1  4.9G   68M  4.9G   2% /dir1

[student@Ansible-Server ansible]$ ansible node02 -m mount -a 'path=/dir1 state=unmounted'

