红帽RHCE之Ansible-4-AD HOC

最新推荐文章于 2022-06-11 20:10:42 发布

XiaoHG_CSDN

最新推荐文章于 2022-06-11 20:10:42 发布

阅读量235

点赞数

分类专栏：红帽RHCE 文章标签： linux ansible

本文链接：https://blog.csdn.net/XiaoHG_CSDN/article/details/109587624

版权

红帽RHCE 专栏收录该内容

38 篇文章 2 订阅

订阅专栏

Ansible-4-AD HOC

ad hoc的命令格式

ansible “host-pattern” -m “moudle” -a “moudle argument” -i “inventory-path”

host-pattern表示某个主机或者某个主机组
-m 参数表示使用ansible的模块
-a 参数后面跟的是模块的参数
-i 参数后面跟的是Inventory的路径

//ping模块表示在被管理主机上使用ping命令来ping控制节点。
//如果success表示控制节点到被管理主机网络可达。
[student@workstation deploy-manage]$ ansible intranetweb -m ping 
BECOME password: 
servera.lab.example.com | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}

[student@workstation deploy-manage]$ ansible intranetweb -m yum -a 'name=httpd state=latest'
BECOME password: 
servera.lab.example.com | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [
        "Installed: httpd",
        "Installed: apr-util-openssl-1.6.1-6.el8.x86_64",
        "Installed: httpd-2.4.37-10.module+el8+2764+7127e69e.x86_64",
        "Installed: mod_http2-1.11.3-1.module+el8+2443+605475b7.x86_64",
        "Installed: httpd-filesystem-2.4.37-10.module+el8+2764+7127e69e.noarch",
        "Installed: apr-1.6.3-9.el8.x86_64",
        "Installed: httpd-tools-2.4.37-10.module+el8+2764+7127e69e.x86_64",
        "Installed: redhat-logos-httpd-80.7-1.el8.noarch",
        "Installed: apr-util-1.6.1-6.el8.x86_64",
        "Installed: apr-util-bdb-1.6.1-6.el8.x86_64"
    ]
}

ad hoc练习

//开始练习
[student@workstation ~]$ lab deploy-adhoc start

Setting up workstation for lab exercise work:

 · ansible package is installed on workstation.................  SUCCESS
 · Create exercise directory...................................  SUCCESS
 · Download Ansible configuration..............................  SUCCESS
 · Download Ansible inventory..................................  SUCCESS

[student@workstation ~]$ cd deploy-adhoc/
[student@workstation deploy-adhoc]$ ls
ansible.cfg  inventory
[student@workstation deploy-adhoc]$ cat ansible.cfg 
[defaults]
inventory=inventory
[student@workstation deploy-adhoc]$ cat inventory 
[control_node]
localhost

[intranetweb]
servera.lab.example.com

//修改sudoers文件
[student@workstation deploy-adhoc]$ sudo cat /etc/sudoers.d/devops
[sudo] password for student: 
devops ALL=(ALL) NOPASSWD: ALL
[student@workstation deploy-adhoc]$ id devops
uid=1001(devops) gid=1001(devops) groups=1001(devops)

[student@workstation deploy-adhoc]$ ansible all -m ping
servera.lab.example.com | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
localhost | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
[student@workstation deploy-adhoc]$ ansible all -a 'id'
servera.lab.example.com | CHANGED | rc=0 >>
uid=1000(student) gid=1000(student) groups=1000(student),10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

localhost | CHANGED | rc=0 >>
uid=1000(student) gid=1000(student) groups=1000(student),10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

//-u参数表示remote_user用-u参数指定的用户。
[student@workstation deploy-adhoc]$ ansible all -a 'id' -u devops
servera.lab.example.com | CHANGED | rc=0 >>
uid=1001(devops) gid=1001(devops) groups=1001(devops) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

localhost | CHANGED | rc=0 >>
uid=1001(devops) gid=1001(devops) groups=1001(devops) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

//失败，原因是需要提权
[student@workstation deploy-adhoc]$ ansible localhost -m copy -a 'content="managed by Ansible\n" dest=/etc/motd' -u devops
localhost | FAILED! => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "checksum": "fb22d5ba7a3803bd7a5674c6d0a17e8ab79dc172",
    "msg": "Destination /etc not writable"
}

//提权操作 --become
[student@workstation deploy-adhoc]$ ls -ld /etc/
drwxr-xr-x. 139 root root 8192 Nov  9 20:33 /etc/
[student@workstation deploy-adhoc]$ ansible localhost -m copy -a 'content="managed by Ansible\n" dest=/etc/motd' -u devops --become
localhost | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "checksum": "fb22d5ba7a3803bd7a5674c6d0a17e8ab79dc172",
    "dest": "/etc/motd",
    "gid": 0,
    "group": "root",
    "md5sum": "bc082a66faf5420486d21f73b9aebe3d",
    "mode": "0644",
    "owner": "root",
    "secontext": "system_u:object_r:etc_t:s0",
    "size": 19,
    "src": "/home/devops/.ansible/tmp/ansible-tmp-1604933290.8306222-49406991851638/source",
    "state": "file",
    "uid": 0
}

//完成练习
[student@workstation deploy-adhoc]$ lab deploy-adhoc finish

Cleaning up the lab on workstation:

 · Restore /etc/motd...........................................  SUCCESS

XiaoHG_CSDN

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
红帽RHCE之Ansible-4-AD HOC

Ansible-4-AD HOCad hoc的命令格式ansible “host-pattern” -m “moudle” -a “moudle argument” -i “inventory-path”host-pattern表示某个主机或者某个主机组-m 参数表示使用ansible的模块-a 参数后面跟的是模块的参数-i 参数后面跟的是Inventory的路径//ping模块表示在被管理主机上使用ping命令来ping控制节点。//如果success表示控制节点到被管理主机网络可
复制链接

扫一扫