Ansible-4-AD HOC
- ad hoc的命令格式
ansible “host-pattern” -m “moudle” -a “moudle argument” -i “inventory-path”
host-pattern表示某个主机或者某个主机组
-m 参数表示使用ansible的模块
-a 参数后面跟的是模块的参数
-i 参数后面跟的是Inventory的路径
//ping模块表示在被管理主机上使用ping命令来ping控制节点。
//如果success表示控制节点到被管理主机网络可达。
[student@workstation deploy-manage]$ ansible intranetweb -m ping
BECOME password:
servera.lab.example.com | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
[student@workstation deploy-manage]$ ansible intranetweb -m yum -a 'name=httpd state=latest'
BECOME password:
servera.lab.example.com | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Installed: httpd",
"Installed: apr-util-openssl-1.6.1-6.el8.x86_64",
"Installed: httpd-2.4.37-10.module+el8+2764+7127e69e.x86_64",
"Installed: mod_http2-1.11.3-1.module+el8+2443+605475b7.x86_64",
"Installed: httpd-filesystem-2.4.37-10.module+el8+2764+7127e69e.noarch",
"Installed: apr-1.6.3-9.el8.x86_64",
"Installed: httpd-tools-2.4.37-10.module+el8+2764+7127e69e.x86_64",
"Installed: redhat-logos-httpd-80.7-1.el8.noarch",
"Installed: apr-util-1.6.1-6.el8.x86_64",
"Installed: apr-util-bdb-1.6.1-6.el8.x86_64"
]
}
ad hoc练习
//开始练习
[student@workstation ~]$ lab deploy-adhoc start
Setting up workstation for lab exercise work:
· ansible package is installed on workstation................. SUCCESS
· Create exercise directory................................... SUCCESS
· Download Ansible configuration.............................. SUCCESS
· Download Ansible inventory.................................. SUCCESS
[student@workstation ~]$ cd deploy-adhoc/
[student@workstation deploy-adhoc]$ ls
ansible.cfg inventory
[student@workstation deploy-adhoc]$ cat ansible.cfg
[defaults]
inventory=inventory
[student@workstation deploy-adhoc]$ cat inventory
[control_node]
localhost
[intranetweb]
servera.lab.example.com
//修改sudoers文件
[student@workstation deploy-adhoc]$ sudo cat /etc/sudoers.d/devops
[sudo] password for student:
devops ALL=(ALL) NOPASSWD: ALL
[student@workstation deploy-adhoc]$ id devops
uid=1001(devops) gid=1001(devops) groups=1001(devops)
[student@workstation deploy-adhoc]$ ansible all -m ping
servera.lab.example.com | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
localhost | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
[student@workstation deploy-adhoc]$ ansible all -a 'id'
servera.lab.example.com | CHANGED | rc=0 >>
uid=1000(student) gid=1000(student) groups=1000(student),10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
localhost | CHANGED | rc=0 >>
uid=1000(student) gid=1000(student) groups=1000(student),10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
//-u参数表示remote_user用-u参数指定的用户。
[student@workstation deploy-adhoc]$ ansible all -a 'id' -u devops
servera.lab.example.com | CHANGED | rc=0 >>
uid=1001(devops) gid=1001(devops) groups=1001(devops) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
localhost | CHANGED | rc=0 >>
uid=1001(devops) gid=1001(devops) groups=1001(devops) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
//失败,原因是需要提权
[student@workstation deploy-adhoc]$ ansible localhost -m copy -a 'content="managed by Ansible\n" dest=/etc/motd' -u devops
localhost | FAILED! => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"checksum": "fb22d5ba7a3803bd7a5674c6d0a17e8ab79dc172",
"msg": "Destination /etc not writable"
}
//提权操作 --become
[student@workstation deploy-adhoc]$ ls -ld /etc/
drwxr-xr-x. 139 root root 8192 Nov 9 20:33 /etc/
[student@workstation deploy-adhoc]$ ansible localhost -m copy -a 'content="managed by Ansible\n" dest=/etc/motd' -u devops --become
localhost | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "fb22d5ba7a3803bd7a5674c6d0a17e8ab79dc172",
"dest": "/etc/motd",
"gid": 0,
"group": "root",
"md5sum": "bc082a66faf5420486d21f73b9aebe3d",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:etc_t:s0",
"size": 19,
"src": "/home/devops/.ansible/tmp/ansible-tmp-1604933290.8306222-49406991851638/source",
"state": "file",
"uid": 0
}
//完成练习
[student@workstation deploy-adhoc]$ lab deploy-adhoc finish
Cleaning up the lab on workstation:
· Restore /etc/motd........................................... SUCCESS