临时有个需求:几十台机器的安全日志拷贝到一台指定服务器上。
考虑1. 最好是BS实现,如果是CS结构,每台机器都要部署agent
考虑2:每台服务器的安全日志文件命名是一样的,如果直接放到同一个目录下,重名导致覆盖
由此想到ansible的fetch模块,ansible是BS架构,fetch模块支持原始目录拷贝。但是直接用fetch模块不可行,因为支持单个文件。比如下面的写法会报错
ansible all -m fetch -a "src=/var/log/secure* dest=/tmp/,mode=0777"
ansible-playbook可以实现(但是目前没有找到取文件的同时改权限,可能因为mode不在fetch模块下面)。
下面是官方举例介绍(https://docs.ansible.com/ansible/latest/modules/fetch_module.html#examples ):
- name: Store file into /tmp/fetched/host.example.com/tmp/somefile
fetch:
src: /tmp/somefile
dest: /tmp/fetched
- name: Specifying a path directly
fetch:
src: /tmp/somefile
dest: /tmp/prefix-{
{ inventory_hostname }}
flat: yes
- name: Specifying a destination path
fetch:
src: /tmp/uniquefile
dest: /tmp/special/
flat: yes
- name: Storing in a path relative to the playbook
fetch:
src: /tmp/uniquefile
dest: special/prefix-{
{ inventory_hostname }}
flat: yes
如果flat为yes,不按照src的目录来创建目录。flat为no就创建和src一样的目录。下面是实际使用案例:
[root@node1 ~]# cat secure_fetch.yml
---
- name: 取secure日志
become: yes
become_method: su
hosts: test
gather_facts: no
tasks:
- name: find log
find:
paths: /var/log/
patterns: "secure*"
#recurse参数 : 默认情况下,只会在指定的目录中查找文件,也就是说,如果目录中还包含目录,ansible 并不会递归的进入子目录查找对应文件,如果想要递归的查找文件,需要使用 recurse 参数,当 recurse 参数设置为 yes 时,表示在指定目录中递归的查找文件。
recurse: no
#register是钩子
register: file_fetch
- name: fetch log
fetch:
src: "{
{ item.path }}"
dest: /home/securelog/
flat: no
with_items: "{
{ file_fetch.files }}"
[root@node1 ~]# ansible-playbook secure_fetch.yml
PLAY [取secure日志] ******************************************************************************************************************************
TASK [find log] *******************************************************************************************************************************
ok: [192.168.44.13]
ok: [192.168.44.12]
TASK [fetch log] ******************************************************************************************************************************
failed: [192.168.44.13] (item={u'rusr': True, u'uid': 0, u'rgrp': False, u'xoth': False, u'islnk': False, u'woth': False, u'nlink': 1, u'issock': False, u'mtime': 1530416260.2022357, u'gr_name': u'root', u'path': u'/var/log/secure-20180701', u'xusr': False, u'atime': 1548943948.2019362, u'inode': 33866032, u'isgid': False, u'size': 44050, u'isdir': False, u'ctime': 1530418922.064081, u'roth': False, u'isblk': False, u'xgrp': False, u'isuid': False, u'dev': 64768, u'wgrp': False, u'isreg': True, u'isfifo': False, u'mode': u'0600', u'pw_name': u'root', u'gid': 0, u'ischr': False, u'wusr': True}) => {"changed": false, "file": "/home/securelog", "item": {"atime": 1548943948.2019362, "ctime": 1530418922.064081, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33866032, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0600", "mtime": 1530416260.2022357, "nlink": 1, "path": "/var/log/secure-20180701", "pw_name": "root", "rgrp": false, "roth": false, "rusr": true, "size": 44050, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}, "msg": "dest is an existing directory, use a trailing slash if you want to fetch src into that directory"}