1.ansible常用模块详解
ansible常用模块有:
- ping
- command
- shell
- raw
- yum
- copy
- template
- user
- group
- service
- script
2.ansible常用模块ping
是最基础的模块,主要用来查看受管主机是否在线,如果在线则会回复 “pong”
[root@server ~]# ansible all -m ping
192.168.10.201 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
[root@server ~]#
3.ansible常用模块command
可以帮助我们在远程主机上执行命令,ansible默认使用的就是command模块
command模块不能使用管道符和重定向
##查看受控主机的/root目录内容
[root@server ~]# ansible all -a 'ls /root'
192.168.10.201 | CHANGED | rc=0 >>
123
anaconda-ks.cfg
[root@server ~]#
##在受控主机的/root目录下新建一个文件test
[root@server ~]# ansible all -a 'touch /root/test'
[WARNING]: Consider using the file module with state=touch rather than running 'touch'.
If you need to use command because file is insufficient you can add 'warn: false' to this
command task or set 'command_warnings=False' in ansible.cfg to get rid of this message.
192.168.10.201 | CHANGED | rc=0 >>
[root@server ~]# ansible all -a 'ls /root'
192.168.10.201 | CHANGED | rc=0 >>
123
anaconda-ks.cfg
test
[root@server ~]#
##command模块不支持管道符和重定向
[root@server ~]# ansible all -a 'echo 123 > /root/test'
192.168.10.201 | CHANGED | rc=0 >>
123 > /root/test
[root@server ~]# ansible all -a 'cat /root/test'
192.168.10.201 | CHANGED | rc=0 >>
[root@server ~]# ansible all -a 'df -h | grep /dev '
192.168.10.201 | FAILED | rc=1 >>
Filesystem Size Used Avail Use% Mounted on
devtmpfs 876M 0 876M 0% /devdf: '|': No such file or directory
df: grep: No such file or directorynon-zero return code
[root@server ~]#
4.ansible常用模块shell
shell模块用于在受控机上执行受控机上的脚本,也可直接在受控机上执行命令
shell模块亦支持管道与重定向
##查看受控机上的脚本
[root@server ~]# ansible all -m shell -a 'ls /scripts/'
192.168.10.201 | CHANGED | rc=0 >>
test.sh
[root@server ~]# ansible all -m shell -a 'bash /scripts/test.sh'
192.168.10.201 | CHANGED | rc=0 >>
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50
[root@server ~]#
5.ansible常用模块raw
raw模块用于在远程主机上执行命令,也支持管道符与重定向
不需要受管主机上安装Python,通常用于无法安装Python的系统(例如网络设备等)
[root@server ~]# ansible all -m raw -a 'echo 123abc > /root/test && cat /root/test'
192.168.10.201 | CHANGED | rc=0 >>
123abc
Shared connection to 192.168.10.201 closed.
[root@server ~]#
6.ansible常用模块yum
可以帮助我们在远程主机上通过 yum 源管理软件包
主要参数:
name:要管理的包名
state:要进行的操作
state常用的值:
latest:安装软件
installed:安装软件
present:安装软件
removed:卸载软件
absent:卸载软件
##先查看受控主机上是否已经安装httpd服务
[root@server ~]# ansible all -m shell -a 'rpm -aq httpd'
[WARNING]: Consider using the yum, dnf or zypper module rather than running 'rpm'. If you
need to use command because yum, dnf or zypper is insufficient you can add 'warn: false'
to this command task or set 'command_warnings=False' in ansible.cfg to get rid of this
message.
192.168.10.201 | CHANGED | rc=0 >>
[root@server ~]#
##使用yum模块给受控主机安装httpd服务
[root@server ~]# ansible all -m yum -a 'name=httpd state=present'
192.168.10.201 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Installed: mod_http2-1.15.7-2.module_el8.3.0+477+498bb568.x86_64",
"Installed: apr-util-openssl-1.6.1-6.el8.x86_64",
"Installed: httpd-2.4.37-30.module_el8.3.0+462+ba287492.0.1.x86_64",
"Installed: httpd-filesystem-2.4.37-30.module_el8.3.0+462+ba287492.0.1.noarch",
"Installed: apr-1.6.3-11.el8.x86_64",
"Installed: httpd-tools-2.4.37-30.module_el8.3.0+462+ba287492.0.1.x86_64",
"Installed: centos-logos-httpd-80.5-2.el8.noarch",
"Installed: mailcap-2.1.48-3.el8.noarch",
"Installed: apr-util-1.6.1-6.el8.x86_64",
"Installed: apr-util-bdb-1.6.1-6.el8.x86_64"
]
}
[root@server ~]#
##再次查看
[root@server ~]# ansible all -m shell -a 'rpm -aq httpd'
[WARNING]: Consider using the yum, dnf or zypper module rather than running 'rpm'. If you
need to use command because yum, dnf or zypper is insufficient you can add 'warn: false'
to this command task or set 'command_warnings=False' in ansible.cfg to get rid of this
message.
192.168.10.201 | CHANGED | rc=0 >>
httpd-2.4.37-30.module_el8.3.0+462+ba287492.0.1.x86_64
[root@server ~]#
7.ansible常用模块copy
copy模块用于复制文件至远程受控机
[root@server ~]# ls
anaconda-ks.cfg initial-setup-ks.cfg test.txt
[root@server ~]#
##把test.txt文件复制过去
[root@server ~]# ansible all -m copy -a 'src=/root/test.txt dest=/root/test.txt'
192.168.10.201 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709",
"dest": "/root/test.txt",
"gid": 0,
"group": "root",
"md5sum": "d41d8cd98f00b204e9800998ecf8427e",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 0,
"src": "/root/.ansible/tmp/ansible-tmp-1626507548.5436203-3095-62073613696130/source",
"state": "file",
"uid": 0
}
[root@server ~]#
##查看是否成功
[root@server ~]# ansible all -m shell -a 'ls /root/'
192.168.10.201 | CHANGED | rc=0 >>
123
anaconda-ks.cfg
test
test.txt
[root@server ~]#
8.ansible常用模块template
template模块用于生成一个模板,并可将其传输至远程主机上。
[root@server ~]# ls
1.txt anaconda-ks.cfg initial-setup-ks.cfg
[root@server ~]#
##把1.txt文件传输过去
[root@server ~]# ansible all -m template -a 'src=/root/1.txt dest=/root/1.txt'
192.168.10.201 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709",
"dest": "/root/1.txt",
"gid": 0,
"group": "root",
"md5sum": "d41d8cd98f00b204e9800998ecf8427e",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 0,
"src": "/root/.ansible/tmp/ansible-tmp-1626507856.2550368-3190-49840552285572/source",
"state": "file",
"uid": 0
}
[root@server ~]# ansible all -m shell -a 'ls /root/'
192.168.10.201 | CHANGED | rc=0 >>
1.txt
anaconda-ks.cfg
[root@server ~]#
9.ansible常用模块user
user模块用于管理受控机的用户帐号
##在受控机上添加一个系统用户,用户名为apache,uid为306,设置其shell为/sbin/nologin,无家目录
[root@server ~]# ansible 192.168.10.201 -m user -a "name=apache uid=306 system=yes shell=/sbin/nologin create_home=no"
192.168.10.201 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"comment": "",
"create_home": false,
"group": 1002,
"home": "/home/apache",
"name": "apache",
"shell": "/sbin/nologin",
"state": "present",
"system": true,
"uid": 306
}
[root@server ~]#
##然后在受管主机查看是否创建成功
[root@client ~]# grep apache /etc/passwd
apache:x:306:1002::/home/apache:/sbin/nologin
[root@client ~]# ls /home/
abc
[root@client ~]#
##修改apache用户的uid为399
[root@server ~]# ansible 192.168.10.201 -m user -a "name=apache uid=399"
192.168.10.201 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"append": false,
"changed": true,
"comment": "",
"group": 1002,
"home": "/home/apache",
"move_home": false,
"name": "apache",
"shell": "/sbin/nologin",
"state": "present",
"uid": 399
}
[root@server ~]#
##然后在受管主机查看是否修改成功
[root@client ~]# id apache
uid=399(apache) gid=1002(apache) groups=1002(apache)
[root@client ~]#
##删除受管主机上的apache用户
[root@server ~]# ansible 192.168.10.201 -m user -a "name=apache state=absent"
192.168.10.201 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"force": false,
"name": "apache",
"remove": false,
"state": "absent"
}
[root@server ~]#
##然后在受管主机查看是否删除成功
[root@client ~]# id apache
id: ‘apache’: no such user
[root@client ~]#
10. ansible常用模块之group
group模块用于在受控机上添加或删除组
##在受控机上添加一个系统组,其gid为306,组名为mysql
[root@server ~]# ansible all -m group -a 'name=mysql gid=306 system=yes'
192.168.10.201 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"gid": 306,
"name": "mysql",
"state": "present",
"system": true
}
[root@server ~]# ansible all -m shell -a 'grep mysql /etc/group'
192.168.10.201 | CHANGED | rc=0 >>
mysql:x:306:
[root@server ~]#
##删除受控机上的mysql组
[root@server ~]# ansible all -m group -a 'name=mysql state=absent'
192.168.10.201 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "mysql",
"state": "absent"
}
[root@server ~]#
11. ansible常用模块之service
service模块用于管理受控机上的服务
##查看受控机上的vsftpd服务是否启动
[root@server ~]# ansible all -m shell -a 'systemctl is-active vsftpd'
192.168.10.201 | FAILED | rc=3 >>
inactivenon-zero return code
[root@server ~]#
##启动受控机上的vsftpd服务
[root@server ~]# ansible all -m service -a 'name=vsftpd state=started'
192.168.10.201 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "vsftpd",
"state": "started",
"status": {
。。。。。。略
//查看受控机上的vsftpd服务是否启动
[root@server ~]# ansible all -m shell -a 'systemctl is-active vsftpd'
192.168.10.201 | CHANGED | rc=0 >>
active
[root@server ~]#
//查看受控机上的vsftpd服务是否开机自动启动
[root@server ~]# ansible all -m shell -a 'systemctl is-enabled vsftpd'
192.168.10.201 | FAILED | rc=1 >>
disablednon-zero return code
[root@server ~]#
//设置受控机上的vsftpd服务开机自动启动
[root@server ~]# ansible all -m service -a 'name=vsftpd enabled=yes'
192.168.10.201 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"enabled": true,
"name": "vsftpd",
"status": {
。。。。。。。略
//查看受控机上的vsftpd服务是否开机自动启动
[root@server ~]# ansible all -m shell -a 'systemctl is-enabled vsftpd'
192.168.10.201 | CHANGED | rc=0 >>
enabled
[root@server ~]#
//停止受控机上的vsftpd服务
[root@server ~]# ansible all -m service -a 'name=vsftpd state=stopped'
192.168.10.201 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "vsftpd",
"state": "stopped",
"status": {
。。。。。。略
[root@server ~]# ansible all -m shell -a 'systemctl is-active vsftpd'
192.168.10.201 | FAILED | rc=3 >>
inactivenon-zero return code
[root@server ~]#
[root@server ~]# ansible all -m shell -a 'ss -antl'
192.168.10.201 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
[root@server ~]#
12.ansible常用模块之script
script模块用于在受控机上执行主控机上的脚本
[root@server ~]# ls
anaconda-ks.cfg a.sh initial-setup-ks.cfg
[root@server ~]# ansible all -m script -a '/root/a.sh > /root/123.txt'
192.168.10.201 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.10.201 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.10.201 closed."
],
"stdout": "",
"stdout_lines": []
}
[root@server ~]# ansible all -m shell -a 'cat /root/123.txt'
192.168.10.201 | CHANGED | rc=0 >>
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100
[root@server ~]#
这就是ansible的常用模块