ansible的常用模块_ansible nexus zypper-CSDN博客

1.ansible常用模块详解

ansible常用模块有：

ping
command
shell
raw
yum
copy
template
user
group
service
script

2.ansible常用模块ping

是最基础的模块，主要用来查看受管主机是否在线，如果在线则会回复 “pong”

[root@server ~]# ansible all -m ping
192.168.10.201 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
[root@server ~]#

3.ansible常用模块command

可以帮助我们在远程主机上执行命令，ansible默认使用的就是command模块

command模块不能使用管道符和重定向

##查看受控主机的/root目录内容
[root@server ~]# ansible all -a 'ls /root'
192.168.10.201 | CHANGED | rc=0 >>
123
anaconda-ks.cfg
[root@server ~]#

##在受控主机的/root目录下新建一个文件test
[root@server ~]# ansible all -a 'touch /root/test'
[WARNING]: Consider using the file module with state=touch rather than running 'touch'.
If you need to use command because file is insufficient you can add 'warn: false' to this
command task or set 'command_warnings=False' in ansible.cfg to get rid of this message.
192.168.10.201 | CHANGED | rc=0 >>

[root@server ~]# ansible all -a 'ls /root'
192.168.10.201 | CHANGED | rc=0 >>
123
anaconda-ks.cfg
test
[root@server ~]#

##command模块不支持管道符和重定向
[root@server ~]# ansible all -a 'echo 123 > /root/test'
192.168.10.201 | CHANGED | rc=0 >>
123 > /root/test
[root@server ~]# ansible all -a 'cat /root/test'
192.168.10.201 | CHANGED | rc=0 >>

[root@server ~]# ansible all -a 'df -h | grep /dev '
192.168.10.201 | FAILED | rc=1 >>
Filesystem      Size  Used Avail Use% Mounted on
devtmpfs        876M     0  876M   0% /devdf: '|': No such file or directory
df: grep: No such file or directorynon-zero return code
[root@server ~]#

4.ansible常用模块shell

shell模块用于在受控机上执行受控机上的脚本，也可直接在受控机上执行命令

shell模块亦支持管道与重定向

##查看受控机上的脚本
[root@server ~]# ansible all -m shell -a 'ls /scripts/'
192.168.10.201 | CHANGED | rc=0 >>
test.sh
[root@server ~]# ansible all -m shell -a 'bash /scripts/test.sh'
192.168.10.201 | CHANGED | rc=0 >>
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50
[root@server ~]#

5.ansible常用模块raw

raw模块用于在远程主机上执行命令，也支持管道符与重定向

不需要受管主机上安装Python，通常用于无法安装Python的系统（例如网络设备等）

[root@server ~]# ansible all -m raw -a 'echo 123abc > /root/test && cat /root/test'
192.168.10.201 | CHANGED | rc=0 >>
123abc
Shared connection to 192.168.10.201 closed.

[root@server ~]#

6.ansible常用模块yum

可以帮助我们在远程主机上通过 yum 源管理软件包

主要参数：

name：要管理的包名
state：要进行的操作

state常用的值：

latest：安装软件
installed：安装软件
present：安装软件
removed：卸载软件
absent：卸载软件

##先查看受控主机上是否已经安装httpd服务
[root@server ~]# ansible all -m shell -a 'rpm -aq httpd'
[WARNING]: Consider using the yum, dnf or zypper module rather than running 'rpm'.  If you
need to use command because yum, dnf or zypper is insufficient you can add 'warn: false'
to this command task or set 'command_warnings=False' in ansible.cfg to get rid of this
message.
192.168.10.201 | CHANGED | rc=0 >>

[root@server ~]#
##使用yum模块给受控主机安装httpd服务
[root@server ~]# ansible all -m yum -a 'name=httpd state=present'
192.168.10.201 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [
        "Installed: mod_http2-1.15.7-2.module_el8.3.0+477+498bb568.x86_64",
        "Installed: apr-util-openssl-1.6.1-6.el8.x86_64",
        "Installed: httpd-2.4.37-30.module_el8.3.0+462+ba287492.0.1.x86_64",
        "Installed: httpd-filesystem-2.4.37-30.module_el8.3.0+462+ba287492.0.1.noarch",
        "Installed: apr-1.6.3-11.el8.x86_64",
        "Installed: httpd-tools-2.4.37-30.module_el8.3.0+462+ba287492.0.1.x86_64",
        "Installed: centos-logos-httpd-80.5-2.el8.noarch",
        "Installed: mailcap-2.1.48-3.el8.noarch",
        "Installed: apr-util-1.6.1-6.el8.x86_64",
        "Installed: apr-util-bdb-1.6.1-6.el8.x86_64"
    ]
}
[root@server ~]#
##再次查看
[root@server ~]# ansible all -m shell -a 'rpm -aq httpd'
[WARNING]: Consider using the yum, dnf or zypper module rather than running 'rpm'.  If you
need to use command because yum, dnf or zypper is insufficient you can add 'warn: false'
to this command task or set 'command_warnings=False' in ansible.cfg to get rid of this
message.
192.168.10.201 | CHANGED | rc=0 >>
httpd-2.4.37-30.module_el8.3.0+462+ba287492.0.1.x86_64
[root@server ~]#

7.ansible常用模块copy

copy模块用于复制文件至远程受控机

[root@server ~]# ls
anaconda-ks.cfg  initial-setup-ks.cfg  test.txt
[root@server ~]#
##把test.txt文件复制过去
[root@server ~]# ansible all -m copy -a 'src=/root/test.txt dest=/root/test.txt'
192.168.10.201 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709",
    "dest": "/root/test.txt",
    "gid": 0,
    "group": "root",
    "md5sum": "d41d8cd98f00b204e9800998ecf8427e",
    "mode": "0644",
    "owner": "root",
    "secontext": "system_u:object_r:admin_home_t:s0",
    "size": 0,
    "src": "/root/.ansible/tmp/ansible-tmp-1626507548.5436203-3095-62073613696130/source",
    "state": "file",
    "uid": 0
}
[root@server ~]#
##查看是否成功
[root@server ~]# ansible all -m shell -a 'ls /root/'
192.168.10.201 | CHANGED | rc=0 >>
123
anaconda-ks.cfg
test
test.txt
[root@server ~]#

8.ansible常用模块template

template模块用于生成一个模板，并可将其传输至远程主机上。

[root@server ~]# ls
1.txt  anaconda-ks.cfg  initial-setup-ks.cfg
[root@server ~]#
##把1.txt文件传输过去
[root@server ~]# ansible all -m template -a 'src=/root/1.txt dest=/root/1.txt'
192.168.10.201 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709",
    "dest": "/root/1.txt",
    "gid": 0,
    "group": "root",
    "md5sum": "d41d8cd98f00b204e9800998ecf8427e",
    "mode": "0644",
    "owner": "root",
    "secontext": "system_u:object_r:admin_home_t:s0",
    "size": 0,
    "src": "/root/.ansible/tmp/ansible-tmp-1626507856.2550368-3190-49840552285572/source",
    "state": "file",
    "uid": 0
}
[root@server ~]# ansible all -m shell -a 'ls /root/'
192.168.10.201 | CHANGED | rc=0 >>
1.txt
anaconda-ks.cfg
[root@server ~]#

9.ansible常用模块user

user模块用于管理受控机的用户帐号

##在受控机上添加一个系统用户，用户名为apache，uid为306，设置其shell为/sbin/nologin，无家目录
[root@server ~]# ansible 192.168.10.201 -m user -a "name=apache uid=306 system=yes shell=/sbin/nologin create_home=no"
192.168.10.201 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "comment": "",
    "create_home": false,
    "group": 1002,
    "home": "/home/apache",
    "name": "apache",
    "shell": "/sbin/nologin",
    "state": "present",
    "system": true,
    "uid": 306
}
[root@server ~]#
##然后在受管主机查看是否创建成功
[root@client ~]# grep apache  /etc/passwd
apache:x:306:1002::/home/apache:/sbin/nologin
[root@client ~]# ls /home/
abc
[root@client ~]#
##修改apache用户的uid为399
[root@server ~]# ansible 192.168.10.201 -m user -a "name=apache uid=399"
192.168.10.201 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "append": false,
    "changed": true,
    "comment": "",
    "group": 1002,
    "home": "/home/apache",
    "move_home": false,
    "name": "apache",
    "shell": "/sbin/nologin",
    "state": "present",
    "uid": 399
}
[root@server ~]#
##然后在受管主机查看是否修改成功
[root@client ~]# id apache 
uid=399(apache) gid=1002(apache) groups=1002(apache)
[root@client ~]#
##删除受管主机上的apache用户
[root@server ~]# ansible 192.168.10.201 -m user -a "name=apache state=absent"
192.168.10.201 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "force": false,
    "name": "apache",
    "remove": false,
    "state": "absent"
}
[root@server ~]#
##然后在受管主机查看是否删除成功
[root@client ~]# id apache 
id: ‘apache’: no such user
[root@client ~]#

10. ansible常用模块之group

group模块用于在受控机上添加或删除组

##在受控机上添加一个系统组，其gid为306，组名为mysql
[root@server ~]# ansible all -m group -a 'name=mysql gid=306 system=yes'
192.168.10.201 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "gid": 306,
    "name": "mysql",
    "state": "present",
    "system": true
}
[root@server ~]# ansible all -m shell -a 'grep mysql /etc/group'
192.168.10.201 | CHANGED | rc=0 >>
mysql:x:306:
[root@server ~]#
##删除受控机上的mysql组
[root@server ~]# ansible all -m group -a 'name=mysql state=absent'
192.168.10.201 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "name": "mysql",
    "state": "absent"
}
[root@server ~]#

11. ansible常用模块之service

service模块用于管理受控机上的服务

##查看受控机上的vsftpd服务是否启动
[root@server ~]# ansible all -m shell -a 'systemctl is-active vsftpd'
192.168.10.201 | FAILED | rc=3 >>
inactivenon-zero return code
[root@server ~]#

##启动受控机上的vsftpd服务
[root@server ~]# ansible all -m service -a 'name=vsftpd state=started'
192.168.10.201 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "name": "vsftpd",
    "state": "started",
    "status": {
。。。。。。略

//查看受控机上的vsftpd服务是否启动
[root@server ~]# ansible all -m shell -a 'systemctl is-active vsftpd'
192.168.10.201 | CHANGED | rc=0 >>
active
[root@server ~]#


//查看受控机上的vsftpd服务是否开机自动启动
[root@server ~]# ansible all -m shell -a 'systemctl is-enabled vsftpd'
192.168.10.201 | FAILED | rc=1 >>
disablednon-zero return code
[root@server ~]#

//设置受控机上的vsftpd服务开机自动启动
[root@server ~]# ansible all -m service -a 'name=vsftpd enabled=yes'
192.168.10.201 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "enabled": true,
    "name": "vsftpd",
    "status": {
    。。。。。。。略

//查看受控机上的vsftpd服务是否开机自动启动
[root@server ~]# ansible all -m shell -a 'systemctl is-enabled vsftpd'
192.168.10.201 | CHANGED | rc=0 >>
enabled
[root@server ~]#

//停止受控机上的vsftpd服务
[root@server ~]# ansible all -m service -a 'name=vsftpd state=stopped'
192.168.10.201 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "name": "vsftpd",
    "state": "stopped",
    "status": {
    。。。。。。略
    
[root@server ~]# ansible all -m shell -a 'systemctl is-active vsftpd'
192.168.10.201 | FAILED | rc=3 >>
inactivenon-zero return code
[root@server ~]# 

[root@server ~]# ansible all -m shell -a 'ss -antl'
192.168.10.201 | CHANGED | rc=0 >>
State  Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
LISTEN 0      128          0.0.0.0:22        0.0.0.0:*          
LISTEN 0      128             [::]:22           [::]:*          
[root@server ~]#

12.ansible常用模块之script

script模块用于在受控机上执行主控机上的脚本

[root@server ~]# ls
anaconda-ks.cfg  a.sh  initial-setup-ks.cfg
[root@server ~]# ansible all -m script -a '/root/a.sh > /root/123.txt'
192.168.10.201 | CHANGED => {
    "changed": true,
    "rc": 0,
    "stderr": "Shared connection to 192.168.10.201 closed.\r\n",
    "stderr_lines": [
        "Shared connection to 192.168.10.201 closed."
    ],
    "stdout": "",
    "stdout_lines": []
}
[root@server ~]# ansible all -m shell -a 'cat /root/123.txt'
192.168.10.201 | CHANGED | rc=0 >>
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100
[root@server ~]#

这就是ansible的常用模块