运行临时命令

最新推荐文章于 2023-03-08 11:47:35 发布

It's a cinch!

最新推荐文章于 2023-03-08 11:47:35 发布

阅读量689

点赞数

文章标签：运维

本文链接：https://blog.csdn.net/m0_60154718/article/details/124639015

版权

首先以student用户身份并使用student作为密码登录workstation.

在workstation 上，运行lab deploy-adhoc start 命令。此脚本将确保受管主机 servera 可在网络上访问。

[student@workstation ~]$ lab deploy-adhoc start

Setting up workstation for lab exercise work:

         · ansible package is installed on workstation................. SUCCESS
         · Create exercise directory................................... SUCCESS
         · Download Ansible configuration.............................. SUCCESS
         · Download Ansible inventory.................................. SUCCESS

确定workstation和servera上 devoops 账户的sudo 配置
        [student@workstation ~]$ sudo cat /etc/sudoers.d/devops
        [sudo] password for student:
        devops ALL=(ALL) NOPASSWD: ALL

确定devop 账户的sudo 配置，该账户已在servera 构建时配置
        [student@workstation ~]$ ssh devops@servera.lab.example.com
        Warning: Permanently added 'servera.lab.example.com,172.25.250.10' (ECDSA) to the list of known hosts.
        Activate the web console with: systemctl enable --now cockpit.socket
        [devops@servera ~]$ sudo cat /etc/sudoers.d/devops
        devops ALL=(ALL) NOPASSWD: ALL
        [devops@servera ~]$ exit
        logout
        Connection to servera.lab.example.com closed.

检查ansible.cfg 和 inventory 文件内容
        [student@workstation ~]$ cd ~/deploy-adhoc
        [student@workstation deploy-adhoc]$ cat ansible.cfg
        [defaults]
        inventory=inventory
        [student@workstation deploy-adhoc]$ cat inventory
        [control_node]
        localhost

[intranetweb]
servera.lab.example.com

使用all 主机组和 ping 模块，执行临时命令，确保所有受管主机都可以运行使用python 的 ansible模块
        [student@workstation deploy-adhoc]$ ansible all -m ping
        servera.lab.example.com | SUCCESS => {
          "ansible_facts": {
          "discovered_interpreter_python": "/usr/libexec/platform-python"
          },
          "changed": false,
          "ping": "pong"
        }
        localhost | SUCCESS => {
          "ansible_facts": {
          "discovered_interpreter_python": "/usr/libexec/platform-python"
          },
          "changed": false,
          "ping": "pong"
        }

使用command模块，对workstation 执行临时命令，以确定ansible 用来对受管主机执行操作的用户账户。
        [student@workstation deploy-adhoc]$ ansible localhost -m command -a 'id'
        localhost | CHANGED | rc=0 >>
        uid=1000(student) gid=1000(student) groups=1000(student),10(wheel)         context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

对workstation 执行上一临时命令，但通过使用-u 选项以devops 用户账户进行连接并执行操作

使用copy模块，对workstation 执行临时命令以更改/etc/motd 我呢见的内容，使含字符串"Managed by Ansible" 并且后跟一个换行符。
        [student@workstation deploy-adhoc]$ ansible localhost -m copy -a 'content="Managed by Ansible\n" dest=/etc/motd' -u devops
        localhost | FAILED! => {
          "ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
          },
          "changed": false,
          "checksum": "4458b979ede3c332f8f2128385df4ba305e58c27",
          "msg": "Destination /etc not writable"
临时命令失败的原因时，devops 用户没有写入文件的权限

使用特权升级再次运行该命令。可以在ansible.cfg 文件中修改设置，但在本例中，仅使用 ansible 命令的相应命令选项
        [student@workstation deploy-adhoc]$ ansible localhost -m copy -a 'content="Managed by Ansible\n" dest=/etc/motd' -u devops --become
        localhost | CHANGED => {
          "ansible_facts": {
          "discovered_interpreter_python": "/usr/libexec/platform-python"
          },
          "changed": true,
          "checksum": "4458b979ede3c332f8f2128385df4ba305e58c27",
          "dest": "/etc/motd",
          "gid": 0,
          "group": "root",
          "md5sum": "65a4290ee5559756ad04e558b0e0c4e3",
          "mode": "0644",
          "owner": "root",
          "secontext": "system_u:object_r:etc_t:s0",
          "size": 19,
          "src": "/home/devops/.ansible/tmp/ansible-tmp1651863678.9055636-        55631211342273/source",
          "state": "file",
          "uid": 0
        }

使用all 主机组在所有主机上再次运行之前的临时命令。这会确保workstation 和 servera 上的 /etc/motd 都包含文本 "Managed by Ansible"
[student@workstation deploy-adhoc]$ ansible all -m copy -a 'content="Managed by Ansible\n" dest=/etc/motd' -u devops --become
……

使用command 模块，执行临时命令来运行 cat /etc/motd ，已验证 workstation 和 servera 上的文件的内容都已成功修改
        [student@workstation deploy-adhoc]$ ansible all -m command -a 'cat /etc/motd' -u devops
        servera.lab.example.com | CHANGED | rc=0 >>
        Managed by Ansible

localhost | CHANGED | rc=0 >>
Managed by Ansible

完成：
清理本练习
[student@workstation deploy-adhoc]$ lab deploy-adhoc finish

Cleaning up the lab on workstation:

· Restore /etc/motd........................................... SUCCESS

It's a cinch!

关注

0
点赞
踩
1

收藏

觉得还不错? 一键收藏
0
评论
运行临时命令

首先以student用户身份并使用student作为密码登录workstation.在workstation 上，运行lab deploy-adhoc start 命令。此脚本将确保受管主机 servera 可在网络上访问。[student@workstation ~]$ lab deploy-adhoc startSetting up workstation for lab exercise work:· ansible package i...
复制链接

扫一扫