以下是本人工作中经常使用到的关于ansible的一些命名,供大家参考,如有错误之处,敬请指出。
hosts配置:
[dockerhost]
name1 ansible_ssh_host=192.168.1.111 ansible_ssh_user="root" ansible_ssh_pass="margu" ansible_ssh_port=22
name2 ansible_ssh_host=192.168.1.222 ansible_ssh_user="root" ansible_ssh_pass="margu" ansible_ssh_port=22
**远程执行本地脚本,可以带参数**
ansible dockerhost -m script -a "/root/docker_backup.sh" -b --become-method su --become-user root
**ping检查**
ansible dockerhost -m ping
**当ssh不能直接使用root登录,ansible需要切换账户**
ansible dockerhost -m shell -a "crontab -l" -b --become-method su --become-user root #定时任务
ansible dockerhost -m shell -a "tail -3 /etc/resolv.conf" -b --become-method su --become-user root #查看配置
ansible dockerhost -m shell -a "chattr +i /etc/resolv.conf" -b --become-method su --become-user root #修改配置权限
ansible dockerhost -m copy -a "src=/root/web.env dest=/root/web.env owner=root mode=400 backup=no" -b --become-method su --become-user root #copy模块使用,拷贝本地文件到远程
ansible dockerhost -m shell -a "cp /etc/hosts /etc/hosts20200628" -b --become-method su --become-user root #远程备份文件
ansible dockerhost -m shell -a "md5sum /root/web.env" -b --become-method su --become-user root #检查文件MD5值
ansible dockerhost -m shell -a "docker ps" -b --become-method su --become-user root #远程查看容器
**ansible在使用awk时,要注意$符号需要转义。**
ansible 10.10.80.10,10.10.80.11 -m shell -a "docker stop \$(docker ps |grep -v CONTAINER|awk '{print \$1}') " -b --become-method su --become-user root
ansible dockerhost -m shell -a "echo -e "\n" | telnet 118.122.92.222 18880 2>/dev/null | grep -w "Connected" |wc -l" -b --become-method su --become-user root #远程telnet,主要要处理输出
ansible all -m raw -a "echo '#ooaT^TSmG#C9cmA' | passwd --stdin root" -b --become-method su --become-user root #批量修改root用户密码
ansible all -m shell -a "history -c " -b --become-method su --become-user root
ansible all -m shell -a "> /root/.bash_history " -b --become-method su --become-user root
ansible all -m shell -a "> /home/user951/.bash_history " -b --become-method su --become-user root
加密配置文件
ansible-vault encrypt /etc/ansible/hosts
cat /etc/ansible/hosts #再次查看发现加密乱码
解密配置文件:
ansible-vault decrypt /etc/ansible/hosts 即可