一、ansible常用模块
ansible命令行调用模块的语法如下:
ansible 操作目标 -m 模块名 -a 模块参数
1. setup模块
2. copy模块
3. synchronize模块
4. file模块
5. ping模块
6. group模块
7. user模块
8. shell模块
9. script模块
10. get_url模块
11. yum模块
12. cron模块
13. service模块
二、常用模块实例
1. setup 模块
该模块可用于获取ansible客户端机器的详细信息
[root@localhost ~]# ansible dbservers -m setup
192.168.157.157 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.157.157"
],
"ansible_all_ipv6_addresses": [
"fe80::20c:29ff:fed6:1033"
],
"ansible_apparmor": {
"status": "disabled"
},
"ansible_architecture": "x86_64",
"ansible_bios_date": "07/02/2015",
"ansible_bios_version": "6.00",
"ansible_cmdline": {
"BOOT_IMAGE": "/vmlinuz-3.10.0-229.el7.x86_64",
"biosdevname": "0",
"crashkernel": "auto",
"net.ifnames": "0",
"quiet": true,
"rd.lvm.lv": "centos/swap",
"rhgb": true,
"ro": true,
"root": "/dev/mapper/centos-root"
},
"ansible_date_time": {
"date": "2018-04-21",
"day": "21",
"epoch": "1524241518",
"hour": "00",
"iso8601": "2018-04-20T16:25:18Z",
"iso8601_basic": "20180421T002518866112",
"iso8601_basic_short": "20180421T002518",
"iso8601_micro": "2018-04-20T16:25:18.866223Z",
"minute": "25",
"month": "04",
"second": "18",
"time": "00:25:18",
"tz": "CST",
"tz_offset": "+0800",
"weekday": "Saturday",
"weekday_number": "6",
"weeknumber": "16",
"year": "2018"
},
"ansible_default_ipv4": {
"address": "192.168.157.157",
"alias": "eth0",
"broadcast": "192.168.157.255",
"gateway": "192.168.157.2",
"interface": "eth0",
"macaddress": "00:0c:29:d6:10:33",
"mtu": 1500,
"netmask": "255.255.255.0",
"network": "192.168.157.0",
"type": "ether"
},
2. copy模块
该模块可实现ansible主机向客户端传送文件的功能。note:使用时需要提前关闭所有机器的SELinux,不过在CentOS7上我没有关闭,没有发生错误
1)CentOS7 查看seLinux状态
[root@localhost ~]# getenforce
Enforcing
[root@localhost ~]# /usr/sbin/sestatus -v
SELinux status: enabled
2)暂时关闭seLinux
##设置SELinux 成为permissive模式
##setenforce 1 设置SELinux 成为enforcing模式
setenforce 0
3)永久关闭seLinux
root@localhost ~]# vim /etc/selinux/config
SELINUX=enforcing
将SELINUX=enforcing改为SELINUX=disabled
设置后需要重启才能生效
[root@localhost ~]# ansible dbservers -m copy -a "src=/root/test.txt dest=/root/test.txt owner=root group=root mo
de=0755 force=yes"192.168.157.157 | SUCCESS => {
"changed": true,
"checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709",
"dest": "/root/test.txt",
"gid": 0,
"group": "root",
"md5sum": "d41d8cd98f00b204e9800998ecf8427e",
"mode": "0755",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 0,
"src": "/root/.ansible/tmp/ansible-tmp-1524243467.29-38705497859454/source",
"state": "file",
"uid": 0
}
192.168.157.158 | SUCCESS => {
"changed": true,
"checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709",
"dest": "/root/test.txt",
"gid": 0,
"group": "root",
"md5sum": "d41d8cd98f00b204e9800998ecf8427e",
"mode": "0755",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 0,
"src": "/root/.ansible/tmp/ansible-tmp-1524243467.3-167358067739486/source",
"state": "file",
"uid": 0
}
3.synchronize模块
synchronize模块用于将Ansible机器的指定目录推送到客户机器的指定目录下
note:因为synchronize模块会调用rsync命令,因此需要安装rsync命令
[root@localhost ~]# ansible dbservers -m synchronize -a "src=/root/test1 dest=/root/ delete=yes compress=y
es"192.168.157.157 | SUCCESS => {
"changed": true,
"cmd": "/usr/bin/rsync --delay-updates -F --compress --delete-after --archive --rsh=/usr/bin/ssh -S no
ne -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null --out-format=<<CHANGED>>%i %n%L /root/test1 192.168.157.157:/root/", "msg": "<f+++++++++ test1\n",
"rc": 0,
"stdout_lines": [
"<f+++++++++ test1"
]
}
192.168.157.158 | SUCCESS => {
"changed": true,
"cmd": "/usr/bin/rsync --delay-updates -F --compress --delete-after --archive --rsh=/usr/bin/ssh -S no
ne -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null --out-format=<<CHANGED>>%i %n%L /root/test1 192.168.157.158:/root/", "msg": "<f+++++++++ test1\n",
"rc": 0,
"stdout_lines": [
"<f+++++++++ test1"
]
}
4、file模块
- group:定义文件或目录的属组
- mode:定义文件或目录的权限
- owner:定义文件或目录的属主
- path:定义文件或目录的路径
- recurse:递归设置文件的属性,只对目录有效
- src:被链接的源文件路径,只应用于state=link的情况
- dest:被链接到的路径,只应用于state=link的路径
- force:强制创建软连接
- state:后面链接文件的各种状态,如link、hard、file、absent
- link:创建软链接
- hard:创建硬链家
- diretory:如果目录不存在,则创建目录
- file:即使文件不存在,也不会被创建
- absent:删除目录、文件或链接文件
- touch:如果文件不存在,则创建一个新的文件;若文件或目录已存在,则更新最后的修改时间
1)将主机192.168.157.157的/root/test.txt软链接到/tmp/test.txt
[root@localhost ~]# ansible 192.168.157.157 -m file -a "src=/root/test.txt dest=/tmp/test.txt state=link"
192.168.157.157 | SUCCESS => {
"changed": true,
"dest": "/tmp/test.txt",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 14,
"src": "/root/test.txt",
"state": "link",
"uid": 0
}
查看软链接是否成功
[root@localhost ~]# ansible 192.168.157.157 -m command -a 'ls /tmp/test.txt'
192.168.157.157 | SUCCESS | rc=0 >>
/tmp/test.txt
删除/root/test.txt源文件
[root@localhost ~]# ansible 192.168.157.157 -m file -a "path=/root/test.txt state=absent"
192.168.157.157 | SUCCESS => {
"changed": true,
"path": "/root/test.txt",
"state": "absent"
}
查看该文件是否还存在
[root@localhost ~]# ansible 192.168.157.157 -m command -a 'ls /root/'
192.168.157.157 | SUCCESS | rc=0 >>
anaconda-ks.cfg
CentOS7-Base-163.repo
shell
software
2)在dbservers组建立test目录,属主和属组均为root,权限为0755
[root@localhost ~]# ansible dbservers -m file -a 'path=/tmp/test state=directory owner=root group=root mod
e=0755' 192.168.157.158 | SUCCESS => {
"changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/tmp/test",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
192.168.157.157 | SUCCESS => {
"changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/tmp/test",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
5、ping模块
该模块用于检测与被控端机器的连通性:
[root@localhost ~]# ansible dbservers -m ping
192.168.157.157 | SUCCESS => {
"changed": false,
"ping": "pong"
}
192.168.157.158 | SUCCESS => {
"changed": false,
"ping": "pong"
}
6、group模块
该模块可以在所有节点上创建自己定义的组。
创建一个gid为2000,名为2000的组:
[root@localhost ~]# ansible dbservers -m group -a 'gid=2000 name=test'
192.168.157.157 | SUCCESS => {
"changed": true,
"gid": 2000,
"name": "test",
"state": "present",
"system": false
}
192.168.157.158 | SUCCESS => {
"changed": true,
"gid": 2000,
"name": "test",
"state": "present",
"system": false
}
7、shell模块
该模块是执行被控端机器的shell脚本文件,并且支持管道符
[root@localhost ~]# ansible dbservers -m shell -a 'cat /etc/group| grep test'
192.168.157.157 | SUCCESS | rc=0 >>
test:x:2000:
192.168.157.158 | SUCCESS | rc=0 >>
test:x:2000:
8、user模块
该模块用于创建用户。在指定的节点上创建一个名为test,组为test的用户,然后删除他:
[root@localhost ~]# ansible dbservers -m user -a 'name=test group=test'
192.168.157.157 | SUCCESS => {
"changed": true,
"comment": "",
"create_home": true,
"group": 2000,
"home": "/home/test",
"name": "test",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1005
}
192.168.157.158 | SUCCESS => {
"changed": true,
"comment": "",
"create_home": true,
"group": 2000,
"home": "/home/test",
"name": "test",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1005
}