文章目录
1、ping模块
ping模块用于检查指定受管主机是否连通,不涉及参数,主机如在线,则回复pong:
[root@king ~]# ansible 192.168.120.130 -m ping
192.168.120.130 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
[root@king ~]#
2、command模块
command模块用于在远程主机上执行命令,ansible默认就是使用command模块。
command模块有一个缺陷就是不能使用管道符和重定向功能
[root@king ~]# ansible 192.168.120.130 -m command -a 'ls /root'
192.168.120.130 | CHANGED | rc=0 >> //rc为返回值,为0是正确执行
anaconda-ks.cfg
[root@king ~]# ansible 192.168.120.130 -m -a 'cat /root/123.txt'
192.168.120.130 | CHANGED | rc=0 >>
hello
[root@king ~]# ansible 192.168.120.130 -a 'ls /root'
192.168.120.130 | CHANGED | rc=0 >>
123.txt
anaconda-ks.cfg
//command不能使用管道符和重定向功能
[root@king ~]# ansible 192.168.120.130 -a 'ss -antl|grep 22'
192.168.120.130 | FAILED | rc=255 >>
ss: invalid option -- '|'
Usage: ss [ OPTIONS ]
[root@king ~]# ansible 192.168.120.130 -m command -a 'echo 'hello'>444.txt'
192.168.120.130 | CHANGED | rc=0 >>
hello>444.txt
[root@king ~]# ansible 192.168.120.130 -m command -a 'cat 444.txt'
192.168.120.130 | FAILED | rc=1 >>
cat: 444.txt: No such file or directorynon-zero return code
3、raw模块
raw模块用于在远程主机上执行命令,其支持管道符与重定向:
[root@king ~]# ansible 192.168.120.130 -m raw -a 'echo 'cat'>/root/999.txt'
192.168.120.130 | CHANGED | rc=0 >>
Shared connection to 192.168.120.130 closed.
[root@king ~]# ansible 192.168.120.130 -m raw -a 'cat /root/999.txt'
192.168.120.130 | CHANGED | rc=0 >>
cat
Shared connection to 192.168.120.130 closed.
[root@king ~]# ansible 192.168.120.130 -m raw -a 'ss -antl|grep 22'
192.168.120.130 | CHANGED | rc=0 >>
LISTEN 0 128 *:22 *:*
LISTEN 0 128 :::22 :::*
Shared connection to 192.168.120.130 closed.
4、shell模块
shell模块用于在受控机上执行受控机上的脚本,同时也可以直接在受控机上执行命令。shell模块也支持管道与重定向。
[root@king ~]# ansible 192.168.120.130 -m shell -a 'ps -ef|grep vim'
192.168.120.130 | CHANGED | rc=0 >>
root 7025 7024 0 11:20 pts/1 00:00:00 /bin/sh -c ps -ef|grep vim
root 7027 7025 0 11:20 pts/1 00:00:00 grep vim
[root@king ~]# ansible 192.168.120.130 -m shell -a 'echo 'ye~'>/root/ye.txt'
192.168.120.130 | CHANGED | rc=0 >>
[root@king ~]# ansible 192.168.120.130 -m shell -a 'cat /root/ye.txt'
192.168.120.130 | CHANGED | rc=0 >>
ye~
用其他参数方法:
[root@king ~]# ansible-doc shell //帮助文档
如:
//chdir改变这个目录创建一个文件
[root@king ~]# ansible 192.168.120.130 -m shell -a 'chdir=/tmp touch hello123.txt'
[WARNING]: Consider using the file module with state=touch rather than running 'touch'. If you need to use command because file is
insufficient you can add 'warn: false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid of this message.
192.168.120.130 | CHANGED | rc=0 >>
[root@king ~]# ansible 192.168.120.130 -m shell -a 'ls /tmp'
192.168.120.130 | CHANGED | rc=0 >>
ansible_command_payload_uFC8Dp
ansible_command_payload_yoo1Bj
ansible_command_payload_ZzW_Do
hello123.txt
5、script模块
script模块用于在受控主机上去执行控制主机上的脚本文件:
控制主机上:
[root@king ~]# vim hello.sh
#!/bin/bash
echo "How are you today"
[root@king ~]# ll
total 8
-rw-r--r-- 1 root root 37 Sep 16 17:07 hello.sh
[root@king ~]# chmod +x hello.sh //脚本文件必须所有人能执行
[root@king ~]# ll
total 8
-rwxr-xr-x 1 root root 37 Sep 16 17:07 hello.sh
[root@king ~]# ansible 192.168.120.130 -m script -a '/root/hello.sh'
192.168.120.130 | CHANGED => {
"changed": true, //执行成功
"rc": 0,
"stderr": "Shared connection to 192.168.120.130 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.120.130 closed."
],
"stdout": "How are you today\r\n",
"stdout_lines": [
"How are you today" 已显示
]
}
或创建脚本(以.sh结尾)文件添加内容:
[root@king ~]# vim hello.sh //先写脚本
#!/bin/bash
echo "How are you today">/tmp/abc
[root@king ~]# ansible 192.168.120.130 -m script -a '/root/hello.sh'
192.168.120.130 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.120.130 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.120.130 closed."
],
"stdout": "",
"stdout_lines": []
}
受控主机上:
验证↓
[root@CAT ~]# cd /tmp/
[root@CAT tmp]# ls
abc
[root@CAT tmp]# cat abc
How are you today
也可在控制主机上直接查看:
[root@king ~]# ansible 192.168.120.130 -m shell -a 'cat /tmp/abc'
192.168.120.130 | CHANGED | rc=0 >>
How are you today
6、template模块
template模块用于生成一个模板,并可以将模板传输至远程的受控主机上。
如果此时要传输yum仓库源,此时的位置不能是在/etc/yum.repos.d下,如两台机子版本不同会报错,只是用来传输,不作为控制主机使用:
[阿里云网络源]
控制主机上:
[root@king ~]# curl -o /root/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2523 100 2523 0 0 23801 0 --:--:-- --:--:-- --:--:-- 23801
[root@king ~]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /root/CentOS-Base.repo
[root@king ~]# ls
anaconda-ks.cfg CentOS-Base.repo hello.sh
[root@king ~]# vim CentOS-Base.repo
//把配置文件中$releasever都改为7,因为受控主机是7版本虚拟机
# CentOS-Base.repo
.....
:% s/$releasever/7/g
//src=源目录存放绝对路径在哪 dest=目的目录存放绝对路径在哪
[root@king ~]# ansible 192.168.120.130 -m template -a 'src=/root/CentOS-Base.repo dest=/etc/yum.repos.d/'
192.168.120.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "bb2ef021f3e870ee620a559ee775dc038489a42f",
"dest": "/etc/yum.repos.d/CentOS-Base.repo",
"gid": 0,
"group": "root",
"md5sum": "8378e0854b05696d87543e19d10858c2",
"mode": "0644",
"owner": "root",
"size": 1659,
"src": "/root/.ansible/tmp/ansible-tmp-1631785696.1573281-1716-35405122536681/source",
"state": "file",
"uid": 0
} → 成功
受控主机上:
验证↓
[root@CAT yum.repos.d]# ls
CentOS-Base.repo
[root@CAT ]# yum clean all && yum makecache
[root@CAT ]# yum list all
template模块中还有其它一些参数用法如:
控制主机上:
.主要用于传输。owner=所属者 group=所属组 mode=给与权限
.(owner和group必须是受控主机上已有用户)
[root@king ~]# ls
anaconda-ks.cfg CentOS-Base.repo hello.sh
[root@king ~]# ansible 192.168.120.130 -m template -a 'src=/root/hello.sh dest=/root owner=kim group=kim mode=733'
192.168.120.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "0ffb172286a559507b6a333a386077aa7dd85ede",
"dest": "/root/hello.sh",
"gid": 3300,
"group": "kim",
"md5sum": "4eaa7f9b228500b9128d8c6485bd9709",
"mode": "0733",
"owner": "kim",
"size": 46,
"src": "/root/.ansible/tmp/ansible-tmp-1631787101.675303-1857-241664828779554/source",
"state": "file",
"uid": 3300
} → 成功传输
受控主机上:
验证→传输成功更改成功
[root@CAT ~]# ls
anaconda-ks.cfg hello.sh
[root@CAT ~]# ll hello.sh
-rwx-wx-wx 1 kim kim 46 9月 16 18:11 hello.sh
7、yum模块
yum模块用于在指定节点机器上通过yum管理软件,其支持的参数主要有两个:
- name:要管理的包名
- state:要进行的操作
state后跟的常用的值有:
- latest:安装软件
installed:安装软件
present:安装软件
removed:卸载软件
absent:卸载软件
控制主机上:
[root@king ~]# ansible 192.168.120.130 -m yum -a 'name=wget state=present'
192.168.120.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"changes": {
"installed": [
"wget"
]
},
"msg": "",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\nResolving Dependencies\n--> Running transaction check\n---> Package wget.x86_64 0:1.14-18.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n wget x86_64 1.14-18.el7 local 547 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package\n\nTotal download size: 547 k\nInstalled size: 2.0 M\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : wget-1.14-18.el7.x86_64 1/1 \n Verifying : wget-1.14-18.el7.x86_64 1/1 \n\nInstalled:\n wget.x86_64 0:1.14-18.el7 \n\nComplete!\n"
]
}
受控主机上验证:
[root@CAT ~]# rpm -qa|grep wget
wget-1.14-18.el7.x86_64
8、copy模块
copy模块用于复制文件至远程受控机:
控制主机上:
[root@king ~]# touch 123.txt
[root@king ~]# echo "1234567">123.txt
[root@king ~]# cat 123.txt
1234567
[root@king ~]# ansible 192.168.120.130 -m copy -a 'src=/root/123.txt dest=/root'
192.168.120.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "e017693e4a04a59d0b0f400fe98177fe7ee13cf7",
"dest": "/root/123.txt",
"gid": 0,
"group": "root",
"md5sum": "1b504d3328e16fdf281d1fb9516dd90b",
"mode": "0644",
"owner": "root",
"size": 8,
"src": "/root/.ansible/tmp/ansible-tmp-1631876135.835801-1753-47120347958825/source",
"state": "file",
"uid": 0
}
[root@king ~]# ansible 192.168.120.130 -m shell -a 'ls && cat 123.txt'
192.168.120.130 | CHANGED | rc=0 >>
123.txt
anaconda-ks.cfg
hello.sh
1234567
也可在受管主机上:
验证↓
[root@CAT ~]# ls //复制前
anaconda-ks.cfg hello.sh
[root@CAT ~]# ls //复制过后
123.txt anaconda-ks.cfg hello.sh
[root@CAT ~]# cat 123.txt
1234567
9、group模块
group模块用于在受控机上添加或删除组:
//在受管主机上添加一个系统组并验证
[root@king ~]# ansible 192.168.120.130 -m group -a 'name=apple gid=602 state=present'
192.168.120.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 602,
"name": "apple",
"state": "present",
"system": false
}
[root@king ~]# ansible 192.168.120.130 -m shell -a 'grep apple /etc/group'
192.168.120.130 | CHANGED | rc=0 >>
apple:x:602:
//删除刚刚添加在受控主机的系统组并验证
[root@king ~]# ansible 192.168.120.130 -m group -a 'name=apple state=absent'
192.168.120.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "apple",
"state": "absent"
}
[root@king ~]# ansible 192.168.120.130 -m shell -a 'grep apple /etc/group'
192.168.120.130 | FAILED | rc=1 >> //报错,不存在,不能返回值
non-zero return code //已删除
10、user模块
user模块用于管理受控机的用户帐号(也可更改用户信息):
//在受控机上添加一个系统用户,用户名为mysql,uid为306,设置其shell为/sbin/nologin,不指定家目录
[root@king ~]# ansible 192.168.120.130 -m user -a 'name=nase uid=607 system=yes create_home=no shell=/sbin/nologin state=present'
192.168.120.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": false,
"group": 607,
"home": "/home/nase",
"name": "nase",
"shell": "/sbin/nologin",
"state": "present",
"system": true,
"uid": 607
}
[root@king ~]# ansible 192.168.120.130 -m shell -a 'grep nase /etc/passwd'
192.168.120.130 | CHANGED | rc=0 >>
nase:x:607:607::/home/nase:/sbin/nologin
[root@king ~]# ansible 192.168.120.130 -m shell -a 'ls /home'
192.168.120.130 | CHANGED | rc=0 >>
harry
kim
//删除受控主机上nase系统用户
[root@king ~]# ansible 192.168.120.130 -m user -a 'name=nase state=absent'
192.168.120.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"force": false,
"name": "nase",
"remove": false,
"state": "absent"
}
[root@king ~]# ansible 192.168.120.130 -m shell -a 'grep nase /etc/passwd'
192.168.120.130 | FAILED | rc=1 >>
non-zero return code
11、service模块
service模块用于管理受控机上的服务:
state后可跟状态有:
- started-开启
- restarted-重启
- stopped-停止
- reloaded-重新加载
enabled后可跟:
- yes
- no
受管主机上查看服务状态:
[root@CAT ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 100 ::1:25 :::*
[root@CAT ~]# systemctl status postfix
● postfix.service - Postfix Mail Transport Agent
Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)
Active: active (running).....
控制主机上:
[root@king ~]# ansible 192.168.120.130 -m service -a 'name=postfix state=stopped'
192.168.120.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "postfix",
"state": "stopped", .......
受管主机上查看服务状态:
[root@CAT ~]# systemctl status postfix
● postfix.service - Postfix Mail Transport Agent
Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)
Active: inactive (dead)..
控制主机上:
[root@king ~]# ansible 192.168.120.130 -m service -a 'name=postfix state=started enabled=yes'
192.168.120.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"enabled": true,
"name": "postfix",
"state": "started",.......
受管主机上:
[root@CAT ~]# systemctl status postfix
● postfix.service - Postfix Mail Transport Agent
Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)
Active: active (running) .....
167
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
