1.密钥认证
ssh-keygen -t rsa -C "xxx@xxx.com"
ssh-copy-id -i .ssh/id_rsa.pub root@x.x.x.x
2.并入管理组
/etc/ansible/hosts
[webserver]
x.x.x.x
[dbserber]
x.x.x.x
3.常用模块
(1)ping: 主机探测,返回pong
ansible all -m ping
(2)command: 执行命令,不支持管道
ansible all -m command -a "touch ./test"
(3)shell: 执行命令,支持管道
ansible all -m shell -a "cat /etc/passwd | grep root"
(4)cron: 同时发布任务
ansbile all -m cron -a "minute|day|month|weekday|hour=*/5 job='/sbin/ntpdate x.x.x.x &> /dev/null' name=time"
(5)yum: 安装和卸载
ansible all -m yum -a "name=pkname "
ansbile all -m yum -a "name=pkname state=absent"
(6)service: 启动和停止服务
ansible all -m service -a "name=pkname state=started|stopped"
(7)copy: 赋值文件
ansible all -m copy -a "src=/path/file dest=/path/file"
ansible all -m copy -a "content='123' dest=/path/file"
(8)user:
ansible all -m user -a "name=user1 state=present|absent system=yes|no "
4.playbook
(1)创建xxx.yaml文件
(2)编辑xxx.yaml
- hosts: webserber
remote_user: root
tasks:
- name: add user
user: name=` item`.`name ` group=` item`.`group `
with_items:
- { name: "`name1`" group: "`group1`" }
when: ansible_distribution_major_version=="7"
- name: copy conf
copy: src=/path/file dest=/path/file
notify: copy conf
tags: copy conf
handlers:
- name: copy conf
service: name=httpd state=stopped
(3)运行 ansible-play -t "copy conf" xxx.yaml
5.传递参数
(1)内置变量 ansible all -m step
(2)写在hosts中
[webserver]
x.x.x.x 80
x.x.x.x 8080
(3)写在vars中
vars:
- username: "user1"
- groupname: "group1"
(4)调用roules时
roles:
- {role:test,name=magedu }
(5)运行命令时传递
ansible-plya -e "name=magedu age=99" xxx.yaml
6.roles
(1)创建/etc/ansible/roles/test
(2)目录结构
file: 存放copy文件
template: 存在模板
tasks: 必须有一个main.yml,其余可include进来
handlers: 存放触发器,必须有一个mail.yml
vars: 存放参数,不用加-,直接name=value
meta: 特殊设定及其依赖关系
default: 设定默认变量
(3)写playbook,调用角色
- hosts: all
remote_user: root
roles:
- test
转载于:https://blog.51cto.com/longnnight/1968754