Ansible基础模块

最新推荐文章于 2024-07-25 14:53:29 发布
最新推荐文章于 2024-07-25 14:53:29 发布
阅读量325 收藏 1
点赞数
分类专栏: DevOps 文章标签: 自动化 运维 Ansible DveOps
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_43803147/article/details/103265394
版权
Ansible:

 Ansible是新出现的自动化运维工具,基于Python开发,集合了众多运维工具(puppet,cfengine,chef,func,fabric)的优点,实现了批量系统配置,批量程序部署,批量运行命令等功能。

 Ansible是基于模块工作的,本身没有批量部署的能力,真正具有批量部署的是Ansible所运行的模块,Ansible只是提供一种框架。

自动化运维工具:
  • puppet:基于ruby语言开发,属于C/S架构,兼容linux,windows,unix,支持1000台主机以上。
  • saltstack:基于python语言开发,属于C/S架构,统一管理,轻量级,支持1000台主机以上。
  • ansible:基于python语言开发,属于无客户端模式,使用ssh协议管理,支持100台以上。
Ansible特性:
  • 模块化:调用特定的模块,完成特定任务。
  • 有Paramiko,PyYAML,Jinja2(模板语言)三个关键模块。
  • 支持自定义模块。
  • 基于Python语言实现。
  • 部署简单:基于Python和SSH(默认已安装),agentless。
  • 安全:基于OpenSSH。
  • 支持playbook编排任务。
  • 幂等性:一个任务执行一遍和执行N遍效果一样,不因重复执行带来意外状况。
  • 无需代理不依赖PKI(无需ssl)。
  • 可使用任何编程语言写模块。
  • YAML格式,编排任务,支持丰富的数据结构。
  • 较强大的多层解决方案。
Ansible组成部分:
  • Ansible core:Ansible核心程序。
  • HostInventory:记录有Ansible管理的主机信息,包括端口,密码,IP等。
  • ConnectionPlugins:连接插件,用来和被控端通信。
  • Playbook:剧本,YAML格式文件,多个任务定义在一个文件中。
  • CoreModules:核心模块。
  • CustomModules:自定义模块。
ssh原理:
私钥加密,公钥解密:

 在主控端生成一对密钥,把公钥传递到远程的主机上,当主控端想要去连接远程主机,远程主机会随机发送一串字符给主控端,主控端将这串字符加密,发送给远程主机,远程主机用公钥来进行解密,解密出的字符如果和自己生成的字符一直,则主控端验证通过。

安装Ansible:
Host网络信息:
主控端ens33:192.168.43.23
Host1ens33:192.168.43.241
Host1ens33:192.168.43.104
主控端:

方法一:

[root@localhost ansible]# ls
ansible-2.4.2.0-2.el7.noarch.rpm         python-httplib2-0.9.2-1.el7.noarch.rpm    python-passlib-1.6.5-2.el7.noarch.rpm
libyaml-0.1.4-11.el7_0.x86_64.rpm        python-jinja2-2.7.2-2.el7.noarch.rpm      pyyaml-3.10-11.el7.x86_64.rpm
python2-jmespath-0.9.0-3.el7.noarch.rpm  python-markupsafe-0.11-10.el7.x86_64.rpm  sshpass-1.06-2.el7.x86_64.rpm
python-babel-0.9.6-8.el7.noarch.rpm      python-paramiko-2.1.1-2.el7.noarch.rpm
[root@localhost ansible]# pwd
/root/ansible
[root@localhost ansible]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# vim ansible.repo
[ansible]
name=ansible
baseurl=file:///root/ansible
enabled=1
gpgcheck=0
[root@localhost yum.repos.d]# createrepo /root/ansible
Spawning worker 0 with 6 pkgs
Spawning worker 1 with 5 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
[root@localhost yum.repos.d]# yum -y install ansible
[root@localhost yum.repos.d]# ansible --version
ansible 2.4.2.0
    config file = /etc/ansible/ansible.cfg
    configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
    ansible python module location = /usr/lib/python2.7/site-packages/ansible
    executable location = /usr/bin/ansible
    python version = 2.7.5 (default, Nov  6 2016, 00:28:07) [GCC 4.8.5 20150623 (Red Hat 4.8.5-11)]

方法二:

[root@localhost ~]# yum -y install ansible.noarch
[root@localhost ~]# ansible --version
ansible 2.4.2.0
    config file = /etc/ansible/ansible.cfg
    configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
    ansible python module location = /usr/lib/python2.7/site-packages/ansible
    executable location = /usr/bin/ansible
    python version = 2.7.5 (default, Nov  6 2016, 00:28:07) [GCC 4.8.5 20150623 (Red Hat 4.8.5-11)]

ssh免密登录:

[root@localhost yum.repos.d]# yum -y install openssh openssh-devel openssl openssl-devel
[root@localhost yum.repos.d]# ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:zzj2bNrD0MsJi0jLBXRqY4STyNYcqa5FXmAqnW0bRnI root@localhost
The key's randomart image is:
+---[RSA 2048]----+
|..o+o            |
|.oB+E .          |
|.+.@ o           |
|o.+ %            |
|oo * =  S.       |
| .o o . o+.      |
|.. o + .+*oo     |
|.   + ...=B      |
|        .o+.     |
+----[SHA256]-----+
[root@localhost yum.repos.d]# ssh-copy-id  root@192.168.43.23
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.43.23 (192.168.43.23)' can't be established.
ECDSA key fingerprint is SHA256:PjbUpTdGG1FtiYjG1P2DIADe646/IxZq5ge0sQybAhE.
ECDSA key fingerprint is MD5:86:09:71:21:24:06:f4:9b:ae:08:08:ea:4c:31:84:8f.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.43.23's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.43.23'"
and check to make sure that only the key(s) you wanted were added.

[root@localhost yum.repos.d]# ssh-copy-id  root@192.168.43.241
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.43.241 (192.168.43.241)' can't be established.
ECDSA key fingerprint is SHA256:pQXV+j1JjfR1c2ESn2FEtfxeC5Oumv14JQMnR7S5Yic.
ECDSA key fingerprint is MD5:23:72:5e:ea:11:13:c2:b7:c4:8f:1b:0f:a4:d7:05:9b.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.43.241's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.43.241'"
and check to make sure that only the key(s) you wanted were added.

[root@localhost yum.repos.d]# ssh-copy-id  root@192.168.43.104
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.43.104 (192.168.43.104)' can't be established.
ECDSA key fingerprint is SHA256:VUy72dDXxHUZFcfqyGGlGYX3IGBI++aL7uNlufMJAsQ.
ECDSA key fingerprint is MD5:02:89:1d:f4:9b:66:c4:a9:a9:9e:5f:8d:d9:48:9e:f1.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.43.104's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.43.104'"
and check to make sure that only the key(s) you wanted were added.
[root@localhost yum.repos.d]# ssh root@192.168.43.241
Last login: Wed Nov  6 14:00:13 2019 from desktop-a1km2p9
[root@localhost ~]# exit
logout
Connection to 192.168.43.241 closed.
[root@localhost yum.repos.d]# ssh root@192.168.43.104
Last login: Wed Nov  6 14:00:48 2019 from desktop-a1km2p9
[root@localhost ~]# exit
logout
Connection to 192.168.43.104 closed.

Ansible主目录:

[root@localhost yum.repos.d]# cd /etc/ansible/
[root@localhost ansible]# ls
ansible.cfg  hosts  roles 
#ansible.cfg:配置文件
#hosts:主机清单
#roles:角色
[root@localhost ansible]# vim hosts
添加:
[webserver]
192.168.43.104
192.168.43.241
[dbserver]
192.168.43.241
Ansible命令:
格式:
ansible Hosts(主机) -module_name(模块名) -a job(对主机进行的命令操作)
Ansible消息级别所对应的颜色:
  • 绿色:代表执行成功。
  • 红色:代表执行失败。
  • 黄色:代表执行成功,对远程主机的数据进行了修改。
  • 紫色:代表警告。
列出Ansible中的所有模块:
[root@localhost ansible]# ansible-doc --list
a10_server                                Manage A10 Networks AX/SoftAX/Thunder/vThunder devices' server object. 
a10_server_axapi3                         Manage A10 Networks AX/SoftAX/Thunder/vThunder devices                 
a10_service_group                         Manage A10 Networks AX/SoftAX/Thunder/vThunder devices' service groups.
a10_virtual_server                        Manage A10 Networks AX/SoftAX/Thunder/vThunder devices' virtual servers...
accelerate                                Enable accelerated mode on remote node
... ...
... ...
查看指定模块的帮助信息:
[root@localhost mysql-5.7.22]# ansible-doc -s ping
- name: Try to connect to host, verify a usable python and return `pong' on success
ping:
    data:                  # Data to return for the `ping' return value. If this parameter is set to `crash', the
                            module will cause an exception.
Ansible常用模块:
ping:

 检查指定节点机器是否还能连通,用法很简单,不涉及参数,主机如果在线,则回复pong。

[root@localhost ~]# ansible webserver -m ping
192.168.43.104 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
192.168.43.241 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
[root@localhost ~]# ansible dbserver -m ping
192.168.43.241 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
[root@localhost ~]# ansible all -m ping
192.168.43.241 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
192.168.43.104 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
command:

 用于在各被管理节点运行指定的命令,shell和command的区别在于shell模块可以使用特殊字符,而command是不支持。

[root@localhost ~]# ansible all -m command -a 'hostname'
192.168.43.241 | SUCCESS | rc=0 >>
localhost

192.168.43.104 | SUCCESS | rc=0 >>
localhost

参数:

  • chdir:指定当前所在目录。

    [root@localhost ~]# ansible all -m command -a ‘chdir=/home ls’
    192.168.43.104 | SUCCESS | rc=0 >>
    gsb

    192.168.43.241 | SUCCESS | rc=0 >>
    shaobo

  • creates:当指定文件存在时,命令不执行,当指定文件不存在时,则命令执行。

    [root@localhost ~]# ansible all -m command -a ‘creates=/etc/fstab cat /etc/fstab’
    192.168.43.241 | SUCCESS | rc=0 >>
    skipped, since /etc/fstab exists

    192.168.43.104 | SUCCESS | rc=0 >>
    skipped, since /etc/fstab exists

  • removes:当指定文件存在时,命令执行,当指定文件不存在时,则命令不执行。

    [root@localhost ~]# ansible all -m command -a ‘removes=/etc/fstab cat /etc/fstab’
    192.168.43.241 | SUCCESS | rc=0 >>

    /etc/fstab

    Created by anaconda on Tue Nov 5 20:30:33 2019

    Accessible filesystems, by reference, are maintained under ‘/dev/disk’

    See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info

    /dev/mapper/cl-root / xfs defaults 0 0
    UUID=0698a74d-300d-4aea-a8c9-c6b7c7c449f4 /boot xfs defaults 0 0
    /dev/mapper/cl-swap swap swap defaults 0 0

    192.168.43.104 | SUCCESS | rc=0 >>

    /etc/fstab

    Created by anaconda on Mon Mar 4 21:27:17 2019

    Accessible filesystems, by reference, are maintained under ‘/dev/disk’

    See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info

    /dev/mapper/cl-root / xfs defaults 0 0
    UUID=f20cd398-f878-40e5-a5d9-f7f683aabe77 /boot xfs defaults 0 0
    /dev/mapper/cl-swap swap swap defaults 0 0

shell:

 在远程主机上执行命令 可以指定特殊的字符。

[root@localhost ~]# ansible all -m shell -a 'ls /usr | grep src'
192.168.43.241 | SUCCESS | rc=0 >>
src

192.168.43.104 | SUCCESS | rc=0 >>
src
user:

 user模块用来对远程主机上的用户进行操作,user模块所对应的请求命令是useradd, userdel, usermod。

参数:

  • name:指定创建的用户名,如果没有这个用户,就自动创建。

    [root@localhost ~]# ansible all -m user -a "name=testuser "
    192.168.43.104 | SUCCESS => {
    “changed”: true,
    “comment”: “”,
    “createhome”: true,
    “group”: 1001,
    “home”: “/home/testuser”,
    “name”: “testuser”,
    “shell”: “/bin/bash”,
    “state”: “present”,
    “system”: false,
    “uid”: 1001
    }
    192.168.43.241 | SUCCESS => {
    “changed”: true,
    “comment”: “”,
    “createhome”: true,
    “group”: 1001,
    “home”: “/home/testuser”,
    “name”: “testuser”,
    “shell”: “/bin/bash”,
    “state”: “present”,
    “system”: false,
    “uid”: 1001
    }
    [root@localhost ~]# ansible all -m shell -a “ls /home | grep test”
    192.168.43.104 | SUCCESS | rc=0 >>
    testuser

    192.168.43.241 | SUCCESS | rc=0 >>
    testuser

  • password:用来指定创建用户的密码。

    [root@localhost ~]# openssl passwd -1 123.com
    1 1 1BI5o3s0e$05rvmfSuWXfsb0i3r93wd1
    [root@localhost ~]# ansible all -m user -a “name=testuser password= 1 1 1BI5o3s0e$05rvmfSuWXfsb0i3r93wd1”
    192.168.43.104 | SUCCESS => {
    “append”: false,
    “changed”: true,
    “comment”: “”,
    “group”: 1001,
    “home”: “/home/testuser”,
    “move_home”: false,
    “name”: “testuser”,
    “password”: “NOT_LOGGING_PASSWORD”,
    “shell”: “/bin/bash”,
    “state”: “present”,
    “uid”: 1001
    }
    192.168.43.241 | SUCCESS => {
    “append”: false,
    “changed”: true,
    “comment”: “”,
    “group”: 1001,
    “home”: “/home/testuser”,
    “move_home”: false,
    “name”: “testuser”,
    “password”: “NOT_LOGGING_PASSWORD”,
    “shell”: “/bin/bash”,
    “state”: “present”,
    “uid”: 1001
    }
    [root@localhost ~]# ansible all -m shell -a “cat /etc/shadow | grep testuser”
    192.168.43.104 | SUCCESS | rc=0 >>
    testuser:-bash5rvmfSuWXfsb0i3r93wd1:18206:0:99999:7:::

    192.168.43.241 | SUCCESS | rc=0 >>
    testuser:-bash5rvmfSuWXfsb0i3r93wd1:18206:0:99999:7:::

  • uid:用来指定创建用户的UID。

    [root@localhost ~]# ansible all -m user -a “uid=1020 name=testuser”
    192.168.43.104 | SUCCESS => {
    “append”: false,
    “changed”: true,
    “comment”: “”,
    “group”: 1001,
    “home”: “/home/testuser”,
    “move_home”: false,
    “name”: “testuser”,
    “shell”: “/bin/bash”,
    “state”: “present”,
    “uid”: 1020
    }
    192.168.43.241 | SUCCESS => {
    “append”: false,
    “changed”: true,
    “comment”: “”,
    “group”: 1001,
    “home”: “/home/testuser”,
    “move_home”: false,
    “name”: “testuser”,
    “shell”: “/bin/bash”,
    “state”: “present”,
    “uid”: 1020
    }
    [root@localhost ~]# ansible all -m shell -a “cat /etc/passwd | grep testuser”
    192.168.43.104 | SUCCESS | rc=0 >>
    testuser❌1020:1001::/home/testuser:/bin/bash

    192.168.43.241 | SUCCESS | rc=0 >>
    testuser❌1020:1001::/home/testuser:/bin/bash

  • group:用来指定创建用户的基本组。

    [root@localhost ~]# ansible all -m user -a “group=root name=testuser”
    192.168.43.104 | SUCCESS => {
    “append”: false,
    “changed”: true,
    “comment”: “”,
    “group”: 0,
    “home”: “/home/testuser”,
    “move_home”: false,
    “name”: “testuser”,
    “shell”: “/bin/bash”,
    “state”: “present”,
    “uid”: 1020
    }
    192.168.43.241 | SUCCESS => {
    “append”: false,
    “changed”: true,
    “comment”: “”,
    “group”: 0,
    “home”: “/home/testuser”,
    “move_home”: false,
    “name”: “testuser”,
    “shell”: “/bin/bash”,
    “state”: “present”,
    “uid”: 1020
    }
    [root@localhost ~]# ansible all -m shell -a “groups testuser”
    192.168.43.104 | SUCCESS | rc=0 >>
    testuser : root

    192.168.43.241 | SUCCESS | rc=0 >>
    testuser : root

  • groups(append):用来指定创建用户的附加组。

    [root@localhost ~]# ansible all -m user -a “groups=adm name=testuser”
    192.168.43.241 | SUCCESS => {
    “append”: false,
    “changed”: true,
    “comment”: “”,
    “group”: 0,
    “groups”: “adm”,
    “home”: “/home/testuser”,
    “move_home”: false,
    “name”: “testuser”,
    “shell”: “/bin/bash”,
    “state”: “present”,
    “uid”: 1020
    }
    192.168.43.104 | SUCCESS => {
    “append”: false,
    “changed”: true,
    “comment”: “”,
    “group”: 0,
    “groups”: “adm”,
    “home”: “/home/testuser”,
    “move_home”: false,
    “name”: “testuser”,
    “shell”: “/bin/bash”,
    “state”: “present”,
    “uid”: 1020
    }
    [root@localhost ~]# ansible all -m shell -a “groups testuser”
    192.168.43.241 | SUCCESS | rc=0 >>
    testuser : root adm

    192.168.43.104 | SUCCESS | rc=0 >>
    testuser : root adm

  • home:用来指定创建用户的家目录。

    [root@localhost ~]# ansible all -m shell -a “mkdir /home/truehome”
    [WARNING]: Consider using file module with state=directory rather than running mkdir

    192.168.43.104 | SUCCESS | rc=0 >>

    192.168.43.241 | SUCCESS | rc=0 >>

    [root@localhost ~]# ansible all -m user -a “name=testuser home=/home/truehome”
    192.168.43.104 | SUCCESS => {
    “append”: false,
    “changed”: true,
    “comment”: “”,
    “group”: 0,
    “home”: “/home/truehome”,
    “move_home”: false,
    “name”: “testuser”,
    “shell”: “/bin/bash”,
    “state”: “present”,
    “uid”: 1020
    }
    192.168.43.241 | SUCCESS => {
    “append”: false,
    “changed”: true,
    “comment”: “”,
    “group”: 0,
    “home”: “/home/truehome”,
    “move_home”: false,
    “name”: “testuser”,
    “shell”: “/bin/bash”,
    “state”: “present”,
    “uid”: 1020
    }
    [root@localhost ~]# ansible all -m shell -a “cat /etc/passwd | grep testuser”
    192.168.43.104 | SUCCESS | rc=0 >>
    testuser❌1020:0::/home/truehome:/bin/bash

    192.168.43.241 | SUCCESS | rc=0 >>
    testuser❌1020:0::/home/truehome:/bin/bash

  • remove=yes或者state=absent:删除用户。

    [root@localhost ~]# ansible all -m user -a “name=testuser remove=yes”
    192.168.43.104 | SUCCESS => {
    “append”: false,
    “changed”: false,
    “comment”: “”,
    “group”: 0,
    “home”: “/home/truehome”,
    “move_home”: false,
    “name”: “testuser”,
    “shell”: “/bin/bash”,
    “state”: “present”,
    “uid”: 1020
    }
    192.168.43.241 | SUCCESS => {
    “append”: false,
    “changed”: false,
    “comment”: “”,
    “group”: 0,
    “home”: “/home/truehome”,
    “move_home”: false,
    “name”: “testuser”,
    “shell”: “/bin/bash”,
    “state”: “present”,
    “uid”: 1020
    }

group:

 group模块主要用来对远程主机上的组进行操作,group模块所对应的请求命令是groupadd, groupdel, groupmod。

参数:

  • name:用来指定创建组的名字,如果没有这个组,则自动创建。
  • gid:用来指定创建组的gid。
  • state=absent:删除组。

创建组:

[root@localhost ~]# ansible all -m group -a "name=one gid=1030"
192.168.43.241 | SUCCESS => {
    "changed": true, 
    "gid": 1030, 
    "name": "one", 
    "state": "present", 
    "system": false
}
192.168.43.104 | SUCCESS => {
    "changed": true, 
    "gid": 1030, 
    "name": "one", 
    "state": "present", 
    "system": false
}

查看结果:

[root@localhost ~]# ansible all -m shell -a "cat /etc/group | grep one"
192.168.43.241 | SUCCESS | rc=0 >>
one:x:1030:

192.168.43.104 | SUCCESS | rc=0 >>
one:x:1030:

删除组:

[root@localhost ~]# ansible all -m group -a "name=one state=absent"
192.168.43.241 | SUCCESS => {
    "changed": true, 
    "name": "one", 
    "state": "absent"
}
192.168.43.104 | SUCCESS => {
    "changed": true, 
    "name": "one", 
    "state": "absent"
}
script:

 用来在远程主机上执行主控端的脚本。

创建脚本,并在远程主机上执行:

[root@localhost ~]# vim test.sh
#! /bin/bash
touch /tmp/scriptfile
echo "hello world" > /tmp/scriptfile
cat /tmp/scriptfile
[root@localhost ~]# chmod +x test.sh 
[root@localhost ~]# ansible all -m script -a "chdir=/root test.sh"
192.168.43.104 | SUCCESS => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 192.168.43.104 closed.\r\n", 
    "stdout": "hello world\r\n", 
    "stdout_lines": [
        "hello world"
    ]
}
192.168.43.241 | SUCCESS => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 192.168.43.241 closed.\r\n", 
    "stdout": "hello world\r\n", 
    "stdout_lines": [
        "hello world"
    ]
}
copy:

 用来将主控端主机的文件复制到远程主机。

参数:

  • src:指定要复制文件的源地址。
  • dest:指定复制文件的目标地址。

创建测试文件并拷贝到远程主机:

[root@localhost ~]# touch testfile
[root@localhost ~]# echo "hello world" > testfile 
[root@localhost ~]# ansible all -m copy -a "src=/root/testfile dest=/tmp"
192.168.43.104 | SUCCESS => {
    "changed": true, 
    "checksum": "22596363b3de40b06f981fb85d82312e8c0ed511", 
    "dest": "/tmp/testfile", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "6f5902ac237024bdd0c176cb93063dc4", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:admin_home_t:s0", 
    "size": 12, 
    "src": "/root/.ansible/tmp/ansible-tmp-1573027196.14-194603345129606/source", 
    "state": "file", 
    "uid": 0
}
192.168.43.241 | SUCCESS => {
    "changed": true, 
    "checksum": "22596363b3de40b06f981fb85d82312e8c0ed511", 
    "dest": "/tmp/testfile", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "6f5902ac237024bdd0c176cb93063dc4", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:admin_home_t:s0", 
    "size": 12, 
    "src": "/root/.ansible/tmp/ansible-tmp-1573027196.16-53338356328815/source", 
    "state": "file", 
    "uid": 0
}

查看结果:

[root@localhost ~]# ansible all -m shell  -a "cat /tmp/testfile"
192.168.43.104 | SUCCESS | rc=0 >>
hello world

192.168.43.241 | SUCCESS | rc=0 >>
hello world
  • content:用来添加或修改远程主机文件的内容(双引号套单引号,/n为换行符)。

修改远程主机文件中的内容:

[root@localhost ~]# ansible all -m copy -a "content='new\nstr' dest=/tmp/testfile"
192.168.43.241 | SUCCESS => {
    "changed": true, 
    "checksum": "b117bd2a83c362c24fb99d886f62da015a836922", 
    "dest": "/tmp/testfile", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "5622de4dea7dadc42530691bbb296da5", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:admin_home_t:s0", 
    "size": 7, 
    "src": "/root/.ansible/tmp/ansible-tmp-1573027455.72-143535204445616/source", 
    "state": "file", 
    "uid": 0
}
192.168.43.104 | SUCCESS => {
    "changed": true, 
    "checksum": "b117bd2a83c362c24fb99d886f62da015a836922", 
    "dest": "/tmp/testfile", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "5622de4dea7dadc42530691bbb296da5", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:admin_home_t:s0", 
    "size": 7, 
    "src": "/root/.ansible/tmp/ansible-tmp-1573027455.72-221471957710822/source", 
    "state": "file", 
    "uid": 0
}

查看结果:

[root@localhost ~]# ansible all -m shell  -a "cat /tmp/testfile"
192.168.43.241 | SUCCESS | rc=0 >>
new
str

192.168.43.104 | SUCCESS | rc=0 >>
new
str
  • force=no:当主控端拷贝的文件名和目标名一致,但是内容不一致的时,放弃拷贝。
  • backup=yes:当主控端拷贝的文件名和目标名一致,但是内容不一致时,对目标文件进行备份。

对文件进行备份:

[root@localhost ~]# ansible all -m copy -a "src=/root/testfile dest=/tmp  force=no"
192.168.43.241 | SUCCESS => {
    "changed": false, 
    "dest": "/tmp", 
    "src": "/root/testfile"
}
192.168.43.104 | SUCCESS => {
    "changed": false, 
    "dest": "/tmp", 
    "src": "/root/testfile"
}
[root@localhost ~]# ansible all -m copy -a "src=/root/testfile dest=/tmp  backup=yes"
192.168.43.104 | SUCCESS => {
    "backup_file": "/tmp/testfile.42050.2019-11-06@16:09:25~", 
    "changed": true, 
    "checksum": "22596363b3de40b06f981fb85d82312e8c0ed511", 
    "dest": "/tmp/testfile", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "6f5902ac237024bdd0c176cb93063dc4", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:admin_home_t:s0", 
    "size": 12, 
    "src": "/root/.ansible/tmp/ansible-tmp-1573027763.91-233828879526500/source", 
    "state": "file", 
    "uid": 0
}
192.168.43.241 | SUCCESS => {
    "backup_file": "/tmp/testfile.42217.2019-11-06@16:09:23~", 
    "changed": true, 
    "checksum": "22596363b3de40b06f981fb85d82312e8c0ed511", 
    "dest": "/tmp/testfile", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "6f5902ac237024bdd0c176cb93063dc4", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:admin_home_t:s0", 
    "size": 12, 
    "src": "/root/.ansible/tmp/ansible-tmp-1573027763.92-123506317381226/source", 
    "state": "file", 
    "uid": 0
}

查看结果:

[root@localhost ~]# ansible all -m shell  -a "ls /tmp | grep  testfile"
192.168.43.241 | SUCCESS | rc=0 >>
testfile
testfile.42217.2019-11-06@16:09:23~

192.168.43.104 | SUCCESS | rc=0 >>
testfile
testfile.42050.2019-11-06@16:09:25~
  • owner:指定文件的属主。
  • group:指定文件的属组。
  • mode: 指定文件的权限。

修改文件的属主,属组为root并且赋予755权限:

[root@localhost ~]# touch testfile_new
[root@localhost ~]# ansible all -m copy -a "src=/root/testfile_new dest=/tmp owner=root group=root mode=755" 
192.168.43.241 | SUCCESS => {
    "changed": true, 
    "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", 
    "dest": "/tmp/testfile_new", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "d41d8cd98f00b204e9800998ecf8427e", 
    "mode": "0755", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:admin_home_t:s0", 
    "size": 0, 
    "src": "/root/.ansible/tmp/ansible-tmp-1573028049.42-128576015175073/source", 
    "state": "file", 
    "uid": 0
}
192.168.43.104 | SUCCESS => {
    "changed": true, 
    "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", 
    "dest": "/tmp/testfile_new", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "d41d8cd98f00b204e9800998ecf8427e", 
    "mode": "0755", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:admin_home_t:s0", 
    "size": 0, 
    "src": "/root/.ansible/tmp/ansible-tmp-1573028049.41-132072472051321/source", 
    "state": "file", 
    "uid": 0
}

查看结果:

[root@localhost ~]# ansible all -m shell -a "ls -l /tmp/ | grep test"
192.168.43.104 | SUCCESS | rc=0 >>
-rw-r--r--. 1 root root     12 Nov  6 16:09 testfile
-rw-r--r--. 1 root root      7 Nov  6 16:04 testfile.42050.2019-11-06@16:09:25~
-rwxr-xr-x. 1 root root      0 Nov  6 16:14 testfile_new

192.168.43.241 | SUCCESS | rc=0 >>
-rw-r--r--. 1 root   root       12 Nov  6 16:09 testfile
-rw-r--r--. 1 root   root        7 Nov  6 16:04 testfile.42217.2019-11-06@16:09:23~
-rwxr-xr-x. 1 root   root        0 Nov  6 16:14 testfile_new
YUM:

 这个模块时用于REHL或者Centos系统作为远端节点的时候,控制远程主机使用YUM安装应用。

  • name:指定要安装的应用的名字。
  • state=present|lastest|absent:安装|安装最新版|删除
  • disablerepo:禁用某个repo源。
  • enablerepo:启用某个repo源。
  • disable_gpg_check:关闭gpg验证。

安装samba:

[root@localhost ~]# ansible all -m yum -a "name=samba state=installed"
192.168.43.104 | SUCCESS => {
    "changed": false, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "samba-4.9.1-6.el7.x86_64 providing samba is already installed"
    ]
}
192.168.43.241 | SUCCESS => {
    "changed": false, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "samba-4.9.1-6.el7.x86_64 providing samba is already installed"
    ]
}

启动smb服务:

[root@localhost ~]# ansible all -m shell -a "systemctl start smb"
192.168.43.104 | SUCCESS | rc=0 >>


192.168.43.241 | SUCCESS | rc=0 >>

查看结果:

[root@localhost ~]# ansible all -m shell -a "netstat -anput | grep smb"
192.168.43.104 | SUCCESS | rc=0 >>
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN      3315/smbd           
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN      3315/smbd           
tcp6       0      0 :::139                  :::*                    LISTEN      3315/smbd           
tcp6       0      0 :::445                  :::*                    LISTEN      3315/smbd           

192.168.43.241 | SUCCESS | rc=0 >>
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN      3072/smbd           
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN      3072/smbd           
tcp6       0      0 :::139                  :::*                    LISTEN      3072/smbd           
tcp6       0      0 :::445                  :::*                    LISTEN      3072/smbd
service:

 用于管理远程主机的服务进程。

参数:

  • name:服务名。
  • state=started|restarted|reload|stopped|enable:开启|重启|重载|停止|开机自启/
  • sleep:如果执行了restarted,则在stop和start之间沉睡几秒钟。
  • runlevel:运行级别。

关闭smb服务:

[root@localhost ~]# ansible all -m service -a "name=smb state=stopped"
[root@localhost ~]# ansible all -m shell -a "netstat -anput | grep smb"
192.168.43.104 | FAILED | rc=1 >>
non-zero return code

192.168.43.241 | FAILED | rc=1 >>
non-zero return code
file:

 file模块主要用于对远程主机上的文件进行操作。

参数:

  • mode:指定创建文件的权限。
  • group:指定创建文件的属组。
  • owner:指定创建文件的属性。
  • path:指定创建文件的路径。
  • recurse:只用于创建目录时,递归目录的属性。
  • src:要被链接的源文件路径,只用于创建软链接或硬链接时。
  • dest:要被链接到的路径,只用于创建软链接或硬链接时。
  • state=directory|touch|link|hard|absent:创建一个目录|创建一个文件|创建软连接|软件硬连接|删除文件或目录。

创建目录:

[root@localhost ~]# ansible all -m file -a "path=/testdirectory state=directory"
192.168.43.241 | SUCCESS => {
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/testdirectory", 
    "secontext": "unconfined_u:object_r:default_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}
192.168.43.104 | SUCCESS => {
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/testdirectory", 
    "secontext": "unconfined_u:object_r:default_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}

创建文件:

[root@localhost ~]# ansible all -m file -a "path=/testdirectory/testfile.txt  state=touch"
192.168.43.104 | SUCCESS => {
    "changed": true, 
    "dest": "/testdirectory/testfile.txt", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:default_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
192.168.43.241 | SUCCESS => {
    "changed": true, 
    "dest": "/testdirectory/testfile.txt", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:default_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}

创建新目录:

[root@localhost ~]# ansible all -m file -a "path=/newdirectory/  state=directory"
192.168.43.241 | SUCCESS => {
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/newdirectory/", 
    "secontext": "unconfined_u:object_r:default_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}
192.168.43.104 | SUCCESS => {
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/newdirectory/", 
    "secontext": "unconfined_u:object_r:default_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}

将文件软链接到新目录:

[root@localhost ~]# ansible all -m file -a "path=/newdirectory/newtestfile.txt  src=/testdirectory/testfile.txt state=link"
192.168.43.104 | SUCCESS => {
    "changed": true, 
    "dest": "/newdirectory/newtestfile.txt", 
    "gid": 0, 
    "group": "root", 
    "mode": "0777", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:default_t:s0", 
    "size": 27, 
    "src": "/testdirectory/testfile.txt", 
    "state": "link", 
    "uid": 0
}
192.168.43.241 | SUCCESS => {
    "changed": true, 
    "dest": "/newdirectory/newtestfile.txt", 
    "gid": 0, 
    "group": "root", 
    "mode": "0777", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:default_t:s0", 
    "size": 27, 
    "src": "/testdirectory/testfile.txt", 
    "state": "link", 
    "uid": 0
}

查看结果:

[root@localhost ~]# ansible all -m shell -a "ls -l /newdirectory/"
192.168.43.241 | SUCCESS | rc=0 >>
total 0
lrwxrwxrwx. 1 root root 27 Nov  6 21:18 newtestfile.txt -> /testdirectory/testfile.txt

192.168.43.104 | SUCCESS | rc=0 >>
total 0
lrwxrwxrwx. 1 root root 27 Nov  6 21:18 newtestfile.txt -> /testdirectory/testfile.txt
cron:

cron这个模块用来对远程主机执行计划任务。

参数:

  • minute:分钟。

  • hour:小时。

  • day:天。

  • month:月。

  • weekday:周。

  • job:执行的命令。

  • name:对计划任务的命名。

  • special_time=hourly|reboot|yearly|monthly|weekly|daily|:每小时执行一次|重启时执行一次|每年执行一次|每月执行一次|每周执行一次|每天执行一次。

    [root@localhost ~]# ansible all -m cron -a “name=one hour=8 minute=10 job=‘echo hello world’”
    192.168.43.241 | SUCCESS => {
    “changed”: true,
    “envs”: [],
    “jobs”: [
    “one”
    ]
    }
    192.168.43.104 | SUCCESS => {
    “changed”: true,
    “envs”: [],
    “jobs”: [
    “one”
    ]
    }
    [root@localhost ~]# ansible all -m shell -a “crontab -l”
    192.168.43.104 | SUCCESS | rc=0 >>
    #Ansible: one
    10 8 * * * echo hello world

    192.168.43.241 | SUCCESS | rc=0 >>
    #Ansible: one
    10 8 * * * echo hello world

lineinfile:

 正则匹配,lineinfile这个模块用来将文件中中匹配的内容更改为指定的内容。

  • regexp:定义正则。

  • line:替换掉匹配的内容。

  • path:文件路径。

    [root@localhost ~]# ansible all -m file -a “path=/tmp/newfile state=touch”
    192.168.43.104 | SUCCESS => {
    “changed”: true,
    “dest”: “/tmp/newfile”,
    “gid”: 0,
    “group”: “root”,
    “mode”: “0644”,
    “owner”: “root”,
    “secontext”: “unconfined_u:object_r:user_tmp_t:s0”,
    “size”: 0,
    “state”: “file”,
    “uid”: 0
    }
    192.168.43.241 | SUCCESS => {
    “changed”: true,
    “dest”: “/tmp/newfile”,
    “gid”: 0,
    “group”: “root”,
    “mode”: “0644”,
    “owner”: “root”,
    “secontext”: “unconfined_u:object_r:user_tmp_t:s0”,
    “size”: 0,
    “state”: “file”,
    “uid”: 0
    }
    [root@localhost ~]# ansible all -m shell -a “echo ‘hello world’ > /tmp/newfile”
    192.168.43.241 | SUCCESS | rc=0 >>

    192.168.43.104 | SUCCESS | rc=0 >>

    [root@localhost ~]# ansible all -m shell -a “cat /tmp/newfile”
    192.168.43.104 | SUCCESS | rc=0 >>
    hello world

    192.168.43.241 | SUCCESS | rc=0 >>
    hello world
    [root@localhost ~]# ansible all -m lineinfile -a “regexp=’^h’ line=‘hello newworld’ path=/tmp/newfile”
    192.168.43.104 | SUCCESS => {
    “backup”: “”,
    “changed”: true,
    “msg”: “line replaced”
    }
    192.168.43.241 | SUCCESS => {
    “backup”: “”,
    “changed”: true,
    “msg”: “line replaced”
    }
    [root@localhost ~]# ansible all -m shell -a “cat /tmp/newfile”
    192.168.43.104 | SUCCESS | rc=0 >>
    hello newworld

    192.168.43.241 | SUCCESS | rc=0 >>
    hello newworld

剧本(Playbook):

 Playbook是由多个模块组成的。

 yaml:yaml语言是由多个而语言集合而成的,包括C语言,Python,Ruby,Perl等,后缀名为yaml,yml。层级缩进不能使用tab,只能使用空格,#表示注释。

yaml数据类型:
  • 对象: name: value。
  • 数组:-food,代表组。
  • 字符串。
  • 数字。
yaml文件中的含义:
task  任务 要调用模块完成的操作。
variables 变量。
handlers 触发器。
使用剧本安装nginx:
[root@localhost ~]# vim nginx.yml
---
    - hosts: webserver
      remote_user: root
      tasks:
        - yum: name=pcre,pcre-devel,gcc,gcc-c++,zlib,zlib-devel,openssl,openssl-devel  state=installed
        - copy: src=/root/nginx-1.14.2.tar.gz dest=/usr/src/nginx-1.14.2.tar.gz
        - shell: tar -zxvf /usr/src/nginx-1.14.2.tar.gz -C /usr/src && useradd nginx -s /sbin/nologin && cd /usr/src/nginx-1.14.2/ && ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module && make && make install && ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/nginx
        - file: path=/etc/systemd/system/nginx.service state=touch
        - copy: content='[Unit]\nDescription=nginx\nAfter=network.target\n[Service]\nType=forking\nPIDFile=/usr/local/nginx/logs/nginx.pid\nExecStart=/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf\nExecStop=/usr/local/nginx/sbin/nginx -s stop -c /usr/local/nginx/conf/nginx.conf\nExecReload= /usr/local/nginx/sbin/nginx -s reload -c /usr/local/nginx/conf/nginx.conf\nPrivateTmp=ture\n[Install]\nWantedBy=multi-user.target' dest=/etc/systemd/system/nginx.service
        - shell: systemctl daemon-reload && systemctl start nginx.service
        - shell: netstat -anput | grep 80
[root@localhost ~]# vim nginx.yml
[root@localhost ~]# ansible-playbook --syntax-check nginx.yml 

playbook: nginx.yml
[root@localhost ~]# ansible-playbook nginx.yml 

PLAY [webserver] *****************************************************************************************************

TASK [Gathering Facts] ***********************************************************************************************
ok: [192.168.43.104]
ok: [192.168.43.241]

TASK [yum] ***********************************************************************************************************
ok: [192.168.43.241]
ok: [192.168.43.104]

TASK [copy] **********************************************************************************************************
changed: [192.168.43.104]
changed: [192.168.43.241]

TASK [command] *******************************************************************************************************
[WARNING]: Consider using unarchive module rather than running tar

changed: [192.168.43.241]
changed: [192.168.43.104]

TASK [file] **********************************************************************************************************
changed: [192.168.43.241]
changed: [192.168.43.104]

TASK [copy] **********************************************************************************************************
changed: [192.168.43.104]
changed: [192.168.43.241]

TASK [command] *******************************************************************************************************
changed: [192.168.43.104]
changed: [192.168.43.241]

TASK [command] *******************************************************************************************************
changed: [192.168.43.104]
changed: [192.168.43.241]

PLAY RECAP ***********************************************************************************************************
192.168.43.104             : ok=8    changed=6    unreachable=0    failed=0   
192.168.43.241             : ok=8    changed=6    unreachable=0    failed=0   
[root@localhost ~]# curl 192.168.43.104
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@localhost ~]# curl 192.168.43.241
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
使用剧本安装mysqld:
[root@localhost ~]# vim mysql.yml
---
    - hosts: webserver
      remote_user: root
      tasks:
        - yum: name=ncurses-devel,bison,cmake  state=installed
        - yum: name=libzip state=absent
        - copy: src=/root/mysql-5.7.22.tar.gz dest=/usr/src/mysql-5.7.22.tar.gz
        - copy: src=/root/boost_1_59_0.tar.gz dest=/usr/src/boost_1_59_0.tar.gz
        - shell: useradd mysql -s /sbin/nologin
        - shell: tar -zxvf /usr/src/mysql-5.7.22.tar.gz -C /usr/src && tar -zxvf /usr/src/boost_1_59_0.tar.gz -C /usr/local/ && mv /usr/local/boost_1_59_0  /usr/local/boost && rm -rf /usr/local/boost_1_59_0
        - shell: cd /usr/src/mysql-5.7.22 && cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DMYSQL-USER=mysql -DMYSQL_DATADIR=/usr/local/mysql/data -DDOWNLOAD_BOOST=1 -DWITH_BOOST=/usr/local/boost -DWITH_INNOBASE_STORAGE_ENGINE=1 -DWITH_FEDERATED_STORAGE_ENGINE=1 -DWITH_BLACKHOLE_STORAGE_ENGINE=1 -DWITHOUT_EXAMPLE_STORAGE_ENGINE=1 -DWITH_PARTITION_STORAGE_ENGINE=1 -DWITH_PERFSCHEMA_STORAGE_ENGINE=1 && make && make install
        - shell: mkdir /usr/local/mysql/data && chmod 755  /usr/local/mysql/data -R && chown mysql:mysql /usr/local/mysql/data -R && cp /usr/src/mysql-5.7.22/support-files/mysql.server /etc/init.d/mysqld && chmod +x  /etc/init.d/mysqld
        - shell: echo 'export PATH=$PATH:/usr/local/mysql/bin/' > /etc/profile.d/mysql.sh
        - shell: cd /usr/local/mysql && ./bin/mysqld --initialize --user=mysql --basedir=/usr/local/mysql  --datadir=/usr/local/mysql/data
        - file: path=/etc/systemd/system/mysqld.service state=touch
        - copy: content='[Unit]\nDescription=mysqld\nAfter=network.target\n[Service]\nType=forking\nPIDFile=/usr/local/mysql/data/localhost.pid\nExecStart=/etc/init.d/mysqld start\nExecStop=/etc/init.d/mysqld stop\nExecReload=/etc/init.d/mysqld reload\nPrivateTmp=ture\n[Install]\nWantedBy=multi-user.target' dest=/etc/systemd/system/mysqld.service
        - shell: systemctl daemon-reexec && systemctl daemon-reload && systemctl start mysqld.service

    [root@localhost ~]# ansible-playbook --syntax-check mysql.yml 

    playbook: mysql.yml
    [root@localhost ~]# ansible-playbook mysql.yml 

    PLAY [webserver] *****************************************************************************************************

    TASK [Gathering Facts] ***********************************************************************************************
    ok: [192.168.43.104]
    ok: [192.168.43.241]

    TASK [yum] ***********************************************************************************************************
    ok: [192.168.43.104]
    ok: [192.168.43.241]

    TASK [yum] ***********************************************************************************************************
    ok: [192.168.43.104]
    ok: [192.168.43.241]

    TASK [copy] **********************************************************************************************************
    ok: [192.168.43.104]
    ok: [192.168.43.241]

    TASK [copy] **********************************************************************************************************
    ok: [192.168.43.104]
    ok: [192.168.43.241]

    TASK [command] *******************************************************************************************************
    changed: [192.168.43.104]
    changed: [192.168.43.241]
    
    TASK [command] *******************************************************************************************************
    [WARNING]: Consider using unarchive module rather than running tar

    changed: [192.168.43.241]
    changed: [192.168.43.104]

    TASK [command] *******************************************************************************************************
    changed: [192.168.43.241]
    changed: [192.168.43.104]

    TASK [command] *******************************************************************************************************
    [WARNING]: Consider using file module with state=directory rather than running mkdir

    changed: [192.168.43.104]
    changed: [192.168.43.241]

    TASK [command] *******************************************************************************************************
    changed: [192.168.43.104]
    changed: [192.168.43.241]
    
    TASK [command] *******************************************************************************************************
    changed: [192.168.43.241]
    changed: [192.168.43.104]

    TASK [file] **********************************************************************************************************
    changed: [192.168.43.104]
    changed: [192.168.43.241]

    TASK [copy] **********************************************************************************************************
    changed: [192.168.43.241]
    changed: [192.168.43.104]

    TASK [command] *******************************************************************************************************
    changed: [192.168.43.104]
    changed: [192.168.43.241]

    PLAY RECAP ***********************************************************************************************************
    192.168.43.104             : ok=12   changed=7    unreachable=0    failed=0   
    192.168.43.241             : ok=12   changed=7    unreachable=0    failed=0  
[root@localhost ~]# ansible all -m shell -a "netstat -anput | grep 3306"
192.168.43.104 | SUCCESS | rc=0 >>
tcp6       0      0 :::3306                 :::*                    LISTEN      54760/mysqld        

192.168.43.241 | SUCCESS | rc=0 >>
tcp6       0      0 :::3306                 :::*                    LISTEN      47609/mysqld
使用剧本安装php:
[root@localhost ~]# vim php.yml
---
- hosts: webserver
  remote_user: root
  tasks:
    - yum: name=libxml2,libxml2-devel,bzip2,bzip2-devel,libcurl,libcurl-devel,libjpeg,libjpeg-devel,libpng,libpng-devel,freetype,freetype-devel,gmp,gmp-devel,readline,readline-devel,libxslt,libxslt-devel  state=installed
    - yum: name=libzip,cmake state=absent
    - copy: src=/root/php-7.3.9.tar.gz dest=/usr/src/php-7.3.9.tar.gz
    - copy: src=/root/cmake-3.15.3.tar.gz dest=/usr/src/cmake-3.15.3.tar.gz
    - copy: src=/root/libzip-1.5.1.tar.gz dest=/usr/src/libzip-1.5.1.tar.gz
    - shell: tar -zxvf /usr/src/php-7.3.9.tar.gz -C /usr/src && tar -zxvf /usr/src/cmake-3.15.3.tar.gz -C /usr/src && tar -zxvf /usr/src/libzip-1.5.1.tar.gz -C /usr/src
    - shell: cd /usr/src/cmake-3.15.3/  && ./bootstrap --prefix=/usr/local/cmake && gmake && gmake install && ln -s /usr/local/cmake/bin/* /usr/sbin/
    - shell: mkdir /usr/src/libzip-1.5.1/build && cd /usr/src/libzip-1.5.1/build && cmake .. && make && make install
    - shell: cd /usr/src//php-7.3.9/ && ./configure --enable-fpm --prefix=/usr/local/php --with-curl --with-freetype-dir --with-gd --with-gettext --with-iconv-dir --with-kerberos --with-libdir=lib64 --with-libxml-dir --with-mysqli --with-openssl --with-pcre-regex --with-pdo-mysql --with-pdo-sqlite --with-pear --with-png-dir --with-jpeg-dir --with-xmlrpc --with-xsl --with-zlib --with-openssl --enable-fpm --enable-bcmath --enable-libxml --enable-inline-optimization --enable-mbregex --enable-mbstring --enable-opcache --enable-pcntl --enable-shmop --enable-soap --enable-sockets --enable-sysvsem --enable-xml --enable-zip && make && make install && ln -s /usr/local/php/bin/php /usr/bin/
    - shell: cd /usr/local/php/etc/ && cp php-fpm.conf.default  php-fpm.conf && cd php-fpm.d/ &&  cp www.conf.default  www.conf  && cp /usr/src/php-7.3.9/php.ini-development /usr/local/php/etc/php.ini
    - shell:  cd /usr/local/php/sbin/ && ./php-fpm -c /usr/local/php/etc/php.ini

[root@localhost ~]# ansible-playbook php.yml 

PLAY [webserver] *********************************************************************************************************

TASK [Gathering Facts] ***************************************************************************************************
ok: [192.168.43.104]
ok: [192.168.43.241]

TASK [yum] ***********************************************************************************************************
ok: [192.168.43.104]
ok: [192.168.43.241]

TASK [yum] ***********************************************************************************************************
ok: [192.168.43.104]
ok: [192.168.43.241]

TASK [copy] **********************************************************************************************************
ok: [192.168.43.104]
ok: [192.168.43.241]

TASK [copy] **********************************************************************************************************
ok: [192.168.43.104]
ok: [192.168.43.241]
TASK [command] ***********************************************************************************************************
changed: [192.168.43.104]
changed: [192.168.43.241]

TASK [command] ***********************************************************************************************************
changed: [192.168.43.104]
changed: [192.168.43.241]

TASK [command] ***********************************************************************************************************
changed: [192.168.43.104]
changed: [192.168.43.241]

PLAY RECAP ***************************************************************************************************************
192.168.43.104             : ok=4    changed=3    unreachable=0    failed=0   
192.168.43.241             : ok=4    changed=3    unreachable=0    failed=0   
[root@localhost ~]# ansible all -m shell -a "netstat -anput | grep php-fpm"
192.168.43.241 | SUCCESS | rc=0 >>
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      34304/php-fpm: mast 

192.168.43.104 | SUCCESS | rc=0 >>
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      45370/php-fpm: mast
IT运维民工
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
ansible-makefile:Makefile用作Ansible的简单接口
01-31
ansible-makefile:Makefile用作Ansible的简单接口
Ansible常用基础模块
qq_42130112的博客
01-08 1118
ansible-doc & ping(ansible-doc文档,很重要) command模块 shell模块 script模块 copy模块 lineinfile|replace模块 yum模块 service模块 setup模块 ansible-doc和ping模块 ansible-doc 模块的手册相当于shell的man,很重要 ansible-doc -l 列出所有模块 a...
ansible常用模块之 -- make模块 – 在Makefile中运行目标
weixin_44762073的博客
11-02 289
ansible常用模块之 -- make模块 – 在Makefile中运行目标
Ansible基本工作原理及各个模块插件的作用
qq_44588093的博客
12-17 1049
1.1Ansible简介 ansible最新出现的自动化运维工具,是一个基于配置管理和应用的部署工具,基于python开发,集合了众多运维工具puppet,chef,saltstack等的优点,ansible是给予模块工作,本身没有批量部署能力。 1.2Ansible在生产环境中应用: 1自动化部署应用 2自动化管理配置 3自动化持续交付 4自动化(aws)云服务器管理 1.3Ansible的优点...
ansible学习系列之make模块的使用
枫夜
04-16 2201
使用ansible编写redis集群部署脚本时,对make模块的总结
ansible 模块_您需要知道的10个Ansible模块
cumo7370的博客
07-11 472
ansible 模块 Ansible是一个开源IT配置管理和自动化平台。 它使用人类可读的YAML模板,因此用户可以对重复性任务进行编程以自动执行,而无需学习高级编程语言。 Ansible是无代理的,这意味着它管理的节点不需要在其上安装任何软件。 这样可以消除潜在的安全漏洞,并使整体管理更加顺畅。 Ansible 模块是可以在Ansible剧本中使用的独立脚本。 剧本由戏剧组成,而戏剧由...
Ansible-ansible-makefile.zip
09-18
Ansible-ansible-makefile.zip,makefile用作ansiblemakefile对ansible用户的简单接口,ansible是一个简单而强大的自动化引擎。它用于帮助配置管理、应用程序部署和任务自动化
Ansible自动化运维工具安装及常用模块讲解和使用
weixin_58131623的博客
03-28 324
安装自动化运行工具Ansible,讲解Ansible常用模块
ansible安装及基础应用
浮生若梦
04-22 264
源码包安装 # 下载安装 git clone git://github.com/ansible/ansible.git --recursive # 依赖 pip install paramiko PyYAML Jinja2 httplib2 six cd ./ansible source ./hacking/env-setup # 如果开启了selinux,需要安装libselinux-pytho...
ansible安装
u014641018的博客
12-20 1751
一、基础介绍 ========================================================================================== 1、简介 ansible是新出现的自动化运维工具,基于Python开发,集合了众多运维工具(puppet、cfengine、chef、func、fabric)的优点,实现了批量系统配置、批量程序部署
sshpass-1.06.tar.gz 安装包及安装说明
12-22
sshpass-1.06.tar.gz 安装包及安装说明
Linux安装ansible过程总结--源码编译方式
qq_43536701的博客
11-05 1252
Linux之安装ansible详细过程 linux下安装部署ansible 介绍 Ansible是一种批量部署工具,现在运维人员用的最多的三种开源集中化管理工具有:puppet,saltstack,ansible,各有各的优缺点,其中saltstack和ansible都是用python开发的。ansible其实准确的说只提供了一个框架,它要基于很多其他的python模块才能工作的,所以在安装ansible的时候你要再装很多其他的依赖包的。 好处之一是使用者可以开发自己的模块,放在里面使用。第二个好处是无需在
Ansible运维的必备工具
weixin_34200628的博客
03-16 80
Ansible是新出现的自动化运维工具,基于Python开发,集合了众多运维工具(puppet、cfengine、chef、func、fabric)的优点,实现了批量系统配置、批量程序部署、批量运行命令等功能。ansible是基于模块工作的,本身没有批量部署的能力。真正具有批量部署的是ansible所运行的模块ansible只是提供一种框架。主要包括:(1)、连接插件connection plu...
运维——ansible基础及实现
运维
05-29 915
ansible概念:是一个配置管理工具,是一个自动化运维工具,通过ssh实现配置管理、            应用部署、任务执行等功能。            基于key验证是实现ansible基础   作用:可以完成一些批量任务或者完成一些需要经常重复的工作        比如:同时在100台服务器上安装服务,并在安装后启动服务                  将某个文件一次性拷贝到100台...
ansible所有模块一览
Yang_J_Y的博客
01-15 1万+
ansible所有的模块均可以在服务器上使用命令进行查看,查看所有模块使用ansible-doc -l 查看模块的参数和用法可以使用anisble-doc -s module 所有模块一览 A a10_server 管理A10 Networks AX / SoftAX / Thunder / vThunder设备 a10_service_group 管理A10网络设备的服务组 a10_virtua...
Ansible的安装、配置及常用模块介绍
AhhSong的博客
12-09 1万+
ansible安装、常用模块
Ansible实践篇(二):Ansible常用系统模块:ping、command、copy、yum、file、user
热门推荐
lichunliang的博客
08-20 3万+
Ansible实践篇(二):Ansible常用系统模块:ping、command、copy、yum、file、user 一、Ansible ping模块 Ansible基础模块是ping模块,主要用于判断远程客户端是否在线,用于ping本身服务器,返回值是changed、ping 使用Ansible ping服务器状态,代码为ansible -k all -m ping 因为我的ans...
ansible安装配置及一些常用模块
神圣坤的博客
06-15 1201
摘要ansible是目前非常火的运维自动化批量管理工具之一saltstackansiblepuppetchefansible和saltstack都是使用python语言写的,而在选择以及使用的过程中,ansible相对saltstack具有以下几个优势使用ssh-key控制agent,无需安装agent配置起来相对简单,学习门槛低并发以及性能方面还是saltstack占优的,不过在小集群(300以...
ansible中playbook基础知识介绍(编译,语法,以及一些简单的脚本)
qq_36417677的博客
03-31 1246
1.playbook简介 前文中,我们介绍了一些ansible的常用模块,聪明如你,一定已经掌握了这些模块的使用方法。 那么现在,我们来想象一个工作场景,看看怎样把之前的知识点应用到这个工作场景中。 假设,我们想要在testB(server3)主机上安装httpd并启动,我们可以在ansible主机中执行如下3条命令 ansible testB -m yum_repository -a 'name...
【学术会议征稿】第十一届电气工程与自动化国际会议 (IFEEA 2024)
最新发布
XIAOAIXUEJIE的博客
07-25 1279
轧制技术及连轧自动化、机械自动化自动化信息技术、电气自动化、新能源系统及控制技术、测控技术与仪器、地理信息和遥感科学、自动控制应用理论、指挥与控制系统工程、控制系统仿真技术、导航制导与控制、机电一体化技术、流体传动与控制、自动化仪器仪表与装置、机器人控制、自动化技术应用、控制科学与技术、信息与系统科学相关工程与技术、线性系统控制、控制和嵌入式系统、无线传感网与数据融合等;这将是一场具有国际性、开放性、创新性的盛会,所有的参会者均享有独特的展示机会和丰富的讨论空间。接受/拒稿通知:投稿后1-2周左右。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值