ansible-adhoc常用模块
1. 查看帮助
ansible-doc -l --- 查看所有模块说明信息
ansible-doc copy --- 表示指定查看某个模块参数用法信息
查看copy模块帮助,使用/EX查看示例
ansible-doc copy
/EX
查看所有模块
ansible-doc -l
查找模块
ansible-doc -l |grep user
2 、command、shell 模块(默认模块, 执行命令)
# 默认模块, 执行命令
[root@centos-7 ~]# ansible xiaopangpang -a "hostname"
10.0.0.13 | CHANGED | rc=0 >>
centos-7.5
[root@centos-7 ~]#
# 如果需要管道操作,则使用shell
[root@centos-7 ~]# ansible xiaopangpang -m shell -a "ifconfig |grep eth0"
10.0.0.13 | CHANGED | rc=0 >>
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
[root@centos-7 ~]#
[root@centos-7 ~]# ansible xiaopangpang -m shell -a "ifconfig |grep eth0" -f 50
10.0.0.13 | CHANGED | rc=0 >>
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
# -f =forks /etc/ansible/ansible.cfg #结果返回的数量
.
3、script 模块(在远程主机执行本地脚本文件)
# 准备脚本
[root@centos-7 ~]# cat /root/yum.sh
#!/usr/bin/bash
yum install -y tree
[root@centos-7 ~]#
#在远程主机执行本地脚本文件
[root@centos-7 ~]# ansible xiaopangpang -m script -a "/root/yum.sh"
10.0.0.13 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 10.0.0.13 closed.\r\n",
"stderr_lines": [
"Shared connection to 10.0.0.13 closed."
],
"stdout": "已加载插件:fastestmirror\r\nLoading mirror speeds from cached hostfile\r\n * base: mirrors.aliyun.com\r\n * extras: mirrors.aliyun.com\r\n * updates: mirrors.aliyun.com\r\n\rbase | 3.6 kB 00:00 \r\n\repel | 4.7 kB 00:00 \r\n\rextras | 2.9 kB 00:00 \r\n\rupdates | 2.9 kB 00:00 \r\n\r(2/2): epel/x86_64/primary 10% [=- ] 0.0 B/s | 829 kB --:-- ETA \r\r(1/2): epel/x86_64/updateinfo | 1.0 MB 00:00 \r\n\r(2/2): epel/x86_64/primary 30% [====- ] 1.5 MB/s | 2.5 MB 00:03 ETA \r\r(2/2): epel/x86_64/primary 44% [======= ] 1.6 MB/s | 3.6 MB 00:02 ETA \r\r(2/2): epel/x86_64/primary 57% [========= ] 1.7 MB/s | 4.6 MB 00:01 ETA \r\r(2/2): epel/x86_64/primary 71% [=========== ] 1.8 MB/s | 5.7 MB 00:01 ETA \r\r(2/2): epel/x86_64/primary 82% [============= ] 1.9 MB/s | 6.6 MB 00:00 ETA \r\r(2/2): epel/x86_64/primary_db | 7.0 MB 00:02 \r\n软件包 tree-1.6.0-10.el7.x86_64 已安装并且是最新版本\r\n无须任何处理\r\n",
"stdout_lines": [
"已加载插件:fastestmirror",
"Loading mirror speeds from cached hostfile",
" * base: mirrors.aliyun.com",
" * extras: mirrors.aliyun.com",
" * updates: mirrors.aliyun.com",
"",
"base | 3.6 kB 00:00 ",
"",
"epel | 4.7 kB 00:00 ",
"",
"extras | 2.9 kB 00:00 ",
"",
"updates | 2.9 kB 00:00 ",
"",
"(2/2): epel/x86_64/primary 10% [=- ] 0.0 B/s | 829 kB --:-- ETA ",
"",
"(1/2): epel/x86_64/updateinfo | 1.0 MB 00:00 ",
"",
"(2/2): epel/x86_64/primary 30% [====- ] 1.5 MB/s | 2.5 MB 00:03 ETA ",
"",
"(2/2): epel/x86_64/primary 44% [======= ] 1.6 MB/s | 3.6 MB 00:02 ETA ",
"",
"(2/2): epel/x86_64/primary 57% [========= ] 1.7 MB/s | 4.6 MB 00:01 ETA ",
"",
"(2/2): epel/x86_64/primary 71% [=========== ] 1.8 MB/s | 5.7 MB 00:01 ETA ",
"",
"(2/2): epel/x86_64/primary 82% [============= ] 1.9 MB/s | 6.6 MB 00:00 ETA ",
"",
"(2/2): epel/x86_64/primary_db | 7.0 MB 00:02 ",
"软件包 tree-1.6.0-10.el7.x86_64 已安装并且是最新版本",
"无须任何处理"
]
}
[root@centos-7 ~]#
4、yum模块 (安装软件)
1)、参数详解
name #指定要安装的软件包名称
state #指定使用yum的方法
installed,present #安装软件包
removed,absent #移除软件包
latest #安装最新软件包
2)例:安装httpd服务
[root@centos-7 ~]# ansible xiaopangpang -m yum -a "name=httpd state=present"
10.0.0.13 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"msg": "",
"rc": 0,
"results": [
"httpd-2.4.6-97.el7.centos.2.x86_64 providing httpd is already installed"
]
}
[root@centos-7 ~]#
3)例:安装最新的httpd服务
[root@centos-7 ~]# ansible xiaopangpang -m yum -a "name=httpd state=latest"
10.0.0.13 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"changes": {
"installed": [],
"updated": []
},
"msg": "",
"obsoletes": {
"grub2-tools": {
"dist": "x86_64",
"repo": "@anaconda",
"version": "1:2.02-0.65.el7.centos.2"
},
"iwl7265-firmware": {
"dist": "noarch",
"repo": "@anaconda",
"version": "22.0.7.0-62.el7"
}
},
"rc": 0,
"results": [
"All packages providing httpd are up to date",
""
]
}
[root@centos-7 ~]#
4)例:移除httpd服务
[root@centos-7 ~]# ansible xiaopangpang -m yum -a "name=httpd state=absent"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"changes": {
"removed": [
"httpd"
]
},
"msg": "",
"rc": 0,
"results": [
"已加载插件:fastestmirror\n正在解决依赖关系\n--> 正在检查事务\n---> 软件包 httpd.x86_64.0.2.4.6-97.el7.centos.2 将被 删除\n--> 解决依赖关系完成\n\n依赖关系解决\n\n================================================================================\n Package 架构 版本 源 大小\n================================================================================\n正在删除:\n httpd x86_64 2.4.6-97.el7.centos.2 @updates 9.4 M\n\n事务概要\n================================================================================\n移除 1 软件包\n\n安装大小:9.4 M\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n 正在删除 : httpd-2.4.6-97.el7.centos.2.x86_64 1/1 \n警告:/etc/httpd/conf/httpd.conf 已另存为 /etc/httpd/conf/httpd.conf.rpmsave\n 验证中 : httpd-2.4.6-97.el7.centos.2.x86_64 1/1 \n\n删除:\n httpd.x86_64 0:2.4.6-97.el7.centos.2 \n\n完毕!\n"
]
}
[root@centos-7 ~]#
5、copy 模块(复制文件)
1)、参数详解
src #推送数据的源文件信息
dest #推送数据的目标路径
backup #对推送传输过去的文件,进行备份
content #直接批量在被管理端文件中添加内容
group #将本地文件推送到远端,指定文件属组信息
owner #将本地文件推送到远端,指定文件属主信息
mode #将本地文件推送到远端,指定文件权限信息
2)例:将本地文件/root/yum.sh复制到被控端主机的/root/目录下
[root@centos-7 ~]# ansible xiaopangpang -m copy -a "src=/root/yum.sh dest=/root/"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "7a67fc4b67d13f608ac682b3e5ecaf50f3b29c3c",
"dest": "/root/yum.sh",
"gid": 0,
"group": "root",
"md5sum": "bd06cb9b5dd77d8c735dd8f77d2c96d9",
"mode": "0644",
"owner": "root",
"size": 36,
"src": "/root/.ansible/tmp/ansible-tmp-1640677673.21-34072-173084680086398/source",
"state": "file",
"uid": 0
}
[root@centos-7 ~]#
3)例:向被控端写入数据信息,并且会覆盖远端文件内原有数据信息
[root@centos-7 ~]# ansible xiaopangpang -m copy -a "content="pangpang" dest=/root/1.txt"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "f0c624dec0ec5eee6e576610c61ed6551b867621",
"dest": "/root/1.txt",
"gid": 0,
"group": "root",
"md5sum": "d86d4aed81d08fb4d182172b34365120",
"mode": "0644",
"owner": "root",
"size": 8,
"src": "/root/.ansible/tmp/ansible-tmp-1640679018.2-35252-25646029759907/source",
"state": "file",
"uid": 0
}
[root@centos-7 ~]#
6、user,group 模块(创建用户,用户组)
例1、创建news用户组,gid是9999
[root@centos-7 ~]# ansible xiaopangpang -m group -a "name=news gid=9999 state=present "
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 9999,
"name": "news",
"state": "present",
"system": false
}
[root@centos-7 ~]#
例2、创建http的系统用户组,指定gid为8888
[root@centos-7 ~]# ansible xiaopangpang -m group -a "name=http gid=8888 system=yes state=present "
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 8888,
"name": "http",
"state": "present",
"system": true
}
[root@centos-7 ~]#
例3、删除news用户组
[root@centos-7 ~]# ansible xiaopangpang -m group -a "name=news state=absent "
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "news",
"state": "absent"
}
[root@centos-7 ~]#
[root@centos-7 ~]#
例4、创建用户组pangpang,指定gid是1041
[root@centos-7 ~]# ansible xiaopangpang -m group -a "name=pangpang gid=1041 "
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 1041,
"name": "pangpang",
"state": "present",
"system": false
}
[root@centos-7 ~]#
例5、创建用户joh,uid为1040,用户组是adm
[root@centos-7 ~]# ansible xiaopangpang -m user -a "name=joh uid=1040 group=adm"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 4,
"home": "/home/joh",
"name": "joh",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1040
}
例6、创建用户joh,登录shell是/sbin/nologin,追加用户组bin,sys
[root@centos-7 ~]# ansible xiaopangpang -m user -a "name=joh shell=/sbin/nologin groups=bin,sys"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"append": false,
"changed": true,
"comment": "",
"group": 4,
"groups": "bin,sys",
"home": "/home/joh",
"move_home": false,
"name": "joh",
"shell": "/sbin/nologin",
"state": "present",
"uid": 1040
}
[root@centos-7 ~]#
例7、创建用户jsm,设置密码为DtDream@0209,并创建用户家目录
[root@centos-7 ~]# ansible localhost -m debug -a "msg={{ 'DtDream@0209' | password_hash('sha512','salt') }}"
localhost | SUCCESS => {
"msg": "$6$salt$A1a/3kGedoc9XnGMYRIwSE59w8n2y34b2kSfhNPmed91bfin3.TwDteCtg8rPGMXyQYWHSclgI0TArGCI3d6t."
}
[root@centos-7 ~]#
[root@centos-7 ~]# ansible xiaopangpang -m user -a 'name=jsm password=$6$salt$A1a/3kGedoc9XnGMYRIwSE59w8n2y34b2kSfhNPmed91bfin3.TwDteCtg8rPGMXyQYWHSclgI0TArGCI3d6t. create_home=yes'
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"append": false,
"changed": true,
"comment": "",
"group": 1042,
"home": "/home/jsm",
"move_home": false,
"name": "jsm",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"state": "present",
"uid": 1041
}
[root@centos-7 ~]#
例8、移除joh用户并删除家目录
[root@centos-7 ~]# ansible xiaopangpang -m user -a "name=joh state=absent remove=yes"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"force": false,
"name": "joh",
"remove": true,
"state": "absent"
}
[root@centos-7 ~]#
例9、创建http用户,并创建2048字节的私钥,存放在~/http/.ssh/id_rsa
[root@centos-7 ~]# ansible xiaopangpang -m user -a "name=http generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1043,
"home": "/home/http",
"name": "http",
"shell": "/bin/bash",
"ssh_fingerprint": "2048 SHA256:l2A91sxu9djXsigUGYxK5NppA62PiamunQGh469gtis ansible-generated on centos-7.5 (RSA)",
"ssh_key_file": "/home/http/.ssh/id_rsa",
"ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOvVnjtrlA3hbc7beWvoM0zNdovOHFqScabXuu7TXCzRqnM1aB68UkF3MavpO41uVkz5afsbB1kzM8/PvPToSabtT+MXIdqx2etpRWgQG5+Qpj/QAAePOoYUV35gE6zsCXMt4FN+LZKEt2DKiIFdrvTf3n2/SXIfSbiOOLsvgZ4HjOVY343THWv/79yMQTWS/+WORjXTUaCgCXFitDjo7KkVy4TLSYcY47rIDWP6cWaCWxfKpDtdKWt/zK6pQoiUNKD5KuC4EyejsM9DKwNMikocioKJmURilOrQd3ofrtJe+Na78fmW4mr7QK4XE6FYOaAn4+QsWuPJOZch+Uun5Z ansible-generated on centos-7.5",
"state": "present",
"system": false,
"uid": 1042
}
[root@centos-7 ~]#
7、file 模块
1、参数详解
path #指定远程主机目录或文件信息
recurse #递归授权
state
directory #在远端创建目录
touch #在远端创建文件
link #link或hard表示创建链接文件
absent #表示删除文件或目录
mode #设置文件或目录权限
owner #设置文件或目录属主信息
group #设置文件或目录属组信息
例1、在/data/下创建目录xj
[root@centos-7 ~]# ansible xiaopangpang -m file -a "path=/data/xj state=directory"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/data/xj",
"size": 6,
"state": "directory",
"uid": 0
}
[root@centos-7 ~]#
例2、在/data/xj目录下创建权限555,用户和用户组为root的文件xiaopangpang.txt
[root@centos-7 ~]# ansible xiaopangpang -m file -a "path=/data/xj/xiaopangpang.txt mode=555 owner=root group=root state=touch"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/data/xj/xiaopangpang.txt",
"gid": 0,
"group": "root",
"mode": "0555",
"owner": "root",
"size": 0,
"state": "file",
"uid": 0
}
[root@centos-7 ~]#
例3、给/data/xj/xiaopangpang.txt创建链接文件
[root@centos-7 ~]# ansible xiaopangpang -m file -a "src=/data/xj/xiaopangpang.txt path=//data/xj/xiaopangpang.txt_link state=link"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "//data/xj/xiaopangpang.txt_link",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"size": 25,
"src": "/data/xj/xiaopangpang.txt",
"state": "link",
"uid": 0
}
[root@centos-7 ~]#
[root@centos-7 ~]# ansible xiaopangpang -m file -a "src=/data/xj/xiaopangpang.txt path=/tmp/yy_link state=link"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/tmp/yy_link",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"size": 25,
"src": "/data/xj/xiaopangpang.txt",
"state": "link",
"uid": 0
}
[root@centos-7 ~]#
例4、删除链接文件/tmp/yy_link
[root@centos-7 ~]# ansible xiaopangpang -m file -a "path=/tmp/yy_link state=absent"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "/tmp/yy_link",
"state": "absent"
}
[root@centos-7 ~]#
8、service 模块(服务模块)
1、参数详解
started 启动
stopped 停止
restarted 重启
例1、启动httpd服务
[root@centos-7 ~]# ansible xiaopangpang -m service -a "name=httpd state=started"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "httpd",
"state": "started",
}
}
[root@centos-7 ~]#
例2、停止httpd服务
[root@centos-7 ~]# ansible xiaopangpang -m service -a "name=httpd state=stopped"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "httpd",
"state": "stopped",
"status": {
}
}
[root@centos-7 ~]#
例3、重启httpd服务
[root@centos-7 ~]# ansible xiaopangpang -m service -a "name=httpd state=restarted"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "httpd",
"state": "started",
"status": {
}
}
[root@centos-7 ~]#
9、cron 模块(定时任务)
例1、添加定时任务,* * * * * ls >/dev/null
[root@centos-7 ~]# ansible xiaopangpang -m cron -a "name=111 job='ls >/dev/null'"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"111"
]
}
[root@centos-7 ~]#
例2、添加定时任务,0 5,2 * * * ls >/dev/null
[root@centos-7 ~]# ansible xiaopangpang -m cron -a "name=222 job='ls >/dev/null' minute=0 hour=5,2"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"111",
"222"
]
}
[root@centos-7 ~]#
例3、删除定时任务,0 5,2 * * * ls >/dev/null
[root@centos-7 ~]# ansible xiaopangpang -m cron -a "name=222 job='ls >/dev/null' minute=0 hour=5,2 state=absent"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"111"
]
}
[root@centos-7 ~]#
例4、注释定时任务,0 5,2 * * * ls >/dev/null
[root@centos-7 ~]# ansible xiaopangpang -m cron -a "name=222 job='ls >/dev/null' minute=0 hour=5,2 disabled=yes"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"111",
"222"
]
}
[root@centos-7 ~]#
10、mount 模块(挂载模块)
1、参数详解
present # 开机挂载,仅将挂载配置写入/etc/fstab --------临时
mounted # 挂载设备,并将配置写入/etc/fstab --------永久
unmounted # 卸载设备,不会清除/etc/fstab写入的配置 --------临时
absent # 卸载设备,会清理/etc/fstab写入的配置 --------永久
例1、挂载光盘,present只写到配置文件/etc/fstab中
[root@centos-7 ~]# ansible xiaopangpang -m mount -a "src=/dev/sr0 path=/mnt/dvd fstype=iso9660 opts=ro,noauto state=present"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dump": "0",
"fstab": "/etc/fstab",
"fstype": "iso9660",
"name": "/mnt/dvd",
"opts": "ro,noauto",
"passno": "0",
"src": "/dev/sr0"
}
[root@centos-7 ~]#
例2、卸载光盘,unmounted只卸载挂载的磁盘,不会删除配置文件/etc/fstab中的信息
[root@centos-7 ~]# ansible xiaopangpang -m mount -a "src=/dev/sr0 path=/mnt/dvd fstype=iso9660 opts=ro,noauto state=unmounted"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dump": "0",
"fstab": "/etc/fstab",
"fstype": "iso9660",
"name": "/mnt/dvd",
"opts": "ro,noauto",
"passno": "0",
"src": "/dev/sr0"
}
[root@centos-7 ~]#
例3、挂载光盘,mounted既挂载光盘,也会写到配置文件/etc/fstab中
[root@centos-7 ~]# ansible xiaopangpang -m mount -a "src=/dev/sr0 path=/mnt/dvd fstype=iso9660 opts=ro,noauto state=mounted"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dump": "0",
"fstab": "/etc/fstab",
"fstype": "iso9660",
"name": "/mnt/dvd",
"opts": "ro,noauto",
"passno": "0",
"src": "/dev/sr0"
}
[root@centos-7 ~]#
例4、卸载光盘,absent既卸载光盘,也会清除配置文件/etc/fstab中的信息
[root@centos-7 ~]# ansible xiaopangpang -m mount -a "src=/dev/sr0 path=/mnt/dvd fstype=iso9660 opts=ro,noauto state=absent"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dump": "0",
"fstab": "/etc/fstab",
"fstype": "iso9660",
"name": "/mnt/dvd",
"opts": "ro,noauto",
"passno": "0",
"src": "/dev/sr0"
}
[root@centos-7 ~]#
11、selinux 模块
例1、禁用selinux
[root@centos-7 ~]# ansible xiaopangpang -m selinux -a "policy=targeted state=disabled"
10.0.0.13 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"configfile": "/etc/selinux/config",
"msg": "",
"policy": "targeted",
"reboot_required": false,
"state": "disabled"
}
[root@centos-7 ~]#
12、firewalld 模块
例1、对外放开https服务,需要重启下才能生效
[root@centos-7 ~]# ansible xiaopangpang -m firewalld -a "service=https permanent=yes state=enabled"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"msg": "Permanent operation, Changed service https to enabled"
}
[root@centos-7 ~]#
例2、对外放开8081端口,需要重启下才能生效
[root@centos-7 ~]# ansible xiaopangpang -m firewalld -a "permanent=yes port=8081/tcp state=enabled"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"msg": "Permanent operation, Changed port 8081/tcp to enabled"
}
[root@centos-7 ~]#
例3、对外放开8081-8090端口,不用重启直接生效
[root@centos-7 ~]# ansible xiaopangpang -m firewalld -a "zone=public permanent=yes port=8081-8091/tcp immediate=yes state=enabled"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"msg": "Permanent and Non-Permanent(immediate) operation, Changed port 8081-8091/tcp to enabled"
}
[root@centos-7 ~]#
例4、关闭放开的8081-8090端口,不用重启直接生效
[root@centos-7 ~]# ansible xiaopangpang -m firewalld -a "zone=public permanent=yes port=8081-8091/tcp immediate=yes state=disabled"
10.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"msg": "Permanent and Non-Permanent(immediate) operation, Changed port 8081-8091/tcp to disabled"
}
[root@centos-7 ~]#
13、unarchive
功能:解压缩,这个模块有两种用法:
1、将ansible主机上的压缩包在本地解压缩后传到远程主机上,这种情况下,copy=yes. 本地解压缩,解压缩位置不是默认的目录,没找到或传完删了 后传到远程主机
2、将远程主机上的某个压缩包解压缩到指定路径下。这种情况下,需要设置copy=no 远程主机上面的操作,不涉及ansible服务端
1、参数详解
copy:默认为yes,当copy=yes,那么拷贝的文件是从ansible主机复制到远程主机上的,如果设置为copy=no,那么会在远程主机上寻找src源文件
src:源路径,可以是ansible主机上的路径,也可以是远程主机上的路径,如果是远程主机上的路径,则需要设置copy=no
dest:远程主机上的目标路径
mode:设置解压缩后的文件权限
例1、将本地mysql-5.7.35.tgz文件传输到远程主机并解压
[root@centos-7 ~/ansible-deployment]# ansible test -m unarchive -a "src=/root/ansible-deployment/roles/mysql/files/mysql-5.7.35.tgz dest=/root/ remote_src=no" -i hosts.yml
[WARNING]: Invalid characters were found in group names but not replaced, use -vvvv to see details
10.0.0.16 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/root/",
"extract_results": {
"cmd": [
"/usr/bin/gtar",
"--extract",
"-C",
"/root/",
"-f",
"/root/.ansible/tmp/ansible-tmp-1641373405.91-20715-92181865004322/source"
],
"err": "",
"out": "",
"rc": 0
},
"gid": 0,
"group": "root",
"handler": "TarArchive",
"mode": "0550",
"owner": "root",
"size": 199,
"src": "/root/.ansible/tmp/ansible-tmp-1641373405.91-20715-92181865004322/source",
"state": "directory",
"uid": 0
}
[root@centos-7 ~/ansible-deployment]#