程序自动化–ansible
自动化优点:减轻运维人员的工作压力 提高工作效率 实现批量部署
ansible的介绍与特点:
介绍
ansible是一款自动化运维工具,基于Python开发,可以实现批量系统设置、批量程序部署、批量执行命令等功能。
Ansible默认通过SSH协议管理机器,因此,客户端无需任何配置,管理端配置好后即可使用。
Ansible目前属于Redhat公司
特点
1.无客户端模式 只在服务器端安装服务
2.通过ssh协议与客户端进行联系(ssh端口是22)
3.服务器端分发任务使用模块来实现
4.应用代码自动化部署
5.系统管理配置自动化
6.支持持续交付自动化
7.支持云计算,大数据平台环境
8.批量任务执行可以写成脚本,不用分发到远程就可以执行
9.支持非root用户管理操作,支持sudo
10.使用python编写,维护更简单。
详情请参考:www.ansible.com
ansible原理
解析:
核心:ansible
核心模块(Core Modules):这些都是ansible自带的模块
扩展模块(Custom Modules):如果核心模块不足以完成某种功能,可以添加扩展模块
插件(Plugins):完成模块功能的补充
剧本(Playbooks):ansible的任务配置文件,将多个任务定义在剧本中,由ansible自动执行
连接插件(Connectior Plugins):ansible基于连接插件连接到各个主机上,虽然ansible是使用ssh连接到各个主机的,但是它还支持其他的连接方法,所以需要有连接插件
主机群(Host Inventory):定义ansible管理的主机
安装及操作
- 准备
主机 | IP |
---|---|
操控端 | 192.168.20.224 |
被控端 | 192.168.20.222 |
被控端 | 192.168.20.223 |
- 安装
方便起见(没有安装包的)这里采用网络yum
- 向上图如果显示没有ansible包则需要安装扩展源—epel-release
- 安装扩展源过后则可安装ansible(网络yum安装会慢一些)
…
- 操作
- ansible和远程主机有连接是因为ssh协议
- ansible要对远程主机进行免密登录
- 免密登录的原理:
主控端生成一对密钥,将公钥传递到远程主机上,当主控端想要连接远程
主机时,远程主机会随机发送一串字符给主控端,主控端将这串字符用私
钥加密,返回给远程主机,远程主机使用公钥将加密的字符解密,如果和
自己生成的字符一致,则验证通过,可以进行登录
1.创建密钥
[root@localhost ~]# ssh-keygen ##四次回车即可
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
ca:de:26:d0:d6:cb:a0:11:75:c4:24:08:a2:ea:af:6a root@localhost.localdomain
The key's randomart image is:
+--[ RSA 2048]----+
|. .. ..+o |
|.. . ..o |
|. . . |
|. . |
|. o .S |
|. o.+.. |
| . =oo . |
| E. ....+ |
|+... .o. |
+-----------------+
[root@localhost ~]# cd /root/.ssh/
[root@localhost .ssh]# ls
id_rsa id_rsa.pub
#id_rsa:私钥
#id_rsa.pub:公钥
2.传输公钥到远程主机上
被控端验证(192.168.20.222/192.168.20.223):
[root@localhost ~]# ls /root/.ssh/
authorized_keys
#authorized_keys:传输过来的公钥
控制端验证(192.168.20.224):
[root@localhost .ssh]# ssh root@192.168.20.223
Last login: Fri Dec 13 04:43:15 2019
[root@localhost ~]# exit
登出
Connection to 192.168.20.223 closed.
[root@localhost .ssh]# ssh root@192.168.20.222
Last login: Wed Apr 29 11:59:40 2020
[root@localhost ~]# exit
登出
Connection to 192.168.20.222 closed.
//经结果表明已实现免密登录
3添加主机到主机清单中(/etc/ansible/hosts)
[root@localhost .ssh]# vim /etc/ansible/hosts
//**文件末尾追加**
[webserver]
192.168.20.222
192.168.20.223
[dbserver]
192.168.20.222
//[webserver],[dbserver]:清单名称(不可重复)
4使用模块对后端主机进行操作的命令格式
//格式:
ansible hosts(清单名称)-m module_name(模块名)-a job(对后端主机进行什么样的操作)
//ansible的执行结果
绿色 执行成功
红色 执行失败
黄色 执行成功 并且对后端的主机进行了修改
紫色 警告
//列出ansible所有的模块:(q-退出)
[root@localhost ansible]# ansible-doc -l -l
//查看模块的帮助信息:
[root@localhost ansible]# ansible-doc -s ping(模块名称)
模块
ansible常用模块 |
---|
命令模块 — command ,shell |
文件模块 — copy,fetch,file |
安装模块 — yum |
服务模块 — service |
挂载模块 — mount |
定时任务 — cron |
用户模块 — group,user |
压缩模块 — unarchive |
测试 — ping |
模块解析
- ping
PING | 测试主控端和远程主机是否能够连通 |
---|
[root@localhost .ssh]# ansible webserver -m ping
192.168.20.223 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
192.168.20.222 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
- command
命令模块:在远程主机上执行指定的命令 不能使用 “ | > >>”等特殊的符号。
参数 | 作用 |
---|---|
chdir | 在执行命令前,进入到指定目录中 |
creates | 判断指定文件是否存在,如果存在,不执行后面的操作 |
removes | 判断指定文件是否存在,如果存在,执行后面的操作 |
free_form | 必须要输入一个合理的命令 |
示例:
[root@localhost .ssh]# ansible all -m command -a "ls /home"
192.168.20.223 | CHANGED | rc=0 >>
xixi
192.168.20.222 | CHANGED | rc=0 >>
lw
//清单名可为all代表所有主机清单中的主机
//参数-chdir
[root@localhost .ssh]# ansible all -m command -a "chdir=/ll ls"
192.168.20.222 | CHANGED | rc=0 >>
123
192.168.20.223 | CHANGED | rc=0 >>
123
//参数-creates
[root@localhost .ssh]# ansible all -m command -a "creates=/etc/fstab ls /home"
192.168.20.222 | SUCCESS | rc=0 >>
skipped, since /etc/fstab exists
192.168.20.223 | SUCCESS | rc=0 >>
skipped, since /etc/fstab exists
//参数-removes
[root@localhost .ssh]# ansible all -m command -a "removes=/etc/fstab ls /home"
192.168.20.222 | CHANGED | rc=0 >>
lw
192.168.20.223 | CHANGED | rc=0 >>
xixi
- shell
shell是commend模块的升级版,可以使用“ |,> ,>> ”等特殊符号,又被称为“万能模块”
[root@localhost .ssh]# ansible all -m shell -a "echo '123456'"
192.168.20.223 | CHANGED | rc=0 >>
123456
192.168.20.222 | CHANGED | rc=0 >>
123456
- user
远程批量修用户信息
参数 | 作用 |
---|---|
name | 指定用户名,如果用户不存在则创建该用户 |
password | 给用户添加密码、修改密码,添加密码的时候只能识别加密后的字符 |
uid | 指定用户的uid |
group | 指定用户的基本组 |
groups | 指定用户的附加组 |
append=yes | 增量增加附加组 相当于把用户添加到另一个附加组中 |
append=no | 全量添加附加组 相当于只设置一个附加组 |
示例
//参数-name
[root@localhost .ssh]# ansible all -m shell -a "tail -2 /etc/passwd"
192.168.20.223 | CHANGED | rc=0 >>
apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin
zs:x:1001:1001::/home/zs:/bin/bash
192.168.20.222 | CHANGED | rc=0 >>
lw:x:1000:1000:lw:/home/lw:/bin/bash
zs:x:1001:1001::/home/zs:/bin/bash
[root@localhost .ssh]# ansible 192.168.20.222 -m user -a "name=zs groups=lw"
192.168.20.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"append": false,
"changed": true,
"comment": "",
"group": 1001,
"groups": "lw",
"home": "/home/zs",
"move_home": false,
"name": "zs",
"shell": "/bin/bash",
"state": "present",
"uid": 1001
- group
远程批量修改组信息
参数 | 选项 | 作用 |
---|---|---|
name | 指定组,如果组不存在则创建 | |
gid | 修改、指定用户的gid | |
state | absent | 删除指定的组 |
state | present | 创建指定的组 |
示例:
//参数-name
//查看原先的组:
[root@localhost .ssh]# ansible all -m shell -a "tail -1 /etc/group"
192.168.20.223 | CHANGED | rc=0 >>
zs:x:1001:
192.168.20.222 | CHANGED | rc=0 >>
zs:x:1001:
//创建组:ls
[root@localhost .ssh]# ansible all -m group -a "name=ls"
192.168.20.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 1002,
"name": "ls",
"state": "present",
"system": false
}
192.168.20.223 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 1002,
"name": "ls",
"state": "present",
"system": false
}
//验证:
[root@localhost .ssh]# ansible all -m shell -a "tail -1 /etc/group "
192.168.20.223 | CHANGED | rc=0 >>
ls:x:1002:
192.168.20.222 | CHANGED | rc=0 >>
ls:x:1002:
//参数-gid
#a查看ls组原gid(1002)
[root@localhost .ssh]# ansible all -m shell -a "tail -1 /etc/group"
192.168.20.223 | CHANGED | rc=0 >>
ls:x:1002:
192.168.20.222 | CHANGED | rc=0 >>
ls:x:1002:
#a修改ls组gid为1003
[root@localhost .ssh]# ansible all -m group -a "name=ls gid=1003"
192.168.20.223 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 1003,
"name": "ls",
"state": "present",
"system": false
}
192.168.20.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 1003,
"name": "ls",
"state": "present",
"system": false
}
#a查看ls组修改后的gid(1003)
[root@localhost .ssh]# ansible all -m shell -a "tail -1 /etc/group"
192.168.20.222 | CHANGED | rc=0 >>
ls:x:1003:
192.168.20.223 | CHANGED | rc=0 >>
ls:x:1003:
//参数-state 选项-absent
#a查看原有组:
[root@localhost .ssh]# ansible all -m shell -a "tail -2 /etc/group"
192.168.20.223 | CHANGED | rc=0 >>
zs:x:1001:
ls:x:1003:
192.168.20.222 | CHANGED | rc=0 >>
zs:x:1001:
ls:x:1003:
#a删除ls组:
[root@localhost .ssh]# ansible all -m group -a "state=absent name=ls"
192.168.20.223 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "ls",
"state": "absent"
}
192.168.20.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "ls",
"state": "absent"
}
#a查看远程主机上的ls组是否删除:
[root@localhost .ssh]# ansible all -m shell -a "tail -2 /etc/group"
192.168.20.223 | CHANGED | rc=0 >>
apache:x:48:
zs:x:1001:
192.168.20.222 | CHANGED | rc=0 >>
lw:x:1000:zs
zs:x:1001:
//参数-state 选项-present
#a上述模块得知ls组已被删除!
[root@localhost .ssh]# ansible all -m group -a "state=present name=ls"
192.168.20.223 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 1002,
"name": "ls",
"state": "present",
"system": false
}
192.168.20.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 1002,
"name": "ls",
"state": "present",
"system": false
}
#a查看ls组是否已创建
[root@localhost .ssh]# ansible all -m shell -a "tail -2 /etc/group"
192.168.20.223 | CHANGED | rc=0 >>
zs:x:1001:
ls:x:1002:
192.168.20.222 | CHANGED | rc=0 >>
zs:x:1001:
ls:x:1002:
- script
在远程主机上执行控制端的脚本
参数 | 作用 |
---|---|
chdir | 切换目录 |
creates | 判断指定文件是否存在,如果存在,不执行后面的操作 |
removes | 判断指定文件是否存在,如果存在,执行后面的操作 |
示例:
//参数-chdir、creates、removes
#a首先创建一个脚本
[root@localhost ~]# vim test.sh
#!/bin/bash
cd /usr
ls | grep src
#a赋予脚本执行权限
[root@localhost ~]# chmod +x test.sh
#a#其他目录下 脚本要写绝对路径
[root@localhost]# ansible all -m script -a "creates=/etc/fstab chdir=/root test.sh"
192.168.20.223 | SKIPPED
192.168.20.222 | SKIPPED
[root@localhost]# ansible all -m script -a "removes=/etc/fstab chdir=/root test.sh"
192.168.20.223 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.20.223 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.20.223 closed."
],
"stdout": "src\r\n",
"stdout_lines": [
"src"
]
}
192.168.20.222 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.20.222 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.20.222 closed."
],
"stdout": "src\r\n",
"stdout_lines": [
"src"
]
}
- setup
查看远程主机上自带的变量
参数 | 作用 |
---|---|
filter | 过滤 |
示例:
[root@localhost .ssh]# ansible all -m setup -a "filter=ansible_all_ipv4_addresses"
192.168.20.223 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.122.1",
"192.168.20.223"
],
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false
}
192.168.20.222 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.122.1",
"192.168.20.222"
],
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false
}
- copy
将控制端的文件(非空目录)复制到被控端
参数 | 选项 | 作用 |
---|---|---|
src | 要复制文件的路径 (源文件) | |
dest | 将文件复制到目标主机的位置 | |
force | no | 当主控端拷贝的文件和远程主机上的文件名一致时 ,但是内容不一致,则不会覆盖 会放弃拷贝 |
backup | yes | 当主控端拷贝的文件和远程主机上的文件名一致时 ,但是内容不一致,会覆盖 但是会对远程主机的文件进行备份 |
owner | 指定文件的属主 | |
group | 指定文件的属组 | |
mode | 指定文件的权限 |
示例:
//参数-owner、group、mode
[root@localhost ~]# ansible 192.168.20.222 -m copy -a "src=/root/lllll dest=/ owner=lw group=ls mode=777"
192.168.20.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709",
"dest": "/lllll",
"gid": 1002,
"group": "ls",
"md5sum": "d41d8cd98f00b204e9800998ecf8427e",
"mode": "0777",
"owner": "lw",
"secontext": "system_u:object_r:etc_runtime_t:s0",
"size": 0,
"src": "/root/.ansible/tmp/ansible-tmp-1591863871.71-60833-8020877382423/source",
"state": "file",
"uid": 1000
}
#a验证
[root@localhost ~]# ansible 192.168.20.222 -m shell -a "ls -l /lllll"
192.168.20.222 | CHANGED | rc=0 >>
-rwxrwxrwx. 1 lw ls 0 6月 11 16:24 /lllll
- yum
在远程主机上使用yum安装软件 远程主机上要提前配置好yum
参数 | 选项 | 作用 |
---|---|---|
name | 指定服务名 | |
state | installed | 安装软件包 |
state | removed | 卸载软件包 |
示例:
//参数-name、state
#a远程安装httpd服务
[root@localhost ~]# ansible 192.168.20.223 -m yum -a "name=httpd state=installed"
192.168.20.223 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"msg": "",
"rc": 0,
"results": [
"httpd-2.4.6-45.el7.centos.x86_64 providing httpd is already installed"
]
}
#a远程卸载httpd服务
[root@localhost ~]# ansible 192.168.20.223 -m yum -a "name=httpd state=removed"192.168.20.223 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"changes": {
"removed": [
"httpd"
]
},
"msg": "",
"rc": 0,
"results": [
"已加载插件:fastestmirror, langpacks\n正在解决依赖关系\n--> 正在检查事务\n---> 软件包 httpd.x86_64.0.2.4.6-45.el7.centos 将被 删除\n--> 解决依赖关系完成\n\n依赖关系解决\n\n================================================================================\n Package 架构 版本 源 大小\n================================================================================\n正在删除:\n httpd x86_64 2.4.6-45.el7.centos @lo 9.4 M\n\n事务概要\n================================================================================\n移除 1 软件包\n\n安装大小:9.4 M\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n 正在删除 : httpd-2.4.6-45.el7.centos.x86_64 1/1 \n 验证中 : httpd-2.4.6-45.el7.centos.x86_64 1/1 \n\n删除:\n httpd.x86_64 0:2.4.6-45.el7.centos \n\n完毕!\n"
]
}
- service
参数 | 选项 | 作用 |
---|---|---|
name | 指定服务名 | |
state | started | 开启服务 |
state | stopped | 关闭服务 |
state | reloaded | 重新加载服务 |
state | restarted | 重启服务 |
enabled | yes | 开机自启 |
示例:
//开启远程主机httpd服务
[root@localhost ~]# ansible 192.168.20.223 -m service -a "state=started name=httpd"
192.168.20.223 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "httpd",
"state": "started",
"status": {
"ActiveEnterTimestampMonotonic": "0",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "inactive",
"After": "tmp.mount systemd-journald.socket system.slice -.mount remote-fs.target network.target basic.target nss-lookup.target",
......//内容过多省略了
//查看服务是否开启
[root@localhost ~]# ansible 192.168.20.223 -m shell -a "netstat -anput | grep httpd"
192.168.20.223 | CHANGED | rc=0 >>
tcp6 0 0 :::80 :::* LISTEN 55110/httpd
//其他参数操作类似,结果省略了
#a关闭服务a
[root@localhost ~]# ansible 192.168.20.223 -m service -a "state=stopped name=httpd"
#a查看服务是否关闭a
[root@localhost ~]# ansible 192.168.20.223 -m shell -a "netstat -anput | grep httpd"
#a重启服务a
[root@localhost ~]# ansible 192.168.20.223 -m service -a "state=restarted name=httpd"
#a重新加载服务a
[root@localhost ~]# ansible 192.168.20.223 -m service -a "state=reloaded name=httpd"
#a将服务设置为开机自启a
[root@localhost ~]# ansible 192.168.20.223 -m service -a "enabled=yes name=httpd"
#a查看服务是否在开机自启列表中a
[root@localhost ~]# ansible all -m shell -a "systemctl is-enabled httpd"
- file
参数 | 选项 | 作用 |
---|---|---|
path | 指定路径 | |
state | touch | 创建文件 |
state | directory | 创建目录 |
state | link | 创建软连接 |
state | hard | 创建硬链接 |
state | src | 指定远程主机上的源文件 |
state | path(date) | 指定远程主机上链接的位置 |
state | absent | 删除文件或目录 |
owner | 修改或指定属主 | |
group | 修改或指定属组 | |
mode | 修改或指定权限 |
示例:
//在/下创建22222目录
[root@localhost ~]# ansible all -m file -a "state=directory path=/222222"
192.168.20.223 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/222222",
"secontext": "unconfined_u:object_r:default_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
192.168.20.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/222222",
"secontext": "unconfined_u:object_r:default_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
//查看创建的目录
[root@localhost ~]# ansible all -m shell -a "ls / |grep ^2 "
192.168.20.222 | CHANGED | rc=0 >>
222222
192.168.20.223 | CHANGED | rc=0 >>
222222
//创建文件
[root@localhost ~]# ansible all -m file -a "state=touch path=/222222/333333"192.168.20.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/222222/333333",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:default_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
192.168.20.223 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/222222/333333",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:default_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
//查看远程主机上创建的文件
[root@localhost ~]# ansible all -m shell -a "ls /222222 "
192.168.20.222 | CHANGED | rc=0 >>
333333
192.168.20.223 | CHANGED | rc=0 >>
333333
//link-软连接
[root@localhost ~]# ansible all -m file -a "state=link src=/usr/src/zs path=/usr/src/heihei"
192.168.20.223 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/usr/src/heihei",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 11,
"src": "/usr/src/zs",
"state": "link",
"uid": 0
}
192.168.20.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/usr/src/heihei",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 11,
"src": "/usr/src/zs",
"state": "link",
"uid": 0
}
//查看软连接是否成功
[root@localhost ~]# ansible all -m shell -a "ls /usr/src/"
192.168.20.223 | CHANGED | rc=0 >>
debug #
heihei #软连接文件
kernels
zs #源文件
192.168.20.222 | CHANGED | rc=0 >>
debug
heihei
kernels
zs
//hard-硬链接
[root@localhost ~]# ansible all -m file -a "state=hard src=/usr/src/zs/ls path=/usr/src/haha"
192.168.20.223 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/usr/src/haha",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 0,
"src": "/usr/src/zs/ls",
"state": "hard",
"uid": 0
}
192.168.20.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/usr/src/haha",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 0,
"src": "/usr/src/zs/ls",
"state": "hard",
"uid": 0
}
//查看软连接是否成功
[root@localhost ~]# ansible all -m shell -a "ls /usr/src/"192.168.20.223 | CHANGED | rc=0 >>
debug
haha #硬链接文件
heihei
kernels
zs
192.168.20.222 | CHANGED | rc=0 >>
debug
haha
heihei
kernels
zs
//删除/usr/src/zs
[root@localhost ~]# ansible all -m file -a "state=absent path=/usr/src/zs"
192.168.20.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "/usr/src/zs",
"state": "absent"
}
192.168.20.223 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "/usr/src/zs",
"state": "absent"
}
//查看是否删除
[root@localhost ~]# ansible all -m shell -a "ls /usr/src/"
192.168.20.223 | CHANGED | rc=0 >>
debug
haha
heihei
kernels
192.168.20.222 | CHANGED | rc=0 >>
debug
haha
heihei
kernels
- cron
在远程主机上添加计划任务
参数 | 选项 | 作用 |
---|---|---|
minute | 分钟 | |
hour | 小时 | |
day | 天 | |
mouth | 月 | |
weekday | 周 | |
job | 执行的命令 | |
name | 对计划任务的命名 | |
special_time | hourly | 每小时 |
示例:
//每天8.10分远程主机上输出xixi(任务名称:one)
[root@localhost ~]# ansible all -m cron -a "name=one hour=8 minute=10 job='echo xixi'"
192.168.20.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"one"
]
}
192.168.20.223 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"one"
]
}
//查看任务
[root@localhost ~]# ansible all -m shell -a "crontab -l"
192.168.20.223 | CHANGED | rc=0 >>
#Ansible: one
10 8 * * * echo xixi
192.168.20.222 | CHANGED | rc=0 >>
#Ansible: one
10 8 * * * echo xixi
//删除任务(慎用,可以编辑,必要时删除)
[root@localhost ~]# ansible all -m shell -a "crontab -r"
192.168.20.223 | CHANGED | rc=0 >>
192.168.20.222 | CHANGED | rc=0 >>
- lineinfile
用来给文件中添加内容 或者修改文件中的内容
参数 | 作用 |
---|---|
regexp | 正则匹配 ^…… 、……$ |
line | 将匹配的内容进行替换 |
line | 单独使用 |
insertbefore | 在匹配行的前面添加内容 |
insertafter | 在匹配行的之后添加 |
示例:
//给/下的ld文件添加内容'111111'
[root@localhost ~]# ansible all -m lineinfile -a "line='111111' path=/ld"
192.168.20.223 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
192.168.20.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
//查看是否添加
[root@localhost ~]# ansible all -m shell -a "cat /ld"
192.168.20.223 | CHANGED | rc=0 >>
111111
192.168.20.222 | CHANGED | rc=0 >>
111111
//将/ld文件里以1开头的内容替换为'222222'
[root@localhost ~]# ansible all -m lineinfile -a "regexp="^1" line='222222' path=/ld"
192.168.20.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"backup": "",
"changed": true,
"msg": "line replaced"
}
192.168.20.223 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"backup": "",
"changed": true,
"msg": "line replaced"
}
//查看是否是修改
[root@localhost ~]# ansible all -m shell -a "cat /ld"
192.168.20.223 | CHANGED | rc=0 >>
222222
192.168.20.222 | CHANGED | rc=0 >>
222222
//将/ld文件里内容以2开头的前面添加'111111'
[root@localhost ~]# ansible all -m lineinfile -a "insertbefore='^2' line=111111 path=/ld"
192.168.20.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
192.168.20.223 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
//查看
[root@localhost ~]# ansible all -m shell -a "cat /ld"192.168.20.223 | CHANGED | rc=0 >>
111111
222222
192.168.20.222 | CHANGED | rc=0 >>
111111
222222
//将/ld文件里内容以1结尾的后面添加'111a111'
[root@localhost ~]# ansible all -m lineinfile -a "insertafter='1$' line=111a111 path=/ld"
192.168.20.223 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
192.168.20.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
//查看
[root@localhost ~]# ansible all -m shell -a "cat /ld"192.168.20.222 | CHANGED | rc=0 >>
111111
111a111
222222
192.168.20.223 | CHANGED | rc=0 >>
111111
111a111
222222