Ansible
环境
ansible:192.168.200.233
node1:192.168.200.240
node2:192.168.200.241
node3:192.168.200.242
文章目录
加速ssh
[root@node1 ~]# vim /etc/ssh/sshd_config
相关文件
配置文件
/etc/ansible/ansible.cfg //主配置文件,配置ansible工作特性
/etc/ansible/hosts //主机清单
/etc/ansible/roles/ //存放角色的目录
程序
/usr/bin/ansible //主程序,临时命令执行工具
/usr/bin/ansible-doc //查看配置文档,模块功能查看工具
/usr/bin/ansible-galaxy //下载/上传优秀代码或Roles模块的官网平台
/usr/bin/ansible-playbook //定制自动化任务,编排剧本工具/usr/bin/ansible-pull远程执行命令的工具
/usr/bin/ansible-vault //文件加密工具
/usr/bin/ansible-console //基于Console界面与用户交互的执行工具
主机清单
Inventory主机清单
ansible的主要功能用于在批量主机操作,为了便捷地使用其中的部分主机,可以在inventory file中将其分组命名
默认的inventory file 位 /etc/ansible/hosts
inventory file 可以有多个,且也可以通过Dynamic Inventory来动态生成
模块
基于key;用户名这种方式
ping
这里的ping不是linu和windows的ping,而是模块ping;ansible的ping命令走的ssh协议
[root@ansible ~]# ansible 192.168.200.240 -m ping
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
[WARNING]: Could not match supplied host pattern, ignoring: 192.168.200.240
##原因为ansible里面的hosts没有这个ip,就是没有这个列表
-m MODULE_NAME, --module-name MODULE_NAME
module name to execute (default=command)
添加hosts
[root@ansible ~]# vim /etc/ansible/hosts //在最底部添加
在添加完hosts后依然报错
[root@ansible ~]# ansible 192.168.200.240 -m ping
192.168.200.240 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}
##因为192.168.200.240和192.168.200.233终究是两台独立主机,240发个消息凭什么告诉233我是存活的。所以要么输入用户名口令,要么输入gssapi-keyex(公钥)
因为没有做gssapi-keyex的验证所以如下
[root@ansible ~]# ansible 192.168.200.240 -m ping -k
SSH password: //输入240主机的密码,输入时不显示
192.168.200.240 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong" //有“pong”代表成功
}
//如果不输入-k他就默认是gssapi-keyex,用-k就是用传统的用户名密码来登录
-k, --ask-pass ask for connection password //询问连接密码
现在管理多台主机
可以把多台主机一个一个的写上
[root@ansible ~]# ansible 192.168.200.240,192.168.200.241,192.168.200.242 -m ping -k
根本不会去问每个主机的密码,如果密码不同就会出现这样,并且有两个密码是相同时也只会去问一个人的口令,只能通过一个
他也不会按照你输入命令的前后来先问谁,这个先问谁都是随机的
他只会记住一个如下图所示
[root@ansible ~]# cd .ssh
[root@ansible .ssh]# ls
known_hosts
[root@ansible .ssh]# cat known_hosts
192.168.200.240 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAsJdGaLutM6d0dFWSOAEp1p9PI2CNFsxi1NzZD/cX2m391TO7DtT7jNV8oJAObOMYoLi4M/e9EkMRU/8bUwjbM=
用ansible ping两个主机就只能进一个,虽然密码相同,这是因为他就记住了一个主机的密码,但是用ssh就可以进
Please add this host's fingerprint to your known_hosts file to manage this host
把主机的host添加在known_hosts里面
这时候我们就可以看见记住两个主机
[root@ansible .ssh]# cat known_hosts
192.168.200.240 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAsJdGaLutM6d0dFWSOAEp1p9PI2CNFsxi1NzZD/cX2m391TO7DtT7jNV8oJAObOMYoLi4M/e9EkMRU/8bUwjbM=
192.168.200.241 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAsJdGaLutM6d0dFWSOAEp1p9PI2CNFsxi1NzZD/cX2m391TO7DtT7jNV8oJAObOMYoLi4M/e9EkMRU/8bUwjbM=
控制所有主机
控制主机清单里面的所有主机
[root@ansible ~]# ansible all -m ping -k
hosts书写格式
## green.example.com
## blue.example.com
## 192.168.100.1
## 192.168.100.10
## [webservers]
## alpha.example.org
## beta.example.org
## 192.168.1.100
## 192.168.1.110
# If you have multiple hosts following a pattern you can specify
# them like this:
## www[001:006].example.com
# Ex 3: A collection of database servers in the 'dbservers' group
## [dbservers]
##
## db01.intranet.mydomain.net
## db02.intranet.mydomain.net
## 10.25.1.56
## 10.25.1.57
# Here's another example of host ranges, this time there are no
# leading 0s:
## db-[99:101]-node.example.com
在ip后还可以指定端口,这是为了防止有些服务不是按照默认指定端口
Ansible相关工具
Ansible-doc
Ansible
Ansible-galxy
Anaisible-pull
此工具会推送ansible的命令至远程,效率无限提升,对运维要求较高
Ansible-playbook
此工具用于执行编写好的playbook任务
示例:
[root@ansible ~]# vim hello.yml
#hello world yml file
hosts: websrvs
remote_user: root
tasks:
name: hello world
command: /usr/bin/wall hello world
Ansible-vault
此工具用于加密解密yml文件
格式:
ansible-vault [create|decrypt|edit|encrypt|rekey|view]
示范:
ansible-vault encrypt hello.yml #加密
ansible-vault decrypt hello.yml #解密
ansible-vault view hello.yml #查看
ansible-vault edit hello.yml #编辑加密文件
ansible-vault rekey hello.yml #修改口令
ansible-vault create new.yml #创建文件
文件加密后不能直接执行
[root@ansible ~]# ansible-playbook hello.yml
ERROR! Attempting to decrypt but no vault secrets found
解密文件
Ansible-console
此工具可交互执行命令,支持tab,ansible 2.0+新增
提示符格式:
执行用户@当前操作的主机组(当前的主机数量)[f:并发数]$
常用子命令:
-
设置并发数:forks n 例如: forks 10
-
切换组:cd主机组 例如: cd web
-
列出当前组主机列表: list
[root@ansible ~]# ansible-console
Welcome to the ansible console.
Type help or ? to list commands.
root@all (3)[f:5]$
root@all (3)[f:5]$ list
root@all (3)[f:5]$ cd appsrvs
root@appsrvs (3)[f:5]$ cd websrvs
root@websrvs (2)[f:5]$ list
192.168.200.240
192.168.200.241
root@websrvs (2)[f:5]$ forks 10
root@websrvs (2)[f:10]$
root@websrvs (2)[f:5]$ yum name=httpd state=present
root@websrvs (2)[f:5]$ service name=httpd state=started
Ansible常用模块
2015年底270多个模块,2016年达到540个,2018年01月12日有1378个模块,2018年07月15日1852个模块,2019年05月25日(ansible 2.7.10)时2080个模块,2020年03月02日3387个模块
常用模块帮助文档参考:
https://docs.ansible.com/ansible/latest/modules/modules_by_category.html
Command模块
功能:在远程主机执行命令,此为默认模块,可忽略-m选项
注意:此命令不支持 $VARNAME< > | ; & 等,用shell模块实现
示例:
## ansible srvs -m command -a 'service vsftpd start'
## ansible srvs -m command -a 'echo magedu | passwd --stdin wang'
[root@ansible ~]# ansible websrvs -m command -a 'cat /etc/centos-release'
SSH password:
192.168.200.241 | CHANGED | rc=0 >>
CentOS Linux release 7.9.2009 (Core)
192.168.200.242 | CHANGED | rc=0 >>
CentOS Linux release 7.9.2009 (Core)
[root@ansible ~]# ansible websrvs -m command -a 'chdir=/etc/ cat centos-release'
SSH password:
192.168.200.241 | CHANGED | rc=0 >>
CentOS Linux release 7.9.2009 (Core)
192.168.200.242 | CHANGED | rc=0 >>
CentOS Linux release 7.9.2009 (Core)
[root@ansible ~]# ansible websrvs -m command -a 'chdir=/etc creates=/data/f1.txt cat centos-release'
192.168.200.241 | SUCCESS | rc=0 >>
skipped, since /data/f1.txt exists
192.168.200.242 | CHANGED | rc=0 >>
CentOS Linux release 7.9.2009 (Core)
##creates的逻辑是,如果有这个文件那么就不执行
[root@ansible ~]# ansible websrvs -m command -a 'chdir=/etc removes=/data/f1.txt cat centos-release'
192.168.200.242 | SUCCESS | rc=0 >>
skipped, since /data/f1.txt does not exist
192.168.200.241 | CHANGED | rc=0 >>
CentOS Linux release 7.9.2009 (Core)
##removes和creates逻辑相反
Shell模块
功能:和command相似,用shell执行命令
示范:
ansible srv -m shell -a 'echo magedu | passwd --stdin wang'
[root@ansible ~]# ansible websrvs -m shell -a 'chdir=/data cat hello.log'
192.168.200.242 | CHANGED | rc=0 >>
hello
192.168.200.241 | CHANGED | rc=0 >>
hello
[root@ansible ~]# ansible websrvs -m shell -a 'chdir=/data creates=/etc/issue cat hello.log'
192.168.200.241 | SUCCESS | rc=0 >>
skipped, since /etc/issue exists
192.168.200.242 | SUCCESS | rc=0 >>
skipped, since /etc/issue exists
[root@ansible ~]# ansible websrvs -m shell -a 'chdir=/data removes=/etc/issue cat hello.log'
192.168.200.242 | CHANGED | rc=0 >>
hello
192.168.200.241 | CHANGED | rc=0 >>
hello
[root@ansible ~]# ansible websrvs -a 'rm -rf /data/*'
[WARNING]: Consider using the file module with state=absent rather than running 'rm'. If you need to use command because file is insufficient
you can add 'warn: false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid of this message.
192.168.200.241 | CHANGED | rc=0 >>
192.168.200.242 | CHANGED | rc=0 >>
注意:调用bash执行命令 类似cat /tmp/test.md | awk -F’|’’{print 1,2}’ & > /tmp/example.txt这些复杂命令,即使使用shell也可能会失败,解决方法:写脚本时,copy到远程,执行,再把需要的结果拉回执行命令的机器
修改默认模块
功能:将shell模块代替command模块
小贴士:现在不需要重新什么,ansible不是一个服务,是一个应用
[root@ansible ~]# vim /etc/ansible/ansible.cfg
module_name = shell
##进入配置文件后: /command
Script模块
功能:在远程主机上运行ansible服务器上的脚本
示范:
ansible websrvs -m script -a /data/test.sh
Copy模块
功能:从ansible服务器主控端复制文件到远程主机
[root@ansible ~]# ansible websrvs -m copy -a "content='test line1\netest lne2' dest=/tmp/test.txt"
192.168.200.242 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "c633a17c2724fea049e832332dbe83b845c8fdce",
"dest": "/tmp/test.txt",
"gid": 0,
"group": "root",
"md5sum": "18e3a55a54c9376226da8836407a9356",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 21,
"src": "/root/.ansible/tmp/ansible-tmp-1626598382.93-79488-2028714120590/source",
"state": "file",
"uid": 0
}
192.168.200.241 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "c633a17c2724fea049e832332dbe83b845c8fdce",
"dest": "/tmp/test.txt",
"gid": 0,
"group": "root",
"md5sum": "18e3a55a54c9376226da8836407a9356",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 21,
"src": "/root/.ansible/tmp/ansible-tmp-1626598382.92-79486-166034129892016/source",
"state": "file",
"uid": 0
}
[root@ansible ~]# ansible websrvs -a "cat /tmp/test.txt"
192.168.200.241 | CHANGED | rc=0 >>
test line1
etest lne2
192.168.200.242 | CHANGED | rc=0 >>
test line1
etest lne2
##把文件考到所控制的主机/data/os.txt里面,所有者为wang,权限为600
[root@ansible ~]# ansible websrvs -m copy -a "src=/etc/centos-release dest=/data/os.txt owner=wang mode=600"
192.168.200.241 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "0d3186157c40752f89db0e618a5866935b523e7b",
"dest": "/data/os.txt",
"gid": 0,
"group": "root",
"md5sum": "902962816d0ec4fbb532949f70a41ae7",
"mode": "0600",
"owner": "wang",
"secontext": "system_u:object_r:default_t:s0",
"size": 37,
"src": "/root/.ansible/tmp/ansible-tmp-1626598536.51-79689-170889758635879/source",
"state": "file",
"uid": 1000
}
192.168.200.242 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "0d3186157c40752f89db0e618a5866935b523e7b",
"dest": "/data/os.txt",
"gid": 0,
"group": "root",
"md5sum": "902962816d0ec4fbb532949f70a41ae7",
"mode": "0600",
"owner": "wang",
"secontext": "system_u:object_r:default_t:s0",
"size": 37,
"src": "/root/.ansible/tmp/ansible-tmp-1626598536.53-79691-202121024498811/source",
"state": "file",
"uid": 1000
}
[root@ansible ~]# ansible websrvs -a 'ls -l /data/os.txt'
192.168.200.242 | CHANGED | rc=0 >>
-rw-------. 1 wang root 37 Jul 18 04:55 /data/os.txt
192.168.200.241 | CHANGED | rc=0 >>
-rw-------. 1 wang root 37 Jul 18 04:55 /data/os.txt
##从控制节点拷文件去其他主机
[root@ansible ~]# ansible websrvs -m copy -a "src=/etc/sysconfig dest=/data/ owner=wang mode=600"
192.168.200.242 | CHANGED => {
"changed": true,
"dest": "/data/",
"src": "/etc/sysconfig"
}
192.168.200.241 | CHANGED => {
"changed": true,
"dest": "/data/",
"src": "/etc/sysconfig"
}
Fetch模块
功能:从远程主机提取文件至ansible的主控端,copy相反,目前不支持目录
范例:
ansible srv -m fetch -a 'src=/root/test.sh dest=/data/scripts'
##远程主机传回文件
[root@ansible ~]# ansible all -m fetch -a 'src=/etc/redhat-release dest=/data/ceshi'192.168.200.241 | CHANGED => {
"changed": true,
"checksum": "0d3186157c40752f89db0e618a5866935b523e7b",
"dest": "/data/ceshi/192.168.200.241/etc/redhat-release",
"md5sum": "902962816d0ec4fbb532949f70a41ae7",
"remote_checksum": "0d3186157c40752f89db0e618a5866935b523e7b",
"remote_md5sum": null
}
192.168.200.242 | CHANGED => {
"changed": true,
"checksum": "0d3186157c40752f89db0e618a5866935b523e7b",
"dest": "/data/ceshi/192.168.200.242/etc/redhat-release",
"md5sum": "902962816d0ec4fbb532949f70a41ae7",
"remote_checksum": "0d3186157c40752f89db0e618a5866935b523e7b",
"remote_md5sum": null
}
192.168.200.240 | CHANGED => {
"changed": true,
"checksum": "0d3186157c40752f89db0e618a5866935b523e7b",
"dest": "/data/ceshi/192.168.200.240/etc/redhat-release",
"md5sum": "902962816d0ec4fbb532949f70a41ae7",
"remote_checksum": "0d3186157c40752f89db0e618a5866935b523e7b",
"remote_md5sum": null
}
File模块
功能:设置文件属性
范例:
## state:状态 absent:删除(缺席)
#创建空文件
ansible srv -m file -a 'path=/data/test.txt state=touch' //用path指定不存在它将创建空文件
ansible srv -m file -a 'path=/data/test.txt state=absent' //出现state=absent就是删除
ansible srv -m file -a "path=/data/test.sh owner=wang mode=755" //修改所有者和权限
#创建目录
ansible srv -m file -a "path=/data/mysql state=directory owner=mysql group=mysql" //state=directory就是把这个文件夹递归的所有者和所有组改掉
#创建软链接
ansible srv -m file -a ’src=/data/testfile dest=/data/testfile-link state=link‘
Unarchive模块
功能:解包解压缩
实现有两种用法:
1、将ansible主机上的压缩包传到远程主机后解压缩至特定目录,设置copy=yes
2、将远程主机上的某个压缩包解压缩到指定路径下,设置copy=no
常见参数:
-
copy:默认为yes,当copy=no,拷贝的文件是从ansible主机复制到远程主机上,如果设置为copy=no,会在远程主机上寻找src源文件
-
remote_src:和copy功能一样具互斥,yes表示在远程主机,不在ansible主机,no表示文件在ansible主机上
-
src:源路径,可以是ansible主机上的路径,也可以是远程主机上的路径,如果是远程主机上的路径,则需要设置copy=no
-
dest:远程主机上的目标路径
-
mode:设置解压缩后的文件权限
范例:
ansible srv -m unarchive -a 'src=/data/foo.tgz dest=/var/lib/foo'
ansible srv -m unarchive -a 'src=/tmp/foo.zip dest=/data copy=no mode=0777'
ansible srv -m unarchive -a 'src=https://example.com/example.zip dest=/data copy=no'
##两种不同的打包方式
[root@ansible ~]# tar zcvf /data/ceshi.tar.gz /etc //给etc打个包
[root@ansible data]# tar Jcvf /data/ceshi.tar.xz /etc //给etc打个包
[root@ansible data]# ls -al
total 19044
drwxr-xr-x. 3 root root 74 Jul 18 07:22 .
dr-xr-xr-x. 18 root root 236 Jul 18 02:47 ..
drwxr-xr-x. 5 root root 75 Jul 18 05:08 ceshi
-rw-r--r--. 1 root root 11401895 Jul 18 07:20 ceshi.tar.gz
-rw-r--r--. 1 root root 8091488 Jul 18 07:22 ceshi.tar.xz
-rwxr-xr-x. 1 root root 53 Jul 18 04:35 test.sh
##把ansible的压缩文件发送到远程主机并且解包到/data/下面 把这个文件给wang这个用户组
[root@ansible ~]# ansible websrvs -m unarchive -a 'src=/data/ceshi.tar.gz dest=/data/ owner=wang'
192.168.200.241 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/data/",
"extract_results": {
"cmd": [
"/usr/bin/gtar",
"--extract",
"-C",
"/data/",
"-z",
"--owner=wang",
"-f",
"/root/.ansible/tmp/ansible-tmp-1626607692.3-88895-107173152887951/source"
],
"err": "",
"out": "",
"rc": 0
},
"gid": 0,
"group": "root",
"handler": "TgzArchive",
"mode": "0755",
"owner": "root",
"secontext": "unconfined_u:object_r:default_t:s0",
"size": 17,
"src": "/root/.ansible/tmp/ansible-tmp-1626607692.3-88895-107173152887951/source",
"state": "directory",
"uid": 0
}
192.168.200.242 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/data/",
"extract_results": {
"cmd": [
"/usr/bin/gtar",
"--extract",
"-C",
"/data/",
"-z",
"--owner=wang",
"-f",
"/root/.ansible/tmp/ansible-tmp-1626607692.3-88897-40660119635474/source"
],
"err": "",
"out": "",
"rc": 0
},
"gid": 0,
"group": "root",
"handler": "TgzArchive",
"mode": "0755",
"owner": "root",
"secontext": "unconfined_u:object_r:default_t:s0",
"size": 17,
"src": "/root/.ansible/tmp/ansible-tmp-1626607692.3-88897-40660119635474/source",
"state": "directory",
"uid": 0
}
验证:
把本地文件拷贝到远程主机data下
[root@ansible ~]# ansible websrvs -m copy -a 'src=/data/ceshi.tar.gz dest=/data/'
192.168.200.242 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "05ac95dd822a34f2751a162775b2ba0c10a9d354",
"dest": "/data/ceshi.tar.gz",
"gid": 0,
"group": "root",
"md5sum": "faf86e425c3726c1cf21fa0a3a1f92a5",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:default_t:s0",
"size": 11401895,
"src": "/root/.ansible/tmp/ansible-tmp-1626607946.93-89193-19308572142693/source",
"state": "file",
"uid": 0
}
192.168.200.241 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "05ac95dd822a34f2751a162775b2ba0c10a9d354",
"dest": "/data/ceshi.tar.gz",
"gid": 0,
"group": "root",
"md5sum": "faf86e425c3726c1cf21fa0a3a1f92a5",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:default_t:s0",
"size": 11401895,
"src": "/root/.ansible/tmp/ansible-tmp-1626607946.93-89191-276058529448431/source",
"state": "file",
"uid": 0
}
查看是否拷过去了
[root@ansible ~]# ansible websrvs -a 'ls -l /data'
192.168.200.242 | CHANGED | rc=0 >>
total 11148
-rw-r--r--. 1 root root 11401895 Jul 18 07:32 ceshi.tar.gz
drwxr-xr-x. 76 wang root 8192 Jul 18 01:52 etc
192.168.200.241 | CHANGED | rc=0 >>
total 11148
-rw-r--r--. 1 root root 11401895 Jul 18 07:32 ceshi.tar.gz
drwxr-xr-x. 76 wang root 8192 Jul 18 01:52 etc
远程主机上的打完包的文件在本地解包
##解压的包在opt里面,权限700; copy=no:在本地解包
[root@ansible ~]# ansible websrvs -m unarchive -a 'src=/data/ceshi.tar.gz dest=/opt/ mode=700 copy=no'
192.168.200.242 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/opt/",
"extract_results": {
"cmd": [
"/usr/bin/gtar",
"--extract",
"-C",
"/opt/",
"-z",
"-f",
"/data/ceshi.tar.gz"
],
"err": "",
"out": "",
"rc": 0
},
"gid": 0,
"group": "root",
"handler": "TgzArchive",
"mode": "0755",
"owner": "root",
"secontext": "system_u:object_r:usr_t:s0",
"size": 17,
"src": "/data/ceshi.tar.gz",
"state": "directory",
"uid": 0
}
192.168.200.241 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/opt/",
"extract_results": {
"cmd": [
"/usr/bin/gtar",
"--extract",
"-C",
"/opt/",
"-z",
"-f",
"/data/ceshi.tar.gz"
],
"err": "",
"out": "",
"rc": 0
},
"gid": 0,
"group": "root",
"handler": "TgzArchive",
"mode": "0755",
"owner": "root",
"secontext": "system_u:object_r:usr_t:s0",
"size": 17,
"src": "/data/ceshi.tar.gz",
"state": "directory",
"uid": 0
}
验证:
[root@ansible ~]# ansible websrvs -a 'ls -l /opt'
192.168.200.241 | CHANGED | rc=0 >>
total 12
drwx------. 76 root root 8192 Jul 18 01:52 etc
192.168.200.242 | CHANGED | rc=0 >>
total 12
drwx------. 76 root root 8192 Jul 18 01:52 etc
[root@ansible ~]# ansible websrvs -a 'du -sh /opt/etc'
192.168.200.241 | CHANGED | rc=0 >>
36M /opt/etc
192.168.200.242 | CHANGED | rc=0 >>
36M /opt/etc
Archive模块
功能:打包压缩
范例:
ansible websrvs -m archive -a 'path=/var/log/ dest=/data/log.tar.bz2 format=bz2 owner=wang mode=600'
[root@ansible ~]# ansible websrvs -m archive -a 'path=/var/log/ dest=/data/log.tar.bz2 format=bz2 owner=wang mode=0600'
192.168.200.242 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"archived": [
"/var/log/tallylog",
"/var/log/grubby_prune_debug",
"/var/log/lastlog",
"/var/log/wtmp",
"/var/log/btmp",
"/var/log/messages",
"/var/log/secure",
"/var/log/maillog",
"/var/log/spooler",
"/var/log/boot.log",
"/var/log/vmware-vgauthsvc.log.0",
"/var/log/vmware-vmsvc.log",
"/var/log/firewalld",
"/var/log/cron",
"/var/log/dmesg.old",
"/var/log/dmesg",
"/var/log/yum.log",
"/var/log/grubby",
"/var/log/vmware-vmtoolsd-root.log",
"/var/log/vmware-vmsvc-root.log",
"/var/log/vmware-network.log",
"/var/log/tuned/tuned.log",
"/var/log/audit/audit.log",
"/var/log/anaconda/anaconda.log",
"/var/log/anaconda/syslog",
"/var/log/anaconda/X.log",
"/var/log/anaconda/program.log",
"/var/log/anaconda/packaging.log",
"/var/log/anaconda/storage.log",
"/var/log/anaconda/ifcfg.log",
"/var/log/anaconda/ks-script-GgsUnh.log",
"/var/log/anaconda/ks-script-zy38wh.log",
"/var/log/anaconda/journal.log"
],
"arcroot": "/var/log/",
"changed": true,
"dest": "/data/log.tar.bz2",
"expanded_exclude_paths": [],
"expanded_paths": [
"/var/log/"
],
"gid": 0,
"group": "root",
"missing": [],
"mode": "0600",
"owner": "wang",
"secontext": "unconfined_u:object_r:default_t:s0",
"size": 316377,
"state": "file",
"uid": 1000
}
192.168.200.241 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"archived": [
"/var/log/tallylog",
"/var/log/grubby_prune_debug",
"/var/log/lastlog",
"/var/log/wtmp",
"/var/log/btmp",
"/var/log/messages",
"/var/log/secure",
"/var/log/maillog",
"/var/log/spooler",
"/var/log/boot.log",
"/var/log/vmware-vgauthsvc.log.0",
"/var/log/vmware-vmsvc.log",
"/var/log/firewalld",
"/var/log/cron",
"/var/log/dmesg.old",
"/var/log/dmesg",
"/var/log/yum.log",
"/var/log/grubby",
"/var/log/vmware-vmtoolsd-root.log",
"/var/log/vmware-vmsvc-root.log",
"/var/log/vmware-network.log",
"/var/log/tuned/tuned.log",
"/var/log/audit/audit.log",
"/var/log/anaconda/anaconda.log",
"/var/log/anaconda/syslog",
"/var/log/anaconda/X.log",
"/var/log/anaconda/program.log",
"/var/log/anaconda/packaging.log",
"/var/log/anaconda/storage.log",
"/var/log/anaconda/ifcfg.log",
"/var/log/anaconda/ks-script-GgsUnh.log",
"/var/log/anaconda/ks-script-zy38wh.log",
"/var/log/anaconda/journal.log"
],
"arcroot": "/var/log/",
"changed": true,
"dest": "/data/log.tar.bz2",
"expanded_exclude_paths": [],
"expanded_paths": [
"/var/log/"
],
"gid": 0,
"group": "root",
"missing": [],
"mode": "0600",
"owner": "wang",
"secontext": "unconfined_u:object_r:default_t:s0",
"size": 320466,
"state": "file",
"uid": 1000
}
验证:
-
[root@ansible ~]# ansible websrvs -a 'ls -l /data/log.tar.bz2' 192.168.200.241 | CHANGED | rc=0 >> -rw-------. 1 wang root 320466 Jul 18 07:48 /data/log.tar.bz2 192.168.200.242 | CHANGED | rc=0 >> -rw-------. 1 wang root 316377 Jul 18 07:48 /data/log.tar.bz2 [root@ansible ~]# ansible websrvs -a 'file /data/log.tar.bz2' 192.168.200.241 | CHANGED | rc=0 >> /data/log.tar.bz2: bzip2 compressed data, block size = 900k 192.168.200.242 | CHANGED | rc=0 >> /data/log.tar.bz2: bzip2 compressed data, block size = 900k
/log/anaconda/ks-script-zy38wh.log",
“/var/log/anaconda/journal.log”
],
“arcroot”: “/var/log/”,
“changed”: true,
“dest”: “/data/log.tar.bz2”,
“expanded_exclude_paths”: [],
“expanded_paths”: [
“/var/log/”
],
“gid”: 0,
“group”: “root”,
“missing”: [],
“mode”: “0600”,
“owner”: “wang”,
“secontext”: “unconfined_u:object_r:default_t:s0”,
“size”: 320466,
“state”: “file”,
“uid”: 1000
}
>**验证:**
1. ```shell
[root@ansible ~]# ansible websrvs -a 'ls -l /data/log.tar.bz2'
192.168.200.241 | CHANGED | rc=0 >>
-rw-------. 1 wang root 320466 Jul 18 07:48 /data/log.tar.bz2
192.168.200.242 | CHANGED | rc=0 >>
-rw-------. 1 wang root 316377 Jul 18 07:48 /data/log.tar.bz2
[root@ansible ~]# ansible websrvs -a 'file /data/log.tar.bz2'
192.168.200.241 | CHANGED | rc=0 >>
/data/log.tar.bz2: bzip2 compressed data, block size = 900k
192.168.200.242 | CHANGED | rc=0 >>
/data/log.tar.bz2: bzip2 compressed data, block size = 900k
465
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
