ansible模块
ansible模块
anisble命令格式:ansible [主机] [-m 模块] [-a args]
ansible-doc -l #列出所有已安装的模块,注:按q退出
ansible-doc -s yum #-s列出yum模块描述信息和操作动作
ping模块
[root@server1 ~]# ansible all -m ping
20.0.0.12 | UNREACHABLE! => {
"changed": false, #网络不通
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}
20.0.0.13 | SUCCESS => {
"ansible_facts": { #网络连接正常
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
解决网络不同的办法
- 主机hosts内是否有该节点标识
- 密钥对是否正确,是否需要重传
- ssh端口是否开启(22端口)
yum模块
yum安装httpd
[root@server1 ~]# ansible mysql -m yum -a 'name=httpd'
20.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"changes": {
"installed": [
"httpd"
]
},
"msg": "",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror, langpacks\nLoading mirror speeds from cached hostfile\n * base: \nResolving Dependencies\n--> Running transaction check\n---> Package httpd.x86_64 0:2.4.6-95.el7.centos will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n httpd x86_64 2.4.6-95.el7.centos base 2.7 M\n\nTransaction Summary\n================================================================================\nInstall 1 Package\n\nTotal size: 2.7 M\nInstalled size: 9.4 M\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : httpd-2.4.6-95.el7.centos.x86_64 1/1 \n Verifying : httpd-2.4.6-95.el7.centos.x86_64 1/1 \n\nInstalled:\n httpd.x86_64 0:2.4.6-95.el7.centos \n\nComplete!\n"
]
}
使用默认command模块检查软件是否安装
[root@server1 ~]# ansible mysql -a 'rpm -q httpd'
[WARNING]: Consider using the yum, dnf or zypper module rather than running
'rpm'. If you need to use command because yum, dnf or zypper is insufficient
you can add 'warn: false' to this command task or set 'command_warnings=False'
in ansible.cfg to get rid of this message.
20.0.0.13 | CHANGED | rc=0 >>
httpd-2.4.6-95.el7.centos.x86_64
使用yum模块检查软件更新
[root@server1 ~]# ansible mysql -m yum -a 'name=httpd state=present'
20.0.0.13 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"msg": "",
"rc": 0,
"results": [
"httpd-2.4.6-95.el7.centos.x86_64 providing httpd is already installed"
]
}
yum卸载httpd
[root@server1 ~]# ansible mysql -m yum -a 'name=httpd state=absent'
20.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"changes": {
"removed": [
"httpd"
]
},
"msg": "",
"rc": 0,
"results": [
"已加载插件:fastestmirror, langpacks\n正在解决依赖关系\n--> 正在检查事务\n---> 软件包 httpd.x86_64.0.2.4.6-95.el7.centos 将被 删除\n--> 解决依赖关系完成\n\n依赖关系解决\n\n================================================================================\n Package 架构 版本 源 大小\n================================================================================\n正在删除:\n httpd x86_64 2.4.6-95.el7.centos @base 9.4 M\n\n事务概要\n================================================================================\n移除 1 软件包\n\n安装大小:9.4 M\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n 正在删除 : httpd-2.4.6-95.el7.centos.x86_64 1/1 \n 验证中 : httpd-2.4.6-95.el7.centos.x86_64 1/1 \n\n删除:\n httpd.x86_64 0:2.4.6-95.el7.centos \n\n完毕!\n"
]
}
[root@server1 ~]# ansible mysql -a 'systemctl status httpd'
20.0.0.13 | FAILED | rc=4 >>
Unit httpd.service could not be found.non-zero return code
[root@server1 ~]# ansible mysql -a 'rpm -q httpd'
[WARNING]: Consider using the yum, dnf or zypper module rather than running 'rpm'. If you
need to use command because yum, dnf or zypper is insufficient you can add 'warn: false' to
this command task or set 'command_warnings=False' in ansible.cfg to get rid of this message.
20.0.0.13 | FAILED | rc=1 >>
未安装软件包 httpd non-zero return code
command模块
指定IP执行date
[root@server1 ~]# ansible 20.0.0.12 -m command -a 'date'
20.0.0.12 | CHANGED | rc=0 >>
2021年 01月 12日 星期二 11:41:22 CST
[root@server1 ~]# ansible webserver -m command -a 'date'
20.0.0.12 | CHANGED | rc=0 >>
2021年 01月 12日 星期二 10:00:47 CST
指定webserver节点执行命令‘date’
[root@server1 ~]# ansible all -m command -a 'date' #指定所有节点执行date
20.0.0.13 | CHANGED | rc=0 >>
2021年 01月 12日 星期二 11:43:56 CST
20.0.0.12 | CHANGED | rc=0 >>
2021年 01月 12日 星期二 11:43:56 CST
不加-m模块,默认运行command模块
[root@server1 ~]# ansible all -a 'ls -lh /'
20.0.0.12 | CHANGED | rc=0 >>
总用量 30K
lrwxrwxrwx. 1 root root 7 9月 30 18:26 bin -> usr/bin
dr-xr-xr-x. 5 root root 4.0K 9月 30 20:05 boot
drwxr-xr-x. 20 root root 3.3K 10月 3 13:44 dev
drwxr-xr-x. 142 root root 8.0K 10月 4 00:38 etc
drwxr-xr-x. 3 root root 17 9月 30 18:40 home
lrwxrwxrwx. 1 root root 7 9月 30 18:26 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 9月 30 18:26 lib64 -> usr/lib64
drwxr-xr-x. 2 root root 6 11月 5 2016 media
drwxr-xr-x. 8 lcx lcx 2.0K 9月 5 2017 mnt
drwxr-xr-x. 3 root root 16 9月 30 18:29 opt
dr-xr-xr-x. 215 root root 0 10月 3 13:44 proc
dr-xr-x---. 17 root root 4.0K 1月 12 09:40 root
drwxr-xr-x. 42 root root 1.2K 1月 12 09:39 run
lrwxrwxrwx. 1 root root 8 9月 30 18:26 sbin -> usr/sbin
drwxr-xr-x. 2 root root 6 11月 5 2016 srv
dr-xr-xr-x. 13 root root 0 10月 3 13:44 sys
drwxrwxrwt. 20 root root 4.0K 1月 12 11:44 tmp
drwxr-xr-x. 13 root root 155 9月 30 18:26 usr
drwxr-xr-x. 21 root root 4.0K 9月 30 20:04 var
20.0.0.13 | CHANGED | rc=0 >>
总用量 30K
lrwxrwxrwx. 1 root root 7 10月 14 08:25 bin -> usr/bin
dr-xr-xr-x. 5 root root 4.0K 10月 14 08:33 boot
drwxr-xr-x. 20 root root 3.3K 10月 14 08:32 dev
drwxr-xr-x. 142 root root 8.0K 10月 14 08:42 etc
drwxr-xr-x. 3 root root 17 10月 14 08:30 home
lrwxrwxrwx. 1 root root 7 10月 14 08:25 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 10月 14 08:25 lib64 -> usr/lib64
drwxr-xr-x. 2 root root 6 11月 5 2016 media
dr-xr-xr-x. 2 root root 2.0K 11月 30 2017 mnt
drwxr-xr-x. 3 root root 16 10月 14 08:28 opt
dr-xr-xr-x. 215 root root 0 10月 14 08:32 proc
dr-xr-x---. 17 root root 4.0K 1月 12 11:39 root
drwxr-xr-x. 43 root root 1.2K 1月 12 09:40 run
lrwxrwxrwx. 1 root root 8 10月 14 08:25 sbin -> usr/sbin
drwxr-xr-x. 2 root root 6 11月 5 2016 srv
dr-xr-xr-x. 13 root root 0 10月 14 08:32 sys
drwxrwxrwt. 17 root root 4.0K 1月 12 11:44 tmp
drwxr-xr-x. 13 root root 155 10月 14 08:25 usr
drwxr-xr-x. 21 root root 4.0K 10月 14 08:32 var
cron模块
两种状态(stat):present表示添加(可以忽略),absent表示移除
查看cron模块信息
[root@server1 ~]# ansible-doc -s cron
每一分钟执行输出hello到hellow.txt文档中,动作名称为hello
[root@server1 ~]# ansible webserver -m cron -a 'minute="*/1" job="/usr/bin/echo >> /opt/hello.txt" name="hello"'
20.0.0.12 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true, #表示成功
"envs": [],
"jobs": [
"hello"
]
}
默认使用command模块执行查看webserver节点的计划任务命令
[root@server1 ~]# ansible webserver -a 'crontab -l'
20.0.0.12 | CHANGED | rc=0 >>
#Ansible: hello #任务名称
*/1 * * * * /usr/bin/echo hello >> /opt/hello.txt #结果
webserver节点查看
[root@web ~]# cat /opt/hello.txt #过了三分钟,文件中会有三个记录
hello
hello
hello
移除计划任务,加入该计划任务没有取名字,name=None即可
[root@server1 ~]# ansible webserver -m cron -a 'name="hello" state=absent'
20.0.0.12 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": []
}
[root@server1 ~]# ansible webserver -a 'crontab -l'
20.0.0.12 | CHANGED | rc=0 >>
user模块
user模块请求的是useradd,userdel,usermod三个命令
用user模块创建一个test1用户
[root@server1 ~]# ansible mysql -m user -a 'name="test1"'
20.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1001, #属组
"home": "/home/test1", #加目录路径
"name": "test1", #名称
"shell": "/bin/bash",
"state": "present",
"system": false, #是否为系统用户
"uid": 1001 #用户uid
}
[root@server1 ~]# ansible mysql -m command -a 'tail /etc/passwd'
20.0.0.13 | CHANGED | rc=0 >>
………………
test1:x:1001:1001::/home/test1:/bin/bash
删除用户test1
[root@server1 ~]# ansible mysql -m user -a 'name="test1" state=absent'
20.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"force": false,
"name": "test1",
"remove": false,
"state": "absent"
}
group模块
group模块请求的是groupadd,groupdel,groupmod三个指令
创建一个mysql组,gid为306,为系统用户
[root@server1 ~]# ansible mysql -m group -a 'name=mysql gid=306 system=yes'
20.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 306,
"name": "mysql",
"state": "present",
"system": true
}
[root@server1 ~]# ansible mysql -a 'tail /etc/group'
20.0.0.13 | CHANGED | rc=0 >>
………………
mysql:x:306:
创建一个系统用户test2,uid为306,属组为group
[root@server1 ~]# ansible mysql -m user -a 'name=test2 uid=306 system=yes group=mysql'
20.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 306,
"home": "/home/test2",
"name": "test2",
"shell": "/bin/bash",
"state": "present",
"system": true,
"uid": 306
}
[root@server1 ~]# ansible mysql -a 'tail /etc/passwd'
20.0.0.13 | CHANGED | rc=0 >>
………………
test2:x:306:306::/home/test2:/bin/bash
[root@server1 ~]# ansible mysql -a 'id test2'
20.0.0.13 | CHANGED | rc=0 >>
uid=306(test2) gid=306(mysql) 组=306(mysql)
copy模块
复制mysql节点上/etc/fstab文件到/opt/fstab.bak(备份),新文件属主为root,权限640
[root@server1 ~]# ansible mysql -m copy -a 'src=/etc/fstab dest=/opt/fstab.bak owner=root mode=640'
20.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "639a4e0d29a13051dce34e56b733d625904d2e80",
"dest": "/opt/fstab.bak",
"gid": 0,
"group": "root",
"md5sum": "dff6006a952e63391b7ae04789a18e24",
"mode": "0640",
"owner": "root",
"secontext": "system_u:object_r:usr_t:s0",
"size": 620,
"src": "/root/.ansible/tmp/ansible-tmp-1610458420.69-16547-74281840167793/source",
"state": "file",
"uid": 0
}
查看备份文件
[root@server1 ~]# ansible mysql -a 'ls -l /opt/fstab.bak'
20.0.0.13 | CHANGED | rc=0 >>
-rw-r-----. 1 root root 620 1月 12 21:33 /opt/fstab.bak
[root@server1 ~]# ansible mysql -a 'cat /opt/fstab.bak'
20.0.0.13 | CHANGED | rc=0 >>
#
# /etc/fstab
# Created by anaconda on Wed Sep 30 18:19:59 2020
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root / xfs defaults 0 0
UUID=4c628836-9762-44da-8a46-2539b024bed9 /boot xfs defaults 0 0
/dev/mapper/centos-home /home xfs defaults 0 0
/dev/mapper/centos-swap swap swap defaults 0 0
/dev/cdrom /mnt iso9660 defaults 0 0
file模块
使用user模块创建一个系统账户mysql
[root@server1 ~]# ansible mysql -m user -a 'name=mysql system=yes'
20.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 100,
"home": "/home/mysql",
"name": "mysql",
"shell": "/bin/bash",
"state": "present",
"system": true,
"uid": 305
}
使用group模块创建一个系统组mysql
[root@server1 ~]# ansible mysql -m group -a 'name=mysql system=yes'
20.0.0.13 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"gid": 306,
"name": "mysql",
"state": "present",
"system": true
}
使用file模块修改/etc/fstab.bak的属主属组,权限
[root@server1 ~]# ansible mysql -m file -a 'owner=mysql group=mysql mode=644 path=/opt/fstab.bak'
20.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 306,
"group": "mysql",
"mode": "0644",
"owner": "mysql",
"path": "/opt/fstab.bak",
"secontext": "system_u:object_r:usr_t:s0",
"size": 620,
"state": "file",
"uid": 305
}
创建/opt/fstab.bak软连接
[root@server1 ~]# ansible mysql -m file -a 'path=/opt/fstab.link src=/opt/fstab.bak state=link'
20.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/opt/fstab.link",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 14,
"src": "/opt/fstab.bak",
"state": "link",
"uid": 0
}
删除/opt/fstab.bak
[root@server1 ~]# ansible mysql -m file -a 'path=/opt/fstab.bak state=absent'
20.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "/opt/fstab.bak",
"state": "absent"
}
创建一个/opt/text文件
[root@server1 ~]# ansible mysql -m file -a 'path=/opt/text state=touch'
20.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/opt/text",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
创建/opt/ttt目录
[root@server1 ~]# ansible mysql -m file -a 'path=/opt/ttt state=directory mode=755'
20.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/opt/ttt",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
service模块
启动httpd服务
[root@server1 ~]# ansible mysql -m service -a 'name=httpd enabled=true state=started'
20.0.0.13 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"enabled": true,
"name": "httpd",
"state": "started",
"status": {
"ActiveEnterTimestampMonotonic": "0",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "inactive",
"After": "-.mount tmp.mount nss-lookup.target remote-fs.target basic.target network.target systemd-journald.socket system.slice",
"AllowIsolate": "no",
"AmbientCapabilities": "0",
"AssertResult": "no",
"AssertTimestampMonotonic": "0",
"Before": "shutdown.target",
"BlockIOAccounting": "no",
"BlockIOWeight": "18446744073709551615",
"CPUAccounting": "no",
"CPUQuotaPerSecUSec": "infinity",
"CPUSchedulingPolicy": "0",
"CPUSchedulingPriority": "0",
"CPUSchedulingResetOnFork": "no",
"CPUShares": "18446744073709551615",
"CanIsolate": "no",
"CanReload": "yes",
"CanStart": "yes",
"CanStop": "yes",
"CapabilityBoundingSet": "18446744073709551615",
"ConditionResult": "no",
"ConditionTimestampMonotonic": "0",
"Conflicts": "shutdown.target",
"ControlPID": "0",
"DefaultDependencies": "yes",
"Delegate": "no",
"Description": "The Apache HTTP Server",
"DevicePolicy": "auto",
"Documentation": "man:httpd(8) man:apachectl(8)",
"EnvironmentFile": "/etc/sysconfig/httpd (ignore_errors=no)",
"ExecMainCode": "0",
"ExecMainExitTimestampMonotonic": "0",
"ExecMainPID": "0",
"ExecMainStartTimestampMonotonic": "0",
"ExecMainStatus": "0",
"ExecReload": "{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -k graceful ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"ExecStart": "{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -DFOREGROUND ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"ExecStop": "{ path=/bin/kill ; argv[]=/bin/kill -WINCH ${MAINPID} ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"FailureAction": "none",
"FileDescriptorStoreMax": "0",
"FragmentPath": "/usr/lib/systemd/system/httpd.service",
"GuessMainPID": "yes",
"IOScheduling": "0",
"Id": "httpd.service",
"IgnoreOnIsolate": "no",
"IgnoreOnSnapshot": "no",
"IgnoreSIGPIPE": "yes",
"InactiveEnterTimestampMonotonic": "0",
"InactiveExitTimestampMonotonic": "0",
"JobTimeoutAction": "none",
"JobTimeoutUSec": "0",
"KillMode": "control-group",
"KillSignal": "18",
"LimitAS": "18446744073709551615",
"LimitCORE": "18446744073709551615",
"LimitCPU": "18446744073709551615",
"LimitDATA": "18446744073709551615",
"LimitFSIZE": "18446744073709551615",
"LimitLOCKS": "18446744073709551615",
"LimitMEMLOCK": "65536",
"LimitMSGQUEUE": "819200",
"LimitNICE": "0",
"LimitNOFILE": "4096",
"LimitNPROC": "7168",
"LimitRSS": "18446744073709551615",
"LimitRTPRIO": "0",
"LimitRTTIME": "18446744073709551615",
"LimitSIGPENDING": "7168",
"LimitSTACK": "18446744073709551615",
"LoadState": "loaded",
"MainPID": "0",
"MemoryAccounting": "no",
"MemoryCurrent": "18446744073709551615",
"MemoryLimit": "18446744073709551615",
"MountFlags": "0",
"Names": "httpd.service",
"NeedDaemonReload": "no",
"Nice": "0",
"NoNewPrivileges": "no",
"NonBlocking": "no",
"NotifyAccess": "main",
"OOMScoreAdjust": "0",
"OnFailureJobMode": "replace",
"PermissionsStartOnly": "no",
"PrivateDevices": "no",
"PrivateNetwork": "no",
"PrivateTmp": "yes",
"ProtectHome": "no",
"ProtectSystem": "no",
"RefuseManualStart": "no",
"RefuseManualStop": "no",
"RemainAfterExit": "no",
"Requires": "-.mount basic.target",
"RequiresMountsFor": "/var/tmp",
"Restart": "no",
"RestartUSec": "100ms",
"Result": "success",
"RootDirectoryStartOnly": "no",
"RuntimeDirectoryMode": "0755",
"SameProcessGroup": "no",
"SecureBits": "0",
"SendSIGHUP": "no",
"SendSIGKILL": "yes",
"Slice": "system.slice",
"StandardError": "inherit",
"StandardInput": "null",
"StandardOutput": "journal",
"StartLimitAction": "none",
"StartLimitBurst": "5",
"StartLimitInterval": "10000000",
"StartupBlockIOWeight": "18446744073709551615",
"StartupCPUShares": "18446744073709551615",
"StatusErrno": "0",
"StopWhenUnneeded": "no",
"SubState": "dead",
"SyslogLevelPrefix": "yes",
"SyslogPriority": "30",
"SystemCallErrorNumber": "0",
"TTYReset": "no",
"TTYVHangup": "no",
"TTYVTDisallocate": "no",
"TasksAccounting": "no",
"TasksCurrent": "18446744073709551615",
"TasksMax": "18446744073709551615",
"TimeoutStartUSec": "1min 30s",
"TimeoutStopUSec": "1min 30s",
"TimerSlackNSec": "50000",
"Transient": "no",
"Type": "notify",
"UMask": "0022",
"UnitFilePreset": "disabled",
"UnitFileState": "disabled",
"Wants": "system.slice",
"WatchdogTimestampMonotonic": "0",
"WatchdogUSec": "0"
}
}
关闭防火墙
[root@server1 ~]# ansible mysql -m service -a 'name=firewalld state=stopped'
20.0.0.13 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"name": "firewalld",
"state": "stopped",
"status": {
"ActiveEnterTimestampMonotonic": "0",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "inactive",
"After": "polkit.service basic.target dbus.service system.slice",
"AllowIsolate": "no",
"AmbientCapabilities": "0",
"AssertResult": "no",
"AssertTimestampMonotonic": "0",
"Before": "network-pre.target shutdown.target",
"BlockIOAccounting": "no",
"BlockIOWeight": "18446744073709551615",
"BusName": "org.fedoraproject.FirewallD1",
"CPUAccounting": "no",
"CPUQuotaPerSecUSec": "infinity",
"CPUSchedulingPolicy": "0",
"CPUSchedulingPriority": "0",
"CPUSchedulingResetOnFork": "no",
"CPUShares": "18446744073709551615",
"CanIsolate": "no",
"CanReload": "yes",
"CanStart": "yes",
"CanStop": "yes",
"CapabilityBoundingSet": "18446744073709551615",
"ConditionResult": "no",
"ConditionTimestampMonotonic": "0",
"Conflicts": "shutdown.target iptables.service ipset.service ip6tables.service ebtables.service",
"ControlPID": "0",
"DefaultDependencies": "yes",
"Delegate": "no",
"Description": "firewalld - dynamic firewall daemon",
"DevicePolicy": "auto",
"Documentation": "man:firewalld(1)",
"EnvironmentFile": "/etc/sysconfig/firewalld (ignore_errors=yes)",
"ExecMainCode": "0",
"ExecMainExitTimestampMonotonic": "0",
"ExecMainPID": "0",
"ExecMainStartTimestampMonotonic": "0",
"ExecMainStatus": "0",
"ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"ExecStart": "{ path=/usr/sbin/firewalld ; argv[]=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"FailureAction": "none",
"FileDescriptorStoreMax": "0",
"FragmentPath": "/usr/lib/systemd/system/firewalld.service",
"GuessMainPID": "yes",
"IOScheduling": "0",
"Id": "firewalld.service",
"IgnoreOnIsolate": "no",
"IgnoreOnSnapshot": "no",
"IgnoreSIGPIPE": "yes",
"InactiveEnterTimestampMonotonic": "0",
"InactiveExitTimestampMonotonic": "0",
"JobTimeoutAction": "none",
"JobTimeoutUSec": "0",
"KillMode": "mixed",
"KillSignal": "15",
"LimitAS": "18446744073709551615",
"LimitCORE": "18446744073709551615",
"LimitCPU": "18446744073709551615",
"LimitDATA": "18446744073709551615",
"LimitFSIZE": "18446744073709551615",
"LimitLOCKS": "18446744073709551615",
"LimitMEMLOCK": "65536",
"LimitMSGQUEUE": "819200",
"LimitNICE": "0",
"LimitNOFILE": "4096",
"LimitNPROC": "7168",
"LimitRSS": "18446744073709551615",
"LimitRTPRIO": "0",
"LimitRTTIME": "18446744073709551615",
"LimitSIGPENDING": "7168",
"LimitSTACK": "18446744073709551615",
"LoadState": "loaded",
"MainPID": "0",
"MemoryAccounting": "no",
"MemoryCurrent": "18446744073709551615",
"MemoryLimit": "18446744073709551615",
"MountFlags": "0",
"Names": "firewalld.service",
"NeedDaemonReload": "no",
"Nice": "0",
"NoNewPrivileges": "no",
"NonBlocking": "no",
"NotifyAccess": "none",
"OOMScoreAdjust": "0",
"OnFailureJobMode": "replace",
"PermissionsStartOnly": "no",
"PrivateDevices": "no",
"PrivateNetwork": "no",
"PrivateTmp": "no",
"ProtectHome": "no",
"ProtectSystem": "no",
"RefuseManualStart": "no",
"RefuseManualStop": "no",
"RemainAfterExit": "no",
"Requires": "basic.target",
"Restart": "no",
"RestartUSec": "100ms",
"Result": "success",
"RootDirectoryStartOnly": "no",
"RuntimeDirectoryMode": "0755",
"SameProcessGroup": "no",
"SecureBits": "0",
"SendSIGHUP": "no",
"SendSIGKILL": "yes",
"Slice": "system.slice",
"StandardError": "null",
"StandardInput": "null",
"StandardOutput": "null",
"StartLimitAction": "none",
"StartLimitBurst": "5",
"StartLimitInterval": "10000000",
"StartupBlockIOWeight": "18446744073709551615",
"StartupCPUShares": "18446744073709551615",
"StatusErrno": "0",
"StopWhenUnneeded": "no",
"SubState": "dead",
"SyslogLevelPrefix": "yes",
"SyslogPriority": "30",
"SystemCallErrorNumber": "0",
"TTYReset": "no",
"TTYVHangup": "no",
"TTYVTDisallocate": "no",
"TasksAccounting": "no",
"TasksCurrent": "18446744073709551615",
"TasksMax": "18446744073709551615",
"TimeoutStartUSec": "1min 30s",
"TimeoutStopUSec": "1min 30s",
"TimerSlackNSec": "50000",
"Transient": "no",
"Type": "dbus",
"UMask": "0022",
"UnitFilePreset": "enabled",
"UnitFileState": "disabled",
"Wants": "network-pre.target system.slice",
"WatchdogTimestampMonotonic": "0",
"WatchdogUSec": "0"
}
}
mysql节点上
查看服务开启
[root@mysql ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since 二 2021-01-12 22:45:00 CST; 4min 5s ago
Docs: man:httpd(8)
man:apachectl(8)
Main PID: 84473 (httpd)
Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec"
CGroup: /system.slice/httpd.service
├─84473 /usr/sbin/httpd -DFOREGROUND
├─84474 /usr/sbin/httpd -DFOREGROUND
├─84475 /usr/sbin/httpd -DFOREGROUND
├─84476 /usr/sbin/httpd -DFOREGROUND
├─84477 /usr/sbin/httpd -DFOREGROUND
└─84478 /usr/sbin/httpd -DFOREGROUND
1月 12 22:45:00 mysql systemd[1]: Starting The Apache HTTP Server...
1月 12 22:45:00 mysql httpd[84473]: AH00558: httpd: Could not reliably determine the ser...age
1月 12 22:45:00 mysql systemd[1]: Started The Apache HTTP Server.
Hint: Some lines were ellipsized, use -l to show in full.
[root@mysql ~]# systemctl status firewalld #查看防火墙开启情况
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
10月 14 08:32:40 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall .....
10月 14 08:32:40 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall d...n.
10月 14 08:32:40 localhost.localdomain firewalld[817]: WARNING: ICMP type 'beyond-scope' i....
10月 14 08:32:40 localhost.localdomain firewalld[817]: WARNING: beyond-scope: INVALID_ICMP....
10月 14 08:32:40 localhost.localdomain firewalld[817]: WARNING: ICMP type 'failed-policy' ....
10月 14 08:32:40 localhost.localdomain firewalld[817]: WARNING: failed-policy: INVALID_ICM....
10月 14 08:32:40 localhost.localdomain firewalld[817]: WARNING: ICMP type 'reject-route' i....
10月 14 08:32:40 localhost.localdomain firewalld[817]: WARNING: reject-route: INVALID_ICMP....
10月 14 08:38:58 server1 systemd[1]: Stopping firewalld - dynamic firewall daemon...
10月 14 08:38:59 server1 systemd[1]: Stopped firewalld - dynamic firewall daemon.
Hint: Some lines were ellipsized, use -l to show in full.
shell模块
chdir(cd):制定工作目录,在执行对应的命令之前,会先进入到chdir参数指定的目录中。
create:指定一个文件,当指定的文件存在时,就不执行对应命令。
removes:使用此参数指定一个文件,当指定的文件不存在时,就不执行对应命令。
默认command模块不识别重定向符号
[root@server1 ~]# ansible mysql -m shell -a 'chdir=/opt/ echo hello > /opt/hello.txt'
20.0.0.13 | CHANGED | rc=0 >>
[root@server1 ~]# ansible mysql -m shell -a 'chdir=/opt/ ls'
20.0.0.13 | CHANGED | rc=0 >>
fstab.back
fstab.link
hello.txt
rh
text
ttt
yum.bak
script模块
在管理端创建脚本
[root@server1 ~]# cd /opt
[root@server1 opt]# vi test.sh
#!/bin/bash
echo "test" > /opt/script.txt
[root@server1 opt]# chmod +x test.sh #添加执行权限
调用管理端本地脚本在mysql节点运行
[root@server1 opt]# ansible mysql -m script -a 'test.sh'
20.0.0.13 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 20.0.0.13 closed.\r\n",
"stderr_lines": [
"Shared connection to 20.0.0.13 closed."
],
"stdout": "",
"stdout_lines": []
}
mysql节点查看
[root@mysql opt]# ls
fstab.back fstab.link hello.txt rh script.txt text ttt yum.bak
[root@mysql opt]# cat script.txt
test
setup模块
获取mysql组主机的facts信息;facts(事实):主机名称、内核版本、网络接口、IP地址等
[root@server1 opt]# ansible mysql -m setup
20.0.0.13 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.122.1",
"20.0.0.13"
],
"ansible_all_ipv6_addresses": [
"fe80::e0bf:bbba:40be:e78d"
],
"ansible_apparmor": {
"status": "disabled"
},
………………