ansible简单练习题

在练习ansible题目之前，需要完成如下几个步骤：
明确好控制节点及被控节点，配置好固定的IP地址，将其IP地址写入/etc/hosts中（可选）

[root@centos78 ~]# vim /etc/hosts
192.168.76.133 master
192.168.76.134 node1
192.168.76.135 node2

SSH远程免密连接

#前提将防火墙及SELinux关闭,要求让控制节点的root用户能够免密连接被控节点的root用户
[root@centos78 ~]# ssh-keygen					#生成公私钥
[root@centos78 ~]#ssh-copy-id root@node1		#将公钥传给被控节点
[root@centos78 ~]#ssh-copy-id root@node2

#在控制节点及被控节点上创建用户
[root@centos78 ~]#useradd xiaoming						#创建xiaoming用户
[root@centos78 ~]#echo 123 | passwd --stdin xiaoming	#xiaoming用户的密码
#注：每个节点上都需要创建

重复上述免密操作，使得xiaoming用户能够连接到被控节点的用户上

根据个人需求，修改ansible的访问目录，默认是在config file = /etc/ansible/ansible.cfg

1、以all主机组为目标执行id命令

[xiaoming@centos78 ~]$
[xiaoming@centos78 ~]$ mkdir -pv  ansible/chap01
[xiaoming@centos78 chap01]$ cp /etc/ansible/ansible.cfg  .			#复制默认文件到当前目录下
[xiaoming@centos78 chap01]$ cat ansible.cfg							#重新编写配置文件
[defaults]
inventory = ./inventory         ;指定清单文件
remote_user = xiaoming          ;指定连接受控主机的xiaoming用户，如果未指定，则使用当前用户的名称
ask_pass = false                ;是否提示输入ssh密码。如果使用ssh公钥身份认证，则可以是false
#forks=5
#roles_path=roles

[privilege_escalation]
become=True                             ;登录到受控主机后是否切换用户
become_method=sudo                      ;可以使用su或者sudo的方式切换用户，当前使用sudo方式，默认是sudo
become_user=root                        ;切换到哪个用户
become_ask_pass=False           		;是否为become_method提示输入密码，默认为false
become_method=sudo              		;需要提前在受控节点设置用户的sudo配置


[xiaoming@centos78 chap01]$ ansible all -m ping
node2 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
node1 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
master | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": false,
    "ping": "pong"
}

2、使用copy模块修改所有主机上的/etc/motd文件内容为welcome to ansible

[xiaoming@centos78 chap01]$ ansible all -m copy -a 'content="welcome to ansible\n" dest=/etc/motd'
#可查看模板进行编写：ansible-doc copy

#检验
[root@node1 ~]# cat /etc/motd
welcome to ansible
[root@node2 ~]# cat /etc/motd
welcome to ansible

3、使用command模块查看/etc/motd文件的内容

[xiaoming@centos78 chap01]$ ansible all -m command -a  "cat /etc/motd"
node2 | CHANGED | rc=0 >>
welcome to ansible
node1 | CHANGED | rc=0 >>
welcome to ansible
master | CHANGED | rc=0 >>
welcome to ansible

4、使用user模块创建用户wukong，uid为2000

[xiaoming@centos78 chap01]$ ansible all -m user -a 'name=wukong uid=2000'
node1 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "comment": "",
    "create_home": true,
    "group": 2000,
    "home": "/home/wukong",
    "name": "wukong",
    "shell": "/bin/bash",
    "state": "present",
    "system": false,
    "uid": 2000
}
node2 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "comment": "",
    "create_home": true,
    "group": 2000,
    "home": "/home/wukong",
    "name": "wukong",
    "shell": "/bin/bash",
    "state": "present",
    "system": false,
    "uid": 2000
}
master | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "comment": "",
    "create_home": true,
    "group": 2000,
    "home": "/home/wukong",
    "name": "wukong",
    "shell": "/bin/bash",
    "state": "present",
    "system": false,
    "uid": 2000
}

5、使用yum模块安装httpd软件包并使用service模块启动该服务

[xiaoming@centos78 chap01]$ ansible all -m yum -a 'name=httpd'
node1 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "msg": "Nothing to do",
    "rc": 0,
    "results": []
}
node2 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [
        "Installed: httpd-filesystem-2.4.37-47.module_el8.6.0+1111+ce6f4ceb.1.noarch",
        "Installed: centos-logos-httpd-85.8-2.el8.noarch",
        "Installed: apr-1.6.3-12.el8.x86_64",
        "Installed: mailcap-2.1.48-3.el8.noarch",
        "Installed: httpd-tools-2.4.37-47.module_el8.6.0+1111+ce6f4ceb.1.x86_64",
        "Installed: apr-util-1.6.1-6.el8.x86_64",
        "Installed: apr-util-bdb-1.6.1-6.el8.x86_64",
        "Installed: apr-util-openssl-1.6.1-6.el8.x86_64",
        "Installed: httpd-2.4.37-47.module_el8.6.0+1111+ce6f4ceb.1.x86_64",
        "Installed: mod_http2-1.15.7-5.module_el8.6.0+1111+ce6f4ceb.x86_64"
    ]
}

master | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": false,
    "msg": "",
    "rc": 0,
    "results": [
        "httpd-2.4.6-97.el7.centos.5.x86_64 providing httpd is already installed"
    ]
}

使用service模块启动该服务

[xiaoming@centos78 chap01]$ ansible all -m service -a 'name=httpd state=started'