目录
1.blockinfile模块使用:在rhce上文件ansible.txt文件中写入内容 ansible
然后使用blockinfile模块,在文件中插入内容 blockinfile insert content
然后插入内容 blockinfile with marker 且使用指定标记: marker=#{mark}test
在blockinfile insert content之前插入 insertbefore
在blockinfile insert content之后插入 insertafter
2.lineinfile模块使用向node节点上文件 ansible.txt2文件如插入内容 lineinfile insert content
文件中的"Hello ansible,Hiiii"替换成"Hiiii"(使用正则表达式和backrefs)
将server主机上的包解压到node主机且设置权限为644
5.cron模块在node上为student用户设置周一到周五早上的9:00输出闹钟到/root/alarm_cron
8.yum_repository设置两个软件仓库BaseOS和APPStream(本地yum源的配置)到文件my.repo
11.firewalld模块添加端口22, 添加服务 http
添加富规则:允许192.168.xxx.0/24来访问http的80端口
12.selinux模块设置selinux工作模式为permissive
13.nmcli模块在node上添加一块网卡,设置IP,gw, method, dns,type,和自动连接
然后对磁盘进行分区: 分区1: 400,分区2: 200M, 分区3:200M,且设置分区1和分区2类型为LVM
17.lvg模块:用上面parted建立的分区: 创建卷组
19.filesystem模块:为逻辑卷和分区3设置文件系统类型为 xfs
20.mount模块:为上面的逻辑卷和分区3进行挂载(分别使用mounted和present)
1.blockinfile模块使用:
在rhce上文件ansible.txt文件中写入内容 ansible
![](https://i-blog.csdnimg.cn/blog_migrate/03a96dd86904150c2759b41749045a8c.png)
然后使用blockinfile模块,在文件中插入内容 blockinfile insert content
[root@rhcsa ~]# ansible rhce -m blockinfile -a "path=/root/ansible.txt block='blockinfile insert content' insertafter=EOF"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Block inserted"
}
然后插入内容 blockinfile with marker 且使用指定标记: marker=#{mark}test
[root@rhcsa ~]# ansible rhce -m blockinfile -a "path=/root/ansible.txt block='blockinfile with marker' marker=#{mark}test"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Block inserted"
}
在blockinfile insert content之前插入 insertbefore
[root@rhcsa ~]# ansible rhce -m blockinfile -a "path=/root/ansible.txt block='insertbefore' insertbefore='blockinfile insert content' marker='#{mark} test'"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Block inserted"
}
在blockinfile insert content之后插入 insertafter
[root@rhcsa ~]# ansible rhce -m blockinfile -a "path=/root/ansible.txt block='insertafter' insertafter='blockinfile insert content' marker='#{mark} test1'"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Block inserted"
}
删除其中一行内容
[root@rhcsa ~]# ansible rhce -m blockinfile -a "path=/root/ansible.txt block='insertafyer' insertafter='blockinfile insert content' marker='#{mark} test1' state=absent"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Block removed"
}
2.lineinfile模块使用
向node节点上文件 ansible.txt2文件如插入内容 lineinfile insert content
[root@rhcsa ~]# ansible rhce -m lineinfile -a "path=/root/ansible.txt2 line='lineinfile insert content' create=yes"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
删除lineinfile insert content
[root@rhcsa ~]# ansible rhce -m lineinfile -a "path=/root/ansible.txt2 line='lineinfile insert content' state=absent"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"found": 1,
"msg": "1 line(s) removed"
}
重新插入lineinfile insert content
在之前插入: insertbefore
[root@rhcsa ~]# ansible rhce -m lineinfile -a "path=/root/ansible.txt2 line='insertbefore' insertbefore='lineinfile insert content'"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
在它之后插入: insertafter
[root@rhcsa ~]# ansible rhce -m lineinfile -a "path=/root/ansible.txt2 line='insertafter' insertafter='lineinfile insert content'"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
插入:Hello ansible,Hiiii
[root@rhcsa ~]# ansible rhce -m lineinfile -a "path=/root/ansible.txt2 line='Hello ansible,Hiiii'"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
文件中的"Hello ansible,Hiiii"替换成"Hiiii"(使用正则表达式和backrefs)
[root@rhcsa ~]# ansible rhce -m lineinfile -a "path=/root/ansible.txt2 regexp='(H.{4}).*(H.{4})' line='Hiiii'"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line replaced"
}
3.unarchive模块使用
将node主机上的包解压
![](https://i-blog.csdnimg.cn/blog_migrate/e07cc548133e22a687a0123e672f48c9.png)
将server主机上的包解压到node主机且设置权限为644
[root@rhcsa ~]# ansible rhce -m unarchive -a "src=/root/apr-1.6.5.tar.gz dest=/home/student mode=0644"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"dest": "/home/student",
"extract_results": {
"cmd": [
"/bin/gtar",
"--extract",
"-C",
"/home/student",
"-z",
"-f",
"/home/student/.ansible/tmp/ansible-tmp-1659695531.3050132-5926-83183719667943/source"
],
"err": "",
"out": "",
"rc": 0
},
"gid": 1112,
"group": "student",
"handler": "TgzArchive",
"mode": "0664",
"owner": "student",
"secontext": "unconfined_u:object_r:user_home_dir_t:s0",
"size": 270,
"src": "/home/student/.ansible/tmp/ansible-tmp-1659695531.3050132-5926-83183719667943/source",
"state": "directory",
"uid": 1112
}
4.archive模块使用
将node上的目录进行压缩
![](https://i-blog.csdnimg.cn/blog_migrate/06f01b782c98ff45c4460a9a40209025.png)
5.cron模块
在node上为student用户设置周一到周五早上的9:00输出闹钟到/root/alarm_cron
[root@rhcsa ~]# ansible rhce -m cron -a "hour=9 minute=0 weekday=1-5 name="闹钟" job=/root/alarm_cron user=student"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"envs": [],
"jobs": [
"闹钟"
]
}
6.user模块
创建用户
[root@rhcsa ~]# ansible rhce -m user -a "name=li"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1113,
"home": "/home/li",
"name": "li",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1113
}
删除用户
[root@rhcsa ~]# ansible rhce -m user -a "name=li state=absent"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"force": false,
"name": "li",
"remove": false,
"state": "absent"
}
7.group模块
创建组
[root@rhcsa ~]# ansible rhce -m group -a "name=li"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"gid": 1113,
"name": "li",
"state": "present",
"system": false
}
删除组
[root@rhcsa ~]# ansible rhce -m group -a "name=li state=absent"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "li",
"state": "absent"
}
8.yum_repository
设置两个软件仓库BaseOS和APPStream(本地yum源的配置)到文件my.repo
[root@rhcsa ~]# ansible rhce -m yum_repository -a "name=BaseOS baseurl=file:///mnt/cdrom/BaseOS gpgcheck=0 enabled=1 file=my.repo description=BaseOS"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"repo": "BaseOS",
"state": "present"
}
[root@rhcsa ~]# ansible rhce -m yum_repository -a "name=APPStream baseurl=file:///mnt/cdrom/AppStream gpgcheck=0 enabled=1 file=my.repo description=APPStream"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"repo": "APPStream",
"state": "present"
}
9.yum/dnf模块
安装软件 lrzsz
[root@rhcsa ~]# ansible rhce -m yum -a "name=lrzsz"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Installed: lrzsz-0.12.20-43.el8.x86_64"
]
}
10.service/systemd模块
关闭防火墙
![](https://i-blog.csdnimg.cn/blog_migrate/95996b446279eef05e7ebf56e336c550.png)
重启防火墙
![](https://i-blog.csdnimg.cn/blog_migrate/4309414de86c4652bf91bf07700b9040.png)
禁用防火墙
![](https://i-blog.csdnimg.cn/blog_migrate/54784ee3873a001b67cb1da3990c11b6.png)
11.firewalld模块
添加端口22, 添加服务 http
rhce | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"msg": "Permanent and Non-Permanent(immediate) operation"
}
[root@rhcsa ~]# ansible rhce -m firewalld -a 'port=22/tcp permanent=true immediate=true state=enabled'
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Permanent and Non-Permanent(immediate) operation, Changed port 22/tcp to enabled"
}
添加富规则:允许192.168.xxx.0/24来访问http的80端口
[root@rhcsa ~]# ansible rhce -m firewalld -a 'rich_rule="rule family=ipv4 source address=192.168.40.0/24 service name=http accept" permanent=true immediate=true state=enabled'
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Permanent and Non-Permanent(immediate) operation, Changed rich_rule rule family=ipv4 source address=192.168.40.0/24 service name=http accept to enabled"
}
删除富规则
[root@rhcsa ~]# ansible rhce -m firewalld -a 'rich_rule="rule family=ipv4 source address=192.168.40.0/24 service name=http accept" state=disabled'
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Non-permanent operation, Changed rich_rule rule family=ipv4 source address=192.168.40.0/24 service name=http accept to disabled"
}
12.selinux模块
设置selinux工作模式为permissive
[root@rhcsa ~]# ansible rhce -m selinux -a "state=permissive policy=targeted"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"configfile": "/etc/selinux/config",
"msg": "SELinux state changed from 'enforcing' to 'permissive', Config SELinux state changed from 'enforcing' to 'permissive'",
"policy": "targeted",
"reboot_required": false,
"state": "permissive"
}
13.nmcli模块
在node上添加一块网卡,设置IP,gw, method, dns,type,和自动连接
[root@rhcsa ~]# ansible rhce -m nmcli -a "conn_name=ens666 ip4=192.168.40.140/24 gw4=192.168.40.1 dns4=114.114.114.114 type=ethernet state=present"
rhce | CHANGED => {
"Exists": "Connections do exist so we are modifying them",
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"conn_name": "ens666",
"state": "present"
}
14.get_url模块
去梨视频找个视频下载下来
[root@rhcsa ~]# ansible rhce -m get_url -a "url=https://video.pearvideo.com/mp4/adshort/20180504/cont-1337568-12007359_adpkg-ad_hd.mp4 dest=/root"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum_dest": null,
"checksum_src": "c8c67c158b16ce84172273cc14dcc1c9f9403ef8",
"dest": "/root/cont-1337568-12007359_adpkg-ad_hd.mp4",
"elapsed": 7,
"gid": 0,
"group": "root",
"md5sum": "dee2f423b48d0ce9d6e8ca6f6e78e443",
"mode": "0644",
"msg": "OK (11510845 bytes)",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 11510845,
"src": "/home/student/.ansible/tmp/ansible-tmp-1659700195.5528436-7695-163031912329044/tmpmcmvn8m5",
"state": "file",
"status_code": 200,
"uid": 0,
"url": "https://video.pearvideo.com/mp4/adshort/20180504/cont-1337568-12007359_adpkg-ad_hd.mp4"
}
15.uri模块
访问百度,并能获取到百度源码
[root@rhcsa ~]# ansible rhce -m uri -a "url=https://www.baidu.com"
rhce | SUCCESS => {
"accept_ranges": "bytes",
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"cache_control": "no-cache",
"changed": false,
"connection": "close",
"content_length": "227",
"content_type": "text/html",
"cookies": {
"BAIDUID": "DF867D0B7155041007B51368264CE9AB:FG=1",
"BD_NOT_HTTPS": "1",
"BIDUPSID": "DF867D0B715504104B9BE896590DAD78",
"PSTM": "1659700306"
},
"cookies_string": "BAIDUID=DF867D0B7155041007B51368264CE9AB:FG=1; BIDUPSID=DF867D0B715504104B9BE896590DAD78; PSTM=1659700306; BD_NOT_HTTPS=1",
"date": "Fri, 05 Aug 2022 11:51:46 GMT",
"elapsed": 0,
"msg": "OK (227 bytes)",
"p3p": "CP=\" OTI DSP COR IVA OUR IND COM \", CP=\" OTI DSP COR IVA OUR IND COM \"",
"pragma": "no-cache",
"redirected": false,
"server": "BWS/1.1",
"set_cookie": "BD_NOT_HTTPS=1; path=/; Max-Age=300, BIDUPSID=DF867D0B715504104B9BE896590DAD78; expires=Thu, 31-Dec-37 23:55:55 GMT; max-age=2147483647; path=/; domain=.baidu.com, PSTM=1659700306; expires=Thu, 31-Dec-37 23:55:55 GMT; max-age=2147483647; path=/; domain=.baidu.com, BAIDUID=DF867D0B7155041007B51368264CE9AB:FG=1; max-age=31536000; expires=Sat, 05-Aug-23 11:51:46 GMT; domain=.baidu.com; path=/; version=1; comment=bd",
"status": 200,
"strict_transport_security": "max-age=0",
"traceid": "1659700306025489869811720199910870649460",
"url": "https://www.baidu.com",
"x_frame_options": "sameorigin",
"x_ua_compatible": "IE=Edge,chrome=1"
}
16.parted模块
新增一块儿1GB的磁盘
![](https://i-blog.csdnimg.cn/blog_migrate/095171e7ff68c970d0f9d395b6066511.png)
然后对磁盘进行分区: 分区1: 400,分区2: 200M, 分区3:200M,且设置分区1和分区2类型为LVM
[root@rhcsa ~]# ansible rhce -m parted -a "device=/dev/nvme0n3 number=1 part_end=400MB state=present flags=lvm"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"disk": {
"dev": "/dev/nvme0n3",
"logical_block": 512,
"model": "NVMe Device",
"physical_block": 512,
"size": 1048576.0,
"table": "msdos",
"unit": "kib"
},
"partitions": [
{
"begin": 1024.0,
"end": 390144.0,
"flags": [
"lvm"
],
"fstype": "",
"name": "",
"num": 1,
"size": 389120.0,
"unit": "kib"
}
],
"script": "unit KiB mklabel msdos mkpart primary 0% 400MB unit KiB set 1 lvm on"
}
[root@rhcsa ~]# ansible rhce -m parted -a "device=/dev/nvme0n3 number=2 part_start=400MB part_end=600MB state=present flags=lvm"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"disk": {
"dev": "/dev/nvme0n3",
"logical_block": 512,
"model": "NVMe Device",
"physical_block": 512,
"size": 1048576.0,
"table": "msdos",
"unit": "kib"
},
"partitions": [
{
"begin": 1024.0,
"end": 390144.0,
"flags": [
"lvm"
],
"fstype": "",
"name": "",
"num": 1,
"size": 389120.0,
"unit": "kib"
},
{
"begin": 390144.0,
"end": 585728.0,
"flags": [
"lvm"
],
"fstype": "",
"name": "",
"num": 2,
"size": 195584.0,
"unit": "kib"
}
],
"script": "unit KiB mkpart primary 400MB 600MB unit KiB set 2 lvm on"
}
[root@rhcsa ~]# ansible rhce -m parted -a "device=/dev/nvme0n3 number=3 part_start=600MB part_end=800MB state=present"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"disk": {
"dev": "/dev/nvme0n3",
"logical_block": 512,
"model": "NVMe Device",
"physical_block": 512,
"size": 1048576.0,
"table": "msdos",
"unit": "kib"
},
"partitions": [
{
"begin": 1024.0,
"end": 390144.0,
"flags": [
"lvm"
],
"fstype": "",
"name": "",
"num": 1,
"size": 389120.0,
"unit": "kib"
},
{
"begin": 390144.0,
"end": 585728.0,
"flags": [
"lvm"
],
"fstype": "",
"name": "",
"num": 2,
"size": 195584.0,
"unit": "kib"
},
{
"begin": 585728.0,
"end": 781312.0,
"flags": [],
"fstype": "",
"name": "",
"num": 3,
"size": 195584.0,
"unit": "kib"
}
],
"script": "unit KiB mkpart primary 600MB 800MB"
}
17.lvg模块:用上面parted建立的分区: 创建卷组
[root@rhcsa ~]# ansible rhce -m lvg -a 'pvs=/dev/nvme0n3p1 vg=myvg1'
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true
}
18.lvol模块:在上面卷组的基础上创建逻辑卷:500M
[root@rhcsa ~]# ansible rhce -m lvol -a 'vg=myvg1 lv=lv1 size=500'
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": ""
}
19.filesystem模块:为逻辑卷和分区3设置文件系统类型为 xfs
[root@rhcsa ~]# ansible rhce -m filesystem -a 'dev=/dev/myvg1/lv1 fstype=xfs force=yes'
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true
}
[root@rhcsa ~]# ansible rhce -m filesystem -a 'dev=/dev/nvme0n3p3 fstype=xfs force=yes'
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true
}
20.mount模块:
为上面的逻辑卷和分区3进行挂载(分别使用mounted和present)
[root@rhcsa ~]# ansible rhce -m mount -a "path=/mnt/test fstype=xfs src=/dev/myvg1 state=present"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup_file": "",
"boot": "yes",
"changed": true,
"dump": "0",
"fstab": "/etc/fstab",
"fstype": "xfs",
"name": "/mnt/test",
"opts": "defaults",
"passno": "0",
"src": "/dev/myvg1"
}
[root@rhcsa ~]# ansible rhce -m mount -a "path=/mnt/test1 fstype=xfs src=/dev/nvme0n3p3 state=present"
rhce | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup_file": "",
"boot": "yes",
"changed": true,
"dump": "0",
"fstab": "/etc/fstab",
"fstype": "xfs",
"name": "/mnt/test1",
"opts": "defaults",
"passno": "0",
"src": "/dev/nvme0n3p3"
}