Ansible常见模块的使用
2021/7/19 6:09:20
本文主要是介绍Ansible常见模块的使用,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!
Ansible常见模块的使用
- ansible常见模块
- ping模块用于检查指定节点机器是否连通
- script-在受控主机上执行控制主机的脚本
- template template与copy类似-模块用于生成一个模板,并可将其传输至远程主机上。
- yum- 管理软件
- group 组管理
- service-查询控制服务
- copy模块从服务器复制文件到目标主机
- fetch 从对方主机文件复制到本主机
- file 设置文件的属性
- hostname
- lineinfile
- blockinfile
- 计划任务cron
ansible常见模块
ping yum template copy user group service raw command shell script
-
shell,raw,command的区别(除了需要交互的命令以外几乎都可以执行)
shell模块调用的/bin/sh指令执行-可执行受控主机上的脚本
command模块不是调用的shell的指令,所以没有bash的环境变量(不支持管道符,重定向)
raw很多地方和shell类似,更多的地方建议使用shell和command模块。但是如果是使用老版本python,需要用到raw,又或者是客户端是路由器,因为没有安装python模块,那就需要使用raw模块了
3种都不具备幂等性所以一般只用来进行查看性的命令
ping模块用于检查指定节点机器是否连通
[root@localhost ~]# ansible all -m ping 192.168.216.131 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": false, "ping": "pong"
script-在受控主机上执行控制主机的脚本
控制主机上编辑脚本
[root@localhost /]# cat test.sh !#/bin/bash df -h
返回结果
[root@localhost /]# ansible all -m script -a '/test.sh' 192.168.216.131 | CHANGED => { "changed": true, "rc": 0, "stderr": "Shared connection to 192.168.216.131 closed.\r\n", "stderr_lines": [ "Shared connection to 192.168.216.131 closed." ], "stdout": "/root/.ansible/tmp/ansible-tmp-1626604440.52-7368-87853866289385/test.sh: line 1: !#/bin/bash: No such file or directory\r\nFilesystem Size Used Avail Use% Mounted on\r\ndevtmpfs 872M 0 872M 0% /dev\r\ntmpfs 901M 0 901M 0% /dev/shm\r\ntmpfs 901M 18M 883M 2% /run\r\ntmpfs 901M 0 901M 0% /sys/fs/cgroup\r\n/dev/mapper/rhel-root 22G 4.7G 18G 21% /\r\n/d
template template与copy类似-模块用于生成一个模板,并可将其传输至远程主机上。
[root@localhost ~]# ansible all -m template -a 'src=/etc/ansible/hosts dest=/tmp/' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, 将hosts复制到对方/tmp目录下
yum- 管理软件
- name:要管理的包名
state:要进行的操作
state常用的值:
latest:安装软件(最新的) installed:安装软件 present:安装软件 removed:卸载软件 absent:卸载软件
不加参数默认安装加参数 disabled_gpg_check=yes表示忽略
ansible all -m yum -a 'list=installed' 查询安装好的包
[root@ansible ~]# ansible all -m shell -a 'rpm -q httpd' [WARNING]: Consider using the yum, dnf or zypper module rather than running 'rpm'. If you need to use command because yum, dnf or zypper is insufficient you can add 'warn: false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid of this message. 192.168.216.131 | CHANGED | rc=0 >> httpd-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64 查询指定包是否存在
[root@localhost ~]# ansible all -m yum -a 'name=httpd state=present' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "msg": "", "rc": 0, "results": [
group 组管理
添加组
[root@localhost ~]# ansible all -m group -a 'name=mysql gid=520 state=present' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" },
删除组
[root@localhost ~]# ansible all -m group -a 'name=mysql gid=520 state=absent' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true,
[root@localhost ~]# ansible all -m shell -a 'cat /etc/group | grep mysql' 192.168.216.131 | FAILED | rc=1 >> non-zero return code
- user 用户管理
创建用户
[root@localhost ~]# ansible all -m user -a 'name=xfx uid=1005 ' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true,
[root@ansible ~]# ansible all -m user -a 'name=nginx shell=/sbin/nologin system=yes home=/var/mginx' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "comment": "", "create_home": true, "group": 973, "home": "/var/mginx", "name": "nginx", "shell": "/sbin/nologin", "state": "present", "system": true, "uid": 975 } 创建一个系统服务账号,不允许登录,家目录在/var/nginx
查询
[root@ansible ~]# ansible all -a 'getent passwd nginx' 192.168.216.131 | CHANGED | rc=0 >> nginx:x:975:973::/var/mginx:/sbin/nologin
删除用户
[root@localhost ~]# ansible all -m user -a 'name=xfx uid=1005 state=absent' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, 删除家目录加参数remove=yes
service-查询控制服务
查看httpd服务是否启动
[root@localhost ~]# ansible all -m shell -a 'systemctl status httpd' 192.168.216.131 | FAILED | rc=3 >> * httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled) Active: inactive (dead) Docs: man:httpd.service(8)non-zero return code 未启动
启动模块
[root@localhost ~]# ansible all -m service -a 'name=httpd state=started' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "name": "httpd", "state": "started", "status": {
[root@localhost ~]# ansible all -m shell -a 'ss -anltp' 192.168.216.131 | CHANGED | rc=0 >> State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=1040,fd=4),("systemd",pid=1,fd=30)) LISTEN 0 32 192.168.122.1:53 0.0.0.0:* users:(("dnsmasq",pid=1745,fd=6)) LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=1331,fd=5)) LISTEN 0 5 127.0.0.1:631 0.0.0.0:* users:(("cupsd",pid=1332,fd=10)) LISTEN 0 128 [::]:111 [::]:* users:(("rpcbind",pid=1040,fd=6),("systemd",pid=1,fd=33)) LISTEN 0 128 *:80 *:* users:(("httpd",pid=31300,fd=4),("httpd",pid=312 有80端口说明已启动
设置开机自启动
[root@localhost ~]# ansible all -m service -a 'name=httpd enabled=yes' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "enabled": true, "name": "httpd",
copy模块从服务器复制文件到目标主机
可以改变名字,组,属主,但目标目录必须存在
[root@localhost ansible]# ll hosts -rw-r--r--. 1 root root 1006 7月 15 23:44 hosts [root@localhost ansible]# ansible all -m copy -a 'src=/etc/ansible/hosts dest=/temp/ mode=0750 owner=tom' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "checksum": "f4efa214cdc7b62e90f4b625e45493e7a47f6b02", "dest": "/temp/hosts", "gid": 0, "group": "root", "md5sum": "6a36b6fcb5097162cadf27e9cf2a27b8", "mode": "0750", "owner": "tom", "size": 1006, "src": "/root/.ansible/tmp/ansible-tmp-1626607165.66-60457-65789293650640/source", "state": "file", "uid": 1001 }
查看结果
[root@localhost temp]# ll hosts -rwxr-x--- 1 tom root 1006 Jul 18 19:19 hosts
也可以直接写入数据到对方主机
[root@localhost ansible]# ansible all -m copy -a 'content=hello\n111 dest=/tmp/11123 mode=750 owner=tom group=tom' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "checksum": "74a9ada5b7e646ebaa0ca626391c29ef0f9742de", "dest": "/tmp/11123", "gid": 1001, "group": "tom", "md5sum": "a6cd917b1c09b94db137a24a1969dcb0", "mode": "0750", "owner": "tom", "size": 9, "src": "/root/.ansible/tmp/ansible-tmp-1626608832.33-93242-167051994148452/source", "state": "file", "uid": 1001 }
[root@localhost tmp]# cat 11123 hello 111
加入参数backup=yes,如果复制的版本与原始版本不一样则备份原始版本
fetch 从对方主机文件复制到本主机
[root@localhost ~]# ansible all -m fetch -a 'src=/var/log/messages dest=date/' 192.168.216.131 | CHANGED => { "changed": true, "checksum": "f0df19d66c75a8f1d865b851d5a36ca94b4d3905", "dest": "/root/date/192.168.216.131/var/log/messages", "md5sum": "12b7cdaa125d23a83a838cb7528f94c6", "remote_checksum": "f0df19d66c75a8f1d865b851d5a36ca94b4d3905", "remote_md5sum": null } 抓取受控主机日志
查看
[root@localhost log]# cat messages Jul 18 19:27:01 localhost rsyslogd[1560]: [origin software="rsyslogd" swVersion="8.1911.0-3.el8" x-pid="1560" x-info="https://www.rsyslog.com"] rsyslogd was HUPed Jul 18 19:27:02 localhost rhsmd[123913]: In order for Subscription Manager to provide your system with updates, your system must be registered with the Customer Portal. Please enter your Red Hat login to ensure your system is up-to-date. Jul 18 19:27:30 localhost systemd-logind[1192]: Session 66 logged out. Waiting for processes to exit. Jul 18 19:27:30 localhost systemd-logind[1192]: Removed session 66. Jul 18 19:28:01 localhost systemd[1]: Started Session 70 of user root. Jul 18 19:29:01 localhost NetworkManager[1321]: <info> [1626607741.0709] dhcp4 (ens160): option dhcp_lease_time => '1800' Jul 18 19:29:01 localhost NetworkManager[1321]: <info> [1626607741.0710] dhcp4 (ens160): option domain_name => 'localdomain' Jul 18 19:29:01 localhost NetworkManager[1321]: <info> [1626607741.0711] dhcp4 (ens160): option domain_name_servers => '192.168.216.2' Jul 18 19:29:01 localhost NetworkManager[1321]: <info> [1626607741.0711] dhcp4 (ens160): option expiry => '1626609541'
抓取多个文件需要tar打包后抓取
file 设置文件的属性
path-dest=name
[root@ansible ~]# ansible all -m file -a 'path=/date/f3 state=touch' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "dest": "/date/f3", "gid": 0, "group": "root", "mode": "0644", "owner": "root", "size": 0, "state": "file", "uid": 0 }
创建空文件
[root@localhost date]# ls f3
删除文件
[root@ansible ~]# ansible all -m file -a 'path=/date/f3 state=absent' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "path": "/date/f3", "state": "absent" }
[root@ansible ~]# ansible all -m file -a 'path=/date/f2 state=directory' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/date/f3", "size": 6, "state": "directory", "uid": 0 } 建立文件夹
[root@localhost date]# ls f2
创建软连接
[root@ansible ~]# ansible all -m file -a 'src=/etc/fstab path=/date/fstab.link state=link' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "dest": "/date/fstab.link", "gid": 0, "group": "root", "mode": "0777", "owner": "root", "size": 10, "src": "/etc/fstab", "state": "link", "uid": 0 }
[root@localhost date]# ls f2 fstab.link
删除软连接
[root@ansible ~]# ansible all -m file -a ' path=/date/fstab.link state=absent' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "path": "/date/fstab.link", "state": "absent" }
hostname
修改主机名字且永久生效
[root@ansible ~]# ansible all -m hostname -a 'name=test' 192.168.216.131 | CHANGED => { "ansible_facts": { "ansible_domain": "", "ansible_fqdn": "test", "ansible_hostname": "test", "ansible_nodename": "test", "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "name": "test" }
lineinfile
[root@ansible ~]# ansible all -m lineinfile -a 'path=/temp/123 line="1111"' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "backup": "", "changed": true, "msg": "line added" } 在末尾插入内容
查看结果
[root@test temp]# cat 123 123 456 asd bfg [root@test temp]# cat 123 123 456 asd bfg 1111
[root@ansible ~]# ansible all -m lineinfile -a 'path=/temp/123 regexp="^1" line='222'' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "backup": "", "changed": true, "msg": "line replaced" } 匹配以1开头的,替换掉
[root@test temp]# cat 123 123 156 asd afg 1111 [root@test temp]# cat 123 123 156 asd afg 222 只替换了最后一个
[root@ansible ~]# ansible all -m lineinfile -a 'path=/temp/123 regexp="^a" state=absent' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "backup": "", "changed": true, "found": 2, "msg": "2 line(s) removed" } 匹配以a开头的,删除他
[root@test temp]# cat 123 123 156 asd afg 222 [root@test temp]# cat 123 123 156 222 以a开头的全被删除了
insertafter/insertbefore///插入之后或之前
[root@ansible ~]# ansible all -m lineinfile -a 'path=/temp/123 insertafter='222' line="111"' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "backup": "", "changed": true, "msg": "line added" } 将文本插在指定行之后
blockinfile
[root@ansible ~]# ansible all -m blockinfile -a 'path=/temp/123 block="888"' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "msg": "Block inserted" } 文件尾部插入数据
[root@test temp]# cat 123 123 156 222 111 [root@test temp]# cat 123 123 156 222 111 # BEGIN ANSIBLE MANAGED BLOCK 888 # END ANSIBLE MANAGED BLOCK 效果于lineinfile类似,不过block会在插入的文本中添加标记
[root@ansible ~]# ansible all -m blockinfile -a 'path=/temp/123 block="999" 'marker='#{mark}000' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "msg": "Block inserted" } marker可以替换标记名
#BEGIN000 999 #END000
[root@ansible ~]# ansible all -m blockinfile -a 'path=/temp/123 block="777" 'marker='#{mark}000' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "msg": "Block inserted" } 存在相同标记但block值不同
#BEGIN000 777 #END000 结果block被替换
[root@ansible ~]# ansible all -m blockinfile -a 'path=/temp/123 block="" 'marker='#{mark}000' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "msg": "Block removed" } block为空则删除标记和标记内容
[root@ansible ~]# ansible all -m blockinfile -a 'path=/temp/123 block="555" 'marker='#{mark}000 insertbefore=BOF' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "msg": "Block inserted" } BOF表示插入到开头EOF表示插入到结尾
计划任务cron
disabled=yes=true/no=false
[root@ansible ~]# ansible all -m cron -a 'minute=* weekday=1,7 job="/usr/bin/wall warning" name=warningcron' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "envs": [], "jobs": [ "warningcron" ] } 星期一和星期天的每分钟执行计划任务warningcron命令用双引号括起来
Broadcast message from root@test (somewhere) (Sun Jul 18 22:09:01 2021): warning
目标主机计划任务表
#Ansible: warningcron * * * * 1,7 /usr/bin/wall warning
禁用
[root@ansible ~]# ansible all -m cron -a 'disabled=true job="/usr/bin/wall warning" name=warningcron' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "envs": [], "jobs": [ "warningcron", "None" ] }
[root@test ~]# crontab -l */1 * * * * date #Ansible: warningcron #* * * * * /usr/bin/wall warning 被注释了
[root@ansible ~]# ansible all -m cron -a 'disabled=no job="/usr/bin/wall warning" name=warningcron' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "envs": [], "jobs": [ "warningcron" ] }
[root@test ~]# crontab -l */1 * * * * date #Ansible: warningcron * * * * * /usr/bin/wall warning 取消注释了
删除
[root@ansible ~]# ansible all -m cron -a 'disabled=no job="/usr/bin/wall warning" name=warningcron state=absent' 192.168.216.131 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/libexec/platform-python" }, "changed": true, "envs": [], "jobs": [] } /state=absent
这篇关于Ansible常见模块的使用的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!
- 2024-11-14动态路由项目实战:从入门到上手
- 2024-11-14函数组件项目实战:从入门到简单应用
- 2024-11-14获取参数项目实战:新手教程与案例分析
- 2024-11-14可视化开发项目实战:新手入门教程
- 2024-11-14可视化图表项目实战:从入门到实践
- 2024-11-14路由懒加载项目实战:新手入门教程
- 2024-11-14路由嵌套项目实战:新手入门教程
- 2024-11-14全栈低代码开发项目实战:新手入门指南
- 2024-11-14全栈项目实战:新手入门教程
- 2024-11-14useRequest教程:新手快速入门指南