碼上歡樂
相關內容    簡體    繁體

Ansible常用模塊

本文轉載自   查看原文   2018-01-23 10:59   927    自動化運維

模塊一:   測試目標主機是否在線:ping模塊

 主機如果在線,則回復pong

[root@Node3 ~]# ansible all -m ping     //測試主機是否在線
172.17.21.206 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
172.17.21.207 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}

模塊二:command模塊和shell

作用:用於在各被管理節點運行指定的命令

shell和command的區別:shell模塊可以特殊字符,而command是不支持

[root@Node3 ~]# ansible all -m command -a 'date'                //顯示各節點的日期
172.17.21.207 | SUCCESS | rc=0 >>
Mon Jan 22 15:55:16 CST 2018

172.17.21.206 | SUCCESS | rc=0 >>
Mon Jan 22 15:55:16 CST 2018

[root@Node3 ~]# ansible all -m command -a 'ntpdate 172.17.21.208'  //同步各節點時間
172.17.21.207 | SUCCESS | rc=0 >>
22 Jan 16:03:39 ntpdate[5287]: adjust time server 172.17.21.208 offset 0.008589 sec

172.17.21.206 | SUCCESS | rc=0 >>
22 Jan 16:03:39 ntpdate[2650]: adjust time server 172.17.21.208 offset 0.017052 sec

[root@Node3 ~]# ansible all -m shell -a 'echo mageedu | passwd --stdin tony'   //修改各節點賬號的密碼
172.17.21.206 | SUCCESS | rc=0 >>
Changing password for user tony.
passwd: all authentication tokens updated successfully.

172.17.21.207 | SUCCESS | rc=0 >>
Changing password for user tony.
passwd: all authentication tokens updated successfully.

 模塊三:user模塊:管理用戶的模塊

模塊參數詳解:

    name:指定用戶名

    password:設定用戶密碼,password參數需要接受md5加密后的值

    state:用戶狀態,默認為present

        present:表示添加用戶

        absent:表示刪除用戶

    update_password:修改用戶密碼

        always:新密碼和舊密碼不同時進行修改

        on_create:為新創建的用戶指定密碼

    createhome:創建家目錄

        yes:默認項,即創建用戶默認是有家目錄的

        no:創建用戶時不創建家目錄

    remove:

        yes:刪除用戶家目錄,需要指定此參數

        no:默認項,刪除用戶時默認不刪除用戶的家目錄

    system:

        yes:默認創建為普通用戶,而非系統用戶

    如果不指定默認生成的選項有:

        home:創建家目錄

        shell:創建默認的shell為/bin/bash

        system:默認創建為普通用戶,而非系統用戶,指定是用yes

[root@Node3 ~]# ansible-doc -s user   //查看user模塊幫助信息
[root@Node3 ~]# echo Mageedu | openssl passwd -1 -stdin   //對密碼進行加密
[root@Node3 ~]# ansible all -m user -a 'name=webadmin system=yes password=$1$8218uq3N$yT28kYDpAvtE6/7x9m./a0 state=present'      //增加webadmin用戶
172.17.21.206 | SUCCESS => {
    "changed": true, 
    "comment": "", 
    "createhome": true, 
    "group": 983, 
    "home": "/home/webadmin", 
    "name": "webadmin", 
    "password": "NOT_LOGGING_PASSWORD", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": true, 
    "uid": 988
}
172.17.21.207 | SUCCESS => {
    "changed": true, 
    "comment": "", 
    "createhome": true, 
    "group": 984, 
    "home": "/home/webadmin", 
    "name": "webadmin", 
    "password": "NOT_LOGGING_PASSWORD", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": true, 
    "uid": 989
}
[root@Node3 ~]# ansible all -m user -a 'name=tom remove=yes state=absent'    //刪除tom用戶
172.17.21.206 | SUCCESS => {
    "changed": true, 
    "force": false, 
    "name": "tom", 
    "remove": true, 
    "state": "absent", 
    "stderr": "userdel: tom mail spool (/var/spool/mail/tom) not found\n", 
    "stderr_lines": [
        "userdel: tom mail spool (/var/spool/mail/tom) not found"
    ]
}
172.17.21.207 | SUCCESS => {
    "changed": true, 
    "force": false, 
    "name": "tom", 
    "remove": true, 
    "state": "absent", 
    "stderr": "userdel: tom mail spool (/var/spool/mail/tom) not found\n", 
    "stderr_lines": [
        "userdel: tom mail spool (/var/spool/mail/tom) not found"
    ]
}
[root@Node3 ~]# echo cloudos | openssl passwd -1 -stdin
$1$kwsnVwr5$PDT4oolqmhbKx9bL21HX/0
[root@Node3 ~]# ansible all -m user -a 'name=webadmin update_password=always password=$1$kwsnVwr5$PDT4oolqmhbKx9bL21HX/0'  //修改webadmin用戶的密碼
172.17.21.206 | SUCCESS => {
    "append": false, 
    "changed": true, 
    "comment": "", 
    "group": 983, 
    "home": "/home/webadmin", 
    "move_home": false, 
    "name": "webadmin", 
    "password": "NOT_LOGGING_PASSWORD", 
    "shell": "/bin/bash", 
    "state": "present", 
    "uid": 988
}
172.17.21.207 | SUCCESS => {
    "append": false, 
    "changed": true, 
    "comment": "", 
    "group": 984, 
    "home": "/home/webadmin", 
    "move_home": false, 
    "name": "webadmin", 
    "password": "NOT_LOGGING_PASSWORD", 
    "shell": "/bin/bash", 
    "state": "present", 
    "uid": 989
}

[root@Node3 ~]# ssh webadmin@node1   //驗證賬號是否能登錄
webadmin@node1's password: 
[webadmin@Node1 ~]$ id
uid=988(webadmin) gid=983(webadmin) groups=983(webadmin)
[webadmin@Node1 ~]$

 模塊四:group模塊:管理組的模塊

[root@Node3 ~]# ansible all -m group -a 'gid=1009 name=mygrp state=present system=no'          //新增mygrp組,GID為1009,不屬於系統組            
172.17.21.207 | SUCCESS => {
    "changed": true, 
    "gid": 1009, 
    "name": "mygrp", 
    "state": "present", 
    "system": false
}
172.17.21.206 | SUCCESS => {
    "changed": true, 
    "gid": 1009, 
    "name": "mygrp", 
    "state": "present", 
    "system": false
}
[root@Node3 ~]# ansible all -m group -a 'name=mygrp state=absent'       //刪除mygrp組     
172.17.21.207 | SUCCESS => {
    "changed": true, 
    "name": "mygrp", 
    "state": "absent"
}
172.17.21.206 | SUCCESS => {
    "changed": true, 
    "name": "mygrp", 
    "state": "absent"
}

模塊五:遠程復制備份模塊:copy

獲取幫助:ansible-doc -s copy

模塊參數詳解:  

    src:指定源文件路徑,可以是相對路徑,也可以是絕對路徑,可以是目錄(並非是必須的,可以使用content,直接生成文件內容)

    dest=:指定目標文件路徑,只能是絕對路徑,如果src是目錄,此項必須是目錄

    owner:指定屬主

    group:指定屬組

    mode:指定權限,可以以數字指定比如0644

    content:代替src,直接往dest文件中寫內容,可以引用變量,也可以直接使用inventory中的主機變量

    backup:在覆蓋之前將原文件備份,備份文件包含時間信息。有兩個選項:yes|no

    force:

        yes:默認項,如果目標主機包含該文件,但內容不同,則強制覆蓋

        no:則只有當目標主機的目標位置不存在該文件時,才復制

    directory_mode:遞歸的設定目錄的權限,默認為系統默認權限

[root@Node3 tmp]# ansible all -m copy -a 'src=/tmp/note.txt dest=/tmp/ backup=yes'   //復制本地文件到遠程主機並對原文件進行備份
172.17.21.207 | SUCCESS => {
    "changed": true, 
    "checksum": "9955cad1e88e697be0ee40142b4d365725aa6c4e", 
    "dest": "/tmp/note.txt", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "dd968c136dce42f6f225411a7225d0db", 
    "mode": "0644", 
    "owner": "root", 
    "size": 6, 
    "src": "/root/.ansible/tmp/ansible-tmp-1516612236.52-246176770078243/source", 
    "state": "file", 
    "uid": 0
}
172.17.21.206 | SUCCESS => {
    "changed": true, 
    "checksum": "9955cad1e88e697be0ee40142b4d365725aa6c4e", 
    "dest": "/tmp/note.txt", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "dd968c136dce42f6f225411a7225d0db", 
    "mode": "0644", 
    "owner": "root", 
    "size": 6, 
    "src": "/root/.ansible/tmp/ansible-tmp-1516612236.53-164774507851707/source", 
    "state": "file", 
    "uid": 0
}

[root@Node1 ~]# cat /tmp/note.txt   //node1節點查看文件內容
Node3

[root@Node3 tmp]# ansible all -m copy -a 'content="Ansible\n" dest=/tmp/note.txt'      //向遠程主機的文件中寫內容,會把原內容覆蓋掉
172.17.21.207 | SUCCESS => {
    "changed": true, 
    "checksum": "9fd79766f87c26f3a81e2622a577ca3864251949", 
    "dest": "/tmp/note.txt", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "a46e0c84ae99c51a342c5b0dd51032ea", 
    "mode": "0644", 
    "owner": "root", 
    "size": 8, 
    "src": "/root/.ansible/tmp/ansible-tmp-1516612880.68-129445105756732/source", 
    "state": "file", 
    "uid": 0
}
172.17.21.206 | SUCCESS => {
    "changed": true, 
    "checksum": "9fd79766f87c26f3a81e2622a577ca3864251949", 
    "dest": "/tmp/note.txt", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "a46e0c84ae99c51a342c5b0dd51032ea", 
    "mode": "0644", 
    "owner": "root", 
    "size": 8, 
    "src": "/root/.ansible/tmp/ansible-tmp-1516612880.66-133496485275706/source", 
    "state": "file", 
    "uid": 0
}
[root@Node1 ~]# cat /tmp/note.txt  //node1節點查看文件內容
Ansible

[root@Node3 tmp]# ansible all -m copy -a 'src=/etc/pam.d/ dest=/tmp/'     //帶有斜扛/,表示復制目錄下所有文件至遠程主機/tmp目錄下
172.17.21.207 | SUCCESS => {
    "changed": true, 
    "dest": "/tmp/", 
    "src": "/etc/pam.d/"
}
172.17.21.206 | SUCCESS => {
    "changed": true, 
    "dest": "/tmp/", 
    "src": "/etc/pam.d/"

[root@Node3 tmp]# ansible all -m copy -a 'src=/etc/pam.d dest=/tmp/'     //不帶斜扛/,表明復制pam.d目錄至遠程主機/tmp目錄下
172.17.21.206 | SUCCESS => {
    "changed": true, 
    "dest": "/tmp/", 
    "src": "/etc/pam.d"
}
172.17.21.207 | SUCCESS => {
    "changed": true, 
    "dest": "/tmp/", 
    "src": "/etc/pam.d"
}

[root@Node3 tmp]# ansible all -m copy -a 'src=/etc/fstab dest=/tmp/fstab.ansible mode=600 owner=tony group=webadmin'      //復制文件至/tmp目錄下,同時改變屬主與屬組及權限
172.17.21.206 | SUCCESS => {
    "changed": true, 
    "checksum": "ae2e6cc8d564afbfacf4243c13c06820ed6428f1", 
    "gid": 983, 
    "group": "webadmin", 
    "mode": "0600", 
    "owner": "tony", 
    "path": "/tmp/fstab.ansible", 
    "size": 883, 
    "state": "file", 
    "uid": 1000
}
172.17.21.207 | SUCCESS => {
    "changed": true, 
    "checksum": "ae2e6cc8d564afbfacf4243c13c06820ed6428f1", 
    "gid": 984, 
    "group": "webadmin", 
    "mode": "0600", 
    "owner": "tony", 
    "path": "/tmp/fstab.ansible", 
    "size": 883, 
    "state": "file", 
    "uid": 1000
}
[root@Node1 tmp]# ll /tmp/fstab.ansible //查看文件屬性,進行驗證
-rw------- 1 tony webadmin 883 Jan 22 17:37 /tmp/fstab.ansible

 模塊六:對遠程文件管理的模塊:file

獲取幫助:ansible-doc -s file

模塊參數詳解:  

    owner:修改屬主

    group:修改屬組

    mode:修改權限

    path=:要修改文件的路徑

    recurse:遞歸的設置文件的屬性,只對目錄有效

        yes:表示使用遞歸設置

    state:

        touch:創建一個新的空文件

        directory:創建一個新的目錄,當目錄存在時不會進行修改

        link:創建軟連接,結果src一起使用此選項才生效

        hard:創建硬連接

        absent:刪除文件,目錄,軟連接

    src:當state=link時,要被連接文件的源路徑

[root@Node3 tmp]# ansible all -m file -a 'path=/tmp/tony.txt state=touch'  //創建一個文件
172.17.21.206 | SUCCESS => {
    "changed": true, 
    "dest": "/tmp/tony.txt", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
172.17.21.207 | SUCCESS => {
    "changed": true, 
    "dest": "/tmp/tony.txt", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
[root@Node3 tmp]# ansible all -m file -a 'path=/tmp/tony.dir state=directory'  //創建一個目錄
172.17.21.206 | SUCCESS => {
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/tmp/tony.dir", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}
172.17.21.207 | SUCCESS => {
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/tmp/tony.dir", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}

[root@Node3 tmp]# ansible all -m file -a 'path=/tmp/tony.txt state=absent'    //刪除文件
172.17.21.207 | SUCCESS => {
    "changed": true, 
    "path": "/tmp/tony.txt", 
    "state": "absent"
}
172.17.21.206 | SUCCESS => {
    "changed": true, 
    "path": "/tmp/tony.txt", 
    "state": "absent"
}

[root@Node3 tmp]# ansible all -m file -a 'path=/tmp/tony.dir owner=tony group=tony recurse=yes'   //遞歸改變目錄的屬主與屬組
172.17.21.206 | SUCCESS => {
    "changed": true, 
    "gid": 1000, 
    "group": "tony", 
    "mode": "0755", 
    "owner": "tony", 
    "path": "/tmp/tony.dir", 
    "size": 6, 
    "state": "directory", 
    "uid": 1000
}
172.17.21.207 | SUCCESS => {
    "changed": true, 
    "gid": 1000, 
    "group": "tony", 
    "mode": "0755", 
    "owner": "tony", 
    "path": "/tmp/tony.dir", 
    "size": 6, 
    "state": "directory", 
    "uid": 1000
}

[root@Node3 tmp]# ansible all -m file -a 'src=/tmp/note.txt path=/tmp/notepad.txt state=link'   //設置軟連接
172.17.21.207 | SUCCESS => {
    "changed": true, 
    "dest": "/tmp/notepad.txt", 
    "gid": 0, 
    "group": "root", 
    "mode": "0777", 
    "owner": "root", 
    "size": 13, 
    "src": "/tmp/note.txt", 
    "state": "link", 
    "uid": 0
}
172.17.21.206 | SUCCESS => {
    "changed": true, 
    "dest": "/tmp/notepad.txt", 
    "gid": 0, 
    "group": "root", 
    "mode": "0777", 
    "owner": "root", 
    "size": 13, 
    "src": "/tmp/note.txt", 
    "state": "link", 
    "uid": 0
}

 模塊七:任務計划模塊:cron

獲取幫助:ansibe-doc -s cron

模塊參數詳解:

    state:

        present:創建任務

        absent:刪除任務

    backup:對遠程主機上的原任務計划內容修改之前做備份

    job:要執行的任務

    name:該任務的描述(必須項)

    user:以哪個用戶的身份運行

    minute:分鍾(0-59,*,*/2,……),不寫默認為*

    hour:小時(0-23,*,*/2,……),不寫默認為*

    day:日(1-31,*,*/2,……),不寫默認為*

    month:月(1-12,*,*/2,……),不寫默認為*

    weekday:周(0-7,*,……),不寫默認為*

[root@Node3 ~]# ansible all -m cron -a 'name="sync time from ntpserver" minute=*/10 job="/usr/sbin/ntpdate edu.ntp.org.cn  &> /dev/null"'     //每十分鍾同步一下時間
172.17.21.207 | SUCCESS => {
    "changed": true, 
    "envs": [], 
    "jobs": [
        "sync time from ntpserver"
    ]
}
172.17.21.206 | SUCCESS => {
    "changed": true, 
    "envs": [], 
    "jobs": [
        "sync time from ntpserver"
    ]
}

模塊八:收集遠程主機的信息:setup

收集可用的facts,收集每個節點的相關信息:架構信息,IP,時間,域名,網卡,MAC,主機名,CPU等信息。

這些收集的信息,可以作為變量

[root@Node3 ~]# ansible all -m setup
[root@Node3 ~]# ansible all -m setup -a 'filter=ansible_*_mb'   //獲取內存信息
[root@Node3 ~]# ansible all -m setup -a 'filter=ansible_kernel'    //獲取內核信息
[root@Node3 ~]# ansible all -m setup -a 'filter=ansible_all_ipv4_addresses'  //獲取IPV4地址信息
[root@Node3 ~]# ansible all -m setup -a 'filter=ansible_nodename'   //獲取節點主機信息

模塊九:在遠程主機執行本地腳本:script

[root@Node3 tmp]# ansible all -m script -a '/tmp/test.sh'  //向各節點執行腳本
172.17.21.206 | SUCCESS => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 172.17.21.206 closed.\r\n", 
    "stdout": "", 
    "stdout_lines": []
}
172.17.21.207 | SUCCESS => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 172.17.21.207 closed.\r\n", 
    "stdout": "", 
    "stdout_lines": []

[root@Node1 ~]# cat /tmp/test.txt   //驗證結果 
Ansible to File
[root@Node1 ~]#

 

模塊十:安裝模塊:yum

模塊參數詳解:    

    name:表示要安裝軟件包的名字,默認最新的程序包,指明要安裝的程序包,可以帶上版本號

    state:表示是安裝還卸載

        present:默認的,表示為安裝

        latest:安裝為最新的版本

        absent:表示刪除

[root@Node3 tmp]# ansible all -m yum -a 'name=httpd state=present'   //安裝httpd服務
[root@Node3 tmp]# ansible all -m yum -a 'name=httpd state=absent' //卸載httpd服
 

模塊十一:服務模塊:service

模塊參數詳解:  

    enabled:表示設置服務開機是否啟動,取值為true或者false;enabled=yes

    name=:表示要控制哪一個服務

    state:

        started:表示現在就啟動此服務

        stopped:表示現在關閉此服務

        restarted:表示重啟此服務

    sleep:如果執行了restarted,在stop和start之間沉睡幾秒

    runlevel:定義在哪些級別可以自啟動

    arguments:表示向命令行傳遞的參數

[root@Node3 tmp]# ansible Webservers -m service -a 'enabled=on name=httpd state=started'   //遠程Web服務器安裝httpd服務
[root@Node1 ~]# rpm -q nginx
nginx-1.12.2-1.el7.x86_64
[root@Node1 ~]# systemctl  list-unit-files | grep httpd     //查看httpd服務是否開機自啟動
httpd.service                                 enabled 
[root@Node1 ~]# systemctl status nginx.service 
● nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
   Active: inactive (dead) since Tue 2018-01-23 10:38:58 CST; 51s ago
 Main PID: 1355 (code=exited, status=0/SUCCESS)

Jan 18 19:16:15 Node1.contoso.com systemd[1]: Starting The nginx HTTP and reverse proxy server...
Jan 18 19:16:15 Node1.contoso.com nginx[1350]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Jan 18 19:16:15 Node1.contoso.com nginx[1350]: nginx: configuration file /etc/nginx/nginx.conf test is successful
Jan 18 19:16:16 Node1.contoso.com systemd[1]: Started The nginx HTTP and reverse proxy server.
Jan 23 10:38:58 Node1.contoso.com systemd[1]: Stopping The nginx HTTP and reverse proxy server...
Jan 23 10:38:58 Node1.contoso.com systemd[1]: Stopped The nginx HTTP and reverse proxy server.
[root@Node1 ~]#

 模塊十二:獲取遠程文件信息: stat

stat 模塊(獲取遠程文件狀態信息,atime/ctime/mtime/md5/uid/gid 等信息)

[root@Node3 ~]# ansible all -m stat -a 'path=/etc/passwd'

stat 模塊(獲取遠程文件狀態信息,atime/ctime/mtime/md5/uid/gid 等信息)


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 ansible-常用模塊 Ansible Playbooks常用模塊 Ansible常用模塊整理 ansible常用模塊匯總 ansible使用,常用模塊 Linux之ansible 常用模塊 ansible API 常用模塊 ansible常用模塊及參數(1) Ansible之常用模塊(一) Ansible 常用模塊(一)
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM