一 stat模塊
檢查文件狀態使用,模塊獲取文件的狀態等信息,類似與linux中的STAT命令可以用來獲取文件的屬主、可讀/寫、文件狀態等信息
[root@node1 ansible]# stat lookup_files_ex.yml
File: ‘lookup_files_ex.yml’ Size: 125 Blocks: 8 IO Block: 4096 regular file Device: fd00h/64768d Inode: 69018922 Links: 1 Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2020-04-30 18:01:52.947596173 +0800 Modify: 2020-04-30 18:01:51.624591268 +0800 Change: 2020-04-30 18:01:51.626591276 +0800 Birth: -
[root@node1 ansible]# vim files_stat_ex.yml
- hosts: demo2.example.com gather_facts: no tasks: - name: stat /rtc/fstab stat: path: /etc/fstab register: fstab_stat - name: print fstab_stat debug: msg: "{{ fstab_stat }}"
[root@node1 ansible]# ansible-playbook files_stat_ex.yml
TASK [print fstab_stat] *********************************************************************************************************************** ok: [demo2.example.com] => { "msg": { "changed": false, "failed": false, "stat": { "atime": 1588162552.5214317, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "8e1580bbd25809a2232e28adba26735dad99cc06", "ctime": 1565620911.8073654, "dev": 64768, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 33554498, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1565620660.3251472, "nlink": 1, "path": "/etc/fstab", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 465, "uid": 0, "version": "598828928", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } }
二 blockinfile模塊
blockinfile 是 Ansible 的一個非常實用的模塊,和單行替換模塊 lineinfile 類似,但是可以幫助我們在文件中插入一段文本。
[root@node1 ansible]# vim files/test.html
<html>
<head>
</head>
<body>
</body>
</html>
[root@node1 ansible]# vim blockfile_ex.yml
- name: blockinfile module test hosts: demo3.example.com tasks: - name: install httpd yum: name: httpd state: installed - name: copy test.html to dest copy: src: files/test.html dest: /var/www/html/test.html - name: add block blockinfile: marker: "<!--{mark} ANSIBLE MANAGED BLOCK -->" insertafter: "<body>" path: /var/www/html/test.html block: <h1>Welcome to {{ ansible_hostname}}</h1> <p>Last update on {{ ansible_date_time.iso8601}} </p> - name: start service service: name: httpd state: started
執行
[root@node1 ansible]# ansible-playbook blockfile_ex.yml
訪問
三 lineinfile模塊
在大多數時候,我們在linux上的操作,就是針對文件的操作,通過配置管理工具對配置文件作統一的配置修改是一個非常酷的功能。
下面是官方針對該模塊的說明:
lineinfile - Ensure a particular line is in a file, or replace an existing line using a back-referenced regular expression
簡單講,這個模塊就是針對一個文件中行內容的操作。
下面我們詳細說一說其具體可以做的事情。
3.1 修改匹配行
修改selinux示例
[root@node1 ansible]# ansible demo3.example.com -m shell -a "cat /etc/selinux/config |grep ^SELINUX="
[root@node1 ansible]# vim edit_selinux.yml
- hosts: demo3.example.com gather_facts: no tasks: - name: disable selinux lineinfile: path: /etc/selinux/config regex: ^SELINUX= line: SELINUX=disabled
[root@node1 ansible]# ansible-playbook edit_selinux.yml
[root@node1 ansible]# ansible demo3.example.com -m shell -a "cat /etc/selinux/config |grep ^SELINUX="
demo3.example.com | CHANGED | rc=0 >> SELINUX=disabled
在node3節點寫入一個文件
[root@node3 ~]# vim /tmp/test.conf
Listen 127.0.0.1:80 Listen 80 Port
3.2 插入匹配行
[root@node1 ansible]# vim lineinfile.yml
- hosts: demo3.example.com gather_facts: no tasks: - name: inser after lineinfile: path: /tmp/test.conf insertafter: "^Listen 80" #在之后插入 line: "aaaaa" - name: inser befor lineinfile: path: /tmp/test.conf insertbefore: "^Listen 80" #之前插入 line: "befor bbbb"
執行
[root@node1 ansible]# ansible-playbook lineinfile.yml
[root@node1 ansible]# ansible demo3.example.com -m shell -a "cat /tmp/test.conf"
demo3.example.com | CHANGED | rc=0 >> Listen 127.0.0.1:80 befor bbbb Listen 80 aaaaa Port
3.3 刪除匹配行
[root@node1 ansible]# vim lineinfile.yml
- hosts: demo3.example.com gather_facts: no vars: testfile: "/tmp/test.conf" tasks: - name: inser after lineinfile: path: "{{testfile}}" insertafter: "^Listen 80" line: "aaaaa" - name: inser befor lineinfile: path: "{{ testfile }}" insertbefore: "^Listen 80" line: "befor bbbb" - name: delete line lineinfile: path: "{{ testfile }}" regex: "^Port" state: absent
[root@node1 ansible]# ansible-playbook lineinfile.yml
[root@node1 ansible]# ansible demo3.example.com -m shell -a "cat /tmp/test.conf"
demo3.example.com | CHANGED | rc=0 >> Listen 127.0.0.1:80 befor bbbb Listen 80 aaaaa
3.4 文件存在則添加一行內容
往/etc/hosts里添加一行10.1.61.131 test.dz11.com(多次執行,不會重復添加),示例如下:
- name: add a line lineinfile: path: /etc/hosts line: '10.1.61.131 test.dz11.com'
如果有匹配的行則修改該行,如果不匹配則添加
[root@node1 ansible]# vim lineinfile.yml
- hosts: demo3.example.com gather_facts: no vars: testfile: "/tmp/test.conf" tasks: - name: inser after lineinfile: path: "{{testfile}}" insertafter: "^Listen 80" line: "aaaaa" - name: inser befor lineinfile: path: "{{ testfile }}" insertbefore: "^Listen 80" line: "befor bbbb" - name: delete line lineinfile: path: "{{ testfile }}" regex: "^Port" state: absent - name: regex lineinfile: path: "{{testfile}}" regex: "^Listen 8080 " line: "Listen 809090 "
[root@node1 ansible]# ansible-playbook lineinfile.yml
[root@node1 ansible]# ansible demo3.example.com -m shell -a "cat /tmp/test.conf"
demo3.example.com | CHANGED | rc=0 >> Listen 127.0.0.1:80 befor bbbb Listen 80 aaaaa Listen 809090
3.5 參數backrefs,backup說明
- backup: 是否備份原文件,默認為no
- backrefs:
- 當backrefs為no時,如果regex沒有匹配到行,則添加一行,如果Regx匹配到行,則修改該行
- 當backrefs為yes時,如果regex沒有匹配到行,則保持原文件不變,如果regex匹配到行,則修改該行
- backrefs默認為no,所以上面那個示例中,我們沒有配置backrefs,而默認沒有匹配,則修改。
3.6 使用validate驗證文件是否正確修改
在一些場景下,我們修改完文件后,需要對文件做一下測試,用以檢查文件修改之后,是否能正常運行。如http.conf、nginx.conf等,一旦改錯,而不加以測試,可能會直接導致http服務掛掉。
可以使用validate關鍵字,在修改完成以后,對文件執行檢測:
- name: test validate lineinfile: dest: /etc/sudoers state: present regexp: '^%ADMIN ALL=' line: '%ADMIN ALL=(ALL)' validate: 'visudo -cf %s' #這里就是執行檢測,比如nginx就可以寫入nginx -t檢測配置文件 tags: - testsudo
博主聲明:本文的內容來源主要來自譽天教育晏威老師,由本人實驗完成操作驗證,需要的博友請聯系譽天教育(http://www.yutianedu.com/),獲得官方同意或者晏老師(https://www.cnblogs.com/breezey/)本人同意即可轉載,謝謝!