PHP資料結構(二十) ——其他插入排序
阿新 • • 發佈:2022-05-03
僅對於操作網路裝置ansible與netconf的對比
netconf使用YANG建模,XML進行資料填充,使用netconf協議進行傳輸,主要用於控制器南向介面使用,各主流廠商有自定義的YANG模型,可在官網進行下載,不過一些國內廠商對YANG的支援性並不好,公共YANG模型的RFC文件,很有閱讀必要,https://datatracker.ietf.org/doc/html/rfc6020,python中主要使用ncclient模組,可以參考之前的一篇文章https://www.cnblogs.com/darkchen/p/15248377.html
ansible底層使用python的paramiko模組通過ssh協議進行資料傳輸,適配性較好,(當然也可以自定義netconf協議模組呼叫ansible提供的api進行批量操作)對於不同的網路裝置系統可以適配不同的模組用於提交、查詢配置,一些國產裝置沒有對應的模組,需要自己編寫,主要是一些正則的使用,匹配不同的提示符做不同的互動,可以參考華為或思科的進行編寫
ansible安裝
- 使用apt/yum 安裝
yum install epel-release -y
yum install ansible –y
- 使用pip安裝
pip3 install ansible
兩者的區別
使用apt/yum安裝後只有一些基礎的模組,如command、shell、copy、file、cron等操作linux系統的模組,其他裝置廠商模組需要手動下載安裝,華為的ansible 模組提供的下載連結更新在n年前,一堆bug不能使用
使用pip安裝會有很多各家廠商自定義的模組,如AWS的EC2、S3,cisco的nxos、ios,juniper的junos等,但是沒有ansible的配置檔案,主機清單等配置,需要自定義
所以為了節省時間,我們可以兩者都進行安裝-_-
配置檔案
/etc/ansible/
├── ansible.cfg
├── hosts
└── roles
配置檔案常見引數如下,預設全部註釋掉,呼叫相應模組是會依次查詢環境變數
inventory = /etc/ansible/hosts #這個引數表示資源清單inventory檔案的位置 library = /usr/share/ansible #指向存放Ansible模組的目錄,支援多個目錄方式,只要用冒號(:)隔開就可以 forks = 5 #併發連線數 sudo_user = root #設定預設執行命令的使用者 remote_port = 22 #指定連線被管節點的管理埠,預設為22埠,建議修改,能夠更加安全 host_key_checking = False #設定是否檢查SSH主機的金鑰,值為True/False。關閉後第一次連線不會提示配置例項 timeout = 60 #設定SSH連線的超時時間,單位為秒 log_path = /var/log/ansible.log #指定一個儲存ansible日誌的檔案(預設不記錄日誌)
主機清單,可以定義單個主機也可以定義主機組,兩者都可以分別定義變數供playbook使用,示例:
[rs] 10.0.3.105 [rs:vars] ansible_connection=network_cli ansible_network_os=ce ansible_user=test ansible_ssh_pass = 123456789!@a [server] 12.5.21.8 ansible_ssh_user=ubuntu ansible_ssh_port=22 12.6.12.3 4.51.15.1 3.20.9.2 13.0.3.1 ansible_ssh_user=test [server:vars] ansible_ssh_user = root ansible_ssh_port = 233 host_name = 1.1.1.1
apt/yum安裝方式,模組目錄,只有以下模組
pip安裝方式,擷取一小部分
可以使用ansible-doc -l 檢視所有模組
如,檢視華為相關模組,其中左側一列是模組路徑右側一列是描述
ansible-doc -l | grep HUAWEI
檢視模組使用幫助
ansible常用模組示例
- 主機聯通性測試
使用ping模組來測試主機連通性
dark@dark:~$ ansible zb -m ping 49.23.3.9 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" } 1.15.9.2 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" }
- apt
使用apt-doc -s apt來檢視模組引數
dark@dark:~$ ansible-doc -s apt - name: Manages apt-packages apt: allow_unauthenticated: # Ignore if packages cannot be authenticated. This is useful for bootstrapping environments that manage their ow apt-key setup. `allow_unauthenticated' is only supported with state: `install'/`present' autoclean: # If `yes', cleans the local repository of retrieved package files that can no longer be downloaded. autoremove: # If `yes', remove unused dependency packages for all module states except `build-dep'. It can also be used as the only option. Previous to version 2.4, autoclean was also an alias for autoremove, now it is its own separate command. See documentation for further information. cache_valid_time: # Update the apt cache if it is older than the `cache_valid_time'. This option is set in seconds. As of Ansible 2.4, if explicitly set, this sets `update_cache=yes'. deb: # Path to a .deb package on the remote machine. If :// in the path, ansible will attempt to download deb before installing. (Version added 2.1) Requires the `xz-utils' package to extract the control file of the deb package to install. default_release: # Corresponds to the `-t' option for `apt' and sets pin priorities dpkg_options: # Add dpkg options to apt command. Defaults to '-o "Dpkg::Options::=--force-confdef" -o "Dpkg::Options::=--force- confold"' Options should be supplied as comma separated list fail_on_autoremove: # Corresponds to the `--no-remove' option for `apt'. If `yes', it is ensured that no packages will be removed or the task will fail. `fail_on_autoremove' is only supported with state except `absent' force: # Corresponds to the `--force-yes' to `apt-get' and implies `allow_unauthenticated: yes' This option will disable checking both the packages' signatures and the certificates of the web servers they are downloaded from. This option *is not* the equivalent of passing the `-f' flag to `apt-get' on the command line **This is a destructive operation with the potential to destroy your system, and it should almost never be used.** Please also see `man apt-get' for more information. force_apt_get: # Force usage of apt-get instead of aptitude install_recommends: # Corresponds to the `--no-install-recommends' option for `apt'. `yes' installs recommended packages. `no' does not install recommended packages. By default, Ansible will use the same defaults as the operating system. Suggested packages are never installed. name: # A list of package names, like `foo', or package specifier with version, like `foo=1.0'. Name wildcards (fnmatch) like `apt*' and version wildcards like `foo=1.0*' are also supported. only_upgrade: # Only upgrade a package if it is already installed. policy_rc_d: # Force the exit code of /usr/sbin/policy-rc.d. For example, if `policy_rc_d=101' the installed package will not trigger a service start. If /usr/sbin/policy-rc.d already exists, it is backed up and restored after the package installation. If `null', the /usr/sbin/policy- rc.d isn't created/changed. purge: # Will force purging of configuration files if the module state is set to `absent'. state: # Indicates the desired package state. `latest' ensures that the latest version is installed. `build-dep' ensures the package build dependencies are installed. `fixed' attempt to correct a system with broken dependencies in place. update_cache: # Run the equivalent of `apt-get update' before the operation. Can be run as part of the package installation or as a separate step. Default is not to update the cache. update_cache_retries: # Amount of retries if the cache update fails. Also see `update_cache_retry_max_delay'. update_cache_retry_max_delay: # Use an exponential backoff delay for each retry (see `update_cache_retries') up to this max delay in se upgrade: # If yes or safe, performs an aptitude safe-upgrade. If full, performs an aptitude full-upgrade. If dist, performs an apt-get dist-upgrade. Note: This does not upgrade a specific package, use state=latest for that. Note: Since 2.4, apt-get is used as a fall- back if aptitude is not present.
這裡只有所有的引數作用描述,並沒有引數對應的選項,我們可以去官網檢視模組的詳解
| parameter | required | default | choices | comments |
|---|---|---|---|---|
| allow_unauthenticated (added in 2.1) |
no | no |
|
Ignore if packages cannot be authenticated. This is useful for bootstrapping environments that manage their own apt-key setup. |
| autoclean (added in 2.4) |
no |
|
If yes, cleans the local repository of retrieved package files that can no longer be downloaded.
|
|
| autoremove (added in 2.1) |
no |
|
If yes, remove unused dependency packages for all module states except build-dep. It can also be used as the only option.
Previous to version 2.4, autoclean was also an alias for autoremove, now it is its own separate command. See documentation for further information.
|
|
| cache_valid_time |
no | Update the apt cache if its older than the cache_valid_time. This option is set in seconds. As of Ansible 2.4, this implicitly sets update_cache if set. | ||
| deb (added in 1.6) |
no | Path to a .deb package on the remote machine. If :// in the path, ansible will attempt to download deb before installing. (Version added 2.1) | ||
| default_release |
no |
Corresponds to the -t option for apt and sets pin priorities
|
||
| dpkg_options |
no | force-confdef,force-confold | Add dpkg options to apt command. Defaults to '-o "Dpkg::Options::=--force-confdef" -o "Dpkg::Options::=--force-confold"' Options should be supplied as comma separated list | |
| force |
no | no |
|
If yes, force installs/removes.
|
| force_apt_get (added in 2.4) |
no | Force usage of apt-get instead of aptitude | ||
| install_recommends |
no |
|
Corresponds to the --no-install-recommends option for apt. yes installs recommended packages. no does not install recommended packages. By default, Ansible will use the same defaults as the operating system. Suggested packages are never installed.
|
|
| name |
no |
A package name, like foo, or package specifier with version, like foo=1.0. Name wildcards (fnmatch) like apt* and version wildcards like foo=1.0* are also supported. Note that the apt-get commandline supports implicit regex matches here but we do not because it can let typos through easier (If you typo foo as fo apt-get would install packages that have "fo" in their name with a warning and a prompt for the user. Since we don't have warnings and prompts before installing we disallow this. Use an explicit fnmatch pattern if you want wildcarding)
aliases: pkg, package |
||
| only_upgrade (added in 2.1) |
no | Only upgrade a package if it is already installed. | ||
| purge |
no |
|
Will force purging of configuration files if the module state is set to absent. | |
| state |
no | present |
|
Indicates the desired package state. latest ensures that the latest version is installed. build-dep ensures the package build dependencies are installed.
|
| update_cache |
no |
|
Run the equivalent of apt-get update before the operation. Can be run as part of the package installation or as a separate step.
|
|
| upgrade |
no | no |
|
If yes or safe, performs an aptitude safe-upgrade. If full, performs an aptitude full-upgrade. If dist, performs an apt-get dist-upgrade. Note: This does not upgrade a specific package, use state=latest for that. Note: Since 2.4, apt-get is used as a fall-back if aptitude is not present. |
dark@dark:~$ ansible zb -m apt -a 'name=hping3 state=present' 49.23.3.9 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "cache_update_time": 1651712595, "cache_updated": false, "changed": true, "stderr": "", "stderr_lines": [], "stdout": "Reading package lists...\nBuilding dependency tree...\nReading state information...\nThe following packages were automatically installed and are no longer required:\n apache2-bin apache2-data apache2-utils fontconfig hicolor-icon-theme libapr1\n libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libatk1.0-0\n libatk1.0-data libavahi-client3 libavahi-common-data libavahi-common3\n libcairo2 libcups2 libdatrie1 libgdk-pixbuf2.0-0 libgdk-pixbuf2.0-common\n libgraphite2-3 libgtk2.0-0 libgtk2.0-bin libgtk2.0-common libharfbuzz0b\n libjbig0 libjpeg-turbo8 libjpeg8 liblua5.1-0 libpango-1.0-0\n libpangocairo-1.0-0 libpangoft2-1.0-0 libpixman-1-0 libthai-data libthai0\n libtiff5 libxcb-render0 libxcb-shm0 libxcursor1 ssl-cert\nUse 'apt autoremove' to remove them.\nThe following NEW packages will be installed:\n hping3\n0 upgraded, 1 newly installed, 0 to remove and 223 not upgraded.\nNeed to get 107 kB of archives.\nAfter this operation, 284 kB of additional disk space will be used.\nGet:1 http://cn.archive.ubuntu.com/ubuntu xenial/universe amd64 hping3 amd64 3.a2.ds2-7 [107 kB]\nFetched 107 kB in 3s (33.0 kB/s)\nSelecting previously unselected package hping3.\r\n(Reading database ... \r(Reading database ... 5%\r(Reading database ... 10%\r(Reading database ... 15%\r(Reading database ... 20%\r(Reading database ... 25%\r(Reading database ... 30%\r(Reading database ... 35%\r(Reading database ... 40%\r(Reading database ... 45%\r(Reading database ... 50%\r(Reading database ... 55%\r(Reading database ... 60%\r(Reading database ... 65%\r(Reading database ... 70%\r(Reading database ... 75%\r(Reading database ... 80%\r(Reading database ... 85%\r(Reading database ... 90%\r(Reading database ... 95%\r(Reading database ... 100%\r(Reading database ... 109472 files and directories currently installed.)\r\nPreparing to unpack .../hping3_3.a2.ds2-7_amd64.deb ...\r\nUnpacking hping3 (3.a2.ds2-7) ...\r\nProcessing triggers for man-db (2.7.5-1) ...\r\nSetting up hping3 (3.a2.ds2-7) ...\r\n", "stdout_lines": [ "Reading package lists...", "Building dependency tree...", "Reading state information...", "The following packages were automatically installed and are no longer required:", " apache2-bin apache2-data apache2-utils fontconfig hicolor-icon-theme libapr1", " libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libatk1.0-0", " libatk1.0-data libavahi-client3 libavahi-common-data libavahi-common3", " libcairo2 libcups2 libdatrie1 libgdk-pixbuf2.0-0 libgdk-pixbuf2.0-common", " libgraphite2-3 libgtk2.0-0 libgtk2.0-bin libgtk2.0-common libharfbuzz0b", " libjbig0 libjpeg-turbo8 libjpeg8 liblua5.1-0 libpango-1.0-0", " libpangocairo-1.0-0 libpangoft2-1.0-0 libpixman-1-0 libthai-data libthai0", " libtiff5 libxcb-render0 libxcb-shm0 libxcursor1 ssl-cert", "Use 'apt autoremove' to remove them.", "The following NEW packages will be installed:", " hping3", "0 upgraded, 1 newly installed, 0 to remove and 223 not upgraded.", "Need to get 107 kB of archives.", "After this operation, 284 kB of additional disk space will be used.", "Get:1 http://cn.archive.ubuntu.com/ubuntu xenial/universe amd64 hping3 amd64 3.a2.ds2-7 [107 kB]", "Fetched 107 kB in 3s (33.0 kB/s)", "Selecting previously unselected package hping3.", "(Reading database ... ", "(Reading database ... 5%", "(Reading database ... 10%", "(Reading database ... 15%", "(Reading database ... 20%", "(Reading database ... 25%", "(Reading database ... 30%", "(Reading database ... 35%", "(Reading database ... 40%", "(Reading database ... 45%", "(Reading database ... 50%", "(Reading database ... 55%", "(Reading database ... 60%", "(Reading database ... 65%", "(Reading database ... 70%", "(Reading database ... 75%", "(Reading database ... 80%", "(Reading database ... 85%", "(Reading database ... 90%", "(Reading database ... 95%", "(Reading database ... 100%", "(Reading database ... 109472 files and directories currently installed.)", "Preparing to unpack .../hping3_3.a2.ds2-7_amd64.deb ...", "Unpacking hping3 (3.a2.ds2-7) ...", "Processing triggers for man-db (2.7.5-1) ...", "Setting up hping3 (3.a2.ds2-7) ..." ] } 1.15.9.2 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "cache_update_time": 1651695647, "cache_updated": false, "changed": true, "stderr": "", "stderr_lines": [], "stdout": "Reading package lists...\nBuilding dependency tree...\nReading state information...\nThe following NEW packages will be installed:\n hping3\n0 upgraded, 1 newly installed, 0 to remove and 234 not upgraded.\nNeed to get 107 kB of archives.\nAfter this operation, 284 kB of additional disk space will be used.\nGet:1 http://mirrors.tencentyun.com/ubuntu xenial/universe amd64 hping3 amd64 3.a2.ds2-7 [107 kB]\nFetched 107 kB in 0s (3207 kB/s)\nSelecting previously unselected package hping3.\r\n(Reading database ... \r(Reading database ... 5%\r(Reading database ... 10%\r(Reading database ... 15%\r(Reading database ... 20%\r(Reading database ... 25%\r(Reading database ... 30%\r(Reading database ... 35%\r(Reading database ... 40%\r(Reading database ... 45%\r(Reading database ... 50%\r(Reading database ... 55%\r(Reading database ... 60%\r(Reading database ... 65%\r(Reading database ... 70%\r(Reading database ... 75%\r(Reading database ... 80%\r(Reading database ... 85%\r(Reading database ... 90%\r(Reading database ... 95%\r(Reading database ... 100%\r(Reading database ... 108213 files and directories currently installed.)\r\nPreparing to unpack .../hping3_3.a2.ds2-7_amd64.deb ...\r\nUnpacking hping3 (3.a2.ds2-7) ...\r\nProcessing triggers for man-db (2.7.5-1) ...\r\nSetting up hping3 (3.a2.ds2-7) ...\r\n", "stdout_lines": [ "Reading package lists...", "Building dependency tree...", "Reading state information...", "The following NEW packages will be installed:", " hping3", "0 upgraded, 1 newly installed, 0 to remove and 234 not upgraded.", "Need to get 107 kB of archives.", "After this operation, 284 kB of additional disk space will be used.", "Get:1 http://mirrors.tencentyun.com/ubuntu xenial/universe amd64 hping3 amd64 3.a2.ds2-7 [107 kB]", "Fetched 107 kB in 0s (3207 kB/s)", "Selecting previously unselected package hping3.", "(Reading database ... ", "(Reading database ... 5%", "(Reading database ... 10%", "(Reading database ... 15%", "(Reading database ... 20%", "(Reading database ... 25%", "(Reading database ... 30%", "(Reading database ... 35%", "(Reading database ... 40%", "(Reading database ... 45%", "(Reading database ... 50%", "(Reading database ... 55%", "(Reading database ... 60%", "(Reading database ... 65%", "(Reading database ... 70%", "(Reading database ... 75%", "(Reading database ... 80%", "(Reading database ... 85%", "(Reading database ... 90%", "(Reading database ... 95%", "(Reading database ... 100%", "(Reading database ... 108213 files and directories currently installed.)", "Preparing to unpack .../hping3_3.a2.ds2-7_amd64.deb ...", "Unpacking hping3 (3.a2.ds2-7) ...", "Processing triggers for man-db (2.7.5-1) ...", "Setting up hping3 (3.a2.ds2-7) ..." ] }
- command
- shell
- service
- copy
- template
- cli_command
- setup