自動化運維之 ansible 模組
Ansible 可以使用命令列方式進行自動化管理,命令管理工具都是有一系列模組、引數所支援的。基本語法如下:
ansible <host-pattern> [ –m module_name ] [ –a args]
<host-pattern> : 對哪些主機有效
[ –m module_name ] :指定所使用的模組
[-a args ] :模組特有引數
Ansible軟體執行結果
l 輸出內容顯示綠色:表示執行成功,沒有任何改變
l 輸出內容顯示×××:表示執行成功,但對被管理主機進行了改變
l 輸出內容顯示紅色:表示執行失敗!!!
使用環境如下:
角色 主機名 IP地址 組名 控制主機 ansible 192.168.66.138 被管理主機 node1 192.168.66.141 webserver 被管理主機 node2 192.168.66.142 mysql
使用 ansible-doc 檢視模組忙助資訊的工具,最主要的選項 –l 用來列出可使用的模組,-s 用來累出某個模組的描述資訊和使用事例。如列出 command 模組的描述資訊和操作動作:
[[email protected] .ssh]# ansible-doc -s command
- name: Executes a command on a remote node
command:
argv: # Allows the user to provide the command as a list
vs. a string. Only
the string or the
list form can be
provided, not both.
One or the other
must be provided.
chdir: # Change into this directory before running the
command.
creates: # A filename or (since 2.0) glob pattern. If it
already exists, this
step *won't* be run.
………
Ansible 自帶了很多模組,能夠下發執行 Ansible 的各種任務。首先了解一下常用的這些核心模組。
1. command 模組
Ansible 管理工具使用 –m 選項來指定使用模組,預設使用 command 模組,即 –m 選項省略是可以執行此模組,用於被管理主機上執行命令。
例如在被管理主機上執行 date 命令,顯示被管理主機的時間。有三種執行命令的方式去管理寫入主機清單中的主機。
(1)使用 IP 地址指定執行主機
[[email protected] .ssh]# ansible 192.168.66.141 -m command -a 'date' //-m 指定模組, –a 模組特有引數
192.168.66.141 | CHANGED | rc=0 >>
2018年 10月 20日 星期六 21:58:18 CST
(2)使用被管理主機中的分類執行
[[email protected] .ssh]# ansible mysql -m command -a 'date'
192.168.66.142 | CHANGED | rc=0 >>
2018年 10月 20日 星期六 21:58:43 CST
(3)在所有主機清單中的主機執行,使用 all
[[email protected] .ssh]# ansible all -m command -a 'date'
192.168.66.141 | CHANGED | rc=0 >>
2018年 10月 20日 星期六 21:59:20 CST192.168.66.142 | CHANGED | rc=0 >>
2018年 10月 20日 星期六 21:59:22 CST
2. cron 模組
Ansible 中的 cron 模組用於定義任務計劃。其中有兩種狀態(state): present 表示新增(省略時預設使用), absent 表示移除
(1)新增計劃性任務。每隔一分鐘向所有被管理主機輸出名為“test haha” 的檔案在 /bin/目錄下
[[email protected] .ssh]# ansible all -m cron -a 'minute="*/1" job="/bin/echo haha" name="test haha"'
192.168.66.141 | CHANGED => { //表示執行成功
"changed": true,
"envs": [],
"jobs": [
"test haha"
]
}
192.168.66.142 | CHANGED => {
"changed": true,
"envs": [],
"jobs": [
"test haha"
]
}
檢視計劃性任務
[[email protected] .ssh]# ansible all -a 'crontab -l'
192.168.66.141 | CHANGED | rc=0 >>
#Ansible: test haha
*/1 * * * * /bin/echo haha192.168.66.142 | CHANGED | rc=0 >>
#Ansible: test haha
*/1 * * * * /bin/echo haha
在被管理的主機上檢視
[[email protected] bin]# which echo
/usr/bin/echo
您在 /var/spool/mail/root 中有新郵件
[[email protected] bin]# crontab -l
#Ansible: test haha
*/1 * * * * /bin/echo haha[[email protected] .ssh]# which echo
/usr/bin/echo
您在 /var/spool/mail/root 中有新郵件
[[email protected] .ssh]# crontab -l
#Ansible: test haha
*/1 * * * * /bin/echo haha
(2)移除計劃性任務
[[email protected] ~]# ansible all -m cron -a 'name="test haha" state=absent'
192.168.66.141 | CHANGED => {
"changed": true,
"envs": [],
"jobs": []
}
192.168.66.142 | CHANGED => {
"changed": true,
"envs": [],
"jobs": []
}
3 . user模組
Ansible 中的 user 模組用於建立新使用者和更改、刪除已存在的使用者。其中 name 選項用來指明建立使用者名稱稱。
(1)建立使用者。在所有被管理主機上建立名為 “test01” 使用者
[[email protected] ~]# ansible all -m user -a 'name="test01"' //name 指明建立使用者名稱稱
192.168.66.141 | CHANGED => {
"changed": true,
"comment": "",
"create_home": true,
"group": 1002,
"home": "/home/test01",
"name": "test01",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1002
}
192.168.66.142 | CHANGED => {
"changed": true,
"comment": "",
"create_home": true,
"group": 1001,
"home": "/home/test01",
"name": "test01",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1001
}
在被管理主機上檢視是否建立使用者
[[email protected] ~]# id test01
uid=1001(test01) gid=1001(test01) 組=1001(test01)[[email protected] ~]# id test01
uid=1002(test01) gid=1002(test01) 組=1002(test01)
(2)刪除使用者
[[email protected] ~]# ansible mysql -m user -a 'name=test01 state=absent' //刪除被管理主機1 mysql 的使用者,狀態(state)absent 表示移除
192.168.66.142 | CHANGED => {
"changed": true,
"force": false,
"name": "test01",
"remove": false,
"state": "absent"
}
在被管理主機上查詢 “test01” 使用者是否刪除
[[email protected] ~]# id test01
id: test01: no such user
4 . group 模組
Ansible 中的 group模組用於對使用者組進行管理。
(1)建立 test02 組,將 test02 使用者新增到 test02 組
[[email protected] ~]# ansible mysql -m group -a 'name=test02 gid=306 system=yes'
192.168.66.142 | CHANGED => {
"changed": true,
"gid": 306,
"name": "test02",
"state": "present",
"system": true
}
在被管理主機檢視新增的組
[[email protected] ~]# vim /etc/ansible/hosts
[[email protected] ~]# ansible mysql -a 'tail /etc/group'
192.168.66.142 | CHANGED | rc=0 >>
avahi:x:70:
slocate:x:21:
postdrop:x:90:
postfix:x:89:
stapusr:x:156:
stapsys:x:157:
stapdev:x:158:
tcpdump:x:72:
liu:x:1000:
test02:x:306:
(2)也可用 user 模組建立使用者並新增到組。
[[email protected] ~]# ansible webserver -m user -a 'name=mysql uid=306 group=mysql system=yes'
192.168.66.141 | CHANGED => {
"append": false,
"changed": true,
"comment": "",
"group": 1001,
"home": "/home/mysql",
"move_home": false,
"name": "mysql",
"shell": "/sbin/nologin",
"state": "present",
"uid": 306
}
檢視建立的使用者所屬組
[[email protected] ~]# ansible webserver -a 'id mysql'
192.168.66.141 | CHANGED | rc=0 >>
uid=306(mysql) gid=1001(mysql) 組=1001(mysql)
[[email protected] ~]# id mysql
uid=306(mysql) gid=1001(mysql) 組=1001(mysql)
5 . copy 模組
Ansible 中的 copy模組---用於實現檔案複製和批量下發檔案。其中使用src來定義本地原始檔路徑,使用dest定義被管理主機檔案路徑,使用content則是指定資訊內容來生成目標檔案。
(1)將本地檔案/etc/fstab 複製到被管理主機上的/opt/fstab.bk,將所有者設定為root,許可權為644
[[email protected]e ~]# ansible mysql -m copy -a 'src=/etc/fstab dest=/opt/fstab.bk owner=root mode=644'
192.168.66.142 | CHANGED => { //src來定義本地原始檔路徑,使用dest定義被管理主機檔案路徑
"changed": true,
"checksum": "cb9821536bd491d110542bdf799c0828715ab6bd",
"dest": "/opt/fstab.bk",
"gid": 0,
"group": "root",
"md5sum": "643872130cf520bc6762e1c5d803a890",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:usr_t:s0",
"size": 689,
"src": "/root/.ansible/tmp/ansible-tmp-1540103669.94-50253022890998/source",
"state": "file",
"uid": 0
}
檢視複製檔案
[[email protected] ~]# ansible mysql -a 'ls -l /opt'
192.168.66.142 | CHANGED | rc=0 >>
總用量 4
-rw-r--r--. 1 root root 689 10月 21 14:34 fstab.bk
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
在被管理主機上查詢
[[email protected] ~]# cd /opt/
[[email protected] opt]# ls -l總用量 4
-rw-r--r--. 1 root root 689 10月 21 14:34 fstab.bk
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
(2)將 “ this is test ” 寫入 /opt/test.txt 檔案中
[[email protected] ~]# ansible mysql -m copy -a 'content="this is test" dest=/opt/test.txt'
192.168.66.142 | CHANGED => { //content則是指定資訊內容來生成目標檔案
"changed": true,
"checksum": "b6794b2000d94d348203d0279c2e7322b922cb16",
"dest": "/opt/test.txt",
"gid": 0,
"group": "root",
"md5sum": "8c6d115258631625b625486f81b09532",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:usr_t:s0",
"size": 12,
"src": "/root/.ansible/tmp/ansible-tmp-1540104362.42-107935433980182/source",
"state": "file",
"uid": 0
}
檢視生成檔案
[[email protected] ~]# ansible mysql -a 'cat /opt/test.txt'
192.168.66.142 | CHANGED | rc=0 >>
this is test
在被管理主機上查詢
[[email protected] opt]# ls
fstab.bk rh test.txt
[[email protected] opt]# cat test.txt
this is test[[email protected] opt]#
6 . file 模組
file 模組--用來設定檔案屬性。其中使用path指定檔案路徑,使用src定義原始檔路徑,使用name或dest 來替換建立檔案的符號連結。
(1)設定檔案 /opt/fstab.bk 的所屬主為 mysql ,所屬組為 mysql , 許可權為 666
[[email protected] ~]# ansible mysql -m file -a 'path=/opt/fstab.bk owner=mysql group=mysql mode=666'
192.168.66.142 | CHANGED => { //path指定檔案路徑
"changed": true,
"gid": 1001,
"group": "mysql",
"mode": "0666",
"owner": "mysql",
"path": "/opt/fstab.bk",
"secontext": "system_u:object_r:usr_t:s0",
"size": 689,
"state": "file",
"uid": 306
}
在被管理主機上檢視
[[email protected] opt]# ls -la
總用量 8
drwxr-xr-x. 3 root root 48 10月 21 14:46 .
dr-xr-xr-x. 18 root root 235 8月 22 18:33 ..
-rw-rw-rw-. 1 mysql mysql 689 10月 21 14:34 fstab.bk //屬主,屬組為 mysql ,許可權為666
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
-rw-r--r--. 1 root root 12 10月 21 14:46 test.txt
(2)設定檔案 /opt/fstab.txt.link 為檔案 /opt/fstab.bk 的連線檔案
[[email protected] ~]# ansible mysql -m file -a 'src=/opt/fstab.bk path=/opt/fstab.txt.link state=link'
192.168.66.142 | CHANGED => { //src定義原始檔路徑 //狀態為 link
"changed": true,
"dest": "/opt/fstab.txt.link",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 13,
"src": "/opt/fstab.bk",
"state": "link",
"uid": 0
}
[[email protected] opt]# ls
fstab.bk fstab.txt.link rh test.txt
(3)建立空檔案。狀態(state)為 touch
[[email protected] ~]# ansible mysql -m file -a 'path=/opt/abc.txt state=touch'
192.168.66.142 | CHANGED => {
"changed": true,
"dest": "/opt/abc.txt",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
[[email protected] opt]# ls
abc.txt fstab.bk fstab.txt.link rh test.txt
[[email protected] opt]# cat abc.txt //空檔案
[[email protected] opt]#
(4)建立目錄 。狀態為 directory
[[email protected] ~]# ansible mysql -m file -a 'path=/opt/abc state=directory'
192.168.66.142 | CHANGED => {
"changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/opt/abc",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
(5)刪除檔案 。
[[email protected] ~]# ansible mysql -m file -a 'path=/opt/abc.txt state=absent'
192.168.66.142 | CHANGED => {
"changed": true,
"path": "/opt/abc.txt",
"state": "absent"
}
[[email protected] opt]# ls
abc fstab.bk fstab.txt.link rh test.txt
7 . ping 模組
在Ansible 中使用 ping 模組 檢查指定主機的連通性。
[[email protected] ~]# ansible all -m ping
192.168.66.142 | SUCCESS => {
"changed": false,
"ping": "pong"
}
192.168.66.141 | SUCCESS => {
"changed": false,
"ping": "pong"
}
8 . yum 模組
Ansible 中的 yum 模組負責在被管理主及上安裝與解除安裝軟體包。其中 name 指定要安裝的軟體包,使用 state 指定安裝軟體包的狀態,present 、latest 用來表示安裝, absent 表示解除安裝。
(1)在被管理主機上安裝 httpd 的軟體包
[[email protected] ~]# rpm -q httpd
未安裝軟體包 httpd //可以看到被管理主機上都為安裝 httpd 服務[[email protected] opt]# rpm -q httpd
未安裝軟體包 httpd
在安裝的過程中不會出現安裝提示資訊,只有在安裝完成後,會顯示較長的安裝資訊
[[email protected] ~]# ansible all -m yum -a 'name=httpd'
192.168.66.141 | CHANGED => { //第一臺主機安裝完成後
"ansible_facts": {
"pkg_mgr": "yum"
},
"changed": true,
"msg": "warning: /var/cache/yum/x86_64/7/base/packages/mailcap-2.1.41-2.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) <[email protected]>\"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-4.1708.el7.centos.x86_64 (@anaconda)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror, langpacks\nLoading mirror speeds from cached hostfile\n * base: centos.ustc.edu.cn\n * extras: centos.ustc.edu.cn\n * updates: centos.ustc.edu.cn\nResolving Dependencies\n--> Running transaction check\n---> Package httpd.x86_64 0:2.4.6-80.el7.centos.1 will be installed\n--> Processing Dependency: httpd-tools = 2.4.6-80.el7.centos.1 for package: httpd-2.4.6-80.el7.centos.1.x86_64\n--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-80.el7.centos.1.x86_64\n--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-80.el7.centos.1.x86_64\n--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-80.el7.centos.1.x86_64\n--> Running transaction check\n---> Package apr.x86_64 0:1.4.8-3.el7_4.1 will be installed\n---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed\n---> Package httpd-tools.x86_64 0:2.4.6-80.el7.centos.1 will be installed\n---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n httpd x86_64 2.4.6-80.el7.centos.1 updates 2.7 M\nInstalling for dependencies:\n apr x86_64 1.4.8-3.el7_4.1 base 103 k\n apr-util x86_64 1.5.2-6.el7 base 92 k\n httpd-tools x86_64 2.4.6-80.el7.centos.1 updates 90 k\n mailcap noarch 2.1.41-2.el7 base 31 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+4 Dependent packages)\n\nTotal download size: 3.0 M\nInstalled size: 10 M\nDownloading packages:\nPublic key for mailcap-2.1.41-2.el7.noarch.rpm is not installed\nPublic key for httpd-tools-2.4.6-80.el7.centos.1.x86_64.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 1.6 MB/s | 3.0 MB 00:01 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : apr-1.4.8-3.el7_4.1.x86_64 1/5 \n Installing : apr-util-1.5.2-6.el7.x86_64 2/5 \n Installing : httpd-tools-2.4.6-80.el7.centos.1.x86_64 3/5 \n Installing : mailcap-2.1.41-2.el7.noarch 4/5 \n Installing : httpd-2.4.6-80.el7.centos.1.x86_64 5/5 \n Verifying : mailcap-2.1.41-2.el7.noarch 1/5 \n Verifying : httpd-tools-2.4.6-80.el7.centos.1.x86_64 2/5 \n Verifying : apr-util-1.5.2-6.el7.x86_64 3/5 \n Verifying : apr-1.4.8-3.el7_4.1.x86_64 4/5 \n Verifying : httpd-2.4.6-80.el7.centos.1.x86_64 5/5 \n\nInstalled:\n httpd.x86_64 0:2.4.6-80.el7.centos.1 \n\nDependency Installed:\n apr.x86_64 0:1.4.8-3.el7_4.1 apr-util.x86_64 0:1.5.2-6.el7 \n httpd-tools.x86_64 0:2.4.6-80.el7.centos.1 mailcap.noarch 0:2.1.41-2.el7 \n\nComplete!\n"
]
}
192.168.66.142 | CHANGED => { //第二臺主機安裝完成後
"ansible_facts": {
"pkg_mgr": "yum"
},
"changed": true,
"msg": "http://ftp.sjtu.edu.cn/centos/7.5.1804/os/x86_64/Packages/mailcap-2.1.41-2.el7.noarch.rpm: [Errno 14] curl#7 - \"Failed to connect to 2001:da8:8000:6023::230: Network is unreachable\"\nTrying other mirror.\n",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror, langpacks\nLoading mirror speeds from cached hostfile\n * base: mirrors.nju.edu.cn\n * extras: mirrors.163.com\n * updates: mirrors.nju.edu.cn\nResolving Dependencies\n--> Running transaction check\n---> Package httpd.x86_64 0:2.4.6-80.el7.centos.1 will be installed\n--> Processing Dependency: httpd-tools = 2.4.6-80.el7.centos.1 for package: httpd-2.4.6-80.el7.centos.1.x86_64\n--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-80.el7.centos.1.x86_64\n--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-80.el7.centos.1.x86_64\n--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-80.el7.centos.1.x86_64\n--> Running transaction check\n---> Package apr.x86_64 0:1.4.8-3.el7_4.1 will be installed\n---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed\n---> Package httpd-tools.x86_64 0:2.4.6-80.el7.centos.1 will be installed\n---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n httpd x86_64 2.4.6-80.el7.centos.1 updates 2.7 M\nInstalling for dependencies:\n apr x86_64 1.4.8-3.el7_4.1 base 103 k\n apr-util x86_64 1.5.2-6.el7 base 92 k\n httpd-tools x86_64 2.4.6-80.el7.centos.1 updates 90 k\n mailcap noarch 2.1.41-2.el7 base 31 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+4 Dependent packages)\n\nTotal download size: 3.0 M\nInstalled size: 10 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 198 kB/s | 3.0 MB 00:15 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : apr-1.4.8-3.el7_4.1.x86_64 1/5 \n Installing : apr-util-1.5.2-6.el7.x86_64 2/5 \n Installing : httpd-tools-2.4.6-80.el7.centos.1.x86_64 3/5 \n Installing : mailcap-2.1.41-2.el7.noarch 4/5 \n Installing : httpd-2.4.6-80.el7.centos.1.x86_64 5/5 \n Verifying : mailcap-2.1.41-2.el7.noarch 1/5 \n Verifying : httpd-tools-2.4.6-80.el7.centos.1.x86_64 2/5 \n Verifying : apr-util-1.5.2-6.el7.x86_64 3/5 \n Verifying : apr-1.4.8-3.el7_4.1.x86_64 4/5 \n Verifying : httpd-2.4.6-80.el7.centos.1.x86_64 5/5 \n\nInstalled:\n httpd.x86_64 0:2.4.6-80.el7.centos.1 \n\nDependency Installed:\n apr.x86_64 0:1.4.8-3.el7_4.1 apr-util.x86_64 0:1.5.2-6.el7 \n httpd-tools.x86_64 0:2.4.6-80.el7.centos.1 mailcap.noarch 0:2.1.41-2.el7 \n\nComplete!\n"
]
}
在被管理主機上檢視 httpd 服務是否安裝。
[[email protected] ~]# rpm -q httpd
httpd-2.4.6-80.el7.centos.1.x86_64[[email protected] opt]# rpm -q httpd
httpd-2.4.6-80.el7.centos.1.x86_64
(2)解除安裝 http 軟體包
[[email protected] ~]# ansible webserver -m yum -a 'name=httpd state=absent' //解除安裝其中一臺主機上的 httpd 服務。
192.168.66.141 | CHANGED => {
"ansible_facts": {
"pkg_mgr": "yum"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
"已載入外掛:fastestmirror, langpacks\n正在解決依賴關係\n--> 正在檢查事務\n---> 軟體包 httpd.x86_64.0.2.4.6-80.el7.centos.1 將被 刪除\n--> 解決依賴關係完成\n\n依賴關係解決\n\n================================================================================\n Package 架構 版本 源 大小\n================================================================================\n正在刪除:\n httpd x86_64 2.4.6-80.el7.centos.1 @updates 9.4 M\n\n事務概要\n================================================================================\n移除 1 軟體包\n\n安裝大小:9.4 M\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n 正在刪除 : httpd-2.4.6-80.el7.centos.1.x86_64 1/1 \n 驗證中 : httpd-2.4.6-80.el7.centos.1.x86_64 1/1 \n\n刪除:\n httpd.x86_64 0:2.4.6-80.el7.centos.1 \n\n完畢!\n"
]
}
9 . service 模組
在 Ansible 中使用 service 模組來控制管理服務的執行狀態。其中,使用enabled 表示是否開機自啟動,取值為ture 或flase;使用name定義服務名稱;使用state 指定服務狀態,取值分別為started 、stopped 、restarted.
啟動 httpd 服務,並設定開機自啟動。
[[email protected] ~]# ansible mysql -m service -a 'name=httpd enabled=true state=started'
192.168.66.142 | CHANGED => { //設定開機自啟動,狀態為 started
"changed": true,
"enabled": true,
"name": "httpd",
"state": "started",
"status": {
"ActiveEnterTimestampMonotonic": "0",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "inactive",…….
檢視 httpd 服務的狀態
[[email protected] opt]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since 日 2018-10-21 15:22:41 CST; 46s ago
Docs: man:httpd(8)
man:apachectl(8)
Main PID: 6036 (httpd)
Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec"
CGroup: /system.slice/httpd.service
├─6036 /usr/sbin/httpd -DFOREGROUND
├─6050 /usr/sbin/httpd -DFOREGROUND
├─6051 /usr/sbin/httpd -DFOREGROUND
├─6052 /usr/sbin/httpd -DFOREGROUND
├─6053 /usr/sbin/httpd -DFOREGROUND
└─6056 /usr/sbin/httpd -DFOREGROUND10月 21 15:22:16 node2 systemd[1]: Starting The Apache HTTP Server...
10月 21 15:22:31 node2 httpd[6036]: AH00558: httpd: Could not reliably determine the serv...age
10月 21 15:22:41 node2 systemd[1]: Started The Apache HTTP Server.
Hint: Some lines were ellipsized, use -l to show in full.
10 . shell 模組
Ansible 中的 shell 模組可以在被管理了主機上執行命令,並支援向管道符號等功能的複雜命令
建立使用者後使用無互動模式給使用者設定密碼
[[email protected] ~]# ansible mysql -m user -a 'name=tom'
192.168.66.142 | CHANGED => {
"changed": true,
"comment": "",
"create_home": true,
"group": 1003,
"home": "/home/tom",
"name": "tom",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1003
}
[[email protected] ~]# ansible mysql -m shell -a 'echo acb123 | passwd --stdin tom'
192.168.66.142 | CHANGED | rc=0 >>
更改使用者 tom 的密碼 。
passwd:所有的身份驗證令牌已經成功更新。
11 . script 模組
Ansible 中的 script可以將本地指令碼複製到被管理主機上進行執行。需要注意的是,使用相對路徑來指定指令碼。
編輯一個本地指令碼 test.sh,複製到被管理主機上執行。
[[email protected] ~]# cd /opt/
[[email protected] opt]# vim test.sh#!/bin/bash
echo "this is test script" > /opt/script.txt //被管理主機指令碼路徑
chmod 666 /opt/script.txt[[email protected] opt]# chmod +x test.sh //給指令碼執行許可權
[[email protected] opt]# ansible all -m script -a 'test.sh' //複製到被管理主機
192.168.66.142 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.66.142 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.66.142 closed."
],
"stdout": "",
"stdout_lines": []
}
192.168.66.141 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.66.141 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.66.141 closed."
],
"stdout": "",
"stdout_lines": []
}
在被管理主機上檢視指令碼
[[email protected] opt]# ls -l
總用量 4
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
-rw-rw-rw-. 1 root root 20 10月 21 15:31 script.txt //指令碼檔案
[[email protected] opt]# cat script.txt //檢視指令碼內容
this is test script[[email protected] opt]# ls -l
總用量 12
drwxr-xr-x. 2 root root 6 10月 21 15:07 abc
-rw-rw-rw-. 1 mysql mysql 689 10月 21 14:34 fstab.bk
lrwxrwxrwx. 1 root root 13 10月 21 15:00 fstab.txt.link -> /opt/fstab.bk
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
-rw-rw-rw-. 1 root root 20 10月 21 15:31 script.txt
-rw-r--r--. 1 root root 12 10月 21 14:46 test.txt
[[email protected] opt]# cat script.txt
this is test script
12 . setup 模組
在Ansible 中使用 setup 模組收集、檢視被管理主機的 facts (facts 是Ansible 採集被管理主機裝置資訊的一個功能)。每個被管理主機在接收並執行命令之前,都將自己的相關資訊(作業系統版本、IP地址等)傳送給控制主機。
[[email protected] opt]# ansible mysql -m setup
192.168.66.142 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.122.1",
"192.168.66.142"
],
"ansible_all_ipv6_addresses": [
"fe80::7d01:50f5:b8bc:52cd"
],
"ansible_apparmor": {
"status": "disabled"
},
"ansible_architecture": "x86_64",
"ansible_bios_date": "05/19/2017",
"ansible_bios_version": "6.00",
"ansible_cmdline": {
"BOOT_IMAGE": "/vmlinuz-3.10.0-693.el7.x86_64",
"LANG": "zh_CN.UTF-8",
"quiet": true,
"rhgb": true,
"ro": true,
"root": "UUID=5e874d95-9d77-4a71-8f97-454363885543"……