Ansible 可以使用命令行方式進行自動化管理,命令管理工具都是有一系列模塊、參數所支持的。基本語法如下:
ansible <host-pattern> [ –m module_name ] [ –a args]
<host-pattern> : 對哪些主機有效
[ –m module_name ] :指定所使用的模塊
[-a args ] :模塊特有參數
Ansible軟件執行結果
l 輸出內容顯示綠色:表示執行成功,沒有任何改變
l 輸出內容顯示×××:表示執行成功,但對被管理主機進行了改變
l 輸出內容顯示紅色:表示執行失敗!!!
使用環境如下:
角色 主機名 IP地址 組名 控制主機 ansible 192.168.66.138 被管理主機 node1 192.168.66.141 webserver 被管理主機 node2 192.168.66.142 mysql
使用 ansible-doc 查看模塊忙助信息的工具,最主要的選項 –l 用來列出可使用的模塊,-s 用來累出某個模塊的描述信息和使用事例。如列出 command 模塊的描述信息和操作動作:
[root@promote .ssh]# ansible-doc -s command
- name: Executes a command on a remote node
command:
argv: # Allows the user to provide the command as a list
vs. a string. Only
the string or the
list form can be
provided, not both.
One or the other
must be provided.
chdir: # Change into this directory before running the
command.
creates: # A filename or (since 2.0) glob pattern. If it
already exists, this
step *won't* be run.
………
Ansible 自帶了很多模塊,能夠下發執行 Ansible 的各種任務。首先了解一下常用的這些核心模塊。
1. command 模塊
Ansible 管理工具使用 –m 選項來指定使用模塊,默認使用 command 模塊,即 –m 選項省略是可以運行此模塊,用於被管理主機上運行命令。
例如在被管理主機上執行 date 命令,顯示被管理主機的時間。有三種執行命令的方式去管理寫入主機清單中的主機。
(1)使用 IP 地址指定運行主機
[root@promote .ssh]# ansible 192.168.66.141 -m command -a 'date' //-m 指定模塊, –a 模塊特有參數
192.168.66.141 | CHANGED | rc=0 >>
2018年 10月 20日 星期六 21:58:18 CST
(2)使用被管理主機中的分類運行
[root@promote .ssh]# ansible mysql -m command -a 'date'
192.168.66.142 | CHANGED | rc=0 >>
2018年 10月 20日 星期六 21:58:43 CST
(3)在所有主機清單中的主機運行,使用 all
[root@promote .ssh]# ansible all -m command -a 'date'
192.168.66.141 | CHANGED | rc=0 >>
2018年 10月 20日 星期六 21:59:20 CST192.168.66.142 | CHANGED | rc=0 >>
2018年 10月 20日 星期六 21:59:22 CST
2. cron 模塊
Ansible 中的 cron 模塊用於定義任務計劃。其中有兩種狀態(state): present 表示添加(省略時默認使用), absent 表示移除
(1)添加計劃性任務。每隔一分鐘向所有被管理主機輸出名爲“test haha” 的文件在 /bin/目錄下
[root@ansible .ssh]# ansible all -m cron -a 'minute="*/1" job="/bin/echo haha" name="test haha"'
192.168.66.141 | CHANGED => { //表示執行成功
"changed": true,
"envs": [],
"jobs": [
"test haha"
]
}
192.168.66.142 | CHANGED => {
"changed": true,
"envs": [],
"jobs": [
"test haha"
]
}
查看計劃性任務
[root@ansible .ssh]# ansible all -a 'crontab -l'
192.168.66.141 | CHANGED | rc=0 >>
#Ansible: test haha
*/1 * * * * /bin/echo haha192.168.66.142 | CHANGED | rc=0 >>
#Ansible: test haha
*/1 * * * * /bin/echo haha
在被管理的主機上查看
[root@node1 bin]# which echo
/usr/bin/echo
您在 /var/spool/mail/root 中有新郵件
[root@node1 bin]# crontab -l
#Ansible: test haha
*/1 * * * * /bin/echo haha[root@node2 .ssh]# which echo
/usr/bin/echo
您在 /var/spool/mail/root 中有新郵件
[root@node2 .ssh]# crontab -l
#Ansible: test haha
*/1 * * * * /bin/echo haha
(2)移除計劃性任務
[root@ansible ~]# ansible all -m cron -a 'name="test haha" state=absent'
192.168.66.141 | CHANGED => {
"changed": true,
"envs": [],
"jobs": []
}
192.168.66.142 | CHANGED => {
"changed": true,
"envs": [],
"jobs": []
}
3 . user模塊
Ansible 中的 user 模塊用於創建新用戶和更改、刪除已存在的用戶。其中 name 選項用來指明創建用戶名稱。
(1)創建用戶。在所有被管理主機上創建名爲 “test01” 用戶
[root@ansible ~]# ansible all -m user -a 'name="test01"' //name 指明創建用戶名稱
192.168.66.141 | CHANGED => {
"changed": true,
"comment": "",
"create_home": true,
"group": 1002,
"home": "/home/test01",
"name": "test01",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1002
}
192.168.66.142 | CHANGED => {
"changed": true,
"comment": "",
"create_home": true,
"group": 1001,
"home": "/home/test01",
"name": "test01",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1001
}
在被管理主機上查看是否創建用戶
[root@node1 ~]# id test01
uid=1001(test01) gid=1001(test01) 組=1001(test01)[root@node2 ~]# id test01
uid=1002(test01) gid=1002(test01) 組=1002(test01)
(2)刪除用戶
[root@ansible ~]# ansible mysql -m user -a 'name=test01 state=absent' //刪除被管理主機1 mysql 的用戶,狀態(state)absent 表示移除
192.168.66.142 | CHANGED => {
"changed": true,
"force": false,
"name": "test01",
"remove": false,
"state": "absent"
}
在被管理主機上查詢 “test01” 用戶是否刪除
[root@node1 ~]# id test01
id: test01: no such user
4 . group 模塊
Ansible 中的 group模塊用於對用戶組進行管理。
(1)創建 test02 組,將 test02 用戶添加到 test02 組
[root@ansible ~]# ansible mysql -m group -a 'name=test02 gid=306 system=yes'
192.168.66.142 | CHANGED => {
"changed": true,
"gid": 306,
"name": "test02",
"state": "present",
"system": true
}
在被管理主機查看添加的組
[root@ansible ~]# vim /etc/ansible/hosts
[root@ansible ~]# ansible mysql -a 'tail /etc/group'
192.168.66.142 | CHANGED | rc=0 >>
avahi:x:70:
slocate:x:21:
postdrop:x:90:
postfix:x:89:
stapusr:x:156:
stapsys:x:157:
stapdev:x:158:
tcpdump:x:72:
liu:x:1000:
test02:x:306:
(2)也可用 user 模塊創建用戶並添加到組。
[root@ansible ~]# ansible webserver -m user -a 'name=mysql uid=306 group=mysql system=yes'
192.168.66.141 | CHANGED => {
"append": false,
"changed": true,
"comment": "",
"group": 1001,
"home": "/home/mysql",
"move_home": false,
"name": "mysql",
"shell": "/sbin/nologin",
"state": "present",
"uid": 306
}
查看創建的用戶所屬組
[root@ansible ~]# ansible webserver -a 'id mysql'
192.168.66.141 | CHANGED | rc=0 >>
uid=306(mysql) gid=1001(mysql) 組=1001(mysql)
[root@node2 ~]# id mysql
uid=306(mysql) gid=1001(mysql) 組=1001(mysql)
5 . copy 模塊
Ansible 中的 copy模塊---用於實現文件複製和批量下發文件。其中使用src來定義本地源文件路徑,使用dest定義被管理主機文件路徑,使用content則是指定信息內容來生成目標文件。
(1)將本地文件/etc/fstab 複製到被管理主機上的/opt/fstab.bk,將所有者設置爲root,權限爲644
[root@ansible ~]# ansible mysql -m copy -a 'src=/etc/fstab dest=/opt/fstab.bk owner=root mode=644'
192.168.66.142 | CHANGED => { //src來定義本地源文件路徑,使用dest定義被管理主機文件路徑
"changed": true,
"checksum": "cb9821536bd491d110542bdf799c0828715ab6bd",
"dest": "/opt/fstab.bk",
"gid": 0,
"group": "root",
"md5sum": "643872130cf520bc6762e1c5d803a890",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:usr_t:s0",
"size": 689,
"src": "/root/.ansible/tmp/ansible-tmp-1540103669.94-50253022890998/source",
"state": "file",
"uid": 0
}
查看複製文件
[root@ansible ~]# ansible mysql -a 'ls -l /opt'
192.168.66.142 | CHANGED | rc=0 >>
總用量 4
-rw-r--r--. 1 root root 689 10月 21 14:34 fstab.bk
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
在被管理主機上查詢
[root@node2 ~]# cd /opt/
[root@node2 opt]# ls -l總用量 4
-rw-r--r--. 1 root root 689 10月 21 14:34 fstab.bk
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
(2)將 “ this is test ” 寫入 /opt/test.txt 文件中
[root@ansible ~]# ansible mysql -m copy -a 'content="this is test" dest=/opt/test.txt'
192.168.66.142 | CHANGED => { //content則是指定信息內容來生成目標文件
"changed": true,
"checksum": "b6794b2000d94d348203d0279c2e7322b922cb16",
"dest": "/opt/test.txt",
"gid": 0,
"group": "root",
"md5sum": "8c6d115258631625b625486f81b09532",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:usr_t:s0",
"size": 12,
"src": "/root/.ansible/tmp/ansible-tmp-1540104362.42-107935433980182/source",
"state": "file",
"uid": 0
}
查看生成文件
[root@ansible ~]# ansible mysql -a 'cat /opt/test.txt'
192.168.66.142 | CHANGED | rc=0 >>
this is test
在被管理主機上查詢
[root@node2 opt]# ls
fstab.bk rh test.txt
[root@node2 opt]# cat test.txt
this is test[root@node2 opt]#
6 . file 模塊
file 模塊--用來設置文件屬性。其中使用path指定文件路徑,使用src定義源文件路徑,使用name或dest 來替換創建文件的符號鏈接。
(1)設置文件 /opt/fstab.bk 的所屬主爲 mysql ,所屬組爲 mysql , 權限爲 666
[root@ansible ~]# ansible mysql -m file -a 'path=/opt/fstab.bk owner=mysql group=mysql mode=666'
192.168.66.142 | CHANGED => { //path指定文件路徑
"changed": true,
"gid": 1001,
"group": "mysql",
"mode": "0666",
"owner": "mysql",
"path": "/opt/fstab.bk",
"secontext": "system_u:object_r:usr_t:s0",
"size": 689,
"state": "file",
"uid": 306
}
在被管理主機上查看
[root@node2 opt]# ls -la
總用量 8
drwxr-xr-x. 3 root root 48 10月 21 14:46 .
dr-xr-xr-x. 18 root root 235 8月 22 18:33 ..
-rw-rw-rw-. 1 mysql mysql 689 10月 21 14:34 fstab.bk //屬主,屬組爲 mysql ,權限爲666
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
-rw-r--r--. 1 root root 12 10月 21 14:46 test.txt
(2)設置文件 /opt/fstab.txt.link 爲文件 /opt/fstab.bk 的連接文件
[root@ansible ~]# ansible mysql -m file -a 'src=/opt/fstab.bk path=/opt/fstab.txt.link state=link'
192.168.66.142 | CHANGED => { //src定義源文件路徑 //狀態爲 link
"changed": true,
"dest": "/opt/fstab.txt.link",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 13,
"src": "/opt/fstab.bk",
"state": "link",
"uid": 0
}
[root@node2 opt]# ls
fstab.bk fstab.txt.link rh test.txt
(3)創建空文件。狀態(state)爲 touch
[root@ansible ~]# ansible mysql -m file -a 'path=/opt/abc.txt state=touch'
192.168.66.142 | CHANGED => {
"changed": true,
"dest": "/opt/abc.txt",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
[root@node2 opt]# ls
abc.txt fstab.bk fstab.txt.link rh test.txt
[root@node2 opt]# cat abc.txt //空文件
[root@node2 opt]#
(4)創建目錄 。狀態爲 directory
[root@ansible ~]# ansible mysql -m file -a 'path=/opt/abc state=directory'
192.168.66.142 | CHANGED => {
"changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/opt/abc",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
(5)刪除文件 。
[root@ansible ~]# ansible mysql -m file -a 'path=/opt/abc.txt state=absent'
192.168.66.142 | CHANGED => {
"changed": true,
"path": "/opt/abc.txt",
"state": "absent"
}
[root@node2 opt]# ls
abc fstab.bk fstab.txt.link rh test.txt
7 . ping 模塊
在Ansible 中使用 ping 模塊 檢查指定主機的連通性。
[root@ansible ~]# ansible all -m ping
192.168.66.142 | SUCCESS => {
"changed": false,
"ping": "pong"
}
192.168.66.141 | SUCCESS => {
"changed": false,
"ping": "pong"
}
8 . yum 模塊
Ansible 中的 yum 模塊負責在被管理主及上安裝與卸載軟件包。其中 name 指定要安裝的軟件包,使用 state 指定安裝軟件包的狀態,present 、latest 用來表示安裝, absent 表示卸載。
(1)在被管理主機上安裝 httpd 的軟件包
[root@node1 ~]# rpm -q httpd
未安裝軟件包 httpd //可以看到被管理主機上都爲安裝 httpd 服務[root@node2 opt]# rpm -q httpd
未安裝軟件包 httpd
在安裝的過程中不會出現安裝提示信息,只有在安裝完成後,會顯示較長的安裝信息
[root@ansible ~]# ansible all -m yum -a 'name=httpd'
192.168.66.141 | CHANGED => { //第一臺主機安裝完成後
"ansible_facts": {
"pkg_mgr": "yum"
},
"changed": true,
"msg": "warning: /var/cache/yum/x86_64/7/base/packages/mailcap-2.1.41-2.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY\nImporting GPG key 0xF4A80EB5:\n Userid : \"CentOS-7 Key (CentOS 7 Official Signing Key) <[email protected]>\"\n Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5\n Package : centos-release-7-4.1708.el7.centos.x86_64 (@anaconda)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\n",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror, langpacks\nLoading mirror speeds from cached hostfile\n * base: centos.ustc.edu.cn\n * extras: centos.ustc.edu.cn\n * updates: centos.ustc.edu.cn\nResolving Dependencies\n--> Running transaction check\n---> Package httpd.x86_64 0:2.4.6-80.el7.centos.1 will be installed\n--> Processing Dependency: httpd-tools = 2.4.6-80.el7.centos.1 for package: httpd-2.4.6-80.el7.centos.1.x86_64\n--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-80.el7.centos.1.x86_64\n--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-80.el7.centos.1.x86_64\n--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-80.el7.centos.1.x86_64\n--> Running transaction check\n---> Package apr.x86_64 0:1.4.8-3.el7_4.1 will be installed\n---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed\n---> Package httpd-tools.x86_64 0:2.4.6-80.el7.centos.1 will be installed\n---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n httpd x86_64 2.4.6-80.el7.centos.1 updates 2.7 M\nInstalling for dependencies:\n apr x86_64 1.4.8-3.el7_4.1 base 103 k\n apr-util x86_64 1.5.2-6.el7 base 92 k\n httpd-tools x86_64 2.4.6-80.el7.centos.1 updates 90 k\n mailcap noarch 2.1.41-2.el7 base 31 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+4 Dependent packages)\n\nTotal download size: 3.0 M\nInstalled size: 10 M\nDownloading packages:\nPublic key for mailcap-2.1.41-2.el7.noarch.rpm is not installed\nPublic key for httpd-tools-2.4.6-80.el7.centos.1.x86_64.rpm is not installed\n--------------------------------------------------------------------------------\nTotal 1.6 MB/s | 3.0 MB 00:01 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : apr-1.4.8-3.el7_4.1.x86_64 1/5 \n Installing : apr-util-1.5.2-6.el7.x86_64 2/5 \n Installing : httpd-tools-2.4.6-80.el7.centos.1.x86_64 3/5 \n Installing : mailcap-2.1.41-2.el7.noarch 4/5 \n Installing : httpd-2.4.6-80.el7.centos.1.x86_64 5/5 \n Verifying : mailcap-2.1.41-2.el7.noarch 1/5 \n Verifying : httpd-tools-2.4.6-80.el7.centos.1.x86_64 2/5 \n Verifying : apr-util-1.5.2-6.el7.x86_64 3/5 \n Verifying : apr-1.4.8-3.el7_4.1.x86_64 4/5 \n Verifying : httpd-2.4.6-80.el7.centos.1.x86_64 5/5 \n\nInstalled:\n httpd.x86_64 0:2.4.6-80.el7.centos.1 \n\nDependency Installed:\n apr.x86_64 0:1.4.8-3.el7_4.1 apr-util.x86_64 0:1.5.2-6.el7 \n httpd-tools.x86_64 0:2.4.6-80.el7.centos.1 mailcap.noarch 0:2.1.41-2.el7 \n\nComplete!\n"
]
}
192.168.66.142 | CHANGED => { //第二臺主機安裝完成後
"ansible_facts": {
"pkg_mgr": "yum"
},
"changed": true,
"msg": "http://ftp.sjtu.edu.cn/centos/7.5.1804/os/x86_64/Packages/mailcap-2.1.41-2.el7.noarch.rpm: [Errno 14] curl#7 - \"Failed to connect to 2001:da8:8000:6023::230: Network is unreachable\"\nTrying other mirror.\n",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror, langpacks\nLoading mirror speeds from cached hostfile\n * base: mirrors.nju.edu.cn\n * extras: mirrors.163.com\n * updates: mirrors.nju.edu.cn\nResolving Dependencies\n--> Running transaction check\n---> Package httpd.x86_64 0:2.4.6-80.el7.centos.1 will be installed\n--> Processing Dependency: httpd-tools = 2.4.6-80.el7.centos.1 for package: httpd-2.4.6-80.el7.centos.1.x86_64\n--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-80.el7.centos.1.x86_64\n--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-80.el7.centos.1.x86_64\n--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-80.el7.centos.1.x86_64\n--> Running transaction check\n---> Package apr.x86_64 0:1.4.8-3.el7_4.1 will be installed\n---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed\n---> Package httpd-tools.x86_64 0:2.4.6-80.el7.centos.1 will be installed\n---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n httpd x86_64 2.4.6-80.el7.centos.1 updates 2.7 M\nInstalling for dependencies:\n apr x86_64 1.4.8-3.el7_4.1 base 103 k\n apr-util x86_64 1.5.2-6.el7 base 92 k\n httpd-tools x86_64 2.4.6-80.el7.centos.1 updates 90 k\n mailcap noarch 2.1.41-2.el7 base 31 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+4 Dependent packages)\n\nTotal download size: 3.0 M\nInstalled size: 10 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 198 kB/s | 3.0 MB 00:15 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : apr-1.4.8-3.el7_4.1.x86_64 1/5 \n Installing : apr-util-1.5.2-6.el7.x86_64 2/5 \n Installing : httpd-tools-2.4.6-80.el7.centos.1.x86_64 3/5 \n Installing : mailcap-2.1.41-2.el7.noarch 4/5 \n Installing : httpd-2.4.6-80.el7.centos.1.x86_64 5/5 \n Verifying : mailcap-2.1.41-2.el7.noarch 1/5 \n Verifying : httpd-tools-2.4.6-80.el7.centos.1.x86_64 2/5 \n Verifying : apr-util-1.5.2-6.el7.x86_64 3/5 \n Verifying : apr-1.4.8-3.el7_4.1.x86_64 4/5 \n Verifying : httpd-2.4.6-80.el7.centos.1.x86_64 5/5 \n\nInstalled:\n httpd.x86_64 0:2.4.6-80.el7.centos.1 \n\nDependency Installed:\n apr.x86_64 0:1.4.8-3.el7_4.1 apr-util.x86_64 0:1.5.2-6.el7 \n httpd-tools.x86_64 0:2.4.6-80.el7.centos.1 mailcap.noarch 0:2.1.41-2.el7 \n\nComplete!\n"
]
}
在被管理主機上查看 httpd 服務是否安裝。
[root@node1 ~]# rpm -q httpd
httpd-2.4.6-80.el7.centos.1.x86_64[root@node2 opt]# rpm -q httpd
httpd-2.4.6-80.el7.centos.1.x86_64
(2)卸載 http 軟件包
[root@ansible ~]# ansible webserver -m yum -a 'name=httpd state=absent' //卸載其中一臺主機上的 httpd 服務。
192.168.66.141 | CHANGED => {
"ansible_facts": {
"pkg_mgr": "yum"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
"已加載插件:fastestmirror, langpacks\n正在解決依賴關係\n--> 正在檢查事務\n---> 軟件包 httpd.x86_64.0.2.4.6-80.el7.centos.1 將被 刪除\n--> 解決依賴關係完成\n\n依賴關係解決\n\n================================================================================\n Package 架構 版本 源 大小\n================================================================================\n正在刪除:\n httpd x86_64 2.4.6-80.el7.centos.1 @updates 9.4 M\n\n事務概要\n================================================================================\n移除 1 軟件包\n\n安裝大小:9.4 M\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n 正在刪除 : httpd-2.4.6-80.el7.centos.1.x86_64 1/1 \n 驗證中 : httpd-2.4.6-80.el7.centos.1.x86_64 1/1 \n\n刪除:\n httpd.x86_64 0:2.4.6-80.el7.centos.1 \n\n完畢!\n"
]
}
9 . service 模塊
在 Ansible 中使用 service 模塊來控制管理服務的運行狀態。其中,使用enabled 表示是否開機自啓動,取值爲ture 或flase;使用name定義服務名稱;使用state 指定服務狀態,取值分別爲started 、stopped 、restarted.
啓動 httpd 服務,並設置開機自啓動。
[root@ansible ~]# ansible mysql -m service -a 'name=httpd enabled=true state=started'
192.168.66.142 | CHANGED => { //設置開機自啓動,狀態爲 started
"changed": true,
"enabled": true,
"name": "httpd",
"state": "started",
"status": {
"ActiveEnterTimestampMonotonic": "0",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "inactive",…….
查看 httpd 服務的狀態
[root@node2 opt]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since 日 2018-10-21 15:22:41 CST; 46s ago
Docs: man:httpd(8)
man:apachectl(8)
Main PID: 6036 (httpd)
Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec"
CGroup: /system.slice/httpd.service
├─6036 /usr/sbin/httpd -DFOREGROUND
├─6050 /usr/sbin/httpd -DFOREGROUND
├─6051 /usr/sbin/httpd -DFOREGROUND
├─6052 /usr/sbin/httpd -DFOREGROUND
├─6053 /usr/sbin/httpd -DFOREGROUND
└─6056 /usr/sbin/httpd -DFOREGROUND10月 21 15:22:16 node2 systemd[1]: Starting The Apache HTTP Server...
10月 21 15:22:31 node2 httpd[6036]: AH00558: httpd: Could not reliably determine the serv...age
10月 21 15:22:41 node2 systemd[1]: Started The Apache HTTP Server.
Hint: Some lines were ellipsized, use -l to show in full.
10 . shell 模塊
Ansible 中的 shell 模塊可以在被管理了主機上運行命令,並支持向管道符號等功能的複雜命令
創建用戶後使用無交互模式給用戶設置密碼
[root@ansible ~]# ansible mysql -m user -a 'name=tom'
192.168.66.142 | CHANGED => {
"changed": true,
"comment": "",
"create_home": true,
"group": 1003,
"home": "/home/tom",
"name": "tom",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1003
}
[root@ansible ~]# ansible mysql -m shell -a 'echo acb123 | passwd --stdin tom'
192.168.66.142 | CHANGED | rc=0 >>
更改用戶 tom 的密碼 。
passwd:所有的身份驗證令牌已經成功更新。
11 . script 模塊
Ansible 中的 script可以將本地腳本複製到被管理主機上進行運行。需要注意的是,使用相對路徑來指定腳本。
編輯一個本地腳本 test.sh,複製到被管理主機上運行。
[root@ansible ~]# cd /opt/
[root@ansible opt]# vim test.sh#!/bin/bash
echo "this is test script" > /opt/script.txt //被管理主機腳本路徑
chmod 666 /opt/script.txt[root@ansible opt]# chmod +x test.sh //給腳本執行權限
[root@ansible opt]# ansible all -m script -a 'test.sh' //複製到被管理主機
192.168.66.142 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.66.142 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.66.142 closed."
],
"stdout": "",
"stdout_lines": []
}
192.168.66.141 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.66.141 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.66.141 closed."
],
"stdout": "",
"stdout_lines": []
}
在被管理主機上查看腳本
[root@node1 opt]# ls -l
總用量 4
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
-rw-rw-rw-. 1 root root 20 10月 21 15:31 script.txt //腳本文件
[root@node1 opt]# cat script.txt //查看腳本內容
this is test script[root@node2 opt]# ls -l
總用量 12
drwxr-xr-x. 2 root root 6 10月 21 15:07 abc
-rw-rw-rw-. 1 mysql mysql 689 10月 21 14:34 fstab.bk
lrwxrwxrwx. 1 root root 13 10月 21 15:00 fstab.txt.link -> /opt/fstab.bk
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
-rw-rw-rw-. 1 root root 20 10月 21 15:31 script.txt
-rw-r--r--. 1 root root 12 10月 21 14:46 test.txt
[root@node2 opt]# cat script.txt
this is test script
12 . setup 模塊
在Ansible 中使用 setup 模塊收集、查看被管理主機的 facts (facts 是Ansible 採集被管理主機設備信息的一個功能)。每個被管理主機在接收並運行命令之前,都將自己的相關信息(操作系統版本、IP地址等)發送給控制主機。
[root@ansible opt]# ansible mysql -m setup
192.168.66.142 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.122.1",
"192.168.66.142"
],
"ansible_all_ipv6_addresses": [
"fe80::7d01:50f5:b8bc:52cd"
],
"ansible_apparmor": {
"status": "disabled"
},
"ansible_architecture": "x86_64",
"ansible_bios_date": "05/19/2017",
"ansible_bios_version": "6.00",
"ansible_cmdline": {
"BOOT_IMAGE": "/vmlinuz-3.10.0-693.el7.x86_64",
"LANG": "zh_CN.UTF-8",
"quiet": true,
"rhgb": true,
"ro": true,
"root": "UUID=5e874d95-9d77-4a71-8f97-454363885543"……