運維自動化神器ansible之group模塊

ansible之group模塊

group模塊是用來添加或者刪除組

首先使用ansible-doc來查看用法

[root@note0 ansible]# ansible-doc -s group
- name: Add or remove groups
  group:
      gid:                   # Optional `GID' to set for the group.
      local:                 # Forces the use of "local" command alternatives on platforms that implement it. This is useful in environments that use centralized
                               authentication when you want to manipulate the local groups. (e.g. it uses `lgroupadd' instead of
                               `groupadd'). This requires that these commands exist on the targeted host, otherwise it will be a fatal
                               error.
      name:                  # (required) Name of the group to manage.
      non_unique:            # This option allows to change the group ID to a non-unique value. Requires `gid'. Not supported on macOS or BusyBox distributions.
      state:                 # Whether the group should be present or not on the remote host.
      system:                # If `yes', indicates that the group created is a system group.

通過上面的參數列表我們可以瞭解到group模塊有幾個重要屬性

OPTIONS (= is mandatory):選項前面爲=的爲必填參數

一、name

= name
        Name of the group to manage.
        type: str

要操作的group的組名，string類型，必填項

1.1、示例

創建一個名字爲test的組。

[root@note0 ~]# ansible local -m group -a "name=test"
176.16.128.1 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    <font color="red">"changed": true,</font>#可以看到changed狀態爲true，代表已經在主機添加組成功。
    "gid": 1000, 
    "name": "test", 
    "state": "present", 
    "system": false
}

查看主機/etc/group文件驗證

[root@note1 ~]# cat /etc/group
test:x:1000:

二、state

- state
        Whether the group should be present or not on the remote host.
        (Choices: absent, present)[Default: present]
        type: str

state用於指定用戶組在遠程主機上是否被更改或刪除，string類型。
有兩個選項：absent，present。默認值爲present，absent爲刪除組。

2.1、示例

我們來刪除一下剛纔創建的組。

[root@note0 ~]# ansible local -m group -a "name=test state=absent"
176.16.128.1 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "test", 
    "state": "absent"
}

三、gid

- gid
        Optional `GID' to set for the group.
        [Default: (null)]
        type: int

gid用於設定用戶組gid，int類型，默認值爲空

3.1、示例

創建一個gid爲1005，名字爲test的組。

[root@note0 ~]# ansible local -m group -a "name=test gid=1005 state=present"
176.16.128.1 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 1005, 
    "name": "test", 
    "state": "present", 
    "system": false
}

查看主機/etc/group文件，我們可以看到新創建的組gid爲1005。

[root@note1 ~]# cat /etc/group
test:x:1005:

四、system

- system
        If `yes', indicates that the group created is a system group.
        [Default: False]
        type: bool

system用於指定創建的用戶組是否爲系統組，布爾類型，可用選項false，true，默認爲false

4.1、示例

創建一個名字爲test的系統組。

[root@note0 ~]# ansible local -m group -a "name=test state=present system=true"
176.16.128.1 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 994, 
    "name": "test", 
    "state": "present", 
    "system": true
}

查看主機/etc/group文件驗證

[root@note1 ~]# cat /etc/group
test:x:994:

可以看到test組的gid爲994，gid小於1000爲系統組。