1. ansible-常用模塊
根據官方的分類,將模塊按功能分類爲:雲模塊、命令模塊、數據庫模塊、文件模塊、資產模塊、消息模塊、監控模塊、網絡模塊、通知模塊、包管理模塊、源碼控制模塊、系統模塊、單元模塊、web設施模塊、windows模塊
user:配置用戶
group:配置用戶組
cron:配置計劃任務
copy:複製文件到遠程主機
file: 用於配置文件屬性
yum:用於安裝軟件包
service:用於管理服務
shell: 用於執行命令可以帶 “ |”管道符號等
scripts:在遠程主機執行控制端的腳本文件
setup:查看遠程主機的基本信息
filesystem:在塊設備上創建文件系統
mount:配置掛載點
synchronize:使用rsync同步文件
get_url:該模塊主要用於從http、ftp、https服務器上下載文件(類似於wget)
package:使用os包管理器安裝,升級和刪除包
stat:獲取遠程主機文件狀態信息。
unarchive: 用於解壓文件
command:在遠程主機上執行命令
raw:類似於shell模塊,支持管道
ping:用於檢測遠程主機是否存活
1)ping模塊
測試主機是否通的,用法很簡單
[root@test-1 ansible]# ansible test -m ping [DEPRECATION WARNING]: DEFAULT_SUDO_USER option, In favor of Ansible Become, which is a generic framework. See become_user. , use become instead. This feature will be removed in version 2.8. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. 192.168.3.174 | SUCCESS => { "changed": false, "ping": "pong" } 192.168.3.175 | SUCCESS => { "changed": false, "ping": "pong" }
2) file-模塊
file模塊主要用於遠程主機上的文件操作,file模塊包含如下選項:
force:需要在兩種情況下強制創建軟連接。
一種是源文件不存在但之後會創建的情況下;
另一種是目標軟鏈接已存在,需要先取消之前的軟鏈,然後創建新的軟鏈,有兩個選項:yes|no
group:定義文件/目錄的屬組
owner:定義文件/目錄的屬主
mode:定義文件/目錄的權限
path:必選項,定義文件/目錄的路徑
recurse:遞歸設置文件的屬性,只對目錄有效
src:要被鏈接的源文件的路徑,只應用於state=link的情況
dest:被鏈接到的路徑,只應用於state=link的情況
state:定義文件狀態
directory:如果目錄不存在,創建目錄
file:即使文件不存在,也不會被創建
link:創建軟鏈接
hard:創建硬鏈接
touch:如果文件不存在,則會創建一個新的文件,如果文件或目錄已存在,則更新其最後修改時間
absent:刪除目錄、文件或者取消鏈接文件
2.1) 案例1-用file創建一個軟連接/etc/fstab到/tmp/fstab
[root@test-1 ansible]# ansible test -m file -a "src=/etc/fstab dest=/tmp/fstab state=link" [DEPRECATION WARNING]: DEFAULT_SUDO_USER option, In favor of Ansible Become, which is a generic framework. See become_user. , use become instead. This feature will be removed in version 2.8. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. 192.168.3.175 | CHANGED => { "changed": true, "dest": "/tmp/fstab", "gid": 0, "group": "root", "mode": "0777", "owner": "root", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 10, "src": "/etc/fstab", "state": "link", "uid": 0 } 192.168.3.174 | CHANGED => { "changed": true, "dest": "/tmp/fstab", "gid": 0, "group": "root", "mode": "0777", "owner": "root", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 10, "src": "/etc/fstab", "state": "link", "uid": 0 }
執行結果
[root@test-2 tmp]# ll total 8 lrwxrwxrwx. 1 root root 10 Nov 19 02:44 fstab -> /etc/fstab -rwx------. 1 root root 836 Oct 24 09:40 ks-script-6aY4Ug drwx------. 3 root root 17 Oct 25 23:39 systemd-private-664f2393bb954d4d812ce589bd921c84-chronyd.service-sclu10 -rw-r--r--. 1 root root 8 Oct 25 22:26 test.txt drwx------. 2 root root 6 Oct 24 09:44 vmware-root -rw-------. 1 root root 0 Oct 24 09:36 yum.log
2.2) 案例2-我們需要在遠程服務器上/tmp/下創建一個file文件
[root@test-1 ansible]# ansible test -m file -a 'path=/tmp/file state=touch' [DEPRECATION WARNING]: DEFAULT_SUDO_USER option, In favor of Ansible Become, which is a generic framework. See become_user. , use become instead. This feature will be removed in version 2.8. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. 192.168.3.174 | CHANGED => { "changed": true, "dest": "/tmp/file", "gid": 0, "group": "root", "mode": "0644", "owner": "root", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 0, "state": "file", "uid": 0
執行結果:
[root@test-2 tmp]# ll total 8 -rw-r--r--. 1 root root 0 Nov 19 03:12 file lrwxrwxrwx. 1 root root 10 Nov 19 02:44 fstab -> /etc/fstab -rwx------. 1 root root 836 Oct 24 09:40 ks-script-6aY4Ug drwx------. 3 root root 17 Oct 25 23:39 systemd-private-664f2393bb954d4d812ce589bd921c84-chronyd.service-sclu10 -rw-r--r--. 1 root root 8 Oct 25 22:26 test.txt drwx------. 2 root root 6 Oct 24 09:44 vmware-root -rw-------. 1 root root 0 Oct 24 09:36 yum.log
2.3) 案例3-需要遠程test組下修改file的文件權限
[root@test-1 ansible]# ansible test -m file -a "path=/tmp/file mode=755" [DEPRECATION WARNING]: DEFAULT_SUDO_USER option, In favor of Ansible Become, which is a generic framework. See become_user. , use become instead. This feature will be removed in version 2.8. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. 192.168.3.174 | CHANGED => { "changed": true, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/tmp/file", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 0, "state": "file", "uid": 0 }
執行結果:
[root@test-1 ansible]# ansible test -m command -a 'ls -lh /tmp/' [DEPRECATION WARNING]: DEFAULT_SUDO_USER option, In favor of Ansible Become, which is a generic framework. See become_user. , use become instead. This feature will be removed in version 2.8. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. 192.168.3.174 | CHANGED | rc=0 >> total 8.0K drwx------. 2 root root 80 Nov 19 03:20 ansible_command_payload_8myj39 -rwxr-xr-x. 1 root root 0 Nov 19 03:12 file lrwxrwxrwx. 1 root root 10 Nov 19 02:44 fstab -> /etc/fstab -rwx------. 1 root root 836 Oct 24 09:40 ks-script-6aY4Ug drwx------. 3 root root 17 Oct 25 23:39 systemd-private-664f2393bb954d4d812ce589bd921c84-chronyd.service-sclu10 -rw-r--r--. 1 root root 8 Oct 25 22:26 test.txt drwx------. 2 root root 6 Oct 24 09:44 vmware-root -rw-------. 1 root root 0 Oct 24 09:36 yum.log
3) copy模塊
backup:在覆蓋之前將原文件備份,備份文件包含時間信息。有兩個選項:yes|no
content:用於替代"src",可以直接設定指定文件的值
dest:必選項。要將源文件複製到的遠程主機的絕對路徑,如果源文件是一個目錄,那麼該路徑也必須是個目錄
directory_mode:遞歸的設定目錄的權限,默認爲系統默認權限
force:如果目標主機包含該文件,但內容不同,如果設置爲yes,則強制覆蓋,如果爲no,則只有當目標主機的目標位置不存在該文件時,才複製。默認爲yes
others:所有的file模塊裏的選項都可以在這裏使用
src:要複製到遠程主機的文件在本地的地址,可以是絕對路徑,也可以是相對路徑。如果路徑是一個目錄,它將遞歸複製。在這種情況下,如果路徑使用"/"來結尾,則只複製目錄裏的內容,如果沒有使用"/"來結尾,則包含目錄在內的整個內容全部複製,類似於rsync。
validate :The validation command to run before copying into place. The path to the file to validate is passed in via '%s' which must be present as in the visudo example bel
3.1) 案例1-從本地拷貝文件到ansibel目標的目錄
[root@test-1 ansible]# touch /tmp/aa #本地測試創建的aa文件 [root@test-1 ansible]# ansible test -m copy -a "src=/tmp/aa dest=/tmp/aa" [DEPRECATION WARNING]: DEFAULT_SUDO_USER option, In favor of Ansible Become, which is a generic framework. See become_user. , use become instead. This feature will be removed in version 2.8. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. 192.168.3.174 | CHANGED => { "changed": true, "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "dest": "/tmp/aa", "gid": 0, "group": "root", "md5sum": "d41d8cd98f00b204e9800998ecf8427e", "mode": "0644", "owner": "root", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 0, "src": "/root/.ansible/tmp/ansible-tmp-1542616228.03-86258002572076/source", "state": "file", "uid": 0 }
執行結果:
[root@test-2 tmp]# ll total 8 -rw-r--r--. 1 root root 0 Nov 19 03:30 aa -rwxr-xr-x. 1 root root 0 Nov 19 03:12 file lrwxrwxrwx. 1 root root 10 Nov 19 02:44 fstab -> /etc/fstab -rwx------. 1 root root 836 Oct 24 09:40 ks-script-6aY4Ug drwx------. 3 root root 17 Oct 25 23:39 systemd-private-664f2393bb954d4d812ce589bd921c84-chronyd.service-sclu10 -rw-r--r--. 1 root root 8 Oct 25 22:26 test.txt drwx------. 2 root root 6 Oct 24 09:44 vmware-root -rw-------. 1 root root 0 Oct 24 09:36 yum.log
3.2) 案例2-ansible使用backup進行備份
[root@test-1 ansible]# vim /tmp/aa [root@test-1 ansible]# ansible test -m copy -a "src=/tmp/aa dest=/tmp/aa backup=yes" [DEPRECATION WARNING]: DEFAULT_SUDO_USER option, In favor of Ansible Become, which is a generic framework. See become_user. , use become instead. This feature will be removed in version 2.8. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. 192.168.3.174 | CHANGED => { "backup_file": "/tmp/aa.3042.2018-11-19@03:37:06~", "changed": true, "checksum": "5730dd3a58d64a39a7fc704c3c5570d70303d9db", "dest": "/tmp/aa", "gid": 0, "group": "root", "md5sum": "96fdb0b7ddbb489f8636769965584623", "mode": "0644", "owner": "root", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 35, "src": "/root/.ansible/tmp/ansible-tmp-1542616624.56-136259009428901/source", "state": "file", "uid": 0
執行結果
[root@test-2 tmp]# ll total 16 -rw-r--r--. 1 root root 35 Nov 19 03:37 aa -rw-r--r--. 1 root root 56 Nov 19 03:36 aa.3042.2018-11-19@03:37:06~ #這裏是ansible使用的 -rwxr-xr-x. 1 root root 0 Nov 19 03:12 file lrwxrwxrwx. 1 root root 10 Nov 19 02:44 fstab -> /etc/fstab -rwx------. 1 root root 836 Oct 24 09:40 ks-script-6aY4Ug drwx------. 3 root root 17 Oct 25 23:39 systemd-private-664f2393bb954d4d812ce589bd921c84-chronyd.service-sclu10 -rw-r--r--. 1 root root 8 Oct 25 22:26 test.txt drwx------. 2 root root 6 Oct 24 09:44 vmware-root -rw-------. 1 root root 0 Oct 24 09:36 yum.log