#使用ansible-doc:查看各種模塊的幫助
#命令格式: ansible-doc -l #列出所有的模塊列表 ansible-doc -s 模塊名 #查看指定模塊的參數 ansible-doc 模塊名 #查看指定模塊的詳細參數 #示例 ansible-doc copy #查看copy模塊的幫助 ansible-doc yum #查看yum模塊的幫助 #查看yum幫助信息 EXAMPLES: - name: install the latest version of Apache yum: name: httpd state: latest - name: ensure a list of packages installed yum: name: "{{ packages }}" vars: packages: - httpd - httpd-tools - name: remove the Apache package yum: name: httpd state: absent
#提示:
#在傳送命令下載的時候如果此前有操作過,那些會顯示執行成功,但是會顯示綠色 #傳送顯示顏色信息說明 1.黃色:對遠程節點進行相應修改 2.綠色:對遠程節點不進行相應修改 3.紅色:操作執行有問題 4.紫色:表示對命令執行發出警告信息(可能存在問題)
#常見模塊概覽
#常用模塊 示例 command #ansible k8s-node -m command -a 'uptime' shell #ansible k8s-node -m shell -a "free -m" scripts #ansible k8s-node -m script -a "/etc/ansible/init.sh" copy #ansible k8s-node -m copy -a "src=/etc/hosts dest=/tmp owner=root group=root mode=0755" yum #ansible k8s-node -m yum -a "name=httpd state=latest" yum_repository #添加yum倉庫,用法可ansible-doc yum_repository查看幫助 group #ansible k8s-node -m group -a "name=www gid=666" user #ansible k8s-node -m user -a "name=user1 state=present" service #ansible k8s-node -m service -a "name=httpd state=restarted" file #ansible k8s-node -m file -a "path=/data state=directory owner=www group=www recurese=yes" recurese(遞歸授權) state=touch(創建文件) sysctl #ansible k8s-node -m sysctl -a "name=net.ipv4.ip_forward value=1 reload=yes" stat #ansible k8s-node -m stat -a "path=/tmp/hosts" get url #ansible k8s-node -m get_url -a "url=https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm dest=/tmp/ mode=0440 force=yes" cron #ansible k8s-node -m cron -a "name=list minute=*/30 job='ls tmp'" setup mount #參數解釋:-m:指定模塊名,-a:命令參數
#常用模塊的使用
1.command模塊
爲默認的模塊,不指定-m參數時,就是使用command模塊 有些命令不能執行,如:"<" "|" ">" "&"等 缺點:不支持管道,無法批量執行命令 #示例:檢查ansible節點的內核版本 [root@k8s-master ~]# ansible k8s-node -a 'uname -r' 192.168.86.132 | CHANGED | rc=0 >> 3.10.0-1062.el7.x86_64 192.168.86.133 | CHANGED | rc=0 >> 3.10.0-1062.el7.x86_64 #提示:不指定hosts文件,默認使用/etc/ansible/hosts
2.shell模塊
#在遠程命令通過/bin/sh執行,支持各種命令 [root@k8s-master ~]# ansible k8s-node -m shell -a "free -m" #提示: #-a:是指定模塊需要執行的命令 #-m: 指定模塊名 192.168.86.133 | CHANGED | rc=0 >> total used free shared buff/cache available Mem: 1819 190 1391 9 237 1479 Swap: 2047 0 2047 192.168.86.132 | CHANGED | rc=0 >> total used free shared buff/cache available Mem: 1819 194 1366 9 258 1473 Swap: 2047 0 2047
3.scripts模塊
#使用scripts模塊可以在本地寫一個腳本,在遠程服務器上執行 [root@k8s-master ansible]# cat /etc/ansible/init.sh #!/bin/bash date hostname #執行 [root@k8s-master ansible]# ansible k8s-node -m script -a "/etc/ansible/init.sh" 192.168.86.133 | CHANGED => { "changed": true, "rc": 0, "stderr": "Shared connection to 192.168.86.133 closed.\r\n", "stderr_lines": [ "Shared connection to 192.168.86.133 closed." ], "stdout": "Sun May 24 23:50:48 EDT 2020\r\nnode2\r\n", "stdout_lines": [ "Sun May 24 23:50:48 EDT 2020", "node2" ] } 192.168.86.132 | CHANGED => { ..... }
4.copy模塊
#實現主控制端向目標主機拷貝文件,類似scp功能 例如:將ansible主機上的/etc/hosts文件複製到主機組中的/tmp目錄下 [root@k8s-master ~]# ansible k8s-node -m copy -a "src=/etc/hosts dest=/tmp owner=root group=root mode=0755" 192.168.86.133 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true, "checksum": "7335999eb54c15c67566186bdfc46f64e0d5a1aa", "dest": "/tmp/hosts", "gid": 0, "group": "root", "md5sum": "54fb6627dbaa37721048e4549db3224d", "mode": "0755", "owner": "root", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 158, "src": "/root/.ansible/tmp/ansible-tmp-1590378818.52-2470-232195177895701/source", "state": "file", "uid": 0 } #參數解釋: src: 指定源文件 dest: 指定目標文件 owner: 所屬主 group: 所屬組 mode: 權限 #查看效果 [root@node1 ~]# cd /tmp/ [root@node1 tmp]# ls -l total 4 -rwxr-xr-x. 1 root root 158 May 24 23:53 hosts
5.yum模塊
#yum模塊可以提供的status狀態:latest,present,installed ,更多信息使用ansible-doc查看幫助 例子:安裝httpd [root@k8s-master ~]# ansible k8s-node -m yum -a "name=httpd state=latest" #提示:name=包名 移除 tasks: - name: install httpd Packages yum: name=httpd state=removed
6.yum_repository 添加倉庫模塊
[root@game project]# cat task_2.yml - hosts: all tasks: - name: Add Nginx Repo yum_repository: name: CentOS-nginx description: EPEL Nginx repo baseurl: http://nginx.org/packages/centos/7/$basearch/ gpgcheck: no enabled: yes #更多參數可參考ansible-doc yum_repository
7.service模塊
#遠程主機系統服務管理 #service常用參數 name參數:用戶指定需要操作的服務名稱,如:nginx state參數:指定服務的狀態,啓動服務爲started,停止位stopped,重啓爲restarted enabled參數:設置爲開啓啓動,yes:爲開機啓動,no不開機啓動 #例子:重啓httpd服務 [root@k8s-master ~]# ansible k8s-node -m service -a "name=httpd state=restarted"
8.user用戶模塊
例如:添加用戶 [root@k8s-master ~]# ansible k8s-node -m user -a "name=user1 state=present" #提示:更多命令查看幫助ansible-doc user
9.sysctl模塊
#遠程主機sysctl配置 例如:開啓路由轉發功能 [root@k8s-master ~]# ansible k8s-node -m sysctl -a "name=net.ipv4.ip_forward value=1 reload=yes" 192.168.86.132 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true } 192.168.86.133 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true } #查看效果 [root@node1 ~]# cat /proc/sys/net/ipv4/ip_forward 1
10.cron定時任務模塊
#設定定時任務:遠程主機crontab配置 例子:增加每30分鐘執行ls /tmp [root@k8s-master ~]# ansible k8s-node -m cron -a "name=list minute=*/30 job='ls tmp'" 192.168.86.133 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true, "envs": [], "jobs": [ "list" ] } 192.168.86.132 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true, "envs": [], "jobs": [ "list" ] } 查看效果 [root@node1 ~]# crontab -l #Ansible: list */30 * * * * ls tmp
11.stat模塊
#獲取遠程文件信息 [root@k8s-master ~]# ansible k8s-node -m stat -a "path=/tmp/hosts" 192.168.86.133 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "stat": { "atime": 1590378819.9538696, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "7335999eb54c15c67566186bdfc46f64e0d5a1aa", "ctime": 1590378819.9598696, "dev": 64768, "device_type": 0, "executable": true, "exists": true, "gid": 0, "gr_name": "root", ........ "xoth": true, "xusr": true } }
12.get url模塊
#實現遠程主機下載指定url到本地 例如:下載epel-release-latest-7.noarch.rpm到主機清單中的tmp目錄下 [root@k8s-master ~]# ansible k8s-node -m get_url -a "url=https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm dest=/tmp/ mode=0440 force=yes" #提示:url=https://xxx 的等號=前後不能有空格 #擴展:force=yes的作用 [root@k8s-master ~]# ansible-doc -s get_url #在此輸出找force信息 如果force=yes,下載文件如果內容和源目錄下的內容不一樣,則替換,如果一樣就不下載了,如果force=no。則目標不存在才下載文件 #查看效果 [root@node1 ~]# ls -l /tmp/epel-release-latest-7.noarch.rpm -r--r-----. 1 root root 15264 May 25 00:11 /tmp/epel-release-latest-7.noarch.rpm
13.setup模塊
setup模塊主要用於收集遠程主機的基本信息,可以作爲變量來獲取 #相關參數 ansible_all_ipv4_addresses # ipv4的所有地址 ansible_all_ipv6_addresses # ipv6的所有地址 ansible_date_time # 獲取到控制節點時間 ansible_default_ipv4 # 默認的ipv4地址 ansible_distribution # 系統 ansible_distribution_major_version # 系統的大版本 ansible_distribution_version # 系統的版本號 ansible_domain #系統所在的域 ansible_env #系統的環境變量 ansible_hostname #系統的主機名 ansible_fqdn #系統的全名 ansible_machine #系統的架構 ansible_memory_mb #系統的內存信息 ansible_os_family # 系統的家族 ansible_pkg_mgr # 系統的包管理工具 ansible_processor_cores #系統的cpu的核數(每顆) ansible_processor_count #系統cpu的顆數 ansible_processor_vcpus #系統cpu的總個數=cpu的顆數*CPU的核數 ansible_python # 系統上的python ansible cache -m setup -a 'filter=*processor*' # 用來搜索