自动化运维工具Ansible

目录

一.Ansible基本内容

1.定义

2.特点与优势

优势:

(1)轻便性:无需在被控制服务器上安装客户端,Ansible基于ssh协议

[(2)幂等性:大部分模块有幂等性,即如果输入systemctl stop firewalld当发现要停止的服务已经停止就不会做任何操作了,多次停止不会改变结果。systemtl restart是非幂等的。](#(2)幂等性:大部分模块有幂等性,即如果输入systemctl stop firewalld当发现要停止的服务已经停止就不会做任何操作了,多次停止不会改变结果。systemtl restart是非幂等的。)

(3)判断性:大部分模块在执行时都会判断目标节点是否要执行任务,所有重复执行某个任务大部分时间不会产生副作用

(4)简介性:一个窗口即可管理所有需要控制的机器,无需开启多个窗口

特点:

(1)部署简单,只需要主控端部署Ansible环境,被控端无需做任何操作;

(2)默认使用SSH协议设备进行管理;

(3)主从集中化管理;

(4)配置简单、功能强大、扩展性强;

(5)支持API及自定义模块,可以通过Python轻松扩展

(6)通过playbooks来定制强大的配置、状态管理

(7)对云平台和大数据都有很好的支持

4.Anisible核心程序

(1)HostInventory:记录由Ansible管理的主机信息,端口,ip,密码等

(2)playbooks:'剧本'YAML格式文件,多任务定义在一个文件中,定义主机需要调用那些模块完成功能

[(3)core modeules:核心模块主要操作通过调用核心模块来完成管理任务](#(3)core modeules:核心模块主要操作通过调用核心模块来完成管理任务)

(4)customodules:自定义模块,完成核心模块无法完成的模块,支持多种语言编写

(5)connectiontugins:连接插件,ansible和主机通信使用(ssh协议)

5.Ansible工作原理

(1)加载自己的配置文件,默认/etc/ansible/ansible.cfg

(2)查找对应的主机的配置文件,找到要执行的主机或组/etc/ansible/hosts文件

(3)加载自己对应的模块文件,如command、yum、ping、

(4)通过ansible将模块命令生成对应的临时py文件(类似python脚本),并将该文件传输至被管理端

(5)传输到在被控制端的对应用户的家目录下.ansible/tmp/xxx/xxx.py

(6)被控制端给传输过来的py文件加执行权限

[(7)执行并返回结果,执行完成后删除py文件并sleep 0退出](#(7)执行并返回结果,执行完成后删除py文件并sleep 0退出)

6.选项

二.Ansible自动化运维工具安装

1.yum安装

2.编译安装------不建议

3.Git安装------不建议

三、相关文件

1.Ansible主配置文件

2.inventory主机清单文件

3.示例

3.1修改ssh配置------免密

3.2修改ansible配置------免密

4.Ansible相关工具

5.Ansible选项

6.执行返回结果

7.Ansible-doc

[8. Ansible-console](#8. Ansible-console)

四、模块

[1.Command 模块](#1.Command 模块)

[2.Shell 模块](#2.Shell 模块)

[3.Script 模块](#3.Script 模块)

[4.Copy 模块](#4.Copy 模块)

[5.Get_url 模块](#5.Get_url 模块)

5.1md5sum

5.2修改名称

[6.Fetch 模块](#6.Fetch 模块)

[7.File 模块](#7.File 模块)

7.1新建空文件

7.2新建目录

7.3删除文件

7.4递归修改目录属性

[8.State 模块](#8.State 模块)

[9.Unarchive 模块](#9.Unarchive 模块)

9.1把本机的压缩包解压到远端主机

9.2把远端主机的压缩包解压到指定目录

[10.Archive 模块](#10.Archive 模块)

[11.Hostname 模块](#11.Hostname 模块)

[12.Cron 模块](#12.Cron 模块)

12.1生成远端主机的定时计划

12.2disabled------不启用

12.3删除计划任务

[13.Yum和Apt 模块](#13.Yum和Apt 模块)

[14.yum_repository 模块](#14.yum_repository 模块)

[15.Service 模块](#15.Service 模块)

[16.mount 挂载和卸载模块](#16.mount 挂载和卸载模块)

[17.User 模块](#17.User 模块)

[18.Group 模块](#18.Group 模块)

[19.reboot 模块](#19.reboot 模块)

[20.Lineinfile 模块](#20.Lineinfile 模块)

[21.replace 模块](#21.replace 模块)

[22.setup 模块](#22.setup 模块)

22.1主机相关信息

22.2系统总内存

22.3详细显示内存情况

22.4显示可用系统内存

22.5系统所属信息

22.6当前系统版本

22.7当前系统详细版本

22.8显示cpu个数(只显示总的个数)

22.9仅显示ipv4的信息

22.10版本信息

22.11在线时长

22.12内核参数信息

22.13环境变量

22.14setup模块总结------常用信息


一.Ansible基本内容

1.定义

Ansible是基于模块工作的,只是提供了一种运行框架,本身没有完成任务的能力,真正操作的是Anisble的模块。每个模块都是独立的、实现了批量系统配置、批量程序部署、批量运行命令等功能。

2.特点与优势
优势:
(1)轻便性:无需在被控制服务器上安装客户端,Ansible基于ssh协议
(2)幂等性:大部分模块有幂等性,即如果输入systemctl stop firewalld当发现要停止的服务已经停止就不会做任何操作了,多次停止不会改变结果。systemtl restart是非幂等的。
(3)判断性:大部分模块在执行时都会判断目标节点是否要执行任务,所有重复执行某个任务大部分时间不会产生副作用
(4)简介性:一个窗口即可管理所有需要控制的机器,无需开启多个窗口
特点:
(1)部署简单,只需要主控端部署Ansible环境,被控端无需做任何操作;
(2)默认使用SSH协议设备进行管理;
(3)主从集中化管理;
(4)配置简单、功能强大、扩展性强;
(5)支持API及自定义模块,可以通过Python轻松扩展
(6)通过playbooks来定制强大的配置、状态管理
(7)对云平台和大数据都有很好的支持
4.Anisible核心程序
(1)HostInventory:记录由Ansible管理的主机信息,端口,ip,密码等
(2)playbooks:'剧本'YAML格式文件,多任务定义在一个文件中,定义主机需要调用那些模块完成功能
(3)core modeules:核心模块主要操作通过调用核心模块来完成管理任务
(4)customodules:自定义模块,完成核心模块无法完成的模块,支持多种语言编写
(5)connectiontugins:连接插件,ansible和主机通信使用(ssh协议)

5.Ansible工作原理

(1)加载自己的配置文件,默认/etc/ansible/ansible.cfg
(2)查找对应的主机的配置文件,找到要执行的主机或组/etc/ansible/hosts文件
(3)加载自己对应的模块文件,如command、yum、ping、
(4)通过ansible将模块命令生成对应的临时py文件(类似python脚本),并将该文件传输至被管理端
(5)传输到在被控制端的对应用户的家目录下.ansible/tmp/xxx/xxx.py
(6)被控制端给传输过来的py文件加执行权限
(7)执行并返回结果,执行完成后删除py文件并sleep 0退出
6.选项

|-------------------------|-------------------------|
| --version | #显示版本 |
| -m module | #指定模块,默认为command |
| -v | #详细过程 -vv -vvv更详细 |
| --list-hosts | #显示主机列表,可简写 --list |
| -C, --check | #检查,并不执行 |
| -T, --timeout=TIMEOUT | #执行命令的超时时间,默认10s |
| -k, --ask-pass | #提示输入ssh连接密码,默认Key验证 |
| -u, --user=REMOTE_USER | #执行远程执行的用户,默认root |
| -b, --become | #代替旧版的sudo 切换 |
| --become-user=USERNAME | #指定sudo的runas用户,默认为root |
| vim /etc/sudoers 用户权限 | |
| -K, --ask-become-pass | #提示输入sudo时的口令 |
| -f FORKS, --forks FORKS | #指定并发同时执行ansible任务的主机 |

二.Ansible自动化运维工具安装

1.yum安装

[root@localhost ~]#yum install epel-release.noarch -y
[root@localhost ~]#yum install ansible -y
[root@localhost ~]#ansible --version
ansible 2.9.27
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Aug  4 2017, 00:39:18) [GCC 4.8.5 20150623 (Red Hat 4.8.5-16)]

2.编译安装------不建议

yum -y install python-jinja2 PyYAML python-paramiko python-babel python-crypto
wget https://releases.ansible.com/ansible/ansible-2.9.27.tar.gz
tar xf ansible-1.5.4.tar.gz
cd ansible-2.9.27
python setup.py build
python setup.py install
mkdir /etc/ansible
cp -r examples/* /etc/ansible

3.Git安装------不建议

yum install git
git clone git://github.com/ansible/ansible.git --recursive
cd ./ansible
source ./hacking/env-setup

三、相关文件

  • /etc/ansible/ansible.cfg 主配置文件,配置ansible工作特性,也可以在项目的目录中创建此文件,当前目录下如果也有ansible.cfg,则此文件优先生效,建议每个项目目录下,创建独有的ansible.cfg文 件
  • /etc/ansible/hosts 主机清单
  • /etc/ansible/roles/ 存放角色的目录

1.Ansible主配置文件

Ansible 的配置文件可以放在多个不同地方,优先级从高到低顺序如下

ANSIBLE_CONFIG
#环境变量,注意此项用 ansible --version 看不到,但可以生效
./ansible.cfg
#当前目录下的ansible.cfg
~/.ansible.cfg
#当前用户家目录下的.ansible.cfg
/etc/ansible/ansible.cfg
#系统默认配置文件

Ansible 的默认配置文件 /etc/ansible/ansible.cfg ,其中大部分的配置内容无需进行修改

[defaults]
#inventory     = /etc/ansible/hosts 	#主机列表配置文件
#library = /usr/share/my_modules/ 		#库文件存放目录
#remote_tmp = $HOME/.ansible/tmp 		#临时py命令文件存放在远程主机目录
#local_tmp     = $HOME/.ansible/tmp 	#本机的临时命令执行目录
#forks         = 5   					#默认并发数
#sudo_user     = root 					#默认sudo 用户
#ask_sudo_pass = True 					#每次执行ansible命令是否询问ssh密码
#ask_pass     = True   
#remote_port   = 22
#host_key_checking = False     			#检查对应服务器的host_key,建议取消此行注释,实现第一次连接自动信任目标主机
#log_path=/var/log/ansible.log 			#日志文件,建议启用
#module_name = command   		、mod		#默认模块,可以修改为shell模块
[privilege_escalation] 					#普通用户提权配置
#become=True
#become_method=sudo
#become_user=root
#become_ask_pass=False

2.inventory主机清单文件

ansible的主要功用在于批量主机操作,为了便捷地使用其中的部分主机,可以在inventory 主机清单文件中将其分组组织

官方文档: https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html
默认的inventory file 位置在 /etc/ansible/hosts

ansible_ssh_host 
#将要连接的远程主机名.与你想要设定的主机的别名不同的话,可通过此变量设置.
ansible_ssh_port 
#ssh端口号.如果不是默认的端口号,通过此变量设置.这种可以使用 ip:端口
192.168.1.100:2222
 
ansible_ssh_user 
#默认的 ssh 用户名
 
ansible_ssh_pass 
#ssh 密码(这种方式并不安全,我们强烈建议使用 --ask-pass 或 SSH 密钥)
 
ansible_sudo_pass 
#sudo 密码(这种方式并不安全,我们强烈建议使用 --ask-sudo-pass)
 
ansible_sudo_exe (new in version 1.8)
#sudo 命令路径(适用于1.8及以上版本)
 
ansible_connection 
#与主机的连接类型.比如:local, ssh 或者 paramiko. Ansible 1.2 以前默认使用 paramiko.1.2 以后默认使用 'smart','smart' 方式会根据是否支持 ControlPersist, 来判断'ssh' 方式是否可行.
 
ansible_ssh_private_key_file
#ssh 使用的私钥文件.适用于有多个密钥,而你不想使用 SSH 代理的情况.
 
ansible_shell_type 
#目标系统的shell类型.默认情况下,命令的执行使用 'sh' 语法,可设置为'csh' 或 'fish'.
 
ansible_python_interpreter 
#目标主机的 python 路径.适用于的情况: 系统中有多个 Python, 或者命令路径不是"/usr/bin/python",比如 \*BSD, 或者 /usr/bin/python 不是 2.X 版本的Python.之所以不使用 "/usr/bin/env" 机制,因为这要求远程用户的路径设置正确,且要求 "python" 可执行程序名不可为 python以外的名字(实际有可能名为python26).与ansible_python_interpreter 的工作方式相同,可设定如 ruby 或 perl 的路径....

3.示例

[root@localhost ~]#vim /etc/ansible/hosts
[root@localhost ~]#sed -n '45,51p' /etc/ansible/hosts 
[web]
192.168.241.22
192.168.241.23
 
 
[all]
192.168.241.[22:26]

[root@localhost ~]#ansible 192.168.91.105 -m ping
#可以指定   m代表使用模块  ping代表ping模块 命令探测下,需要输入 yes 或no

m代表使用模块 ping代表ping模块 命令探测下,需要输入 yes 或no

[root@localhost ~]#ansible web -m ping -k
#-k 输入密码 只有一次机会,如果密码不同无法一起管理,建议ssh免密
SSH password: 
192.168.241.23 | FAILED! => {
    "msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this.  Please add this host's fingerprint to your known_hosts file to manage this host."
}
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
3.1修改ssh配置------免密
[root@localhost ~]#vim /etc/ssh/ssh_config 
[root@localhost ~]#sed -n '35p' /etc/ssh/ssh_config 
   StrictHostKeyChecking ask---->no

[root@localhost ~]#ansible web -m ping -k 
SSH password: 
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
[root@localhost ~]#ansible web -m ping
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}

[root@localhost ~]#ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:asSeknDK6vVK7Xq2iCLXjPiCRsAd9d4n7TTSw+v5f+U root@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
|    ..           |
|   .  .          |
|. . .  .         |
|.. . .. . +      |
|. . . o.S+ O     |
| o +.+ o  * +   .|
|o.o*o.=    o   ..|
|*o* *=    . .   E|
|**.+=+.    o.....|
+----[SHA256]-----+
[root@localhost ~]#ssh-copy-id 192.168.241.22
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.241.22's password: 
 
Number of key(s) added: 1
 
Now try logging into the machine, with:   "ssh '192.168.241.22'"
and check to make sure that only the key(s) you wanted were added.
 
[root@localhost ~]#ssh-copy-id 192.168.241.23
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.241.23's password: 
Number of key(s) added: 1
Now try logging into the machine, with:   "ssh '192.168.241.23'"
and check to make sure that only the key(s) you wanted were added.
3.2修改ansible配置------免密
[root@localhost ~]#vim /etc/ansible/ansible.cfg 
[root@localhost ~]#sed -n '71p' /etc/ansible/ansible.cfg 
host_key_checking = False

[root@localhost ~]#echo " " > .ssh/known_hosts 
[root@localhost ~]#cat .ssh/known_hosts 
 
[root@localhost ~]#ansible web -m ping -k
SSH password: 
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
[root@localhost ~]#ansible web -m ping
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
[root@localhost ~]#cat .ssh/known_hosts 
 
192.168.241.22 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFJ0yF0PqvJxGhvSbYYG8cruLD23vFivSgMr3ozmortbWK+P3BoYjpSdhEB3xv/2s1mEzol/aWLd+/qNgdbqTmc=
192.168.241.23 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFNCvnWTWT+7UYGSPzChIOIEvYJk8+OtYDdoiN6DEc222O4Pm0AteuzOGjsgc1La170AhxLWO1DGKDaFCynAwTs=

4.Ansible相关工具

  • /usr/bin/ansible 主程序,临时命令执行工具
  • /usr/bin/ansible-doc 查看配置文档,模块功能查看工具,相当于man ansible-doc -l |grep 关键字 具体模块名字
  • /usr/bin/ansible-playbook 定制自动化任务,编排剧本工具,相当于脚本
  • /usr/bin/ansible-pull 远程执行命令的工具
  • /usr/bin/ansible-vault 文件加密工具
  • /usr/bin/ansible-console 基于Console界面与用户交互的执行工具
  • /usr/bin/ansible-galaxy 下载/上传优秀代码或Roles模块的官网平台

5.Ansible选项

执行临时任务一次性任务

ansible <host-pattern> [-m module_name] [-a args]
命令     主机或者清单中的组 -m 指定模块      -a  执行的任务
选项 含义
--version 显示版本
-m module 指定模块,默认为command
-v 详细过程 -vv -vvv更详细
--list-hosts 显示主机列表,可简写 --list
-C, --check 检查,并不执行
-T, --timeout=TIMEOUT 执行命令的超时时间,默认10s
-k, --ask-pass 提示输入ssh连接密码,默认Key验证
-u, --user=REMOTE_USER 执行远程执行的用户,默认root
-b, --become 代替旧版的sudo 切换
--become-user=USERNAME 指定sudo的runas用户,默认为root vim /etc/sudoers 用户权限
-K, --ask-become-pass 提示输入sudo时的口令
-f FORKS, --forks FORKS 指定并发同时执行ansible任务的主机数
[root@localhost ~]#ansible --version
ansible 2.9.27
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Aug  4 2017, 00:39:18) [GCC 4.8.5 20150623 (Red Hat 4.8.5-16)]

主机列表   支持通配符
ansible all -m ping
#执行一次计划任务  对all组内的主机执行ping命令
ansible "*" -m ping
#执行一次计划任务  对所有主机进行ping命令
ansible 192.168.241.* -m ping
#对192.168.241网段的主机执行ping
ansible "srvs" -m ping
#指定srvs组的主机执行ping
ansible "192.168.241.22 192.168.241.23" -m ping
#执行特定主机执行ping
 
[root@localhost ~]#ansible web --list
  hosts (2):
    192.168.241.22
    192.168.241.23
[root@localhost ~]#ansible all --list
  hosts (5):
    192.168.241.22
    192.168.241.23
    192.168.241.24
    192.168.241.25
    192.168.241.26
 
#或
[root@localhost ~]#ansible 'web:all' --list-hosts
  hosts (5):
    192.168.241.22
    192.168.241.23
    192.168.241.24
    192.168.241.25
    192.168.241.26
#并且
[root@localhost ~]#ansible 'web:&all' --list-hosts
  hosts (2):
    192.168.241.22
    192.168.241.23
#逻辑非
[root@localhost ~]#ansible 'all:!web' --list-hosts
  hosts (3):
    192.168.241.24
    192.168.241.25
    192.168.241.26
#正则表达式
[root@localhost ~]#ansible "~(w|a).*" -m ping -k
SSH password: 
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
192.168.241.24 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
192.168.241.25 | UNREACHABLE! => {
    "changed": false, 
    "msg": "Failed to connect to the host via ssh: ssh: connect to host 192.168.241.25 port 22: No route to host", 
    "unreachable": true
}
192.168.241.26 | UNREACHABLE! => {
    "changed": false, 
    "msg": "Failed to connect to the host via ssh: ssh: connect to host 192.168.241.26 port 22: No route to host", 
    "unreachable": true
}

[root@localhost ~]#ansible web -a "sleep 3" -f1
192.168.241.22 | CHANGED | rc=0 >>
 
192.168.241.23 | CHANGED | rc=0 >>
 
[root@localhost ~]#ansible web -a "sleep 3" -f4
192.168.241.22 | CHANGED | rc=0 >>
 
192.168.241.23 | CHANGED | rc=0 >>

-f1 一台一台的执行操作 -f并行执行

[root@localhost ~]#ansible web -a "sleep 300" -f1
192.168.241.22 | CHANGED | rc=0 >>
 
192.168.241.23 | CHANGED | rc=0 >>

[root@node2 ~]#ls -a
.                .bash_profile  Desktop               .local    Templates
..               .bashrc        Documents             Music     Videos
anaconda-ks.cfg  .cache         Downloads             Pictures  .viminfo
.ansible         .config        .esd_auth             Public    .Xauthority
.bash_history    .cshrc         .ICEauthority         .ssh
.bash_logout     .dbus          initial-setup-ks.cfg  .tcshrc
[root@node2 ~]#tree .ansible/
.ansible/
└── tmp
    └── ansible-tmp-1710222280.45-5420-206640600379694
        └── AnsiballZ_command.py
 
2 directories, 1 file

[root@node2 ~]#tree .ansible/
.ansible/
└── tmp
 
1 directory, 0 files

如果执行休眠300秒的话,远端主机会有一个py的脚本存在,执行结束后,脚本就自动删除脚本

[root@localhost ~]#ansible web -a "touch /opt/cxk" -v
Using /etc/ansible/ansible.cfg as config file
[WARNING]: Consider using the file module with state=touch rather than running
'touch'.  If you need to use command because file is insufficient you can add
'warn: false' to this command task or set 'command_warnings=False' in
ansible.cfg to get rid of this message.
192.168.241.23 | CHANGED | rc=0 >>
 
192.168.241.22 | CHANGED | rc=0 >>

[root@node2 ~]#ls /opt
apache-tomcat-9.0.16.tar.gz  cxk  jdk-8u291-linux-x64.tar.gz

[root@node3 ~]#ls /opt
apache-tomcat-9.0.16.tar.gz  cxk  jdk-8u291-linux-x64.tar.gz

Ansible命令执行过程

  1. 加载自己的配置文件,默认/etc/ansible/ansible.cfg
  2. 加载自己对应的模块文件,如:command
  3. 通过ansible将模块或命令生成对应的临时py文件,并将该文件传输至远程服务器的对应执行用户($HOME/.ansible/tmp/ansible-tmp-数字/XXX.PY文件)
  4. 给文件+x执行
  5. 执行并返回结果
  6. 删除临时py文件,退出

6.执行返回结果

vim /etc/ansible/ansible.cfg 
[colors]
#highlight = white
#verbose = blue
#warn = bright purple
#error = red
#debug = dark gray
#deprecate = purple
#skip = cyan
#unreachable = red
#ok = green
#changed = yellow
#diff_add = green
  • 绿色:执行成功并且不需要做改变的操作
  • 黄色:执行成功并且对目标主机做变更
  • 红色:执行失败

7.Ansible-doc

[root@localhost ~]#ansible-doc
#可以查看所有支持的模块
usage: ansible-doc [-h] [--version] [-v] [-M MODULE_PATH]
                   [--playbook-dir BASEDIR]
                   [-t {become,cache,callback,cliconf,connection,httpapi,inventory,lookup,netconf,shell,module,strategy,vars}]
                   [-j] [-F | -l | -s | --metadata-dump]
                   [plugin [plugin ...]]
 
plugin documentation tool
 
positional arguments:
  plugin                Plugin
 
optional arguments:
  --metadata-dump       **For internal testing only** Dump json metadata for
                        all plugins.
  --playbook-dir BASEDIR
                        Since this tool does not use playbooks, use this as a
                        substitute playbook directory.This sets the relative
                        path for many features including roles/ group_vars/
                        etc.
  --version             show program's version number, config file location,
                        configured module search path, module location,
                        executable location and exit
  -F, --list_files      Show plugin names and their source files without
                        summaries (implies --list)
  -M MODULE_PATH, --module-path MODULE_PATH
                        prepend colon-separated path(s) to module library (def
                        ault=~/.ansible/plugins/modules:/usr/share/ansible/plu
                        gins/modules)
  -h, --help            show this help message and exit
  -j, --json            Change output into json format.
  -l, --list            List available plugins
  -s, --snippet         Show playbook snippet for specified plugin(s)
  -t {become,cache,callback,cliconf,connection,httpapi,inventory,lookup,netconf,shell,module,strategy,vars}, --type {become,cache,callback,cliconf,connection,httpapi,inventory,lookup,netconf,shell,module,strategy,vars}
                        Choose which plugin type (defaults to "module").
                        Available plugin types are : ('become', 'cache',
                        'callback', 'cliconf', 'connection', 'httpapi',
                        'inventory', 'lookup', 'netconf', 'shell', 'module',
                        'strategy', 'vars')
  -v, --verbose         verbose mode (-vvv for more, -vvvv to enable
                        connection debugging)
See man pages for Ansible CLI options or website for tutorials
https://docs.ansible.com
ERROR! Incorrect options passed
[root@localhost ~]#ansible-doc -l|wc -l
3387
#共有3387个模块
[root@localhost ~]#ansible-doc ping
#可以查看指定模块
[root@localhost ~]#ansible-doc -s ping
#查看简单模块
- name: Try to connect to host, verify a usable python and return `pong' on s
  ping:
      data:                  # Data to return for the `ping' return value. If
                               this parameter is
                               set to `crash',
                               the module will
                               cause an
                               exception.
[root@localhost ~]#ansible-doc file
#幂等性,安全性,自己写脚本

8. Ansible-console

此工具可交互执行命令,支持tab,ansible 2.0+新增

执行用户@当前操作的主机组 (当前组的主机数量)[f:并发数]$
命令 含义
forks n(forks 10) 设置并发数
cd 主机组(cd web) 切换组
list 列出当前组主机列表
?或help 列出所有的内置命令
[root@localhost ~]#ansible-console
Welcome to the ansible console.
Type help or ? to list commands.
 
root@all (5)[f:5]$ list
192.168.241.22
192.168.241.23
192.168.241.24
192.168.241.25
192.168.241.26
root@all (5)[f:5]$ cd web
root@web (2)[f:5]$ list
192.168.241.22
192.168.241.23
root@web (2)[f:5]$ ping
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
root@web (2)[f:5]$ 

四、模块

2015年底270多个模块,2016年达到540个,2018年01月12日有1378个模块,2018年07月15日1852个模块,2019年05月25日(ansible 2.7.10)时2080个模块,2020年03月02日有3387个模块虽然模块众多,但最常用的模块也就2,30个而已,针对特定业务只用10几个模块

常用模块帮助文档参考:

https://docs.ansible.com/ansible/2.9/modules/modules_by_category.html

https://docs.ansible.com/ansible/2.9/modules/list_of_all_modules.html

https://docs.ansible.com/ansible/latest/modules/list_of_all_modules.html

https://docs.ansible.com/ansible/latest/modules/modules_by_category.html

1.Command 模块

功能:在远程主机执行命令,此为默认模块,可忽略 -m 选项

注意:此命令不支持 $VARNAME < > | ; & 等,可能用shell模块实现

注意:此模块不具有幂等性

[root@localhost ~]#ansible web -m command -a "cp /etc/passwd /opt"
192.168.241.22 | CHANGED | rc=0 >>
 
192.168.241.23 | CHANGED | rc=0 >>

[root@node2 ~]#ls /opt
passwd

[root@localhost ~]#ansible web -a "echo hello world > /opt/hello"
192.168.241.22 | CHANGED | rc=0 >>
hello world > /opt/hello
192.168.241.23 | CHANGED | rc=0 >>
hello world > /opt/hello

Command模块不支持重定向;如果想支持重定向可以使用shell模块

2.Shell 模块

功能:和command相似,用shell执行命令,支持各种符号,比如:*,$, >

注意:此模块不具有幂等性

[root@localhost ~]#ansible web -m shell -a "echo hello world > /opt/hello"
192.168.241.23 | CHANGED | rc=0 >>
 
192.168.241.22 | CHANGED | rc=0 >>

[root@node2 ~]#ls /opt
hello  passwd
[root@node2 ~]#cat /opt/hello 
hello world

可以通过修改默认模块,来支持shell模块

[root@localhost ~]#vim /etc/ansible/ansible.cfg 

3.Script 模块

功能:在远程主机上运行ansible服务器上的脚本(无需执行权限)

注意:此模块不具有幂等性

[root@localhost ~]#vim test.sh
[root@localhost ~]#cat test.sh 
#!/bin/bash
echo "hello world"
[root@localhost ~]#ansible web -m script -a "~/test.sh"
192.168.241.22 | CHANGED => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 192.168.241.22 closed.\r\n", 
    "stderr_lines": [
        "Shared connection to 192.168.241.22 closed."
    ], 
    "stdout": "hello world\r\n", 
    "stdout_lines": [
        "hello world"
    ]
}
192.168.241.23 | CHANGED => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 192.168.241.23 closed.\r\n", 
    "stderr_lines": [
        "Shared connection to 192.168.241.23 closed."
    ], 
    "stdout": "hello world\r\n", 
    "stdout_lines": [
        "hello world"
    ]
}

[root@localhost ~]#vim test.sh 
[root@localhost ~]#ll test.sh 
-rw-r--r-- 1 root root 27 3月  12 14:59 test.sh
[root@localhost ~]#ansible web -m script -a "~/test.sh"
192.168.241.22 | CHANGED => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 192.168.241.22 closed.\r\n", 
    "stderr_lines": [
        "Shared connection to 192.168.241.22 closed."
    ], 
    "stdout": "", 
    "stdout_lines": []
}
192.168.241.23 | CHANGED => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 192.168.241.23 closed.\r\n", 
    "stderr_lines": [
        "Shared connection to 192.168.241.23 closed."
    ], 
    "stdout": "", 
    "stdout_lines": []
}

[root@node2 ~]#ls /opt

cxk hello passwd

4.Copy 模块

功能:从ansible服务器主控端复制文件到远程主机

注意: src=file 如果是没指明路径,则为当前目录或当前目录下的files目录下的file文件

关键字

  • src 代表源文件路径

  • dest 代表文件落地路径

  • owner 属主

  • group 属组

  • mode 代表权限

  • backup 如果复制时有同名文件会先备份再复制

    [root@localhost ~]#ansible web -m copy -a "src=/etc/fstab dest=/opt/ owner=ghd group=ghd mode=644"
    192.168.241.22 | CHANGED => {
    "ansible_facts": {
    "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "checksum": "0a8f7ec11a7ba2691809e9c6c79137d24b91187f",
    "dest": "/opt/fstab",
    "gid": 1000,
    "group": "ghd",
    "md5sum": "231ccf5a7234d4f3c0f0a30e98fcb19c",
    "mode": "0644",
    "owner": "ghd",
    "secontext": "system_u:object_r:usr_t:s0",
    "size": 465,
    "src": "/root/.ansible/tmp/ansible-tmp-1710227335.94-6918-138458584116423/source",
    "state": "file",
    "uid": 1000
    }
    192.168.241.23 | CHANGED => {
    "ansible_facts": {
    "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "checksum": "0a8f7ec11a7ba2691809e9c6c79137d24b91187f",
    "dest": "/opt/fstab",
    "gid": 1002,
    "group": "ghd",
    "mode": "0644",
    "owner": "ghd",
    "path": "/opt/fstab",
    "secontext": "system_u:object_r:usr_t:s0",
    "size": 465,
    "state": "file",
    "uid": 1002
    }

    [root@node2 ~]#ls /opt
    fstab cxk hello passwd
    [root@node2 ~]#cat /opt/fstab

    /etc/fstab

    Created by anaconda on Tue Dec 19 00:11:27 2023

    Accessible filesystems, by reference, are maintained under '/dev/disk'

    See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info

    /dev/mapper/centos-root / xfs defaults 0 0
    UUID=0ebf43c7-c647-4e61-ab4f-cf6c64fb6a0c /boot xfs defaults 0 0
    /dev/mapper/centos-swap swap swap defaults 0 0
    [root@node2 ~]#ll /opt/fstab
    -rw-r--r--. 1 ghd ghd 465 Mar 12 03:08 /opt/fstab

backup

[root@localhost ~]#vim test.sh 
[root@localhost ~]#cat test.sh 
#!/bin/bash
touch /opt/cxk
123123
[root@localhost ~]#ansible web -m copy -a "src=~/test.sh dest=/opt/ owner=ghd group=ghd mode=777"
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "0d1614b01219096a6a8c827827ead953ddaff014", 
    "dest": "/opt/test.sh", 
    "gid": 1002, 
    "group": "ghd", 
    "md5sum": "fb8c0738d3c09da20924bc6b632eb7e7", 
    "mode": "0777", 
    "owner": "ghd", 
    "secontext": "system_u:object_r:usr_t:s0", 
    "size": 34, 
    "src": "/root/.ansible/tmp/ansible-tmp-1710228145.96-7404-18496525191031/source", 
    "state": "file", 
    "uid": 1002
}
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "0d1614b01219096a6a8c827827ead953ddaff014", 
    "dest": "/opt/test.sh", 
    "gid": 1000, 
    "group": "ghd", 
    "md5sum": "fb8c0738d3c09da20924bc6b632eb7e7", 
    "mode": "0777", 
    "owner": "ghd", 
    "secontext": "system_u:object_r:usr_t:s0", 
    "size": 34, 
    "src": "/root/.ansible/tmp/ansible-tmp-1710228145.95-7402-249014437514833/source", 
    "state": "file", 
    "uid": 1000
}

[root@node2 ~]#ls /opt
test.sh
[root@node2 ~]#cat /opt/test.sh 
#!/bin/bash
touch /opt/cxk
123123

[root@localhost ~]#vim test.sh 
[root@localhost ~]#cat test.sh 
#!/bin/bash
touch /opt/cxk
123123
123123123123
[root@localhost ~]#ansible web -m copy -a "src=~/test.sh dest=/opt/ owner=ghd group=ghd mode=777 backup=yes"
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup_file": "/opt/test.sh.8274.2024-03-12@03:23:19~", 
    "changed": true, 
    "checksum": "8908a5fb0ed0bf37176a2179267c7425256cae67", 
    "dest": "/opt/test.sh", 
    "gid": 1000, 
    "group": "ghd", 
    "md5sum": "c2be730d6da7cdf3ad9c0bc3c865868f", 
    "mode": "0777", 
    "owner": "ghd", 
    "secontext": "system_u:object_r:usr_t:s0", 
    "size": 47, 
    "src": "/root/.ansible/tmp/ansible-tmp-1710228198.82-7515-126408936780150/source", 
    "state": "file", 
    "uid": 1000
}
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup_file": "/opt/test.sh.7980.2024-03-12@23:23:18~", 
    "changed": true, 
    "checksum": "8908a5fb0ed0bf37176a2179267c7425256cae67", 
    "dest": "/opt/test.sh", 
    "gid": 1002, 
    "group": "ghd", 
    "md5sum": "c2be730d6da7cdf3ad9c0bc3c865868f", 
    "mode": "0777", 
    "owner": "ghd", 
    "secontext": "system_u:object_r:usr_t:s0", 
    "size": 47, 
    "src": "/root/.ansible/tmp/ansible-tmp-1710228198.83-7517-181272217391761/source", 
    "state": "file", 
    "uid": 1002
}

[root@node2 ~]#ls /opt
test.sh  test.sh.8274.2024-03-12@03:23:19~
[root@node2 ~]#cat /opt/test.sh 
#!/bin/bash
touch /opt/cxk
123123
123123123123

源文件变动后 会有如果复制时有同名文件会先备份再复制

ansible web -m copy -a "src=/etc dest=/backup"
ansible web -m copy -a "src=/etc/ dest=/backup"
 
 
etc  	不加  	/   	连etc  一起复制  etc会变成子目录
etc   	加  		/	   	只复制etc下的文件  把etc下的文件夹改名为 bakckup

[root@localhost ~]#ansible web -m copy -a "content='test line1\ntest line2\n' dest=/tmp/test.txt"
#指定内容,直接生成目标文件
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "bbd9f88cdd0202dc851c4ff635538e652c48da02", 
    "dest": "/tmp/test.txt", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "d913c48ee3f663f1e1f2e626aefa7fa9", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:admin_home_t:s0", 
    "size": 22, 
    "src": "/root/.ansible/tmp/ansible-tmp-1710229571.89-44664-73626291238432/source", 
    "state": "file", 
    "uid": 0
}
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "bbd9f88cdd0202dc851c4ff635538e652c48da02", 
    "dest": "/tmp/test.txt", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "d913c48ee3f663f1e1f2e626aefa7fa9", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:admin_home_t:s0", 
    "size": 22, 
    "src": "/root/.ansible/tmp/ansible-tmp-1710229571.89-44666-244732855127428/source", 
    "state": "file", 
    "uid": 0
}

[root@node2 opt]#cat /tmp/test.txt 
test line1
test line2

5.Get_url 模块

功能: 用于将文件从http、https或ftp下载到被管理机节点上

[root@localhost ~]#ansible web -m get_url -a "url=https://nginx.org/download/nginx-1.18.0.tar.gz dest=/opt"
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum_dest": null, 
    "checksum_src": "47b2c5ccd12e2a7088b03d629ff6b9ab18215180", 
    "dest": "/opt/nginx-1.18.0.tar.gz", 
    "elapsed": 103, 
    "gid": 0, 
    "group": "root", 
    "md5sum": "b2d33d24d89b8b1f87ff5d251aa27eb8", 
    "mode": "0644", 
    "msg": "OK (1039530 bytes)", 
    "owner": "root", 
    "secontext": "system_u:object_r:usr_t:s0", 
    "size": 1039530, 
    "src": "/root/.ansible/tmp/ansible-tmp-1710229702.93-44730-43314050926576/tmpQjPDrw", 
    "state": "file", 
    "status_code": 200, 
    "uid": 0, 
    "url": "https://nginx.org/download/nginx-1.18.0.tar.gz"
}
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum_dest": null, 
    "checksum_src": "47b2c5ccd12e2a7088b03d629ff6b9ab18215180", 
    "dest": "/opt/nginx-1.18.0.tar.gz", 
    "elapsed": 111, 
    "gid": 0, 
    "group": "root", 
    "md5sum": "b2d33d24d89b8b1f87ff5d251aa27eb8", 
    "mode": "0644", 
    "msg": "OK (1039530 bytes)", 
    "owner": "root", 
    "secontext": "system_u:object_r:usr_t:s0", 
    "size": 1039530, 
    "src": "/root/.ansible/tmp/ansible-tmp-1710229702.9-44728-46949300097557/tmpXkjqHv", 
    "state": "file", 
    "status_code": 200, 
    "uid": 0, 
    "url": "https://nginx.org/download/nginx-1.18.0.tar.gz"
}

[root@node2 opt]#ls
nginx-1.18.0.tar.gz
5.1md5sum
[root@node2 opt]#md5sum nginx-1.18.0.tar.gz 
b2d33d24d89b8b1f87ff5d251aa27eb8  nginx-1.18.0.tar.gz

可以根据md5sum值来对比下载的软件包是否被修改过源码,或者是否植入了病毒

wget https://nginx.org/download/nginx-1.18.0.tar.gz
md5sum nginx-1.18.0.tar.gz
ansible web -m get_url -a 'url=https://nginx.org/download/nginx-1.18.0.tar.gz dest=/opt checksum="md5:3ca4a37931e9fa301964b8ce889da8cb"'
  • url: 下载文件的URL,支持HTTP,HTTPS或FTP协议
  • dest:下载到目标路径(绝对路径),如果目标是一个目录,就用服务器上面文件的名称,如果目标设置了名称就用目标设置的名称
  • owner:指定属主
  • group:指定属组
  • mode:指定权限
  • force:如果yes,dest不是目录,将每次下载文件,如果内容改变,替换文件。如果否,则只有在目标不存在时才会下载该文件
  • checksum:对目标文件在下载后计算摘要,以确保其完整性
  • url_username:用于HTTP基本认证的用户名。对于允许空密码的站点,此参数可以不使用`url_password'
  • url_password:用于HTTP基本认证的密码。如果未指定`url_username'参数,则不会使用`url_password'参数
  • validate_certs:如果"no",SSL证书将不会被验证。适用于自签名证书在私有网站上使用
  • timeout: URL请求的超时时间,秒为单位
5.2修改名称
[root@localhost ~]#ansible web -m get_url -a "url=https://nginx.org/download/nginx-1.18.0.tar.gz dest=/opt/nginx"
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum_dest": null, 
    "checksum_src": "47b2c5ccd12e2a7088b03d629ff6b9ab18215180", 
    "dest": "/opt/nginx", 
    "elapsed": 2, 
    "gid": 0, 
    "group": "root", 
    "md5sum": "b2d33d24d89b8b1f87ff5d251aa27eb8", 
    "mode": "0644", 
    "msg": "OK (1039530 bytes)", 
    "owner": "root", 
    "secontext": "system_u:object_r:usr_t:s0", 
    "size": 1039530, 
    "src": "/root/.ansible/tmp/ansible-tmp-1710229996.86-44818-609181738931/tmphM5N4q", 
    "state": "file", 
    "status_code": 200, 
    "uid": 0, 
    "url": "https://nginx.org/download/nginx-1.18.0.tar.gz"
}
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum_dest": null, 
    "checksum_src": "47b2c5ccd12e2a7088b03d629ff6b9ab18215180", 
    "dest": "/opt/nginx", 
    "elapsed": 4, 
    "gid": 0, 
    "group": "root", 
    "md5sum": "b2d33d24d89b8b1f87ff5d251aa27eb8", 
    "mode": "0644", 
    "msg": "OK (1039530 bytes)", 
    "owner": "root", 
    "secontext": "system_u:object_r:usr_t:s0", 
    "size": 1039530, 
    "src": "/root/.ansible/tmp/ansible-tmp-1710229996.88-44820-143263033525380/tmpst830i", 
    "state": "file", 
    "status_code": 200, 
    "uid": 0, 
    "url": "https://nginx.org/download/nginx-1.18.0.tar.gz"
}

[root@node2 opt]#ls
nginx  nginx-1.18.0.tar.gz

6.Fetch 模块

功能:从远程主机提取文件至ansible的主控端,copy相反,目前不支持目录

只能传文件 文件夹不支持 (文件夹需要打包成压缩包传输)

[root@localhost ~]#ansible web -m fetch -a 'src=/etc/passwd dest=/opt'
192.168.241.23 | CHANGED => {
    "changed": true, 
    "checksum": "7e3ac5475ddaad6b864911f0cd0b1f25fe04cd1e", 
    "dest": "/opt/192.168.241.23/etc/passwd", 
    "md5sum": "9a030d4bf488b35b673152d29b04b08d", 
    "remote_checksum": "7e3ac5475ddaad6b864911f0cd0b1f25fe04cd1e", 
    "remote_md5sum": null
}
192.168.241.22 | CHANGED => {
    "changed": true, 
    "checksum": "5c66c1bf80e2d40906b7b2aaf5d24262aa52f600", 
    "dest": "/opt/192.168.241.22/etc/passwd", 
    "md5sum": "02b1e96833a784acec8560cacf189b06", 
    "remote_checksum": "5c66c1bf80e2d40906b7b2aaf5d24262aa52f600", 
    "remote_md5sum": null
}

[root@localhost ~]#tree /opt
/opt
├── 192.168.241.22
│   └── etc
│       └── passwd
├── 192.168.241.23
│   └── etc
│       └── passwd
└── rh
 
5 directories, 2 files

7.File 模块

功能:设置文件属性,创建软链接等

关键字

  • path 指定文件路径
  • state 文件状态 有:新建(touch) 删除(absent) 文件夹(directory) 连接文件(link)等
  • src 源文件
  • mode 权限
  • owner 属主
  • group 属组
  • recurse 递归
7.1新建空文件
[root@localhost opt]#ansible web -m file -a "path=/opt/cxk state=touch mode=644 owner=ghd group=ghd"
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/opt/cxk", 
    "gid": 1002, 
    "group": "ghd", 
    "mode": "0644", 
    "owner": "ghd", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 1002
}
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/opt/cxk", 
    "gid": 1000, 
    "group": "ghd", 
    "mode": "0644", 
    "owner": "ghd", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 1000
}

[root@node2 opt]#ls
cxk  nginx  nginx-1.18.0.tar.gz
7.2新建目录
[root@localhost opt]#ansible web -m file -a 'path=/opt/web state=directory'
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/opt/web", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/opt/web", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}

[root@node2 opt]#ls
cxk  nginx  nginx-1.18.0.tar.gz  web
[root@node2 opt]#ll
total 2032
-rw-r--r--. 1 ghd  ghd        0 Mar 12 04:02 cxk
-rw-r--r--. 1 root root 1039530 Mar 12 03:53 nginx
-rw-r--r--. 1 root root 1039530 Mar 12 03:50 nginx-1.18.0.tar.gz
drwxr-xr-x. 2 root root       6 Mar 12 04:04 web
7.3删除文件
[root@localhost opt]#ansible web -m file -a 'path=/opt/web/ state=absent'
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/opt/web/", 
    "state": "absent"
}
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/opt/web/", 
    "state": "absent"
}
7.4递归修改目录属性
bash 复制代码
[root@localhost opt]#ansible web -m file -a "path=/opt state=directory owner=ghd group=ghd"
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 1002, 
    "group": "ghd", 
    "mode": "0755", 
    "owner": "ghd", 
    "path": "/opt", 
    "secontext": "system_u:object_r:usr_t:s0", 
    "size": 57, 
    "state": "directory", 
    "uid": 1002
}
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 1000, 
    "group": "ghd", 
    "mode": "0755", 
    "owner": "ghd", 
    "path": "/opt", 
    "secontext": "system_u:object_r:usr_t:s0", 
    "size": 57, 
    "state": "directory", 
    "uid": 1000
}
bash 复制代码
[root@node2 opt]#ll /
drwxr-xr-x.   2 ghd  ghd    57 Mar 12 04:05 opt
bash 复制代码
[root@localhost opt]#ansible web -m file -a "path=/opt/aa/bb/cc state=directory"
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/opt/aa/bb/cc", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/opt/aa/bb/cc", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}
bash 复制代码
[root@node3 opt]#tree aa/
aa/
└── bb
    └── cc
 
2 directories, 0 files

删除的话,只删除了cc

bash 复制代码
[root@localhost opt]#ansible web -m file -a "path=/opt/aa/bb/cc state=absent"
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/opt/aa/bb/cc", 
    "state": "absent"
}
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/opt/aa/bb/cc", 
    "state": "absent"
}
bash 复制代码
[root@node2 opt]#tree aa/
aa/
└── bb
 
1 directory, 0 files

8.State 模块

功能:检查文件或文件系统的状态

注意:对于Windows目标,请改用win_stat模块

选项:path:文件/对象的完整路径(必须)

exists: 判断是否存在

isuid: 调用用户的ID与所有者ID是否匹配

bash 复制代码
[root@localhost opt]#ansible web -m stat -a 'path=/opt/aa/'
#查看文件是否存在
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "stat": {
        "atime": 1710260184.7045586, 
        "attr_flags": "", 
        "attributes": [], 
        "block_size": 4096, 
        "blocks": 0, 
        "charset": "binary", 
        "ctime": 1710259864.3275952, 
        "dev": 64768, 
        "device_type": 0, 
        "executable": true, 
        "exists": true, 
        "gid": 0, 
        "gr_name": "root", 
        "inode": 68775287, 
        "isblk": false, 
        "ischr": false, 
        "isdir": true, 
        "isfifo": false, 
        "isgid": false, 
        "islnk": false, 
        "isreg": false, 
        "issock": false, 
        "isuid": false, 
        "mimetype": "inode/directory", 
        "mode": "0755", 
        "mtime": 1710259864.3275952, 
        "nlink": 3, 
        "path": "/opt/aa/", 
        "pw_name": "root", 
        "readable": true, 
        "rgrp": true, 
        "roth": true, 
        "rusr": true, 
        "size": 16, 
        "uid": 0, 
        "version": "18446744073393648841", 
        "wgrp": false, 
        "woth": false, 
        "writeable": true, 
        "wusr": true, 
        "xgrp": true, 
        "xoth": true, 
        "xusr": true
    }
}
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "stat": {
        "atime": 1710231180.964472, 
        "attr_flags": "", 
        "attributes": [], 
        "block_size": 4096, 
        "blocks": 0, 
        "charset": "binary", 
        "ctime": 1710231172.5894346, 
        "dev": 64768, 
        "device_type": 0, 
        "executable": true, 
        "exists": true, 
        "gid": 0, 
        "gr_name": "root", 
        "inode": 2403489, 
        "isblk": false, 
        "ischr": false, 
        "isdir": true, 
        "isfifo": false, 
        "isgid": false, 
        "islnk": false, 
        "isreg": false, 
        "issock": false, 
        "isuid": false, 
        "mimetype": "inode/directory", 
        "mode": "0755", 
        "mtime": 1710231172.5894346, 
        "nlink": 3, 
        "path": "/opt/aa/", 
        "pw_name": "root", 
        "readable": true, 
        "rgrp": true, 
        "roth": true, 
        "rusr": true, 
        "size": 16, 
        "uid": 0, 
        "version": "2110318447", 
        "wgrp": false, 
        "woth": false, 
        "writeable": true, 
        "wusr": true, 
        "xgrp": true, 
        "xoth": true, 
        "xusr": true
    }
}

9.Unarchive 模块

功能:解包解压缩

实现有两种用法:

  • 将ansible主机上的压缩包传到远程主机后解压缩至特定目录,设置copy=yes,此为默认值,可省略
  • 将远程主机上的某个压缩包解压缩到指定路径下,设置copy=no

常见参数:

  • copy:默认为yes,当copy=yes,拷贝的文件是从ansible主机复制到远程主机上,如果设置为copy=no,会在远程主机上寻找src源文件
  • remote_src:和copy功能一样且互斥,yes表示在远程主机,不在ansible主机,no表示文件在ansible主机上
  • src:源路径,可以是ansible主机上的路径,也可以是远程主机(被管理端或者第三方主机)上的路径,如果是远程主机上的路径,则需要设置copy=no
  • dest:远程主机上的目标路径
  • mode:设置解压缩后的文件权限
9.1把本机的压缩包解压到远端主机
bash 复制代码
[root@localhost opt]#cp /etc/passwd /etc/shadow .
[root@localhost opt]#ls
passwd  shadow
[root@localhost opt]#tar zcvf user.tar.gz *
passwd
shadow
[root@localhost opt]#ls
passwd  shadow  user.tar.gz
[root@localhost opt]#ansible web -m unarchive -a "src=/opt/user.tar.gz dest=/opt"
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/opt", 
    "extract_results": {
        "cmd": [
            "/usr/bin/gtar", 
            "--extract", 
            "-C", 
            "/opt", 
            "-z", 
            "-f", 
            "/root/.ansible/tmp/ansible-tmp-1710232216.08-45753-7227623148723/source"
        ], 
        "err": "", 
        "out": "", 
        "rc": 0
    }, 
    "gid": 1000, 
    "group": "ghd", 
    "handler": "TgzArchive", 
    "mode": "0755", 
    "owner": "ghd", 
    "secontext": "system_u:object_r:usr_t:s0", 
    "size": 44, 
    "src": "/root/.ansible/tmp/ansible-tmp-1710232216.08-45753-7227623148723/source", 
    "state": "directory", 
    "uid": 1000
}
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/opt", 
    "extract_results": {
        "cmd": [
            "/usr/bin/gtar", 
            "--extract", 
            "-C", 
            "/opt", 
            "-z", 
            "-f", 
            "/root/.ansible/tmp/ansible-tmp-1710232216.09-45755-96624297311254/source"
        ], 
        "err": "", 
        "out": "", 
        "rc": 0
    }, 
    "gid": 1002, 
    "group": "ghd", 
    "handler": "TgzArchive", 
    "mode": "0755", 
    "owner": "ghd", 
    "secontext": "system_u:object_r:usr_t:s0", 
    "size": 104, 
    "src": "/root/.ansible/tmp/ansible-tmp-1710232216.09-45755-96624297311254/source", 
    "state": "directory", 
    "uid": 1002
}
bash 复制代码
[root@node2 opt]#ls
aa  passwd  shadow
9.2把远端主机的压缩包解压到指定目录
bash 复制代码
[root@localhost opt]#ansible web -m unarchive -a "src=/opt/nginx-1.18.0.tar.gz dest=/opt copy=no"
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/opt", 
    "extract_results": {
        "cmd": [
            "/usr/bin/gtar", 
            "--extract", 
            "-C", 
            "/opt", 
            "-z", 
            "-f", 
            "/opt/nginx-1.18.0.tar.gz"
        ], 
        "err": "", 
        "out": "", 
        "rc": 0
    }, 
    "gid": 1000, 
    "group": "ghd", 
    "handler": "TgzArchive", 
    "mode": "0755", 
    "owner": "ghd", 
    "secontext": "system_u:object_r:usr_t:s0", 
    "size": 91, 
    "src": "/opt/nginx-1.18.0.tar.gz", 
    "state": "directory", 
    "uid": 1000
}
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/opt", 
    "extract_results": {
        "cmd": [
            "/usr/bin/gtar", 
            "--extract", 
            "-C", 
            "/opt", 
            "-z", 
            "-f", 
            "/opt/nginx-1.18.0.tar.gz"
        ], 
        "err": "", 
        "out": "", 
        "rc": 0
    }, 
    "gid": 1002, 
    "group": "ghd", 
    "handler": "TgzArchive", 
    "mode": "0755", 
    "owner": "ghd", 
    "secontext": "system_u:object_r:usr_t:s0", 
    "size": 124, 
    "src": "/opt/nginx-1.18.0.tar.gz", 
    "state": "directory", 
    "uid": 1002
}
bash 复制代码
[root@node2 opt]#ls
aa  nginx-1.18.0  nginx-1.18.0.tar.gz  passwd  shadow

10.Archive 模块

功能:打包压缩保存在被管理节点

压缩远端主机上的指定内容到远端主机上(只对远端有效)

bash 复制代码
11.Hostname 模块
功能:管理主机名
bash 复制代码
[root@node2 opt]#ls /mnt/
all.tar.bz2

11.Hostname 模块

功能:管理主机名

bash 复制代码
ansible web -m hostname -a 'name=node3 '
#一般不使用此模块,主机名会一致

12.Cron 模块

功能:计划任务

支持时间:minute,hour,day,month,weekday

关键字:

  • name 会生成一行注释,显示标题如下显示
  • job 执行的命令
12.1生成远端主机的定时计划
bash 复制代码
[root@localhost opt]#ansible 192.168.241.22 -m cron -a 'hour=*/2 weekday=1-5 name="backup mysql" job=/opt/mysql_backup.sh'
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "backup mysql"
    ]
}
bash 复制代码
[root@node2 opt]#crontab -l
#Ansible: backup mysql
* */2 * * 1-5 /opt/mysql_backup.sh
12.2disabled------不启用

disabled=yes

bash 复制代码
[root@localhost opt]#ansible 192.168.241.22 -m cron -a 'hour=*/2 weekday=1-5 name="backup mysql" job=/opt/mysql_backup.sh disabled=yes'
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "backup mysql"
    ]
}
bash 复制代码
[root@node2 opt]#crontab -l
#Ansible: backup mysql
#* */2 * * 1-5 /opt/mysql_backup.sh

disabled=no

bash 复制代码
[root@localhost opt]#ansible 192.168.241.22 -m cron -a 'hour=*/2 weekday=1-5 name="backup mysql" job=/opt/mysql_backup.sh disabled=no'
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "backup mysql"
    ]
}
bash 复制代码
[root@node2 opt]#crontab -l
#Ansible: backup mysql
* */2 * * 1-5 /opt/mysql_backup.sh
12.3删除计划任务
bash 复制代码
[root@localhost opt]#ansible 192.168.241.22 -m cron -a "name='backup mysql' state=absent"
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": []
}
bash 复制代码
[root@node2 opt]#crontab -l
[root@node2 opt]#

13.Yum和Apt 模块

功能:yum 管理软件包,只支持RHEL,CentOS,fedora,不支持Ubuntu其它版本apt 模块管理 Debian 相关版本的软件包

关键字

  • name   所安装的包的名称
  • state    present--->安装, latest--->安装最新的, absent---> 卸载软件。
  • update_cache   强制更新yum的缓存
  • conf_file   指定远程yum安装时所依赖的配置文件(安装本地已有的包)。
  • disable_pgp_check  是否禁止GPG checking,只用于presentor latest。
  • disablerepo   临时禁止使用yum库。 只用于安装或更新时。
  • enablerepo   临时使用的yum库。只用于安装或更新时

示例:

bash 复制代码
[root@localhost opt]#ansible web -m yum -a 'name=httpd state=present'
#yum安装httpd
ansible websrvs -m yum -a 'name=nginx state=present enablerepo=epel'
#启用epel源
进行安装
ansible websrvs -m yum -a 'name=* state=lastest exclude=kernel*,foo*'
#升级除kernel和foo开头以外的所有包
ansible websrvs -m yum -a 'name=httpd state=absent'
#删除
bash 复制代码
[root@node2 opt]#rpm -q httpd
httpd-2.4.6-99.el7.centos.1.x86_64

14.yum_repository 模块

功能:建立yum仓库模块

  • name参数:必须参数,用于指定要操作的唯一的仓库ID,也就是".repo"配置文件中每个仓库对应的"中括号"内的仓库ID。
  • baseurl参数:此参数用于设置 yum 仓库的 baseurl。
  • description参数:此参数用于设置仓库的注释信息,也就是".repo"配置文件中每个仓库对应的"name字段"对应的内容。
  • file参数:此参数用于设置仓库的配置文件名称,即设置".repo"配置文件的文件名前缀,在不使用此参数的情况下,默认以 name 参数的仓库ID作为".repo"配置文件的文件名前缀,同一个".repo" 配置文件中 可以存在多个 yum 源。
  • enabled参数:此参数用于设置是否激活对应的 yum 源,此参数默认值为 yes,表示启用对应的 yum 源,设置为 no 表示不启用对应的 yum 源。
  • gpgcheck参数:此参数用于设置是否开启 rpm 包验证功能,默认值为 no,表示不启用包验证,设置为 yes 表示开启包验证功能。
  • gpgcakey参数:当gpgcheck 参数设置为 yes 时,需要使用此参数指定验证包所需的公钥。
  • state参数:默认值为 present,当值设置为absent 时,表示删除对应的 yum 源。
bash 复制代码
[root@localhost opt]#ansible web -m yum_repository -a 'name=epel description=epel  baseurl=https://download.fedoraproject.org/pub/epel/$releasever/$basearch/ gpgcheck=no file=epel'
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "repo": "epel", 
    "state": "present"
}
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "repo": "epel", 
    "state": "present"
}
bash 复制代码
[root@node2 opt]#cd /etc/yum.repos.d/
[root@node2 yum.repos.d]#ls
CentOS-Base.repo       CentOS-fasttrack.repo  CentOS-Vault.repo
CentOS-CR.repo         CentOS-Media.repo      epel.repo
CentOS-Debuginfo.repo  CentOS-Sources.repo
[root@node2 yum.repos.d]#cat epel.repo 
[epel]
baseurl = https://download.fedoraproject.org/pub/epel/$releasever/$basearch/
gpgcheck = 0
name = epel

可以不用指定仓库

15.Service 模块

功能:管理服务

  • name参数:此参数用于指定需要操作的服务名称,比如 nginx。
  • state参数:此参数用于指定服务的状态,比如,我们想要启动远程主机中的 nginx,则可以将 state 的值设置为 started;如果想要停止远程主机中的服务,则可以将 state 的值设置为 stopped。此参数的可用值有 started、stopped、restarted、reloaded。
  • enabled参数:此参数用于指定是否将服务设置为开机 启动项,设置为 yes 表示将对应服务设置为开机启动,设置为 no 表示不会开机启动。
bash 复制代码
ansible web -m service -a 'name=httpd state=started enabled=yes'
#管理httpd服务  让其开机启动
ansible web -m service -a 'name=httpd state=stopped'
#管理httpd服务  让其停止服务
ansible web -m service -a 'name=httpd state=reloaded'
#管理httpd服务  让其重新加载配置
ansible web -m service -a 'name=httpd state=restarted'
#管理httpd服务  让其重启
bash 复制代码
[root@node2 yum.repos.d]#systemctl status httpd
â httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2024-03-12 06:05:22 EDT; 12s ago
     Docs: man:httpd(8)
           man:apachectl(8)
 Main PID: 13080 (httpd)
   Status: "Total requests: 0; Current requests/sec: 0; Current traffic:   0 B/sec"
   CGroup: /system.slice/httpd.service
           ââ13080 /usr/sbin/httpd -DFOREGROUND
           ââ13082 /usr/sbin/httpd -DFOREGROUND
           ââ13083 /usr/sbin/httpd -DFOREGROUND
           ââ13084 /usr/sbin/httpd -DFOREGROUND
           ââ13085 /usr/sbin/httpd -DFOREGROUND
           ââ13087 /usr/sbin/httpd -DFOREGROUND
 
Mar 12 06:05:21 node2.localdomain systemd[1]: Starting The Apache HTTP Ser....
Mar 12 06:05:21 node2.localdomain httpd[13080]: AH00558: httpd: Could not r...
Mar 12 06:05:22 node2.localdomain systemd[1]: Started The Apache HTTP Server.
Hint: Some lines were ellipsized, use -l to show in full.
bash 复制代码
[root@localhost opt]#ansible web -m shell -a "sed -i 's/^Listen 80/Listen 8080/' /etc/httpd/conf/httpd.conf"
#将/etc/httpd/conf/httpd.conf 中配置文件以Listen 80 开头的行 改为Listen 8080
[WARNING]: Consider using the replace, lineinfile or template module rather
than running 'sed'.  If you need to use command because replace, lineinfile or
template is insufficient you can add 'warn: false' to this command task or set
'command_warnings=False' in ansible.cfg to get rid of this message.
192.168.241.22 | CHANGED | rc=0 >>
 
192.168.241.23 | CHANGED | rc=0 >>
bash 复制代码
[root@node2 yum.repos.d]#sed -n '42p' /etc/httpd/conf/httpd.conf 
Listen 80
[root@node2 yum.repos.d]#sed -n '42p' /etc/httpd/conf/httpd.conf 
Listen 8080

16.mount 挂载和卸载模块

功能: 挂载和卸载文件系统

bash 复制代码
[root@localhost opt]#ansible web -a 'blkid'
192.168.241.22 | CHANGED | rc=0 >>
/dev/sda1: UUID="325ac58f-3bb2-4665-a210-b7a4e1608d41" TYPE="xfs" 
/dev/sda2: UUID="M5DELP-GK7D-q10Y-EAPM-4ubZ-Ka0f-cLIHQ4" TYPE="LVM2_member" 
/dev/sr0: UUID="2017-09-06-10-51-00-00" LABEL="CentOS 7 x86_64" TYPE="iso9660" PTTYPE="dos" 
/dev/mapper/centos-root: UUID="282b4b58-b5cc-43d3-8144-7b1451fad56f" TYPE="xfs" 
/dev/mapper/centos-swap: UUID="7d82a566-3c42-400b-8762-7f74dca72631" TYPE="swap" 
192.168.241.23 | CHANGED | rc=0 >>
/dev/sr0: UUID="2017-09-06-10-51-00-00" LABEL="CentOS 7 x86_64" TYPE="iso9660" PTTYPE="dos" 
/dev/sda1: UUID="fbdbf3e2-2cdd-4e98-99e1-31450c405b4c" TYPE="xfs" 
/dev/sda2: UUID="614lKT-jKwh-Xgb1-7UDu-Ie6n-CxGk-JWcfPc" TYPE="LVM2_member" 
/dev/mapper/centos-root: UUID="be367737-70e1-4bf8-8aed-866c955b8905" TYPE="xfs" 
/dev/mapper/centos-swap: UUID="753872eb-1d85-417a-b834-84236b228278" TYPE="swap" 
bash 复制代码
#临时挂载
mount websrvs -m mount -a 'src="UUID=b3e48f45-f933-4c8e-a700-22a159ec9077" path=/home fstype=xfs opts=noatime state=present'
#临时取消挂载
mount websrvs -m mount -a 'path=/home fstype=xfs opts=noatime state=unmounted'
#永久挂载
ansible websrvs -m mount -a 'src=10.0.0.8:/data/wordpress path=/var/www/html/wp-content/uploads opts="_netdev" state=mounted'
#永久卸载
ansible websrvs -m mount -a 'src=10.0.0.8:/data/wordpress path=/var/www/html/wp-content/uploads state=absent'

17.User 模块

功能:管理用户

  • comment   用户的描述信息
  • createhome   是否创建家目录
  • force   在使用state=absent时, 行为与userdel --force一致.
  • group   指定基本组
  • groups   指定附加组,如果指定为(groups=)表示删除所有组
  • home   指定用户家目录
  • move_home   如果设置为home=时, 试图将用户主目录移动到指定的目录
  • name   指定用户名
  • non_unique   该选项允许改变非唯一的用户ID值
  • password   指定用户密码,使用 SHA512 hash
  • remove   在使用state=absent时, 行为是与userdel --remove一致
  • shell   指定默认shell
  • state   设置帐号状态,不指定为创建,指定值为absent表示删除
  • system   当创建一个用户,设置这个用户是系统用户。这个设置不能更改现有用户
  • uid   指定用户的uid
  • update_ password
  • always 如果password参数设置的值与用户当前的加密过的密码字符串不一致,则直接更新用户的密码,默认值即为always
  • on_create 如果password参数设置的值与用户当前的加密过的密码字符串不一致,则不会更新用户的密码字符串,保持之前的密码设定
bash 复制代码
[root@localhost opt]#ansible web -m user -a "name=user1 comment='test user' uid=2048 group=root"
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "append": false, 
    "changed": false, 
    "comment": "test user", 
    "group": 0, 
    "home": "/home/user1", 
    "move_home": false, 
    "name": "user1", 
    "shell": "/bin/bash", 
    "state": "present", 
    "uid": 2048
}
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "test user", 
    "create_home": true, 
    "group": 0, 
    "home": "/home/user1", 
    "name": "user1", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 2048
}
bash 复制代码
[root@node2 ~]#id user1
uid=2048(user1) gid=0(root) groups=0(root)

18.Group 模块

功能:管理组

bash 复制代码
[root@localhost opt]#ansible web -m group -a "name=cxk gid=88"
#创建组
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 88, 
    "name": "cxk", 
    "state": "present", 
    "system": false
}
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 88, 
    "name": "cxk", 
    "state": "present", 
    "system": false
}
bash 复制代码
[root@node2 ~]#getent group|grep cxk
cxk:x:88:
bash 复制代码
[root@localhost opt]#ansible web -m group -a "name=cxk state=absent"
#删除组
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "cxk", 
    "state": "absent"
}
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "cxk", 
    "state": "absent"
}

19.reboot 模块

bash 复制代码
[root@ansible ~]#ansible web -m reboot

20.Lineinfile 模块

ansible在使用sed进行替换时,经常会遇到需要转义的问题,而且ansible在遇到特殊符号进行替换时,存在问题,无法正常进行替换 。其实在ansible自身提供了两个模块:lineinfile模块和replace模块,可以方便的进行替换一般在ansible当中去修改某个文件的单行进行替换的时候需要使用lineinfile模块

regexp参数 :使用正则表达式匹配对应的行,当替换文本时,如果有多行文本都能被匹配,则只有最后面被匹配到的那行文本才会被替换,当删除文本时,如果有多行文本都能被匹配,这么这些行都会被删除。

如果想进行多行匹配进行替换需要使用replace模块

功能:相当于sed,可以修改文件内容

关键字:

  • path 指定要操作的文件
  • regexp 使用正则表达式匹配对应的行
  • line 修改为新的内容
  • insertafter 将文本插入到"指定的行"之后
  • insertbefore 将文本插入到"指定的行"之前
  • state 删除对应的文本时,需要state=absent
  • backrefs 1.支持后向引用、2.当未匹配到内容则不操作文件
  • backup 是否在修改文件之前对文件进行备份
  • create 当要操作的文件并不存在时,是否创建对应的文件
bash 复制代码
[root@localhost opt]#ansible web -m lineinfile -a 'dest=/etc/fstab state=absent regexp="^#"'
#将远端主机/etc/fstab 中  所有#开头的行全部删除
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup": "", 
    "changed": true, 
    "found": 7, 
    "msg": "7 line(s) removed"
}
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup": "", 
    "changed": true, 
    "found": 7, 
    "msg": "7 line(s) removed"
}
bash 复制代码
[root@node2 ~]#cat /etc/fstab 
 
#
# /etc/fstab
# Created by anaconda on Mon Dec 18 08:36:06 2023
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root /                       xfs     defaults        0 0
UUID=325ac58f-3bb2-4665-a210-b7a4e1608d41 /boot                   xfs     defaults        0 0
/dev/mapper/centos-swap swap                    swap    defaults        0 0
[root@node2 ~]#cat /etc/fstab 
 
/dev/mapper/centos-root /                       xfs     defaults        0 0
UUID=325ac58f-3bb2-4665-a210-b7a4e1608d41 /boot                   xfs     defaults        0 0
/dev/mapper/centos-swap swap                    swap    defaults        0 0
bash 复制代码
[root@localhost opt]#ansible web -m lineinfile -a "path=/etc/httpd/conf/httpd.conf regexp='^Listen' line='Listen 80'"
#将/etc/httpd/conf/httpd.conf 中以Listen开头的行 修改为Listen 80
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup": "", 
    "changed": true, 
    "msg": "line replaced"
}
bash 复制代码
[root@node3 opt]#cat /etc/httpd/conf/httpd.conf |grep Listen
# Listen: Allows you to bind Apache to specific IP addresses and/or
# Change this to Listen on specific IP addresses as shown below to 
#Listen 12.34.56.78:80
Listen 8080
[root@node3 opt]#cat /etc/httpd/conf/httpd.conf |grep Listen
# Listen: Allows you to bind Apache to specific IP addresses and/or
# Change this to Listen on specific IP addresses as shown below to 
#Listen 12.34.56.78:80
Listen 80
bash 复制代码
[root@localhost opt]#ansible web -m lineinfile -a "path=/etc/selinux/config regexp='^SELINUX=' line='SELINUX=disabled'"
#将远端主机所有/etc/selinux/config配置文件中 以Selinux开头的行  更改为SELINUX=disabled
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup": "", 
    "changed": true, 
    "msg": "line replaced"
}
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup": "", 
    "changed": true, 
    "msg": "line replaced"
}
bash 复制代码
[root@node2 ~]#cat /etc/selinux/config 
 
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted 
 
 
[root@node2 ~]#cat /etc/selinux/config 
 
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted 

21.replace 模块

该模块有点类似于sed命令,主要也是基于正则进行匹配和替换,建议使用

bash 复制代码
[root@localhost opt]#ansible web -m replace -a "path=/etc/fstab regexp='^(UUID.*)' replace='#\1'" 
#将远端主机/etc/fstab中 UUID的行  注释
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "msg": "1 replacements made"
}
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "msg": "1 replacements made"
}
bash 复制代码
[root@node2 ~]#cat /etc/fstab 
 
/dev/mapper/centos-root /                       xfs     defaults        0 0
UUID=325ac58f-3bb2-4665-a210-b7a4e1608d41 /boot                   xfs     defaults        0 0
/dev/mapper/centos-swap swap                    swap    defaults        0 0
[root@node2 ~]#cat /etc/fstab 
 
/dev/mapper/centos-root /                       xfs     defaults        0 0
#UUID=325ac58f-3bb2-4665-a210-b7a4e1608d41 /boot                   xfs     defaults        0 0
/dev/mapper/centos-swap swap                    swap    defaults        0 0
bash 复制代码
[root@localhost opt]#ansible web -m replace -a "path=/etc/fstab regexp='^#(UUID.*)' replace='\1'"
#将远端主机 /etc/fstab中 UUID的行 取消注释
192.168.241.22 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "msg": "1 replacements made"
}
192.168.241.23 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "msg": "1 replacements made"
}
bash 复制代码
[root@node2 ~]#cat /etc/fstab 
 
/dev/mapper/centos-root /                       xfs     defaults        0 0
#UUID=325ac58f-3bb2-4665-a210-b7a4e1608d41 /boot                   xfs     defaults        0 0
/dev/mapper/centos-swap swap                    swap    defaults        0 0
[root@node2 ~]#cat /etc/fstab 
 
/dev/mapper/centos-root /                       xfs     defaults        0 0
UUID=325ac58f-3bb2-4665-a210-b7a4e1608d41 /boot                   xfs     defaults        0 0
/dev/mapper/centos-swap swap                    swap    defaults        0 0
bash 复制代码
[root@localhost opt]#ansible web -m replace -a "path=/etc/httpd/conf/httpd.conf regexp='^Listen.*' line='Listen 80'"
#将远端主机/etc/httpd/conf/httpd.conf 中 Listen开头的行 修改为 Listen 80
bash 复制代码
[root@node3 ~]#cat /etc/httpd/conf/httpd.conf |grep 9527
Listen 9527
[root@node3 ~]#cat /etc/httpd/conf/httpd.conf |grep 9527
Listen 80

22.setup 模块

功能: setup 模块来收集主机的系统信息,这些 facts 信息可以直接以变量的形式使用,但是如果主机较多,会影响执行速度

可以使用 gather_facts: no 来禁止 Ansible 收集 facts 信息

22.1主机相关信息
bash 复制代码
[root@localhost opt]#ansible web -m setup -a "filter=ansible_nodename"
#收集主机相关信息
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "ansible_nodename": "node3.node3", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "ansible_nodename": "node2.localdomain", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
bash 复制代码
[root@localhost opt]#ansible web -m setup -a "filter=ansible_hostname"
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "ansible_hostname": "node2", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "ansible_hostname": "node3", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
bash 复制代码
[root@localhost opt]#ansible web -m setup -a "filter=ansible_domain"
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "ansible_domain": "localdomain", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "ansible_domain": "node3", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
22.2系统总内存
bash 复制代码
[root@localhost opt]#ansible web -m setup -a "filter=ansible_memtotal_mb"
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "ansible_memtotal_mb": 1823, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "ansible_memtotal_mb": 1823, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
22.3详细显示内存情况
bash 复制代码
[root@localhost opt]#ansible web -m setup -a "filter=ansible_memory_mb"
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "ansible_memory_mb": {
            "nocache": {
                "free": 1469, 
                "used": 354
            }, 
            "real": {
                "free": 1073, 
                "total": 1823, 
                "used": 750
            }, 
            "swap": {
                "cached": 0, 
                "free": 4095, 
                "total": 4095, 
                "used": 0
            }
        }, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "ansible_memory_mb": {
            "nocache": {
                "free": 1359, 
                "used": 464
            }, 
            "real": {
                "free": 475, 
                "total": 1823, 
                "used": 1348
            }, 
            "swap": {
                "cached": 0, 
                "free": 5115, 
                "total": 5115, 
                "used": 0
            }
        }, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
22.4显示可用系统内存
bash 复制代码
[root@localhost opt]#ansible web -m setup -a "filter=ansible_memfree_mb"
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "ansible_memfree_mb": 1073, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "ansible_memfree_mb": 477, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
22.5系统所属信息
bash 复制代码
[root@localhost opt]#ansible web -m setup -a "filter=ansible_os_family"
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "ansible_os_family": "RedHat", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "ansible_os_family": "RedHat", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
22.6当前系统版本
bash 复制代码
[root@localhost opt]#ansible web -m setup -a "filter=ansible_distribution_major_version"
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "ansible_distribution_major_version": "7", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "ansible_distribution_major_version": "7", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
22.7当前系统详细版本
bash 复制代码
[root@localhost opt]#ansible web -m setup -a "filter=ansible_distribution_version"
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "ansible_distribution_version": "7.4", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "ansible_distribution_version": "7.4", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
22.8显示cpu个数(只显示总的个数)
bash 复制代码
[root@localhost opt]#ansible web -m setup -a "filter=ansible_processor_vcpus"
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "ansible_processor_vcpus": 2, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "ansible_processor_vcpus": 2, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
22.9仅显示ipv4的信息
bash 复制代码
[root@localhost opt]#ansible web -m setup -a "filter=ansible_all_ipv4_addresses"
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "192.168.122.1", 
            "192.168.241.22"
        ], 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "192.168.122.1", 
            "192.168.241.23"
        ], 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
22.10版本信息
bash 复制代码
[root@localhost opt]#ansible web -m setup -a "filter=ansible_architecture"
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "ansible_architecture": "x86_64", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "ansible_architecture": "x86_64", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
22.11在线时长
bash 复制代码
[root@localhost opt]#ansible web -m setup -a "filter=ansible_uptime_seconds"
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "ansible_uptime_seconds": 3066, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "ansible_uptime_seconds": 32296, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
22.12内核参数信息
bash 复制代码
[root@localhost opt]#ansible web -m setup -a "filter=ansible_processor*"
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "ansible_processor": [
            "0", 
            "GenuineIntel", 
            "Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz", 
            "1", 
            "GenuineIntel", 
            "Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz"
        ], 
        "ansible_processor_cores": 1, 
        "ansible_processor_count": 2, 
        "ansible_processor_threads_per_core": 1, 
        "ansible_processor_vcpus": 2, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "ansible_processor": [
            "0", 
            "GenuineIntel", 
            "Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz", 
            "1", 
            "GenuineIntel", 
            "Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz"
        ], 
        "ansible_processor_cores": 1, 
        "ansible_processor_count": 2, 
        "ansible_processor_threads_per_core": 1, 
        "ansible_processor_vcpus": 2, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
22.13环境变量
bash 复制代码
[root@localhost opt]#ansible web -m setup -a 'filter=ansible_env'
192.168.241.22 | SUCCESS => {
    "ansible_facts": {
        "ansible_env": {
            "HOME": "/root", 
            "LANG": "C", 
            "LC_ALL": "C", 
            "LC_NUMERIC": "C", 
            "LESSOPEN": "||/usr/bin/lesspipe.sh %s", 
            "LOGNAME": "root", 
            "LS_COLORS": "rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.axa=01;36:*.oga=01;36:*.spx=01;36:*.xspf=01;36:", 
            "MAIL": "/var/mail/root", 
            "PATH": "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin", 
            "PWD": "/root", 
            "SELINUX_LEVEL_REQUESTED": "", 
            "SELINUX_ROLE_REQUESTED": "", 
            "SELINUX_USE_CURRENT_RANGE": "", 
            "SHELL": "/bin/bash", 
            "SHLVL": "2", 
            "SSH_CLIENT": "192.168.241.11 43238 22", 
            "SSH_CONNECTION": "192.168.241.11 43238 192.168.241.22 22", 
            "SSH_TTY": "/dev/pts/3", 
            "TERM": "xterm", 
            "USER": "root", 
            "XDG_DATA_DIRS": "/root/.local/share/flatpak/exports/share/:/var/lib/flatpak/exports/share/:/usr/local/share/:/usr/share/", 
            "XDG_RUNTIME_DIR": "/run/user/0", 
            "XDG_SESSION_ID": "29", 
            "_": "/usr/bin/python"
        }, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.241.23 | SUCCESS => {
    "ansible_facts": {
        "ansible_env": {
            "CLASSPATH": "/usr/local/jdk/lib/:/usr/local/jdk/jre/lib/", 
            "HOME": "/root", 
            "JAVA_HOME": "/usr/local/jdk", 
            "JRE_HOME": "/usr/local/jdk/jre", 
            "LANG": "C", 
            "LC_ALL": "C", 
            "LC_NUMERIC": "C", 
            "LESSOPEN": "||/usr/bin/lesspipe.sh %s", 
            "LOGNAME": "root", 
            "LS_COLORS": "rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.axa=01;36:*.oga=01;36:*.spx=01;36:*.xspf=01;36:", 
            "MAIL": "/var/mail/root", 
            "PATH": "/usr/local/jdk/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin", 
            "PWD": "/root", 
            "SELINUX_LEVEL_REQUESTED": "", 
            "SELINUX_ROLE_REQUESTED": "", 
            "SELINUX_USE_CURRENT_RANGE": "", 
            "SHELL": "/bin/bash", 
            "SHLVL": "2", 
            "SSH_CLIENT": "192.168.241.11 33164 22", 
            "SSH_CONNECTION": "192.168.241.11 33164 192.168.241.23 22", 
            "SSH_TTY": "/dev/pts/0", 
            "TERM": "xterm", 
            "USER": "root", 
            "XDG_DATA_DIRS": "/root/.local/share/flatpak/exports/share/:/var/lib/flatpak/exports/share/:/usr/local/share/:/usr/share/", 
            "XDG_RUNTIME_DIR": "/run/user/0", 
            "XDG_SESSION_ID": "131", 
            "_": "/usr/bin/python"
        }, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
22.14setup模块总结------常用信息
命令 含义
ansible_all_ipv4_addresse 仅显示ipv4的信息
ansible_devices 仅显示磁盘设备信息
ansible_distribution 显示是什么系统,例:centos,suse等
ansible_distribution_version 仅显示系统版本
ansible_machine 显示系统类型,例:32位,还是64位
ansible_eth0 仅显示eth0的信息
ansible_hostname 仅显示主机名
ansible_kernel 仅显示内核版本
ansible_lvm 显示lvm相关信息
ansible_memtotal_mb 显示系统总内存
ansible_memfree_mb 显示可用系统内存
ansible_memory_mb 详细显示内存情况
ansible_swaptotal_mb 显示总的swap内存
ansible_swapfree_mb 显示swap内存的可用内存
ansible_mounts 显示系统磁盘挂载情况
ansible_processor 显示cpu个数(具体显示每个cpu的型号)
ansible_processor_vcpus 显示cpu个数(只显示总的个数)
ansible_python_version 显示python版本
相关推荐
PieroPc7 分钟前
Python 自动化 打开网站 填表登陆 例子
运维·python·自动化
VinciYan43 分钟前
基于Jenkins+Docker的自动化部署实践——整合Git与Python脚本实现远程部署
python·ubuntu·docker·自动化·jenkins·.net·运维开发
冷曦_sole1 小时前
linux-19 根文件系统(一)
linux·运维·服务器
AI大模型学徒1 小时前
Linux(二)_清理空间
linux·运维·服务器
tntlbb2 小时前
Ubuntu20.4 VPN+Docker代理配置
运维·ubuntu·docker·容器
一条测试老狗2 小时前
【UI自动化】从WebDriver看Selenium与Appium的底层关联
selenium·appium·自动化
Linux运维技术栈3 小时前
Ansible(自动化运维)环境搭建及ansible-vault加密配置
运维·自动化·ansible
Bessssss4 小时前
centos权限大集合,覆盖多种权限类型,解惑权限后有“. + t s”问题!
linux·运维·centos
苹果醋34 小时前
Golang的文件加密工具
运维·vue.js·spring boot·nginx·课程设计
jwensh4 小时前
【Jenkins】Declarative和Scripted两种脚本模式有什么具体的区别
运维·前端·jenkins