ansible
ansible是基于模块工作的,本身没有批量部署的能力。真正具有批量部署的是ansible所运行的模块,ansible只是提供一种框架。
格式
ansible 主机ip|域名|组名|别名 -m ping|copy|... '参数'
1.ping模块
m0
# 查看有没有安装epel
[root@m0 ~]# yum list installed|grep epel
epel-release.noarch 7-11 @extras
# 安装ansible
[root@m0 ~]# yum -y install ansible
# 查看ansible的版本
[root@m0 ~]# ansible --version
ansible 2.9.27
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Apr 11 2018, 07:36:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
# 查找ansible的配置文件
[root@m0 ~]# find /etc/ -name "*ansible*"
/etc/ansible
/etc/ansible/ansible.cfg
# 设置免密
[root@m0 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:OvpbtUtLSVvtPtcexSHBThXhhzywDBB8pzGCbwqSoMk root@m0
The key's randomart image is:
+---[RSA 2048]----+
| ooo. o..+o|
|. . o +o.*o. |
|oo . . o ==.+o.|
|oEo . o . o.oo|
| . . oS o . . o|
| .. o = . .|
| o . * ...|
| . o o o .. +|
| ..o. o .+.|
+----[SHA256]-----+
[root@m0 ~]# ls ./.ssh/
id_rsa id_rsa.pub
# 给s0和s1设置免密登录
[root@m0 ~]# ssh-copy-id -i 192.168.2.110(s0)
[root@m0 ~]# ssh-copy-id -i 192.168.2.111(s1)
[root@m0 ~]# vim /etc/ansible/hosts
# 110和111都在m0上设置了免密登录
[group01]
192.168.2.110
192.168.2.111
# 112主机没有设置免密登录
[group02]
192.168.2.110
192.168.2.111
192.168.2.112
# ping 9igroup01的第一个ip
[root@m0 ~]# ansible 192.168.2.110 -m ping
192.168.2.110 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
# ping group01
[root@m0 ~]# ansible group01 -m ping
192.168.2.110 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
192.168.2.111 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
# ping group02(第三台没做免密,ping的时候会报错)
[root@m0 ~]# ansible group02 -m ping
The authenticity of host '192.168.2.112 (192.168.2.112)' can't be established.
ECDSA key fingerprint is SHA256:E2ARFFif/HyOpjlCgDRoPqYSl2OL4PwdcX1h9cPRJiY.
ECDSA key fingerprint is MD5:35:b0:cd:3b:e0:fa:10:4a:22:5e:94:aa:b7:5c:e2:79.
Are you sure you want to continue connecting (yes/no)? 192.168.2.110 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
192.168.2.111 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
yes
192.168.2.112 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.2.112' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}
# 解决没做免密的ip报错
# 给没有设置免密登录的ip设置账号,密码
[root@m0 ~]# vim /etc/ansible/hosts
other ansible_ssh_host=192.168.2.112 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass=1
[group02]
192.168.2.110
192.168.2.111
other
# 进行测试(不会报错)
[root@m0 ~]# ansible group02 -m ping
192.168.2.110 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
192.168.2.111 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
other | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
# 也可以单独ping other模块
[root@m0 ~]# ansible other -m ping
other | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
小结
主机清单的作用:服务器分组
主机清单的常见功能:
1.可以通过IP范围来分,主机名名字的范围来分
2.如果ssh端口不是22的,可以传入新的端口
3.没有做免密登录,可以传密码
练习
不论你用到哪种环境(免密或者不免密,端口是否是22),请最终将两台被管理机器加入到group1组即可
# 没有设置免密的话需要设置别名
web01 ansible_ssh_host=192.168.2.200 ansible_ssh_user=root ansible_ssh_pass=1 ansible_ssh_port=22
web01 ansible_ssh_host=192.168.2.201 ansible_ssh_user=root ansible_ssh_pass=1 ansible_ssh_port=22
[group1]
web01
web02
帮助手册
# 查看ansible的用法
[root@m0 ~]# ansible-doc -l
# 查看ping在ansible中的用法
[root@m0 ~]# ansible-doc -l ping
2.hostname模块
# 将group02组中主机的主机名都改成ab.haha
[root@m0 ~]# ansible group02 -m hostname -a 'name=ab.haha'
192.168.2.111 | CHANGED => {
"ansible_facts": {
"ansible_domain": "haha",
"ansible_fqdn": "ab.haha",
"ansible_hostname": "ab",
"ansible_nodename": "ab.haha",
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "ab.haha"
}
other | CHANGED => {
"ansible_facts": {
"ansible_domain": "haha",
"ansible_fqdn": "ab.haha",
"ansible_hostname": "ab",
"ansible_nodename": "ab.haha",
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "ab.haha"
}
192.168.2.110 | CHANGED => {
"ansible_facts": {
"ansible_domain": "haha",
"ansible_fqdn": "ab.haha",
"ansible_hostname": "ab",
"ansible_nodename": "ab.haha",
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "ab.haha"
}
# 验证
[root@s0 ~]# hostname
ab.haha
[root@s1 ~]# hostname
ab.haha
[root@s2 ~]# hostname
ab.haha
3.file模块
创建目录
# 在group01组中的主机(包含other(没有设置免密的那台主机))中的/tmp/中创建abc文件
# -m 表示调用模块
# state=directory 表示当前的状态被设置为“目录”
[root@m0 ~]# ansible group01 -m file -a 'path=/tmp/abc state=directory'
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/tmp/abc",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/tmp/abc",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/tmp/abc",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
[root@s0 ~]# ls -l /tmp/
总用量 4
drwxr-xr-x. 2 root root 6 8月 16 11:43 abc
[root@s1 ~]# ls -l /tmp/
总用量 4
drwxr-xr-x. 2 root root 6 8月 16 11:43 abc
[root@s2 ~]# ls -l /tmp/
总用量 4
drwxr-xr-x. 2 root root 6 8月 16 11:43 abc
创建文件
# 给group02组中的主机中的/tmp/abc/中创建def文件
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/abc/def state=touch'
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/tmp/abc/def",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/tmp/abc/def",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/tmp/abc/def",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
[root@s1 ~]# ll /tmp/abc
总用量 0
-rwxrwxrwt. 1 bin daemon 0 8月 16 14:09 def
递归修改
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/abc recurse=yes owner=bin group=daemon mode=1777'(属主,属组,权限)
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 2,
"group": "daemon",
"mode": "01777",
"owner": "bin",
"path": "/tmp/abc",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 17,
"state": "directory",
"uid": 1
}
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 2,
"group": "daemon",
"mode": "01777",
"owner": "bin",
"path": "/tmp/abc",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 17,
"state": "directory",
"uid": 1
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 2,
"group": "daemon",
"mode": "01777",
"owner": "bin",
"path": "/tmp/abc",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 17,
"state": "directory",
"uid": 1
}
递归修改验证
删除
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/abc state=absent'
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "/tmp/abc",
"state": "absent"
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "/tmp/abc",
"state": "absent"
}
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "/tmp/abc",
"state": "absent"
}
# 验证
# 删除之前
[root@s1 ~]# ll /tmp/abc
总用量 0
-rwxrwxrwt. 1 bin daemon 0 8月 16 14:09 def
# 删除之后
[root@s1 ~]# ll /tmp/abc
ls: 无法访问/tmp/abc: 没有那个文件或目录
创建且指定权限的文件
# 创建文件/tmp/aaa,修改属主为bin,属组为daemon,权限为777
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/aaa state=touch owner=bin group=daemon mode=1777'
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/tmp/aaa",
"gid": 2,
"group": "daemon",
"mode": "01777",
"owner": "bin",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 0,
"state": "file",
"uid": 1
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/tmp/aaa",
"gid": 2,
"group": "daemon",
"mode": "01777",
"owner": "bin",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 0,
"state": "file",
"uid": 1
}
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/tmp/aaa",
"gid": 2,
"group": "daemon",
"mode": "01777",
"owner": "bin",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 0,
"state": "file",
"uid": 1
}
[root@s1 ~]# ls -l /tmp/
总用量 4
-rwxrwxrwt. 1 bin daemon 0 8月 16 14:23 aaa
删除文件
# 删除属主为bin,属组为daemon,权限为777且在/tmp/下文件名为aaa的文件
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/aaa state=absent owner=bin group=daemon mode=1777'
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "/tmp/aaa",
"state": "absent"
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "/tmp/aaa",
"state": "absent"
}
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "/tmp/aaa",
"state": "absent"
}
[root@s1 ~]# ls -l /tmp/aaa
ls: 无法访问/tmp/aaa: 没有那个文件或目录
创建mysql-files文件,并修改权限
[root@m0 ~]# ansible group02 -m file -a 'path=/usr/local/mysql/mysql-files state=directory owner=mysql group=mysql mode=750'
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 995,
"group": "mysql",
"mode": "0750",
"owner": "mysql",
"path": "/usr/local/mysql/mysql-files",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 6,
"state": "directory",
"uid": 997
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 995,
"group": "mysql",
"mode": "0750",
"owner": "mysql",
"path": "/usr/local/mysql/mysql-files",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 6,
"state": "directory",
"uid": 997
}
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 995,
"group": "mysql",
"mode": "0750",
"owner": "mysql",
"path": "/usr/local/mysql/mysql-files",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 6,
"state": "directory",
"uid": 997
}
# 验证
[root@ab ~]# ll /usr/local/mysql/
总用量 0
drwxr-x---. 2 mysql mysql 6 8月 16 21:38 mysql-files
创建软连接(软连接指向硬链接)
# 创建软连接(软连接指向硬链接)
[root@m0 ~]# ansible group02 -m file -a 'src=/etc/fstab path=/tmp/xxx state=link'
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/tmp/xxx",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 10,
"src": "/etc/fstab",
"state": "link",
"uid": 0
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/tmp/xxx",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 10,
"src": "/etc/fstab",
"state": "link",
"uid": 0
}
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/tmp/xxx",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 10,
"src": "/etc/fstab",
"state": "link",
"uid": 0
}
[root@s1 ~]# ll /tmp/
总用量 8
-rwx------. 1 root root 836 8月 7 00:25 ks-script-pjA4To
drwx------. 3 root root 17 8月 16 10:25 systemd-private-bbe4eb529aa243da930a7edebcedf30b-chronyd.service-Er6p6N
drwx------. 3 root root 17 8月 6 17:35 systemd-private-f93e9a7cc83a4e6ba1ea5a4ff1abcdc2-chronyd.service-2U7zsa
drwx------. 2 root root 6 8月 7 00:25 vmware-root
lrwxrwxrwx. 1 root root 10 8月 16 14:32 xxx -> /etc/fstab
创建硬链接(指向文件)
# 硬链接(指向文件)
[root@m0 ~]# ansible group02 -m file -a 'src=/etc/fstab path=/tmp/xxx2 state=hard'
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/tmp/xxx2",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:etc_t:s0",
"size": 502,
"src": "/etc/fstab",
"state": "hard",
"uid": 0
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/tmp/xxx2",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:etc_t:s0",
"size": 502,
"src": "/etc/fstab",
"state": "hard",
"uid": 0
}
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/tmp/xxx2",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:etc_t:s0",
"size": 502,
"src": "/etc/fstab",
"state": "hard",
"uid": 0
}
[root@s1 ~]# ll /tmp/
总用量 8
-rwx------. 1 root root 836 8月 7 00:25 ks-script-pjA4To
drwx------. 3 root root 17 8月 16 10:25 systemd-private-bbe4eb529aa243da930a7edebcedf30b-chronyd.service-Er6p6N
drwx------. 3 root root 17 8月 6 17:35 systemd-private-f93e9a7cc83a4e6ba1ea5a4ff1abcdc2-chronyd.service-2U7zsa
drwx------. 2 root root 6 8月 7 00:25 vmware-root
lrwxrwxrwx. 1 root root 10 8月 16 14:32 xxx -> /etc/fstab
-rw-r--r--. 2 root root 502 8月 6 16:33 xxx2
-rw-------. 1 root root 0 8月 7 00:21 yum.log
小结
ansible group02 -m file 'path= state= recurse= src= owner= group= mode'
# path 文件的地址
# state 方法
# directory 创建目录
# touch 创建文件
# absent 删除文件
# link 创建软连接
# hard 创建硬链接
# recurse 是否允许递归操作
# src 文件源
4.stat模块
查看信息
[root@m0 ~]# ansible group02 -m stat -a 'path=/etc/fstab'
192.168.2.111 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"stat": {
"atime": 1723775545.4809103,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "20fcca9572fbd2d112b32e6446e42070695ce511",
"ctime": 1723790032.7200139,
"dev": 64768,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 17258899,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0644",
"mtime": 1722933190.7942092,
"nlink": 2,
"path": "/etc/fstab",
"pw_name": "root",
"readable": true,
"rgrp": true,
"roth": true,
"rusr": true,
"size": 502,
"uid": 0,
"version": "18446744072287068007",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
192.168.2.110 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"stat": {
"atime": 1723775466.468042,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "20fcca9572fbd2d112b32e6446e42070695ce511",
"ctime": 1723790032.71537,
"dev": 64768,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 17258899,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0644",
"mtime": 1722933190.7942092,
"nlink": 2,
"path": "/etc/fstab",
"pw_name": "root",
"readable": true,
"rgrp": true,
"roth": true,
"rusr": true,
"size": 502,
"uid": 0,
"version": "18446744072287068007",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
other | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"stat": {
"atime": 1723775623.031594,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "20fcca9572fbd2d112b32e6446e42070695ce511",
"ctime": 1723790032.729416,
"dev": 64768,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 17258899,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0644",
"mtime": 1722933190.7942092,
"nlink": 2,
"path": "/etc/fstab",
"pw_name": "root",
"readable": true,
"rgrp": true,
"roth": true,
"rusr": true,
"size": 502,
"uid": 0,
"version": "18446744072287068007",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
5.copy模块(重点)
[root@m0 ~]# ls
anaconda-ks.cfg mysql-5.7.44-linux-glibc2.12-x86_64.tar.gz
[root@m0 ~]# mv mysql-5.7.44-linux-glibc2.12-x86_64.tar.gz mysql57.tar.gz
[root@m0 ~]# ls
anaconda-ks.cfg mysql57.tar.gz
# 把mysql57.tar.gz传到group02组中的主机中
[root@m0 ~]# ansible group02 -m copy -a 'src=./mysql57.tar.gz dest=~'
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "ca7c056f43922133ac4bfa788849172ff124ce47",
"dest": "/root/mysql57.tar.gz",
"gid": 0,
"group": "root",
"md5sum": "d7c8436bbf456e9a4398011a0c52bc40",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 694785800,
"src": "/root/.ansible/tmp/ansible-tmp-1723791895.72-3029-205251780527035/source",
"state": "file",
"uid": 0
}
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "ca7c056f43922133ac4bfa788849172ff124ce47",
"dest": "/root/mysql57.tar.gz",
"gid": 0,
"group": "root",
"md5sum": "d7c8436bbf456e9a4398011a0c52bc40",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 694785800,
"src": "/root/.ansible/tmp/ansible-tmp-1723791895.62-3027-254129236082512/source",
"state": "file",
"uid": 0
}
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "ca7c056f43922133ac4bfa788849172ff124ce47",
"dest": "/root/mysql57.tar.gz",
"gid": 0,
"group": "root",
"md5sum": "d7c8436bbf456e9a4398011a0c52bc40",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 694785800,
"src": "/root/.ansible/tmp/ansible-tmp-1723791895.71-3026-134059210870560/source",
"state": "file",
"uid": 0
}
# 验证
[root@s0 ~]# ls
aaa anaconda-ks.cfg mysql57.tar.gz
[root@s1 ~]# ls
aaa anaconda-ks.cfg mysql57.tar.gz
[root@s2 ~]# ls
aaa anaconda-ks.cfg mysql57.tar.gz
练习:
创建一个100M的文件,然后同步到110,111,112主机上
[root@m0 ~]# dd if="/dev/zero" of="tst" bs=100M count=1
记录了1+0 的读入
记录了1+0 的写出
104857600字节(105 MB)已复制,0.113386 秒,925 MB/秒
[root@m0 ~]# ansible group02 -m copy -a 'src=./tst dest=~'
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a",
"dest": "/root/tst",
"gid": 0,
"group": "root",
"md5sum": "2f282b84e7e608d5852449ed940bfc51",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 104857600,
"src": "/root/.ansible/tmp/ansible-tmp-1723792459.28-3139-31521072234907/source",
"state": "file",
"uid": 0
}
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a",
"dest": "/root/tst",
"gid": 0,
"group": "root",
"md5sum": "2f282b84e7e608d5852449ed940bfc51",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 104857600,
"src": "/root/.ansible/tmp/ansible-tmp-1723792459.26-3138-81656713137079/source",
"state": "file",
"uid": 0
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a",
"dest": "/root/tst",
"gid": 0,
"group": "root",
"md5sum": "2f282b84e7e608d5852449ed940bfc51",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 104857600,
"src": "/root/.ansible/tmp/ansible-tmp-1723792459.29-3140-152165473863162/source",
"state": "file",
"uid": 0
}
[root@s0 ~]# ls
aaa anaconda-ks.cfg mysql57.tar.gz tst
[root@s1 ~]# ls
aaa anaconda-ks.cfg mysql57.tar.gz tst
[root@s2 ~]# ls
aaa anaconda-ks.cfg mysql57.tar.gz tst
给文件写入内容
给tst文件写入wo shi haha ,并且同步到110,111,112主机上
[root@m0 ~]# ansible group02 -m copy -a 'content="wo shi haha" dest=~/tst'
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "965c5185c9bb99125bfa8c7162dcf4b738f10a77",
"dest": "/root/tst",
"gid": 0,
"group": "root",
"md5sum": "3ee4b712d8af9f792d318c9f0a836759",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 11,
"src": "/root/.ansible/tmp/ansible-tmp-1723792694.7-3249-240792052218088/source",
"state": "file",
"uid": 0
}
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "965c5185c9bb99125bfa8c7162dcf4b738f10a77",
"dest": "/root/tst",
"gid": 0,
"group": "root",
"md5sum": "3ee4b712d8af9f792d318c9f0a836759",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 11,
"src": "/root/.ansible/tmp/ansible-tmp-1723792694.71-3248-228412683621377/source",
"state": "file",
"uid": 0
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "965c5185c9bb99125bfa8c7162dcf4b738f10a77",
"dest": "/root/tst",
"gid": 0,
"group": "root",
"md5sum": "3ee4b712d8af9f792d318c9f0a836759",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 11,
"src": "/root/.ansible/tmp/ansible-tmp-1723792694.76-3250-198245487172331/source",
"state": "file",
"uid": 0
}
[root@s0 ~]# cat tst
wo shi haha
[root@s1 ~]# cat tst
wo shi haha
force=no(不覆盖)
如果ansible将创建文件的命令发布到110,111,112主机上时,这三台主机有这个文件,force=no,就不会覆盖这三台主机上的原来的文件
[root@m0 ~]# ansible group02 -m copy -a 'src=./tst dest=~ force=no'
192.168.2.110 | SUCCESS => {
"changed": false,
"dest": "/root",
"src": "/root/./tst"
}
192.168.2.111 | SUCCESS => {
"changed": false,
"dest": "/root",
"src": "/root/./tst"
}
other | SUCCESS => {
"changed": false,
"dest": "/root",
"src": "/root/./tst"
}
# 验证
# 执行之前
[root@s0 ~]# ls -lh
总用量 663M
-rwxrwxrwt. 1 bin daemon 0 8月 16 14:22 aaa
-rw-------. 1 root root 1.3K 8月 7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root 663M 8月 16 15:06 mysql57.tar.gz
-rw-r--r--. 1 root root 11 8月 16 15:18 tst
# 执行之后
[root@s0 ~]# ls -lh
总用量 663M
-rwxrwxrwt. 1 bin daemon 0 8月 16 14:22 aaa
-rw-------. 1 root root 1.3K 8月 7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root 663M 8月 16 15:06 mysql57.tar.gz
-rw-r--r--. 1 root root 11 8月 16 15:18 tst
force=yes(覆盖)
force=yes,就会覆盖掉这三台主机上原来存在的tst文件
[root@m0 ~]# ansible group02 -m copy -a 'src=./tst dest=~ force=yes'
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a",
"dest": "/root/tst",
"gid": 0,
"group": "root",
"md5sum": "2f282b84e7e608d5852449ed940bfc51",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 104857600,
"src": "/root/.ansible/tmp/ansible-tmp-1723798717.23-3585-21726739880805/source",
"state": "file",
"uid": 0
}
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a",
"dest": "/root/tst",
"gid": 0,
"group": "root",
"md5sum": "2f282b84e7e608d5852449ed940bfc51",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 104857600,
"src": "/root/.ansible/tmp/ansible-tmp-1723798717.23-3584-128328247495760/source",
"state": "file",
"uid": 0
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a",
"dest": "/root/tst",
"gid": 0,
"group": "root",
"md5sum": "2f282b84e7e608d5852449ed940bfc51",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 104857600,
"src": "/root/.ansible/tmp/ansible-tmp-1723798717.23-3586-43347575088517/source",
"state": "file",
"uid": 0
}
# 验证
# 改之前
[root@s0 ~]# ls -lh
总用量 663M
-rwxrwxrwt. 1 bin daemon 0 8月 16 14:22 aaa
-rw-------. 1 root root 1.3K 8月 7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root 663M 8月 16 15:06 mysql57.tar.gz
-rw-r--r--. 1 root root 11 8月 16 15:18 tst
# 改之后
[root@s0 ~]# ls -lh
总用量 763M
-rwxrwxrwt. 1 bin daemon 0 8月 16 14:22 aaa
-rw-------. 1 root root 1.3K 8月 7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root 663M 8月 16 15:06 mysql57.tar.gz
-rw-r--r--. 1 root root 100M 8月 16 16:58 tst
backup=yes(备份)
1.删除tst文件
# 删除tst文件
[root@m0 ~]# ansible group02 -m file -a 'path=./tst state=absent backup=yes owner=bin group=daemon mode=1777'
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "./tst",
"state": "absent"
}
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "./tst",
"state": "absent"
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "./tst",
"state": "absent"
}
# 验证
# 删除之前
[root@s0 ~]# ls -lh
总用量 763M
-rwxrwxrwt. 1 bin daemon 0 8月 16 14:22 aaa
-rw-------. 1 root root 1.3K 8月 7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root 663M 8月 16 15:06 mysql57.tar.gz
-rwxrwxrwt. 1 bin daemon 100M 8月 16 16:58 tst
# 删除之后
[root@s0 ~]# ls -lh
总用量 663M
-rwxrwxrwt. 1 bin daemon 0 8月 16 14:22 aaa
-rw-------. 1 root root 1.3K 8月 7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root 663M 8月 16 15:06 mysql57.tar.gz
2.创建文件/tmp/a.txt
# 创建文件/tmp/a.txt
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/a.txt state=touch'
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/tmp/a.txt",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/tmp/a.txt",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/tmp/a.txt",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
# 验证
[root@s0 ~]# ls /tmp/
a.txt
[root@s1 ~]# ls /tmp/
a.txt
3.进行备份
# 给原来的/tmp/a.txt进行备份(a.txt.4331.2024-08-16@17:23:26~),将新的内容(/etc/fstab)复制到a.txt中,并且修改了权限,属主和属组
[root@m0 ~]# ansible group02 -m copy -a 'src=/etc/fstab dest=/tmp/a.txt backup=yes owner=bin group=daemon mode=1777'
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"backup_file": "/tmp/a.txt.4331.2024-08-16@17:23:26~",
"changed": true,
"checksum": "20fcca9572fbd2d112b32e6446e42070695ce511",
"dest": "/tmp/a.txt",
"gid": 2,
"group": "daemon",
"md5sum": "a7adf78e321c6b78f8576849db9a5e73",
"mode": "01777",
"owner": "bin",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 502,
"src": "/root/.ansible/tmp/ansible-tmp-1723800205.98-4148-210811390920713/source",
"state": "file",
"uid": 1
}
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"backup_file": "/tmp/a.txt.4258.2024-08-16@17:23:26~",
"changed": true,
"checksum": "20fcca9572fbd2d112b32e6446e42070695ce511",
"dest": "/tmp/a.txt",
"gid": 2,
"group": "daemon",
"md5sum": "a7adf78e321c6b78f8576849db9a5e73",
"mode": "01777",
"owner": "bin",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 502,
"src": "/root/.ansible/tmp/ansible-tmp-1723800206.01-4149-123087950411073/source",
"state": "file",
"uid": 1
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"backup_file": "/tmp/a.txt.4103.2024-08-16@17:23:26~",
"changed": true,
"checksum": "20fcca9572fbd2d112b32e6446e42070695ce511",
"dest": "/tmp/a.txt",
"gid": 2,
"group": "daemon",
"md5sum": "a7adf78e321c6b78f8576849db9a5e73",
"mode": "01777",
"owner": "bin",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 502,
"src": "/root/.ansible/tmp/ansible-tmp-1723800206.04-4151-203739831332220/source",
"state": "file",
"uid": 1
}
# 验证
[root@s0 ~]# ls /tmp/
a.txt
a.txt.4331.2024-08-16@17:23:26~
[root@s0 ~]# cat /tmp/a.txt
#
# /etc/fstab
# Created by anaconda on Wed Aug 7 00:21:24 2024
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root / xfs defaults 0 0
UUID=ee7d9803-5773-4f48-acdc-7b7344699e0d /boot xfs defaults 0 0
/dev/mapper/centos-swap swap swap defaults 0 0
/dev/cdrom /mnt iso9660 defaults 0 0
# 创建的a.txt文件没有添加内容
[root@s0 ~]# cat /tmp/a.txt.4331.2024-08-16@17\:23\:26~
backup参数小结:
使用backup参数控制是否备份文件
backup=yes表示如果拷贝的文件内容与原内容不一样,则会备份一份/tmp/3333(备份文件名加上时间)文件,再拷贝新的文件/tmp/333
master# ansible group01 -m copy -a 'src=/etc/fstab dest=/tmp/333 backup=yes owner=daemon group=daemon'
6.fetch模块
# 回收110,111,112主机上的内容
# 回收110,111,112主机上的网卡信息,将信息放到本机的tmp/目录下
ansible group02 -m fetch -a 'src=/etc/sysconfig/network-scripts/ifcfg-ens33 dest=/tmp'
7.user模块
创建用户
创一个名为aaaa的用户,并且将这个任务发布到110,111,112主机上
[root@m0 ~]# ansible group02 -m user -a 'name=aaaa state=present'
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1000,
"home": "/home/aaaa",
"name": "aaaa",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1000
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1000,
"home": "/home/aaaa",
"name": "aaaa",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1000
}
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1000,
"home": "/home/aaaa",
"name": "aaaa",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1000
}
# 验证
[root@ab ~]# grep aaaa /etc/passwd
aaaa:x:1000:1000::/home/aaaa:/bin/bash
创建名为mysql的用户
[root@m0 ~]# ansible group02 -m user -a 'name=mysql state=present system=yes shell="/sbin/nologin"'
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 995,
"home": "/home/mysql",
"name": "mysql",
"shell": "/sbin/nologin",
"state": "present",
"system": true,
"uid": 997
}
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 995,
"home": "/home/mysql",
"name": "mysql",
"shell": "/sbin/nologin",
"state": "present",
"system": true,
"uid": 997
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 995,
"home": "/home/mysql",
"name": "mysql",
"shell": "/sbin/nologin",
"state": "present",
"system": true,
"uid": 997
}
# 验证
[root@ab ~]# grep mysql /etc/passwd
mysql:x:997:995::/home/mysql:/sbin/nologin
在用户mysql创建一个mysql-files并且权限为750的文件
[root@m0 ~]# ansible group02 -m file -a 'path=/usr/local/mysql/mysql-files state=directory owner=mysql group=mysql mode=750'
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 995,
"group": "mysql",
"mode": "0750",
"owner": "mysql",
"path": "/usr/local/mysql/mysql-files",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 6,
"state": "directory",
"uid": 997
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 995,
"group": "mysql",
"mode": "0750",
"owner": "mysql",
"path": "/usr/local/mysql/mysql-files",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 6,
"state": "directory",
"uid": 997
}
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 995,
"group": "mysql",
"mode": "0750",
"owner": "mysql",
"path": "/usr/local/mysql/mysql-files",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 6,
"state": "directory",
"uid": 997
}
# 验证
[root@ab ~]# ll /usr/local/mysql/
总用量 0
drwxr-x---. 2 mysql mysql 6 8月 16 21:38 mysql-files
传用户的时候传用户的密码
1.在m0上创建一个带密码的用户
[root@m0 ~]# useradd abc
[root@m0 ~]# echo "abc"|passwd --stdin abc
更改用户 abc 的密码 。
passwd:所有的身份验证令牌已经成功更新。
2.传用户和密码
[root@m0 ~]# ansible group02 -m user -a 'name=abc state=present uid=1999 password=abc'
[WARNING]: The input password appears not to have been hashed. The 'password'
argument must be encrypted for this module to work properly.
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1999,
"home": "/home/********",
"name": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1999
}
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1999,
"home": "/home/********",
"name": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1999
}
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"append": false,
"changed": true,
"comment": "",
"group": 1001,
"home": "/home/********",
"move_home": false,
"name": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"state": "present",
"uid": 1999
}
# 验证
[root@ab ~]# grep abc /etc/passwd
abc:x:1999:1999::/home/abc:/bin/bash
生成随机密码
[root@m0 ~]# echo 123456 | openssl passwd -1 -stdin
$1$Erd.NZdm$mAQtHJ60GLd6r0aAHQrlp0
[root@m0 ~]# echo 123456 | openssl passwd -1 -stdin
$1$SDbhjmBG$LI3FAKVFPpuoyk2Xvk8Sm/
创建一个普通用户叫hadoop,并产生空密码密钥对
[root@m0 ~]# ansible group02 -m user -a 'name=hadoop generate_ssh_key=yes'
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 2000,
"home": "/home/hadoop",
"name": "hadoop",
"shell": "/bin/bash",
"ssh_fingerprint": "2048 SHA256:Td4nLMeG7EnRVFiPo3aVNQ6ng3sDsSLnDza2/JGEPUs ansible-generated on ab.haha (RSA)",
"ssh_key_file": "/home/hadoop/.ssh/id_rsa",
"ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6886Gpqr9+U9owjy+1khihyhuQyRj0mLfGa3Aw84CCBplGL3F997suKVB5iL0fFBEn9AcpBRxMu7OAniRoPHNSas0zynL+D8Rm7Fr3CdpSI9FR2hYUW3/sAaBbT1Rhbdy86+/QB7KjcfwhleIK7yUnLa5Ymz0h11Iyk5co3As7ZMvTJrJzmkv90nIRU2gCo6D6sAsGYlIiF2QDDHgx8Q9cIKN/dRcnp5FK1CkTkwY2rDed0KAYLEtP8pn1ydB1HymbujypZpi4EBH5OTOEllZWfCAC8hdDskn5A9EzGe7enylYNS8hKWBxxUUQq1Ck7Jx8+fhA1IfbYT6lXiPk14p ansible-generated on ab.haha",
"state": "present",
"system": false,
"uid": 2000
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 2000,
"home": "/home/hadoop",
"name": "hadoop",
"shell": "/bin/bash",
"ssh_fingerprint": "2048 SHA256:SUbtRxZoEL8EbRV8U7hWXN31ltuYHt0XWa5u3EnPCxo ansible-generated on ab.haha (RSA)",
"ssh_key_file": "/home/hadoop/.ssh/id_rsa",
"ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2MSfgn9wn0tYU/rAbmckbDrcw9WGTuO1WwmIIAymsAMKioXRZQFNIvpIwWzpBnlypuS/6AJZlOGlJFkQB3oAZYs+cP1vVg8iRRuyPfZqxLQ2Hkc3cT6ouquP+NKl9x4WieQVA7CitmtuthnLXvTSxvXHIvOKPt4yB2J5TA5K9p9uwes8fI02TMmpz963n1AaWw9+iObmhbxUndegJ6bM2U8Cjh5Itl5iQDLXddfhxNLtPD+ny3zpUvA3UDwOHHfhSHS+Ue4q3LOEnr3TXDzrpUYpxJTy8JBevAVVgJF6qV4HlCKceerJDorKPHMWuKNEx2QJiJvNQjCRkiuVNQ27p ansible-generated on ab.haha",
"state": "present",
"system": false,
"uid": 2000
}
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 2000,
"home": "/home/hadoop",
"name": "hadoop",
"shell": "/bin/bash",
"ssh_fingerprint": "2048 SHA256:l4xaMylvcQTjpNL8ZcpV0KXmIqG5dnyGOHJFmi5DbeM ansible-generated on ab.haha (RSA)",
"ssh_key_file": "/home/hadoop/.ssh/id_rsa",
"ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGr80DmhnTzVeB8bmEOx9ERsTw/xUUJYI+/IJWl0jq7wgUa5QkwOhAwsX9ITFfab8+NxxvDu38iEId9nd+Y+z2CZsdc37oR0m8exZBUBKPyYyLhVIlqmg+DEMMKZALE0an4W5dbKgjmDt62azSm/1ye1Z7XRjyHyvbRfjijcNXvdlvPOl2VvjWp8YLPwEp2+HcoemdzD1pOxNouhqiN25tbX9B+jYXKe9VuH0KMKkjdiBGxYlN/fJNVaIOt+GL6qnQjlcGD/yDtlqDM7oZlZ/Q5HzEmvOkENUAXP1BhU8VZQds4KrzQ9xOTIvD24w22R9X7ZbDN2FIiKAqHKTcWCWX ansible-generated on ab.haha",
"state": "present",
"system": false,
"uid": 2000
}
# 验证
[root@ab ~]# grep hadoop /etc/passwd
hadoop:x:2000:2000::/home/hadoop:/bin/bash
[root@ab ~]# ls ./.ssh/
authorized_keys
[root@ab ~]# cat ./.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDrLUA6COFlt/DTnmdEpK8Ho2xvUmVMNBRY5SZDiqDpokxOjwNrfU5eubCn6ibAoGNEdUgdlbpkwEXbsm+Ldh/DfecyZ9EZUX0Oa6fuKSOBswyieZ5KZ+EkeTJQWUFLZIGJduG0Z+xfR8LJHGXe9zD03W/aHbDwA+1mU17IZGKTS+04twYC/M7gEoEpwQpsJz1v9EuYBD2tf4VAF/BfiI+koM6AR5xhVQmaOwse97YEPcC7YVq4ECTx8dqjcmVT0BCg4UDkMYtKEetSUP4439mZOLgz/uW3GNigZqrnxXLVp+L8MQYCjGi07ARu7nJlMC32jyOOCAH0Eb/NJIQomZOL root@m0
删除用户
不会删除用户的家目录
# 删除用户hadoop
[root@m0 ~]# ansible group02 -m user -a 'name=hadoop state=absent'
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"force": false,
"name": "hadoop",
"remove": false,
"state": "absent"
}
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"force": false,
"name": "hadoop",
"remove": false,
"state": "absent"
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"force": false,
"name": "hadoop",
"remove": false,
"state": "absent"
}
# 验证
[root@ab ~]# grep hadoop /etc/passwd
hadoop:x:2000:2000::/home/hadoop:/bin/bash
[root@ab ~]# grep hadoop /etc/passwd
# 删除hadoop,家目录默认没有删除
[root@ab ~]# ls /home
aaaa abc hadoop mysql
删除bbb 用户,家目录也被删除
使用remove=yes参数让其删除用户的同时也删除家目录
master# ansible group02 0m user -a 'name=bbb state=absent remove=yes'
8.cron模块
cron模块用于管理周期性任务时间
创建⼀个cron任务,不指定user的话,默认就是root
如果minute,hour,day,month,week不指定的话,默认都为*
创建计划任务
[root@m0 ~]# ansible group02 -m cron -a 'name="test cron1" user=root job="touch /tmp/111" minute=*/2'
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"test cron1"
]
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"test cron1"
]
}
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"test cron1"
]
}
# 验证
111主机:
[root@ab ~]# crontab -l
#Ansible: test cron1
*/2 * * * * touch /tmp/111
112主机
[root@ab ~]# crontab -l
#Ansible: test cron1
*/2 * * * * touch /tmp/111
110主机
[root@ab ~]# crontab -l
#Ansible: test cron1
*/2 * * * * touch /tmp/111
删除cron任务
[root@m0 ~]# ansible group02 -m cron -a 'name="test cron1" state=absent'
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": []
}
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": []
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": []
}
# 验证
# 删除之前
[root@ab ~]# crontab -l
#Ansible: test cron1
*/2 * * * * touch /tmp/111
# 删除之后
[root@ab ~]# crontab -l
[root@ab ~]#
9.yum模块
[root@m0 ~]# ansible group02 -m yum -a 'name=ntpdate state=present'
# 验证
111主机:
[root@ab ~]# yum list installed | grep ntpdate
ntpdate.x86_64 4.2.6p5-29.el7.centos.2 @base
112主机:
[root@ab ~]# yum list installed | grep ntpdate
ntpdate.x86_64 4.2.6p5-29.el7.centos.2 @base
110主机:
[root@ab ~]# yum list installed | grep ntpdate
ntpdate.x86_64 4.2.6p5-29.el7.centos.2 @base
cron模块:创建时间计划任务
# 写一个同步时间的计划任务发布到 110,111,112主机
[root@m0 ~]# ansible group02 -m cron -a 'name="abc" user=root job="/usr/sbin/ntpdate cn.ntp.org.cn" hour=2'
192.168.2.110 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"abc"
]
}
192.168.2.111 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"abc"
]
}
other | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"abc"
]
}
# 验证
110主机:
[root@ab ~]# crontab -l
#Ansible: abc
* 2 * * * /usr/sbin/ntpdate cn.ntp.org.cn
111主机:
[root@ab ~]# crontab -l
#Ansible: abc
* 2 * * * /usr/sbin/ntpdate cn.ntp.org.cn
112主机:
[root@ab ~]# crontab -l
#Ansible: abc
* 2 * * * /usr/sbin/ntpdate cn.ntp.org.cn
10.service模块
# 关闭防火墙(将任务发布到110,111,112主机上)
[root@m0 ~]# ansible group02 -m service -a 'name=firewalld state=stopped enabled=false'
# 验证
[root@ab ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
8月 16 10:25:18 localhost.localdomain systemd[1]: Starting firewalld - dynamic ....
8月 16 10:25:19 localhost.localdomain systemd[1]: Started firewalld - dynamic f....
8月 16 10:30:57 s0 systemd[1]: Stopping firewalld - dynamic firewall daemon...
8月 16 10:30:58 s0 systemd[1]: Stopped firewalld - dynamic firewall daemon.
Hint: Some lines were ellipsized, use -l to show in full.
11.commend模块(执行命令)
将110,111,112主机关机
[root@m0 ~]# ansible group02 -m command -a 'shutdown -h 0'
192.168.2.110 | FAILED | rc=-1 >>
Failed to connect to the host via ssh: ssh: connect to host 192.168.2.110 port 22: Connection refused
192.168.2.111 | FAILED | rc=-1 >>
Failed to connect to the host via ssh: ssh: connect to host 192.168.2.111 port 22: Connection refused
other | FAILED | rc=-1 >>
Failed to connect to the host via ssh: ssh: connect to host 192.168.2.112 port 22: Connection refused
验证: