8.16-ansible的应用

ansible

ansible是基于模块工作的,本身没有批量部署的能力。真正具有批量部署的是ansible所运行的模块,ansible只是提供一种框架。

格式

复制代码
ansible 主机ip|域名|组名|别名 -m ping|copy|... '参数'

1.ping模块

m0

复制代码
# 查看有没有安装epel
​
[root@m0 ~]# yum list installed|grep epel
epel-release.noarch                   7-11                             @extras  
​
# 安装ansible
​
[root@m0 ~]# yum -y install ansible
​
# 查看ansible的版本
​
[root@m0 ~]# ansible --version
ansible 2.9.27
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Apr 11 2018, 07:36:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
​
# 查找ansible的配置文件
​
[root@m0 ~]# find /etc/ -name "*ansible*"
/etc/ansible
/etc/ansible/ansible.cfg
​
# 设置免密
​
[root@m0 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:OvpbtUtLSVvtPtcexSHBThXhhzywDBB8pzGCbwqSoMk root@m0
The key's randomart image is:
+---[RSA 2048]----+
|       ooo. o..+o|
|.     . o +o.*o. |
|oo .   . o ==.+o.|
|oEo .   o .  o.oo|
|   . . oS o . . o|
|      .. o = .  .|
|      o . *   ...|
|     . o o o .. +|
|    ..o.  o   .+.|
+----[SHA256]-----+
[root@m0 ~]# ls ./.ssh/
id_rsa  id_rsa.pub
​
# 给s0和s1设置免密登录
​
[root@m0 ~]# ssh-copy-id -i 192.168.2.110(s0)
[root@m0 ~]# ssh-copy-id -i 192.168.2.111(s1)
[root@m0 ~]# vim /etc/ansible/hosts 
​
# 110和111都在m0上设置了免密登录
​
[group01] 
192.168.2.110
192.168.2.111
​
# 112主机没有设置免密登录
​
[group02]
192.168.2.110
192.168.2.111
192.168.2.112
复制代码
# ping 9igroup01的第一个ip
​
[root@m0 ~]# ansible 192.168.2.110 -m ping
192.168.2.110 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
​
# ping group01
​
[root@m0 ~]# ansible group01 -m ping
192.168.2.110 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
192.168.2.111 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
​
# ping group02(第三台没做免密,ping的时候会报错)
​
[root@m0 ~]# ansible group02 -m ping
The authenticity of host '192.168.2.112 (192.168.2.112)' can't be established.
ECDSA key fingerprint is SHA256:E2ARFFif/HyOpjlCgDRoPqYSl2OL4PwdcX1h9cPRJiY.
ECDSA key fingerprint is MD5:35:b0:cd:3b:e0:fa:10:4a:22:5e:94:aa:b7:5c:e2:79.
Are you sure you want to continue connecting (yes/no)? 192.168.2.110 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
192.168.2.111 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
yes
192.168.2.112 | UNREACHABLE! => {
    "changed": false, 
    "msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.2.112' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", 
    "unreachable": true
}
​
# 解决没做免密的ip报错
​
# 给没有设置免密登录的ip设置账号,密码
​
[root@m0 ~]# vim /etc/ansible/hosts 
other ansible_ssh_host=192.168.2.112 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass=1
​
[group02]
192.168.2.110
192.168.2.111
other
​
# 进行测试(不会报错)
​
[root@m0 ~]# ansible group02 -m ping
192.168.2.110 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
192.168.2.111 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
other | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
​
# 也可以单独ping other模块
​
[root@m0 ~]# ansible other -m ping
other | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}

小结

主机清单的作用:服务器分组

主机清单的常见功能:

1.可以通过IP范围来分,主机名名字的范围来分

2.如果ssh端口不是22的,可以传入新的端口

3.没有做免密登录,可以传密码

练习

不论你用到哪种环境(免密或者不免密,端口是否是22),请最终将两台被管理机器加入到group1组即可

复制代码
# 没有设置免密的话需要设置别名
web01 ansible_ssh_host=192.168.2.200 ansible_ssh_user=root ansible_ssh_pass=1 ansible_ssh_port=22
web01 ansible_ssh_host=192.168.2.201 ansible_ssh_user=root ansible_ssh_pass=1 ansible_ssh_port=22
[group1]
web01
web02

帮助手册

复制代码
# 查看ansible的用法
[root@m0 ~]# ansible-doc -l
​
# 查看ping在ansible中的用法
[root@m0 ~]# ansible-doc -l ping

2.hostname模块

复制代码
# 将group02组中主机的主机名都改成ab.haha
[root@m0 ~]# ansible group02 -m hostname -a 'name=ab.haha'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "ansible_domain": "haha", 
        "ansible_fqdn": "ab.haha", 
        "ansible_hostname": "ab", 
        "ansible_nodename": "ab.haha", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "ab.haha"
}
other | CHANGED => {
    "ansible_facts": {
        "ansible_domain": "haha", 
        "ansible_fqdn": "ab.haha", 
        "ansible_hostname": "ab", 
        "ansible_nodename": "ab.haha", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "ab.haha"
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "ansible_domain": "haha", 
        "ansible_fqdn": "ab.haha", 
        "ansible_hostname": "ab", 
        "ansible_nodename": "ab.haha", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "ab.haha"
}
​
# 验证
[root@s0 ~]# hostname
ab.haha
[root@s1 ~]# hostname
ab.haha
[root@s2 ~]# hostname
ab.haha

3.file模块

创建目录

复制代码
# 在group01组中的主机(包含other(没有设置免密的那台主机))中的/tmp/中创建abc文件
​
# -m 表示调用模块
​
# state=directory 表示当前的状态被设置为“目录”
​
[root@m0 ~]# ansible group01 -m file -a 'path=/tmp/abc state=directory'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/tmp/abc", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/tmp/abc", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/tmp/abc", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}
​
[root@s0 ~]# ls -l /tmp/
总用量 4
drwxr-xr-x. 2 root root   6 8月  16 11:43 abc
​
[root@s1 ~]# ls -l /tmp/
总用量 4
drwxr-xr-x. 2 root root   6 8月  16 11:43 abc
​
[root@s2 ~]# ls -l /tmp/
总用量 4
drwxr-xr-x. 2 root root   6 8月  16 11:43 abc

创建文件

复制代码
# 给group02组中的主机中的/tmp/abc/中创建def文件
​
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/abc/def state=touch'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/abc/def", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/abc/def", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/abc/def", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
[root@s1 ~]# ll /tmp/abc
总用量 0
-rwxrwxrwt. 1 bin daemon 0 8月  16 14:09 def

递归修改

复制代码
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/abc recurse=yes owner=bin group=daemon mode=1777'(属主,属组,权限)
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 2, 
    "group": "daemon", 
    "mode": "01777", 
    "owner": "bin", 
    "path": "/tmp/abc", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 17, 
    "state": "directory", 
    "uid": 1
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 2, 
    "group": "daemon", 
    "mode": "01777", 
    "owner": "bin", 
    "path": "/tmp/abc", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 17, 
    "state": "directory", 
    "uid": 1
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 2, 
    "group": "daemon", 
    "mode": "01777", 
    "owner": "bin", 
    "path": "/tmp/abc", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 17, 
    "state": "directory", 
    "uid": 1
}

递归修改验证

删除

复制代码
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/abc state=absent'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/tmp/abc", 
    "state": "absent"
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/tmp/abc", 
    "state": "absent"
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/tmp/abc", 
    "state": "absent"
}
​
# 验证
​
# 删除之前
[root@s1 ~]# ll /tmp/abc
总用量 0
-rwxrwxrwt. 1 bin daemon 0 8月  16 14:09 def
​
# 删除之后
[root@s1 ~]# ll /tmp/abc
ls: 无法访问/tmp/abc: 没有那个文件或目录

创建且指定权限的文件

复制代码
# 创建文件/tmp/aaa,修改属主为bin,属组为daemon,权限为777
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/aaa state=touch owner=bin group=daemon mode=1777'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/aaa", 
    "gid": 2, 
    "group": "daemon", 
    "mode": "01777", 
    "owner": "bin", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 1
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/aaa", 
    "gid": 2, 
    "group": "daemon", 
    "mode": "01777", 
    "owner": "bin", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 1
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/aaa", 
    "gid": 2, 
    "group": "daemon", 
    "mode": "01777", 
    "owner": "bin", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 1
}
​
​
[root@s1 ~]# ls -l /tmp/
总用量 4
-rwxrwxrwt. 1 bin  daemon   0 8月  16 14:23 aaa
​

删除文件

复制代码
# 删除属主为bin,属组为daemon,权限为777且在/tmp/下文件名为aaa的文件
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/aaa state=absent owner=bin group=daemon mode=1777'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/tmp/aaa", 
    "state": "absent"
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/tmp/aaa", 
    "state": "absent"
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/tmp/aaa", 
    "state": "absent"
}
​
​
[root@s1 ~]# ls -l /tmp/aaa
ls: 无法访问/tmp/aaa: 没有那个文件或目录

创建mysql-files文件,并修改权限

复制代码
[root@m0 ~]# ansible group02 -m file -a 'path=/usr/local/mysql/mysql-files state=directory owner=mysql group=mysql mode=750'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 995, 
    "group": "mysql", 
    "mode": "0750", 
    "owner": "mysql", 
    "path": "/usr/local/mysql/mysql-files", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 997
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 995, 
    "group": "mysql", 
    "mode": "0750", 
    "owner": "mysql", 
    "path": "/usr/local/mysql/mysql-files", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 997
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 995, 
    "group": "mysql", 
    "mode": "0750", 
    "owner": "mysql", 
    "path": "/usr/local/mysql/mysql-files", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 997
}
​
# 验证
[root@ab ~]# ll /usr/local/mysql/
总用量 0
drwxr-x---. 2 mysql mysql 6 8月  16 21:38 mysql-files

创建软连接(软连接指向硬链接)

复制代码
# 创建软连接(软连接指向硬链接)
[root@m0 ~]# ansible group02 -m file -a 'src=/etc/fstab path=/tmp/xxx state=link'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/xxx", 
    "gid": 0, 
    "group": "root", 
    "mode": "0777", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 10, 
    "src": "/etc/fstab", 
    "state": "link", 
    "uid": 0
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/xxx", 
    "gid": 0, 
    "group": "root", 
    "mode": "0777", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 10, 
    "src": "/etc/fstab", 
    "state": "link", 
    "uid": 0
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/xxx", 
    "gid": 0, 
    "group": "root", 
    "mode": "0777", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 10, 
    "src": "/etc/fstab", 
    "state": "link", 
    "uid": 0
}
​
​
[root@s1 ~]# ll /tmp/
总用量 8
-rwx------. 1 root root 836 8月   7 00:25 ks-script-pjA4To
drwx------. 3 root root  17 8月  16 10:25 systemd-private-bbe4eb529aa243da930a7edebcedf30b-chronyd.service-Er6p6N
drwx------. 3 root root  17 8月   6 17:35 systemd-private-f93e9a7cc83a4e6ba1ea5a4ff1abcdc2-chronyd.service-2U7zsa
drwx------. 2 root root   6 8月   7 00:25 vmware-root
lrwxrwxrwx. 1 root root  10 8月  16 14:32 xxx -> /etc/fstab
​

创建硬链接(指向文件)

复制代码
# 硬链接(指向文件)
[root@m0 ~]# ansible group02 -m file -a 'src=/etc/fstab path=/tmp/xxx2 state=hard'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/xxx2", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:etc_t:s0", 
    "size": 502, 
    "src": "/etc/fstab", 
    "state": "hard", 
    "uid": 0
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/xxx2", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:etc_t:s0", 
    "size": 502, 
    "src": "/etc/fstab", 
    "state": "hard", 
    "uid": 0
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/xxx2", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:etc_t:s0", 
    "size": 502, 
    "src": "/etc/fstab", 
    "state": "hard", 
    "uid": 0
}
​
​
[root@s1 ~]# ll /tmp/
总用量 8
-rwx------. 1 root root 836 8月   7 00:25 ks-script-pjA4To
drwx------. 3 root root  17 8月  16 10:25 systemd-private-bbe4eb529aa243da930a7edebcedf30b-chronyd.service-Er6p6N
drwx------. 3 root root  17 8月   6 17:35 systemd-private-f93e9a7cc83a4e6ba1ea5a4ff1abcdc2-chronyd.service-2U7zsa
drwx------. 2 root root   6 8月   7 00:25 vmware-root
lrwxrwxrwx. 1 root root  10 8月  16 14:32 xxx -> /etc/fstab
-rw-r--r--. 2 root root 502 8月   6 16:33 xxx2
-rw-------. 1 root root   0 8月   7 00:21 yum.log

小结

复制代码
ansible group02 -m file 'path= state= recurse= src= owner= group= mode'
# path 文件的地址
# state 方法
 # directory 创建目录
 # touch 创建文件
 # absent 删除文件
 # link 创建软连接
 # hard 创建硬链接
# recurse 是否允许递归操作
# src 文件源

4.stat模块

查看信息

复制代码
[root@m0 ~]# ansible group02 -m stat -a 'path=/etc/fstab'
192.168.2.111 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "stat": {
        "atime": 1723775545.4809103, 
        "attr_flags": "", 
        "attributes": [], 
        "block_size": 4096, 
        "blocks": 8, 
        "charset": "us-ascii", 
        "checksum": "20fcca9572fbd2d112b32e6446e42070695ce511", 
        "ctime": 1723790032.7200139, 
        "dev": 64768, 
        "device_type": 0, 
        "executable": false, 
        "exists": true, 
        "gid": 0, 
        "gr_name": "root", 
        "inode": 17258899, 
        "isblk": false, 
        "ischr": false, 
        "isdir": false, 
        "isfifo": false, 
        "isgid": false, 
        "islnk": false, 
        "isreg": true, 
        "issock": false, 
        "isuid": false, 
        "mimetype": "text/plain", 
        "mode": "0644", 
        "mtime": 1722933190.7942092, 
        "nlink": 2, 
        "path": "/etc/fstab", 
        "pw_name": "root", 
        "readable": true, 
        "rgrp": true, 
        "roth": true, 
        "rusr": true, 
        "size": 502, 
        "uid": 0, 
        "version": "18446744072287068007", 
        "wgrp": false, 
        "woth": false, 
        "writeable": true, 
        "wusr": true, 
        "xgrp": false, 
        "xoth": false, 
        "xusr": false
    }
}
192.168.2.110 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "stat": {
        "atime": 1723775466.468042, 
        "attr_flags": "", 
        "attributes": [], 
        "block_size": 4096, 
        "blocks": 8, 
        "charset": "us-ascii", 
        "checksum": "20fcca9572fbd2d112b32e6446e42070695ce511", 
        "ctime": 1723790032.71537, 
        "dev": 64768, 
        "device_type": 0, 
        "executable": false, 
        "exists": true, 
        "gid": 0, 
        "gr_name": "root", 
        "inode": 17258899, 
        "isblk": false, 
        "ischr": false, 
        "isdir": false, 
        "isfifo": false, 
        "isgid": false, 
        "islnk": false, 
        "isreg": true, 
        "issock": false, 
        "isuid": false, 
        "mimetype": "text/plain", 
        "mode": "0644", 
        "mtime": 1722933190.7942092, 
        "nlink": 2, 
        "path": "/etc/fstab", 
        "pw_name": "root", 
        "readable": true, 
        "rgrp": true, 
        "roth": true, 
        "rusr": true, 
        "size": 502, 
        "uid": 0, 
        "version": "18446744072287068007", 
        "wgrp": false, 
        "woth": false, 
        "writeable": true, 
        "wusr": true, 
        "xgrp": false, 
        "xoth": false, 
        "xusr": false
    }
}
other | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "stat": {
        "atime": 1723775623.031594, 
        "attr_flags": "", 
        "attributes": [], 
        "block_size": 4096, 
        "blocks": 8, 
        "charset": "us-ascii", 
        "checksum": "20fcca9572fbd2d112b32e6446e42070695ce511", 
        "ctime": 1723790032.729416, 
        "dev": 64768, 
        "device_type": 0, 
        "executable": false, 
        "exists": true, 
        "gid": 0, 
        "gr_name": "root", 
        "inode": 17258899, 
        "isblk": false, 
        "ischr": false, 
        "isdir": false, 
        "isfifo": false, 
        "isgid": false, 
        "islnk": false, 
        "isreg": true, 
        "issock": false, 
        "isuid": false, 
        "mimetype": "text/plain", 
        "mode": "0644", 
        "mtime": 1722933190.7942092, 
        "nlink": 2, 
        "path": "/etc/fstab", 
        "pw_name": "root", 
        "readable": true, 
        "rgrp": true, 
        "roth": true, 
        "rusr": true, 
        "size": 502, 
        "uid": 0, 
        "version": "18446744072287068007", 
        "wgrp": false, 
        "woth": false, 
        "writeable": true, 
        "wusr": true, 
        "xgrp": false, 
        "xoth": false, 
        "xusr": false
    }
}

5.copy模块(重点)

复制代码
[root@m0 ~]# ls
anaconda-ks.cfg  mysql-5.7.44-linux-glibc2.12-x86_64.tar.gz
[root@m0 ~]# mv mysql-5.7.44-linux-glibc2.12-x86_64.tar.gz mysql57.tar.gz
[root@m0 ~]# ls
anaconda-ks.cfg  mysql57.tar.gz
​
# 把mysql57.tar.gz传到group02组中的主机中
[root@m0 ~]# ansible group02 -m copy -a 'src=./mysql57.tar.gz dest=~'
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "ca7c056f43922133ac4bfa788849172ff124ce47", 
    "dest": "/root/mysql57.tar.gz", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "d7c8436bbf456e9a4398011a0c52bc40", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 694785800, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723791895.72-3029-205251780527035/source", 
    "state": "file", 
    "uid": 0
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "ca7c056f43922133ac4bfa788849172ff124ce47", 
    "dest": "/root/mysql57.tar.gz", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "d7c8436bbf456e9a4398011a0c52bc40", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 694785800, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723791895.62-3027-254129236082512/source", 
    "state": "file", 
    "uid": 0
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "ca7c056f43922133ac4bfa788849172ff124ce47", 
    "dest": "/root/mysql57.tar.gz", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "d7c8436bbf456e9a4398011a0c52bc40", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 694785800, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723791895.71-3026-134059210870560/source", 
    "state": "file", 
    "uid": 0
}
​
# 验证
[root@s0 ~]# ls
aaa  anaconda-ks.cfg  mysql57.tar.gz
[root@s1 ~]# ls
aaa  anaconda-ks.cfg  mysql57.tar.gz
[root@s2 ~]# ls
aaa  anaconda-ks.cfg  mysql57.tar.gz

练习:

创建一个100M的文件,然后同步到110,111,112主机上

复制代码
[root@m0 ~]# dd if="/dev/zero" of="tst" bs=100M count=1
记录了1+0 的读入
记录了1+0 的写出
104857600字节(105 MB)已复制,0.113386 秒,925 MB/秒
[root@m0 ~]# ansible group02 -m copy -a 'src=./tst dest=~'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "2f282b84e7e608d5852449ed940bfc51", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 104857600, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723792459.28-3139-31521072234907/source", 
    "state": "file", 
    "uid": 0
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "2f282b84e7e608d5852449ed940bfc51", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 104857600, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723792459.26-3138-81656713137079/source", 
    "state": "file", 
    "uid": 0
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "2f282b84e7e608d5852449ed940bfc51", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 104857600, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723792459.29-3140-152165473863162/source", 
    "state": "file", 
    "uid": 0
}
​
[root@s0 ~]# ls
aaa  anaconda-ks.cfg  mysql57.tar.gz  tst
[root@s1 ~]# ls
aaa  anaconda-ks.cfg  mysql57.tar.gz  tst
[root@s2 ~]# ls
aaa  anaconda-ks.cfg  mysql57.tar.gz  tst
​

给文件写入内容

给tst文件写入wo shi haha ,并且同步到110,111,112主机上

复制代码
[root@m0 ~]# ansible group02 -m copy -a 'content="wo shi haha" dest=~/tst'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "965c5185c9bb99125bfa8c7162dcf4b738f10a77", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "3ee4b712d8af9f792d318c9f0a836759", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 11, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723792694.7-3249-240792052218088/source", 
    "state": "file", 
    "uid": 0
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "965c5185c9bb99125bfa8c7162dcf4b738f10a77", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "3ee4b712d8af9f792d318c9f0a836759", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 11, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723792694.71-3248-228412683621377/source", 
    "state": "file", 
    "uid": 0
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "965c5185c9bb99125bfa8c7162dcf4b738f10a77", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "3ee4b712d8af9f792d318c9f0a836759", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 11, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723792694.76-3250-198245487172331/source", 
    "state": "file", 
    "uid": 0
}
​
[root@s0 ~]# cat tst
wo shi haha
[root@s1 ~]# cat tst
wo shi haha

force=no(不覆盖)

如果ansible将创建文件的命令发布到110,111,112主机上时,这三台主机有这个文件,force=no,就不会覆盖这三台主机上的原来的文件

复制代码
[root@m0 ~]# ansible group02 -m copy -a 'src=./tst dest=~ force=no'
192.168.2.110 | SUCCESS => {
    "changed": false, 
    "dest": "/root", 
    "src": "/root/./tst"
}
192.168.2.111 | SUCCESS => {
    "changed": false, 
    "dest": "/root", 
    "src": "/root/./tst"
}
other | SUCCESS => {
    "changed": false, 
    "dest": "/root", 
    "src": "/root/./tst"
}
​
# 验证
​
# 执行之前
[root@s0 ~]# ls -lh 
总用量 663M
-rwxrwxrwt. 1 bin  daemon    0 8月  16 14:22 aaa
-rw-------. 1 root root   1.3K 8月   7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root   663M 8月  16 15:06 mysql57.tar.gz
-rw-r--r--. 1 root root     11 8月  16 15:18 tst
​
# 执行之后
[root@s0 ~]# ls -lh 
总用量 663M
-rwxrwxrwt. 1 bin  daemon    0 8月  16 14:22 aaa
-rw-------. 1 root root   1.3K 8月   7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root   663M 8月  16 15:06 mysql57.tar.gz
-rw-r--r--. 1 root root     11 8月  16 15:18 tst
​

force=yes(覆盖)

force=yes,就会覆盖掉这三台主机上原来存在的tst文件

复制代码
[root@m0 ~]# ansible group02 -m copy -a 'src=./tst dest=~ force=yes'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "2f282b84e7e608d5852449ed940bfc51", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 104857600, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723798717.23-3585-21726739880805/source", 
    "state": "file", 
    "uid": 0
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "2f282b84e7e608d5852449ed940bfc51", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 104857600, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723798717.23-3584-128328247495760/source", 
    "state": "file", 
    "uid": 0
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "2f282b84e7e608d5852449ed940bfc51", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 104857600, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723798717.23-3586-43347575088517/source", 
    "state": "file", 
    "uid": 0
}
​
# 验证
​
# 改之前
[root@s0 ~]# ls -lh 
总用量 663M
-rwxrwxrwt. 1 bin  daemon    0 8月  16 14:22 aaa
-rw-------. 1 root root   1.3K 8月   7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root   663M 8月  16 15:06 mysql57.tar.gz
-rw-r--r--. 1 root root     11 8月  16 15:18 tst
​
# 改之后
[root@s0 ~]# ls -lh 
总用量 763M
-rwxrwxrwt. 1 bin  daemon    0 8月  16 14:22 aaa
-rw-------. 1 root root   1.3K 8月   7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root   663M 8月  16 15:06 mysql57.tar.gz
-rw-r--r--. 1 root root   100M 8月  16 16:58 tst

backup=yes(备份)

1.删除tst文件

复制代码
# 删除tst文件
​
[root@m0 ~]# ansible group02 -m file  -a 'path=./tst  state=absent backup=yes owner=bin group=daemon mode=1777'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "./tst", 
    "state": "absent"
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "./tst", 
    "state": "absent"
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "./tst", 
    "state": "absent"
}
​
# 验证
# 删除之前
[root@s0 ~]# ls -lh 
总用量 763M
-rwxrwxrwt. 1 bin  daemon    0 8月  16 14:22 aaa
-rw-------. 1 root root   1.3K 8月   7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root   663M 8月  16 15:06 mysql57.tar.gz
-rwxrwxrwt. 1 bin  daemon 100M 8月  16 16:58 tst
​
# 删除之后
[root@s0 ~]# ls -lh 
总用量 663M
-rwxrwxrwt. 1 bin  daemon    0 8月  16 14:22 aaa
-rw-------. 1 root root   1.3K 8月   7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root   663M 8月  16 15:06 mysql57.tar.gz

2.创建文件/tmp/a.txt

复制代码
# 创建文件/tmp/a.txt
​
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/a.txt state=touch'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/a.txt", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/a.txt", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/a.txt", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
# 验证
[root@s0 ~]# ls /tmp/
a.txt
[root@s1 ~]# ls /tmp/
a.txt

3.进行备份

复制代码
# 给原来的/tmp/a.txt进行备份(a.txt.4331.2024-08-16@17:23:26~),将新的内容(/etc/fstab)复制到a.txt中,并且修改了权限,属主和属组
​
[root@m0 ~]# ansible group02 -m copy -a 'src=/etc/fstab dest=/tmp/a.txt backup=yes owner=bin group=daemon mode=1777'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup_file": "/tmp/a.txt.4331.2024-08-16@17:23:26~", 
    "changed": true, 
    "checksum": "20fcca9572fbd2d112b32e6446e42070695ce511", 
    "dest": "/tmp/a.txt", 
    "gid": 2, 
    "group": "daemon", 
    "md5sum": "a7adf78e321c6b78f8576849db9a5e73", 
    "mode": "01777", 
    "owner": "bin", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 502, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723800205.98-4148-210811390920713/source", 
    "state": "file", 
    "uid": 1
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup_file": "/tmp/a.txt.4258.2024-08-16@17:23:26~", 
    "changed": true, 
    "checksum": "20fcca9572fbd2d112b32e6446e42070695ce511", 
    "dest": "/tmp/a.txt", 
    "gid": 2, 
    "group": "daemon", 
    "md5sum": "a7adf78e321c6b78f8576849db9a5e73", 
    "mode": "01777", 
    "owner": "bin", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 502, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723800206.01-4149-123087950411073/source", 
    "state": "file", 
    "uid": 1
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup_file": "/tmp/a.txt.4103.2024-08-16@17:23:26~", 
    "changed": true, 
    "checksum": "20fcca9572fbd2d112b32e6446e42070695ce511", 
    "dest": "/tmp/a.txt", 
    "gid": 2, 
    "group": "daemon", 
    "md5sum": "a7adf78e321c6b78f8576849db9a5e73", 
    "mode": "01777", 
    "owner": "bin", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 502, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723800206.04-4151-203739831332220/source", 
    "state": "file", 
    "uid": 1
}
​
# 验证
[root@s0 ~]# ls /tmp/
a.txt
a.txt.4331.2024-08-16@17:23:26~
[root@s0 ~]# cat /tmp/a.txt
​
#
# /etc/fstab
# Created by anaconda on Wed Aug  7 00:21:24 2024
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root /                       xfs     defaults        0 0
UUID=ee7d9803-5773-4f48-acdc-7b7344699e0d /boot                   xfs     defaults        0 0
/dev/mapper/centos-swap swap                    swap    defaults        0 0
/dev/cdrom /mnt iso9660 defaults 0 0
​
# 创建的a.txt文件没有添加内容
[root@s0 ~]# cat /tmp/a.txt.4331.2024-08-16@17\:23\:26~ 

backup参数小结:

使用backup参数控制是否备份文件

backup=yes表示如果拷贝的文件内容与原内容不一样,则会备份一份/tmp/3333(备份文件名加上时间)文件,再拷贝新的文件/tmp/333

复制代码
master# ansible group01 -m  copy -a 'src=/etc/fstab dest=/tmp/333 backup=yes owner=daemon group=daemon'

6.fetch模块

复制代码
# 回收110,111,112主机上的内容
​
# 回收110,111,112主机上的网卡信息,将信息放到本机的tmp/目录下
ansible group02 -m fetch -a 'src=/etc/sysconfig/network-scripts/ifcfg-ens33 dest=/tmp'

7.user模块

创建用户

创一个名为aaaa的用户,并且将这个任务发布到110,111,112主机上

复制代码
[root@m0 ~]# ansible group02 -m user -a 'name=aaaa state=present'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 1000, 
    "home": "/home/aaaa", 
    "name": "aaaa", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 1000
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 1000, 
    "home": "/home/aaaa", 
    "name": "aaaa", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 1000
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 1000, 
    "home": "/home/aaaa", 
    "name": "aaaa", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 1000
}
# 验证
[root@ab ~]# grep aaaa /etc/passwd
aaaa:x:1000:1000::/home/aaaa:/bin/bash

创建名为mysql的用户

复制代码
[root@m0 ~]# ansible group02 -m user -a 'name=mysql state=present system=yes shell="/sbin/nologin"'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 995, 
    "home": "/home/mysql", 
    "name": "mysql", 
    "shell": "/sbin/nologin", 
    "state": "present", 
    "system": true, 
    "uid": 997
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 995, 
    "home": "/home/mysql", 
    "name": "mysql", 
    "shell": "/sbin/nologin", 
    "state": "present", 
    "system": true, 
    "uid": 997
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 995, 
    "home": "/home/mysql", 
    "name": "mysql", 
    "shell": "/sbin/nologin", 
    "state": "present", 
    "system": true, 
    "uid": 997
}
# 验证
[root@ab ~]# grep mysql /etc/passwd
mysql:x:997:995::/home/mysql:/sbin/nologin

在用户mysql创建一个mysql-files并且权限为750的文件

复制代码
[root@m0 ~]# ansible group02 -m file -a 'path=/usr/local/mysql/mysql-files state=directory owner=mysql group=mysql mode=750'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 995, 
    "group": "mysql", 
    "mode": "0750", 
    "owner": "mysql", 
    "path": "/usr/local/mysql/mysql-files", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 997
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 995, 
    "group": "mysql", 
    "mode": "0750", 
    "owner": "mysql", 
    "path": "/usr/local/mysql/mysql-files", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 997
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 995, 
    "group": "mysql", 
    "mode": "0750", 
    "owner": "mysql", 
    "path": "/usr/local/mysql/mysql-files", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 997
}
​
# 验证
[root@ab ~]# ll /usr/local/mysql/
总用量 0
drwxr-x---. 2 mysql mysql 6 8月  16 21:38 mysql-files

传用户的时候传用户的密码

1.在m0上创建一个带密码的用户

复制代码
[root@m0 ~]# useradd abc
[root@m0 ~]# echo "abc"|passwd --stdin abc
更改用户 abc 的密码 。
passwd:所有的身份验证令牌已经成功更新。

2.传用户和密码

复制代码
[root@m0 ~]# ansible group02 -m user -a 'name=abc state=present uid=1999 password=abc'
[WARNING]: The input password appears not to have been hashed. The 'password'
argument must be encrypted for this module to work properly.
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 1999, 
    "home": "/home/********", 
    "name": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", 
    "password": "NOT_LOGGING_PASSWORD", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 1999
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 1999, 
    "home": "/home/********", 
    "name": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", 
    "password": "NOT_LOGGING_PASSWORD", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 1999
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "append": false, 
    "changed": true, 
    "comment": "", 
    "group": 1001, 
    "home": "/home/********", 
    "move_home": false, 
    "name": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", 
    "password": "NOT_LOGGING_PASSWORD", 
    "shell": "/bin/bash", 
    "state": "present", 
    "uid": 1999
}
​
# 验证
[root@ab ~]# grep abc /etc/passwd
abc:x:1999:1999::/home/abc:/bin/bash

生成随机密码

复制代码
[root@m0 ~]# echo 123456 | openssl passwd -1 -stdin
$1$Erd.NZdm$mAQtHJ60GLd6r0aAHQrlp0
[root@m0 ~]# echo 123456 | openssl passwd -1 -stdin
$1$SDbhjmBG$LI3FAKVFPpuoyk2Xvk8Sm/

创建一个普通用户叫hadoop,并产生空密码密钥对

复制代码
[root@m0 ~]# ansible group02 -m user -a 'name=hadoop generate_ssh_key=yes'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 2000, 
    "home": "/home/hadoop", 
    "name": "hadoop", 
    "shell": "/bin/bash", 
    "ssh_fingerprint": "2048 SHA256:Td4nLMeG7EnRVFiPo3aVNQ6ng3sDsSLnDza2/JGEPUs ansible-generated on ab.haha (RSA)", 
    "ssh_key_file": "/home/hadoop/.ssh/id_rsa", 
    "ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6886Gpqr9+U9owjy+1khihyhuQyRj0mLfGa3Aw84CCBplGL3F997suKVB5iL0fFBEn9AcpBRxMu7OAniRoPHNSas0zynL+D8Rm7Fr3CdpSI9FR2hYUW3/sAaBbT1Rhbdy86+/QB7KjcfwhleIK7yUnLa5Ymz0h11Iyk5co3As7ZMvTJrJzmkv90nIRU2gCo6D6sAsGYlIiF2QDDHgx8Q9cIKN/dRcnp5FK1CkTkwY2rDed0KAYLEtP8pn1ydB1HymbujypZpi4EBH5OTOEllZWfCAC8hdDskn5A9EzGe7enylYNS8hKWBxxUUQq1Ck7Jx8+fhA1IfbYT6lXiPk14p ansible-generated on ab.haha", 
    "state": "present", 
    "system": false, 
    "uid": 2000
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 2000, 
    "home": "/home/hadoop", 
    "name": "hadoop", 
    "shell": "/bin/bash", 
    "ssh_fingerprint": "2048 SHA256:SUbtRxZoEL8EbRV8U7hWXN31ltuYHt0XWa5u3EnPCxo ansible-generated on ab.haha (RSA)", 
    "ssh_key_file": "/home/hadoop/.ssh/id_rsa", 
    "ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2MSfgn9wn0tYU/rAbmckbDrcw9WGTuO1WwmIIAymsAMKioXRZQFNIvpIwWzpBnlypuS/6AJZlOGlJFkQB3oAZYs+cP1vVg8iRRuyPfZqxLQ2Hkc3cT6ouquP+NKl9x4WieQVA7CitmtuthnLXvTSxvXHIvOKPt4yB2J5TA5K9p9uwes8fI02TMmpz963n1AaWw9+iObmhbxUndegJ6bM2U8Cjh5Itl5iQDLXddfhxNLtPD+ny3zpUvA3UDwOHHfhSHS+Ue4q3LOEnr3TXDzrpUYpxJTy8JBevAVVgJF6qV4HlCKceerJDorKPHMWuKNEx2QJiJvNQjCRkiuVNQ27p ansible-generated on ab.haha", 
    "state": "present", 
    "system": false, 
    "uid": 2000
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 2000, 
    "home": "/home/hadoop", 
    "name": "hadoop", 
    "shell": "/bin/bash", 
    "ssh_fingerprint": "2048 SHA256:l4xaMylvcQTjpNL8ZcpV0KXmIqG5dnyGOHJFmi5DbeM ansible-generated on ab.haha (RSA)", 
    "ssh_key_file": "/home/hadoop/.ssh/id_rsa", 
    "ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGr80DmhnTzVeB8bmEOx9ERsTw/xUUJYI+/IJWl0jq7wgUa5QkwOhAwsX9ITFfab8+NxxvDu38iEId9nd+Y+z2CZsdc37oR0m8exZBUBKPyYyLhVIlqmg+DEMMKZALE0an4W5dbKgjmDt62azSm/1ye1Z7XRjyHyvbRfjijcNXvdlvPOl2VvjWp8YLPwEp2+HcoemdzD1pOxNouhqiN25tbX9B+jYXKe9VuH0KMKkjdiBGxYlN/fJNVaIOt+GL6qnQjlcGD/yDtlqDM7oZlZ/Q5HzEmvOkENUAXP1BhU8VZQds4KrzQ9xOTIvD24w22R9X7ZbDN2FIiKAqHKTcWCWX ansible-generated on ab.haha", 
    "state": "present", 
    "system": false, 
    "uid": 2000
}
​
# 验证
[root@ab ~]# grep hadoop /etc/passwd
hadoop:x:2000:2000::/home/hadoop:/bin/bash
​
[root@ab ~]# ls ./.ssh/
authorized_keys
[root@ab ~]# cat ./.ssh/authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDrLUA6COFlt/DTnmdEpK8Ho2xvUmVMNBRY5SZDiqDpokxOjwNrfU5eubCn6ibAoGNEdUgdlbpkwEXbsm+Ldh/DfecyZ9EZUX0Oa6fuKSOBswyieZ5KZ+EkeTJQWUFLZIGJduG0Z+xfR8LJHGXe9zD03W/aHbDwA+1mU17IZGKTS+04twYC/M7gEoEpwQpsJz1v9EuYBD2tf4VAF/BfiI+koM6AR5xhVQmaOwse97YEPcC7YVq4ECTx8dqjcmVT0BCg4UDkMYtKEetSUP4439mZOLgz/uW3GNigZqrnxXLVp+L8MQYCjGi07ARu7nJlMC32jyOOCAH0Eb/NJIQomZOL root@m0

删除用户

不会删除用户的家目录

复制代码
# 删除用户hadoop
​
[root@m0 ~]# ansible group02 -m user -a 'name=hadoop state=absent'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "force": false, 
    "name": "hadoop", 
    "remove": false, 
    "state": "absent"
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "force": false, 
    "name": "hadoop", 
    "remove": false, 
    "state": "absent"
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "force": false, 
    "name": "hadoop", 
    "remove": false, 
    "state": "absent"
}
​
# 验证
[root@ab ~]# grep hadoop /etc/passwd
hadoop:x:2000:2000::/home/hadoop:/bin/bash
​
[root@ab ~]# grep hadoop /etc/passwd
​
# 删除hadoop,家目录默认没有删除
[root@ab ~]# ls /home
aaaa  abc  hadoop  mysql

删除bbb 用户,家目录也被删除

使用remove=yes参数让其删除用户的同时也删除家目录

复制代码
master# ansible group02 0m user -a 'name=bbb state=absent remove=yes'

8.cron模块

cron模块用于管理周期性任务时间

创建⼀个cron任务,不指定user的话,默认就是root

如果minute,hour,day,month,week不指定的话,默认都为*

创建计划任务

复制代码
[root@m0 ~]# ansible group02 -m cron -a 'name="test cron1" user=root job="touch /tmp/111" minute=*/2'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "test cron1"
    ]
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "test cron1"
    ]
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "test cron1"
    ]
}
​
# 验证
111主机:
[root@ab ~]# crontab -l
#Ansible: test cron1
*/2 * * * * touch /tmp/111
112主机
[root@ab ~]# crontab -l
#Ansible: test cron1
*/2 * * * * touch /tmp/111
110主机
[root@ab ~]# crontab -l
#Ansible: test cron1
*/2 * * * * touch /tmp/111

删除cron任务

复制代码
[root@m0 ~]# ansible group02 -m cron -a 'name="test cron1" state=absent'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": []
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": []
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": []
}
​
# 验证
​
# 删除之前
[root@ab ~]# crontab -l
#Ansible: test cron1
*/2 * * * * touch /tmp/111
​
# 删除之后
[root@ab ~]# crontab -l
[root@ab ~]# 
​

9.yum模块

复制代码
[root@m0 ~]# ansible group02  -m yum -a 'name=ntpdate state=present'
​
# 验证
111主机:
[root@ab ~]# yum list installed | grep ntpdate
ntpdate.x86_64                        4.2.6p5-29.el7.centos.2          @base    
112主机:
[root@ab ~]# yum list installed | grep ntpdate
ntpdate.x86_64                        4.2.6p5-29.el7.centos.2          @base    
110主机:
[root@ab ~]# yum list installed | grep ntpdate
ntpdate.x86_64                        4.2.6p5-29.el7.centos.2          @base    

cron模块:创建时间计划任务

复制代码
# 写一个同步时间的计划任务发布到 110,111,112主机
[root@m0 ~]# ansible group02 -m cron -a 'name="abc" user=root job="/usr/sbin/ntpdate cn.ntp.org.cn" hour=2'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "abc"
    ]
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "abc"
    ]
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "abc"
    ]
}
​
​
# 验证
110主机:
[root@ab ~]# crontab -l
#Ansible: abc
* 2 * * * /usr/sbin/ntpdate cn.ntp.org.cn
111主机:
[root@ab ~]# crontab -l
#Ansible: abc
* 2 * * * /usr/sbin/ntpdate cn.ntp.org.cn
112主机:
[root@ab ~]# crontab -l
#Ansible: abc
* 2 * * * /usr/sbin/ntpdate cn.ntp.org.cn

10.service模块

复制代码
# 关闭防火墙(将任务发布到110,111,112主机上)
[root@m0 ~]# ansible group02 -m service -a 'name=firewalld state=stopped enabled=false'
​
# 验证
[root@ab ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:firewalld(1)
​
8月 16 10:25:18 localhost.localdomain systemd[1]: Starting firewalld - dynamic ....
8月 16 10:25:19 localhost.localdomain systemd[1]: Started firewalld - dynamic f....
8月 16 10:30:57 s0 systemd[1]: Stopping firewalld - dynamic firewall daemon...
8月 16 10:30:58 s0 systemd[1]: Stopped firewalld - dynamic firewall daemon.
Hint: Some lines were ellipsized, use -l to show in full.

11.commend模块(执行命令)

将110,111,112主机关机

复制代码
[root@m0 ~]# ansible group02 -m command -a 'shutdown -h 0'
192.168.2.110 | FAILED | rc=-1 >>
Failed to connect to the host via ssh: ssh: connect to host 192.168.2.110 port 22: Connection refused
192.168.2.111 | FAILED | rc=-1 >>
Failed to connect to the host via ssh: ssh: connect to host 192.168.2.111 port 22: Connection refused
other | FAILED | rc=-1 >>
Failed to connect to the host via ssh: ssh: connect to host 192.168.2.112 port 22: Connection refused

验证:

相关推荐
小卓笔记2 小时前
keepalived应用
linux·服务器·数据库
Hurry64 小时前
Rocky Linux 9.x 基于 kubeadm部署k8s 1.32
linux·运维·kubernetes
极客代码4 小时前
Unix 域套接字(本地套接字)
linux·c语言·开发语言·unix·socket·unix域套接字·本地套接字
zxnbmk4 小时前
ansible速查手册
linux·服务器·ansible
巷子里的童年ya5 小时前
Ansible模块
linux·centos·ansible
阿正的梦工坊5 小时前
Linux 命令:按内存使用大小排序查看 PID 的完全指南
linux·运维·服务器
神秘的土鸡5 小时前
Centos搭建Tomcat服务器:我的实战经验分享(成功版本 详细!)
linux·开发语言·python·tomcat·web
IT小饕餮5 小时前
linux 基础网络配置文件
linux·服务器·网络
未来之窗软件服务6 小时前
lite_avatar 数字人命令行-安装故障解决
linux·运维·服务器·数字人
m0_694845576 小时前
什么是站群服务器?站群服务器应该怎么选?
linux·运维·服务器·云计算·github