8.16-ansible的应用

ansible

ansible是基于模块工作的,本身没有批量部署的能力。真正具有批量部署的是ansible所运行的模块,ansible只是提供一种框架。

格式

复制代码
ansible 主机ip|域名|组名|别名 -m ping|copy|... '参数'

1.ping模块

m0

复制代码
# 查看有没有安装epel
​
[root@m0 ~]# yum list installed|grep epel
epel-release.noarch                   7-11                             @extras  
​
# 安装ansible
​
[root@m0 ~]# yum -y install ansible
​
# 查看ansible的版本
​
[root@m0 ~]# ansible --version
ansible 2.9.27
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Apr 11 2018, 07:36:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
​
# 查找ansible的配置文件
​
[root@m0 ~]# find /etc/ -name "*ansible*"
/etc/ansible
/etc/ansible/ansible.cfg
​
# 设置免密
​
[root@m0 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:OvpbtUtLSVvtPtcexSHBThXhhzywDBB8pzGCbwqSoMk root@m0
The key's randomart image is:
+---[RSA 2048]----+
|       ooo. o..+o|
|.     . o +o.*o. |
|oo .   . o ==.+o.|
|oEo .   o .  o.oo|
|   . . oS o . . o|
|      .. o = .  .|
|      o . *   ...|
|     . o o o .. +|
|    ..o.  o   .+.|
+----[SHA256]-----+
[root@m0 ~]# ls ./.ssh/
id_rsa  id_rsa.pub
​
# 给s0和s1设置免密登录
​
[root@m0 ~]# ssh-copy-id -i 192.168.2.110(s0)
[root@m0 ~]# ssh-copy-id -i 192.168.2.111(s1)
[root@m0 ~]# vim /etc/ansible/hosts 
​
# 110和111都在m0上设置了免密登录
​
[group01] 
192.168.2.110
192.168.2.111
​
# 112主机没有设置免密登录
​
[group02]
192.168.2.110
192.168.2.111
192.168.2.112
复制代码
# ping 9igroup01的第一个ip
​
[root@m0 ~]# ansible 192.168.2.110 -m ping
192.168.2.110 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
​
# ping group01
​
[root@m0 ~]# ansible group01 -m ping
192.168.2.110 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
192.168.2.111 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
​
# ping group02(第三台没做免密,ping的时候会报错)
​
[root@m0 ~]# ansible group02 -m ping
The authenticity of host '192.168.2.112 (192.168.2.112)' can't be established.
ECDSA key fingerprint is SHA256:E2ARFFif/HyOpjlCgDRoPqYSl2OL4PwdcX1h9cPRJiY.
ECDSA key fingerprint is MD5:35:b0:cd:3b:e0:fa:10:4a:22:5e:94:aa:b7:5c:e2:79.
Are you sure you want to continue connecting (yes/no)? 192.168.2.110 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
192.168.2.111 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
yes
192.168.2.112 | UNREACHABLE! => {
    "changed": false, 
    "msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.2.112' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", 
    "unreachable": true
}
​
# 解决没做免密的ip报错
​
# 给没有设置免密登录的ip设置账号,密码
​
[root@m0 ~]# vim /etc/ansible/hosts 
other ansible_ssh_host=192.168.2.112 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass=1
​
[group02]
192.168.2.110
192.168.2.111
other
​
# 进行测试(不会报错)
​
[root@m0 ~]# ansible group02 -m ping
192.168.2.110 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
192.168.2.111 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
other | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
​
# 也可以单独ping other模块
​
[root@m0 ~]# ansible other -m ping
other | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}

小结

主机清单的作用:服务器分组

主机清单的常见功能:

1.可以通过IP范围来分,主机名名字的范围来分

2.如果ssh端口不是22的,可以传入新的端口

3.没有做免密登录,可以传密码

练习

不论你用到哪种环境(免密或者不免密,端口是否是22),请最终将两台被管理机器加入到group1组即可

复制代码
# 没有设置免密的话需要设置别名
web01 ansible_ssh_host=192.168.2.200 ansible_ssh_user=root ansible_ssh_pass=1 ansible_ssh_port=22
web01 ansible_ssh_host=192.168.2.201 ansible_ssh_user=root ansible_ssh_pass=1 ansible_ssh_port=22
[group1]
web01
web02

帮助手册

复制代码
# 查看ansible的用法
[root@m0 ~]# ansible-doc -l
​
# 查看ping在ansible中的用法
[root@m0 ~]# ansible-doc -l ping

2.hostname模块

复制代码
# 将group02组中主机的主机名都改成ab.haha
[root@m0 ~]# ansible group02 -m hostname -a 'name=ab.haha'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "ansible_domain": "haha", 
        "ansible_fqdn": "ab.haha", 
        "ansible_hostname": "ab", 
        "ansible_nodename": "ab.haha", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "ab.haha"
}
other | CHANGED => {
    "ansible_facts": {
        "ansible_domain": "haha", 
        "ansible_fqdn": "ab.haha", 
        "ansible_hostname": "ab", 
        "ansible_nodename": "ab.haha", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "ab.haha"
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "ansible_domain": "haha", 
        "ansible_fqdn": "ab.haha", 
        "ansible_hostname": "ab", 
        "ansible_nodename": "ab.haha", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "ab.haha"
}
​
# 验证
[root@s0 ~]# hostname
ab.haha
[root@s1 ~]# hostname
ab.haha
[root@s2 ~]# hostname
ab.haha

3.file模块

创建目录

复制代码
# 在group01组中的主机(包含other(没有设置免密的那台主机))中的/tmp/中创建abc文件
​
# -m 表示调用模块
​
# state=directory 表示当前的状态被设置为“目录”
​
[root@m0 ~]# ansible group01 -m file -a 'path=/tmp/abc state=directory'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/tmp/abc", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/tmp/abc", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/tmp/abc", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}
​
[root@s0 ~]# ls -l /tmp/
总用量 4
drwxr-xr-x. 2 root root   6 8月  16 11:43 abc
​
[root@s1 ~]# ls -l /tmp/
总用量 4
drwxr-xr-x. 2 root root   6 8月  16 11:43 abc
​
[root@s2 ~]# ls -l /tmp/
总用量 4
drwxr-xr-x. 2 root root   6 8月  16 11:43 abc

创建文件

复制代码
# 给group02组中的主机中的/tmp/abc/中创建def文件
​
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/abc/def state=touch'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/abc/def", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/abc/def", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/abc/def", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
[root@s1 ~]# ll /tmp/abc
总用量 0
-rwxrwxrwt. 1 bin daemon 0 8月  16 14:09 def

递归修改

复制代码
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/abc recurse=yes owner=bin group=daemon mode=1777'(属主,属组,权限)
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 2, 
    "group": "daemon", 
    "mode": "01777", 
    "owner": "bin", 
    "path": "/tmp/abc", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 17, 
    "state": "directory", 
    "uid": 1
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 2, 
    "group": "daemon", 
    "mode": "01777", 
    "owner": "bin", 
    "path": "/tmp/abc", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 17, 
    "state": "directory", 
    "uid": 1
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 2, 
    "group": "daemon", 
    "mode": "01777", 
    "owner": "bin", 
    "path": "/tmp/abc", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 17, 
    "state": "directory", 
    "uid": 1
}

递归修改验证

删除

复制代码
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/abc state=absent'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/tmp/abc", 
    "state": "absent"
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/tmp/abc", 
    "state": "absent"
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/tmp/abc", 
    "state": "absent"
}
​
# 验证
​
# 删除之前
[root@s1 ~]# ll /tmp/abc
总用量 0
-rwxrwxrwt. 1 bin daemon 0 8月  16 14:09 def
​
# 删除之后
[root@s1 ~]# ll /tmp/abc
ls: 无法访问/tmp/abc: 没有那个文件或目录

创建且指定权限的文件

复制代码
# 创建文件/tmp/aaa,修改属主为bin,属组为daemon,权限为777
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/aaa state=touch owner=bin group=daemon mode=1777'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/aaa", 
    "gid": 2, 
    "group": "daemon", 
    "mode": "01777", 
    "owner": "bin", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 1
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/aaa", 
    "gid": 2, 
    "group": "daemon", 
    "mode": "01777", 
    "owner": "bin", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 1
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/aaa", 
    "gid": 2, 
    "group": "daemon", 
    "mode": "01777", 
    "owner": "bin", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 1
}
​
​
[root@s1 ~]# ls -l /tmp/
总用量 4
-rwxrwxrwt. 1 bin  daemon   0 8月  16 14:23 aaa
​

删除文件

复制代码
# 删除属主为bin,属组为daemon,权限为777且在/tmp/下文件名为aaa的文件
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/aaa state=absent owner=bin group=daemon mode=1777'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/tmp/aaa", 
    "state": "absent"
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/tmp/aaa", 
    "state": "absent"
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/tmp/aaa", 
    "state": "absent"
}
​
​
[root@s1 ~]# ls -l /tmp/aaa
ls: 无法访问/tmp/aaa: 没有那个文件或目录

创建mysql-files文件,并修改权限

复制代码
[root@m0 ~]# ansible group02 -m file -a 'path=/usr/local/mysql/mysql-files state=directory owner=mysql group=mysql mode=750'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 995, 
    "group": "mysql", 
    "mode": "0750", 
    "owner": "mysql", 
    "path": "/usr/local/mysql/mysql-files", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 997
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 995, 
    "group": "mysql", 
    "mode": "0750", 
    "owner": "mysql", 
    "path": "/usr/local/mysql/mysql-files", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 997
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 995, 
    "group": "mysql", 
    "mode": "0750", 
    "owner": "mysql", 
    "path": "/usr/local/mysql/mysql-files", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 997
}
​
# 验证
[root@ab ~]# ll /usr/local/mysql/
总用量 0
drwxr-x---. 2 mysql mysql 6 8月  16 21:38 mysql-files

创建软连接(软连接指向硬链接)

复制代码
# 创建软连接(软连接指向硬链接)
[root@m0 ~]# ansible group02 -m file -a 'src=/etc/fstab path=/tmp/xxx state=link'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/xxx", 
    "gid": 0, 
    "group": "root", 
    "mode": "0777", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 10, 
    "src": "/etc/fstab", 
    "state": "link", 
    "uid": 0
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/xxx", 
    "gid": 0, 
    "group": "root", 
    "mode": "0777", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 10, 
    "src": "/etc/fstab", 
    "state": "link", 
    "uid": 0
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/xxx", 
    "gid": 0, 
    "group": "root", 
    "mode": "0777", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 10, 
    "src": "/etc/fstab", 
    "state": "link", 
    "uid": 0
}
​
​
[root@s1 ~]# ll /tmp/
总用量 8
-rwx------. 1 root root 836 8月   7 00:25 ks-script-pjA4To
drwx------. 3 root root  17 8月  16 10:25 systemd-private-bbe4eb529aa243da930a7edebcedf30b-chronyd.service-Er6p6N
drwx------. 3 root root  17 8月   6 17:35 systemd-private-f93e9a7cc83a4e6ba1ea5a4ff1abcdc2-chronyd.service-2U7zsa
drwx------. 2 root root   6 8月   7 00:25 vmware-root
lrwxrwxrwx. 1 root root  10 8月  16 14:32 xxx -> /etc/fstab
​

创建硬链接(指向文件)

复制代码
# 硬链接(指向文件)
[root@m0 ~]# ansible group02 -m file -a 'src=/etc/fstab path=/tmp/xxx2 state=hard'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/xxx2", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:etc_t:s0", 
    "size": 502, 
    "src": "/etc/fstab", 
    "state": "hard", 
    "uid": 0
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/xxx2", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:etc_t:s0", 
    "size": 502, 
    "src": "/etc/fstab", 
    "state": "hard", 
    "uid": 0
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/xxx2", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:etc_t:s0", 
    "size": 502, 
    "src": "/etc/fstab", 
    "state": "hard", 
    "uid": 0
}
​
​
[root@s1 ~]# ll /tmp/
总用量 8
-rwx------. 1 root root 836 8月   7 00:25 ks-script-pjA4To
drwx------. 3 root root  17 8月  16 10:25 systemd-private-bbe4eb529aa243da930a7edebcedf30b-chronyd.service-Er6p6N
drwx------. 3 root root  17 8月   6 17:35 systemd-private-f93e9a7cc83a4e6ba1ea5a4ff1abcdc2-chronyd.service-2U7zsa
drwx------. 2 root root   6 8月   7 00:25 vmware-root
lrwxrwxrwx. 1 root root  10 8月  16 14:32 xxx -> /etc/fstab
-rw-r--r--. 2 root root 502 8月   6 16:33 xxx2
-rw-------. 1 root root   0 8月   7 00:21 yum.log

小结

复制代码
ansible group02 -m file 'path= state= recurse= src= owner= group= mode'
# path 文件的地址
# state 方法
 # directory 创建目录
 # touch 创建文件
 # absent 删除文件
 # link 创建软连接
 # hard 创建硬链接
# recurse 是否允许递归操作
# src 文件源

4.stat模块

查看信息

复制代码
[root@m0 ~]# ansible group02 -m stat -a 'path=/etc/fstab'
192.168.2.111 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "stat": {
        "atime": 1723775545.4809103, 
        "attr_flags": "", 
        "attributes": [], 
        "block_size": 4096, 
        "blocks": 8, 
        "charset": "us-ascii", 
        "checksum": "20fcca9572fbd2d112b32e6446e42070695ce511", 
        "ctime": 1723790032.7200139, 
        "dev": 64768, 
        "device_type": 0, 
        "executable": false, 
        "exists": true, 
        "gid": 0, 
        "gr_name": "root", 
        "inode": 17258899, 
        "isblk": false, 
        "ischr": false, 
        "isdir": false, 
        "isfifo": false, 
        "isgid": false, 
        "islnk": false, 
        "isreg": true, 
        "issock": false, 
        "isuid": false, 
        "mimetype": "text/plain", 
        "mode": "0644", 
        "mtime": 1722933190.7942092, 
        "nlink": 2, 
        "path": "/etc/fstab", 
        "pw_name": "root", 
        "readable": true, 
        "rgrp": true, 
        "roth": true, 
        "rusr": true, 
        "size": 502, 
        "uid": 0, 
        "version": "18446744072287068007", 
        "wgrp": false, 
        "woth": false, 
        "writeable": true, 
        "wusr": true, 
        "xgrp": false, 
        "xoth": false, 
        "xusr": false
    }
}
192.168.2.110 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "stat": {
        "atime": 1723775466.468042, 
        "attr_flags": "", 
        "attributes": [], 
        "block_size": 4096, 
        "blocks": 8, 
        "charset": "us-ascii", 
        "checksum": "20fcca9572fbd2d112b32e6446e42070695ce511", 
        "ctime": 1723790032.71537, 
        "dev": 64768, 
        "device_type": 0, 
        "executable": false, 
        "exists": true, 
        "gid": 0, 
        "gr_name": "root", 
        "inode": 17258899, 
        "isblk": false, 
        "ischr": false, 
        "isdir": false, 
        "isfifo": false, 
        "isgid": false, 
        "islnk": false, 
        "isreg": true, 
        "issock": false, 
        "isuid": false, 
        "mimetype": "text/plain", 
        "mode": "0644", 
        "mtime": 1722933190.7942092, 
        "nlink": 2, 
        "path": "/etc/fstab", 
        "pw_name": "root", 
        "readable": true, 
        "rgrp": true, 
        "roth": true, 
        "rusr": true, 
        "size": 502, 
        "uid": 0, 
        "version": "18446744072287068007", 
        "wgrp": false, 
        "woth": false, 
        "writeable": true, 
        "wusr": true, 
        "xgrp": false, 
        "xoth": false, 
        "xusr": false
    }
}
other | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "stat": {
        "atime": 1723775623.031594, 
        "attr_flags": "", 
        "attributes": [], 
        "block_size": 4096, 
        "blocks": 8, 
        "charset": "us-ascii", 
        "checksum": "20fcca9572fbd2d112b32e6446e42070695ce511", 
        "ctime": 1723790032.729416, 
        "dev": 64768, 
        "device_type": 0, 
        "executable": false, 
        "exists": true, 
        "gid": 0, 
        "gr_name": "root", 
        "inode": 17258899, 
        "isblk": false, 
        "ischr": false, 
        "isdir": false, 
        "isfifo": false, 
        "isgid": false, 
        "islnk": false, 
        "isreg": true, 
        "issock": false, 
        "isuid": false, 
        "mimetype": "text/plain", 
        "mode": "0644", 
        "mtime": 1722933190.7942092, 
        "nlink": 2, 
        "path": "/etc/fstab", 
        "pw_name": "root", 
        "readable": true, 
        "rgrp": true, 
        "roth": true, 
        "rusr": true, 
        "size": 502, 
        "uid": 0, 
        "version": "18446744072287068007", 
        "wgrp": false, 
        "woth": false, 
        "writeable": true, 
        "wusr": true, 
        "xgrp": false, 
        "xoth": false, 
        "xusr": false
    }
}

5.copy模块(重点)

复制代码
[root@m0 ~]# ls
anaconda-ks.cfg  mysql-5.7.44-linux-glibc2.12-x86_64.tar.gz
[root@m0 ~]# mv mysql-5.7.44-linux-glibc2.12-x86_64.tar.gz mysql57.tar.gz
[root@m0 ~]# ls
anaconda-ks.cfg  mysql57.tar.gz
​
# 把mysql57.tar.gz传到group02组中的主机中
[root@m0 ~]# ansible group02 -m copy -a 'src=./mysql57.tar.gz dest=~'
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "ca7c056f43922133ac4bfa788849172ff124ce47", 
    "dest": "/root/mysql57.tar.gz", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "d7c8436bbf456e9a4398011a0c52bc40", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 694785800, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723791895.72-3029-205251780527035/source", 
    "state": "file", 
    "uid": 0
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "ca7c056f43922133ac4bfa788849172ff124ce47", 
    "dest": "/root/mysql57.tar.gz", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "d7c8436bbf456e9a4398011a0c52bc40", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 694785800, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723791895.62-3027-254129236082512/source", 
    "state": "file", 
    "uid": 0
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "ca7c056f43922133ac4bfa788849172ff124ce47", 
    "dest": "/root/mysql57.tar.gz", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "d7c8436bbf456e9a4398011a0c52bc40", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 694785800, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723791895.71-3026-134059210870560/source", 
    "state": "file", 
    "uid": 0
}
​
# 验证
[root@s0 ~]# ls
aaa  anaconda-ks.cfg  mysql57.tar.gz
[root@s1 ~]# ls
aaa  anaconda-ks.cfg  mysql57.tar.gz
[root@s2 ~]# ls
aaa  anaconda-ks.cfg  mysql57.tar.gz

练习:

创建一个100M的文件,然后同步到110,111,112主机上

复制代码
[root@m0 ~]# dd if="/dev/zero" of="tst" bs=100M count=1
记录了1+0 的读入
记录了1+0 的写出
104857600字节(105 MB)已复制,0.113386 秒,925 MB/秒
[root@m0 ~]# ansible group02 -m copy -a 'src=./tst dest=~'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "2f282b84e7e608d5852449ed940bfc51", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 104857600, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723792459.28-3139-31521072234907/source", 
    "state": "file", 
    "uid": 0
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "2f282b84e7e608d5852449ed940bfc51", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 104857600, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723792459.26-3138-81656713137079/source", 
    "state": "file", 
    "uid": 0
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "2f282b84e7e608d5852449ed940bfc51", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 104857600, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723792459.29-3140-152165473863162/source", 
    "state": "file", 
    "uid": 0
}
​
[root@s0 ~]# ls
aaa  anaconda-ks.cfg  mysql57.tar.gz  tst
[root@s1 ~]# ls
aaa  anaconda-ks.cfg  mysql57.tar.gz  tst
[root@s2 ~]# ls
aaa  anaconda-ks.cfg  mysql57.tar.gz  tst
​

给文件写入内容

给tst文件写入wo shi haha ,并且同步到110,111,112主机上

复制代码
[root@m0 ~]# ansible group02 -m copy -a 'content="wo shi haha" dest=~/tst'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "965c5185c9bb99125bfa8c7162dcf4b738f10a77", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "3ee4b712d8af9f792d318c9f0a836759", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 11, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723792694.7-3249-240792052218088/source", 
    "state": "file", 
    "uid": 0
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "965c5185c9bb99125bfa8c7162dcf4b738f10a77", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "3ee4b712d8af9f792d318c9f0a836759", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 11, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723792694.71-3248-228412683621377/source", 
    "state": "file", 
    "uid": 0
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "965c5185c9bb99125bfa8c7162dcf4b738f10a77", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "3ee4b712d8af9f792d318c9f0a836759", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 11, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723792694.76-3250-198245487172331/source", 
    "state": "file", 
    "uid": 0
}
​
[root@s0 ~]# cat tst
wo shi haha
[root@s1 ~]# cat tst
wo shi haha

force=no(不覆盖)

如果ansible将创建文件的命令发布到110,111,112主机上时,这三台主机有这个文件,force=no,就不会覆盖这三台主机上的原来的文件

复制代码
[root@m0 ~]# ansible group02 -m copy -a 'src=./tst dest=~ force=no'
192.168.2.110 | SUCCESS => {
    "changed": false, 
    "dest": "/root", 
    "src": "/root/./tst"
}
192.168.2.111 | SUCCESS => {
    "changed": false, 
    "dest": "/root", 
    "src": "/root/./tst"
}
other | SUCCESS => {
    "changed": false, 
    "dest": "/root", 
    "src": "/root/./tst"
}
​
# 验证
​
# 执行之前
[root@s0 ~]# ls -lh 
总用量 663M
-rwxrwxrwt. 1 bin  daemon    0 8月  16 14:22 aaa
-rw-------. 1 root root   1.3K 8月   7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root   663M 8月  16 15:06 mysql57.tar.gz
-rw-r--r--. 1 root root     11 8月  16 15:18 tst
​
# 执行之后
[root@s0 ~]# ls -lh 
总用量 663M
-rwxrwxrwt. 1 bin  daemon    0 8月  16 14:22 aaa
-rw-------. 1 root root   1.3K 8月   7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root   663M 8月  16 15:06 mysql57.tar.gz
-rw-r--r--. 1 root root     11 8月  16 15:18 tst
​

force=yes(覆盖)

force=yes,就会覆盖掉这三台主机上原来存在的tst文件

复制代码
[root@m0 ~]# ansible group02 -m copy -a 'src=./tst dest=~ force=yes'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "2f282b84e7e608d5852449ed940bfc51", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 104857600, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723798717.23-3585-21726739880805/source", 
    "state": "file", 
    "uid": 0
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "2f282b84e7e608d5852449ed940bfc51", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 104857600, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723798717.23-3584-128328247495760/source", 
    "state": "file", 
    "uid": 0
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "2c2ceccb5ec5574f791d45b63c940cff20550f9a", 
    "dest": "/root/tst", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "2f282b84e7e608d5852449ed940bfc51", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:admin_home_t:s0", 
    "size": 104857600, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723798717.23-3586-43347575088517/source", 
    "state": "file", 
    "uid": 0
}
​
# 验证
​
# 改之前
[root@s0 ~]# ls -lh 
总用量 663M
-rwxrwxrwt. 1 bin  daemon    0 8月  16 14:22 aaa
-rw-------. 1 root root   1.3K 8月   7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root   663M 8月  16 15:06 mysql57.tar.gz
-rw-r--r--. 1 root root     11 8月  16 15:18 tst
​
# 改之后
[root@s0 ~]# ls -lh 
总用量 763M
-rwxrwxrwt. 1 bin  daemon    0 8月  16 14:22 aaa
-rw-------. 1 root root   1.3K 8月   7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root   663M 8月  16 15:06 mysql57.tar.gz
-rw-r--r--. 1 root root   100M 8月  16 16:58 tst

backup=yes(备份)

1.删除tst文件

复制代码
# 删除tst文件
​
[root@m0 ~]# ansible group02 -m file  -a 'path=./tst  state=absent backup=yes owner=bin group=daemon mode=1777'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "./tst", 
    "state": "absent"
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "./tst", 
    "state": "absent"
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "./tst", 
    "state": "absent"
}
​
# 验证
# 删除之前
[root@s0 ~]# ls -lh 
总用量 763M
-rwxrwxrwt. 1 bin  daemon    0 8月  16 14:22 aaa
-rw-------. 1 root root   1.3K 8月   7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root   663M 8月  16 15:06 mysql57.tar.gz
-rwxrwxrwt. 1 bin  daemon 100M 8月  16 16:58 tst
​
# 删除之后
[root@s0 ~]# ls -lh 
总用量 663M
-rwxrwxrwt. 1 bin  daemon    0 8月  16 14:22 aaa
-rw-------. 1 root root   1.3K 8月   7 00:25 anaconda-ks.cfg
-rw-r--r--. 1 root root   663M 8月  16 15:06 mysql57.tar.gz

2.创建文件/tmp/a.txt

复制代码
# 创建文件/tmp/a.txt
​
[root@m0 ~]# ansible group02 -m file -a 'path=/tmp/a.txt state=touch'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/a.txt", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/a.txt", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/tmp/a.txt", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
# 验证
[root@s0 ~]# ls /tmp/
a.txt
[root@s1 ~]# ls /tmp/
a.txt

3.进行备份

复制代码
# 给原来的/tmp/a.txt进行备份(a.txt.4331.2024-08-16@17:23:26~),将新的内容(/etc/fstab)复制到a.txt中,并且修改了权限,属主和属组
​
[root@m0 ~]# ansible group02 -m copy -a 'src=/etc/fstab dest=/tmp/a.txt backup=yes owner=bin group=daemon mode=1777'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup_file": "/tmp/a.txt.4331.2024-08-16@17:23:26~", 
    "changed": true, 
    "checksum": "20fcca9572fbd2d112b32e6446e42070695ce511", 
    "dest": "/tmp/a.txt", 
    "gid": 2, 
    "group": "daemon", 
    "md5sum": "a7adf78e321c6b78f8576849db9a5e73", 
    "mode": "01777", 
    "owner": "bin", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 502, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723800205.98-4148-210811390920713/source", 
    "state": "file", 
    "uid": 1
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup_file": "/tmp/a.txt.4258.2024-08-16@17:23:26~", 
    "changed": true, 
    "checksum": "20fcca9572fbd2d112b32e6446e42070695ce511", 
    "dest": "/tmp/a.txt", 
    "gid": 2, 
    "group": "daemon", 
    "md5sum": "a7adf78e321c6b78f8576849db9a5e73", 
    "mode": "01777", 
    "owner": "bin", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 502, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723800206.01-4149-123087950411073/source", 
    "state": "file", 
    "uid": 1
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup_file": "/tmp/a.txt.4103.2024-08-16@17:23:26~", 
    "changed": true, 
    "checksum": "20fcca9572fbd2d112b32e6446e42070695ce511", 
    "dest": "/tmp/a.txt", 
    "gid": 2, 
    "group": "daemon", 
    "md5sum": "a7adf78e321c6b78f8576849db9a5e73", 
    "mode": "01777", 
    "owner": "bin", 
    "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
    "size": 502, 
    "src": "/root/.ansible/tmp/ansible-tmp-1723800206.04-4151-203739831332220/source", 
    "state": "file", 
    "uid": 1
}
​
# 验证
[root@s0 ~]# ls /tmp/
a.txt
a.txt.4331.2024-08-16@17:23:26~
[root@s0 ~]# cat /tmp/a.txt
​
#
# /etc/fstab
# Created by anaconda on Wed Aug  7 00:21:24 2024
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root /                       xfs     defaults        0 0
UUID=ee7d9803-5773-4f48-acdc-7b7344699e0d /boot                   xfs     defaults        0 0
/dev/mapper/centos-swap swap                    swap    defaults        0 0
/dev/cdrom /mnt iso9660 defaults 0 0
​
# 创建的a.txt文件没有添加内容
[root@s0 ~]# cat /tmp/a.txt.4331.2024-08-16@17\:23\:26~ 

backup参数小结:

使用backup参数控制是否备份文件

backup=yes表示如果拷贝的文件内容与原内容不一样,则会备份一份/tmp/3333(备份文件名加上时间)文件,再拷贝新的文件/tmp/333

复制代码
master# ansible group01 -m  copy -a 'src=/etc/fstab dest=/tmp/333 backup=yes owner=daemon group=daemon'

6.fetch模块

复制代码
# 回收110,111,112主机上的内容
​
# 回收110,111,112主机上的网卡信息,将信息放到本机的tmp/目录下
ansible group02 -m fetch -a 'src=/etc/sysconfig/network-scripts/ifcfg-ens33 dest=/tmp'

7.user模块

创建用户

创一个名为aaaa的用户,并且将这个任务发布到110,111,112主机上

复制代码
[root@m0 ~]# ansible group02 -m user -a 'name=aaaa state=present'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 1000, 
    "home": "/home/aaaa", 
    "name": "aaaa", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 1000
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 1000, 
    "home": "/home/aaaa", 
    "name": "aaaa", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 1000
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 1000, 
    "home": "/home/aaaa", 
    "name": "aaaa", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 1000
}
# 验证
[root@ab ~]# grep aaaa /etc/passwd
aaaa:x:1000:1000::/home/aaaa:/bin/bash

创建名为mysql的用户

复制代码
[root@m0 ~]# ansible group02 -m user -a 'name=mysql state=present system=yes shell="/sbin/nologin"'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 995, 
    "home": "/home/mysql", 
    "name": "mysql", 
    "shell": "/sbin/nologin", 
    "state": "present", 
    "system": true, 
    "uid": 997
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 995, 
    "home": "/home/mysql", 
    "name": "mysql", 
    "shell": "/sbin/nologin", 
    "state": "present", 
    "system": true, 
    "uid": 997
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 995, 
    "home": "/home/mysql", 
    "name": "mysql", 
    "shell": "/sbin/nologin", 
    "state": "present", 
    "system": true, 
    "uid": 997
}
# 验证
[root@ab ~]# grep mysql /etc/passwd
mysql:x:997:995::/home/mysql:/sbin/nologin

在用户mysql创建一个mysql-files并且权限为750的文件

复制代码
[root@m0 ~]# ansible group02 -m file -a 'path=/usr/local/mysql/mysql-files state=directory owner=mysql group=mysql mode=750'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 995, 
    "group": "mysql", 
    "mode": "0750", 
    "owner": "mysql", 
    "path": "/usr/local/mysql/mysql-files", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 997
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 995, 
    "group": "mysql", 
    "mode": "0750", 
    "owner": "mysql", 
    "path": "/usr/local/mysql/mysql-files", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 997
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 995, 
    "group": "mysql", 
    "mode": "0750", 
    "owner": "mysql", 
    "path": "/usr/local/mysql/mysql-files", 
    "secontext": "unconfined_u:object_r:usr_t:s0", 
    "size": 6, 
    "state": "directory", 
    "uid": 997
}
​
# 验证
[root@ab ~]# ll /usr/local/mysql/
总用量 0
drwxr-x---. 2 mysql mysql 6 8月  16 21:38 mysql-files

传用户的时候传用户的密码

1.在m0上创建一个带密码的用户

复制代码
[root@m0 ~]# useradd abc
[root@m0 ~]# echo "abc"|passwd --stdin abc
更改用户 abc 的密码 。
passwd:所有的身份验证令牌已经成功更新。

2.传用户和密码

复制代码
[root@m0 ~]# ansible group02 -m user -a 'name=abc state=present uid=1999 password=abc'
[WARNING]: The input password appears not to have been hashed. The 'password'
argument must be encrypted for this module to work properly.
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 1999, 
    "home": "/home/********", 
    "name": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", 
    "password": "NOT_LOGGING_PASSWORD", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 1999
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 1999, 
    "home": "/home/********", 
    "name": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", 
    "password": "NOT_LOGGING_PASSWORD", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 1999
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "append": false, 
    "changed": true, 
    "comment": "", 
    "group": 1001, 
    "home": "/home/********", 
    "move_home": false, 
    "name": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", 
    "password": "NOT_LOGGING_PASSWORD", 
    "shell": "/bin/bash", 
    "state": "present", 
    "uid": 1999
}
​
# 验证
[root@ab ~]# grep abc /etc/passwd
abc:x:1999:1999::/home/abc:/bin/bash

生成随机密码

复制代码
[root@m0 ~]# echo 123456 | openssl passwd -1 -stdin
$1$Erd.NZdm$mAQtHJ60GLd6r0aAHQrlp0
[root@m0 ~]# echo 123456 | openssl passwd -1 -stdin
$1$SDbhjmBG$LI3FAKVFPpuoyk2Xvk8Sm/

创建一个普通用户叫hadoop,并产生空密码密钥对

复制代码
[root@m0 ~]# ansible group02 -m user -a 'name=hadoop generate_ssh_key=yes'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 2000, 
    "home": "/home/hadoop", 
    "name": "hadoop", 
    "shell": "/bin/bash", 
    "ssh_fingerprint": "2048 SHA256:Td4nLMeG7EnRVFiPo3aVNQ6ng3sDsSLnDza2/JGEPUs ansible-generated on ab.haha (RSA)", 
    "ssh_key_file": "/home/hadoop/.ssh/id_rsa", 
    "ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6886Gpqr9+U9owjy+1khihyhuQyRj0mLfGa3Aw84CCBplGL3F997suKVB5iL0fFBEn9AcpBRxMu7OAniRoPHNSas0zynL+D8Rm7Fr3CdpSI9FR2hYUW3/sAaBbT1Rhbdy86+/QB7KjcfwhleIK7yUnLa5Ymz0h11Iyk5co3As7ZMvTJrJzmkv90nIRU2gCo6D6sAsGYlIiF2QDDHgx8Q9cIKN/dRcnp5FK1CkTkwY2rDed0KAYLEtP8pn1ydB1HymbujypZpi4EBH5OTOEllZWfCAC8hdDskn5A9EzGe7enylYNS8hKWBxxUUQq1Ck7Jx8+fhA1IfbYT6lXiPk14p ansible-generated on ab.haha", 
    "state": "present", 
    "system": false, 
    "uid": 2000
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 2000, 
    "home": "/home/hadoop", 
    "name": "hadoop", 
    "shell": "/bin/bash", 
    "ssh_fingerprint": "2048 SHA256:SUbtRxZoEL8EbRV8U7hWXN31ltuYHt0XWa5u3EnPCxo ansible-generated on ab.haha (RSA)", 
    "ssh_key_file": "/home/hadoop/.ssh/id_rsa", 
    "ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2MSfgn9wn0tYU/rAbmckbDrcw9WGTuO1WwmIIAymsAMKioXRZQFNIvpIwWzpBnlypuS/6AJZlOGlJFkQB3oAZYs+cP1vVg8iRRuyPfZqxLQ2Hkc3cT6ouquP+NKl9x4WieQVA7CitmtuthnLXvTSxvXHIvOKPt4yB2J5TA5K9p9uwes8fI02TMmpz963n1AaWw9+iObmhbxUndegJ6bM2U8Cjh5Itl5iQDLXddfhxNLtPD+ny3zpUvA3UDwOHHfhSHS+Ue4q3LOEnr3TXDzrpUYpxJTy8JBevAVVgJF6qV4HlCKceerJDorKPHMWuKNEx2QJiJvNQjCRkiuVNQ27p ansible-generated on ab.haha", 
    "state": "present", 
    "system": false, 
    "uid": 2000
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 2000, 
    "home": "/home/hadoop", 
    "name": "hadoop", 
    "shell": "/bin/bash", 
    "ssh_fingerprint": "2048 SHA256:l4xaMylvcQTjpNL8ZcpV0KXmIqG5dnyGOHJFmi5DbeM ansible-generated on ab.haha (RSA)", 
    "ssh_key_file": "/home/hadoop/.ssh/id_rsa", 
    "ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGr80DmhnTzVeB8bmEOx9ERsTw/xUUJYI+/IJWl0jq7wgUa5QkwOhAwsX9ITFfab8+NxxvDu38iEId9nd+Y+z2CZsdc37oR0m8exZBUBKPyYyLhVIlqmg+DEMMKZALE0an4W5dbKgjmDt62azSm/1ye1Z7XRjyHyvbRfjijcNXvdlvPOl2VvjWp8YLPwEp2+HcoemdzD1pOxNouhqiN25tbX9B+jYXKe9VuH0KMKkjdiBGxYlN/fJNVaIOt+GL6qnQjlcGD/yDtlqDM7oZlZ/Q5HzEmvOkENUAXP1BhU8VZQds4KrzQ9xOTIvD24w22R9X7ZbDN2FIiKAqHKTcWCWX ansible-generated on ab.haha", 
    "state": "present", 
    "system": false, 
    "uid": 2000
}
​
# 验证
[root@ab ~]# grep hadoop /etc/passwd
hadoop:x:2000:2000::/home/hadoop:/bin/bash
​
[root@ab ~]# ls ./.ssh/
authorized_keys
[root@ab ~]# cat ./.ssh/authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDrLUA6COFlt/DTnmdEpK8Ho2xvUmVMNBRY5SZDiqDpokxOjwNrfU5eubCn6ibAoGNEdUgdlbpkwEXbsm+Ldh/DfecyZ9EZUX0Oa6fuKSOBswyieZ5KZ+EkeTJQWUFLZIGJduG0Z+xfR8LJHGXe9zD03W/aHbDwA+1mU17IZGKTS+04twYC/M7gEoEpwQpsJz1v9EuYBD2tf4VAF/BfiI+koM6AR5xhVQmaOwse97YEPcC7YVq4ECTx8dqjcmVT0BCg4UDkMYtKEetSUP4439mZOLgz/uW3GNigZqrnxXLVp+L8MQYCjGi07ARu7nJlMC32jyOOCAH0Eb/NJIQomZOL root@m0

删除用户

不会删除用户的家目录

复制代码
# 删除用户hadoop
​
[root@m0 ~]# ansible group02 -m user -a 'name=hadoop state=absent'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "force": false, 
    "name": "hadoop", 
    "remove": false, 
    "state": "absent"
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "force": false, 
    "name": "hadoop", 
    "remove": false, 
    "state": "absent"
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "force": false, 
    "name": "hadoop", 
    "remove": false, 
    "state": "absent"
}
​
# 验证
[root@ab ~]# grep hadoop /etc/passwd
hadoop:x:2000:2000::/home/hadoop:/bin/bash
​
[root@ab ~]# grep hadoop /etc/passwd
​
# 删除hadoop,家目录默认没有删除
[root@ab ~]# ls /home
aaaa  abc  hadoop  mysql

删除bbb 用户,家目录也被删除

使用remove=yes参数让其删除用户的同时也删除家目录

复制代码
master# ansible group02 0m user -a 'name=bbb state=absent remove=yes'

8.cron模块

cron模块用于管理周期性任务时间

创建⼀个cron任务,不指定user的话,默认就是root

如果minute,hour,day,month,week不指定的话,默认都为*

创建计划任务

复制代码
[root@m0 ~]# ansible group02 -m cron -a 'name="test cron1" user=root job="touch /tmp/111" minute=*/2'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "test cron1"
    ]
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "test cron1"
    ]
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "test cron1"
    ]
}
​
# 验证
111主机:
[root@ab ~]# crontab -l
#Ansible: test cron1
*/2 * * * * touch /tmp/111
112主机
[root@ab ~]# crontab -l
#Ansible: test cron1
*/2 * * * * touch /tmp/111
110主机
[root@ab ~]# crontab -l
#Ansible: test cron1
*/2 * * * * touch /tmp/111

删除cron任务

复制代码
[root@m0 ~]# ansible group02 -m cron -a 'name="test cron1" state=absent'
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": []
}
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": []
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": []
}
​
# 验证
​
# 删除之前
[root@ab ~]# crontab -l
#Ansible: test cron1
*/2 * * * * touch /tmp/111
​
# 删除之后
[root@ab ~]# crontab -l
[root@ab ~]# 
​

9.yum模块

复制代码
[root@m0 ~]# ansible group02  -m yum -a 'name=ntpdate state=present'
​
# 验证
111主机:
[root@ab ~]# yum list installed | grep ntpdate
ntpdate.x86_64                        4.2.6p5-29.el7.centos.2          @base    
112主机:
[root@ab ~]# yum list installed | grep ntpdate
ntpdate.x86_64                        4.2.6p5-29.el7.centos.2          @base    
110主机:
[root@ab ~]# yum list installed | grep ntpdate
ntpdate.x86_64                        4.2.6p5-29.el7.centos.2          @base    

cron模块:创建时间计划任务

复制代码
# 写一个同步时间的计划任务发布到 110,111,112主机
[root@m0 ~]# ansible group02 -m cron -a 'name="abc" user=root job="/usr/sbin/ntpdate cn.ntp.org.cn" hour=2'
192.168.2.110 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "abc"
    ]
}
192.168.2.111 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "abc"
    ]
}
other | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "abc"
    ]
}
​
​
# 验证
110主机:
[root@ab ~]# crontab -l
#Ansible: abc
* 2 * * * /usr/sbin/ntpdate cn.ntp.org.cn
111主机:
[root@ab ~]# crontab -l
#Ansible: abc
* 2 * * * /usr/sbin/ntpdate cn.ntp.org.cn
112主机:
[root@ab ~]# crontab -l
#Ansible: abc
* 2 * * * /usr/sbin/ntpdate cn.ntp.org.cn

10.service模块

复制代码
# 关闭防火墙(将任务发布到110,111,112主机上)
[root@m0 ~]# ansible group02 -m service -a 'name=firewalld state=stopped enabled=false'
​
# 验证
[root@ab ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:firewalld(1)
​
8月 16 10:25:18 localhost.localdomain systemd[1]: Starting firewalld - dynamic ....
8月 16 10:25:19 localhost.localdomain systemd[1]: Started firewalld - dynamic f....
8月 16 10:30:57 s0 systemd[1]: Stopping firewalld - dynamic firewall daemon...
8月 16 10:30:58 s0 systemd[1]: Stopped firewalld - dynamic firewall daemon.
Hint: Some lines were ellipsized, use -l to show in full.

11.commend模块(执行命令)

将110,111,112主机关机

复制代码
[root@m0 ~]# ansible group02 -m command -a 'shutdown -h 0'
192.168.2.110 | FAILED | rc=-1 >>
Failed to connect to the host via ssh: ssh: connect to host 192.168.2.110 port 22: Connection refused
192.168.2.111 | FAILED | rc=-1 >>
Failed to connect to the host via ssh: ssh: connect to host 192.168.2.111 port 22: Connection refused
other | FAILED | rc=-1 >>
Failed to connect to the host via ssh: ssh: connect to host 192.168.2.112 port 22: Connection refused

验证:

相关推荐
远游客07131 小时前
centos stream 8下载安装遇到的坑
linux·服务器·centos
马甲是掉不了一点的<.<1 小时前
本地电脑使用命令行上传文件至远程服务器
linux·scp·cmd·远程文件上传
jingyu飞鸟1 小时前
centos-stream9系统安装docker
linux·docker·centos
超爱吃士力架2 小时前
邀请逻辑
java·linux·后端
cominglately4 小时前
centos单机部署seata
linux·运维·centos
魏 无羡4 小时前
linux CentOS系统上卸载docker
linux·kubernetes·centos
CircleMouse4 小时前
Centos7, 使用yum工具,出现 Could not resolve host: mirrorlist.centos.org
linux·运维·服务器·centos
木子Linux5 小时前
【Linux打怪升级记 | 问题01】安装Linux系统忘记设置时区怎么办?3个方法教你回到东八区
linux·运维·服务器·centos·云计算
mit6.8245 小时前
Ubuntu 系统下性能剖析工具: perf
linux·运维·ubuntu
鹏大师运维5 小时前
聊聊开源的虚拟化平台--PVE
linux·开源·虚拟化·虚拟机·pve·存储·nfs