Ansible 详解:group模块、vars_files变量、user模块实战

我爱学习好爱好爱2026-03-31 10:45

group模块

复制代码 
-m group 
    管理被控端用户组
指令参数 选项 说明
name 创建的组名
gid 设置组的ID
state present, absent 状态操作
system yes, no 是否是系统组
复制代码 
[root@ansible ~]# ansible webservers -m group -a 'name=aaa gid=1500 state=present'
192.168.92.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": true,
    "gid": 1500,
    "name": "aaa",
    "state": "present",
    "system": false
}
[root@ansible ~]# ansible webservers -m group -a 'name=aaa state=absent'
192.168.92.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": true,
    "name": "aaa",
    "state": "absent"
}
[root@ansible ~]#

vars_files变量

复制代码 
[root@ansible ~]# vi bianliang.yml 
[root@ansible ~]# cat bianliang.yml
uname: yun
uid: 9000
job: projector
url: www.baidu.com 
[root@ansible ~]# vi an-4.yml 
[root@ansible ~]# cat an-4.yml
#提前定义了变量文件,然后进行调用

- hosts: webservers
  vars_files:
    - /root/bianliang.yml
  tasks:
    - name: debug输出变量
      debug:
        msg:
          - "输出用户名称: {{ uname }}"
          - "输出网址: {{ url }}" 
[root@ansible ~]# ansible-playbook an-4.yml

PLAY [webservers] ***************************************************************************************************************************************

TASK [Gathering Facts] **********************************************************************************************************************************
ok: [192.168.92.20]

TASK [debug输出变量] ************************************************************************************************************************************
ok: [192.168.92.20] => {
    "msg": [
        "输出用户名称: yun",
        "输出网址: www.baidu.com"
    ]
}

PLAY RECAP **********************************************************************************************************************************************
192.168.92.20              : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

user 模块

复制代码 
-m user 
    管理被控端用户
指令参数 选项 说明
name 创建或者删除的用户名
uid 设置用户的id
password 设置用户的登录密码
group 设置用户的基本组
groups 设置用户的附加组
shell 设置用户的登录式shell
create_home yes,no 为用户创建家目录/home,默认yes
state present, absent 操作状态,默认present
remove yes, no 删除用户相关的家目录;只有state=absent,它才生效,默认是no
generate_ssh_key yes,no 是否生成ssh密钥,默认no
ssh_key_bits 2048 ssh密钥的位数
ssh_key file ssh密钥文件,默认:.ssh/id_rsa*
复制代码 
[root@ansible ~]# ansible webservers -m user -a 'state=present name=yun password=123456 uid=1200 group=root'
^[[D[WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this module to work properly.
192.168.92.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "append": false,
    "changed": true,
    "comment": "",
    "group": 0,
    "home": "/home/yun",
    "move_home": false,
    "name": "yun",
    "password": "NOT_LOGGING_PASSWORD",
    "shell": "/bin/bash",
    "state": "present",
    "uid": 1200
} 
[root@ansible ~]# ansible webservers -m user -a 'state=absent name=yun'
192.168.92.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": true,
    "force": false,
    "name": "yun",
    "remove": false,
    "state": "absent",
    "stderr": "userdel: group yun not removed because it is not the primary group of user yun.\n",
    "stderr_lines": [
        "userdel: group yun not removed because it is not the primary group of user yun."
    ]
} 
[root@ansible ~]# ansible webservers -m group -a 'name=yun2 state=present'
192.168.92.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": true,
    "gid": 1001,
    "name": "yun2",
    "state": "present",
    "system": false
} 
[root@ansible ~]# ansible webservers -m user -a 'state=present name=yun password=123456 uid=1200 group=root groups=yun2'
[WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this module to work properly.
192.168.92.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": true,
    "comment": "",
    "create_home": true,
    "group": 0,
    "groups": "yun2",
    "home": "/home/yun",
    "name": "yun",
    "password": "NOT_LOGGING_PASSWORD",
    "shell": "/bin/bash",
    "state": "present",
    "stderr": "useradd: warning: the home directory /home/yun already exists.\nuseradd: Not copying any file from skel directory into it.\nCreating mailbox file: File exists\n",
    "stderr_lines": [
        "useradd: warning: the home directory /home/yun already exists.",
        "useradd: Not copying any file from skel directory into it.",
        "Creating mailbox file: File exists"
    ],
    "system": false,
    "uid": 1200
}
[root@ansible ~]# ansible webservers -m user -a 'name=yun2 state=present password=123456 group=root groups=root,yun2'
[WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this module to work properly.
192.168.92.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": true,
    "comment": "",
    "create_home": true,
    "group": 0,
    "groups": "root,yun2",
    "home": "/home/yun2",
    "name": "yun2",
    "password": "NOT_LOGGING_PASSWORD",
    "shell": "/bin/bash",
    "state": "present",
    "system": false,
    "uid": 1201
}
[root@ansible ~]# ansible webservers -m user -a 'name=yun2 state=absent'
192.168.92.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": true,
    "force": false,
    "name": "yun2",
    "remove": false,
    "state": "absent",
    "stderr": "userdel: group yun2 not removed because it is not the primary group of user yun2.\n",
    "stderr_lines": [
        "userdel: group yun2 not removed because it is not the primary group of user yun2."
    ]
} 
[root@ansible ~]# ansible webservers -m shell -a 'ls /home'
192.168.92.20 | CHANGED | rc=0 >>
yun
yun2
[root@ansible ~]# ansible webservers -m user -a 'name=yun remove=yes state=absent'
192.168.92.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": true,
    "force": false,
    "name": "yun",
    "remove": true,
    "state": "absent",
    "stderr": "userdel: group yun not removed because it is not the primary group of user yun.\n",
    "stderr_lines": [
        "userdel: group yun not removed because it is not the primary group of user yun."
    ]
}
[root@ansible ~]# ansible webservers -m shell -a 'ls /home'
192.168.92.20 | CHANGED | rc=0 >>
yun2
[root@ansible ~]# ansible webservers -m user -a 'state=present name=yun password=123456 uid=1200 group=root groups=yun2 generate_ssh_key=yes'
[WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this module to work properly.
192.168.92.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": true,
    "comment": "",
    "create_home": true,
    "group": 0,
    "groups": "yun2",
    "home": "/home/yun",
    "name": "yun",
    "password": "NOT_LOGGING_PASSWORD",
    "shell": "/bin/bash",
    "ssh_fingerprint": "3072 SHA256:58nnLq7Ayei+ENPof8bGe5jynGmSWyCmXpSVbidfry4 ansible-generated on web20h (RSA)",
    "ssh_key_file": "/home/yun/.ssh/id_rsa",
    "ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuT/Nl0BprWkgnXQ7xipGZEG4ap/x+ClUfmGkcY+YwpxF6gZRVhrvIlWtZzJGRfTrhSbvGyJ6m/4zX6AOTdzcV86XAjPc1EcBn3Vjfdor/g4VoZxphM81jV6O9J95RcW21Q3YlvL1+24o81dLjK078i5Vhxpun3wDVAxq5i/HCfB4KH602YgGhECAJe1y77IdZZaR5tiblcYAgBqX+f63HbEKzUx3gMtXW4MxUOS8xNtY302Zmsyn43WqkckmMGJ9b18p36+C1NjGYKV4mnHj56RjwbkajuRH9SH4/9eEGXs20Lcde/PvwBC3OBvDnvkOkxjFP7r/MCzt89UD7bo0DCbSLp0fnIx1PcSphAOL29poFJ1nHEt2LYwQYxGl8ug2ULdy92x0YdHPDSXYbk+z+cSniqAVqwuu9TLfZW/Cm8hqraSl4lh+hEOfoxRiu+J1nSce8QN/MjxeJsIRW1/OgN1xE53OXK63TGOZKZfcUd8biFSjW1ECdVQni9DXooQk= ansible-generated on web20h",
    "state": "present",
    "system": false,
    "uid": 1200
}
[root@ansible ~]#
相关推荐
独隅2 小时前
Linux 系统下 ADB 环境 的详细安装步骤和基础设置指南
linux·运维·adb
码农爱学习2 小时前
使用cJosn读写配置文件
java·linux·网络
自然常数e2 小时前
预处理讲解
java·linux·c语言·前端·visual studio
哼?~2 小时前
Linux线程同步
linux
tumeng07112 小时前
Linux(CentOS)安装 Nginx
linux·nginx·centos
cyber_两只龙宝2 小时前
【Docker】Docker的原生网络介绍
linux·运维·docker·云原生·容器
AzusaFighting2 小时前
Dify (Ubuntu 24.04 Noble x64)部署教程
linux·运维·ubuntu
我爱学习好爱好爱2 小时前
Ansible 自动化部署全栈项目(Spring Boot + Vue + MySQL + Redis)实战(Rockylinux9.6)
spring boot·自动化·ansible
xlp666hub2 小时前
一篇文章彻底搞懂Linux驱动的并发控制与中断上下半部机制
linux·面试
热门推荐
012026年3月AI领域大事件:DeepSeek引领开源风暴02GitHub 镜像站点03围棋-html版本04纯 HTML/CSS/JS 实现的高颜值登录页,还会眨眼睛!少女心爆棚!05班级宠物园部署指南06安娜的档案(Anna’s Archive) 镜像网站/国内最新可访问入口(持续更新)07OpenClaw 使用和管理 MCP 完全指南08Mac 本地部署 OMLX + 通义千问 Qwen3.5-27B 保姆级教程09“wsl --install -d Ubuntu-22.04”下载慢,中国地区离线安装 Ubuntu 22.04 WSL方法(亲测2025年5月6日)10UV安装并设置国内源