一、copy模块
实现控制节点和被控节点文件的传输;把控制节点的文件传输给被控节点,在被控节点自身上进行文件拷贝,支持将内容直接写入到文件中
- name: copy
hosts: all
tasks:
- name: cp a file chmod owner group
copy:
src: /etc/passwd
dest: /opt/passwd
owner: user
group: root
mode: '0644'
- name: changes content
copy:
content: hello world
dest: /var/www/html/index.html
- name: remote
copy:
remote_src: yes
src: /etc/passwd
dest: /opt/passwd-remote
# remote_src: yes 源文件已经在远程主机上,在远程主机内部复制/移动二、file模块
file:在被控节点查看文件信息、创建、删除、修改普通文件/目录文件
- name: play03
hosts: all
tasks:
- name: 查看指定文件的信息
file:
path: /etc/passwd
# state: file 默认可加可不加
- name: touch a file
file:
path: /opt/aaa
owner: good
group: devops
mode: '0700'
state: touch
- name: touch a directory
file:
path: /opt/dir
#recurse 递归修改指定目录下所有内容(包括子目录和文件)的属性(如权限、属主、属组)
state: directory
- name: rm a file
file:
path: /opt/aaa
state: absent
- name: a link
file:
src: /etc/passwd
dest: /opt/passwd-link
state: link
- name: a hard
file:
src: /etc/passwd
dest: /tmp/passwd-hard
state: hard三、fetch模块
将被控节点的文件拷贝到控制节点上,只能拉取普通文件,目录是无法拷贝过来的,默认情况下,拉取过来的文件在控制节点上是以被控节点主机名的名字作为目录名字来存储的
- name: fetch
hosts: all
tasks:
- name: flat: no(默认) 按dest/主机名/完整路径保存文件,不会冲突
fetch:
src: /etc/passwd
dest: /opt/
- name: flat: yes 直接保存到dest指定目录,不创建主机子目录
fetch:
src: /etc/passwd
dest: /opt/
flat: yes四、yum_repository模块
管理yum仓库配置文件(创建配置文件往里面写内容,修改配置文件的内容)不能删除yum仓库配置文件
- name: yum_repository
hosts: all
tasks:
- name: base_repository
yum_repository:
file: yum
# file: yum = "yum.repo"
name: BaseOS
# name: BaseOS = [BaseOS ]
description: baseos
# description: baseos = "name=baseos"
baseurl: file:///iso/BaseOS
gpgcheck: 0
enabled: 1
- name: app_repository
yum_repository:
file: yum
name: AppStream
description: appstream
baseurl: file:///iso/AppStream
gpgcheck: 0
enabled: 1五、yum模块
管理软件包的,比如安装、更新、卸载...
- name: yum
hosts: all
tasks:
- name: mount
shell: "mount /dev/sr0 /iso"
ignore_errors: yes
- name: yum apache
yum:
name: httpd
state: present
- name: yum tools
yum:
name: "@Development tools"
state: present
- name: upgrade all packages
yum:
name: '*'
state: latest
- name: remove a apache
yum:
name: httpd
state: absent六、user模块
管理用户的,相当于useradd、userdel、usermod
- name:
hosts: all
tasks:
- name: add a user
user:
name: xiaa
comment: this is my first create user
uid: 5656
group: root
home: /tmp/xiaa
shell: /bin/bash
- name: changes xiaa
user:
name: xiaa
uid: 3666
shell: /sbin/nologin
- name: remove xiaa
user:
name: xiaa
state: absent
remove: yes七、group模块
管理用户组的,相当于groupadd、groupmod、groupdel
- name: group
hosts: all
tasks:
- name: add a group
group:
name: itgroup
gid: 3345
state: present
- name: changes a group
group:
name: itgroup
gid: 4533
state: present
- name: rm a group
group:
name: itgroup
state: absent八、systemd模块
systemd模块多了daemon_reload参数,相当于执行了systemctl daemon-reload,一旦修改了服务的服务单元配置文件,一定要daemon-reload才能够读取到。其他的参数都是一样
- name: systemd
hosts: all
tasks:
- name: systemd start firewalld
systemd:
name: firewalld
state: started
- name: systemd stop httpd
systemd:
name: httpd
state: stopped
- name: systemd restart httpd
systemd:
name: httpd
state: restarted
daemon_reload: yes九、cron模块
相当于crontab周期性计划任务
- name: crontab
hosts: all
tasks:
- name: create a crontab
cron:
name: "create" # Ansible 用此标识管理
minute: "20,40"
hour: "12"
job: "echo 'hello world'"
user: root
- name: text cron_file
cron:
name: "echo"
minute: "0"
hour: "2"
job: "echo '111'"
cron_file: ansible_cron_echo # 写入 /etc/cron.d/ansible_cron_echo
user: root # 通常需要指定执行用户
- name: rm create
cron:
name: "create"
state: absent
- name: rm echo
cron:
name: "echo"
cron_file: ansible_cron_echo
state: absent十、get_url模块
在被控节点下载指定的文件
- name: get_url
hosts: all
tasks:
- name: curl or wget a file
get_url:
url: https://releases.ansible.com/ansible/ansible-2.9.0.tar.gz
dest: /opt/十一、unarchive模块
可以把控制节点的压缩包解压缩到被控节点,也可以在被控节点自身上找压缩包然后解压缩到自身另外一个目录
- name: unarchive
hosts: all
tasks:
- name: 控制节点解压缩到被控节点
unarchive:
src: /passwd.tar.gz
dest: /tmp/
- name: 被控节点打包压缩
shell: "tar -czf demo.tar.gz /etc/passwd"
- name: 被控节点的压缩包解压到自身的/tmp目录
unarchive:
src: /home/devops/demo.tar.gz
dest: /tmp
remote_src: yes十二、synchronize模块
相当于执行rsync命令
-
将远程主机 被控节点的文件拉取到控制节点上
-
将控制节点的文件推送到被控节点
底层其实走的是rsync命令,而rsync走的是SSH协议
- name: synchronize
hosts: all
tasks:
- name: push file
synchronize:
src: /etc/group
dest: /opt/
- name: pull file
synchronize:
src: /opt/ansible-2.9.0.tar.gz
dest: /tmp/
mode: pull
- name: push directory
synchronize:
src: /etc
dest: /tmp
- name: push directory file
synchronize:
src: /opt/
dest: /tmp
- name: rm /opt/
shell: "rm -rf /opt/*"
- name: rm /tmp/
shell: "rm -rf /tmp/*"