原理
安装
- pip
- 各平台自带软件管理器
# 主配置文件/etc/ansible/ansible.cfg# 默认定义主机清单文件/etc/ansible/hosts# 用来编排Playbook/etc/ansible/roles# 执行命令的程序/usr/bin/ansible/usr/bin/ansible-console# Ansible模块使用帮助命令,其中使用-l可以查看ansible自带的所有模块/usr/bin/ansible-doc/usr/bin/ansible-galaxy# 用来执行playbook的程序/usr/bin/ansible-playbook/usr/bin/ansible-pull/usr/bin/ansible-vault
HOST
- /etc/ansible/hosts
- -i 指定host文件
常用模块
command
command 作为 Ansible 的默认模块,可以运行远程权限范围所有的 shell 命令,不支持一些特殊符号。 ```bash ansible test -m command -a “hostname” or ansible test -a “hostname”
s3 | CHANGED | rc=0 >> e2fda1348478
s1 | CHANGED | rc=0 >> 3c14951f6bf8
s2 | CHANGED | rc=0 >> 687ec76366c7
<a name="shell"></a>### shellshell模块相当于command的升级版,他不仅可以拥有command的功能之外,还支持一些特殊符号。<a name="raw"></a>### raw类似于command模块、区别在于raw模块支持管道传递。
ansible test -m raw -a “tail -n2 /etc/passwd | head -n1” s2 | CHANGED | rc=0 >> _apt:x:104:65534::/nonexistent:/bin/false Shared connection to 127.0.0.1 closed.
s3 | CHANGED | rc=0 >> _apt:x:104:65534::/nonexistent:/bin/false Shared connection to 127.0.0.1 closed.
s1 | CHANGED | rc=0 >> _apt:x:104:65534::/nonexistent:/bin/false Shared connection to 127.0.0.1 closed.
<a name="copy"></a>### copycopy模块实现主控端向目标主机拷贝文件,类似于scp命令。```bashansible test -m copy -a "src=/Users/gikoo/Desktop/src.data dest=/root/dest.data mode=0755"s1 | CHANGED => {"changed": true,"checksum": "f4f84859edae8b2b19018de30a33bec3731249dc","dest": "/root/dest.data","gid": 0,"group": "root","md5sum": "7eea60fc1c7d69bfde3285a73121e329","mode": "0755","owner": "root","size": 9,"src": "/root/.ansible/tmp/ansible-tmp-1549942129.643651-16058954823383/source","state": "file","uid": 0}s3 | CHANGED => {"changed": true,"checksum": "f4f84859edae8b2b19018de30a33bec3731249dc","dest": "/root/dest.data","gid": 0,"group": "root","md5sum": "7eea60fc1c7d69bfde3285a73121e329","mode": "0755","owner": "root","size": 9,"src": "/root/.ansible/tmp/ansible-tmp-1549942129.6673431-253151023199026/source","state": "file","uid": 0}s2 | CHANGED => {"changed": true,"checksum": "f4f84859edae8b2b19018de30a33bec3731249dc","dest": "/root/dest.data","gid": 0,"group": "root","md5sum": "7eea60fc1c7d69bfde3285a73121e329","mode": "0755","owner": "root","size": 9,"src": "/root/.ansible/tmp/ansible-tmp-1549942129.652019-115622899628901/source","state": "file","uid": 0}#检查数据ansible test -a "ls -l /root/dest.data"s1 | CHANGED | rc=0 >>-rwxr-xr-x 1 root root 9 Feb 12 11:30 /root/dest.datas3 | CHANGED | rc=0 >>-rwxr-xr-x 1 root root 9 Feb 12 11:30 /root/dest.datas2 | CHANGED | rc=0 >>-rwxr-xr-x 1 root root 9 Feb 12 11:30 /root/dest.data
file
file模块实现创建/删除文件或目录信息,对数据权限进行修改
dest(required) : 将数据复制到远程节点的路径信息
可以使用path替代
group : 文件数据复制到远程主机,设置文件属组用户信息
mode : 文件数据复制到远程主机,设置数据的权限 eg 0644 0755
owner : 文件数据复制到远程主机,设置文件属主用户信息
src : 指定将本地管理主机的什么数据信息进行远程复制
state : absent 将数据进行删除
directory 创建一个空目录信息
file 查看指定目录信息是否存在
touch 创建一个空文件信息
hard/link 创建链接文件
ansible test -m file -a "dest=/root/test.file state=touch mode=0777"s2 | CHANGED => {"changed": true,"dest": "/root/test.file","gid": 0,"group": "root","mode": "0777","owner": "root","size": 0,"state": "file","uid": 0}s3 | CHANGED => {"changed": true,"dest": "/root/test.file","gid": 0,"group": "root","mode": "0777","owner": "root","size": 2,"state": "file","uid": 0}s1 | CHANGED => {"changed": true,"dest": "/root/test.file","gid": 0,"group": "root","mode": "0777","owner": "root","size": 0,"state": "file","uid": 0}
yum/apt
实现批量安装软件。
name 指定软件名称信息
state
absent/removed 将软件进行卸载(慎用)
present/installed 将软件进行安装
latest 安装最新的软件 yum update
ansible test -m apt -a 'name=vim state=present's2 | SUCCESS => {"cache_update_time": 1549945185,"cache_updated": false,"changed": false}s3 | SUCCESS => {"cache_update_time": 1549945640,"cache_updated": false,"changed": false}s1 | SUCCESS => {"cache_update_time": 1549955489,"cache_updated": false,"changed": false}
service
service模块用于管理服务运行状态
enabled(no yes) 设置服务是否开机自启动 如果参数不指定,原有服务开机自启动状态进行保留
name(required) 设置要启动/停止服务名称
state
reloaded 平滑重启
restarted 重启
started 启动
stopped 停止
#重启SSH服务ansible test -m service -a "name=ssh state=restarted"s1 | CHANGED => {"changed": true,"name": "ssh","state": "started"}s3 | CHANGED => {"changed": true,"name": "ssh","state": "started"}s2 | CHANGED => {"changed": true,"name": "ssh","state": "started"}
mount
mount模块用于批量管理主机进行挂载
fstype 指定挂载的文件系统类型
opts 指定挂载的参数信息
path 定义一个挂载点信息
src 定义设备文件信息
state
absent 会进行卸载,也会修改fatab文件信息
unmounted 会进行卸载,不会修改fstab文件
present 不会挂载,只会修改fstab文件
mounted 会进行挂载,会修改fstab文件
cron
cron模块用于创建/删除/修改定时任务
minute/hour/day/month/weekday 和设置时间信息相关参数
job 和设置定时任务先关参数
name 设置定时任务注释信息
state absent 删除指定定时任务
disabled yes 将指定定时任务进行注释
no 取消注释
#定时任务如何设置:
#crontab -e
* 定时任务
分 时 日 月 周
minute hour day month weekday job=‘/usr/sbin/ntpdate ntp1.aliyun.com &>/dev/null’
user
user模块用于创建/修改/删除用户
name 指定用户名信息
uid 指定用户uid信息
group 指定用户主要属于哪个组
groups 指定用户属于哪个附加组信息
shell 指定是否能够登录
create_home 是否创建家目录信息
home 指定家目录创建在什么路径 默认/home
password *设置密码时不能使用明文方式,只能使用密文方式
可以给用户设置密码 还可以给用户修改密码
group
group模块用于创建/修改/删除用户组
gid 指定创建的组ID信息
name 指定创建组名称信息
state
absent 删除指定的用户组
present 创建指定的用户组
script
script用于在节点上执行脚本
ansible test -m script -a /Users/gikoo/Desktop/hello.shs2 | CHANGED => {"changed": true,"rc": 0,"stderr": "Shared connection to 127.0.0.1 closed.\r\n","stderr_lines": ["Shared connection to 127.0.0.1 closed."],"stdout": "hello\r\n","stdout_lines": ["hello"]}s1 | CHANGED => {"changed": true,"rc": 0,"stderr": "Shared connection to 127.0.0.1 closed.\r\n","stderr_lines": ["Shared connection to 127.0.0.1 closed."],"stdout": "hello\r\n","stdout_lines": ["hello"]}s3 | CHANGED => {"changed": true,"rc": 0,"stderr": "Shared connection to 127.0.0.1 closed.\r\n","stderr_lines": ["Shared connection to 127.0.0.1 closed."],"stdout": "hello\r\n","stdout_lines": ["hello"]}
setup
get_url
该模块主要用于从http、ftp、https服务器上下载文件(类似于wget)
sha256sum #下载完成后进行sha256 check;
timeout #下载超时时间,默认10s;
url #下载的URL;
url_password、url_username #主要用于需要用户名密码进行验证的情况;
use_proxy #使用代理,代理需事先在环境变更中定义;
ansible test -m get_url -a 'url=https://store.51yxxg.com/$HVOT5%29QAVBJEZRCWR%297%60A3-1549511966522.png dest=/root/test.png's2 | CHANGED => {"changed": true,"checksum_dest": null,"checksum_src": "89cf1343a88ece3b344943d017126793493b05eb","dest": "/root/test.png","gid": 0,"group": "root","md5sum": "08e263186eb8522f39839d935e38c1ff","mode": "0644","msg": "OK (180465 bytes)","owner": "root","size": 180465,"src": "/root/.ansible/tmp/ansible-tmp-1550023045.3543859-67698778084845/tmpw5atZn","state": "file","status_code": 200,"uid": 0,"url": "https://store.51yxxg.com/$HVOT5%29QAVBJEZRCWR%297%60A3-1549511966522.png"}
unarchive
用于解压文件的模块
copy #在解压文件之前,是否先将文件复制到远程主机,默认为yes。若为no,则要求目标主机上压缩包必须存在;
creates #指定一个文件名,当该文件存在时,则解压指令不执行;
dest #远程主机上的一个路径,即文件解压的路径;
group #解压后的目录或文件的属组;
list_files #如果为yes,则会列出压缩包里的文件,默认为no,2.0版本新增的选项;
mode #解决后文件的权限;
src #如果copy为yes,则需要指定压缩文件的源路径;
owner #解压后文件或目录的属主;
ansible test -m unarchive -a 'src=foo.tgz dest=/var/lib/foo'ansible test -m unarchive -a 'src=/tmp/foo.zip dest=/usr/local/bin copy=no'ansible test -m unarchive -a 'src=https://example.com/example.zip dest=/usr/local/bin copy=no'
其他工具
ansible-doc
ansible-playbook
组织一套执行剧本
#dep.yml- name: dephosts: testremote_user: roottasks:- name: install zipapt : name=ziptags:- tag1- tag2- name: install unzipapt : name=unzip- name: install lrzszapt : name=lrzsz
ansible-playbook dep.yml#ansible-playbook dep.yml --tags tag1PLAY [dep] ********************************************************************************************TASK [Gathering Facts] ********************************************************************************ok: [s2]ok: [s3]ok: [s1]TASK [install zip] ************************************************************************************ok: [s1]ok: [s3]ok: [s2]TASK [install unzip] **********************************************************************************ok: [s1]ok: [s2]ok: [s3]TASK [install lrzsz] **********************************************************************************ok: [s1]changed: [s2]changed: [s3]PLAY RECAP ********************************************************************************************s1 : ok=4 changed=0 unreachable=0 failed=0s2 : ok=4 changed=1 unreachable=0 failed=0s3 : ok=4 changed=1 unreachable=0 failed=0
ansible-console
参考
http://www.ansible.com.cn
https://blog.csdn.net/qq_41112887/article/details/86614234
https://blog.csdn.net/zzq900503/article/details/80158767
若有收获,就点个赞吧
0 人点赞
