ansible模块使用
目录
常用命令
# -k 参数,可以手动输入目标主机ssh的密码
[root@master ansible]# ansible-playbook -k init.yml
#一条命令书写任务
[root@master ansible]# ansible node1 -m authorized_key -a "user=webop state=present key='{{ lookup('file', '/home/liuhongdi/.ssh/id_rsa.pub') }}'"
手册使用
#查看所有模块
[root@master ansible]# ansible-doc -l
#查看包含copy的模块
[root@master ansible]# ansible-doc -l | grep copy
vsphere_copy Copy a file to a VMware datastore
win_copy Copies files to remote locations on windows hosts
bigip_file_copy Manage files in datastores on a BIG-IP
ec2_ami_copy copies AMI between AWS regions, return new image id
win_robocopy Synchronizes the contents of two directories using Robocopy
copy Copy files to remote locations
na_ontap_lun_copy NetApp ONTAP copy LUNs
icx_copy Transfer files from or to remote Ruckus ICX 7000 series switches
unarchive Unpacks an archive after (optionally) copying it from the local machine
ce_file_copy Copy a file to a remote cloudengine device over SCP on HUAWEI CloudEngine switches
postgresql_copy Copy data between a file/program and a PostgreSQL table
ec2_snapshot_copy copies an EC2 snapshot and returns the new Snapshot ID
nxos_file_copy Copy a file to a remote NXOS device
netapp_e_volume_copy NetApp E-Series create volume copy pairs
#详细的模块描述手册
[root@master ansible]# ansible-doc copy
#只包含模块参数用法的模块描述手册
[root@master ansible]# ansible-doc -s copy
查看主机清单
#查看所有主机
[root@master ansible]# ansible all --list-hosts
hosts (3):
192.168.1.21
192.168.1.22
192.168.1.23
#查看指定组的主机
[root@master ansible]# ansible node1 --list-hosts
hosts (1):
192.168.1.21
[root@master ansible]# ansible node --list-hosts
hosts (3):
192.168.1.21
192.168.1.22
192.168.1.23
#使用列出node组中的主机
[root@master ansible]# ansible-inventory node --graph
@node:
|--192.168.1.21
|--192.168.1.22
|--192.168.1.23
#使用列出node组的主机同时带上变量
[root@master ansible]# ansible-inventory node --graph --vars
@node:
|--192.168.1.21
| |--{ansible_port = 22}
|--192.168.1.22
| |--{ansible_port = 22}
|--192.168.1.23
| |--{ansible_port = 22}
#以json列出所有主机
[root@master ansible]# ansible-inventory --list
authorized_key
- name: 配置免密
authorized_key:
user: root
state: present
key: "{{ lookup('file', '/root/.ssh/id_rsa.pub')}}"
#或者
[root@master ~]# ansible -v node1 -m authorized_key -a "user=root state=present key='{{ lookup('file', '/root/.ssh/id_rsa.pub')}}'"
#user 目标主机用户
#present:保证目标节点上会保存Ansible端本次分发的公钥
#absent:保证目标节点上没有Ansible端本次分发的公钥
#key: 公钥
#读取/root/.ssh/id_rsa.pub文件内容给key,然后把key作为root连接的公钥
第二种主机下发秘钥方法
[root@master ~]# cat mianmi.sh
#!/bin/bash
for i in 21
do
sshpass -p 1 ssh-copy-id -i /root/.ssh/id_rsa.pub -o StrictHostKeyChecking=no 192.168.1.$i
done
#sshpass 免密登录的工具,可以非交互式输入密码;StrictHostKeyChecking=no 取消yes
setup
[root@master ansible]# ansible node1 -m setup
#filter过滤变量
#查看主机名
[root@master ~]# ansible node1 -m setup -a 'filter=ansible_fqdn'
192.168.1.21 | SUCCESS => {
"ansible_facts": {
"ansible_fqdn": "node1", #这里
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false
}
#查看地址
[root@master ~]# ansible node1 -m setup -a 'filter=*address*'
192.168.1.21 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.1.21"
],
"ansible_all_ipv6_addresses": [
"fd15:4ba5:5a2b:1008:20c:29ff:fe4c:8a47",
"fe80::20c:29ff:fe4c:8a47"
],
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false
}
command&shell&raw
#共同点 都没有幂等性
#不同点
command 要求受管主机上安装Python。command可以在受管主机上执行shell命令,但是不支持环境变量和操作符(例如 '|', '<', '>', '&')
shell shell模块调用的/bin/sh指令执行
raw 不需要受管主机上安装Python,直接使用远程shell运行命令,通常用于无法安装Python的系统(例如网络设备等)
#测试 使用不同模块查看系统时间和内核版本
#command 命令执行失败,不支持 &
[root@master ~]# ansible -v node1 -m command -a "date && uname -r"
Using /etc/ansible/ansible.cfg as config file
192.168.1.21 | FAILED | rc=1 >>
date:选项需要一个参数 -- r
Try 'date --help' for more information.non-zero return code
#shell
Try 'date --help' for more information.non-zero return code
[root@master ~]# ansible -v node1 -m shell -a "date&&uname -r"
Using /etc/ansible/ansible.cfg as config file
192.168.1.21 | CHANGED | rc=0 >>
2021年 11月 27日 星期六 21:35:22 CST
3.10.0-862.el7.x86_64
#raw
[root@master ~]# ansible -v node1 -m raw -a "date&&uname -r"
Using /etc/ansible/ansible.cfg as config file
192.168.1.21 | CHANGED | rc=0 >>
2021年 11月 27日 星期六 21:35:26 CST
3.10.0-862.el7.x86_64
Shared connection to 192.168.1.21 closed. #比shell模块多了个这个连接记录
script
#script模块会把-a后面的脚本拷贝到被管理端主机,然后执行这个脚本。
#测试
[root@master ~]# cat test.sh
#!/bin/bash
#测试
date
uname -r
[root@master ~]# ansible node1 -m script -a "test.sh"
192.168.1.21 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.1.21 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.1.21 closed."
],
"stdout": "2021年 11月 27日 星期六 21:40:15 CST\r\n3.10.0-862.el7.x86_64\r\n",
"stdout_lines": [
"2021年 11月 27日 星期六 21:40:15 CST", #date结果
"3.10.0-862.el7.x86_64" #uname -r 结果
]
}
file
file模块(创建文件、目录、链接;修改权限与属性等)
创建文件目录
#创建文件
[root@master ~]# ansible node1 -m file -a "path=/tmp/file.txt state=touch"
[root@node1 ~]# ls -l /tmp/file.txt
-rw-r--r-- 1 root root 0 11月 28 10:30 /tmp/file.txt
#创建目录
[root@master ~]# ansible node1 -m file -a "path=/tmp/file state=directory"
[root@node1 ~]# ls -ld /tmp/file
drwxr-xr-x 2 root root 6 11月 28 10:31 /tmp/file
删除文件目录
[root@master ~]# ansible node1 -m file -a "path=/tmp/test.link state=absent"
#state=absent 删除
修改权限
[root@master ~]# ansible node1 -m file -a "path=/tmp/file owner=sshd group=adm mode=0777"
[root@node1 ~]# ls -ld /tmp/file
drwxrwxrwx 2 sshd adm 6 11月 28 10:31 /tmp/file
##owner所属者 group所属组 0哪个位置是特殊权限t,s,G
创建链接
#软连接
[root@master ~]# ansible node1 -m file -a "src=/tmp/file.txt path=/tmp/test.link state=link"
[root@node1 ~]# ls -l /tmp/test.link
lrwxrwxrwx 1 root root 13 11月 28 10:36 /tmp/test.link -> /tmp/file.txt
#硬链接
[root@master ~]# ansible node1 -m file -a "src=/tmp/file.txt path=/tmp/test.hard state=hard"
[root@node1 ~]# ls -l /tmp/test.hard
-rw-r--r-- 2 root root 0 11月 28 10:30 /tmp/test.hard
#src=源文件 path=链接文件 state=link(软连接) hard(硬链接)
copy
#copy模块(把自己的文件拷贝给别人) 拷贝配置文件是建议用template模块,因为copy模块不会识别变量
#基础拷贝
[root@master ~]# ansible node1 -m copy -a "src=test.sh dest=/root/ owner=kylin group=kylin mode=0777"
#owner=kylin group=kylin mode=0777 可不写
[root@node1 ~]# ls -l test.sh
-rwxrwxrwx 1 kylin kylin 34 11月 28 10:42 test.sh
#无源文件拷贝
[root@master ~]# ansible node1 -m copy -a "content='aaa\n' dest=/root/a.txt "
[root@node1 ~]# cat a.txt
aaa
#content='aaa\n',本地没有源文件时可使用content指定文件内容
template
#与copy一样,可以拷贝变量
[root@master ~]# cat template.txt
Welcome to {{inventory_hostname}}
[root@master ~]# ansible node1 -m template -a "src=/root/template.txt dest=/root/"
[root@node1 ~]# cat template.txt #template可以把文件中的变量翻译过来
Welcome to 192.168.1.21
fetch
#把别人的文件拷贝被自己,注意不能拷贝目录,拷贝目录的话请先打包;拷贝时默认把对方父目录带过来
[root@master ~]# ansible node1 -m fetch -a "src=/etc/hosts dest=/root/ "
[root@master ~]# ls
192.168.1.21 test.sh
[root@master ~]# ls 192.168.1.21/etc/hosts
192.168.1.21/etc/hosts
#使用时默认在本地生成一个已目标主机ip命令的目录,目录下面是要拷贝文件的父目录,在下面才是要拷贝的文件
#备份目标主机message文件到本地/root/下
[root@master ~]# ansible node1 -m fetch -a 'src=/var/log/messages dest=/root/'
[root@master ~]# ls
192.168.1.21 #会生成一个目标主机ip的文件夹
[root@master ~]# ls 192.168.1.21/
etc/ var/ #并且把目标主机父目录拷贝过来
[root@master ~]# ls 192.168.1.21/var/log/
messages #拷贝的文件
lineinfile
整行替换(复杂用sed)
#替换以127.0.0.1开头行的内容
[root@node1 ~]# cat hosts #替换前文件内容
127.0.0.1 localhost
::1 localhost
192.168.1.20 master
192.168.1.21 node1
192.168.1.22 node2
192.168.1.23 node3
[root@master ~]# ansible node1 -m lineinfile -a "path=/root/hosts regex='^127.0.0.1' line='127.0.0.1 test' "
#path 指定目标文件 regex 正则匹配行 line 替换的内容
[root@node1 ~]# cat hosts #替换后文件内容
127.0.0.1 test #修改了这行
::1 localhost
192.168.1.20 master
192.168.1.21 node1
192.168.1.22 node2
192.168.1.23 node3
添加内容
默认添加
#默认在文件最后添加
[root@node1 ~]# cat hosts #源文件内容
127.0.0.1 st
127.0.0.1 test2
::1 localhost
192.168.1.20 master
192.168.1.21 node1
192.168.1.22 node2
192.168.1.23 node3
[root@master ~]# ansible node1 -m lineinfile -a "path=/root/hosts line='hellow word' "
#只写文件和添加的行内容,默认添加在最后一行
[root@node1 ~]# cat hosts #在此查看文件
127.0.0.1 st
127.0.0.1 test2
::1 localhost
192.168.1.20 master
192.168.1.21 node1
192.168.1.22 node2
192.168.1.23 node3
hellow word #添加在这里了
匹配行前添加
[root@node1 ~]# cat hosts #源文件
127.0.0.1 st
::1 localhost
192.168.1.20 master
192.168.1.23 node3
hellow word
[root@master ~]# ansible node1 -m lineinfile -a "path=/root/hosts insertbefore='hellow word' line='行前添加' "
#insertbefore='hellow word' 在hellow word前一行添加line中内容
[root@node1 ~]# cat hosts #修改后
127.0.0.1 st
::1 localhost
192.168.1.20 master
192.168.1.23 node3
行前添加 #多了这行
hellow word
匹配行后添加
[root@node1 ~]# cat hosts #源文件
127.0.0.1 st
::1 localhost
192.168.1.20 master
192.168.1.23 node3
行前添加
hellow word
[root@master ~]# ansible node1 -m lineinfile -a "path=/root/hosts insertafter='hellow word' line='行后添加' "
#insertafter='hellow word' 在hellow word行后添加line中内容
[root@node1 ~]# cat hosts #修改后文件
127.0.0.1 st
::1 localhost
192.168.1.20 master
192.168.1.23 node3
行前添加
hellow word
行后添加 #多了这行
修改内容及权限
[root@node1 ~]# ls -l hosts
-rw-r--r-- 1 root root 66 11月 28 12:28 hosts
[root@node1 ~]# cat hosts
127.0.0.1 st
192.168.1.20 master
192.168.1.23 node3
hellow word
[root@master ~]# ansible node1 -m lineinfile -a "path=/root/hosts regex='^127.0.0.1' line='127.0.0.1 localhost' owner=kylin group=kylin mode=0777 "
#regex='^127.0.0.1' 匹配到的行内容替换成line内容,并修改文件权限
[root@node1 ~]# cat hosts
127.0.0.1 localhost #修改这行
192.168.1.20 master
192.168.1.23 node3
hellow word
[root@node1 ~]# ls -l hosts
-rwxrwxrwx 1 kylin kylin 73 11月 28 12:29 hosts
删除行
[root@node1 ~]# cat hosts
127.0.0.1 localhost
192.168.1.20 master
192.168.1.23 node3 #这行删除了
hellow word
[root@master ~]# ansible node1 -m lineinfile -a "path=/root/hosts regex='^192.168.1.23' state=absent "
#state=absent 删除regex匹配到的行
[root@node1 ~]# cat hosts
127.0.0.1 localhost
192.168.1.20 master
hellow word
replace 单词替换
[root@node1 ~]# cat hosts
127.0.0.1 localhost
127.0.0.1 local
192.168.1.20 master
hellow word
[root@master ~]# ansible node1 -m replace -a "path=/root/hosts regexp='127.0.0.1' replace='192.168.1.21' backup=yes"
#把regexp匹配到的内容换成replace的内容
#backup 备份文件
[root@node1 ~]# cat hosts
192.168.1.21 localhost #替换了这两行
192.168.1.21 local #替换了这两行
192.168.1.20 master
hellow word
[root@node1 ~]# ls
hosts hosts.4977.2021-11-28@12:50:23~ #备份的文件名以时间戳命名
blocakinfile 插入行
#给文件中添加内容
[root@master ~]# ansible node1 -m blockinfile -a 'path=/etc/hosts block="192.168.1.21 node1\n192.168.1.22 node2\n192.168.1.23 node3"
[root@node1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.20 master
192.168.1.21 node1
192.168.1.22 node2
192.168.1.23 node3
# BEGIN ANSIBLE MANAGED BLOCK #新添加的几行,有标记
192.168.1.21 node1
192.168.1.22 node2
192.168.1.23 node3
# END ANSIBLE MANAGED BLOCK
#之前的
- name: 给nginx添加集群配置
blockinfile:
path: /usr/local/nginx/conf/nginx.conf #目标文件路径
block: | #内容
upstream webs{ server {{ansible_ip2_100}}:80;
server {{ansible_ip2_200}}:80; }
insertafter: default_type
application/octet-stream #在什么后面插入
user
groups:bin,root
append=yes 在不破坏原来附加组的情况下在加一个bin和root的附加组(不加这个就是直接替换原来的附加组)
comment: aaa #创建用户的时候给用户加注释
password: "{{ '123' | password_hash('sha512') }}" #密码
创建用户,组
[root@master ~]# ansible node1 -m user -a "name=xiaoming groups=root append=yes home=/home/xiaoming shell=/bin/bash state=present"
#groups 附加组 append=yes 增量配置(no 全局配置)
删除用户,组
[root@master ~]# ansible node1 -m user -a "name=xiaoming home=/home/xiaoming state=absent remove=yes"
#state=absent 删除用户
#remove=删除家目录
修改用户密码
[root@master ~]# ansible node1 -m user -a "name=xiaoming password={{'1'| password_hash('sha256')}}"
#密码为1的 sha256加密方式
yum_repository
#生成yum源 不存在就创建,存在就修改 根据name判定
[root@master ~]# ansible node1 -m yum_repository -a "name=local description=mymnt baseurl=file:///mnt gpgcheck=no"
[root@node1 ~]# cat /etc/yum.repos.d/local.repo
[local]
baseurl = file:///mnt
gpgcheck = 0
name = mymnt
#删除yum源
[root@master ~]# ansible node1 -m yum_repository -a "name=local state=absent "
###state=absent 删除
[root@node1 ~]# ls /etc/yum.repos.d/
bak Centos-7.repo #刚刚的local.repo已经被删除
yum
#安装
[root@master ~]# ansible node1 -m yum -a "name=firewalld state=present" #安装软件
[root@master ~]# ansible node1 -m yum -a "name="@系统管理工具" state=present" #安装组包
#state=present 安装,不写也行,默认就是 安装组包是要加个@
#升级
[root@master ~]# ansible node1 -m yum -a "name=firewalld state=latest"
#state=latest 升级
#卸载
[root@master ~]# ansible node1 -m yum -a "name=firewalld state=absent"
#state=absent 卸载
service
#启动服务
[root@master ~]# ansible node1 -m service -a "name=firewalld state=started "
#关闭服务
[root@master ~]# ansible node1 -m service -a "name=firewalld state=stopped "
#重启服务
[root@master ~]# ansible node1 -m service -a "name=firewalld state=restarted"
#开机自启
[root@master ~]# ansible node1 -m service -a "name=firewalld state=started enabled=yes"
#禁止开机自启
[root@master ~]# ansible node1 -m service -a "name=firewalld state=stopped enabled=no"
parted
#创建分区
[root@master ~]# ansible node1 -m parted -a "device=/dev/sdb number=1 state=present "
[root@node1 ~]# lsblk #查看
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 100G 0 disk
├─sda1 8:1 0 512M 0 part /boot
└─sda2 8:2 0 99.5G 0 part
├─centos-root 253:0 0 91.5G 0 lvm /
└─centos-swap 253:1 0 8G 0 lvm [SWAP]
sdb 8:16 0 20G 0 disk
└─sdb1 8:17 0 20G 0 part
sr0 11:0 1 8.8G 0 rom
#删除分区
[root@master ~]# ansible node1 -m parted -a "device=/dev/sdb number=1 state=absent "
[root@node1 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 100G 0 disk
├─sda1 8:1 0 512M 0 part /boot
└─sda2 8:2 0 99.5G 0 part
├─centos-root 253:0 0 91.5G 0 lvm /
└─centos-swap 253:1 0 8G 0 lvm [SWAP]
sdb 8:16 0 20G 0 disk
sr0 11:0 1 8.8G 0 rom
lvg
#在原有基础上扩容卷组
不建议这样干,这里没理解
[root@master ~]# ansible node1 -m lvg -a "vg=centos pvs=/dev/sdb1 pesize=4 "
192.168.1.21 | FAILED! => { #ansible这边执行后是报错的
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"err": " Physical volume \"/dev/sda2\" still in use\n",
"msg": "Unable to reduce centos by /dev/sda2.",
"rc": 5
}
#但是node1节点确实是添加到默认的centos卷组了
[root@node1 ~]# pvs
PV VG Fmt Attr PSize PFree
/dev/sda2 centos lvm2 a-- <99.50g 0
/dev/sdb1 centos lvm2 a-- <20.00g <20.00g
[root@node1 ~]# vgs
VG #PV #LV #SN Attr VSize VFree
centos 2 2 0 wz--n- 119.49g <20.00g
#还是先别扩容默认的卷组了 容易崩
#可以这样删除
[root@node1 ~]# vgreduce centos /dev/sdb1
Removed "/dev/sdb1" from volume group "centos"
[root@node1 ~]# pvremove /dev/sdb1
Labels on physical volume "/dev/sdb1" successfully wiped.
#删除pv中的sdb1就行了
[root@node1 ~]# pvs
PV VG Fmt Attr PSize PFree
/dev/sda2 centos lvm2 a-- <99.50g 0
[root@node1 ~]# vgs
VG #PV #LV #SN Attr VSize VFree
centos 1 2 0 wz--n- <99.50g 0
[root@node1 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 100G 0 disk
├─sda1 8:1 0 512M 0 part /boot
└─sda2 8:2 0 99.5G 0 part
├─centos-root 253:0 0 91.5G 0 lvm /
└─centos-swap 253:1 0 8G 0 lvm [SWAP]
sdb 8:16 0 20G 0 disk
└─sdb1 8:17 0 20G 0 part
sr0 11:0 1 8.8G 0 rom
#创建卷组
[root@master ~]# ansible node1 -m lvg -a "vg=myvg pvs=/dev/sdb1 pesize=4 "
#vg名自定义 pvs要写存在的硬盘
[root@node1 ~]# vgdisplay myvg #查看
--- Volume group ---
VG Name myvg
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 1
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 0
Open LV 0
Max PV 0
Cur PV 1
Act PV 1
VG Size <20.00 GiB
PE Size 4.00 MiB
Total PE 5119
Alloc PE / Size 0 / 0
Free PE / Size 5119 / <20.00 GiB
VG UUID eBWeBV-clQ3-cho0-vAqq-hYhs-QlSG-Cwl27m
[root@node1 ~]# vgs
VG #PV #LV #SN Attr VSize VFree
centos 1 2 0 wz--n- <99.50g 0
myvg 1 0 0 wz--n- <20.00g <20.00g
#删除卷组
[root@master ~]# ansible node1 -m lvg -a "vg=myvg state=absent"
[root@node1 ~]# vgs
VG #PV #LV #SN Attr VSize VFree
centos 1 2 0 wz--n- <99.50g 0 #系统默认的卷组
lvol
#创建逻辑卷
[root@master ~]# ansible node1 -m lvol -a "lv=mylv vg=myvg size=2G"
[root@node1 ~]# lvs
LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert
root centos -wi-ao---- <91.50g
swap centos -wi-ao---- 8.00g
mylv myvg -wi-a----- 2.00g
[root@node1 ~]# lvdisplay /dev/myvg/mylv
--- Logical volume ---
LV Path /dev/myvg/mylv
LV Name mylv
VG Name myvg
LV UUID 8plAWl-CedL-3g00-5dwW-P1w3-bpSA-7zVCEs
LV Write Access read/write
LV Creation host, time node1, 2021-11-28 15:23:57 +0800
LV Status available
# open 0
LV Size 2.00 GiB
Current LE 512
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 8192
Block device 253:2
[root@node1 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 100G 0 disk
├─sda1 8:1 0 512M 0 part /boot
└─sda2 8:2 0 99.5G 0 part
├─centos-root 253:0 0 91.5G 0 lvm /
└─centos-swap 253:1 0 8G 0 lvm [SWAP]
sdb 8:16 0 20G 0 disk
└─sdb1 8:17 0 20G 0 part
└─myvg-mylv 253:2 0 10G 0 lvm
sr0 11:0 1 8.8G 0 rom
#扩容lv
[root@master ~]# ansible node1 -m lvol -a "lv=mylv vg=myvg size=10G" #直接改小就行
[root@node1 ~]# lvs
LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert
root centos -wi-ao---- <91.50g
swap centos -wi-ao---- 8.00g
mylv myvg -wi-a----- 10.00g
[root@node1 ~]# lvdisplay /dev/myvg/mylv
--- Logical volume ---
LV Path /dev/myvg/mylv
LV Name mylv
VG Name myvg
LV UUID 8plAWl-CedL-3g00-5dwW-P1w3-bpSA-7zVCEs
LV Write Access read/write
LV Creation host, time node1, 2021-11-28 15:23:57 +0800
LV Status available
# open 0
LV Size 10.00 GiB
Current LE 2560
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 8192
Block device 253:2
#删除lv
[root@master ~]# ansible node1 -m lvol -a "lv=mylv vg=myvg state=absent force=yes"
#写上lv名和vg名,在用force配合state强制删除就行
filesystem
#修改文件系统类型
[root@master ~]# ansible node1 -m filesystem -a "fstype=xfs dev=/dev/myvg/mylv force=yes "
[root@node1 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 100G 0 disk
├─sda1 8:1 0 512M 0 part /boot
└─sda2 8:2 0 99.5G 0 part
├─centos-root 253:0 0 91.5G 0 lvm /
└─centos-swap 253:1 0 8G 0 lvm [SWAP]
sdb 8:16 0 20G 0 disk
└─sdb1 8:17 0 20G 0 part
└─myvg-mylv 253:2 0 10G 0 lvm
sr0 11:0 1 8.8G 0 rom
[root@node1 ~]# blkid /dev/myvg/mylv
/dev/myvg/mylv: UUID="7efd8c2d-34d3-4d27-ba7c-ac1cfad76b7d" TYPE="xfs"
#再次修改
[root@master ~]# ansible node1 -m filesystem -a "fstype=ext4 dev=/dev/myvg/mylv force=yes "
#使用force强制修改就行
[root@node1 ~]# blkid /dev/myvg/mylv
/dev/myvg/mylv: UUID="3bbc53c7-3e4e-48ce-bb37-244b8caeefa4" TYPE="ext4"
mount
#挂载逻辑卷
[root@master ~]# ansible node1 -m mount -a "src=/dev/myvg/mylv path=/mnt state=mounted fstype=xfs"
#取消挂载
[root@master ~]# ansible node1 -m mount -a "src=/dev/myvg/mylv path=/mnt state=absent fstype=xfs"
#挂载镜像
[root@master ~]# ansible node1 -m mount -a "src=/dev/sr0 path=/mnt state=mounted fstype=iso9660"
#取消挂载
[root@master ~]# ansible node1 -m mount -a "src=/dev/sr0 path=/mnt state=absent fstype=iso9660"
firewalld
-permanent 保存策略,下次启动的时候自动加载
-state 指定防火墙策略状态,enable表示策略生效,disable表示策略禁用,present新建策略,absent删除策略
-source 指定网段
-immediate 防火墙策略立即生效
-zone
指定防火墙信任级别。
drop: 丢弃所有进入的包,而不给出任何响应
block: 拒绝所有外部发起的连接,允许内部发起的连接
public: 允许指定的进入连接
external: 同上,对伪装的进入连接,一般用于路由转发
dmz: 允许受限制的进入连接
work: 允许受信任的计算机被限制的进入连接,类似 workgroup
home: 同上,类似 homegroup
internal: 同上,范围针对所有互联网用户
trusted: 信任所有连接
#放行ssh服务
[root@master ~]# ansible node1 -m firewalld -a "service=ssh permanent=yes state=enabled immediate=yes "
#放行80/tcp端口
[root@master ~]# ansible node1 -m firewalld -a "port=80/tcp permanent=yes state=enabled immediate=yes "
unarchive 解压
#把本地的压缩包拷贝到目标主机,到目标主机后是解压好的,前提目标主机要有对应的解压工具
[root@master ~]# ls -l test.zip
-rw-r--r-- 1 root root 160 11月 28 17:34 test.zip
[root@master ~]# ansible node1 -m unarchive -a "src=/root/test.zip dest=/root/"
[root@node1 ~]# ls -l /root/test #到目标主机查看,因为我拷贝的是空目录,所以总用量0
总用量 0
archive 压缩
#把本地的test2目录拷贝过去,到对面是压缩好的
[root@master ~]# ansible node1 -m archive -a "path=/root/test2 dest=/root/test2.zip format=zip force_archive=yes" #force_archive=yes强制
[root@node1 ~]# ls -l test2.zip #目标主机查看
-rw-r--r-- 1 root root 22 11月 28 17:44 test2.zip
浙公网安备 33010602011771号