ansible常用的模块 



ansible常用模块使用详解




ansible常用模块有:




    

  • ping
    • 

  • yum
    • 

  • template
    • 

  • copy
    • 

  • user
    • 

  • group
    • 

  • service
    • 

  • raw
    • 

  • command
    • 

  • shell
    • 

  • script
    • 





ansible常用模块rawcommandshell的区别:




    

  • shell模块调用的/bin/sh指令执行
    • 

  • command模块不是调用的shell的指令,所以没有bash的环境变量
    • 

  • raw很多地方和shell类似,更多的地方建议使用shell和command模块。但是如果是使用老版本python,需要用到raw,又或者是客户端是路由器,因为没有安装python模块,那就需要使用raw模块了
    • 







ansible常用模块之ping

ping模块用于检查指定节点机器是否连通,用法很简单,不涉及参数,主机如果在线,则回复pong

[root@localhost ansible]# ansible node4 -m ping
node4 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}












ansible常用模块之command

command模块用于在远程主机上执行命令,ansible默认就是使用command模块。

command模块有一个缺陷就是不能使用管道符和重定向功能。

查看受控主机的 /tmp目录下的内容
[root@localhost ansible]# ansible node3 -a 'ls /tmp'
node3 | CHANGED | rc=0 >>
ansible_command_payload_mj4yx_4u
ks-script-oo7t5ml8
vmware-root_983-4282302102



在受控主机的/tmp 目录下写一个test文件
[root@localhost ansible]# ansible node3 -a 'touch /tmp/test'
[WARNING]: Consider using the file module with state=touch rather than running 'touch'.  If you need
to use command because file is insufficient you can add 'warn: false' to this command task or set
'command_warnings=False' in ansible.cfg to get rid of this message.
node3 | CHANGED | rc=0 >>

查看有无文件
[root@localhost ansible]# ansible node3 -a 'ls /tmp'
node3 | CHANGED | rc=0 >>
ansible_command_payload_2f6pmz_0
ks-script-oo7t5ml8
test
vmware-root_983-4282302102





//command模块不支持管道符,不支持重定向


[root@localhost ansible]# ansible node3 -a "echo 'hello world' > /tmp/test"
node3 | CHANGED | rc=0 >>
hello world > /tmp/test
[root@localhost ansible]# ansible node3 -a "cat  /tmp/test"
node3 | CHANGED | rc=0 >>

[root@localhost ansible]# ansible node3 -a 'ps -ef}grep vsftpd'
node3 | FAILED | rc=1 >>
error: unsupported SysV option

Usage:
 ps [options]

 Try 'ps --help <simple|list|output|threads|misc|all>'
  or 'ps --help <s|l|o|t|m|a>'
 for additional help text.

For more details see ps(1).non-zero return code












ansible常用模块之raw

raw模块用于在远程主机上执行命令,其支持管道符与重定向

//支持重定向
[root@localhost ansible]# ansible node3 -m raw -a 'echo "hello world" > /tmp/test'
node3 | CHANGED | rc=0 >>
Shared connection to node3 closed.

[root@localhost ansible]# ansible node3 -a 'cat /tmp/test'
node3 | CHANGED | rc=0 >>
hello world




//支持管道符

[root@localhost ansible]# ansible node3 -m raw -a 'cat /tmp/test|grep -o world'
node3 | CHANGED | rc=0 >>
world
Shared connection to node3 closed.












ansible常用模块之script

script模块用于在受控机上执行主控机上的脚本

在主机上写一个放脚本的目录,在里面写入一个脚本

[root@localhost ansible]# mkdir scripts
[root@localhost ansible]# vim scripts/ip.sh
#!/bin/bash

ip a > /tmp/ip.txt
[root@localhost ansible]# cat scripts/ip.sh 
#!/bin/bash

ip a > /tmp/ip.txt



先看一下node2里面有没有/tmp/ip.txt文件
[root@localhost ansible]# ansible node2 -a 'ls /tmp/'
node2 | CHANGED | rc=0 >>
ansible_command_payload_c_pikjks
ks-script-a854zyoy
vmware-root_880-2697139639
vmware-root_969-4281777807




用script在node2上执行脚本
[root@localhost ansible]# ansible node2 -m script -a 'scripts/ip.sh'
node2 | CHANGED => {
    "changed": true,
    "rc": 0,
    "stderr": "Shared connection to node2 closed.\r\n",
    "stderr_lines": [
        "Shared connection to node2 closed."
    ],
    "stdout": "",
    "stdout_lines": []
}

文件不在主机上
[root@localhost ansible]# ls /tmp/
mysql.sock  mysql.sock.lock  vmware-root_961-4248090753  vmware-root_968-2965448017



文件在受控机node2上
[root@localhost ansible]# ansible node2 -a 'ls /tmp'
node2 | CHANGED | rc=0 >>
ansible_command_payload_2i979pf2
ip.txt
ks-script-a854zyoy
vmware-root_880-2697139639
vmware-root_969-4281777807
[root@localhost ansible]# ansible node2 -a 'cat /tmp/ip.txt'
node2 | CHANGED | rc=0 >>
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:3c:52:52 brd ff:ff:ff:ff:ff:ff
    inet 192.168.170.155/24 brd 192.168.170.255 scope global dynamic noprefixroute ens160
       valid_lft 1749sec preferred_lft 1749sec
    inet6 fe80::d853:c1c3:566e:a27a/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever










ansible常用模块之template

template模块用于生成一个模板,并可将其传输至远程主机上

[root@localhost ~]# ls
anaconda-ks.cfg  pass
[root@localhost ~]# ansible node2 -m template -a 'src=/root/anaconda-ks.cfg dest=/tmp/'
node2 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "checksum": "8f91fd0587be26f6478ca71daded63ae75a24969",
    "dest": "/tmp/anaconda-ks.cfg",
    "gid": 0,
    "group": "root",
    "md5sum": "bec0542afc7ff1b5bbac48dad6369b27",
    "mode": "0644",
    "owner": "root",
    "secontext": "unconfined_u:object_r:admin_home_t:s0",
    "size": 1184,
    "src": "/root/.ansible/tmp/ansible-tmp-1609942764.0322337-3804-21665074656556/source",
    "state": "file",
    "uid": 0
}
[root@localhost ~]# ansible node2 -a 'ls /tmp'
node2 | CHANGED | rc=0 >>
anaconda-ks.cfg
ansible_command_payload_ft3m4eza
ip.txt
ks-script-a854zyoy
vmware-root_880-2697139639
vmware-root_969-4281777807









ansible常用模块之yum

yum模块用于在指定节点机器上通过yum管理软件,其支持的参数主要有两个:

name:要管理的包名

state:要进行的操作

state常用的值:

1.latest:安装软件

2.installed:安装软件

present:安装软件

removed:卸载软件

absent:卸载软件

//在受控机上查询看vsftpd软件是否安装
[root@ndoe4 ~]# rpm -qa|grep vsftpd
[root@ndoe4 ~]# 

//在ansible主机上使用yum模块在受控机上安装vsftpd
[root@localhost ansible]# ansible node4 -m yum -a 'name=vsftpd state=present'
node4 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [
        "Installed: vsftpd-3.0.3-32.el8.x86_64"
    ]
}


//查看受控机上是否安装了vsftpd

[root@ndoe4 ~]# rpm -qa|grep vsftpd
vsftpd-3.0.3-32.el8.x86_64














ansible常用模块之copy

copy模块用于复制文件至远程受控机。


[root@localhost ansible]# ansible all -m copy -a 'src=/etc/yum.repos.d/  dest=/etc/yum.repos.d/'
The authenticity of host 'node1 (192.168.170.120)' can't be established.
ECDSA key fingerprint is SHA256:Joz/V3cW2/c6NLsZR8kdRLbV6IXWLRIwCzK3KWP4tYs.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
node1 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: Warning: Permanently added 'node1,192.168.170.120' (ECDSA) to the list of known hosts.\r\nroot@node1: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
    "unreachable": true
}
node4 | CHANGED => {
    "changed": true,
    "dest": "/etc/yum.repos.d/",
    "src": "/etc/yum.repos.d/"
}
node3 | CHANGED => {
    "changed": true,
    "dest": "/etc/yum.repos.d/",
    "src": "/etc/yum.repos.d/"
}
node2 | CHANGED => {
    "changed": true,
    "dest": "/etc/yum.repos.d/",
    "src": "/etc/yum.repos.d/"
}










ansible常用模块之group

group模块用于在受控机上添加或删除组

//在受控机上添加一个系统组,其gid为666,组名为natasha

[root@localhost ansible]# ansible node3 -m group -a 'name=natasha gid=666 state=present'
node3 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "gid": 666,
    "name": "natasha",
    "state": "present",
    "system": false
}
[root@localhost ansible]# ansible node3 -m shell -a 'grep natasha  /etc/group'
node3 | CHANGED | rc=0 >>
natasha:x:666:



删除组natasha
[root@localhost ansible]# ansible node3 -m group -a 'name=natasha state=absent'
node3 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "name": "natasha",
    "state": "absent"
}
[root@localhost ansible]# ansible node3 -m shell -a 'grep natasha /etc/group'
node3 | FAILED | rc=1 >>
non-zero return code










ansible常用模块之user

user模块用于管理受控机的用户帐号。

在受控机上添加一个系统用户,用户名为jerry,uid为301,设置其shell为/sbin/nologin,无家目录


[root@localhost ansible]# ansible node3 -m user -a 'name=jerry uid=301 system=yes create_home=no shell=/sbin/nologin state=present'
node3 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "comment": "",
    "create_home": false,
    "group": 301,
    "home": "/home/jerry",
    "name": "jerry",
    "shell": "/sbin/nologin",
    "state": "present",
    "system": true,
    "uid": 301
}
[root@localhost ansible]# ansible node3 -m shell -a 'grep jerry /etc/passwd'
node3 | CHANGED | rc=0 >>
jerry:x:301:301::/home/jerry:/sbin/nologin
[root@localhost ansible]# ansible node3 -m shell -a 'ls /home'
node3 | CHANGED | rc=0 >>

[root@localhost ansible]# 





//修改mysql用户的uid为366

[root@localhost ansible]# ansible node3 -m user -a 'name=jerry uid=366'
node3 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "append": false,
    "changed": true,
    "comment": "",
    "group": 301,
    "home": "/home/jerry",
    "move_home": false,
    "name": "jerry",
    "shell": "/sbin/nologin",
    "state": "present",
    "uid": 366
}
[root@localhost ansible]# ansible node3 -m shell -a 'grep jerry /etc/passwd'
node3 | CHANGED | rc=0 >>
jerry:x:366:301::/home/jerry:/sbin/nologin




//删除受控机上的mysql用户


[root@localhost ansible]# ansible node3 -m user -a 'name=jerry state=absent'
node3 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "force": false,
    "name": "jerry",
    "remove": false,
    "state": "absent"
}
[root@localhost ansible]# ansible node3 -m shell -a 'grep jerry /etc/passwd'
node3 | FAILED | rc=1 >>
non-zero return code











ansible常用模块之service

service模块用于管理受控机上的服务。

//查看受控机上的vsftpd服务是否启动
[root@localhost ansible]# ansible node4 -m shell -a 'systemctl is-active vsftpd'
node4 | FAILED | rc=3 >>
inactivenon-zero return code





//启动受控机上的vsftpd服务
[root@localhost ansible]# ansible node4 -m service -a 'name=vsftpd state=started'
node4 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "name": "vsftpd",
    "state": "started",
    "status": {
        "ActiveEnterTimestampMonotonic": "0",
        "ActiveExitTimestampMonotonic": "0",
         ...
         ...
         ...
         ...
         ...




//查看受控机上的vsftpd服务是否启动

[root@localhost ansible]#  ansible node4 -m shell -a 'systemctl is-active vsftpd'
node4 | CHANGED | rc=0 >>
active


//查看受控机上的vsftpd服务是否开机自动启动

[root@localhost ansible]# ansible node4 -m shell -a 'systemctl is-enabled vsftpd'
node4 | FAILED | rc=1 >>
disablednon-zero return code



//设置受控机上的vsftpd服务开机自动启动
[root@localhost ansible]# ansible node4 -m service -a 'name=vsftpd enabled=yes'
node4 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "enabled": true,
    "name": "vsftpd",
    "status": {
        "ActiveEnterTimestamp": "Thu 2021-01-07 07:50:45 CST",
        "ActiveEnterTimestampMonotonic": "19500289240",

      ...
      ...
      ...
      ...
      ...


//查看受控机上的vsftpd服务是否开机自动启动

[root@localhost ansible]# ansible node4 -m shell -a 'systemctl is-enabled vsftpd'
node4 | CHANGED | rc=0 >>
enabled




//停止受控机上的vsftpd服务

[root@localhost ansible]# ansible node4 -m service -a 'name=vsftpd state=stopped'
node4 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "name": "vsftpd",
    "state": "stopped",
    "status": {
        "ActiveEnterTimestamp": "Thu 2021-01-07 07:50:45 CST",
        "ActiveEnterTimestampMonotonic": "19
                  ...
                   ...
                   ...
                   ...
                   ...
                   ...


[root@localhost ansible]# ansible node4 -m shell -a 'systemctl is-active vsftpd'
node4 | FAILED | rc=3 >>
inactivenon-zero return code



查看受控机的启动的端口号
[root@localhost ansible]# ansible node4 -m shell -a 'ss -antl'
node4 | CHANGED | rc=0 >>
State    Recv-Q    Send-Q        Local Address:Port        Peer Address:Port    
LISTEN   0         128                 0.0.0.0:22               0.0.0.0:*       
LISTEN   0         128                    [::]:22                  [::]:*       
[root@localhost ansible]# 




 






            

            
posted @ 
2021-01-07 00:57 
取个名字真滴难 
阅读(168) 
评论(0) 
 
收藏 
举报