- 主机组的相关使用
- 主机的匹配:
[root@ansible ~]# ansible 192.168.100.203 -m ping 192.168.100.203 | SUCCESS => { "changed": false, "ping": "pong" } [root@ansible ~]# ansible 192.168.100.203,192.168.100.204 -m ping 192.168.100.203 | SUCCESS => { "changed": false, "ping": "pong" } 192.168.100.204 | SUCCESS => { "changed": false, "ping": "pong" } [root@ansible ~]# ansible all -m ping #all表示所有主机 192.168.100.203 | SUCCESS => { "changed": false, "ping": "pong" } 192.168.100.204 | SUCCESS => { "changed": false, "ping": "pong" } [root@ansible ~]# vim /etc/ansible/hosts 。。。。。。 [web] 192.168.100.203 [data] 192.168.100.204 #保存退出 [root@ansible ~]# ansible all -m ping 192.168.100.203 | SUCCESS => { "changed": false, "ping": "pong" } 192.168.100.204 | SUCCESS => { "changed": false, "ping": "pong" }
- 组的匹配
root@ansible ~]# cat /etc/ansible/hosts 。。。。。。 [web] 192.168.100.203 [data] 192.168.100.204 #保存退出 [root@ansible ~]# ansible web -m ping 192.168.100.203 | SUCCESS => { "changed": false, "ping": "pong" } [root@ansible ~]# ansible data -m ping 192.168.100.204 | SUCCESS => { "changed": false, "ping": "pong" } [root@ansible ~]# vim /etc/ansible/hosts [web] 192.168.100.203 192.168.100.204 [data] 192.168.100.204 #保存退出 [root@ansible ~]# ansible 'web:!data' -m ping #匹配web组中有的,data中没有的所有主机 192.168.100.203 | SUCCESS => { "changed": false, "ping": "pong" } [root@ansible ~]# ansible 'web:&data' -m ping #匹配web和data组中都有的所有主机,也就是交集 192.168.100.204 | SUCCESS => { "changed": false, "ping": "pong" } [root@ansible ~]# ansible 'web:data' -m ping #匹配web和data组中的所有主机 192.168.100.204 | SUCCESS => { "changed": false, "ping": "pong" } 192.168.100.203 | SUCCESS => { "changed": false, "ping": "pong" }
-ansible-doc常用命令
-j #以json格式显示所有模块的信息 -l #列出所有的模块,小写l -s #查看模块的常用参数,后面跟模块名称 [root@ansible ~]# ansible-doc -j [root@ansible ~]# ansible-doc -l [root@ansible ~]# ansible-doc -l | wc -l #所有模块 1852 [root@ansible ~]# ansible-doc -s shell #查看shell的常用参数
四、命令相关模块
-command模块常用的命令
#command,这是ansible的默认模块,要注意的是,在shell模块中的一些特殊字符,例如>、<、|、;、&、$等是不能在command模块中使用的,如果想要使用,则需要使用shell模块 ******查看command模块常用参数 [root@ansible ~]# ansible-doc -s command ******在web组的所有服务器上执行ls的名称,默认是在当前用户的家目录,也就是root [root@ansible ~]# ansible web -a ls 192.168.100.203 | SUCCESS | rc=0 >> anaconda-ks.cfg 192.168.100.204 | SUCCESS | rc=0 >> anaconda-ks.cfg ******chdir,这是切换目录的命令,一般在编译时候使用 [root@ansible ~]# ansible web -a 'chdir=/tmp pwd' 192.168.100.203 | SUCCESS | rc=0 >> /tmp 192.168.100.204 | SUCCESS | rc=0 >> /tmp ******creates,这是测试目录或者文件是否存在的命令,要注意的是,如果目录或者文件存在,则不执行后面的操作,不存在才会执行后面的命令 [root@ansible ~]# ansible web -a 'creates=/tmp ls /etc/passwd' #如果tmp目录存在,则不执行后面的命令 192.168.100.204 | SUCCESS | rc=0 >> skipped, since /tmp exists #发现没有执行后面的ls /etc/passwd,说明tmp目录存在 192.168.100.203 | SUCCESS | rc=0 >> skipped, since /tmp exists [root@ansible ~]# ansible web -a 'creates=/aaa pwd' 192.168.100.203 | SUCCESS | rc=0 >> #发现pwd执行成功,说明aaa目录不存在 /root 192.168.100.204 | SUCCESS | rc=0 >> /root ******removes,这个和creates相反,是当目录或者文件存在时才会执行后面的操作,不存在则不执行 [root@ansible ~]# ansible web -a 'removes=/tmp pwd' 192.168.100.204 | SUCCESS | rc=0 >> #发现成功执行pwd命令,说明tmp命令存在 /root 192.168.100.203 | SUCCESS | rc=0 >> /root [root@ansible ~]# ansible web -a 'removes=/aaa pwd' 192.168.100.204 | SUCCESS | rc=0 >> #没有执行pwd命令,说明aaa目录不存在 skipped, since /aaa does not exist 192.168.100.203 | SUCCESS | rc=0 >> skipped, since /aaa does not exist
-shell模块常用命令
专门用来执行shell命令的模块,和command模块相同,参数基本一样,都有着chdir、creates、removes等参数
******查看shell模块的常用参数 [root@ansible ~]# ansible-doc -s shell ******使用shell模块其实可以直接使用linux命令 [root@ansible ~]# ansible web -m shell -a 'mkdir /aaa' [WARNING]: Consider using the file module with state=directory rather than running mkdir. If you need to use command because file is insufficient you can add warn=False to this command task or set command_warnings=False in ansible.cfg to get rid of this message. #上面的提示只是在说建议使用ansible中shell模块的参数,不影响操作 192.168.100.203 | SUCCESS | rc=0 >> 192.168.100.204 | SUCCESS | rc=0 >> [root@node1 ~]# cd /aaa/ #进入node1节点进行验证,发现创建成功 [root@node1 aaa]# pwd /aaa [root@ansible ~]# ansible web -m shell -a 'cd /aaa && pwd' #使用&&可以执行多条命令 192.168.100.204 | SUCCESS | rc=0 >> /aaa 192.168.100.203 | SUCCESS | rc=0 >> /aaa [root@ansible ~]# ansible web -m shell -a 'cd /aaa && pwd && cd /tmp && pwd' 192.168.100.203 | SUCCESS | rc=0 >> /aaa /tmp 192.168.100.204 | SUCCESS | rc=0 >> /aaa /tmp [root@ansible ~]# ansible web -m shell -a 'cd /aaa && touch 1.txt && ls' #使用这种方式,在每次执行时都会更新文件的时间戳 192.168.100.204 | SUCCESS | rc=0 >> 1.txt 192.168.100.203 | SUCCESS | rc=0 >> 1.txt [root@ansible ~]# ansible web -m shell -a 'creates=/aaa/2.txt cd /aaa && touch 2.txt && ls' #利用creates参数创建文件,就不会更新文件的时间戳,当aaa目录下的2.txt文件不存在时才会执行后面的操作 192.168.100.203 | SUCCESS | rc=0 >> 1.txt 2.txt 192.168.100.204 | SUCCESS | rc=0 >> 1.txt 2.txt
-script模块
script是用于在被管理器上执行shell脚本的模块,脚本无需在被管理机器上面存在,只需要在ansible服务器上存在就行
******查看script模块的常用参数 [root@ansible ~]# ansible-doc -s script ******编写shell脚本 [root@ansible ~]# vim a.sh #!/bin/bash echo "hello world" #保存退出 ******在所有的被管理机器上执行该脚本 [root@ansible ~]# ansible all -m script -a '/root/a.sh' 192.168.100.203 | SUCCESS => { "changed": true, "rc": 0, "stderr": "Shared connection to 192.168.100.203 closed.\r\n", "stderr_lines": [ "Shared connection to 192.168.100.203 closed." ], "stdout": "hello world\r\n", #发现执行成功 "stdout_lines": [ "hello world" ] } 192.168.100.204 | SUCCESS => { "changed": true, "rc": 0, "stderr": "Shared connection to 192.168.100.204 closed.\r\n", "stderr_lines": [ "Shared connection to 192.168.100.204 closed." ], "stdout": "hello world\r\n", "stdout_lines": [ "hello world" ] }
五、文件相关模块
-file模块
file模块主要用于对文件的处理、创建、删除、权限控制等
******查看file模块的常用参数 [root@ansible ~]# ansible-doc -s file path #要管理的文件路径 recurse #递归 state: directory #创建目录,如果目标不存在则创建目录及其子目录 touch #创建文件,如果文件存在,则修改文件 属性 absent #删除文件或目录 mode #设置文件或目录权限 owner #设置文件或目录属主信息 group #设置文件或目录属组信息 link #创建软连接,需要和src配合使用 hard #创建硬连接,需要和src配合使用 ******创建目录 [root@ansible ~]# ansible web -m file -a 'path=/tmp/test1 state=directory' #创建目录test1,state=directory指定创建类型为目录 192.168.100.203 | SUCCESS => { "changed": true, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/tmp/test1", "size": 6, "state": "directory", "uid": 0 } 192.168.100.204 | SUCCESS => { "changed": true, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/tmp/test1", "size": 6, "state": "directory", "uid": 0 } ******创建文件 [root@ansible ~]# ansible web -m file -a 'path=/tmp/test2 state=touch' #touch类型为文件,创建文件test2 192.168.100.204 | SUCCESS => { "changed": true, "dest": "/tmp/test2", "gid": 0, "group": "root", "mode": "0644", "owner": "root", "size": 0, "state": "file", "uid": 0 } 192.168.100.203 | SUCCESS => { "changed": true, "dest": "/tmp/test2", "gid": 0, "group": "root", "mode": "0644", "owner": "root", "size": 0, "state": "file", "uid": 0 } ******创建软链接 [root@ansible ~]# ansible web -m file -a 'src=/tmp/test1 path=/tmp/test3 state=link' #src指定源,path表示目标,link为软链接类型 192.168.100.203 | SUCCESS => { "changed": true, "dest": "/tmp/test3", "gid": 0, "group": "root", "mode": "0777", "owner": "root", "size": 10, "src": "/tmp/test1", "state": "link", "uid": 0 } 192.168.100.204 | SUCCESS => { "changed": true, "dest": "/tmp/test3", "gid": 0, "group": "root", "mode": "0777", "owner": "root", "size": 10, "src": "/tmp/test1", "state": "link", "uid": 0 } ******删除文件 [root@ansible ~]# ansible web -m file -a 'path=/tmp/test2 state=absent' #指定test2,类型为absent删除 192.168.100.204 | SUCCESS => { "changed": true, "path": "/tmp/test2", "state": "absent" } 192.168.100.203 | SUCCESS => { "changed": true, "path": "/tmp/test2", "state": "absent" } ******创建文件时,同时配置权限的相关信息 [root@ansible ~]# ansible web -m file -a 'path=/tmp/test4 state=directory mode=775 owner=root group=root' #指定test4,指定类型为创建目录directory,mode指定权限为755,owner指定属主,group指定属组 192.168.100.203 | SUCCESS => { "changed": true, "gid": 0, "group": "root", "mode": "0775", "owner": "root", "path": "/tmp/test4", "size": 6, "state": "directory", "uid": 0 } 192.168.100.204 | SUCCESS => { "changed": true, "gid": 0, "group": "root", "mode": "0775", "owner": "root", "path": "/tmp/test4", "size": 6, "state": "directory", "uid": 0 } ******到node1节点上验证 [root@node1 ~]# ll /tmp/ 总用量 0 drwx------ 3 root root 17 6月 20 20:38 systemd-private-e9929548ddb64ea0ad6766056373cb0b-chronyd.service-Erf3Md drwx------ 3 root root 17 6月 20 20:38 systemd-private-e9929548ddb64ea0ad6766056373cb0b-vgauthd.service-qp2pD9 drwx------ 3 root root 17 6月 20 20:38 systemd-private-e9929548ddb64ea0ad6766056373cb0b-vmtoolsd.service-MwV63h drwxr-xr-x 2 root root 6 6月 20 22:11 test1 lrwxrwxrwx 1 root root 10 6月 20 22:13 test3 -> /tmp/test1 drwxrwxr-x 2 root root 6 6月 20 22:16 test4
-copy模块
copy模块主要用于管理端复制文件到远程主机,并且可以设置权限、属主和属组等,注意,copy只能从ansible服务器上复制文件到被管理的主机上
******查看copy模块的常用参数 [root@ansible ~]# ansible-doc -s copy src #需要copy的文件的源路径 dest #需要copy的文件的目标路径 backup #对copy的文件进行备份 content #直接在远程主机被管理文件中添加内容,会覆盖原文件内容 mode #对copy到远端的文件设置权限 owner #对copy到远端的文件设置属主 group #对copy到远端文件设置属组 ******复制文件到目标主机并且改名 [root@ansible ~]# ansible web -m copy -a 'src=/root/bbb dest=/tmp/123.com' #把本地的bbb复制到web组中所有主机的tmp目录中并且改名为123.com 192.168.100.204 | SUCCESS => { "changed": true, "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "dest": "/tmp/123.com", "gid": 0, "group": "root", "md5sum": "d41d8cd98f00b204e9800998ecf8427e", "mode": "0644", "owner": "root", "size": 0, "src": "/root/.ansible/tmp/ansible-tmp-1624203167.68-57129283592532/source", "state": "file", "uid": 0 } 192.168.100.203 | SUCCESS => { "changed": true, "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "dest": "/tmp/123.com", "gid": 0, "group": "root", "md5sum": "d41d8cd98f00b204e9800998ecf8427e", "mode": "0644", "owner": "root", "size": 0, "src": "/root/.ansible/tmp/ansible-tmp-1624203167.69-25000130507577/source", "state": "file", "uid": 0 } [root@node1 ~]# ll /tmp/ | grep 123 #切换到node1节点,检查是否成功复制 -rw-r--r-- 1 root root 0 6月 20 23:32 123.com ******复制文件到目标主机,并且备份复制的文件,这个文件带有复制时间的等信息,当更新文件内容后,重新copy时会用到 [root@ansible ~]# ansible web -m copy -a 'src=/root/bbb dest=/tmp/a.sh backup=yes' #backup会备份复制文件 192.168.100.204 | SUCCESS => { "changed": true, "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "dest": "/tmp/a.sh", "gid": 0, "group": "root", "md5sum": "d41d8cd98f00b204e9800998ecf8427e", "mode": "0644", "owner": "root", "size": 0, "src": "/root/.ansible/tmp/ansible-tmp-1624203426.46-122076976770635/source", #这个就是备份保存的路径 "state": "file", "uid": 0 } 192.168.100.203 | SUCCESS => { "changed": true, "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "dest": "/tmp/a.sh", "gid": 0, "group": "root", "md5sum": "d41d8cd98f00b204e9800998ecf8427e", "mode": "0644", "owner": "root", "size": 0, "src": "/root/.ansible/tmp/ansible-tmp-1624203426.46-108359073959338/source", "state": "file", "uid": 0 } ******直接在目标主机的a.sh文件中添加内容 [root@ansible ~]# ansible data -m copy -a 'content="aaaaaa" dest=/tmp/a.sh ' 192.168.100.204 | SUCCESS => { "changed": true, "checksum": "f7a9e24777ec23212c54d7a350bc5bea5477fdbb", "dest": "/tmp/a.sh", "gid": 0, "group": "root", "md5sum": "0b4e7a0e5fe84ad35fb5f95b9ceeac79", "mode": "0644", "owner": "root", "size": 6, "src": "/root/.ansible/tmp/ansible-tmp-1624204219.8-71881516745162/source", "state": "file", "uid": 0 } [root@ansible ~]# ansible data -m shell -a 'cat /tmp/a.sh' #确认添加成功 192.168.100.204 | SUCCESS | rc=0 >> aaaaaa ******复制文件到目标主机,并且设置权限以及属主和属组 [root@ansible ~]# ansible data -m copy -a 'src=/root/aaa dest=/root mode=700 owner=root group=root' 192.168.100.204 | SUCCESS => { "changed": true, "checksum": "a82d1eb2bbf5a675817d491428108772515a44a4", "dest": "/root/aaa", "gid": 0, "group": "root", "md5sum": "a0e8327b3e0f21dfcff0b7640b78930e", "mode": "0700", "owner": "root", "size": 40, "src": "/root/.ansible/tmp/ansible-tmp-1624204351.08-246368710512694/source", "state": "file", "uid": 0 } [root@ansible ~]# ansible data -m shell -a 'ls -l' #确认添加并且修改成功 192.168.100.204 | SUCCESS | rc=0 >> 总用量 8 -rwx------ 1 root root 40 6月 20 23:52 aaa -rw-------. 1 root root 1264 1月 12 18:27 anaconda-ks.cfg
-fetch模块
copy是把管理端的文件复制给被管理机器,而fetch是从被管理机器上拉取文件,保存到管理服务器,拉取下来的内容会保留目录结构,在收集被管理机器的日志等方面时会使用
******查看fetch模块常用参数 [root@ansible ~]# ansible-doc -s fetch src #指定需要从远端机器拉取的文件路径 dest #指定从远端机器拉取下来的文件存放路径 ******从被管理机器上拉取指定文件到管理端的指定目录中 [root@node1 ~]# ll 总用量 4 -rw-------. 1 root root 1264 1月 12 18:27 anaconda-ks.cfg [root@node1 ~]# touch aaa.txt #在被管理机器上创建文件 [root@node1 ~]# ll 总用量 4 -rw-r--r-- 1 root root 0 6月 21 23:25 aaa.txt -rw-------. 1 root root 1264 1月 12 18:27 anaconda-ks.cfg [root@ansible ~]# ansible 192.168.100.203 -m fetch -a 'dest=/root/ src=/root/aaa.txt' #把aaa.txt传到本地的root下 192.168.100.203 | SUCCESS => { "changed": true, "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "dest": "/root/192.168.100.203/root/aaa.txt", "md5sum": "d41d8cd98f00b204e9800998ecf8427e", "remote_checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "remote_md5sum": null } [root@ansible ~]# ll #验证 总用量 16 drwxr-xr-x 3 root root 18 6月 21 23:30 192.168.100.203 -rw-r--r-- 1 root root 40 6月 20 20:51 aaa -rw-------. 1 root root 1264 1月 12 18:27 anaconda-ks.cfg drwxr-xr-x 3 root root 4096 6月 20 00:31 ansible -rw-r--r-- 1 root root 33 6月 20 22:07 a.sh -rw-r--r-- 1 root root 0 6月 20 23:32 bbb [root@ansible ~]# cd 192.168.100.203/ [root@ansible 192.168.100.203]# ll 总用量 0 drwxr-xr-x 2 root root 21 6月 21 23:30 root [root@ansible 192.168.100.203]# cd root/ [root@ansible root]# ll 总用量 0 -rw-r--r-- 1 root root 0 6月 21 23:30 aaa.txt [root@ansible root]# pwd #发现保存着目录结构 /root/192.168.100.203/root
六、用户相关模块
-user模块
user模块用于对系统用户的管理,用户的创建、删除、家目录、属主和属组等设置
******查看user模块常用参数 [root@ansible ~]# ansible-doc -s user name #指定用户的名字 home #指定用户的家目录 uid #指定用户的uid group #指定用户的用户组 groups #指定用户的附加组 password #指定用户的密码 shell #指定用户的登录shell create_home #是否创建用户家目录,默认是yes remove #删除用户时,指定是否删除家目录 state: absent #删除用户 present #默认为这个,意思为用户需要存在 ******创建用户,指定家目录、uid和组 [root@ansible ~]# ansible 192.168.100.203 -m user -a 'name=abc home=/opt/abc uid=1003 group=root' #在203主机上创建abc用户,指定家目录为opt下的abc,uid为1003,组为root 192.168.100.203 | SUCCESS => { "changed": true, "comment": "", "create_home": true, "group": 0, "home": "/opt/abc", "name": "abc", "shell": "/bin/bash", "state": "present", "system": false, "uid": 1003 } [root@ansible ~]# ansible 192.168.100.203 -m shell -a 'id abc && ls -l /opt' #验证效果 192.168.100.203 | SUCCESS | rc=0 >> uid=1003(abc) gid=0(root) 组=0(root) 总用量 0 drwx------ 2 abc root 62 6月 21 23:38 abc ******创建用户,不创建家目录,并且不能登录 [root@ansible ~]# ansible 192.168.100.203 -m user -a 'name=bbb shell=/sbin/nologin uid=2021 create_home=no' #创建用户bbb,不能登录系统,uid为2021,不创建家目录 192.168.100.203 | SUCCESS => { "changed": true, "comment": "", "create_home": false, "group": 2021, "home": "/home/bbb", "name": "bbb", "shell": "/sbin/nologin", "state": "present", "system": false, "uid": 2021 } [root@ansible ~]# ansible 192.168.100.203 -m shell -a 'id bbb && tail -1 /etc/passwd' #进行验证 192.168.100.203 | SUCCESS | rc=0 >> uid=2021(bbb) gid=2021(bbb) 组=2021(bbb) bbb:x:2021:2021::/home/bbb:/sbin/nologin ******删除用户 [root@ansible ~]# ansible 192.168.100.203 -m user -a 'name=bbb state=absent' #状态改为absent即可 192.168.100.203 | SUCCESS => { "changed": true, "force": false, "name": "bbb", "remove": false, "state": "absent" } ******删除用户并且删除家目录 [root@ansible ~]# ansible 192.168.100.203 -m user -a 'name=abc state=absent remove=yes' #加remove就是删除家目录 192.168.100.203 | SUCCESS => { "changed": true, "force": false, "name": "abc", "remove": true, "state": "absent" } [root@ansible ~]# ansible 192.168.100.203 -m shell -a ' ls -l /opt' #验证 192.168.100.203 | SUCCESS | rc=0 >> 总用量 0
-group模块
group用户创建组,当创建用户时如果需要指定组,而组不存在的话就可以通过group进行创建
******查看group模块的常用参数 [root@ansible ~]# ansible-doc -s group name #指定组的名字 gid #指定组的gid state: absent #删除组 present #创建组(默认的状态) ******创建组 [root@ansible ~]# ansible 192.168.100.203 -m group -a 'name=aaaaa' 192.168.100.203 | SUCCESS => { "changed": true, "gid": 1000, "name": "aaaaa", "state": "present", "system": false } ******创建组并且指定gid [root@ansible ~]# ansible 192.168.100.203 -m group -a 'name=bbbbb gid=1006 ' 192.168.100.203 | SUCCESS => { "changed": true, "gid": 1006, "name": "bbbbb", "state": "present", "system": false } ******删除组 [root@ansible ~]# ansible 192.168.100.203 -m group -a 'name=bbbbb state=absent ' 192.168.100.203 | SUCCESS => { "changed": true, "name": "bbbbb", "state": "absent" }
七、软件包相关模块
-yum_repository模块
yum_repository模块可以管理远程主机上的yum仓库
******查看yum_repository模块的常用参数 [root@ansible ~]# ansible-doc -s yum_repository name #这是必要参数,用于指定操作的唯一的仓库id号,也就是.repo文件中每个仓库“中括号”中的仓库id baseurl #和yum源文件相同,用于指定yum仓库的位置 description #此参数用于设置仓库的注释信息,也就是yum源文件中,name对应的内容 file #此参数用于设置仓库的配置文件的名称,即.repo配置文件的文件名前缀 enabled #此参数用于设置是否激活对应的yum源,当为yes时表示启用,no为关闭 gpgcheck #此参数用于设置是否开启rpm包的验证功能,默认为no,表示不启用,设置yes表示开启 gpgcakey #此参数设置为yes时,需要使用此参数指定验证包所需的公钥路径 state #默认值为present,当设置为absent时,表示删除对应的yum源 ******在203主机上设置yum源 [root@node1 ~]# rm -rf /etc/yum.repos.d/centos.repo #先到203上删除yum源文件 [root@node1 ~]# umount /dev/cdrom #取消203的挂载 [root@ansible ~]# ansible 192.168.100.203 -m yum_repository -a 'name=local description="local" baseurl=file:///mnt enabled=1 gpgcheck=no file=aaa' 192.168.100.203 | SUCCESS => { "changed": true, "repo": "local", "state": "present" } [root@ansible ~]# ansible 192.168.100.203 -m mount -a 'src=/dev/cdrom path=/mnt fstype=iso9660 state=present' #moutn模块用于挂载,但是是写道自动挂载的文件中的 192.168.100.203 | SUCCESS => { "changed": false, "dump": "0", "fstab": "/etc/fstab", "fstype": "iso9660", "name": "/mnt", "opts": "defaults", "passno": "0", "src": "/dev/cdrom" } [root@ansible ~]# ansible 192.168.100.203 -m shell -a 'cat /etc/yum.repos.d/aaa.repo' #验证是否写入 192.168.100.203 | SUCCESS | rc=0 >> [local] baseurl = file:///mnt enabled = 1 gpgcheck = 0 name = local [root@ansible ~]# ansible 192.168.100.203 -m shell -a 'tail -1 /etc/fstab' #发现自动挂载文件也已经写入 192.168.100.203 | SUCCESS | rc=0 >> /dev/cdrom /mnt iso9660 defaults 0 0 ******删除yum源 [root@ansible ~]# ansible 192.168.100.203 -m yum_repository -a 'name=local description="local" baseurl=file:///mnt enabled=1 gpgcheck=no file=aaa state=absent' #后面加state=absent删除 192.168.100.203 | SUCCESS => { "changed": true, "repo": "local", "state": "absent" } [root@ansible ~]# ansible 192.168.100.203 -m shell -a 'cat /etc/yum.repos.d/aaa.repo' #再次查看发现已经没了 192.168.100.203 | FAILED | rc=1 >> cat: /etc/yum.repos.d/aaa.repo: 没有那个文件或目录non-zero return code [root@ansible ~]# ansible 192.168.100.203 -m shell -a 'ls -l /etc/yum.repos.d/' #确认已经删除 192.168.100.203 | SUCCESS | rc=0 >> 总用量 0
-yum模块
yum模块是用来对软件包的管理、下载、安装、卸载、升级等操作
******查看yum模块常用参数 [root@ansible ~]# ansible-doc -s yum name #指定要操作的软件包名字 download_dir #指定下载软件包的存放路径,需要配合download_only一起使用 download_only #只下载软件包,而不进行安装,和yum --downloadonly一样 list: installed #列出所有已安装的软件包 updates #列出所有可以更新的软件包 repos #列出所有的yum仓库 state: installed, present #安装软件包(两者任选其一都可以) removed, absent #卸载软件包 latest #安装最新软件包 ******列出所有已经安装的软件包 [root@ansible ~]# ansible 192.168.100.204 -m yum -a 'list=installed' #installed表示已经安装的rpm包 { "arch": "x86_64", #每一段是这种形式的 "envra": "0:zlib-1.2.7-17.el7.x86_64", "epoch": "0", "name": "zlib", "release": "17.el7", "repo": "installed", "version": "1.2.7", "yumstate": "installed" } 。。。。。。 ******列出所有可更新的软件包 [root@ansible ~]# ansible 192.168.100.204 -m yum -a 'list=updated' 192.168.100.204 | SUCCESS => { "changed": false, "results": [] #这个就是没有的意思 } [root@ansible ~]# ansible 192.168.100.204 -m yum -a 'list=updates' 192.168.100.204 | SUCCESS => { "changed": false, "results": [] } ******安装软件包 [root@ansible ~]# ansible 192.168.100.204 -m yum -a 'name=httpd state=installed' #状态为installed 192.168.100.204 | SUCCESS => { "changed": true, "msg": "", "rc": 0, "results": [ "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\nResolving Dependencies\n--> Running transaction check\n---> Package httpd.x86_64 0:2.4.6-67.el7.centos will be installed\n--> Processing Dependency: httpd-tools = 2.4.6-67.el7.centos for package: httpd-2.4.6-67.el7.centos.x86_64\n--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-67.el7.centos.x86_64\n--> Running transaction check\n---> Package httpd-tools.x86_64 0:2.4.6-67.el7.centos will be installed\n---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n httpd x86_64 2.4.6-67.el7.centos aaa 2.7 M\nInstalling for dependencies:\n httpd-tools x86_64 2.4.6-67.el7.centos aaa 87 k\n mailcap noarch 2.1.41-2.el7 aaa 31 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+2 Dependent packages)\n\nTotal download size: 2.8 M\nInstalled size: 9.6 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 30 MB/s | 2.8 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : httpd-tools-2.4.6-67.el7.centos.x86_64 1/3 \n Installing : mailcap-2.1.41-2.el7.noarch 2/3 \n Installing : httpd-2.4.6-67.el7.centos.x86_64 3/3 \n Verifying : httpd-2.4.6-67.el7.centos.x86_64 1/3 \n Verifying : mailcap-2.1.41-2.el7.noarch 2/3 \n Verifying : httpd-tools-2.4.6-67.el7.centos.x86_64 3/3 \n\nInstalled:\n httpd.x86_64 0:2.4.6-67.el7.centos \n\nDependency Installed:\n httpd-tools.x86_64 0:2.4.6-67.el7.centos mailcap.noarch 0:2.1.41-2.el7 \n\nComplete!\n" ] } ******卸载软件包 [root@ansible ~]# ansible 192.168.100.204 -m yum -a 'name=httpd state=removed' #状态为removed 192.168.100.204 | SUCCESS => { "changed": true, "msg": "", "rc": 0, "results": [ "已加载插件:fastestmirror\n正在解决依赖关系\n--> 正在检查事务\n---> 软件包 httpd.x86_64.0.2.4.6-67.el7.centos 将被 删除\n--> 解决依赖关系完成\n\n依赖关系解决\n\n================================================================================\n Package 架构 版本 源 大小\n================================================================================\n正在删除:\n httpd x86_64 2.4.6-67.el7.centos @aaa 9.4 M\n\n事务概要\n================================================================================\n移除 1 软件包\n\n安装大小:9.4 M\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n 正在删除 : httpd-2.4.6-67.el7.centos.x86_64 1/1 \n 验证中 : httpd-2.4.6-67.el7.centos.x86_64 1/1 \n\n删除:\n httpd.x86_64 0:2.4.6-67.el7.centos \n\n完毕!\n" ] } ******安装软件包组,类似yum groupinstall 'Development Tools' [root@ansible ~]# ansible 192.168.100.204 -m yum -a 'name="@Development Tools" state=installed' #同样使用yum模块安装Development Tools软件包组 192.168.100.204 | SUCCESS => { "changed": false, "msg": "Warning: Group development does not have any packages to install.\n", "rc": 0, "results": [ "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\nNothing to do\n" ] }
-pip模块
用于安装python中的包
******查看pip模块的常用参数 [root@ansible ~]# ansible-doc -s pip ******使用pip时,需要保证被管理机器上有python-pip软件包 [root@ansible ~]# ansible 192.168.100.204 -m yum -a 'name=python-pip' ******安装pip包 [root@ansible ~]# ansible 192.168.100.204 -m pip -a 'name=flask'
八、服务相关模块
-Service systemd模块
Service systemd模块主要用于对服务进行管理,服务的启动、关闭、开机自启等
******查看Service systemd模块常用参数 [root@ansible ~]# ansible-doc -s service name #指定需要管理的服务名 enabled #指定是否开机自启动 state: #指定服务状态 started #启动服务 stopped #停止服务 restarted #重启服务 reloaded #重载服务 ******启动服务,并设置开机自启 [root@ansible ~]# ansible 192.168.100.204 -m service -a 'name=crond state=started enabled=yes' #开启crond服务并且设置为开机自启
九、计划任务相关模块
-cron模块
cron模块用于指定计划任务,和crontab -e是一样的
******查看cron模块常用参数 [root@ansible ~]# ansible-doc -s cron job #指定需要执行的任务 minute #分钟 hour #小时 day #天 month #月 weekday #周 name #对计划任务进行描述 state: absent #删除计划任务 ******创建一个计划任务,并且添加描述 [root@ansible ~]# ansible 192.168.100.204 -m cron -a 'name="这是一个测试的计划任务" minute=* hour=* day=* month=* weekday=* job="/bin/bash /root/test.sh"' 192.168.100.204 | SUCCESS => { "changed": true, "envs": [], "jobs": [ "这是一个测试的计划任务" ] } [root@ansible ~]# ansible 192.168.100.204 -m shell -a 'crontab -l' #验证效果 192.168.100.204 | SUCCESS | rc=0 >> #Ansible: 这是一个测试的计划任务 * * * * * /bin/bash /root/test.sh ******创建一个不带描述的计划任务 [root@ansible ~]# ansible 192.168.100.204 -m cron -a 'minute=* hour=* day=* month=* weekday=* job="/bin/bash /root/aaa.sh"' 192.168.100.204 | SUCCESS => { "changed": true, "envs": [], "jobs": [ "这是一个测试的计划任务", "None" ] } [root@ansible ~]# ansible 192.168.100.204 -m shell -a 'crontab -l' 192.168.100.204 | SUCCESS | rc=0 >> #Ansible: 这是一个测试的计划任务 * * * * * /bin/bash /root/test.sh #Ansible: None #不加描述就是none * * * * * /bin/bash /root/aaa.sh ******删除计划任务 [root@ansible ~]# ansible 192.168.100.204 -m cron -a 'name="None" job="/bin/bash /root/aaa.sh" state=absent' #指定描述和执行命令,后面加状态为absent即可 192.168.100.204 | SUCCESS => { "changed": true, "envs": [], "jobs": [ "这是一个测试的计划任务" ] } [root@ansible ~]# ansible 192.168.100.204 -m shell -a 'crontab -l' 192.168.100.204 | SUCCESS | rc=0 >> #Ansible: 这是一个测试的计划任务 * * * * * /bin/bash /root/test.sh
十、系统信息相关模块
-setup模块
setup模块用于获取系统信息
******查看setup模块的常用参数 [root@ansible ~]# ansible-doc -s setup ******查看系统所有信息 [root@ansible ~]# ansible 192.168.100.204 -m setup ******使用filter对系统信息进行过滤 [root@ansible ~]# ansible 192.168.100.204 -m setup -a 'filter=ansible_all_ipv4_addresses' 192.168.100.204 | SUCCESS => { "ansible_facts": { "ansible_all_ipv4_addresses": [ "192.168.100.204" ] }, "changed": false } ******查用常用过滤选项 ansible_all_ipv4_addresses #所有的ipv4地址 ansible_all_ipv6_addresses #所有的ipv6地址 ansible_architecture #系统的架构 ansible_date_time #系统时间 ansible_default_ipv4 #系统的默认ipv4地址 ansible_distribution #系统名称 ansible_distribution_file_variety #系统的家族 ansible_distribution_major_version #系统的版本 ansible_domain #系统所在的域 ansible_fqdn #系统的主机名 ansible_hostname #系统的主机名,简写 ansible_os_family #系统的家族 ansible_processor_cores #cpu的核数 ansible_processor_count #cpu的颗数 ansible_processor_vcpus #cpu的个数
-find模块
find模块可以在被管理主机中筛选符合条件的文件,和linux系统中的find命令的作用是一样的
******查看find模块的常用参数 [root@ansible ~]# ansible-doc -s find paths #这是必须参数,指定在哪个目录中查找文件,可以指定多个路径,路径之间使用逗号隔开,这个参数的别名分别是path和name recurse #默认情况下,只会在指定的目录中查找文件,也就是说,如果查找的目录中还有目录,ansible是不会像linux系统的find命令一样去递归的进入子目录寻找匹配的文件,而是只会在指定目录中寻找,而recurse参数为yes时就是递归查找的意思, hidden #默认情况下,隐藏文件会被忽略,而hidden参数为yes时,表示也查找隐藏文件 find_type #默认情况下,ansible只会根据条件去筛选“文件”,不会筛选其他类型的数据,而find_type可以指定筛选的数据类型,如:目录、软链接等,此参数的选项有any(所有类型)、directory(目录类型)、file(文件类型)、link(软链接类型) patterns #使用此参数指定需要查看的文件名称,支持使用shell或者正则表达式去匹配文件名称,默认情况下,使用shell匹配对应的文件名,如果想要使用python的正则去匹配文件名的话,需要将use_regex参数设置为yes use_regex #默认情况下,find模块不会使用正则表达式去筛选指定文件,而当use_regex参数设置为yes时,表示使用python正则去筛选指定文件,否则会使用glob通配符去筛选 contains #使用此参数可以根据文件内容查找文件,此参数的值为一个正则表达式,find模块会根据这个参数的值去匹配文件内容 age #使用此参数可以根据时间范围去查找文件,默认以文件的mtime为准,然后与指定的时间进行对比,比如:如果想要查找metime在3天之前的文件,那么可以设置age值为3d,如果想要查找3天以内的可以设置为-3d,这里的三天时至按照当前时间往前推3填,可以使用的单位有秒(s)、分(m)、时(h)、天(d)、星期(w) age_stamp #文件的时间属性中有三个时间种类,atime,ctime,mtime,当根据时间范围查找文件时,可以指定以那个时间种类为准,当根据时间查找文件时,默认以mtime为准 size #使用此参数可以根据文件大小查找文件,例如想要查找大小大于3M的文件则size=3m,小于50k的文件则size=-50k,可以使用的单位有t、g、m、k、b get_checksum #当有符合条件的文件被找到时,会返回对应文件的sha1校验码,文件较大时,生成校验码的时间也会比较长 ******在204主机的opt目录中查找文件内容中包含abc字符串的文件,隐藏文件会被忽略,不会进行递归查找 [root@node2 ~]# echo "abc" > /opt/abc.txt #写入文件 [root@ansible ~]# ansible 192.168.100.204 -m find -a 'paths=/opt contains=".*abc.*"' #在ansible服务器上执行进行筛选 192.168.100.204 | SUCCESS => { "changed": false, "examined": 1, "files": [ { "atime": 1624352855.7605567, "ctime": 1624352852.448557, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33575169, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1624352852.448557, "nlink": 1, "path": "/opt/abc.txt", #筛选到的文件 "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 4, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } ], "matched": 1, "msg": "" } [root@node2 ~]# echo "" > /opt/abc.txt #把204上的文件内容变成空 [root@ansible ~]# ansible 192.168.100.204 -m find -a 'paths=/opt contains=".*abc.*"' 192.168.100.204 | SUCCESS => { "changed": false, "examined": 1, "files": [], "matched": 0, "msg": "" } ******继续上面的查找,这次使用递归查找 [root@node2 ~]# cd /opt/ #先到204上写好子目录的文件 [root@node2 opt]# ll 总用量 4 -rw-r--r-- 1 root root 1 6月 22 17:08 abc.txt [root@node2 opt]# mkdir aaa [root@node2 opt]# echo "abc" > aaa/aaa.txt [root@node2 opt]# rm -rf abc.txt [root@node2 opt]# ll 总用量 0 drwxr-xr-x 2 root root 21 6月 22 17:11 aaa [root@node2 opt]# cd aaa/ [root@node2 aaa]# ll 总用量 4 -rw-r--r-- 1 root root 4 6月 22 17:11 aaa.txt [root@node2 aaa]# cat aaa.txt abc [root@ansible ~]# ansible 192.168.100.204 -m find -a 'paths=/opt contains=".*abc.*"' #先用不递归进行筛选,发现筛选不出来 192.168.100.204 | SUCCESS => { "changed": false, "examined": 1, "files": [], "matched": 0, "msg": "" } [root@ansible ~]# ansible 192.168.100.204 -m find -a 'paths=/opt contains=".*abc.*" recurse=yes' #加recurse=yes表示递归,成功筛选到了 192.168.100.204 | SUCCESS => { "changed": false, "examined": 2, "files": [ { "atime": 1624353106.823543, "ctime": 1624353090.2795439, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 605129, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1624353090.2795439, "nlink": 1, "path": "/opt/aaa/aaa.txt", #筛选到的文件 "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 4, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } ], "matched": 1, "msg": "" } ******在204主机上查找以.sh结尾的文件,包括隐藏文件,但是不包括目录或者其他文件类型,不会进行递归查找 [root@node2 opt]# rm -rf aaa/ [root@node2 opt]# ll 总用量 0 [root@node2 opt]# touch aaa.sh #创建一个普通的文件 [root@node2 opt]# ll 总用量 0 -rw-r--r-- 1 root root 0 6月 22 17:15 aaa.sh [root@node2 opt]# touch .bbb.sh #创建一个隐藏文件 [root@node2 opt]# ll -a 总用量 0 drwxr-xr-x. 2 root root 35 6月 22 17:15 . dr-xr-xr-x. 18 root root 255 6月 20 21:57 .. -rw-r--r-- 1 root root 0 6月 22 17:15 aaa.sh -rw-r--r-- 1 root root 0 6月 22 17:15 .bbb.sh [root@node2 opt]# ll 总用量 0 -rw-r--r-- 1 root root 0 6月 22 17:15 aaa.sh [root@ansible ~]# ansible 192.168.100.204 -m find -a 'paths=/opt patterns="*.sh"' #先筛选普通文件 192.168.100.204 | SUCCESS => { "changed": false, "examined": 2, "files": [ { "atime": 1624353317.1355317, "ctime": 1624353317.1355317, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33575169, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1624353317.1355317, "nlink": 1, "path": "/opt/aaa.sh", #筛选出的文件 "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 0, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } ], "matched": 1, #发现只筛选了一个 "msg": "" } [root@ansible ~]# ansible 192.168.100.204 -m find -a 'paths=/opt patterns="*.sh" hidden=yes' #加hidden=yes筛选包含隐藏文件 192.168.100.204 | SUCCESS => { "changed": false, "examined": 2, "files": [ { "atime": 1624353317.1355317, "ctime": 1624353317.1355317, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33575169, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1624353317.1355317, "nlink": 1, "path": "/opt/aaa.sh", #普通文件 "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 0, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false }, { "atime": 1624353331.4475307, "ctime": 1624353331.4475307, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33575170, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1624353331.4475307, "nlink": 1, "path": "/opt/.bbb.sh", #隐藏文件 "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 0, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } ], "matched": 2, #成功筛选 "msg": "" } ******继续上面筛选.sh结尾的文件。但是这是包括隐藏文件,并且包括其他的文件类型,不进行递归查找 [root@node2 opt]# mkdir ccc.sh #创建一个目录 [root@node2 opt]# ll -a 总用量 0 drwxr-xr-x. 3 root root 49 6月 22 17:20 . dr-xr-xr-x. 18 root root 255 6月 20 21:57 .. -rw-r--r-- 1 root root 0 6月 22 17:15 aaa.sh -rw-r--r-- 1 root root 0 6月 22 17:15 .bbb.sh drwxr-xr-x 2 root root 6 6月 22 17:20 ccc.sh [root@ansible ~]# ansible 192.168.100.204 -m find -a 'paths=/opt patterns="*.sh" hidden=yes' #只筛选文件,包括隐藏文件,发现只能筛选两个 192.168.100.204 | SUCCESS => { "changed": false, "examined": 3, "files": [ { "atime": 1624353317.1355317, "ctime": 1624353317.1355317, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33575169, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1624353317.1355317, "nlink": 1, "path": "/opt/aaa.sh", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 0, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false }, { "atime": 1624353331.4475307, "ctime": 1624353331.4475307, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33575170, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1624353331.4475307, "nlink": 1, "path": "/opt/.bbb.sh", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 0, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } ], "matched": 2, "msg": "" } [root@ansible ~]# ansible 192.168.100.204 -m find -a 'paths=/opt patterns="*.sh" hidden=yes file_type=any' #添加file_type=any表示筛选所有的文件类型 192.168.100.204 | SUCCESS => { "changed": false, "examined": 3, "files": [ { "atime": 1624353317.1355317, "ctime": 1624353317.1355317, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33575169, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1624353317.1355317, "nlink": 1, "path": "/opt/aaa.sh", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 0, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false }, { "atime": 1624353331.4475307, "ctime": 1624353331.4475307, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33575170, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1624353331.4475307, "nlink": 1, "path": "/opt/.bbb.sh", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 0, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false }, { "atime": 1624353619.874515, "ctime": 1624353619.874515, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33575171, "isblk": false, "ischr": false, "isdir": true, "isfifo": false, "isgid": false, "islnk": false, "isreg": false, "issock": false, "isuid": false, "mode": "0755", "mtime": 1624353619.874515, "nlink": 2, "path": "/opt/ccc.sh", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 6, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": true, "xoth": true, "xusr": true } ], "matched": 3, #可以看到筛选三个 "msg": "" } ******还是查找以.sh结尾的文件。只不过patterns对应的表达式为正则表达式,包括隐藏文件,包括所有文件类型,但是不会进行递归查找 [root@ansible ~]# ansible 192.168.100.204 -m find -a 'paths=/opt patterns=".*\.sh" use_regex=yes hidden=yes file_type=any' #添加use_regex=yes表示使用正则表达式,patterns=".*\.sh"使用正则来进行筛选 192.168.100.204 | SUCCESS => { "changed": false, "examined": 3, "files": [ { "atime": 1624353317.1355317, "ctime": 1624353317.1355317, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33575169, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1624353317.1355317, "nlink": 1, "path": "/opt/aaa.sh", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 0, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false }, { "atime": 1624353331.4475307, "ctime": 1624353331.4475307, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33575170, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1624353331.4475307, "nlink": 1, "path": "/opt/.bbb.sh", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 0, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false }, { "atime": 1624353619.874515, "ctime": 1624353619.874515, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33575171, "isblk": false, "ischr": false, "isdir": true, "isfifo": false, "isgid": false, "islnk": false, "isreg": false, "issock": false, "isuid": false, "mode": "0755", "mtime": 1624353619.874515, "nlink": 2, "path": "/opt/ccc.sh", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 6, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": true, "xoth": true, "xusr": true } ], "matched": 3, #和上面一样的筛选出了三个 "msg": "" } ******在204主机上,筛选opt目录以及子目录中mtime在一天以内的文件,不包括隐藏文件,不包括其他文件类型 [root@ansible ~]# ansible 192.168.100.204 -m find -a 'path=/opt age=-1d recurse=yes' #添加age=-1d表示筛选一天前的-1就是一天前 192.168.100.204 | SUCCESS => { "changed": false, "examined": 3, "files": [ { "atime": 1624353317.1355317, "ctime": 1624353317.1355317, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33575169, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1624353317.1355317, "nlink": 1, "path": "/opt/aaa.sh", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 0, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } ], "matched": 1, #虽然刚刚创建了三个,分别是普通文件、隐藏文件、目录,但是这里只筛选普通文件,所以只筛选出了一个 "msg": "" } ******在204主机中,筛选opt目录以及子目录下,大小小于2g的文件,不包括隐藏文件,不包含其他文件类型 [root@ansible ~]# ansible 192.168.100.204 -m find -a 'paths=/opt size=-2g recurse=yes' #添加 size=-2g 表示小于2g的文件 192.168.100.204 | SUCCESS => { "changed": false, "examined": 3, "files": [ { "atime": 1624353317.1355317, "ctime": 1624353317.1355317, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33575169, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1624353317.1355317, "nlink": 1, "path": "/opt/aaa.sh", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 0, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } ], "matched": 1, "msg": "" } ******查找204主机中以.sh结尾的文件,并且返回该文件的sha1校验码,包括隐藏文件 [root@ansible ~]# ansible 192.168.100.204 -m find -a 'path=/opt patterns=*.sh get_checksum=yes hidden=yes recurse=yes' #添加get_checksum=yes表示返回筛选出文件的sha1校验码 192.168.100.204 | SUCCESS => { "changed": false, "examined": 3, "files": [ { "atime": 1624353317.1355317, "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", #这个就是校验码 "ctime": 1624353317.1355317, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33575169, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1624353317.1355317, "nlink": 1, "path": "/opt/aaa.sh", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 0, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false }, { "atime": 1624353331.4475307, "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "ctime": 1624353331.4475307, "dev": 64768, "gid": 0, "gr_name": "root", "inode": 33575170, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1624353331.4475307, "nlink": 1, "path": "/opt/.bbb.sh", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 0, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } ], "matched": 2, "msg": "" }
-replace模块
replace模块可以根据指定的正则表达式替换文件中的字符串,文件中所以匹配到的字符串都会被替换
******查看replace模块常用参数 [root@ansible ~]# ansible-doc -s replace path #这是必须参数,指定要操作的文件,2.3版本之前只能使用dest、destfile、name指定要操作的文件,而2.4版本之后,这些参数都可以作为path的别名使用 regexp #这是必须参数,指定一个python的正则表达式,文件中与正则匹配的字符串会被替换 replace #指定最终要替换成的字符串 backup #是否在修改文件前对文件进行备份,最好添加这个参数为yes ******在204主机中把opt/aaa.txt文件中的aaa替换成bbb [root@node2 opt]# rm -rf * [root@node2 opt]# ll 总用量 0 [root@node2 opt]# echo "aaa" > aaa.txt #写入aaa.txt文件内容 [root@node2 opt]# ll 总用量 4 -rw-r--r-- 1 root root 4 6月 22 17:37 aaa.txt [root@node2 opt]# cat aaa.txt aaa [root@ansible ~]# ansible 192.168.100.204 -m replace -a 'path=/opt/aaa.txt regexp="aaa" replace=bbb' #替换aaa为bbb 192.168.100.204 | SUCCESS => { "changed": true, "msg": "1 replacements made" } [root@ansible ~]# ansible 192.168.100.204 -m shell -a 'cat /opt/aaa.txt' #验证效果,成功替换 192.168.100.204 | SUCCESS | rc=0 >> bbb ******继续上面的操作,不过是把bbb替换成aaa,但是在修改之前先进行备份 [root@ansible ~]# ansible 192.168.100.204 -m replace -a 'path=/opt/aaa.txt regexp="bbb" replace=aaa backup=yes' #添加backup=yes为修改前备份 192.168.100.204 | SUCCESS => { "backup_file": "/opt/aaa.txt.2439.2021-06-22@17:40:22~", #备份路径,这是在目标主机进行备份 "changed": true, "msg": "1 replacements made" } [root@ansible ~]# ansible 192.168.100.204 -m shell -a 'cat /opt/aaa.txt' #验证效果 192.168.100.204 | SUCCESS | rc=0 >> aaa [root@ansible ~]# ansible 192.168.100.204 -m shell -a 'ls /opt/' #查看是否生成备份文件 192.168.100.204 | SUCCESS | rc=0 >> aaa.txt aaa.txt.2439.2021-06-22@17:40:22~ [root@ansible ~]# ansible 192.168.100.204 -m shell -a 'cat /opt/aaa.txt.2439.2021-06-22@17:40:22~' #查看备份文件内容,发现是修改之前的内容 192.168.100.204 | SUCCESS | rc=0 >> bbb
-script模块
script模块可以帮助在远程主机上执行ansible管理主机上的脚本,也就是说,脚本只需要在ansible上就可以执行,不用复制脚本到远程主机
******查看script模块常用参数 [root@ansible ~]# ansible-doc -s script free_from #这是必须参数,指定要执行的脚本名称,脚本必须位于ansible服务器上,但是没有具体一个参数名称叫做free_from,直接进入写脚本路径即可 chdir #这是参数的作用就是指定远程主机的目录,在执行脚本之前会先进入到指定目录中然后再执行脚本 creates #使用这个参数指定远程主机中的文件,当指定的文件存在时,后面的命令就不执行,不存在后面的命令才会执行 removes #这个和creates正好相反,是指定文件不存在时后面的命令就不执行,存在时后面的命令才会执行 ******当204主机中的opt目录下的aaa文件不存在时,会执行脚本a.sh [root@node2 opt]# rm -rf * #先在204主机上删除 [root@node2 opt]# ll 总用量 0 [root@ansible ~]# echo "echo aaa" > a.sh [root@ansible ~]# chmod +x a.sh [root@ansible ~]# sh a.sh aaa [root@ansible ~]# ansible 192.168.100.204 -m script -a 'creates=/opt/aaa /root/a.sh' #使用creates参数,不存在时执行后面命令 192.168.100.204 | SUCCESS => { "changed": true, "rc": 0, "stderr": "Shared connection to 192.168.100.204 closed.\r\n", "stderr_lines": [ "Shared connection to 192.168.100.204 closed." ], "stdout": "aaa\r\n", "stdout_lines": [ "aaa" ] } ******当204主机中的opt目录下的aaa文件存在时,会执行脚本a.sh [root@ansible ~]# ansible 192.168.100.204 -m script -a 'removes=/opt/aaa /root/a.sh' #使用removes参数,因为aaa文件不存在所以不执行脚本 192.168.100.204 | SKIPPED ******先进入204主机的opt目录下,然后执行脚本a.sh,脚本内容是创建abc.txt文件 [root@ansible ~]# echo "touch abc.txt" > a.sh [root@ansible ~]# ansible 192.168.100.204 -m script -a 'chdir=/opt /root/a.sh' #使用chdir在执行脚本之前先进入opt目录 192.168.100.204 | SUCCESS => { "changed": true, "rc": 0, "stderr": "Shared connection to 192.168.100.204 closed.\r\n", "stderr_lines": [ "Shared connection to 192.168.100.204 closed." ], "stdout": "", "stdout_lines": [] } [root@ansible ~]# ansible 192.168.100.204 -m shell -a 'ls /opt/' #验证效果,发现创建成功 192.168.100.204 | SUCCESS | rc=0 >> abc.txt