首先创建自己的资产
[root@localhost ~]# cat hosts
[dbservers]
121.199.54.222
[webservers]
120.55.65.27
都是在远程服务器上执行命令,command是ansible默认使用
[root@localhost ~]# ansible all -i hosts -a "echo 'hey' "
121.199.54.222 | CHANGED | rc=0 >>
hey
120.55.65.27 | CHANGED | rc=0 >>
hey
使用shell模块:
[root@localhost ~]# ansible all -i hosts -m shell -a "echo 'hey shell' "
120.55.65.27 | CHANGED | rc=0 >>
hey shell
121.199.54.222 | CHANGED | rc=0 >>
hey shell
在远程主机上都执行了命令。
shell模块可以执行shell内置命令和特性
command模块无法执行shell内置命令和特性
#shell模块过滤输出
[root@localhost ~]# ansible all -i hosts -m shell -a "echo 'hey shell'|grep -o 'e' "
120.55.65.27 | CHANGED | rc=0 >>
e
e
121.199.54.222 | CHANGED | rc=0 >>
e
e
#command模块
[root@localhost ~]# ansible all -i hosts -a "echo 'hey shell'|grep -o 'e' "
121.199.54.222 | CHANGED | rc=0 >>
hey shell|grep -o e
120.55.65.27 | CHANGED | rc=0 >>
hey shell|grep -o e
#无法过滤
将管理节点上的脚本传递到被管理节点(远程服务器)上执行
在管理节点上建立一个脚本:
[root@localhost test]# cat t.sh
echo "脚本被执行.."
[root@localhost ~]# ansible webservers -i hosts -m script -a "/test/t.sh"
120.55.65.27 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 120.55.65.27 closed.\r\n",
"stderr_lines": [
"Shared connection to 120.55.65.27 closed."
],
"stdout": "脚本被执行..\r\n",
"stdout_lines": [
"脚本被执行.."
]
}
主要⽤于管理节点和被管理节点之间的⽂件拷⻉。
常用参数
src 指定拷贝文件地址
dest 指定拷贝文件目标地址
backup 拷贝文件前,若原目标文件变化,对目标文件备份
woner 指定新拷贝文件所有者
group 指定新拷贝文件所有组
mode 指定新拷贝文件权限
将hosts文件移动到目标地址/root/test目录下:
[root@localhost ~]# ansible webservers -i hosts -m copy -a "src=/root/hosts dest=/root/test/hosts1"
120.55.65.27 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "2772046a267c6bcfea61edbaf0061497ae3e70b5",
"dest": "/root/test/hosts1",
"gid": 0,
"group": "root",
"md5sum": "2f95c5ef5ee9ea824cf139fbd539ed7e",
"mode": "0644",
"owner": "root",
"size": 56,
"src": "/root/.ansible/tmp/ansible-tmp-1680837770.82-4982-2006591021658/source",
"state": "file",
"uid": 0
}
使用ansible命令查看被管理节点内容:
[root@localhost ~]# ansible webservers -i hosts -m shell -a "cat /root/test/hosts1"
120.55.65.27 | CHANGED | rc=0 >>
[dbservers]
121.199.54.222
[webservers]
120.55.65.27
文件被复制成功
目标主机(被管理节点)文件内容查看:
[root@iZbp1c824n8qxlt2sn9bheZ test]# cat hosts1
[dbservers]
121.199.54.222
[webservers]
120.55.65.27
shark
管理节点重新执行命令:
[root@localhost ~]# ansible webservers -i hosts -m copy -a "src=/root/hosts dest=/root/test/hosts1"
120.55.65.27 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "2772046a267c6bcfea61edbaf0061497ae3e70b5",
"dest": "/root/test/hosts1",
"gid": 0,
"group": "root",
"md5sum": "2f95c5ef5ee9ea824cf139fbd539ed7e",
"mode": "0644",
"owner": "root",
"size": 56,
"src": "/root/.ansible/tmp/ansible-tmp-1680861020.24-3439-123554104091153/source",
"state": "file",
"uid": 0
}
查看远程主机的内容:
[root@iZbp1c824n8qxlt2sn9bheZ test]# cat hosts1
[dbservers]
121.199.54.222
[webservers]
120.55.65.27
shark
[root@iZbp1c824n8qxlt2sn9bheZ test]# cat hosts1
[dbservers]
121.199.54.222
[webservers]
120.55.65.27
发现文件的shark字符被覆盖了。
我们再次给远程主机添加shark字符:
[root@iZbp1c824n8qxlt2sn9bheZ test]# cat hosts1
[dbservers]
121.199.54.222
[webservers]
120.55.65.27
shark
文件改变后,复制文件,启用backup备份文件:
从管理节点复制文件给被管理节点:
[root@localhost ~]# ansible webservers -i hosts -m copy -a "src=/root/hosts dest=/root/test/hosts1 backup=yes"
120.55.65.27 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"backup_file": "/root/test/hosts1.1703.2023-04-07@18:26:52~",
"changed": true,
"checksum": "2772046a267c6bcfea61edbaf0061497ae3e70b5",
"dest": "/root/test/hosts1",
"gid": 0,
"group": "root",
"md5sum": "2f95c5ef5ee9ea824cf139fbd539ed7e",
"mode": "0644",
"owner": "root",
"size": 56,
"src": "/root/.ansible/tmp/ansible-tmp-1680861305.16-3510-13889047890954/source",
"state": "file",
"uid": 0
}
备份文件在"backup_file"后面的文件路径上,在被管理节点上查看文件内容:
[root@iZbp1c824n8qxlt2sn9bheZ test]# cat hosts1 #从管理节点复制的文件
[dbservers]
121.199.54.222
[webservers]
120.55.65.27
#备份文件
[root@iZbp1c824n8qxlt2sn9bheZ test]# cat hosts1.1703.2023-04-07@18:26:52~
[dbservers]
121.199.54.222
[webservers]
120.55.65.27
shark
如果内容相同就不会备份,不同文件才会备份
copy文件同时设定用户以及用户组,用户名或组必须在被管理节点上存在
新建两个用户和用户组:
[root@iZbp1c824n8qxlt2sn9bheZ test]# useradd usr1
[root@iZbp1c824n8qxlt2sn9bheZ test]# useradd usr2
[root@iZbp1c824n8qxlt2sn9bheZ test]# groupadd grp1
[root@iZbp1c824n8qxlt2sn9bheZ test]# groupadd grp2
指定拷贝文件的用户和组:
[root@localhost ~]# ansible webservers -i hosts -m copy -a "src=/root/hosts dest=/root/test/hosts1 owner=usr1 group=grp1"
120.55.65.27 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "2772046a267c6bcfea61edbaf0061497ae3e70b5",
"dest": "/root/test/hosts1",
"gid": 1002,
"group": "grp1",
"mode": "0644",
"owner": "usr1",
"path": "/root/test/hosts1",
"size": 56,
"state": "file",
"uid": 1000
}
查看被管理节点文件属性:
[root@iZbp1c824n8qxlt2sn9bheZ test]# ll hosts1
-rw-r--r-- 1 usr1 grp1 56 Apr 7 18:26 hosts1
copy文件同时设置权限
[root@localhost ~]# ansible webservers -i hosts -m copy -a "src=/root/hosts dest=/root/test/hosts1 mode=0777"
#查看拷贝文件权限
[root@iZbp1c824n8qxlt2sn9bheZ test]# ll hosts1
-rwxrwxrwx 1 usr1 grp1 56 Apr 7 18:26 hosts1
给远程被管理节点添加yum仓库
常用参数
name 仓库名称 ,仓库文件第一行中括号中名称,必须的参数
description 仓库描述信息,添加时必须参数
baseurl yum仓库"repodata"目录所在目录的url ,添加时必须的参数
file仓库文件保存到本地文件名,不包含.rep。默认name值
state preset确认添加仓库文件,absent确认删除仓库文件
给被管理节点添加epel源:
[root@localhost ~]# ansible dbservers -i hosts -m yum_repository -a "name=epel baseurl='https://download.fedoraproject.org/pub/epel/$releasever/$basearch/' description='EPEL YUM repo'"
121.199.54.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"repo": "epel",
"state": "present"
}
在远程主机上查看:
[root@iZbp1032s22cmgcqdic4jgZ yum.repos.d]# cat epel.repo
[epel]
baseurl = https://download.fedoraproject.org/pub/epel///
name = EPEL YUM repo
[root@iZbp1032s22cmgcqdic4jgZ yum.repos.d]# pwd
/etc/yum.repos.d
删除库:
[root@localhost ~]# ansible dbservers -i hosts -m yum_repository -a "name=epel state=absent"
121.199.54.222 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"repo": "epel",
"state": "absent"
}
远程主机查看,发现文件已被删除:
[root@iZbp1032s22cmgcqdic4jgZ yum.repos.d]# ls
CentOS-Base.repo