Ansible#Ansible的Ad-Hoc和常用模块

文章目录

  • 一、Ansible介绍和安装
    • 1、Ansible介绍
    • 2、工作原理
    • 3、Anible的安装方法
  • 二、管理节点与被管理节点建立SSH信任关系
  • 三、快速入门
  • 四、Ansible资产管理
    • 1、静态资产
    • 2、自定义资产示例
    • 3、Ansible自定义资产的写法
    • 4、自定义资产的错误写法总结
    • 5、查看和使用自定义资产
    • 6、Ansible资产管理器pattern
  • 五、Ansible Ad-hoc命令
    • Ansible的模块:核心模块、附加模块、用户自定义模块
    • Ansible的帮助手册ansible-doc
  • 六、Ansible的常用模块
    • 1、command和shell模块
    • 2、script模块
    • 3、copy模块
    • 4、yum模块
    • 5、systemd模块
    • 6、group模块
    • 7、user模块
    • 8、file模块
    • 9、cron模块
    • 10、debug模块
    • 11、template模块
    • 12、lineinfile模块
    • 13、blockinfile模块
    • 14、setup模块
    • 15、get_url模块
    • 16、stat模块
    • 17、unarchive模块

Ansible#Ansible的Ad-Hoc和常用模块_第1张图片

一、Ansible介绍和安装

1、Ansible介绍

Ansible是一个IT自动化工具。它能配置系统、部署软件、编排更复杂的 IT 任务,如连续部署或零停机时间滚动更新。Ansible 用 Python 编写,尽管市面上已经有很多可供选择的配置管理解决方案(例如 Salt、Puppet、Chef等),但它们各有优劣,而Ansible的特点在于它的简洁。让 Ansible 在主流的配置管理系统中与众不同的一点便是,它并不需要你在想要配置的每个节点上安装自己的组件。同时提供的另一个优点,如果需要的话,你可以在不止一个地方控制你的整个基础架构(Ansible没有客户端)

2、工作原理

Ansible#Ansible的Ad-Hoc和常用模块_第2张图片

1、在ANSIBLE 管理体系中,存在"管理节点" 和 “被管理节点” 两种角色。
  2、被管理节点通常被称为"资产"
  3、在管理节点上,Ansible将 AdHoc 或 PlayBook 转换为Python脚本
  inventory 英 [ˈɪnvəntri] 美 [ˈɪnvəntɔːri] n.财产清单
  Ad-hoc:相当于shell普通命令行
  PlayBook:相当于shell脚本

3、Anible的安装方法

Ansible#Ansible的Ad-Hoc和常用模块_第3张图片

首选yum安装,如果想要二次开发,用pip安装
管理节点安装Ansible被管理节点不安装Ansible
[kakaops@ansible ~]$ sudo yum -y install epel-release
[kakaops@ansible ~]$ sudo yum -y install ansible
[kakaops@ansible ~]$ ansible --version
ansible 2.9.14
config file = /etc/ansible/ansible.cfg
configured module search path = [u’/home/kakaops/.ansible/plugins/modules’, u’/usr/share/ansible/plugins/modules’]
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/local/bin/ansible
python version = 2.7.5 (default, Apr 2 2020, 13:16:51) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]

[kakaops@ansible ~]$ sudo yum -y install epel-release
[kakaops@ansible ~]$ sudo yum install python2-pip
[kakaops@ansible ~]$ sudo pip install ansible

二、管理节点与被管理节点建立SSH信任关系

管理节点(Ansible)创建密钥对
管理节点把本地的公钥传输到被管理节点
每个被管理节点都需要传递公钥做免密

[kakaops@ansible ~]$ ssh-keygen
[kakaops@ansible ~]$ sudo ssh-copy-id -i 10.11.67.18
[kakaops@ansible ~]$ sudo ssh-copy-id -i 10.11.67.19
[kakaops@ansible ~]$ sudo ssh-copy-id -i 10.11.67.20
[kakaops@ansible ~]$ sudo ssh-copy-id -i 10.11.67.21
[kakaops@ansible ~]$ sudo ssh 10.11.67.18
[kakaops@ansible ~]$ sudo ssh 10.11.67.19
[kakaops@ansible ~]$ sudo ssh 10.11.67.20
[kakaops@ansible ~]$ sudo ssh 10.11.67.21
[kakaops@ansible ~]$ ansible all -i hosts --list-hosts
hosts (4):
10.11.67.18
10.11.67.19
10.11.67.20
10.11.67.21

修改inventory、roles目录路径、执行远程用户的名
inventory = /home/kakaops/ansible/inventory
roles_path = /home/kakaops/ansible/roles
remote_user = root(这个是远程主机用户名字root)
普通账户sudo操作Ansible修改Anshble的配置文里面的特权升级
[privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=False

三、快速入门

ansible all -i 172.18.0.3, -m ping
不指定-i参数,默认是配置文件中制定的inventory路径
-i可以指定一个文件,如果是ip,要加逗号,告诉absible指定的是列表
尤其是-i后面跟只有一个单独的ip的时候,一定要加逗号

ansible all -i hosts -m copy -a “src=/mnt/test.sh dest=/mnt/a.txt”
-i:指定Ansible 的资产,也就是被管理服务器。
-m:指定要运行的模块,比如这里的 ping 模块和 copy 模块
-a:指定模块的参数, 这里模块 ping 没有指定参数。 模块 copy 指定了 src 和 dest 参数
源文件src:source file      
目的文件dest:destination file
ansible 就是用什么模块,让谁去干什么事情

四、Ansible资产管理

Ansible 的资产分为静态资产和动态资产
动态资产会在后面的高级部分详细阐释,下面仅介绍静态资产

1、静态资产

本身是一个文本文件,一个格式类似INI的文件。默认情况下,Ansible的资产文件位于 /ect/ansible/hosts
  pip 安装的可能没有这个文件,创建一个即可。
  /ect/ansible/hosts ansiblel配置文件中的inventory指定的静态资产路径

2、自定义资产示例

这个文件可以自定义,之后使用相应的参数指定。
下面给出一个自定义的静态资产实例,然后再具体解释其含义


2.2.2.2
3.3.3.[1:15]
test01.kakaops.com
test[05:09].kakaops.com

[web_servers]
192.168.1.2
192.168.1.3

[dbdb_servers]
192.168.2.2
192.168.2.3

[alldb_servers]
192.168.9.2
[alldb_servers:children]
dbdb_servers
web_servers

3、Ansible自定义资产的写法

1、Ansible 的资产文件中,可以以IP地址的形式或者域名(做域名解析)的形式存在
2、Ansible 的资产若连续,可以使用[stat:end] 的形式去表达
3、可以将服务器按照业务场景定义成组,比如dbdb_servers和web_servers
4、组和组之间可以存在继承关系,比如dbdb_servers和web_servers同时继承alldb_servers组

4、自定义资产的错误写法总结

[web_server]
10.11.67.18
10.11.67.19

[db_server]
10.11.67.20

[my_server]
10.11.67.21
[my_server:children]
web_server

组名的特殊字符只能是下划线_
[my_server:children],下面给只能写主机组名字,且主机组名不带[]

5、查看和使用自定义资产

i:指定自定义资产的路径就可以使用,不指定-i 就按照配置文件里面指定默认路径

列出所有的资产:
[kakaops@ansible ansible]$ sudo ansible all -i hosts --list-hosts

列出选定资产:
[kakaops@ansible ansible]$ sudo ansible my_server -i hosts --list-hosts
[kakaops@ansible ansible]$ sudo ansible 10.11.67.20 -i hosts --list-hosts
[kakaops@ansible ansible]$ sudo ansible 10.11.67.20,10.11.67.19 -i hosts --list-hosts

6、Ansible资产管理器pattern

有时操作者希望只对资产中的一部分服务器进行操作,而不是资产中所有服务器
  此时可以使用 Ansible 的资产选择器 PATTERN

使用pattern选择一台或者几台资产
ansible 10.11.67.20 -i hosts --list-hosts
ansible 10.11.67.20,10.11.67.19 -i hosts --list-hosts

使用pattern选择一组资产
ansible my_server -i hosts --list-hosts

使用匹配资产
ansible 10.11.67.
-i hosts --list-hosts

使用逻辑匹配并集、交集、补集(引号引起来)
并集 :
ansible “web_server:db_server” -i hosts --list-hosts
交集 :&
ansible ‘web_server:&db_server’ -i hosts --list-hosts
差集 :!
在web_servers中,但是不在db_servers中
ansible ‘web_server:!db_server’ -i hosts --list-hosts

五、Ansible Ad-hoc命令

Ad-hoc 是一个概念性的名字,是相对于写 Ansible playbook 来说的.类似于在命令行敲入shell命令和 写shell scripts两者之间的关系。可以用于执行一些临时命令。如果我们敲入一些命令去比较快的完成一些事情,而不需要将这些执行的命令特别保存下来, 这样的命令就叫做 ad-hoc 命令。Ansible提供两种方式去完成任务,一是 ad-hoc 命令,一是写 Ansible playbook(这部分在高级课程中会详细阐释)。前者可以解决一些简单的任务, 后者解决较复杂的任务,比如做配置管理或部署

ansible pattern [-i inventory] -m module -a argument

Ansible的模块:核心模块、附加模块、用户自定义模块

Ansible 模块分三种类型: 核心模块(core module)、附加模块(extra module)及用户自定义模块(consume module)
  核心模块是由Ansible 的官方团队提供的
  附加模块是由各个社区提供的。例如: OPENSTACK(kvm虚拟机集群) 社区、DOCKER 社区等等
  当核心模块和附加模块都无法满足你的需求时,用户可以自定义模块
  默认情况下,在安装Ansible 的时候, 核心模块和附加模块都已经安装而无需用户干预

Ansible的帮助手册ansible-doc

列举出所有的核心模块和附加模块
[kakaops@ansible ansible]$ ansible-doc -l
查询某个模块的使用方法
[kakaops@ansible ansible]$ ansible-doc modulename
查询某个模块的使用方法,比较简洁的信息
[kakaops@ansible ansible]$ ansible-doc -s modulename

使用方法示例:
[kakaops@ansible ansible]$ ansible-doc -l | grep yum
[kakaops@ansible ansible]$ ansible-doc yum_repository
G直接翻到最后,看使用示例

六、Ansible的常用模块

1、command和shell模块

两个模块都是在远程服务器上去执行命令
但command模块是ad-hoc的默认模块在执行ad-hoc时,若不指定模块的名字则默认使用此模块

ansible all -i hosts -a “echo ‘hello’”
ansible all -i hosts -m shell -a “echo ‘hello’”
ansible all -i hosts -m shell -a “cat /etc/passwd | wc -l”

两个模块的差异
• shell 模块可以执行SHELL 的内置命令和特性(比如管道符)
• command 模块无法执行SHELL 的内置命令和特性

[kakaops@ansible ansible]$ sudo ansible all -i hosts -a "echo 'kakaops'"
[sudo] kakaops 的密码:
Sunday 01 November 2020  18:36:28 +0800 (0:00:00.093)       0:00:00.093 ******* 
10.11.67.21 | CHANGED | rc=0 >>
kakaops
10.11.67.18 | CHANGED | rc=0 >>
kakaops
10.11.67.19 | CHANGED | rc=0 >>
kakaops
10.11.67.20 | CHANGED | rc=0 >>
kakaops

[kakaops@ansible ansible]$ sudo ansible all -i hosts -m shell -a "echo 'kakaops'"
Sunday 01 November 2020  18:36:58 +0800 (0:00:00.067)       0:00:00.067 ******* 
10.11.67.21 | CHANGED | rc=0 >>
kakaops
10.11.67.20 | CHANGED | rc=0 >>
kakaops
10.11.67.18 | CHANGED | rc=0 >>
kakaops
10.11.67.19 | CHANGED | rc=0 >>
kakaops
[kakaops@ansible ansible]$ sudo ansible all  -i hosts  -m shell -a "cat /etc/passwd | wc -l"
Sunday 01 November 2020  18:38:26 +0800 (0:00:00.063)       0:00:00.063 ******* 
10.11.67.21 | CHANGED | rc=0 >>
23
10.11.67.18 | CHANGED | rc=0 >>
24
10.11.67.19 | CHANGED | rc=0 >>
23
10.11.67.20 | CHANGED | rc=0 >>
23
[kakaops@ansible ansible]$ sudo ansible all  -i hosts  -m command -a "cat /etc/passwd | wc -l"
Sunday 01 November 2020  18:38:47 +0800 (0:00:00.063)       0:00:00.063 ******* 
10.11.67.18 | FAILED | rc=1 >>
cat:无效选项 -- l
Try 'cat --help' for more information.non-zero return code
10.11.67.20 | FAILED | rc=1 >>
cat:无效选项 -- l
Try 'cat --help' for more information.non-zero return code
10.11.67.21 | FAILED | rc=1 >>
cat:无效选项 -- l
Try 'cat --help' for more information.non-zero return code
10.11.67.19 | FAILED | rc=1 >>
cat:无效选项 -- l
Try 'cat --help' for more information.non-zero return code

2、script模块

将管理节点上的脚本传递到被管理节点(远程服务器)上进行执行。
脚本不会传递到被管理资产上,只是产生了执行脚本的效果
默认使用bash 解释器,如果是python脚本,指定python解释器
脚本里使用绝对路径,如果是相对路径,是相对于被管理资产的家目录

[kakaops@ansible ansible]$ sudo ansible all -i hosts  -m script -a "/mnt/test.sh"
Sunday 01 November 2020  18:45:31 +0800 (0:00:00.064)       0:00:00.064 ******* 
10.11.67.21 | CHANGED => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 10.11.67.21 closed.\r\n", 
    "stderr_lines": [
        "Shared connection to 10.11.67.21 closed."
    ], 
    "stdout": "", 
    "stdout_lines": []
}
10.11.67.20 | CHANGED => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 10.11.67.20 closed.\r\n", 
    "stderr_lines": [
        "Shared connection to 10.11.67.20 closed."
    ], 
    "stdout": "", 
    "stdout_lines": []
}
10.11.67.18 | CHANGED => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 10.11.67.18 closed.\r\n", 
    "stderr_lines": [
        "Shared connection to 10.11.67.18 closed."
    ], 
    "stdout": "", 
    "stdout_lines": []
}
10.11.67.19 | CHANGED => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 10.11.67.19 closed.\r\n", 
    "stderr_lines": [
        "Shared connection to 10.11.67.19 closed."
    ], 
    "stdout": "", 
    "stdout_lines": []
}

3、copy模块

copy 模块的主要用于管理节点和被管理节点之间的文件拷贝。
  常用参数
  src:指定拷贝文件的源地址
  dest:指定拷贝文件的目标地址
  backup:拷贝文件前,若原目标文件发生了变化,则对目标文件进行备份,在被管理资产上加入时间戳备份
  owner:指定新拷贝文件的所有者
  group:指定新拷贝文件的所有组
  mode:指定新拷贝文件的权限

ansible 10.11.67.20 -i hosts -m copy -a “src=./hosts dest=/mnt/hosts owner=root group=root mode=777”
  ansible 10.11.67.20 -i hosts -m copy -a “src=./hosts dest=/mnt/hosts backup=yes owner=root group=root mode=777”

[kakaops@ansible ansible]$ sudo ansible 10.11.67.20 -i hosts  -m copy -a "src=./hosts dest=/mnt/hosts owner=root group=root mode=777" 
[sudo] kakaops 的密码:
Sunday 01 November 2020  18:55:12 +0800 (0:00:00.064)       0:00:00.064 ******* 
10.11.67.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "3f10f244ecc0efad4f90612d0e5a78b81e45bbcc", 
    "dest": "/mnt/hosts", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "9b9803b6d236aec7a4a98cd6abdf16a4", 
    "mode": "0777", 
    "owner": "root", 
    "size": 133, 
    "src": "/root/.ansible/tmp/ansible-tmp-1604228112.57-30600-133305554930484/source", 
    "state": "file", 
    "uid": 0
}
[root@serverb ~]# ls /mnt
a.txt  hosts


[kakaops@ansible ansible]$ sudo ansible 10.11.67.20 -i hosts  -m copy -a "src=./hosts dest=/mnt/hosts backup=yes owner=root group=root mode=777" 
Sunday 01 November 2020  18:58:43 +0800 (0:00:00.062)       0:00:00.062 ******* 
10.11.67.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup_file": "/mnt/hosts.5211.2020-11-01@18:58:43~", 
    "changed": true, 
    "checksum": "dbacc96e19fd9abcd5083ffc8480ad20a456b25a", 
    "dest": "/mnt/hosts", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "1c0a2f3c50a5ad47e65bce80f66af17a", 
    "mode": "0777", 
    "owner": "root", 
    "size": 134, 
    "src": "/root/.ansible/tmp/ansible-tmp-1604228323.7-32715-93127853396913/source", 
    "state": "file", 
    "uid": 0
}

[root@serverb ~]# ls /mnt
a.txt  hosts  hosts.5084.2020-11-01@18:57:31~

第一次copy不必用backup=yes,除非被管理节点已经存在重名文件,希望备份一下,或者修改源文件继续拷贝,希望备份

4、yum模块

等同于 Linux 上的YUM 命令, 对远程服务器上RPM包进行管理。
  常用参数
  name:要安装的软件包名, 多个软件包以英文逗号(,) 隔开
  state :对当前指定的软件安装、移除操作(present installed latest absent removed)
  支持的参数
  - present 确认已经安装,但不升级
  - installed 确认已经安装
  - latest 确保安装,且升级为最新
  - absent 和 removed 确认已移除

ansible web_server -i hosts -m yum -a “name=nginx state=present”
  ansible web_server -i hosts -m yum -a “name=nginx state=installed”
  ansible web_server -i hosts -m yum -a “name=nginx state=latest”
  ansible web_server -i hosts -m yum -a “name=nginx state=absent”
  ansible web_server -i hosts -m yum -a “name=nginx state=removed”

[kakaops@ansible ansible]$ sudo ansible web_server -i hosts --list-hosts
  hosts (2):
    10.11.67.18
    10.11.67.19
[kakaops@ansible ansible]$ sudo ansible web_server -i hosts -m yum -a "name=nginx state=present"
Sunday 01 November 2020  19:09:21 +0800 (0:00:00.062)       0:00:00.062 ******* 
10.11.67.18 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "changes": {
        "installed": [
            "nginx"
        ]
    }, 

[kakaops@ansible ansible]$ sudo ansible web_server -i hosts -m yum -a "name=nginx state=latest"
Sunday 01 November 2020  19:12:27 +0800 (0:00:00.071)       0:00:00.071 ******* 
10.11.67.18 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "changes": {
        "installed": [], 
        "updated": []
    }, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "All packages providing nginx are up to date", 
        ""
    ]
}

[kakaops@ansible ansible]$ sudo ansible web_server -i hosts  -m yum -a "name=nginx state=absent"
Sunday 01 November 2020  19:15:36 +0800 (0:00:00.064)       0:00:00.064 ******* 
10.11.67.19 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "changes": {
        "removed": [
            "nginx"
        ]
    }, 

安装一个组包(组包名字用引号引起来,组名前面加@)

[kakaops@ansible ansible]$ sudo ansible 10.11.67.20 -i hosts -m yum -a "name='@Development Tools' state=present"
Sunday 01 November 2020  19:23:40 +0800 (0:00:00.063)       0:00:00.063 ******* 
10.11.67.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "changes": {
        "installed": [
            "@Development Tools"
        ]
    },

5、systemd模块

管理远程节点上的 systemd 服务,就是由 systemd 所管理的服务。
  常用参数
  daemon_reload:重新载入 systemd,扫描新的或有变动的单元
  enabled :是否开机自启动 yes|no
  name:必选项,服务名称 ,比如 httpd vsftpd
  state:对当前服务执行启动,停止、重启、重新加载等操作(started,stopped,restarted,reloaded)
  
  重新加载 systemd
  ansible 10.11.67.19 -i hosts -m systemd -a “daemon_reload=yes”
  启动 Nginx 服务
  ansible 10.11.67.19 -i hosts -m systemd -a “name=nginx state=started”
  关闭 Nginx 服务
  ansible 10.11.67.19 -i hosts -m systemd -a “name=nginx state=stopped”
  重启 Nginx 服务
  ansible 10.11.67.19 -i hosts -m systemd -a “name=nginx state=restarted”
  重新加载 Nginx 服务
  ansible 10.11.67.19 -m systemd -a “name=nginx state=reloaded”
  将 Nginx 服务设置开机自启动
  ansible 10.11.67.19 -m systemd -a “name=nginx enabled=yes”

[kakaops@ansible ansible]$ sudo ansible 10.11.67.19 -i hosts -m systemd -a "daemon_reload=yes"
Sunday 01 November 2020  19:31:45 +0800 (0:00:00.066)       0:00:00.066 ******* 
10.11.67.19 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "name": null, 
    "status": {}
}
[kakaops@ansible ansible]$ sudo ansible 10.11.67.19 -i hosts -m systemd -a "name=nginx state=started"
Sunday 01 November 2020  19:34:06 +0800 (0:00:00.064)       0:00:00.064 ******* 
10.11.67.19 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "nginx", 
    "state": "started", 
    "status": {

[kakaops@ansible ansible]$ sudo ansible 10.11.67.19 -i hosts -m systemd -a "name=nginx state=stopped"
Sunday 01 November 2020  19:36:22 +0800 (0:00:00.067)       0:00:00.067 ******* 
10.11.67.19 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "nginx", 
    "state": "stopped", 
    "status": {

[kakaops@ansible ansible]$ sudo ansible 10.11.67.19 -i hosts -m systemd -a "name=nginx state=restarted"
Sunday 01 November 2020  19:37:54 +0800 (0:00:00.063)       0:00:00.063 ******* 
10.11.67.19 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "nginx", 
    "state": "started", 
    "status": {

[kakaops@ansible ansible]$ sudo ansible 10.11.67.19 -m systemd -a "name=nginx state=reloaded"
Sunday 01 November 2020  19:39:22 +0800 (0:00:00.071)       0:00:00.071 ******* 
10.11.67.19 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "nginx", 
    "state": "started", 
    "status": {

[kakaops@ansible ansible]$ sudo ansible 10.11.67.19 -m systemd -a "name=nginx enabled=yes"
Sunday 01 November 2020  19:40:39 +0800 (0:00:00.062)       0:00:00.062 ******* 
10.11.67.19 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "enabled": true, 
    "name": "nginx", 
    "status": {

6、group模块

被管理节点上,对组进行管理
  name :组名称, 必须的
  system:是否为系统组, yes/no , 默认是 no
  state:删除或这创建,present/absent ,默认是present

创建删除普通组db_admin
  ansible all -i hosts -m group -a “name=db_admin state=present”
  ansible all -i hosts -m group -a “name=db_admin state=absent”
  创建删除系统组删除ka_admin
  ansible all -i hosts -m group -a “name=ka_admin state=present system=yes”
  ansible all -i hosts -m group -a “name=ka_admin state=absent”

\

[kakaops@ansible ansible]$ sudo ansible all -i hosts -m group -a "name=db_admin state=present"
[sudo] kakaops 的密码:
Sunday 01 November 2020  19:45:58 +0800 (0:00:00.064)       0:00:00.064 ******* 
10.11.67.21 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 1011, 
    "name": "db_admin", 
    "state": "present", 
    "system": false
}

[kakaops@ansible ansible]$ sudo ansible all -i hosts  -m group -a "name=db_admin state=absent"
Sunday 01 November 2020  19:47:57 +0800 (0:00:00.068)       0:00:00.068 ******* 
10.11.67.21 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "db_admin", 
    "state": "absent"
}

[kakaops@ansible ansible]$ sudo ansible all -i hosts -m group -a "name=ka_admin state=present system=yes"
Sunday 01 November 2020  19:50:21 +0800 (0:00:00.061)       0:00:00.061 ******* 
10.11.67.18 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 995, 
    "name": "ka_admin", 
    "state": "present", 
    "system": true
}

[kakaops@ansible ansible]$ sudo ansible all -i hosts  -m group -a "name=ka_admin state=absent"
Sunday 01 November 2020  19:51:37 +0800 (0:00:00.083)       0:00:00.083 ******* 
10.11.67.18 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "ka_admin", 
    "state": "absent"
}

7、user模块

用于在被管理节点上对用户进行管理。
  常用参数
  name:必须的参数, 指定用户名
  password:设置用户的密码,这里接受的是一个加密的值,因为会直接存到 shadow, 默认不设置密码
  update_password:假如设置的密码不同于原密码,则会更新密码
  home:指定用户的家目录
  shell:设置用户的登录shell /nologin
  comment:用户的描述信息
  create_home:创建用户时,是否创建其家目录。默认创建,假如不创建,设置为 no
  group:设置用户的主组

groups:将用户加入到多个其他组中,多个用逗号隔开
  默认会把用户从其他已经加入的组中删除
  append: yes|no 和 groups 配合使用,yes 时,
不会把用户从其他已经加入的组中删除

system:设置为 yes 时,将会创建一个系统账号
  expires:设置用户的过期时间,值为时间戳,会转为为天数后,放在 shadow 的第 8 个字段里
  expires=$(date +%s -d 20200415)
  expires 英 [ɪkˈspaɪəz] 美 [ɪkˈspaɪərz] v.(因到期而)失效,终止
  generate_ssh_key:设置为 yes 将会为用户生成密钥,这不会覆盖原来的密钥
  generate 英 [ˈdʒenəreɪt] 美 [ˈdʒenəreɪt] v.产生;引起
  ssh_key_type:指定用户的密钥类型, 默认 rsa, 具体的类型取决于被管理节点

state:删除或添加用户, present 为添加,absent 为删除,默认值 present
  remove,当与 state=absent 一起使用,删除一个用户及关联的目录,
比如家目录,邮箱目录。可选的值为: yes/no

创建kakaops用户,并且设置加密密码
  pass= ( e c h o " 123456 " ∣ o p e n s s l p a s s w d − 1 − s t d i n )     a n s i b l e 10.11.67.20 − i h o s t s − m u s e r − a " n a m e = k a k a o p s s t a t e = p r e s e n t p a s s w o r d = (echo "123456" | openssl passwd -1 -stdin)   ansible 10.11.67.20 -i hosts -m user -a "name=kakaops state=present password= (echo"123456"opensslpasswd1stdin)  ansible10.11.67.20ihostsmusera"name=kakaopsstate=presentpassword={pass}"
  创建用户sunlizhen, 并且为其创建密钥对,并且密钥类型为: ecdsa
  然后删除干净
  ansible 10.11.67.20 -i hosts -m user -a “name=sunlizhen state=present generate_ssh_key=yes ssh_key_type=ecdsa”
  ansible 10.11.67.20 -i hosts -m user -a “name=sunlizhen state=absent remove=yes”
  创建chenzhiqing,设置有效时间到2022年04月09日,加入wheel组,不改变原有的组
  ansible 10.11.67.20 -i hosts -m user -a “name=chenzhiqing state=present expires=$(date +%s -d 20200215) groups=wheel append=yes”

[kakaops@ansible ansible]$ sudo ansible 10.11.67.20 -i hosts -m user -a "name=kakaops state=present password=${pass}"
[sudo] kakaops 的密码:
Sunday 01 November 2020  20:16:32 +0800 (0:00:00.065)       0:00:00.065 ******* 
10.11.67.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 1004, 
    "home": "/home/kakaops", 
    "name": "kakaops", 
    "password": "NOT_LOGGING_PASSWORD", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 1004

[kakaops@ansible ansible]$ sudo ansible 10.11.67.20 -i hosts -m user -a "name=sunlizhen state=absent remove=yes"
Sunday 01 November 2020  20:25:42 +0800 (0:00:00.061)       0:00:00.061 ******* 
10.11.67.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "force": false, 
    "name": "sunlizhen", 
    "remove": true, 
    "state": "absent"
}

[kakaops@ansible ansible]$ sudo ansible 10.11.67.20 -i hosts -m user -a "name=chenzhiqing state=present expires=$(date +%s -d 20200215) groups=wheel append=yes"
Sunday 01 November 2020  20:29:09 +0800 (0:00:00.065)       0:00:00.065 ******* 
10.11.67.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 1005, 
    "groups": "wheel", 
    "home": "/home/chenzhiqing", 
    "name": "chenzhiqing", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 1005
}

// 计算 3 小时之后是几点几分
# date +%T -d '3 hours'
// 任意日期的前 N 天,后 N 天的具体日期
# date +%F -d "20190910 1 day"
# date +%F -d "20190910 -1 day"

// 计算两个日期相差天数, 比如计算生日距离现在还有多少天
# d1=$(date +%s -d 20180728)
# d2=$(date +%s -d 20180726)
# echo $(((d1-d2)/86400))

8、file模块

file模块主要用于远程主机上的文件操作
  常用参数
  owner:定义文件/目录的属主
  group:定义文件/目录的属组
  mode:定义文件/目录的权限
  path:必选项,定义文件/目录的路径
  recurse 递归的设置文件的属性,只对目录有效
  src:链接(软/硬)文件的源文件路径,只应用于state=link的情况
  dest:链接文件的路径,只应用于state=link的情况
  state(directory、file、link、hard、touch、absent)
  - directory:如果目录不存在,创建目录  
  - file:文件不存在,则不会被创建,存在则返回文件的信息
  常用于检查文件是否存在。
  - link:创建软链接
  - hard:创建硬链接
  - touch:如果文件不存在,则会创建一个新的文件,如果文件或目录
  已存在,则更新其最后修改时间
  - absent:删除除目录、文件或者取消链接文件
  硬链接文件直接删除,软连接文件取消链接,也相当于删除

创建一个文件
  ansible all -i hosts -m file -a “path=/mnt/kakaops state=touch”
  改变文件所有者及权限
  ansible all -i hosts -m file -a “path=/mnt/kakaops owner=nobody group=nobody mode=777”
  创建一个软连接
  ansible all -i hosts -m file -a “src=/mnt/kakaops dest=/mnt/sunlizhen state=link”
  创建一个目录
  ansible all -i hosts -m file -a “path=/mnt/chenzhiqing state=directory”
  取消一个连接
  ansible all -i hosts -m file -a “path=/mnt/sunlizhen state=absent”
  删除一个文件
  ansible all -i hosts -m file -a “path=/mnt/kakaops state=absent”

[kakaops@ansible ansible]$ sudo ansible all -i hosts  -m file -a "path=/mnt/kakaops state=touch"
Sunday 01 November 2020  20:46:23 +0800 (0:00:00.062)       0:00:00.062 ******* 
10.11.67.21 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/mnt/kakaops", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}

[kakaops@ansible ansible]$ sudo ansible all -i hosts -m file -a "path=/mnt/kakaops owner=nobody group=nobody mode=777"
Sunday 01 November 2020  20:48:27 +0800 (0:00:00.069)       0:00:00.069 ******* 
10.11.67.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 99, 
    "group": "nobody", 
    "mode": "0777", 
    "owner": "nobody", 
    "path": "/mnt/kakaops", 
    "size": 0, 
    "state": "file", 
    "uid": 99
}

[kakaops@ansible ansible]$ sudo ansible all -i hosts -m file -a "src=/mnt/kakaops dest=/mnt/sunlizhen state=link"
Sunday 01 November 2020  20:50:13 +0800 (0:00:00.061)       0:00:00.061 ******* 
10.11.67.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/mnt/sunlizhen", 
    "gid": 0, 
    "group": "root", 
    "mode": "0777", 
    "owner": "root", 
    "size": 12, 
    "src": "/mnt/kakaops", 
    "state": "link", 
    "uid": 0
}

[kakaops@ansible ansible]$ sudo ansible all -i hosts -m file -a "path=/mnt/chenzhiqing state=directory"
Sunday 01 November 2020  20:52:21 +0800 (0:00:00.063)       0:00:00.063 ******* 
10.11.67.21 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/mnt/chenzhiqing", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}

[kakaops@ansible ansible]$ sudo ansible all -i hosts -m file -a "path=/mnt/sunlizhen state=absent"
Sunday 01 November 2020  20:54:03 +0800 (0:00:00.062)       0:00:00.062 ******* 
10.11.67.21 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/mnt/sunlizhen", 
    "state": "absent"
}

[kakaops@ansible ansible]$ sudo ansible all -i hosts -m file -a "path=/mnt/kakaops state=absent"
Sunday 01 November 2020  20:55:27 +0800 (0:00:00.061)       0:00:00.061 ******* 
10.11.67.18 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/mnt/kakaops", 
    "state": "absent"
}

9、cron模块

管理远程节点的CRON 服务。等同于Linux 中的 计划任务
  注意:使用 Ansible 创建的计划任务,是不能使用本地
  crontab -e去编辑,否则 Ansible 无法再次操作此计划任务了
  常用参数
  name:指定一个cron job 的名字。一定要指定,便于日之后删除
  minute:指定分钟,可以设置成(0-59, *, */2 等)格式。 默认是 * , 也就是每分钟
  hour:指定小时,可以设置成(0-23, *, */2 等)格式。 默认是 * , 也就是每小时
  day:指定天, 可以设置成(1-31, *, */2 等)格式。 默认是 * , 也就是每天
  month:指定月份, 可以设置成(1-12, *, */2 等)格式。 默认是 * , 也就是每周
  weekday:指定星期, 可以设置成(0-6 for Sunday-Saturday, * 等)格式。默认是 *,也就是每星期
  job:指定要执行的内容,通常可以写个脚本,或者一段内容
  state:指定这个job的状态,可以是新增(present)或者是删除(absent)。 默认为新增(present)

创建一个计划任务
  ansible 10.11.67.20 -i hosts -m cron -a “name=‘my-job1’ minute=2 hour=3 day=8 month=10 weekday=0 job=‘touch /mnt/sun’ state=present”
  根据名字删除计划任务
  ansible 10.11.67.20 -i hosts -m cron -a “name=my-job1 state=absent”

[kakaops@ansible ansible]$ sudo ansible 10.11.67.20 -i hosts -m cron -a "name=my-job1 state=absent"
Sunday 01 November 2020  21:09:16 +0800 (0:00:00.061)       0:00:00.061 ******* 
10.11.67.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": []
}

10、debug模块

debug 模块主要用于调试时使用,通常的作用是将一个变量的值给打印出来。
  常用参数(-e传递参数)
  var:直接打印一个指定的变量值
  msg:打印一段可以格式化的字符串
  字符串里面的变量用{{ }}括起来
  
  如果没有-e传递参数,执行命令后会报参数没有定义
  ansible all -i hosts -m debug -a “var=sun”
   “sun”: “VARIABLE IS NOT DEFINED!”
  ansible all -i hosts -m debug -a “var=sun” -e “sun=kakaops”
   “sun”: “kakaops”
  ansible all -i hosts -m debug -a “msg=‘role is {{role}}’” -e “role=sunlizhen”
   “msg”: “role is sunlizhen”



[kakaops@ansible ansible]$ sudo ansible all -i hosts  -m debug -a "var=sun"
Sunday 01 November 2020  21:13:29 +0800 (0:00:00.064)       0:00:00.064 ******* 
10.11.67.21 | SUCCESS => {
    "sun": "VARIABLE IS NOT DEFINED!"
}
10.11.67.20 | SUCCESS => {
    "sun": "VARIABLE IS NOT DEFINED!"
}
10.11.67.18 | SUCCESS => {
    "sun": "VARIABLE IS NOT DEFINED!"
}
10.11.67.19 | SUCCESS => {
    "sun": "VARIABLE IS NOT DEFINED!"
}

[kakaops@ansible ansible]$ sudo ansible all -i hosts  -m debug -a "var=sun" -e "sun=kakaops"
Sunday 01 November 2020  21:13:53 +0800 (0:00:00.063)       0:00:00.063 ******* 
10.11.67.21 | SUCCESS => {
    "sun": "kakaops"
}
10.11.67.19 | SUCCESS => {
    "sun": "kakaops"
}
10.11.67.20 | SUCCESS => {
    "sun": "kakaops"
}
10.11.67.18 | SUCCESS => {
    "sun": "kakaops"
}


[kakaops@ansible ansible]$ sudo ansible all -i hosts -m debug -a "msg='role is {{role}}'" -e "role=sunlizhen"
Sunday 01 November 2020  21:19:43 +0800 (0:00:00.061)       0:00:00.061 ******* 
10.11.67.21 | SUCCESS => {
    "msg": "role is sunlizhen"
}
[WARNING]: Failure using method (v2_runner_on_ok) in callback plugin
(<ansible.plugins.callback.mysql_plays.CallbackModule object at
0x7ff8413013d0>): (2003, "Can't connect to MySQL server on u'server-2' ([Errno
-2] Name or service not known)")
10.11.67.18 | SUCCESS => {
    "msg": "role is sunlizhen"
}
10.11.67.20 | SUCCESS => {
    "msg": "role is sunlizhen"
}
10.11.67.19 | SUCCESS => {
    "msg": "role is sunlizhen"
}

11、template模块

template 模块使用了Jinjia2格式作为文件模版,可以进行文档内变量的替换。文件以 .j2 结尾
  常用参数
  src:指定 Ansible 控制端的文件路径这里是引用
  dest:指定 Ansible 被控端的文件路径
  owner:指定文件的属主
  group:指定文件的属组
  mode:指定文件的权限
  backup:创建一个包含时间戳信息的备份文件,这样如果您以某种方式错误地破坏了原始文件, 就可以将其恢复原状。yes/no
  用法其实和 copy 模块基本一样
  template 模块的强大之处就是使用变量替换,就是可以把传递给 Ansible 的变量的值替换到模板文件中

1、建立一个 template 文件, 名为 hello_world.j2
  cat hello_world.j2
  Hello {{var}} !
  2、执行命令,并且设置变量 var 的值为 world
  ansible all -i hosts -m template -a “src=./hello_world.j2 dest=/opt/kakaops backup=yes” -e “var=world”
  3、在被控主机上验证
  cat /tmp/hello_world.world
  Hello world !

[kakaops@ansible ansible]$ sudo ansible all -i hosts -m template -a "src=./hello_world.j2 dest=/opt/kakaops backup=yes" -e "var=world"
\Sunday 01 November 2020  21:29:15 +0800 (0:00:00.062)       0:00:00.062 ******* 
10.11.67.21 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "22596363b3de40b06f981fb85d82312e8c0ed511", 
    "dest": "/opt/kakaops", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "6f5902ac237024bdd0c176cb93063dc4", 
    "mode": "0644", 
    "owner": "root", 
    "size": 12, 
    "src": "/root/.ansible/tmp/ansible-tmp-1604237355.12-1977-218132888014363/source", 
    "state": "file", 
    "uid": 0
}

12、lineinfile模块

在被管理节点上,用正则匹配的方式对目标文件的一行内容修改删除等操作。
  如果是在一个文件中把所有匹配到的多行都进行统一处理,请参考replace模块
  如果想对一个文件进行一次性添加/更新/删除多行内容等操作,参考blockinfile模块
  常用参数
  path:被管理节点的目标文件路径, 必须
  state:可选值absent 删除 present 替换(默认值)
  regexp:在文件的每一行中查找的正则表达式
  对于 state=present ,仅找到的最后一行将被替换。
  line 要在文件中插入/替换的行。需要state=present
  line参数插入,默认插入到最后一行
  create 文件不存在时,是否要创建文件并添加内容。yes/no

删除被控节点文件里的某一条内容
  ansible 10.11.67.21 -i hosts -m lineinfile -a “path=/etc/sudoers regexp=’^%wheel’ state=absent”
  替换某一行
  ansible 10.11.67.21 -i hosts -m lineinfile -a “path=/etc/selinux/config regexp=’^SELINUX’ line=‘SELINUX=disabled’ state=present”

[kakaops@ansible ansible]$ sudo ansible 10.11.67.21 -i hosts  -m lineinfile -a "path=/etc/sudoers regexp='^%wheel' state=absent"
Sunday 01 November 2020  21:41:25 +0800 (0:00:00.061)       0:00:00.061 ******* 
10.11.67.21 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup": "", 
    "changed": true, 
    "found": 1, 
    "msg": "1 line(s) removed"
}

[kakaops@ansible ansible]$ sudo ansible 10.11.67.21 -i hosts -m lineinfile -a "path=/etc/selinux/config regexp='^SELINUX' line='SELINUX=disabled' state=present"
Sunday 01 November 2020  21:45:39 +0800 (0:00:00.061)       0:00:00.061 ******* 
10.11.67.21 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup": "", 
    "changed": true, 
    "msg": "line replaced"
}

13、blockinfile模块

对目标文件进行多行的添加/更新/删除操作。
  常用参数
  path:目标文件路径
  block:文件中被操作的块内容
  state:块内容如何处理,absent 删除, present 添加/更新(默认值)

向文件/mnt/kakaops的最后添加几行内容
  sunlizhen
  chenzhiqing
  ansible 10.11.67.20 -i hosts -m blockinfile -a “path=/mnt/kakaops block=sunlizhen\nchenzhiqing”
  [root@serverb ~]# cat /mnt/kakaops
  hahahahahaha
  # BEGIN ANSIBLE MANAGED BLOCK
  sunlizhen
  chenzhiqing
  # END ANSIBLE MANAGED BLOCK
  更新之前的内容
  ansible 10.11.67.20 -i hosts -m blockinfile -a “path=/mnt/kakaops block=‘kakaops’”
  [root@serverb ~]# cat /mnt/kakaops
  hahahahahaha
  # BEGIN ANSIBLE MANAGED BLOCK
  kakaops
  # END ANSIBLE MANAGED BLOCK
  删除文件中的连续出现几行内容
  ansible 10.11.67.20 -i hosts -m blockinfile -a “path=/mnt/kakaops block=kakaops state=absent”
  [root@serverb ~]# cat /mnt/kakaops
  hahahahahaha
  也就是说:blockinfile就是在被控主机上的文件最后加入ansible block块
  在这个block块里进行操作

[kakaops@ansible ansible]$ sudo ansible 10.11.67.20 -i hosts -m blockinfile -a "path=/mnt/kakaops block=sunlizhen\nchenzhiqing"
[sudo] kakaops 的密码:
Sunday 01 November 2020  22:02:15 +0800 (0:00:00.071)       0:00:00.071 ******* 
10.11.67.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "msg": "Block inserted"
}

[kakaops@ansible ansible]$ sudo ansible 10.11.67.20 -i hosts -m blockinfile -a "path=/mnt/kakaops block='kakaops'"
Sunday 01 November 2020  23:03:59 +0800 (0:00:00.062)       0:00:00.062 ******* 
10.11.67.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "msg": "Block inserted"
}

[kakaops@ansible ansible]$ sudo ansible 10.11.67.20 -i hosts -m blockinfile -a "path=/mnt/kakaops block=kakaops state=absent"
Sunday 01 November 2020  23:06:51 +0800 (0:00:00.062)       0:00:00.062 ******* 
10.11.67.20 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "msg": "Block removed"
}

14、setup模块

该模块主要用于收集信息,是通过调用facts组件来实现的。
  facts组件是Ansible用于采集被管机器设备信息的一个功能,我们可以使用setup模块查机器的所有facts信息,可以使用filter来查看指定信息。整个facts信息被包装在一个JSON格式的数据结构中,ansible_facts是最上层的值。facts就是变量,内建变量 。每个主机的各种信息,cpu颗数、内存大小等。会存在facts中的某个变量中。调用后返回很多对应主机的信息,在后面的操作中可以根据不同的信息来做不同的操作。如redhat系列用yum安装,而debian系列用apt来安装软件

setup模块用filter(滤波器)查看facts变量
  ansible 10.11.67.19 -i hosts -m setup -a “filter=‘mem’”

[kakaops@ansible ansible]$ sudo ansible 10.11.67.19 -i hosts -m setup -a "filter='*mem*'"
[sudo] kakaops 的密码:
Monday 02 November 2020  19:28:07 +0800 (0:00:00.992)       0:00:00.992 ******* 
10.11.67.19 | SUCCESS => {
    "ansible_facts": {
        "ansible_memfree_mb": 672, 
        "ansible_memory_mb": {
            "nocache": {
                "free": 816, 
                "used": 160
            }, 
            "real": {
                "free": 672, 
                "total": 976, 
                "used": 304
            }, 
            "swap": {
                "cached": 0, 
                "free": 0, 
                "total": 0, 
                "used": 0
            }
        }, 
        "ansible_memtotal_mb": 976, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}

功能2:保存信息,可以保存我们所筛选的信息至我们的主机上
  同时,文件名为我们被管制的主机的IP,这样方便我们知道是哪台机器出的问题
  ansible 10.11.67.19 -i hosts -m setup -a “filter=‘mem’” --tree /mnt/facts

[kakaops@ansible ansible]$ sudo ansible 10.11.67.19 -i hosts -m setup -a "filter='*mem*'" --tree /mnt/facts
[sudo] kakaops 的密码:
Monday 02 November 2020  19:33:32 +0800 (0:00:00.061)       0:00:00.061 ******* 
10.11.67.19 | SUCCESS => {
    "ansible_facts": {
        "ansible_memfree_mb": 668, 
        "ansible_memory_mb": {
            "nocache": {
                "free": 816, 
                "used": 160
            }, 
            "real": {
                "free": 668, 
                "total": 976, 
                "used": 308
            }, 
            "swap": {
                "cached": 0, 
                "free": 0, 
                "total": 0, 
                "used": 0
            }
        }, 
        "ansible_memtotal_mb": 976, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
[WARNING]: Failure using method (v2_runner_on_ok) in callback plugin
(<ansible.plugins.callback.mysql_plays.CallbackModule object at
0x7efd2cd6a390>): (2003, "Can't connect to MySQL server on u'server-2' ([Errno
-2] Name or service not known)")
Monday 02 November 2020  19:33:39 +0800 (0:00:06.963)       0:00:07.025 ******* 
=============================================================================== 
setup ------------------------------------------------------------------- 6.96s
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
total ------------------------------------------------------------------- 6.96s
Playbook run took 0 days, 0 hours, 0 minutes, 7 seconds
[kakaops@ansible ansible]$ cd /mnt/facts/
[kakaops@ansible facts]$ ls
10.11.67.19
[kakaops@ansible facts]$ cat 10.11.67.19 
{"ansible_facts": {"ansible_memfree_mb": 668, "ansible_memory_mb": {"nocache": {"free": 816, "used": 160}, "real": {"free": 668, "total": 976, "used": 308}, "swap": {"cached": 0, "free": 0, "total": 0, "used": 0}}, "ansible_memtotal_mb": 976, "discovered_interpreter_python": "/usr/bin/python"}, "changed": false}[kakaops@ansible facts]$ 
[kakaops@ansible facts]$ 
[kakaops@ansible facts]$ 

15、get_url模块

用于将文件或软件从http、https或ftp下载到本地节点上
  dest:指定将文件下载的远程绝对路径(目录需要存在)—必须
  url:文件的下载地址(网址)—必须
  url_username:用于http基本认证的用户名
  url_password:用于http基本认证的密码
  validate_certs: 如果否,SSL证书将不会验证。这只应在使用自签名证书的个人控制站点上使用
  owner:指定属主
  group:指定属组
  mode:指定权限
 
  ansible 10.11.67.19 -i hosts -m file -a “path=/opt/koko state=directory”
  ansible 10.11.67.19 -i hosts -m get_url -a “url=ftp://10.11.67.31/test.py dest=/opt/koko”

[kakaops@ansible ansible]$ sudo ansible 10.11.67.19 -i hosts -m shell -a "rm -rvf /opt/*"
Monday 02 November 2020  19:49:14 +0800 (0:00:00.579)       0:00:00.579 ******* 
[WARNING]: Consider using the file module with state=absent rather than running
'rm'.  If you need to use command because file is insufficient you can add
'warn: false' to this command task or set 'command_warnings=False' in
ansible.cfg to get rid of this message.
10.11.67.19 | CHANGED | rc=0 >>
已删除"/opt/test.py"
[WARNING]: Failure using method (v2_runner_on_ok) in callback plugin
(<ansible.plugins.callback.mysql_plays.CallbackModule object at
0x7f55cc8603d0>): (2003, "Can't connect to MySQL server on u'server-2' ([Errno
-2] Name or service not known)")
Monday 02 November 2020  19:49:15 +0800 (0:00:01.070)       0:00:01.650 ******* 
=============================================================================== 
shell ------------------------------------------------------------------- 1.07s
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
total ------------------------------------------------------------------- 1.07s
Playbook run took 0 days, 0 hours, 0 minutes, 1 seconds
[kakaops@ansible ansible]$ sudo an
anaconda                         ansible-galaxy
anaconda-cleanup                 ansible-galaxy-2
anaconda-disable-nm-ibft-plugin  ansible-galaxy-2.7
anacron                          ansible-inventory
analog                           ansible-playbook
animalsay                        ansible-playbook-2
animate                          ansible-playbook-2.7
annotate-output                  ansible-pull
ansible                          ansible-pull-2
ansible-2                        ansible-pull-2.7
ansible-2.7                      ansible-test
ansible-config                   ansible-vault
ansible-connection               ansible-vault-2
ansible-console                  ansible-vault-2.7
ansible-console-2                ant
ansible-console-2.7              antlr
ansible-doc                      antRun
ansible-doc-2                    antRun.pl
ansible-doc-2.7                  
[kakaops@ansible ansible]$ sudo ansible 10.11.67.19 -i hosts -m file -a "path=/opt/koko state=directory"
Monday 02 November 2020  19:50:44 +0800 (0:00:00.071)       0:00:00.071 ******* 
10.11.67.19 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/opt/koko", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}
[WARNING]: Failure using method (v2_runner_on_ok) in callback plugin
(<ansible.plugins.callback.mysql_plays.CallbackModule object at
0x7f8306b11350>): (2003, "Can't connect to MySQL server on u'server-2' ([Errno
-2] Name or service not known)")
Monday 02 November 2020  19:50:45 +0800 (0:00:01.040)       0:00:01.112 ******* 
=============================================================================== 
file -------------------------------------------------------------------- 1.04s
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
total ------------------------------------------------------------------- 1.04s
Playbook run took 0 days, 0 hours, 0 minutes, 1 seconds
[kakaops@ansible ansible]$ sudo ansible 10.11.67.19 -i hosts -m get_url -a "url=ftp://10.11.67.31/test.py dest=/opt/koko"
Monday 02 November 2020  19:51:53 +0800 (0:00:00.072)       0:00:00.072 ******* 
10.11.67.19 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum_dest": null, 
    "checksum_src": "da39a3ee5e6b4b0d3255bfef95601890afd80709", 
    "dest": "/opt/koko/test.py", 
    "elapsed": 0, 
    "gid": 0, 
    "group": "root", 
    "md5sum": "d41d8cd98f00b204e9800998ecf8427e", 
    "mode": "0644", 
    "msg": "OK (0 bytes)", 
    "owner": "root", 
    "size": 0, 
    "src": "/root/.ansible/tmp/ansible-tmp-1604317913.63-12512-215125862920696/tmphaSZ8I", 
    "state": "file", 
    "status_code": null, 
    "uid": 0, 
    "url": "ftp://10.11.67.31/test.py"
}
[WARNING]: Failure using method (v2_runner_on_ok) in callback plugin
(<ansible.plugins.callback.mysql_plays.CallbackModule object at
0x7fad14610350>): (2003, "Can't connect to MySQL server on u'server-2' ([Errno
-2] Name or service not known)")
Monday 02 November 2020  19:51:54 +0800 (0:00:01.295)       0:00:01.368 ******* 
=============================================================================== 
get_url ----------------------------------------------------------------- 1.30s
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
total ------------------------------------------------------------------- 1.30s
Playbook run took 0 days, 0 hours, 0 minutes, 1 seconds

16、stat模块

检查文件或文件系统的状态
  注意:对于Windows目标,请改用win_stat模块
  
  参数:
  path:文件/对象的完整路径(必须)
  
  ansible 10.11.67.19 -i hosts -m stat -a “path=/opt/koko/test.py”

常用的返回值判断:
  exists: 判断是否存在
  isuid: 调用用户的ID与所有者ID是否匹配

[kakaops@ansible ansible]$ sudo ansible 10.11.67.19 -i hosts -m stat -a "path=/mnt/koko/test.py"
Monday 02 November 2020  19:57:49 +0800 (0:00:00.062)       0:00:00.062 ******* 
10.11.67.19 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "stat": {
        "exists": false
    }
}
[WARNING]: Failure using method (v2_runner_on_ok) in callback plugin
(<ansible.plugins.callback.mysql_plays.CallbackModule object at
0x7f7a5ecd4390>): (2003, "Can't connect to MySQL server on u'server-2' ([Errno
-2] Name or service not known)")
Monday 02 November 2020  19:57:50 +0800 (0:00:00.903)       0:00:00.965 ******* 
=============================================================================== 
stat -------------------------------------------------------------------- 0.90s
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
total ------------------------------------------------------------------- 0.90s
Playbook run took 0 days, 0 hours, 0 minutes, 0 seconds
[kakaops@ansible ansible]$ sudo ansible 10.11.67.19 -i hosts -m stat -a "path=/opt/koko/test.py"
Monday 02 November 2020  19:58:21 +0800 (0:00:00.064)       0:00:00.064 ******* 
10.11.67.19 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "stat": {
        "atime": 1604317912.957131, 
        "attr_flags": "", 
        "attributes": [], 
        "block_size": 4096, 
        "blocks": 0, 
        "charset": "binary", 
        "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", 
        "ctime": 1604317912.957131, 
        "dev": 64768, 
        "device_type": 0, 
        "executable": false, 
        "exists": true, 
        "gid": 0, 
        "gr_name": "root", 
        "inode": 51029999, 
        "isblk": false, 
        "ischr": false, 
        "isdir": false, 
        "isfifo": false, 
        "isgid": false, 
        "islnk": false, 
        "isreg": true, 
        "issock": false, 
        "isuid": false, 
        "mimetype": "inode/x-empty", 
        "mode": "0644", 
        "mtime": 1604317912.954131, 
        "nlink": 1, 
        "path": "/opt/koko/test.py", 
        "pw_name": "root", 
        "readable": true, 
        "rgrp": true, 
        "roth": true, 
        "rusr": true, 
        "size": 0, 
        "uid": 0, 
        "version": "18446744072110931985", 
        "wgrp": false, 
        "woth": false, 
        "writeable": true, 
        "wusr": true, 
        "xgrp": false, 
        "xoth": false, 
        "xusr": false
    }
}
[WARNING]: Failure using method (v2_runner_on_ok) in callback plugin
(<ansible.plugins.callback.mysql_plays.CallbackModule object at
0x7f8b1e189390>): (2003, "Can't connect to MySQL server on u'server-2' ([Errno
-2] Name or service not known)")
Monday 02 November 2020  19:58:22 +0800 (0:00:00.889)       0:00:00.954 ******* 
=============================================================================== 
stat -------------------------------------------------------------------- 0.89s
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 

17、unarchive模块

用途:从本地机器上复制存档后,将其解包。
  该unarchive模块将解压缩一个存档。
  默认情况下,它将在解包之前将源文件从本地系统复制到目标。
  设置remote_src=yes为解包目标上已经存在的档案。
  对于Windows目标,请改用win_unzip模块。
  常用选项:
  src:指定本地主机的源压缩文件
  dest:远程绝对路径,档案应该被解压缩
  exec:列出需要排除的目录和文件
  creates:一个文件名,当它已经存在时,这个步骤将不会被运行。

ansible 10.11.67.19 -i hosts -m unarchive -a “src=./kakaops.tar.gz dest=/opt/koko”
  传递到远程主机之后,不出所料,又是一个套娃文件

[kakaops@ansible ansible]$ sudo ansible 10.11.67.19 -i hosts  -m unarchive -a "src=./kakaops.tar.gz dest=/opt/koko"
Monday 02 November 2020  20:08:06 +0800 (0:00:00.125)       0:00:00.125 ******* 
10.11.67.19 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/opt/koko", 
    "extract_results": {
        "cmd": [
            "/usr/bin/gtar", 
            "--extract", 
            "-C", 
            "/opt/koko", 
            "-z", 
            "-f", 
            "/root/.ansible/tmp/ansible-tmp-1604318886.57-22110-270463387525506/source"
        ], 
        "err": "", 
        "out": "", 
        "rc": 0
    }, 
    "gid": 0, 
    "group": "root", 
    "handler": "TgzArchive", 
    "mode": "0755", 
    "owner": "root", 
    "size": 32, 
    "src": "/root/.ansible/tmp/ansible-tmp-1604318886.57-22110-270463387525506/source", 
    "state": "directory", 
    "uid": 0
}
[WARNING]: Failure using method (v2_runner_on_ok) in callback plugin
(<ansible.plugins.callback.mysql_plays.CallbackModule object at
0x7fc9791cb350>): (2003, "Can't connect to MySQL server on u'server-2' ([Errno
-2] Name or service not known)")
Monday 02 November 2020  20:08:08 +0800 (0:00:01.796)       0:00:01.922 ******* 
=============================================================================== 
unarchive --------------------------------------------------------------- 1.80s

你可能感兴趣的:(Ansible#Ansible的Ad-Hoc和常用模块)