目录
一、command模块
二、shell模块
三、raw模块
四、copy模块
五、hostname模块
六、yum模块
七、service模块
八、user模块
九、script模块
十、unarchive用于在远程主机上解压文件案列
command模块在远程主机执行命令,但是不支持管道,重定向等shell的特征,常用参数如下(不支持管道,不建议使用)。
案列
[root@ansible ~] ansible Rich -m command -a "useradd Rich"
#Rich是我在/etc/ansible/hosts里定义的主机名 输入IP192.168.1.XX也可以
192.168.1.134 | CHANGED | rc=0 >>
192.168.1.133 | CHANGED | rc=0 >>
[root@client1 ~] hostname
client1
[root@ansible ~] ansible Rich -m command -a "uptime"
192.168.1.134 | CHANGED | rc=0 >>
16:51:24 up 7:54, 3 users, load average: 0.05, 0.03, 0.05
192.168.1.133 | CHANGED | rc=0 >>
16:51:24 up 7:54, 3 users, load average: 0.00, 0.01, 0.05
shell模块在远程主机执行命令,相当于调用远程主机的shell进程,然后在该shell下打开一个子shell运行命令,和command模块的区别是它支持shell特征,如管道,重定向等。
1、测试重定向
[root@ansible ~] ansible 192.168.1.133 -m shell -a "echo cool >1.txt"
192.168.1.133 | CHANGED | rc=0 >>
[root@client1 ~]# cat 1.txt
cool
2、测试管道符
最原始的方式运行命令(不依赖python,仅通过ssh实现)
案列:清除yum缓存
[root@ansible ~] ansible 192.168.1.134 -m raw -a "yum clean all"
192.168.1.134 | CHANGED | rc=0 >>
已加载插件:fastestmirror
正在清理软件源: c7-media epel
Cleaning up list of fastest mirrors
Other repos take up 180 M of disk space (use --verbose for details)
Shared connection to 192.168.1.134 closed.
copy模块用于复制指定主机文件到远程主机的指定位置,常见参数如下
特别提示:
参数:backup=yes===>意思是,如果目标路径下,有与我同名但不同内容的文件时,在覆盖前,对目标文件先进行备份。
所有被管理端节点必须安装libselinux-python
实验案例
将Rich组中主机的/etc/hosts文件拷贝到/tmp下 指定权限为777 更改属主为Rich更改属组为root
[root@ansible ~] ansible Rich -m copy -a "src=/etc/hosts dest=/tmp mode=777 owner=Rich group=root"
192.168.1.134 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "7335999eb54c15c67566186bdfc46f64e0d5a1aa",
"dest": "/tmp/hosts",
"gid": 0,
"group": "root",
"md5sum": "54fb6627dbaa37721048e4549db3224d",
"mode": "0777",
"owner": "Rich",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 158,
"src": "/root/.ansible/tmp/ansible-tmp-1689330661.87-9796-230501467348237/source",
"state": "file",
"uid": 1000
[root@client1 ~] ls /tmp/
hosts systemd-private-0eee05b8fb594c28b1d829918eb10657-chronyd.service-LWLJ47
hostname模块用于管理远程主机上的主机名,常用参数如下
name:指明主机名
案列:更改client主机名
[root@ansible ~] ansible 192.168.1.133 -m hostname -a "name=Rich"
192.168.1.133 | CHANGED => {
"ansible_facts": {
"ansible_domain": "",
"ansible_fqdn": "Rich",
"ansible_hostname": "Rich",
"ansible_nodename": "Rich",
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "Rich"
}
#client上查看
[root@client1 ~] hostname
Rich
Yum模块基于yum机制,对远程主机管理程序包,常用参数如下。
案例:client端yum安装bind
[root@ansible ~] ansible Rich -m copy -a "src=/etc/hosts dest=/tmp mode=777 owner=Rich group=root"
192.168.1.134 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "7335999eb54c15c67566186bdfc46f64e0d5a1aa",
"dest": "/tmp/hosts",
"gid": 0,
"group": "root",
"md5sum": "54fb6627dbaa37721048e4549db3224d",
"mode": "0777",
"owner": "Rich",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 158,
"src": "/root/.ansible/tmp/ansible-tmp-1689330661.87-9796-230501467348237/source",
"state": "file",
"uid": 1000
}
[root@client1 ~] rpm -qa bind
bind-9.11.4-26.P2.el7_9.13.x86_64
Service模块为用来管理远程主机上的服务的模块,常见参数如下:
runlevel:如果设定了enabled开机自启动,则要定义在哪些运行目标下自启动
案例:启动httpd服务并设置为开启自启动
[root@ansible ~] ansible 192.168.1.133 -m service -a "name=httpd state=started enabled=yes"
192.168.1.133 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
[root@client1 ~] netstat -anptl |grep :80
tcp6 0 0 :::80 :::* LISTEN 11163/httpd
User模块用于管理远程主机上的用户账户,常见参数如下:
案列:给client1(192.168.1.133)创建用户
[root@ansible ~] ansible 192.168.1.133 -m user -a 'name=user1 system=yes uid=502 group=root groups=sshd shell=/sbin/nologin home=/home/user1 password=user1 comment="test user"'
[WARNING]: The input password appears not to have been hashed. The 'password' argument must
be encrypted for this module to work properly.
192.168.1.133 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "test user",
"create_home": true,
[root@client1 ~] tail /etc/passwd
user1:x:502:0:test user:/home/user1:/sbin/nologin
删除用户及家目录
[root@ansible ~] ansible 192.168.1.133 -m user -a 'name=user1 state=absent remove=yes'
192.168.1.133 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"force": false,
script模块能够实现远程服务器批量运行本地的shell脚本
所有被管理端需要挂载光盘,并创建本地yum仓库文件
[root@ansible ~] vim test.sh
#!/bin/bash
touch /tmp/file{1..20}.txt
[root@ansible ~] ansible 192.168.1.133 -m script -a "test.sh"
192.168.1.133 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.1.133 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.1.133 closed."
],
"stdout": "",
"stdout_lines": []
[root@client1 ~] ls /tmp
file10.txt file2.txt
file11.txt file3.txt
file12.txt file4.txt
file13.txt file5.txt
file14.txt file6.txt
file15.txt file7.txt
file16.txt file8.txt
file17.txt file9.txt
file18.txt hosts
file19.txt systemd-private-0eee05b8fb594c28b1d829918eb10657-chronyd.service-LWLJ47
file1.txt systemd-private-0eee05b8fb594c28b1d829918eb10657-httpd.service-dqgrrv
file20.txt
[root@ansible ~] ansible Rich -m unarchive -a "src=/root/0.4.0.tar.gz dest=/mnt/"
192.168.1.134 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/mnt/",
"extract_results": {
[root@client1 ~] ls /mnt
hgfs jpress-0.4.0