ansible(2)-- ansible常用模块

部署ansible:ansible(1)-- 部署ansible连接被控端_luo_guibin的博客-CSDN博客

目录

 一、ansible常用模块

1.1 ping

1.2 command

1.3 raw

1.4 shell

1.5 script

1.6 copy

1.7 template

1.8 yum


11.0.1.13

主控端(ansible)
11.0.1.12

被控端(k8s-master)

 

一、ansible常用模块

查看主控端被控端IP,主控端(10.1.1.13)查看ansible配置文件的被控端,已经做好ssh连接。

[root@ansible ~]# ip a | grep 11.0.1            #主控端
    inet 11.0.1.13/24 brd 11.0.1.255 scope global noprefixroute ens33
[root@k8s-master ~]# ip a| grep 11.0.1.         #被控端
    inet 11.0.1.12/24 brd 11.0.1.255 scope global noprefixroute ens33

[root@ansible ~]# cat /etc/ansible/hosts | grep -Ev '^$|#'
[test]
11.0.1.12

[root@k8s-master ~]# cat /root/.ssh/authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDecpeG4vJSLMos4kyPRLKB6jRQPQZxxCj/UGUlub0nEoa7dExT5l/Jwe9ePCDmcDmD49EiUsefeixDOz/XSZIfn1+Iq/FZBS7sF21utdzX7zLU45qDurLMys44SZyckfs45PvXpjzaBqZc+WincHwKGu4EJo9eVbr9xUJUjUWre/AdLHn00XMncPHr1rFp/G6i7o6iavabFgdxCtzrqNz4xa7gOnRJpsTCHTdlCjUiPVBRMt1wEklQPMOUuJn0BIiaq8O3EI7sG/9pXgiI/l49tH77piBcZqND20uFsxHUT+55yt81cT3G6Mu+Q6BIW7RkWyFvERwrcDVWjZQ8obBD root@ansible

ansible -m module_name 没有选定则默认使用command模块

ansible -a ‘module_args’ 理解为当前指定模块所需的参数,默认模块为command,command默认参数就是一条linux命令。

1.1 ping

ping模块用于检查指定节点机器是否连通,用法很简单,不涉及参数,主机如果在线,则回复pong

[root@ansible ~]# ansible test -m ping
11.0.1.12 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}

1.2 command

command模块用于在上执行命令,ansible默认就是使用command模块。command模块有一个缺陷就是不能使用管道符和重定向功能

[root@ansible ~]# ansible 11.0.1.12 -a 'ls /root/.ssh'
11.0.1.12 | CHANGED | rc=0 >>
authorized_keys

#ls当前目录为空
[root@ansible ~]# ansible 11.0.1.12 -a 'ls /tmp'
11.0.1.12 | CHANGED | rc=0 >>
ansible_command_payload_jXbMsq

#创建test文件
[root@ansible ~]# ansible 11.0.1.12 -a 'touch /tmp/test'
[WARNING]: Consider using the file module with state=touch rather than running 'touch'.  If you need to use command
because file is insufficient you can add 'warn: false' to this command task or set 'command_warnings=False' in
ansible.cfg to get rid of this message.
11.0.1.12 | CHANGED | rc=0 >>

#查看是否创建成功
[root@ansible ~]# ansible 11.0.1.12 -a 'ls /tmp'
11.0.1.12 | CHANGED | rc=0 >>
ansible_command_payload_G9vt0o
test
#重定向虽然显示成功,但实际并没有写入
[root@ansible ~]# ansible 11.0.1.12 -a "echo 'hello world' > /tmp/test"
11.0.1.12 | CHANGED | rc=0 >>
hello world > /tmp/test
[root@ansible ~]# ansible 11.0.1.12 -a 'cat /tmp/test'
11.0.1.12 | CHANGED | rc=0 >>

#管道命令无法使用
[root@ansible ~]# ansible 11.0.1.12 -a 'ps -ef | grep network'
11.0.1.12 | FAILED | rc=1 >>
error: garbage option

Usage:
 ps [options]

 Try 'ps --help '
  or 'ps --help '
 for additional help text.

For more details see ps(1).non-zero return code

1.3 raw

raw模块用于在远程主机上执行命令,其支持管道符与重定向。

[root@ansible ~]# ansible 11.0.1.12 -m raw -a "echo 'hello world' > /tmp/test"
11.0.1.12 | CHANGED | rc=0 >>
Shared connection to 11.0.1.12 closed.

[root@ansible ~]# ansible 11.0.1.12 -a 'cat /tmp/test'
11.0.1.12 | CHANGED | rc=0 >>
hello world

#支持管道和重定向命令
[root@ansible ~]# ansible 11.0.1.12 -m raw -a 'ps -ef | grep network'
11.0.1.12 | CHANGED | rc=0 >>
root       1730      1  4 10:17 ?        00:03:01 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/config.yaml --cgroup-driver=systemd --network-plugin=cni --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.2 --cgroup-driver=systemd
root      31023  31021  0 11:26 pts/1    00:00:00 bash -c ps -ef | grep network
root      31035  31023  0 11:26 pts/1    00:00:00 grep network
Shared connection to 11.0.1.12 closed.

1.4 shell

shell模块用于在被控端上执行被控端上的脚本,亦可直接在被控端端上执行命令。shell模块亦支持管道与重定向。

使用raw写入被控端/tmp/shell.sh

[root@ansible ~]# ansible 11.0.1.12 -m raw -a "echo 'echo shell_module' > /tmp/shell.sh"
11.0.1.12 | CHANGED | rc=0 >>
Shared connection to 11.0.1.12 closed.

[root@ansible ~]# ansible 11.0.1.12 -m raw -a 'cat /tmp/shell.sh'
11.0.1.12 | CHANGED | rc=0 >>
echo shell_module
Shared connection to 11.0.1.12 closed.

#成功执行sh文件
[root@ansible ~]# ansible 11.0.1.12 -m shell -a 'sh /tmp/shell.sh'
11.0.1.12 | CHANGED | rc=0 >>
shell_module

1.5 script

script模块用于在被控端

上执行主控机上的脚本

[root@ansible ~]# echo "echo master-node" > /tmp/script.sh
[root@ansible ~]# cat /tmp/script.sh 
echo master-node

执行主控机脚本script.sh,成功打印“master-node”。

[root@ansible ~]# ansible 11.0.1.12 -m script -a "/tmp/script.sh"
11.0.1.12 | CHANGED => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 11.0.1.12 closed.\r\n", 
    "stderr_lines": [
        "Shared connection to 11.0.1.12 closed."
    ], 
    "stdout": "master-node\r\n", 
    "stdout_lines": [
        "master-node"
    ]
}

执行主控机脚本并将执行结果写入被控端/tmp/script-tmp文件

[root@ansible ~]# ansible 11.0.1.12 -m script -a "/tmp/script.sh &> /tmp/script-tmp"
11.0.1.12 | CHANGED => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 11.0.1.12 closed.\r\n", 
    "stderr_lines": [
        "Shared connection to 11.0.1.12 closed."
    ], 
    "stdout": "", 
    "stdout_lines": []
}

#查看输出是否成功
[root@ansible ~]# ansible 11.0.1.12 -m shell -a "cat /tmp/script-tmp"
11.0.1.12 | CHANGED | rc=0 >>
master-node
[root@ansible ~]# 

1.6 copy

copy模块用于复制文件至远程被控端,dest是被控端路径,必须是绝对路径

[root@ansible ~]# touch /tmp/copy
[root@ansible ~]# ansible 11.0.1.12 -m copy -a 'src=/tmp/copy dest=/tmp/copy-bak' 
11.0.1.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", 
    "dest": "/tmp/copy-bak", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "d41d8cd98f00b204e9800998ecf8427e", 
    "mode": "0644", 
    "owner": "root", 
    "size": 0, 
    "src": "/root/.ansible/tmp/ansible-tmp-1692430003.5-3588-37280436501987/source", 
    "state": "file", 
    "uid": 0
}

[root@ansible ~]# ansible 11.0.1.12 -m shell -a 'ls /tmp/ | grep copy' 
11.0.1.12 | CHANGED | rc=0 >>
copy-bak

1.7 template

template其实和copy类似复制文件。

src是控制端目录,可以是相对路径也可以是绝对路径,dest是被控端路径,必须是绝对路径

template模块与copy模块作用相同都是用于copy文件的,区别在于copy模块copy的src源文件都是静态文件,不存在变量;当年我们需要copy的文件中出现变量,我们就要用到template模块;并且src文件是以".j2"结尾的模板文件,当然普通文件也可以通过template实现复制,简单来说,template会比copy跟高级。

[root@ansible ~]# touch /tmp/template

[root@ansible ~]# ansible 11.0.1.12 -m template -a 'src=/tmp/template dest=/tmp/template-bak' 
11.0.1.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", 
    "dest": "/tmp/template-bak", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "d41d8cd98f00b204e9800998ecf8427e", 
    "mode": "0644", 
    "owner": "root", 
    "size": 0, 
    "src": "/root/.ansible/tmp/ansible-tmp-1692430426.38-3724-205690846918337/source", 
    "state": "file", 
    "uid": 0
}

[root@ansible ~]# ansible 11.0.1.12 -m shell -a 'ls /tmp/ | grep template' 
11.0.1.12 | CHANGED | rc=0 >>
template-bak

1.8 yum

使用yum模块需要保证被控端有合适的yum源,yum模块用于在指定节点机器上通过yum管理软件,其支持的参数主要有两个。

  • name:要管理的包名
  • state:要进行的操作

state常用的值:

  • latest:安装软件
  • installed:安装软件
  • present:安装软件
  • removed:卸载软件
  • absent:卸载软件

被控端安装ftp服务

[root@k8s-master ~]# rpm -qa | grep ftp
[root@k8s-master ~]# 

[root@ansible ~]# ansible 11.0.1.12 -m yum -a 'name=ftp state=present' 
11.0.1.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "changes": {
        "installed": [
            "ftp"
        ]
    }, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirrors.aliyun.com\n * extras: mirrors.aliyun.com\n * updates: mirrors.ustc.edu.cn\nResolving Dependencies\n--> Running transaction check\n---> Package ftp.x86_64 0:0.17-67.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package        Arch              Version                 Repository       Size\n================================================================================\nInstalling:\n ftp            x86_64            0.17-67.el7             base             61 k\n\nTransaction Summary\n================================================================================\nInstall  1 Package\n\nTotal download size: 61 k\nInstalled size: 96 k\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n  Installing : ftp-0.17-67.el7.x86_64                                       1/1 \n  Verifying  : ftp-0.17-67.el7.x86_64                                       1/1 \n\nInstalled:\n  ftp.x86_64 0:0.17-67.el7                                                      \n\nComplete!\n"
    ]
}

[root@k8s-master ~]# rpm -qa | grep ftp
ftp-0.17-67.el7.x86_64

被控端卸载ftp服务

[root@ansible ~]# ansible 11.0.1.12 -m yum -a 'name=ftp state=removed' 
11.0.1.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "changes": {
        "removed": [
            "ftp"
        ]
    }, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "Loaded plugins: fastestmirror\nResolving Dependencies\n--> Running transaction check\n---> Package ftp.x86_64 0:0.17-67.el7 will be erased\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package        Arch              Version                Repository        Size\n================================================================================\nRemoving:\n ftp            x86_64            0.17-67.el7            @base             96 k\n\nTransaction Summary\n================================================================================\nRemove  1 Package\n\nInstalled size: 96 k\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n  Erasing    : ftp-0.17-67.el7.x86_64                                       1/1 \n  Verifying  : ftp-0.17-67.el7.x86_64                                       1/1 \n\nRemoved:\n  ftp.x86_64 0:0.17-67.el7                                                      \n\nComplete!\n"
    ]
}

[root@k8s-master ~]# rpm -qa | grep ftp
[root@k8s-master ~]#

参考文档:

https://www.cnblogs.com/Their-own/archive/2022/10/24/16820142.html

ansible的copy模块四种拷贝情况_如何查看ansible copy失效原因_-光光-的博客-CSDN博客

你可能感兴趣的:(ansible,ansible,自动化运维)