Ansible学习笔记5

copy模块：（重点）

copy模块用于对文件的远程拷贝（如把本地的文件拷贝到远程主机上。）

在master的主机上准备一个文件，拷贝文件到group1的所有主机上。

这个用的频率非常高，非常有用的一个模块。主要功能是统一修改配置文件。

[root@localhost ~]# ansible group1 -m copy -a "src=/etc/hosts dest=/etc/hosts"
192.168.17.105 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "checksum": "ae3c3e4f757591751a520e8a4bba45490e6c3164",
    "dest": "/etc/hosts",
    "gid": 0,
    "group": "root",
    "md5sum": "96e65e8b17fb861014e3ebfb1bff65b3",
    "mode": "0644",
    "owner": "root",
    "size": 226,
    "src": "/root/.ansible/tmp/ansible-tmp-1693368934.83-2354-136222982931833/source",
    "state": "file",
    "uid": 0
}
192.168.17.106 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "checksum": "ae3c3e4f757591751a520e8a4bba45490e6c3164",
    "dest": "/etc/hosts",
    "gid": 0,
    "group": "root",
    "md5sum": "96e65e8b17fb861014e3ebfb1bff65b3",
    "mode": "0644",
    "owner": "root",
    "size": 226,
    "src": "/root/.ansible/tmp/ansible-tmp-1693368934.83-2356-71888655051337/source",
    "state": "file",
    "uid": 0
}

然后到agent1和agent2的机器上检查/etc/hosts文件内容都进行了覆盖更新。

域名跟主机名的区别：（域名是外网的，，主机名是内网的。）

域名是公网的唯一名字，主机名是内网的名字。

目前自建DNS做域名解析已经很少了，但可以通过DNS解析主机名来实现多台服务器的解析。

以后，我们就可以使用ansible的copy和hostname模块，轻松实现了服务器的主机名管理，DNS也不需要搭建了。

[root@localhost ~]# ansible group1 -m copy -a "src=/etc/fstab dest=/tmp/222"
192.168.17.106 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "checksum": "e4d20d971638d2d2169c6818bfea2b7d064d284e",
    "dest": "/tmp/222",
    "gid": 0,
    "group": "root",
    "md5sum": "9048d752264ab2533e2cb774c7ddef4a",
    "mode": "0644",
    "owner": "root",
    "size": 465,
    "src": "/root/.ansible/tmp/ansible-tmp-1693369734.13-2410-126910575557982/source",
    "state": "file",
    "uid": 0
}
192.168.17.105 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "checksum": "e4d20d971638d2d2169c6818bfea2b7d064d284e",
    "dest": "/tmp/222",
    "gid": 0,
    "group": "root",
    "md5sum": "9048d752264ab2533e2cb774c7ddef4a",
    "mode": "0644",
    "owner": "root",
    "size": 465,
    "src": "/root/.ansible/tmp/ansible-tmp-1693369734.13-2408-266313468027161/source",
    "state": "file",
    "uid": 0
}

这里面有个diff比较的机制在里面。这个要注意下的。

如何判断一个文件有没有变化：可以使用md5sum来进行判断，如果文件内容没有发生变化，那么它的值是不会发生变化的。

force=no：

[root@localhost tmp]# ansible group1 -m copy -a "src=/etc/inittab dest=/tmp/222 force=no"
192.168.17.105 | SUCCESS => {
    "changed": false,
    "dest": "/tmp/222",
    "src": "/etc/inittab"
}
192.168.17.106 | SUCCESS => {
    "changed": false,
    "dest": "/tmp/222",
    "src": "/etc/inittab"
}

说明：如果/tmp/222存在，则不覆盖。这个就是force=no的作用。

force参数控制是否强制覆盖。force=yes：如果目标文件已存在，则会强制覆盖。

使用backup参数控制是否备份文件：

backup=yes：表示如果拷贝的文件内容与原文件内容不一样，则会备份一份。

[root@localhost tmp]# ansible group1 -m copy -a "src=/etc/inittab dest=/tmp/222 backup=yes"
192.168.17.106 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "backup_file": "/tmp/222.3124.2023-08-30@12:47:58~",
    "changed": true,
    "checksum": "e285e50c4dd88d8a2f644dd1750f60400ca60f94",
    "dest": "/tmp/222",
    "gid": 0,
    "group": "root",
    "md5sum": "66a88d6c4d693170753ea3382f8bc150",
    "mode": "0644",
    "owner": "root",
    "size": 511,
    "src": "/root/.ansible/tmp/ansible-tmp-1693370880.02-2606-93307506651983/source",
    "state": "file",
    "uid": 0
}
192.168.17.105 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "backup_file": "/tmp/222.3003.2023-08-30@12:47:58~",
    "changed": true,
    "checksum": "e285e50c4dd88d8a2f644dd1750f60400ca60f94",
    "dest": "/tmp/222",
    "gid": 0,
    "group": "root",
    "md5sum": "66a88d6c4d693170753ea3382f8bc150",
    "mode": "0644",
    "owner": "root",
    "size": 511,
    "src": "/root/.ansible/tmp/ansible-tmp-1693370879.99-2604-281117331564526/source",
    "state": "file",
    "uid": 0
}

在agent1机器上，如果内容不一直，先做一份备份。这个场景也是挺重要的。

如果怕出问题，可以做一个相应的备份。

copy模块需要注意拷贝目录后面是否带有"/"符号。拷贝的时候也可以修改属性。

练习：在master主机上配置好所有的yum源，然后拷贝所有的group1的远程主机上。（要求目录内的内容完全一致。）

[root@localhost tmp]# ansible group1 -m file -a "path=/etc/yum.repos.d/ state=absent"
192.168.17.106 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "path": "/etc/yum.repos.d/",
    "state": "absent"
}
192.168.17.105 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "path": "/etc/yum.repos.d/",
    "state": "absent"
}
[root@localhost tmp]# ansible group1 -m copy -a "src=/etc/yum.repos.d dest=/etc/"
192.168.17.105 | CHANGED => {
    "changed": true,
    "dest": "/etc/",
    "src": "/etc/yum.repos.d"
}
192.168.17.106 | CHANGED => {
    "changed": true,
    "dest": "/etc/",
    "src": "/etc/yum.repos.d"
}

源是目录，是拷贝目录，有个小细节，就是最后要加"/"。rsync加/和不加/是有区别的。

[root@localhost tmp]# ansible group1 -m copy -a "src=/etc/yum.repos.d/ dest=/etc/yum.repos.d/"
192.168.17.105 | SUCCESS => {
    "changed": false,
    "dest": "/etc/yum.repos.d/",
    "src": "/etc/yum.repos.d/"
}
192.168.17.106 | SUCCESS => {
    "changed": false,
    "dest": "/etc/yum.repos.d/",
    "src": "/etc/yum.repos.d/"
}

实现两个文件夹的内容完全一致，那可以先把这个文件整个进行删除，然后再进行copy。这个思路。