ansible
安装6台虚拟机2G内存20G硬盘
1 ansible 192.168.6.10 管理机器
2 web1 192.168.6.11 托管机器
3 web2 192.168.6.12 托管机器
4 db1 192.168.6.21 托管机器
5 db2 192.168.6.22 托管机器
6 cache 192.168.6.33 托管机器
ansible:主机上配置 ip 与主机名对应关系 /etc/hosts
cd /etc/libvirt/qemu/
sed 's/demo/nodeX/' demo.xml > /etc/libvirt/qemu/nodeX.xml
ls node{9..15}.xml
cd /var/lib/libvirt/images
qemu-img create -b node.qcow2 -f qcow2 nodeX.img 20G
ls node{9..15}.img
vim /etc/libvirt/qemu/nodeX.xml
virsh define /etc/libvirt/qemu/nodeX.xml
virsh start nodex
virsh
vim /etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by dracut initrd
DEVICE=eth0
ONBOOT=yes
IPV6INIT=no
BOOTPROTO=static
IPADDR=192.168.6.X
PREFIX=24
TYPE=Ethernet
halt -p
ifconfig
lsblk
hostnamectl set-hostname hostname
vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.6.10 ansible
192.168.6.11 web1
192.168.6.12 web2
192.168.6.21 db1
192.168.6.22 db2
192.168.6.33 cache
[root@ansible ~]# ssh-keygen
[root@ansible ~]# ssh-copy-id web1
[root@ansible ~]# ssh-copy-id web2
[root@ansible ~]# ssh-copy-id db1
[root@ansible ~]# ssh-copy-id db2
[root@ansible ~]# ssh-copy-id cache
测试:
[root@ansible ~]# ssh web1
[root@ansible ~]# ssh web2
[root@ansible ~]# ssh db1
[root@ansible ~]# ssh db2
[root@ansible ~]# ssh cache
[root@web1 ~]#
为什么要选择ansible
选择一款配置管理软件总的来说,无外乎从以下几点来权衡利弊
活跃度(社区活跃度)
学习成本
使用成本
编码语言
性能
使用是否广泛
ansible优点
是仅需要ssh和Python即可使用
无客户端
ansible功能强大,模块丰富
上手容易门槛低
基于python开发,做二次开发更容易
使用公司比较多,社区活跃
ansible特性
模块化设计,调用特定的模块来完成特定任务
ansible安装
[root@rootroom9pc01 public]# mv '/root/桌面/软件包及课间/李老师/ARCHITECTURE/architecture 01/ansible/ansible 1/ansible_soft.tar.xz' ./
[root@rootroom9pc01 public]# ls
ansible_soft.tar.xz
[root@rootroom9pc01 public]# pwd
/var/ftp/public
[root@rootroom9pc01 public]#
[root@rootroom9pc01 public]# ls
ansible_soft
[root@rootroom9pc01 public]# cd ansible_soft/
[root@rootroom9pc01 ansible_soft]# ls
ansible-2.4.2.0-2.el7.noarch.rpm python-paramiko-2.1.1-4.el7.noarch.rpm
python2-jmespath-0.9.0-3.el7.noarch.rpm python-passlib-1.6.5-2.el7.noarch.rpm
python-httplib2-0.9.2-1.el7.noarch.rpm sshpass-1.06-2.el7.x86_64.rpm
[root@rootroom9pc01 ansible_soft]# createrepo .
Spawning worker 0 with 2 pkgs
Spawning worker 1 with 2 pkgs
Spawning worker 2 with 1 pkgs
Spawning worker 3 with 1 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
[root@rootroom9pc01 ansible_soft]# ls
ansible-2.4.2.0-2.el7.noarch.rpm python-passlib-1.6.5-2.el7.noarch.rpm
python2-jmespath-0.9.0-3.el7.noarch.rpm repodata
python-httplib2-0.9.2-1.el7.noarch.rpm sshpass-1.06-2.el7.x86_64.rpm
python-paramiko-2.1.1-4.el7.noarch.rpm
[root@ansible yum.repos.d]# vim local.repo
[local_public]
name=CentOS public
baseurl=ftp://192.168.6.254/public/ansible_soft
enabled=1
gpgcheck=0
[root@ansible yum.repos.d]# cd
[root@ansible ~]# yum -y install ansible
[root@ansible ~]# ansible --version
ansible 2.4.2.0
主机定义与分组
[root@ansible ~]# vim /etc/ansible/hosts
[web]
web1
web2
[db]
db1
db2
[other]
192.168.6.33
[root@ansible ~]# ansible web --list-hosts
hosts (2):
web1
web2
[root@ansible ~]# ansible db --list-hosts
hosts (2):
db1
db2
[root@ansible ~]# ansible other --list-hosts
hosts (1):
192.168.6.33
[root@ansible ~]# ansible web -m ping
web1 | SUCCESS => {
"changed": false,
"ping": "pong"
}
web2 | SUCCESS => {
"changed": false,
"ping": "pong"
}
inventory 参数
[root@cache ~]# rm -rf /root/.ssh/authorized_keys
[root@ansible ~]# ansible other -m ping
192.168.6.33 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n",
"unreachable": true
}
[root@ansible ~]# vim /etc/ansible/hosts
[other]
192.168.6.33 ansible_ssh_user="root" ansible_ssh_pass="123456"
[root@ansible ~]# ansible other -m ping
192.168.6.33 | SUCCESS => {
"changed": false,
"ping": "pong"
}
分组配置
[root@ansible ~]# ansible web -m ping
web2 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n",
"unreachable": true
}
web1 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n",
"unreachable": true
}
[root@web1 ~]# rm -rf /root/.ssh/authorized_keys
[root@web2 ~]# rm -rf /root/.ssh/authorized_keys
[root@ansible ~]# vim /etc/ansible/hosts
[web]
web1
web2
[web:vars]
ansible_ssh_user="root"
ansible_ssh_pass="123456"
[root@ansible ~]# ansible web -m ping
web1 | SUCCESS => {
"changed": false,
"ping": "pong"
}
web2 | SUCCESS => {
"changed": false,
"ping": "pong"
}
缓存
[root@ansible ~]# rm -rf /root/.ansible/cp/
子组定义
[root@ansible ~]# vim /etc/ansible/hosts
[app:children]
web
db
[root@ansible ~]# ansible app --list-hosts
hosts (4):
web1
web2
db1
db2
自定义分组文件
复制默认的配置
[root@ansible ~]# vim /etc/ansible/ansible.cfg
[defaults]
# some basic default values...
#inventory = /etc/ansible/hosts
[root@ansible ~]# cd /var
[root@ansible var]# mkdir ooxx
[root@ansible var]# cd ooxx/
[root@ansible ooxx]# touch ansible.cfg
[root@ansible ooxx]# ls
ansible.cfg
[root@ansible ooxx]# vim /etc/ansible/ansible.cfg
[root@ansible ooxx]# vim ansible.cfg
[root@ansible ooxx]# touch myhosts
[root@ansible ooxx]# vim myhosts
[root@ansible ooxx]# ansible app --list-hosts
hosts (5):
web1
db1
web2
db2
cache
[root@ansible ooxx]# ls
ansible.cfg myhosts
[root@ansible ooxx]# cat ansible.cfg
[defaults]
# some basic default values...
inventory = myhosts
[root@ansible ooxx]# cat myhosts
[app1]
web1
db1
[app2]
web2
db2
cache
[app:children]
app1
app2
[root@ansible ooxx]# vim /etc/ansible/ansible.cfg
[defaults]
# some basic default values...
#inventory = /etc/ansible/hosts
动态主机
无限可能
Ansible Inventory实际上是包含静态Inventory和动态Inventory两部分,
静态Inventory指的是在文件/etc/ansible/hosts中指定的主机和组,Dynamic
Inventory指通过外部脚本获取主机列表,并按照ansible所要求的格式
返回给ansible命令的。
[root@ansible /]# cd /var/ooxx/
[root@ansible ooxx]# vim aaa
#!/bin/bash
echo '
{
"web" : ["web1","web2"],
"db" : ["db1","db2"],
"other" : ["cache"]
}'
[root@ansible ooxx]# ls
aaa ansible.cfg myhosts
[root@ansible ooxx]# cat ansible.cfg
[defaults]
# some basic default values...
#inventory = myhosts
inventory = aaa
ansible命令基础
• ansible
– host-pattern 主机戒定义的分组
– -M 指定模块路径
– -m 使用模块,默认 command 模块
– -a or --args 模块参数
– -i inventory 文件路径,戒可执行脚本
– -k 使用交亏式登彔密码
– -e 定义变量
– -v 详绅信息,-vvvv 开吭 debug 模式
[root@ansible ooxx]# cd /etc/ansible/
[root@ansible ansible]# ansible all -m command -a 'uptime' -k
SSH password:
web1 | SUCCESS | rc=0 >>
22:34:05 up 4:56, 2 users, load average: 0.00, 0.01, 0.02
db2 | SUCCESS | rc=0 >>
22:34:05 up 4:50, 2 users, load average: 0.00, 0.01, 0.04
192.168.6.33 | SUCCESS | rc=0 >>
22:34:05 up 4:48, 2 users, load average: 0.00, 0.01, 0.03
db1 | SUCCESS | rc=0 >>
22:34:06 up 4:52, 2 users, load average: 0.00, 0.01, 0.03
web2 | SUCCESS | rc=0 >>
22:34:05 up 4:54, 2 users, load average: 0.00, 0.01, 0.04
批量部署证书文件
• 每次交亏输入密码比较麻烦
• 密码写入配置文件安全性很差
• 丌同主机丌同密码,配置文件要上天
• 使用 key 方式认证,是一个丌错的选择
• 给所有主机部署公钥
[root@ansible .ssh]# pwd
/root/.ssh
[root@ansible .ssh]# ls
id_rsa id_rsa.pub known_hosts
[root@ansible .ssh]# ansible all -m authorized_key -a "user=root exclusive=true manage_dir=true key='$(< /root/.ssh/id_rsa.pub)'" -k
动态主机
无限可能
Ansible Inventory实际上是包含静态Inventory和动态Inventory两部分,
静态Inventory指的是在文件/etc/ansible/hosts中指定的主机和组,Dynamic
Inventory指通过外部脚本获取主机列表,并按照ansible所要求的格式
返回给ansible命令的。
[root@ansible /]# cd /var/ooxx/
[root@ansible ooxx]# vim aaa
#!/bin/bash
echo '
{
"web" : ["web1","web2"],
"db" : ["db1","db2"],
"other" : ["cache"]
}'
[root@ansible ooxx]# ls
aaa ansible.cfg myhosts
[root@ansible ooxx]# cat ansible.cfg
[defaults]
# some basic default values...
#inventory = myhosts
inventory = aaa
ansible命令基础
• ansible
– host-pattern 主机戒定义的分组
– -M 指定模块路径
– -m 使用模块,默认 command 模块
– -a or --args 模块参数
– -i inventory 文件路径,戒可执行脚本
– -k 使用交亏式登彔密码
– -e 定义变量
– -v 详绅信息,-vvvv 开吭 debug 模式
[root@ansible ooxx]# cd /etc/ansible/
[root@ansible ansible]# ansible all -m command -a 'uptime' -k
SSH password:
web1 | SUCCESS | rc=0 >>
22:34:05 up 4:56, 2 users, load average: 0.00, 0.01, 0.02
db2 | SUCCESS | rc=0 >>
22:34:05 up 4:50, 2 users, load average: 0.00, 0.01, 0.04
192.168.6.33 | SUCCESS | rc=0 >>
22:34:05 up 4:48, 2 users, load average: 0.00, 0.01, 0.03
db1 | SUCCESS | rc=0 >>
22:34:06 up 4:52, 2 users, load average: 0.00, 0.01, 0.03
web2 | SUCCESS | rc=0 >>
22:34:05 up 4:54, 2 users, load average: 0.00, 0.01, 0.04
批量部署证书文件
• 每次交亏输入密码比较麻烦
• 密码写入配置文件安全性很差
• 丌同主机丌同密码,配置文件要上天
• 使用 key 方式认证,是一个丌错的选择
• 给所有主机部署公钥
[root@ansible .ssh]# pwd
/root/.ssh
[root@ansible .ssh]# ls
id_rsa id_rsa.pub known_hosts
[root@ansible .ssh]# ansible all -m authorized_key -a "user=root exclusive=true manage_dir=true key='$(< /root/.ssh/id_rsa.pub)'" -k
[root@ansible ansible]# vim ansible.cfg
[root@ansible ansible]# pwd
/etc/ansible
#host_key_checking = False
[root@ansible ooxx]# vim ansible.cfg
[root@ansible ooxx]# pwd
/var/ooxx
[defaults]
# some basic default values...
#inventory = myhosts
inventory = aaa
host_key_checking = False
[root@ansible .ssh]# rm -rf id_rsa.pub
[root@ansible ~]# ssh-keygen
[root@ansible .ssh]# cd /var/ooxx/
[root@ansible ooxx]# ansible all -m authorized_key -a "user=root exclusive=true manage_dir=true key='$(< /root/.ssh/id_rsa.pub)'" -k
-bash: /root/.ssh/id_rsa.pub: 没有那个文件或目录
SSH password:
模块
ansible-doc
模块的手册,相当于shell的man
ansible-doc -l 列出所有模块
ansible-doc modulename 查看帮助
ping模块
测试网络连通性,ping模块没有参数
注:测试ssh的连通性
ansible host-pattern -m ping
ansible-doc -l | grep shell
[root@ansible ~]# ansible-doc shell
[root@ansible ~]# ansible web -m ping
web2 | SUCCESS => {
"changed": false,
"ping": "pong"
}
web1 | SUCCESS => {
"changed": false,
"ping": "pong"
command模块
默认模块,远程执行命令
用法
[root@ansible ~]# ansible other -m command -a 'uptime >/tmp/a.log'
[root@ansible ~]# pstree -p
├─sshd(677)───sshd(820)───bash(822)───pstree(4726) //与bash相关的操作会失败,比如重定项 ps -ef | grep ssh & metacharacter
A character that, when unquoted, separates words. One of the following:
| & ; ( ) < > space tab 只在ssh进程中执行
[root@ansible ~]# man bash
[root@ansible ~]# /bin/ls //ansible可执行硬盘上有的可执行文件
anaconda-ks.cfg ifcfg-eth0 RPM-GPG-KEY-CentOS-7
模块
shell | raw 模块
shell模块用法基本和command一样,区别是shell模块通过/bin/sh进行执行命令,可以执行任意命令
raw模块,用法和shell 模块一样 ,可以执行任意命令
– 区别是 raw 没有chdir、creates、removes参数
ansible cache -m command -a 'chdir=/tmp touch f1'
ansible cache -m raw -a 'chdir=/tmp touch f2'
ansible cache -m shell -a 'chdir=/tmp touch f1'
//ansible:主机上配置ip与主机名对应关系 /etc/hosts
免密码登录:管理主机可以登录其他托管主机,无需密码
使用ansible 在 db1 db2 主机上批量创建用户zhang3
257 ansible db1 -m shell -a 'useradd zhang3'
258 ansible db2 -m shell -a 'useradd zhang3'
259 ansible db1 -m shell -a 'echo 123456 | passwd --stdin zhang3'
260 ansible db2 -m shell -a 'echo 123456 | passwd --stdin zhang3'
[root@ansible ~]# ansible db -m shell -a 'chage -d 0 zhang3'
script模块
给 app1分组添加用户li4
系统里没有zhang3用户就添加,如果zhang3存在就不添加
修改li4的默认密码123456
[root@ansible ooxx]# vim u.sh
#/bin/bash
id zhang3
if [ $? != 0 ];then
useradd li4
echo 123456 | passwd –stdin li4
fi
[root@ansible ooxx]# ansible db -m script -a './u.sh'
[root@ansible ooxx]# ssh db1
Last login: Fri Jul 27 00:27:56 2018 from 192.168.6.10
[root@db1 ~]# id li4
id: li4: no such user
[root@db1 ~]# id zhang3
uid=1000(zhang3) gid=1000(zhang3) 组=1000(zhang3)
[root@db1 ~]# exit
登出
Connection to db1 closed.
[root@ansible ooxx]# ssh db2
Last login: Fri Jul 27 00:27:55 2018 from 192.168.6.10
[root@db2 ~]# id zhang3
uid=1000(zhang3) gid=1000(zhang3) 组=1000(zhang3)
[root@db2 ~]# id li4
id: li4: no such user
[root@db2 ~]#
//与执行的目录有关
[root@ansible ooxx]# pwd
/var/ooxx
[root@ansible ooxx]# ls
aaa ansible.cfg myhosts u.sh
[root@ansible ooxx]#
[root@ansible ooxx]# cat aaa
#!/bin/bash
echo '
{
"web" : ["web1","web2"],
"db" : ["db1","db2"],
"other" : ["cache"]
}'
[root@ansible ooxx]# cat myhosts
[app1]
web1
db1
[app2]
web2
db2
cache
[app:children]
app1
app2
[root@ansible ooxx]# ls
aaa ansible.cfg myhosts u.sh
[root@ansible ooxx]# cat ansible.cfg
[defaults]
# some basic default values...
#inventory = myhosts
inventory = aaa //加载的路径
host_key_checking = False
copy 模块
– 复制文件到进程主机
– src:要复制到进程主机的文件在本地的地址,可以是
绝对路径,也可以是相对路径。如果路径是一个目彔,
它将递归复制。在这种情况下,如果路径使用"/"来结
尾,则只复制目彔里的内容,如果没有使用"/"来结尾,
则包含目彔在内的整个内容全部复制,类似亍rsync
– dest:必选项。进程主机的绝对路径,如果源文件是
一个目彔,那么该路径也必须是个目彔
[root@ansible ooxx]# cat /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
nameserver 192.168.6.254
search localdomain
[root@ansible ooxx]# cp /etc/resolv.conf ./dns.conf
[root@ansible ooxx]# ls
aaa ansible.cfg dns.conf myhosts u.sh
[root@ansible ooxx]# vim dns.conf
; generated by /usr/sbin/dhclient-script
nameserver 192.168.4.254
search localdomain
[root@ansible ooxx]# cat aaa
#!/bin/bash
echo '
{
"web" : ["web1","web2"],
"db" : ["db1","db2"],
"other" : ["cache"]
}'
[root@ansible ooxx]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.6.10 ansible
192.168.6.11 web1
192.168.6.12 web2
192.168.6.21 db1
192.168.6.22 db2
192.168.6.33 cache
[root@ansible ooxx]# ansible web -m copy -a 'src=./dns.conf dest=/etc/resolv.conf'
[root@ansible ooxx]# ansible web -m shell -a 'cat /etc/resolv.conf'
web2 | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 192.168.4.254
search localdomain
web1 | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 192.168.4.254
search localdomain
//copy只合适同步配置文件
lineinfile|replace 模块
类似sed的一种编辑替换模块
path目的文件
regexp正则表达式
line替换后的结果
[root@ansible ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by dracut initrd
DEVICE=eth0
ONBOOT=yes
IPV6INIT=no
BOOTPROTO=static
IPADDR=192.168.6.10
PREFIX=24
TYPE=Ethernet
//ONBOOT=yes-->no
[root@ansible ~]# ansible web -m shell -a 'grep ONBOOT /etc/sysconfig/network-scripts/ifcfg-eth0'
web1 | SUCCESS | rc=0 >>
ONBOOT=yes
web2 | SUCCESS | rc=0 >>
ONBOOT=yes
[root@ansible ~]# ansible web -m lineinfile -a 'path=/etc/sysconfig/network-scripts/ifcfg-eth0 regexp="^ONBOOT" line="ONBOOT=\"no\""'
web1 | SUCCESS => {
"backup": "",
"changed": true,
"msg": "line replaced"
}
web2 | SUCCESS => {
"backup": "",
"changed": true,
"msg": "line replaced"
[root@ansible ~]# ansible web -m shell -a 'grep ONBOOT /etc/sysconfig/network-scripts/ifcfg-eth0'
web1 | SUCCESS | rc=0 >>
ONBOOT="no"
web2 | SUCCESS | rc=0 >>
ONBOOT="no"
linefile 是删除整行后再重写这一行
replace 是只替换这一行匹配的字段
[root@ansible ~]# ansible web -m replace -a 'path=/etc/sysconfig/network-scripts/ifcfg-eth0 regexp="^(ONBOOT=).*" replace="\1\"yes\""'
web2 | SUCCESS => {
"changed": true,
"msg": "1 replacements made"
}
web1 | SUCCESS => {
"changed": true,
"msg": "1 replacements made"
}
[root@ansible ~]# ansible web -m shell -a 'grep ONBOOT /etc/sysconfig/network-scripts/ifcfg-eth0'
web2 | SUCCESS | rc=0 >>
ONBOOT="yes"
web1 | SUCCESS | rc=0 >>
ONBOOT="yes"
yum模块
使用yum包管理器来管理软件包
config_file:yum的配置文件
disable_gpg_check:关闭gpg_check
disablerepo:不启用某个源
(Choices: present, installed, latest, absent, removed)[Default: present]
Whether to install (`present' or `installed', `latest'), or remove (`absent' or
`removed') a package.
(Choices: present, , latest, absent, removed)[Default: present]
[root@ansible ~]# ansible web -m yum -a 'name=lftp state=removed'
[root@ansible ~]# ansible web -m yum -a 'name=lftp,lrzsz state=removed'
web1 | SUCCESS => {
"changed": false,
"msg": "",
"rc": 0,
"results": [
"lftp is not installed",
"lrzsz is not installed"
]
}
web2 | SUCCESS => {
"changed": false,
"msg": "",
"rc": 0,
"results": [
"lftp is not installed",
"lrzsz is not installed"
]
}
[root@ansible ~]# ansible web -m yum -a 'name=lftp,lrzsz state=installed'
service模块
[root@ansible ~]# ansible web -m service -a 'name="chronyd" enabled=no'
systemctl is-enabled chronyd
[root@ansible ~]# ansible web -m service -a 'name="chronyd" enabled="yes" state="started"'
[root@ansible ~]# ssh web1
Last login: Fri Jul 27 01:47:10 2018 from 192.168.6.10
[root@web1 ~]# systemctl is-enabled chronyd
enabled
[root@web1 ~]# systemctl status chronyd
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
Active: active (running) since 四 2018-07-26 17:37:30 CST; 8h ago
[root@ansible ~]# ansible web -m service -a 'name="chronyd" enabled="no" state="stopped"'
[root@ansible ~]# ssh web1
Last login: Fri Jul 27 01:48:39 2018 from 192.168.6.10
[root@web1 ~]# systemctl status chronyd
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; disabled; vendor preset: enabled)
Active: inactive (dead)
[root@web1 ~]# systemctl is-enabled chronyd
disabled
[root@ansible ~]# ansible web -m yum -a 'name=httpd state=installed'
[root@ansible ~]# ansible web -m lineinfile -a 'path="/etc/httpd/conf/httpd.conf" regexp="^Listen" line="Listen 8080"'
[root@ansible ~]# ansible web -m service -a 'name="httpd" enabled=yes state=started'
[root@web1 ~]# systemctl is-enabled httpd
enabled
[root@web1 ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since 五 2018-07-27 01:59:27 CST; 7min ago
[root@web1 ~]# ss -tunlp | grep :80
tcp LISTEN 0 128 :::8080 :::* users:(("httpd",pid=5698,fd=4),("httpd",pid=5697,fd=4),("httpd",pid=5696,fd=4),("httpd",pid=5695,fd=4),("httpd",pid=5694,fd=4),("httpd",pid=5693,fd=4))
setup 模块
[root@ansible ~]# ansible web -m setup -a 'filter="ansible_os_family"'
web2 | SUCCESS => {
"ansible_facts": { //json输出
"ansible_os_family": "RedHat"
},
"changed": false
}
web1 | SUCCESS => {
"ansible_facts": {
"ansible_os_family": "RedHat"
},
"changed": false