ansible模块使用
一、模块简单使用
1.copy模块
[root@ansible ~]# ansible web -m copy -a 'src=/tmp/server dest=/tmp/server'
192.168.3.46 | success >> {
"changed": true,
"checksum": "5f7cfc5ceb0fb7f0791f7c38f9cad6987a078dde",
"dest": "/tmp/server",
"gid": 0,
"group": "root",
"md5sum": "e8b32bc4d7b564ac6075a1418ad8841e",
"mode": "0644",
"owner": "root",
"size": 7,
"src": "/root/.ansible/tmp/ansible-tmp-1435889276.72-124161155336789/source",
"state": "file",
"uid": 0
}
192.168.3.45 | success >> {
"changed": false,
"checksum": "5f7cfc5ceb0fb7f0791f7c38f9cad6987a078dde",
"dest": "/tmp/server",
"gid": 0,
"group": "root",
"md5sum": "e8b32bc4d7b564ac6075a1418ad8841e",
"mode": "0644",
"owner": "root",
"size": 7,
"src": "/root/.ansible/tmp/ansible-tmp-1435889276.72-47299920537742/source",
"state": "file",
"uid": 0
}
#查看结果
#查看结果时使用shell模块,支持管道,重定向
[root@ansible ~]# ansible web -m shell -a 'ls -l /tmp |grep server'
192.168.3.45 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 10:11 server
192.168.3.46 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 10:11 server
2.file模块
#将上面的文件server的权限修改成777
#修改之前的权限如下
[root@ansible ~]# ansible web -m shell -a 'ls -l /tmp |grep server'
192.168.3.45 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 10:11 server
192.168.3.46 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 10:11 server
#修改权限
[root@ansible ~]# ansible web -m file -a 'dest=/tmp/server mode=777 '
192.168.3.45 | success >> {
"changed": false,
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"path": "/tmp/server",
"size": 7,
"state": "file",
"uid": 0
}
192.168.3.46 | success >> {
"changed": true,
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"path": "/tmp/server",
"size": 7,
"state": "file",
"uid": 0
}
查看结果
[root@ansible ~]# ansible web -m shell -a 'ls -l /tmp |grep server'
192.168.3.46 | success | rc=0 >>
-rwxrwxrwx 1 root root 7 Jul 3 10:11 server
192.168.3.45 | success | rc=0 >>
-rwxrwxrwx 1 root root 7 Jul 3 10:11 server
3.yum模块
#安装nmap软件
[root@ansible ~]# ansible web -m yum -a 'name=nmap state=installed'
192.168.3.46 | success >> {
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror, security\nLoading mirror speeds from cached hostfile\n * base: mirrors.pubyun.com\n * extras: mirrors.pubyun.com\n * updates: mirrors.pubyun.com\nSetting up Install Process\nResolving Dependencies\n--> Running transaction check\n---> Package nmap.x86_64 2:5.51-4.el6 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n nmap x86_64 2:5.51-4.el6 base 2.8 M\n\nTransaction Summary\n================================================================================\nInstall 1 Package(s)\n\nTotal download size: 2.8 M\nInstalled size: 9.7 M\nDownloading Packages:\nRunning rpm_check_debug\nRunning Transaction Test\nTransaction Test Succeeded\nRunning Transaction\n\r Installing : 2:nmap-5.51-4.el6.x86_64 1/1 \n\r Verifying : 2:nmap-5.51-4.el6.x86_64 1/1 \n\nInstalled:\n nmap.x86_64 2:5.51-4.el6 \n\nComplete!\n"
]
}
192.168.3.45 | success >> {
"changed": false,
"msg": "",
"rc": 0,
"results": [
"nmap: Nothing to do"
]
}
#查看结果
[root@ansible ~]# ansible web -m shell -a 'rpm -qa |grep nmap'
192.168.3.46 | success | rc=0 >>
nmap-5.51-4.el6.x86_64
192.168.3.45 | success | rc=0 >>
nmap-5.51-4.el6.x86_64
二、playbooks配置管理
1.进行sehll模块操作,测试删除文件
先查看一下客户端的server-test是否存在
#查看客户端文件是否存在
[root@ansible ~]# ansible web -m shell -a 'ls -l /tmp |grep server'
192.168.3.46 | success | rc=0 >>
-rwxrwxrwx 1 root root 7 Jul 3 10:11 server
192.168.3.45 | success | rc=0 >>
-rwxrwxrwx 1 root root 7 Jul 3 10:11 server
#copy一个文件过去,并改名server-test
[root@ansible ~]# ansible web -m copy -a 'src=/tmp/server dest=/tmp/server-test'
192.168.3.45 | success >> {
"changed": true,
"checksum": "5f7cfc5ceb0fb7f0791f7c38f9cad6987a078dde",
"dest": "/tmp/server-test",
"gid": 0,
"group": "root",
"md5sum": "e8b32bc4d7b564ac6075a1418ad8841e",
"mode": "0644",
"owner": "root",
"size": 7,
"src": "/root/.ansible/tmp/ansible-tmp-1435890098.45-251819240728163/source",
"state": "file",
"uid": 0
}
192.168.3.46 | success >> {
"changed": false,
"checksum": "5f7cfc5ceb0fb7f0791f7c38f9cad6987a078dde",
"dest": "/tmp/server-test",
"gid": 0,
"group": "root",
"md5sum": "e8b32bc4d7b564ac6075a1418ad8841e",
"mode": "0644",
"owner": "root",
"size": 7,
"src": "/root/.ansible/tmp/ansible-tmp-1435890098.45-111789114670174/source",
"state": "file",
"uid": 0
}
#查看结果
[root@ansible ~]# ansible web -m shell -a 'ls -l /tmp |grep server'
192.168.3.45 | success | rc=0 >>
-rwxrwxrwx 1 root root 7 Jul 3 10:11 server
-rw-r--r-- 1 root root 7 Jul 3 10:24 server-test
192.168.3.46 | success | rc=0 >>
-rwxrwxrwx 1 root root 7 Jul 3 10:11 server
-rw-r--r-- 1 root root 7 Jul 3 10:24 server-test
写一个删除客户端上/tmp/server-test文件的playbooks
[root@ansible ansible]# pwd /etc/ansible [root@ansible ansible]# cat test.yml - hosts: web #要执行删除操作的客户端 remote_user: root #在远程执行使用的用户 tasks: #任务 - name: delete /tmp/server-test #任务说明 shell: rm -rf /tmp/server-test #执行shell操作,删除文件/tmp/server #执行playbooks [root@ansible ~]# ansible-playbook /etc/ansible/test.yml PLAY [web] ******************************************************************** GATHERING FACTS *************************************************************** ok: [192.168.3.46] ok: [192.168.3.45] TASK: [delete /tmp/server-test] *********************************************** changed: [192.168.3.46] changed: [192.168.3.45] PLAY RECAP ******************************************************************** 192.168.3.45 : ok=2 changed=1 unreachable=0 failed=0 192.168.3.46 : ok=2 changed=1 unreachable=0 failed=0 #查看结果 [root@ansible ~]# ansible web -m shell -a 'ls -l /tmp |grep server' 192.168.3.45 | success | rc=0 >> -rwxrwxrwx 1 root root 7 Jul 3 10:11 server 192.168.3.46 | success | rc=0 >> -rwxrwxrwx 1 root root 7 Jul 3 10:11 server #结果显示server-test文件已删除
2.template模块操作
#创建templates的playbooks [root@ansible ~]# cat /etc/ansible/template.yml - hosts: web remote_user: root tasks: - name: use template module copy file template: src=/tmp/server dest=/tmp/server-template #执行template.yml [root@ansible ~]# ansible-playbook /etc/ansible/template.yml PLAY [web] ******************************************************************** GATHERING FACTS *************************************************************** ok: [192.168.3.45] ok: [192.168.3.46] TASK: [use template module copy file] ***************************************** changed: [192.168.3.45] ok: [192.168.3.46] PLAY RECAP ******************************************************************** 192.168.3.45 : ok=2 changed=1 unreachable=0 failed=0 192.168.3.46 : ok=2 changed=0 unreachable=0 failed=0 #查看结果 [root@ansible ~]# ansible web -m shell -a 'ls -l /tmp |grep template' 192.168.3.45 | success | rc=0 >> -rw-r--r-- 1 root root 7 Jul 3 10:47 server-template 192.168.3.46 | success | rc=0 >> -rw-r--r-- 1 root root 7 Jul 3 10:47 server-template
3.多项目同时更新
#编写playbooks
[root@ansible ~]# cat /etc/ansible/multi_copy.yml
- hosts: web
remote_user: root
gather_facts: False
tasks:
- name: copy local server to client
template: src=/tmp/server dest=/tmp/test-{{item}}
with_items:
- server-1
- server-2
- server-3
#执行playbooks
[root@ansible ~]# ansible-playbook /etc/ansible/multi_copy.yml
PLAY [web] ********************************************************************
TASK: [copy local server to client] *******************************************
changed: [192.168.3.46] => (item=server-1)
changed: [192.168.3.45] => (item=server-1)
changed: [192.168.3.45] => (item=server-2)
changed: [192.168.3.46] => (item=server-2)
changed: [192.168.3.46] => (item=server-3)
changed: [192.168.3.45] => (item=server-3)
PLAY RECAP ********************************************************************
192.168.3.45 : ok=1 changed=1 unreachable=0 failed=0
192.168.3.46 : ok=1 changed=1 unreachable=0 failed=0
#查看结果
[root@ansible ~]# ansible web -m shell -a 'ls -l /tmp |grep server'
192.168.3.45 | success | rc=0 >>
-rwxrwxrwx 1 root root 7 Jul 3 10:11 server
-rw-r--r-- 1 root root 7 Jul 3 10:47 server-template
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-1
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-2
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
192.168.3.46 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 10:52 server-template
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-1
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-2
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
4.根据条件进行删除
#查看客户端文件
[root@ansible ~]# ansible web -m shell -a 'ls -l /tmp |grep test'
192.168.3.46 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-1
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-2
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
192.168.3.45 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-1
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-2
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
#查看客户端的收集信息
[root@ansible ~]# ansible web -m setup -a 'filter=ansible_all_ipv4_addresses'
192.168.3.45 | success >> {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.3.45"
]
},
"changed": false
}
192.168.3.46 | success >> {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.3.46"
]
},
"changed": false
}
[root@ansible ~]# ansible web -m setup -a 'filter=ansible_os_family'
192.168.3.45 | success >> {
"ansible_facts": {
"ansible_os_family": "RedHat"
},
"changed": false
}
192.168.3.46 | success >> {
"ansible_facts": {
"ansible_os_family": "RedHat"
},
"changed": false
}
#编写playbooks,目的是只删除IP=192.168.3.46的test-server-1文件
[root@ansible ~]# cat /etc/ansible/delete.yml
- hosts: web
remote_user: root
gather_facts: True #需要收集客户端信息
tasks:
- name: if system is centos and ip is 192.168.3.46 ,them rm /tmp/test-server-1
shell: rm -rf /tmp/test-server-1
when: ansible_os_family == "RedHat" and ansible_all_ipv4_addressesp[0] == "192.168.3.46" #这里是执行delete操作的前提条件
#执行playbooks
[root@ansible ~]# ansible-playbook /etc/ansible/delete.yml
PLAY [web] ********************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.3.45]
ok: [192.168.3.46]
TASK: [if system is centos and ip is 192.168.3.46 ,them rm /tmp/test-server-1] ***
skipping: [192.168.3.45]
changed: [192.168.3.46]
PLAY RECAP ********************************************************************
192.168.3.45 : ok=1 changed=0 unreachable=0 failed=0
192.168.3.46 : ok=2 changed=1 unreachable=0 failed=0
#查看结果,我们在上面的delete.yml中设置了条件
#只删除IP=192.168.3.46上的test-server-1
[root@ansible ~]# ansible web -m shell -a 'ls -l /tmp |grep test'
192.168.3.46 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-2 #文件已被删除
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
192.168.3.45 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 11:38 test-server-1 #这里的文件没有被删除
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-2
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
5.playbooks扩展:var
#查看客户端文件
[root@ansible ~]# ansible web -m shell -a 'ls -l /tmp |grep test'
192.168.3.45 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 11:38 test-server-1
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-2
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
192.168.3.46 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 13:15 test-server-1
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-2
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
#编写playbook
[root@ansible ~]# cat /etc/ansible/delete_vars.yml
- hosts: "{{host}}" #引用变量host,值需要手动传入
remote_user: "{{user}}" #引用变量user,值需要手动传入
gather_facts: "{{gather}}" #引用变量gather,值需要手动传入
tasks:
- name: if system is centos,then rm /tmp/test-server-1
shell: rm -rf /tmp/test-server-1
when: ansible_os_family == "RedHat"
#执行playbook,手动传入需要的参数
[root@ansible ~]# ansible-playbook /etc/ansible/delete_vars.yml --extra-vars "host=web user=root gather=True"
PLAY [web] ********************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.3.45]
ok: [192.168.3.46]
TASK: [if system is centos,then rm /tmp/test-server-1] ************************
changed: [192.168.3.45]
changed: [192.168.3.46]
PLAY RECAP ********************************************************************
192.168.3.45 : ok=2 changed=1 unreachable=0 failed=0
192.168.3.46 : ok=2 changed=1 unreachable=0 failed=0
#查看结果
[root@ansible ~]# ansible web -m shell -a 'ls -l /tmp |grep test'
192.168.3.45 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-2
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
192.168.3.46 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-2
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
6.使用tar选择行的执行任务
#查看客户端的文件
[root@ansible ~]# ansible web -m shell -a 'ls -l /tmp |grep test'
192.168.3.45 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 13:29 test-server-1
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-2
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
192.168.3.46 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 13:29 test-server-1
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-2
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
#编写带有tag的playbook
[root@ansible ~]# cat /etc/ansible/delete_tags.yml
- hosts: "{{host}]"
remote_user: "{{user}}"
gather_facts: "{{gather}}"
tasks:
- name: if system is centos,then rm /tmp/test-server-1
shell: rm -rf /tmp/test-server-1
tags: server-1
- name: if system is centos,them rm /tmp/test-server-2
shell: rm -rf /tmp/test-server-2
tags: server-2
#执行playbooks
[root@ansible ~]# ansible-playbook /etc/ansible/delete_tags.yml --extra "host=web user=root gather=True",未指定tags
PLAY [web] ********************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.3.45]
ok: [192.168.3.46]
TASK: [if system is centos,then rm /tmp/test-server-1] ************************
changed: [192.168.3.46]
changed: [192.168.3.45]
TASK: [if system is centos,them rm /tmp/test-server-2] ************************
changed: [192.168.3.46]
changed: [192.168.3.45]
PLAY RECAP ********************************************************************
192.168.3.45 : ok=3 changed=2 unreachable=0 failed=0
192.168.3.46 : ok=3 changed=2 unreachable=0 failed=0
#查看结果
#从下面的结果中我们能看出,在不指定tags的情况先客户端将2个任务都执行了,即在客户端上删除了/tmp/test-server-1和/tmp/test-server-2这2个文件
[root@ansible ~]# ansible web -m shell -a 'ls -l /tmp |grep test'
192.168.3.46 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
192.168.3.45 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
#我们将客户端的文件恢复
[root@ansible ~]# ansible web -m shell -a 'ls -l /tmp |grep test'
192.168.3.45 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 14:06 test-server-1
-rw-r--r-- 1 root root 7 Jul 3 14:06 test-server-2
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
192.168.3.46 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 14:06 test-server-1
-rw-r--r-- 1 root root 7 Jul 3 14:06 test-server-2
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
#执行playbook,指定运行tags:server-2
#正常情况下是只删除/tmp/test-server-2这个文件,/tmp/test-server-1这个文件是不会删除的
[root@ansible ~]# ansible-playbook /etc/ansible/delete_tags.yml --extra "host=web user=root gather=True" --tags server-2
PLAY [web] ********************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.3.45]
ok: [192.168.3.46]
TASK: [if system is centos,them rm /tmp/test-server-2] ************************
changed: [192.168.3.46]
changed: [192.168.3.45]
PLAY RECAP ********************************************************************
192.168.3.45 : ok=2 changed=1 unreachable=0 failed=0
192.168.3.46 : ok=2 changed=1 unreachable=0 failed=0
[root@ansible ~]# ansible web -m shell -a 'ls -l /tmp |grep test'
192.168.3.46 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 14:06 test-server-1
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
192.168.3.45 | success | rc=0 >>
-rw-r--r-- 1 root root 7 Jul 3 14:06 test-server-1 #该文件还存在
-rw-r--r-- 1 root root 7 Jul 3 11:07 test-server-3
#总结,如果palybooks带有tags,不指定任何tags,默认会执行所有的任务。如果指定了tags,只执行指定的tags任务,其余的tags任务不会执行