zoukankan      html  css  js  c++  java
  • 自动化运维工具-Ansible之2-ad-hoc

    自动化运维工具-Ansible之2-ad-hoc

    Ansible ad-hoc

    ad-hoc就是“临时命令”,执行完即结束,并不会保存


    ad-hoc模式使用场景

    比如在多台机器上查看某个进程是否启动,或拷贝指定文件到本地,等等


    ad-hoc模式的命令使用

    img

    #批量查看磁盘信息
    [root@m01 ~]# ansible web_group -m command -a 'df -h' -i ./hosts
    web02 | CHANGED | rc=0 >>
    文件系统        容量  已用  可用 已用% 挂载点
    /dev/sda3        18G  1.1G   17G    6% /
    devtmpfs        981M     0  981M    0% /dev
    tmpfs           992M     0  992M    0% /dev/shm
    tmpfs           992M  9.5M  982M    1% /run
    tmpfs           992M     0  992M    0% /sys/fs/cgroup
    /dev/sda1      1014M  124M  891M   13% /boot
    tmpfs           199M     0  199M    0% /run/user/0
    
    web01 | CHANGED | rc=0 >>
    文件系统        容量  已用  可用 已用% 挂载点
    /dev/sda3        18G  1.1G   17G    6% /
    devtmpfs        981M     0  981M    0% /dev
    tmpfs           992M     0  992M    0% /dev/shm
    tmpfs           992M  9.5M  982M    1% /run
    tmpfs           992M     0  992M    0% /sys/fs/cgroup
    /dev/sda1      1014M  124M  891M   13% /boot
    tmpfs           199M     0  199M    0% /run/user/0
    
    #批量查看内存信息
    [root@m01 ~]# ansible web_group -m command -a 'free -m' -i ./hosts
    web01 | CHANGED | rc=0 >>
                  total        used        free      shared  buff/cache   available
    Mem:           1982         143        1688           9         150        1668
    Swap:          1023           0        1023
    
    web02 | CHANGED | rc=0 >>
                  total        used        free      shared  buff/cache   available
    Mem:           1982         142        1684           9         155        1666
    Swap:          1023           0        1023
    

    ad-hoc结果返回颜色

    绿色: 代表被管理端主机没有被修改
    黄色: 代表被管理端主机发现变更
    红色: 代表出现了故障,注意查看提示


    ad-hoc常用模块

    command             # 执行shell命令(不支持管道等特殊字符)
    shell               # 执行shell命令
    scripts             # 执行shell脚本
    yum_repository      # 配置yum仓库
    yum                 # 安装软件
    copy                # 变更配置文件
    file                # 建立目录或文件
    service             # 启动与停止服务
    mount               # 挂载设备
    cron                # 定时任务
    get_url             # 下载软件
    firewalld           # 防火墙
    selinux             # selinux
    

    ansible-doc帮助手册

    [root@m01 ~]# ansible-doc -l        # 查看所有模块说明
    [root@m01 ~]# ansible-doc copy      # 查看指定模块方法
    [root@m01 ~]# ansible-doc -s copy   # 查看指定模块参数
    

    Ansible命令模块

    command默认模块, 执行shell命令,不支持管道等特殊字符

    [root@m01 ~]# ansible web01 -a "hostname"
    

    shell执行shell命令,支持管道等特殊字符,使用$需要转义

    [root@m01 ~]# ansible web01 -m shell -a "ps -ef|grep nginx" -f 50
    
    [root@m01 ~]# ansible 'web01' -m shell -a "ifconfig eth0 | awk 'NR==2 {print $2}'"
    web01 | CHANGED | rc=0 >>
            inet 10.0.0.7  netmask 255.255.255.0  broadcast 10.0.0.255
    [root@m01 ~]# ansible 'web01' -m shell -a "ifconfig eth0 | awk 'NR==2 {print $2}'"
    web01 | CHANGED | rc=0 >>
    10.0.0.7
    

    script执行shell脚本

    # 编写脚本
    [root@m01 ~]# vim /root/yum.sh
    #!/usr/bin/bash
    yum install -y vsftpd
    
    #在本地运行模块,等同于在远程执行,不需要将脚本文件进行推送目标主机执行
    [root@m01 ~]# ansible web01 -m script -a "/root/yum.sh"
    

    Ansible软件管理模块

    yum安装软件

    [root@m01 ~]# ansible web01 -m yum -a "name=httpd state=present"
    [root@m01 ~]# ansible-doc yum
    name                            
        httpd                       # 指定要安装的软件包名称
        file://                     # 指定本地安装路径(yum localinstall 本地rpm包)
        http://                     # 指定yum源(从远程仓库获取rpm包)
    state                           # 指定使用yum的方法
        installed,present           # 安装软件包
        removed,absent              # 移除软件包
        latest                      # 安装最新软件包
    exclude=kernel*,foo*            # 排除某些包
    list=ansible                    # 类似于yum list查看是否可以安装
    disablerepo="epel,ol7_latest"   # 禁用指定的yum仓库
    download_only=true              # 只下载不安装
    

    yum_repository配置yum仓库

    # 添加yum仓库
    [root@m01 ~]# ansible web01 -m yum_repository -a "name=oldboy_epel description=EPEL baseurl=https://download.fedoraproject.org/pub/epel/$releasever/$basearch/" -i ./hosts
    
    # 仓库名和配置文件名不同
    [root@m01 ~]# ansible web01 -m yum_repository -a 'name=oldboy_epel description=EPEL file=test_oldboy baseurl=https://download.fedoraproject.org/pub/base/$releasever/$basearch/ gpgcheck=no' -i ./hosts
    
    # 添加mirrorlist
    [root@m01 ~]# ansible web01 -m yum_repository -a 'name=oldboy_epel description=EPEL file=test_oldboy baseurl=https://download.fedoraproject.org/pub/base/$releasever/$basearch/ gpgcheck=no mirrorlist=http://mirrorlist.repoforge.org/el7/mirrors-rpmforge enabled=no' -i ./hosts
    
    # 删除yum仓库及文件
    [root@m01 ~]# ansible web01 -m yum_repository -a 'name=oldboy_epel file=test_oldboy state=absent' -i ./hosts
    
    # 开启gpgcheck
    [root@m01 ~]# ansible web01 -m yum_repository -a 'name=oldboy_epel description=EPEL file=test_oldboy baseurl=https://download.fedoraproject.org/pub/base/$releasever/$basearch/ gpgcheck=yes gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7' -i ./hosts
    
    name 			#yum源里[]中的内容
    description 	#yum源里name的值
    file 			#yum源的文件名
    mirrorlist 	    #yum源的列表
    baseurl         # yum源中的仓库地址
    gpgcheck        # yum源是否检查检查秘钥
        no
        yes
    state 
    	absent		# 删除
    	present		# 添加(默认)
    enabled         # 是否启用仓库
        no
        yes
    

    Ansible文件管理模块

    copy

    src             # 推送数据的源文件信息
    dest            # 推送数据的目标路径
    backup:			# 目标文件是否备份
    	yes			# 备份
    	no			# 不备份
    follow:			# 是否识别软链接
    	yes
    	no
    content         # 直接在被管理端文件中添加内容
    group           # 将本地文件推送到远端,指定文件属组信息
    owner           # 将本地文件推送到远端,指定文件属主信息
    mode            # 将本地文件推送到远端,指定文件权限信息
    
    # 推送文件并授权
    [root@m01 ~]# ansible web01 -m copy -a "src=/etc/passwd dest=/tmp/oldboy.txt owner=www group=www mode=777"
    
    # 在推送覆盖远程端文件前,对远端已有文件按照时间信息备份
    [root@m01 ~]# ansible web01 -m copy -a "src=/etc/passwd dest=/tmp/oldboy.txt backup=yes"
    
    # 直接向远端文件内写入数据信息,并且会覆盖远端文件内原有数据信息
    [root@m01 ~]# ansible web01 -m copy -a "content='oldboy' dest=/tmp/oldboy.txt"
    
    #识别软链接
    [root@m01 ~]# ansible 'web01' -m copy -a 'src=/root/test dest=/tmp owner=nginx group=nginx mode=0644 follow=yes'
    [root@m01 ~]# ansible 'web01' -m copy -a 'src=/root/test dest=/tmp owner=nginx group=nginx mode=0644 follow=no'
    

    file

    src:			# 源文件(如果做软链接就是远程机器上的文件)
    dest:			# 目标文件(如果做软链接就是远程机器上的链接文件)
    path            # 指定远程主机目录或文件信息
    recurse         # 递归授权
        yes
    state 
        directory   # 在远端创建目录(默认递归)
        touch       # 在远端创建文件
        link        # link或hard表示创建链接文件
        absent      # 表示删除文件或目录
    mode            # 设置文件或目录权限
    owner           # 设置文件或目录属主信息
    group           # 设置文件或目录属组信息
    
    # 递归创建目录并授权
    [root@m01 ~]# ansible web01 -m file -a "path=/tmp/tmp1/oldboy_dir state=directory mode=0777 owner=root group=root"
    [root@m01 ~]# ansible web01 -m file -a "path=/tmp/tmp/oldboy_dir state=directory owner=www group=www mode=0700 recurse=yes"
    # 创建文件并授权
    [root@m01 ~]# ansible web01 -m file -a "path=/tmp/oldboy_file state=touch mode=0555 owner=root group=root"
    # 做软连接
    [root@m01 ~]# ansible web01 -m file -a "src=/tmp/oldboy_dir dest=/tmp/oldboy_dir_link state=link"
    # 删除文件
    [root@m01 ~]# ansible web01 -m file -a 'path=/tmp/oldboy_dir_link state=absent'
    # 递归授权目录
    

    get_url

    [root@m01 ~]# ansible-doc get_url
    url             # 指定下载地址
    dest            # 指定下载目录
    mode            # 指定权限
    checksum        # 校验加密算法
        md5
        sha256
    
    # 下载包并授权
    [root@m01 ~]# ansible web01 -m get_url -a 'url=https://mirrors.aliyun.com/zabbix/zabbix/3.4/rhel/7/x86_64/zabbix-agent-3.4.0-1.el7.x86_64.rpm dest=/tmp mode=0644'
    
    #下载包时验证
    [root@web01 /tmp]# md5sum zabbix-agent-3.4.0-1.el7.x86_64.rpm
    ba1f2511fc30423bdbb183fe33f3dd0f  index.html
    
    [root@m01 ~]# ansible web01 -m get_url -a 'url=https://mirrors.aliyun.com/zabbix/zabbix/3.4/rhel/7/x86_64/zabbix-agent-3.4.0-1.el7.x86_64.rpm dest=/opt mode=0644 checksum=md5:ba1f2511fc30423bdbb183fe33f3dd0f'
    

    Ansible服务管理模块

    service

    [root@m01 ~]# ansible-doc service
    EXAMPLES:
    - name: Start service httpd, if not started
      service:
        name: httpd
        state: started
        enabled: yes
        
    name: httpd			# 服务的名字
    state:
    	started			# 启动服务
    	stopped			# 停止服务
    	restarted		# 重启服务
    	reloaded		# 重载服务
    enabled:			# 开机自启
    	yes
    	no
    

    systemd

    [root@m01 ~]# ansible-doc systemd
    EXAMPLES:
    - name: Start service httpd, if not started
      systemd:
        name: httpd
        state: started
        enabled: yes
        daemon_reload: yes
        
    name: httpd			# 服务的名字
    state:
    	started			# 启动服务
    	stopped			# 停止服务
    	restarted		# 重启服务
    	reloaded		# 重载服务
    enabled:			# 开机自启
    	yes
    	no
    daemon_reload:	   # 后台启动
    
    # 停止nginx服务
    [root@m01 ~]# ansible web01 -m service -a 'name=nginx state=stopped'
    
    # 启动httpd服务,并加入开机自启
    [root@m01 ~]# ansible web01 -m systemd -a 'name=httpd state=started enabled=yes'
    

    Ansible用户管理模块

    group

    name            #指定创建的组名
    gid             #指定组的gid
    state
        absent      #移除远端主机的组
        present     #创建远端主机的组(默认)
    
    # 创建用户组
    [root@m01 ~]# ansible web01 -m group -a 'name=www state=present gid=777'
    # 删除用户组
    [root@m01 ~]# ansible web01 -m group -a 'name=www state=absent'
    

    user

    - name: Add the user 'johnd' with a specific uid and a primary group of 'admin'
      user:
        name: johnd						# 用户名
        comment: John Doe				# 用户的注释
        uid: 1040						# 用户uid
        group: admin					# 用户的组名称
        groups: admins,developers		# 指定附加组名称
        shell: /bin/bash				# 指定登录脚本
        append: yes						# 添加附加组时使用
        remove: yes						# 移除家目录
        generate_ssh_key: yes			# 是否生成密钥对
        ssh_key_bits: 2048				# 秘钥加密的位数
        ssh_key_file: .ssh/id_rsa		# 秘钥文件
        expires: 1422403387				# 用户的有效时间
        state:
        	present						# 添加用户(默认)
        	absent						# 删除用户
        create_home:yes/no     		   # 是否创建家目录
        password        				# 给用户添加密码(单引号)
    
    # 创建用户指定uid和gid,不创建家目录也不允许登陆
    [root@m01 ~]# ansible web01 -m user -a 'name=www uid=666 group=666 shell=/sbin/nologin create_home=false'
    
    # 仅删除用户
    [root@m01 ~]# ansible web01 -m user -a 'name=www state=absent'
    
    # 删除用户及用户组
    [root@m01 ~]# ansible web01 -m user -a 'name=www state=absent remove=yes'
    
    # 将明文密码进行hash加密,然后创建用户并设定密码(密码必须是密文)
    [root@m01 ~]# ansible web01 -m debug -a "msg={{ 'oldboy' | password_hash('sha512', 'salt') }}"
    web01 | SUCCESS => {
        "msg": "$6$salt$xaunY8IjwsGxX14Fn5MU7iRza9R7crMbDiMUAG0b7Ku0f9pE.Am4ScvdCxURf.y0hsHX4o5bo3JSn/.DDXP8u1"
    }
    [root@m01 ~]# ansible web01 -m user -a 'name=oldboy1 password=$6$salt$xaunY8IjwsGxX14Fn5MU7iRza9R7crMbDiMUAG0b7Ku0f9pE.Am4ScvdCxURf.y0hsHX4o5bo3JSn/.DDXP8u1 create_home=true shell=/bin/bash'
    

    注意:

    • 如果用户名字跟组名字相同,删除用户是会将组也删除
    • 当组下面有多个用户,删除的与组同名的用户也不会删除组
    # 创建用户并生成秘钥对
    [root@m01 ~]# ansible web01 -m user -a "name=oldboy uid=888 group=root shell=/bin/bash generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa" -i ./hosts
    web01 | CHANGED => {
        "ansible_facts": {
            "discovered_interpreter_python": "/usr/bin/python"
        },
        "changed": true,
        "comment": "",
        "create_home": true,
        "group": 0,
        "home": "/home/oldboy",
        "name": "oldboy",
        "shell": "/bin/bash",
        "ssh_fingerprint": "2048 SHA256:WEMHCpSjxxqFwlzrCk1FqrPqeq6N/SHxL1gFTSqHlGM ansible-generated on web01 (RSA)",
        "ssh_key_file": "/home/oldboy/.ssh/id_rsa",
        "ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDRx+bCYGh4FqpKoPzyXrR8ef9GwoY6l6QEFQ0+XPynR22fd9Lbs1eUxWDm5aH4ZO8sPaI8a5xmj88Sipwl0FxlQTjD2X/vreZNEDbwFWrbZ24VvPkfPSSWBh5SxLH6pJt8pGQpPVWuLRMx6yOOxRB1hh9bGFzQNg5z8xqzeogTOoI7cxSFZVuUb5affNj8H5mCw2nAvblV+HNhRzbMlwr+9/EWcCWHDnlVYcELHXjpNJcyGB3VFOu1MPkmLaSTcaB73O0eRvZQkYMBePKJC44tvjHihGhvCk9rzh8qvzHxvMgoMD/+0uKAlIwEvOyfAczb7fxllU0rDtbyPtjbuLsR ansible-generated on web01",
        "state": "present",
        "system": false,
        "uid": 888
    }
    web02 | CHANGED => {
        "ansible_facts": {
            "discovered_interpreter_python": "/usr/bin/python"
        },
        "changed": true,
        "comment": "",
        "create_home": true,
        "group": 0,
        "home": "/home/oldboy",
        "name": "oldboy",
        "shell": "/bin/bash",
        "ssh_fingerprint": "2048 SHA256:IepfOosi2Xm8kfr4nOPAhG3fec6o8kpMnJ0/RwN+0F8 ansible-generated on web02 (RSA)",
        "ssh_key_file": "/home/oldboy/.ssh/id_rsa",
        "ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEcO9iDKg4X8ya/y9E0eDelAFMp/rxiDSzW31r+REawaQyF4oywcdIagpz0MTg2BeF2WdaYUmHmtmSTfSOMif26+R1FLcL9f9NYu3io/0388jukcTfyN02diXWgqoKtt4Gbm8Bq8sWE4tX/FSYl42fG6bX1AyDSMzzB7ERr2AD/Y9KuKt7cEXDinGjqTFEXw6+x1wBHpotkUisYiZCci+1Nx4YSznVRBveZTlpxMUYmKgwkUXQIt+RoOYzjgD++0md8O7lwJGgODZkahlrf2pOQnmpS4isLi9or4N+DVnqD+cXb/RjgJzPIJZYazgRY3vtAU9DDqm5i049x/VxEqFj ansible-generated on web02",
        "state": "present",
        "system": false,
        "uid": 888
    }
    

    Ansible定时任务模块

    cron

    - name: Ensure a job that runs at 2 and 5 exists. Creates an entry like "0 5,2 * * ls -alh > /d
      cron:
        name: "check dirs"		     # 定时任务的注释
        minute: "0"				     # 分钟
        hour: "5,2"				     # 小时
        day: "2"				     # 日
        month: "2"				     # 月
        weekday: "2"			     # 周
        job: "ls -alh > /dev/null"   # 定时任务的内容
        state: 
        	absent				     # 删除定时任务
        	present				     # 添加定时任务
    
    # 添加定时任务
    [root@m01 ~]# ansible web01 -m cron -a 'name="时间同步" minute=*/10 job="/usr/sbin/ntpdate time1.aliyun.com &> /dev/null"'
    
    # 修改定时任务(名字相同,只修改内容)
    [root@m01 ~]# ansible web01 -m cron -a 'name="时间同步" job="/usr/sbin/ntpdate time1.aliyun.com &> /dev/null"'
    
    # 删除相应定时任务(只能用name参数)
    [root@m01 ~]# ansible web01 -m cron -a "name='时间同步' state=absent"
     
    # 注释相应定时任务
    [root@m01 ~]# ansible web01 -m cron -a 'name="时间同步" job="/usr/sbin/ntpdate time1.aliyun.com &> /dev/null" disabled=yes'
    

    Ansible磁盘挂载模块

    mount

    - name: Mount DVD read-only
      mount:
        path: /mnt/dvd			# 挂载的目录(nfs客户端)
        src: /dev/sr0			# 远端被挂载的目录 (nfs服务端)
        fstype: nfs				# 挂载类型
        opts: ro,noauto			# 自动挂载的参数
        state: 
        	present				# 开机挂载,仅将挂载配置写入/etc/fstab
        	unmounted			# 卸载设备,不会清除/etc/fstab写入的配置
        	mounted				# 卸载设备,会清理/etc/fstab写入的配置(常用)
        	absent				# 取消临时挂载,并且清理自动挂载(常用)
    
    [root@m01 ~]# ansible web01 -m mount -a "src=172.16.1.31:/data path=/data fstype=nfs opts=defaults state=present"
    
    [root@m01 ~]# ansible web02 -m mount -a "src=172.16.1.31:/data path=/data fstype=nfs opts=defaults state=mounted"
    
    [root@m01 ~]# ansible web02 -m mount -a "src=172.16.1.31:/data path=/data fstype=nfs opts=defaults state=unmounted"
    
    [root@m01 ~]# ansible web02 -m mount -a "src=172.16.1.31:/data path=/data fstype=nfs opts=defaults state=absent"
    

    Ansible防火墙模块

    selinux

    # 关闭selinux修改配置文件,必须重启
    [root@m01 ~]# ansible web01 -m selinux -a 'state=disabled'
     [WARNING]: SELinux state temporarily changed from 'enforcing' to 'permissive'. State change will take effect next reboot.
    
    web01 | CHANGED => {
        "ansible_facts": {
            "discovered_interpreter_python": "/usr/bin/python"
        },
        "changed": true,
        "configfile": "/etc/selinux/config",
        "msg": "Config SELinux state changed from 'enforcing' to 'disabled'",
        "policy": "targeted",
        "reboot_required": true,
        "state": "disabled"
    }
    
    # 临时关闭
    [root@m01 ~]# ansible web01 -m shell -a 'setenforce 0'
    web01 | CHANGED | rc=0 >>
    
    
    [root@m01 ~]# ansible web01 -m shell -a 'getenforce'
    web01 | CHANGED | rc=0 >>
    Permissive
    

    firewalld

    service: https				 # 指定开放或关闭的服务名称
    permanent: 
    	yes				         # 永久生效
    	no					     # 临时生效
    state: 
    	enabled					 # 开启
    	disable					 # 关闭
    port: 8081/tcp  161-162/udp	 # 防火墙配置的端口
    zone: dmz					 # 指定配置空间
    rich_rule:					 # 辅规则
    source: 192.0.2.0/24	     # 防火墙配置的源ip
    masquerade: 
    	yes					     # 开启ip伪装
    	no					     # 关闭ip伪装
    interface: eth2				 # 绑定网卡
    immediate                    # 临时生效
    
    # 允许访问http,永久生效
    [root@m01 ~]# ansible web01 -m firewalld -a 'service=http permanent=yes state=enabled'
    
    # 允许80端口被访问,临时生效
    [root@m01 ~]# ansible web01 -m firewalld -a 'port=80/tcp state=enabled'
    [root@m01 ~]# ansible web_group -m firewalld -a "service=http immediate=yes permanent=yes state=enabled"
    
    # 允许10.0.0.0/24网段访问22端口
    [root@m01 ~]# ansible web01 -m firewalld -a 'rich_rule="rule family=ipv4 source address=10.0.0.0/24 service name=ssh accept" state=enabled'
    
    # 允许10.0.0.0/24网段访问所有服务
    [root@m01 ~]# ansible web01 -m firewalld -a 'source=10.0.0.0/24 zone=trusted state=enabled permanent=yes'
    

    Ansible压缩解压模块

    Archive压缩

    - name: Compress directory /path/to/foo/ into /path/to/foo.tgz
      archive:
        path: /path/to/foo			#要压缩的文件或目录
        dest: /path/to/foo.tgz		#压缩后的文件
        format:bz2, gz, tar, xz, zip	#指定打包的类型
    
    #1.打包站点目录
    [root@m01 /package]# ansible web01 -m archive -a 'path=/code dest=/tmp/code.tar.gz'
    

    unarchive解压

    - name: Unarchive a file that is already on the remote machine
      unarchive:
        src: /tmp/foo.zip			#要解压的包
        dest: /usr/local/bin		#解压到目标位置
        remote_src: 
        	yes						#要解压的包在受控端
        	no						#要解压的包在控制端
    
    #1.解压控制端的包到受控端
    [root@m01 /package]# ansible web01 -m unarchive -a 'src=/package/php.tar.gz dest=/tmp/'
    
    #2.解压受控端的包到受控端
    [root@m01 /package]# ansible web02 -m unarchive -a 'src=/package/php.tar.gz dest=/tmp/ remote_src=yes'
    

    Ansible主机信息模块

    这个模块非常实用

    在公司中总会有一些需求

    比如:
    1.根据不同主机不同IP创建对应IP的目录
    2.根据不同主机不同主机名创建对应主机名的目录
    3.自动化运维平台需要自动获取到主机的IP地址,内存信息,磁盘信息,主机名...等
    4.如果安装数据库,分配内存为物理内存的80%,此时有3台不同物理内存的机器2G、4G、16G
    写一个playbook的情况下,我需要获取到对应主机的内存并作出计算,写判断。


    setup

    1. 获取所有主机信息
    [root@m01 ~]# ansible web01 -m setup
    web01 | SUCCESS => {
        "ansible_facts": {
            "ansible_all_ipv4_addresses": [
                "10.0.0.7"
            ],
            "ansible_all_ipv6_addresses": [
                "fe80::20c:29ff:fef8:9880"
            ],
            "ansible_apparmor": {
                "status": "disabled"
            },
            "ansible_architecture": "x86_64",
            "ansible_bios_date": "04/13/2018",
            "ansible_bios_version": "6.00",
            "ansible_cmdline": {
                "BOOT_IMAGE": "/vmlinuz-3.10.0-862.el7.x86_64",
                "LANG": "en_US.UTF-8",
                "biosdevname": "0",
                "net.ifnames": "0",
                "quiet": true,
                "rhgb": true,
                "ro": true,
                "root": "UUID=7348b9b1-f2a7-46c6-bede-4f22224dc168"
            },
            "ansible_date_time": {
                "date": "2019-09-10",
                "day": "10",
                "epoch": "1568115243",
                "hour": "19",
                "iso8601": "2019-09-10T11:34:03Z",
                "iso8601_basic": "20190910T193403218395",
                "iso8601_basic_short": "20190910T193403",
                "iso8601_micro": "2019-09-10T11:34:03.218468Z",
                "minute": "34",
                "month": "09",
                "second": "03",
                "time": "19:34:03",
                "tz": "CST",
                "tz_offset": "+0800",
                "weekday": "星期二",
                "weekday_number": "2",
                "weeknumber": "36",
                "year": "2019"
            },
            "ansible_default_ipv4": {
                "address": "10.0.0.7",
                "alias": "eth0",
                "broadcast": "10.0.0.255",
                "gateway": "10.0.0.2",
                "interface": "eth0",
                "macaddress": "00:0c:29:f8:98:80",
                "mtu": 1500,
                "netmask": "255.255.255.0",
                "network": "10.0.0.0",
                "type": "ether"
            },
            "ansible_default_ipv6": {},
            "ansible_device_links": {
                "ids": {
                    "sr0": [
                        "ata-VMware_Virtual_IDE_CDROM_Drive_00000000000000000001"
                    ],
                    "sr1": [
                        "ata-VMware_Virtual_IDE_CDROM_Drive_10000000000000000001"
                    ]
                },
                "labels": {},
                "masters": {},
                "uuids": {
                    "sda1": [
                        "8e547355-994a-4bad-a941-da93f4f1cdfd"
                    ],
                    "sda2": [
                        "9e4d046c-02cf-47bd-a4bf-1e8b5fa4bed5"
                    ],
                    "sda3": [
                        "7348b9b1-f2a7-46c6-bede-4f22224dc168"
                    ]
                }
            },
            "ansible_devices": {
                "sda": {
                    "holders": [],
                    "host": "SCSI storage controller: LSI Logic / Symbios Logic 53c1030 PCI-X Fusion-MPT Dual Ultra320 SCSI (rev 01)",
                    "links": {
                        "ids": [],
                        "labels": [],
                        "masters": [],
                        "uuids": []
                    },
                    "model": "VMware Virtual S",
                    "partitions": {
                        "sda1": {
                            "holders": [],
                            "links": {
                                "ids": [],
                                "labels": [],
                                "masters": [],
                                "uuids": [
                                    "8e547355-994a-4bad-a941-da93f4f1cdfd"
                                ]
                            },
                            "sectors": "2097152",
                            "sectorsize": 512,
                            "size": "1.00 GB",
                            "start": "2048",
                            "uuid": "8e547355-994a-4bad-a941-da93f4f1cdfd"
                        },
                        "sda2": {
                            "holders": [],
                            "links": {
                                "ids": [],
                                "labels": [],
                                "masters": [],
                                "uuids": [
                                    "9e4d046c-02cf-47bd-a4bf-1e8b5fa4bed5"
                                ]
                            },
                            "sectors": "2097152",
                            "sectorsize": 512,
                            "size": "1.00 GB",
                            "start": "2099200",
                            "uuid": "9e4d046c-02cf-47bd-a4bf-1e8b5fa4bed5"
                        },
                        "sda3": {
                            "holders": [],
                            "links": {
                                "ids": [],
                                "labels": [],
                                "masters": [],
                                "uuids": [
                                    "7348b9b1-f2a7-46c6-bede-4f22224dc168"
                                ]
                            },
                            "sectors": "37746688",
                            "sectorsize": 512,
                            "size": "18.00 GB",
                            "start": "4196352",
                            "uuid": "7348b9b1-f2a7-46c6-bede-4f22224dc168"
                        }
                    },
                    "removable": "0",
                    "rotational": "1",
                    "sas_address": null,
                    "sas_device_handle": null,
                    "scheduler_mode": "deadline",
                    "sectors": "41943040",
                    "sectorsize": "512",
                    "size": "20.00 GB",
                    "support_discard": "0",
                    "vendor": "VMware,",
                    "virtual": 1
                },
                "sr0": {
                    "holders": [],
                    "host": "IDE interface: Intel Corporation 82371AB/EB/MB PIIX4 IDE (rev 01)",
                    "links": {
                        "ids": [
                            "ata-VMware_Virtual_IDE_CDROM_Drive_00000000000000000001"
                        ],
                        "labels": [],
                        "masters": [],
                        "uuids": []
                    },
                    "model": "VMware IDE CDR00",
                    "partitions": {},
                    "removable": "1",
                    "rotational": "1",
                    "sas_address": null,
                    "sas_device_handle": null,
                    "scheduler_mode": "deadline",
                    "sectors": "2097151",
                    "sectorsize": "512",
                    "size": "1024.00 MB",
                    "support_discard": "0",
                    "vendor": "NECVMWar",
                    "virtual": 1
                },
                "sr1": {
                    "holders": [],
                    "host": "IDE interface: Intel Corporation 82371AB/EB/MB PIIX4 IDE (rev 01)",
                    "links": {
                        "ids": [
                            "ata-VMware_Virtual_IDE_CDROM_Drive_10000000000000000001"
                        ],
                        "labels": [],
                        "masters": [],
                        "uuids": []
                    },
                    "model": "VMware IDE CDR10",
                    "partitions": {},
                    "removable": "1",
                    "rotational": "1",
                    "sas_address": null,
                    "sas_device_handle": null,
                    "scheduler_mode": "deadline",
                    "sectors": "2097151",
                    "sectorsize": "512",
                    "size": "1024.00 MB",
                    "support_discard": "0",
                    "vendor": "NECVMWar",
                    "virtual": 1
                }
            },
            "ansible_distribution": "CentOS",
            "ansible_distribution_file_parsed": true,
            "ansible_distribution_file_path": "/etc/redhat-release",
            "ansible_distribution_file_variety": "RedHat",
            "ansible_distribution_major_version": "7",
            "ansible_distribution_release": "Core",
            "ansible_distribution_version": "7.5",
            "ansible_dns": {
                "nameservers": [
                    "10.0.0.2"
                ]
            },
            "ansible_domain": "",
            "ansible_effective_group_id": 0,
            "ansible_effective_user_id": 0,
            "ansible_env": {
                "HOME": "/root",
                "LANG": "zh_CN.UTF-8",
                "LESSOPEN": "||/usr/bin/lesspipe.sh %s",
                "LOGNAME": "root",
                "LS_COLORS": "rs=0:di=38;5;27:ln=38;5;51:mh=44;38;5;15:pi=40;38;5;11:so=38;5;13:do=38;5;5:bd=48;5;232;38;5;11:cd=48;5;232;38;5;3:or=48;5;232;38;5;9:mi=05;48;5;232;38;5;15:su=48;5;196;38;5;15:sg=48;5;11;38;5;16:ca=48;5;196;38;5;226:tw=48;5;10;38;5;16:ow=48;5;10;38;5;21:st=48;5;21;38;5;15:ex=38;5;34:*.tar=38;5;9:*.tgz=38;5;9:*.arc=38;5;9:*.arj=38;5;9:*.taz=38;5;9:*.lha=38;5;9:*.lz4=38;5;9:*.lzh=38;5;9:*.lzma=38;5;9:*.tlz=38;5;9:*.txz=38;5;9:*.tzo=38;5;9:*.t7z=38;5;9:*.zip=38;5;9:*.z=38;5;9:*.Z=38;5;9:*.dz=38;5;9:*.gz=38;5;9:*.lrz=38;5;9:*.lz=38;5;9:*.lzo=38;5;9:*.xz=38;5;9:*.bz2=38;5;9:*.bz=38;5;9:*.tbz=38;5;9:*.tbz2=38;5;9:*.tz=38;5;9:*.deb=38;5;9:*.rpm=38;5;9:*.jar=38;5;9:*.war=38;5;9:*.ear=38;5;9:*.sar=38;5;9:*.rar=38;5;9:*.alz=38;5;9:*.ace=38;5;9:*.zoo=38;5;9:*.cpio=38;5;9:*.7z=38;5;9:*.rz=38;5;9:*.cab=38;5;9:*.jpg=38;5;13:*.jpeg=38;5;13:*.gif=38;5;13:*.bmp=38;5;13:*.pbm=38;5;13:*.pgm=38;5;13:*.ppm=38;5;13:*.tga=38;5;13:*.xbm=38;5;13:*.xpm=38;5;13:*.tif=38;5;13:*.tiff=38;5;13:*.png=38;5;13:*.svg=38;5;13:*.svgz=38;5;13:*.mng=38;5;13:*.pcx=38;5;13:*.mov=38;5;13:*.mpg=38;5;13:*.mpeg=38;5;13:*.m2v=38;5;13:*.mkv=38;5;13:*.webm=38;5;13:*.ogm=38;5;13:*.mp4=38;5;13:*.m4v=38;5;13:*.mp4v=38;5;13:*.vob=38;5;13:*.qt=38;5;13:*.nuv=38;5;13:*.wmv=38;5;13:*.asf=38;5;13:*.rm=38;5;13:*.rmvb=38;5;13:*.flc=38;5;13:*.avi=38;5;13:*.fli=38;5;13:*.flv=38;5;13:*.gl=38;5;13:*.dl=38;5;13:*.xcf=38;5;13:*.xwd=38;5;13:*.yuv=38;5;13:*.cgm=38;5;13:*.emf=38;5;13:*.axv=38;5;13:*.anx=38;5;13:*.ogv=38;5;13:*.ogx=38;5;13:*.aac=38;5;45:*.au=38;5;45:*.flac=38;5;45:*.mid=38;5;45:*.midi=38;5;45:*.mka=38;5;45:*.mp3=38;5;45:*.mpc=38;5;45:*.ogg=38;5;45:*.ra=38;5;45:*.wav=38;5;45:*.axa=38;5;45:*.oga=38;5;45:*.spx=38;5;45:*.xspf=38;5;45:",
                "MAIL": "/var/mail/root",
                "PATH": "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin",
                "PWD": "/root",
                "SELINUX_LEVEL_REQUESTED": "",
                "SELINUX_ROLE_REQUESTED": "",
                "SELINUX_USE_CURRENT_RANGE": "",
                "SHELL": "/bin/bash",
                "SHLVL": "2",
                "SSH_CLIENT": "10.0.0.51 53512 22",
                "SSH_CONNECTION": "10.0.0.51 53512 10.0.0.7 22",
                "SSH_TTY": "/dev/pts/1",
                "TERM": "xterm-256color",
                "USER": "root",
                "XDG_RUNTIME_DIR": "/run/user/0",
                "XDG_SESSION_ID": "87",
                "_": "/usr/bin/python"
            },
            "ansible_eth0": {
                "active": true,
                "device": "eth0",
                "features": {
                    "busy_poll": "off [fixed]",
                    "fcoe_mtu": "off [fixed]",
                    "generic_receive_offload": "on",
                    "generic_segmentation_offload": "on",
                    "highdma": "off [fixed]",
                    "hw_tc_offload": "off [fixed]",
                    "l2_fwd_offload": "off [fixed]",
                    "large_receive_offload": "off [fixed]",
                    "loopback": "off [fixed]",
                    "netns_local": "off [fixed]",
                    "ntuple_filters": "off [fixed]",
                    "receive_hashing": "off [fixed]",
                    "rx_all": "off",
                    "rx_checksumming": "off",
                    "rx_fcs": "off",
                    "rx_udp_tunnel_port_offload": "off [fixed]",
                    "rx_vlan_filter": "on [fixed]",
                    "rx_vlan_offload": "on",
                    "rx_vlan_stag_filter": "off [fixed]",
                    "rx_vlan_stag_hw_parse": "off [fixed]",
                    "scatter_gather": "on",
                    "tcp_segmentation_offload": "on",
                    "tx_checksum_fcoe_crc": "off [fixed]",
                    "tx_checksum_ip_generic": "on",
                    "tx_checksum_ipv4": "off [fixed]",
                    "tx_checksum_ipv6": "off [fixed]",
                    "tx_checksum_sctp": "off [fixed]",
                    "tx_checksumming": "on",
                    "tx_fcoe_segmentation": "off [fixed]",
                    "tx_gre_csum_segmentation": "off [fixed]",
                    "tx_gre_segmentation": "off [fixed]",
                    "tx_gso_partial": "off [fixed]",
                    "tx_gso_robust": "off [fixed]",
                    "tx_ipip_segmentation": "off [fixed]",
                    "tx_lockless": "off [fixed]",
                    "tx_nocache_copy": "off",
                    "tx_scatter_gather": "on",
                    "tx_scatter_gather_fraglist": "off [fixed]",
                    "tx_sctp_segmentation": "off [fixed]",
                    "tx_sit_segmentation": "off [fixed]",
                    "tx_tcp6_segmentation": "off [fixed]",
                    "tx_tcp_ecn_segmentation": "off [fixed]",
                    "tx_tcp_mangleid_segmentation": "off",
                    "tx_tcp_segmentation": "on",
                    "tx_udp_tnl_csum_segmentation": "off [fixed]",
                    "tx_udp_tnl_segmentation": "off [fixed]",
                    "tx_vlan_offload": "on [fixed]",
                    "tx_vlan_stag_hw_insert": "off [fixed]",
                    "udp_fragmentation_offload": "off [fixed]",
                    "vlan_challenged": "off [fixed]"
                },
                "hw_timestamp_filters": [],
                "ipv4": {
                    "address": "10.0.0.7",
                    "broadcast": "10.0.0.255",
                    "netmask": "255.255.255.0",
                    "network": "10.0.0.0"
                },
                "ipv6": [
                    {
                        "address": "fe80::20c:29ff:fef8:9880",
                        "prefix": "64",
                        "scope": "link"
                    }
                ],
                "macaddress": "00:0c:29:f8:98:80",
                "module": "e1000",
                "mtu": 1500,
                "pciid": "0000:02:01.0",
                "promisc": false,
                "speed": 1000,
                "timestamping": [
                    "tx_software",
                    "rx_software",
                    "software"
                ],
                "type": "ether"
            },
            "ansible_fibre_channel_wwn": [],
            "ansible_fips": false,
            "ansible_form_factor": "Other",
            "ansible_fqdn": "web01",
            "ansible_hostname": "web01",
            "ansible_hostnqn": "",
            "ansible_interfaces": [
                "lo",
                "eth0"
            ],
            "ansible_is_chroot": false,
            "ansible_iscsi_iqn": "",
            "ansible_kernel": "3.10.0-862.el7.x86_64",
            "ansible_lo": {
                "active": true,
                "device": "lo",
                "features": {
                    "busy_poll": "off [fixed]",
                    "fcoe_mtu": "off [fixed]",
                    "generic_receive_offload": "on",
                    "generic_segmentation_offload": "on",
                    "highdma": "on [fixed]",
                    "hw_tc_offload": "off [fixed]",
                    "l2_fwd_offload": "off [fixed]",
                    "large_receive_offload": "off [fixed]",
                    "loopback": "on [fixed]",
                    "netns_local": "on [fixed]",
                    "ntuple_filters": "off [fixed]",
                    "receive_hashing": "off [fixed]",
                    "rx_all": "off [fixed]",
                    "rx_checksumming": "on [fixed]",
                    "rx_fcs": "off [fixed]",
                    "rx_udp_tunnel_port_offload": "off [fixed]",
                    "rx_vlan_filter": "off [fixed]",
                    "rx_vlan_offload": "off [fixed]",
                    "rx_vlan_stag_filter": "off [fixed]",
                    "rx_vlan_stag_hw_parse": "off [fixed]",
                    "scatter_gather": "on",
                    "tcp_segmentation_offload": "on",
                    "tx_checksum_fcoe_crc": "off [fixed]",
                    "tx_checksum_ip_generic": "on [fixed]",
                    "tx_checksum_ipv4": "off [fixed]",
                    "tx_checksum_ipv6": "off [fixed]",
                    "tx_checksum_sctp": "on [fixed]",
                    "tx_checksumming": "on",
                    "tx_fcoe_segmentation": "off [fixed]",
                    "tx_gre_csum_segmentation": "off [fixed]",
                    "tx_gre_segmentation": "off [fixed]",
                    "tx_gso_partial": "off [fixed]",
                    "tx_gso_robust": "off [fixed]",
                    "tx_ipip_segmentation": "off [fixed]",
                    "tx_lockless": "on [fixed]",
                    "tx_nocache_copy": "off [fixed]",
                    "tx_scatter_gather": "on [fixed]",
                    "tx_scatter_gather_fraglist": "on [fixed]",
                    "tx_sctp_segmentation": "on",
                    "tx_sit_segmentation": "off [fixed]",
                    "tx_tcp6_segmentation": "on",
                    "tx_tcp_ecn_segmentation": "on",
                    "tx_tcp_mangleid_segmentation": "on",
                    "tx_tcp_segmentation": "on",
                    "tx_udp_tnl_csum_segmentation": "off [fixed]",
                    "tx_udp_tnl_segmentation": "off [fixed]",
                    "tx_vlan_offload": "off [fixed]",
                    "tx_vlan_stag_hw_insert": "off [fixed]",
                    "udp_fragmentation_offload": "on",
                    "vlan_challenged": "on [fixed]"
                },
                "hw_timestamp_filters": [],
                "ipv4": {
                    "address": "127.0.0.1",
                    "broadcast": "host",
                    "netmask": "255.0.0.0",
                    "network": "127.0.0.0"
                },
                "ipv6": [
                    {
                        "address": "::1",
                        "prefix": "128",
                        "scope": "host"
                    }
                ],
                "mtu": 65536,
                "promisc": false,
                "timestamping": [
                    "rx_software",
                    "software"
                ],
                "type": "loopback"
            },
            "ansible_local": {},
            "ansible_lsb": {},
            "ansible_machine": "x86_64",
            "ansible_machine_id": "c9d400bd3c1249bd81b2d49252985ab6",
            "ansible_memfree_mb": 1068,
            "ansible_memory_mb": {
                "nocache": {
                    "free": 1622,
                    "used": 360
                },
                "real": {
                    "free": 1068,
                    "total": 1982,
                    "used": 914
                },
                "swap": {
                    "cached": 0,
                    "free": 1023,
                    "total": 1023,
                    "used": 0
                }
            },
            "ansible_memtotal_mb": 1982,
            "ansible_mounts": [
                {
                    "block_available": 227935,
                    "block_size": 4096,
                    "block_total": 259584,
                    "block_used": 31649,
                    "device": "/dev/sda1",
                    "fstype": "xfs",
                    "inode_available": 523962,
                    "inode_total": 524288,
                    "inode_used": 326,
                    "mount": "/boot",
                    "options": "rw,seclabel,relatime,attr2,inode64,noquota",
                    "size_available": 933621760,
                    "size_total": 1063256064,
                    "uuid": "8e547355-994a-4bad-a941-da93f4f1cdfd"
                },
                {
                    "block_available": 69275,
                    "block_size": 262144,
                    "block_total": 73684,
                    "block_used": 4409,
                    "device": "10.0.0.31:/data",
                    "fstype": "nfs4",
                    "inode_available": 9409536,
                    "inode_total": 9436672,
                    "inode_used": 27136,
                    "mount": "/opt",
                    "options": "rw,relatime,vers=4.1,rsize=262144,wsize=262144,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=10.0.0.7,local_lock=none,addr=10.0.0.31",
                    "size_available": 18160025600,
                    "size_total": 19315818496,
                    "uuid": "N/A"
                },
                {
                    "block_available": 4354375,
                    "block_size": 4096,
                    "block_total": 4715776,
                    "block_used": 361401,
                    "device": "/dev/sda3",
                    "fstype": "xfs",
                    "inode_available": 9403419,
                    "inode_total": 9436672,
                    "inode_used": 33253,
                    "mount": "/",
                    "options": "rw,seclabel,relatime,attr2,inode64,noquota",
                    "size_available": 17835520000,
                    "size_total": 19315818496,
                    "uuid": "7348b9b1-f2a7-46c6-bede-4f22224dc168"
                }
            ],
            "ansible_nodename": "web01",
            "ansible_os_family": "RedHat",
            "ansible_pkg_mgr": "yum",
            "ansible_proc_cmdline": {
                "BOOT_IMAGE": "/vmlinuz-3.10.0-862.el7.x86_64",
                "LANG": "en_US.UTF-8",
                "biosdevname": "0",
                "net.ifnames": "0",
                "quiet": true,
                "rhgb": true,
                "ro": true,
                "root": "UUID=7348b9b1-f2a7-46c6-bede-4f22224dc168"
            },
            "ansible_processor": [
                "0",
                "GenuineIntel",
                "Intel(R) Core(TM) i7-8850H CPU @ 2.60GHz"
            ],
            "ansible_processor_cores": 1,
            "ansible_processor_count": 1,
            "ansible_processor_threads_per_core": 1,
            "ansible_processor_vcpus": 1,
            "ansible_product_name": "VMware Virtual Platform",
            "ansible_product_serial": "VMware-56 4d a5 a2 9d f3 51 25-4d 67 a8 58 f8 f8 98 80",
            "ansible_product_uuid": "A2A54D56-F39D-2551-4D67-A858F8F89880",
            "ansible_product_version": "None",
            "ansible_python": {
                "executable": "/usr/bin/python",
                "has_sslcontext": true,
                "type": "CPython",
                "version": {
                    "major": 2,
                    "micro": 5,
                    "minor": 7,
                    "releaselevel": "final",
                    "serial": 0
                },
                "version_info": [
                    2,
                    7,
                    5,
                    "final",
                    0
                ]
            },
            "ansible_python_version": "2.7.5",
            "ansible_real_group_id": 0,
            "ansible_real_user_id": 0,
            "ansible_selinux": {
                "config_mode": "disabled",
                "mode": "permissive",
                "policyvers": 31,
                "status": "enabled",
                "type": "targeted"
            },
            "ansible_selinux_python_present": true,
            "ansible_service_mgr": "systemd",
            "ansible_ssh_host_key_ecdsa_public": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAiDBJtsjcCuaEVqC4e2tPeN3X7FbSfbWq4gDx65v5AX8yPzZcufMmv0yydrCvbkb3HhMGqVJ7oNMioQdyqiu8Q=",
            "ansible_ssh_host_key_ed25519_public": "AAAAC3NzaC1lZDI1NTE5AAAAIBVg0/vQDn4AFzoNyeGcB61Jr3a+Cv3hu36XOW+BAgv+",
            "ansible_ssh_host_key_rsa_public": "AAAAB3NzaC1yc2EAAAADAQABAAABAQC4PhQf/9RtL4kuFejVDjQoT8ng10Wdf5SA884Nu9l5wfrBLTVpKUusox5g4lU9+cuYicZiEYmasvxQbACsI90OybLUs26eUymRMtYQiS+N9Mfz0I+CLSssIEtUd5nplNoaPLM7dvgej1YxzLoz8mF6XkwhTLCd3nnye/YxuYYecGNZRCi2q6mkMYjO0HuHtqeSyoK+gPB2so7p7QrC3kcYbgblKfztDDUJ11tmYTBQJdDm7+ICztFjiwyWsnOvbItpOyI2M6neDkN8KCqoDwDYKCbXSbs6uamWkInlz03G9LGuIf+B/rhG6pmFVxG3Ac9h1tS5b6H2DJRMxQR+Vf5/",
            "ansible_swapfree_mb": 1023,
            "ansible_swaptotal_mb": 1023,
            "ansible_system": "Linux",
            "ansible_system_capabilities": [
                "cap_chown",
                "cap_dac_override",
                "cap_dac_read_search",
                "cap_fowner",
                "cap_fsetid",
                "cap_kill",
                "cap_setgid",
                "cap_setuid",
                "cap_setpcap",
                "cap_linux_immutable",
                "cap_net_bind_service",
                "cap_net_broadcast",
                "cap_net_admin",
                "cap_net_raw",
                "cap_ipc_lock",
                "cap_ipc_owner",
                "cap_sys_module",
                "cap_sys_rawio",
                "cap_sys_chroot",
                "cap_sys_ptrace",
                "cap_sys_pacct",
                "cap_sys_admin",
                "cap_sys_boot",
                "cap_sys_nice",
                "cap_sys_resource",
                "cap_sys_time",
                "cap_sys_tty_config",
                "cap_mknod",
                "cap_lease",
                "cap_audit_write",
                "cap_audit_control",
                "cap_setfcap",
                "cap_mac_override",
                "cap_mac_admin",
                "cap_syslog",
                "35",
                "36+ep"
            ],
            "ansible_system_capabilities_enforced": "True",
            "ansible_system_vendor": "VMware, Inc.",
            "ansible_uptime_seconds": 96743,
            "ansible_user_dir": "/root",
            "ansible_user_gecos": "root",
            "ansible_user_gid": 0,
            "ansible_user_id": "root",
            "ansible_user_shell": "/bin/bash",
            "ansible_user_uid": 0,
            "ansible_userspace_architecture": "x86_64",
            "ansible_userspace_bits": "64",
            "ansible_virtualization_role": "guest",
            "ansible_virtualization_type": "VMware",
            "discovered_interpreter_python": "/usr/bin/python",
            "gather_subset": [
                "all"
            ],
            "module_setup": true
        },
        "changed": false
    }
    
    1. 获取IP地址(使用setup获取的信息,指定对应的小标题获取指定的信息)
    [root@m01 ~]# ansible web01 -m setup -a 'filter=ansible_default_ipv4'
    web01 | SUCCESS => {
        "ansible_facts": {
            "ansible_default_ipv4": {
                "address": "10.0.0.7",
                "alias": "eth0",
                "broadcast": "10.0.0.255",
                "gateway": "10.0.0.2",
                "interface": "eth0",
                "macaddress": "00:0c:29:f8:98:80",
                "mtu": 1500,
                "netmask": "255.255.255.0",
                "network": "10.0.0.0",
                "type": "ether"
            },
            "discovered_interpreter_python": "/usr/bin/python"
        },
        "changed": false
    }
    
    1. 获取主机名
    [root@m01 ~]# ansible web01 -m setup -a 'filter=ansible_fqdn'
    web01 | SUCCESS => {
        "ansible_facts": {
            "ansible_fqdn": "web01",
            "discovered_interpreter_python": "/usr/bin/python"
        },
        "changed": false
    }
    
    1. 获取内存信息
    [root@m01 ~]# ansible web01 -m setup -a 'filter=ansible_memory_mb'
    web01 | SUCCESS => {
        "ansible_facts": {
            "ansible_memory_mb": {
                "nocache": {
                    "free": 1622,
                    "used": 360
                },
                "real": {
                    "free": 1068,
                    "total": 1982,
                    "used": 914
                },
                "swap": {
                    "cached": 0,
                    "free": 1023,
                    "total": 1023,
                    "used": 0
                }
            },
            "discovered_interpreter_python": "/usr/bin/python"
        },
        "changed": false
    }
    
    1. 获取磁盘信息
    web01 | SUCCESS => {
        "ansible_facts": {
            "ansible_memory_mb": {
                "nocache": {
                    "free": 1622,
                    "used": 360
                },
                "real": {
                    "free": 1068,
                    "total": 1982,
                    "used": 914
                },
                "swap": {
                    "cached": 0,
                    "free": 1023,
                    "total": 1023,
                    "used": 0
                }
            },
            "discovered_interpreter_python": "/usr/bin/python"
        },
        "changed": false
    }
    [root@m01 ~]# ansible_devices^C
    [root@m01 ~]# ansible web01 -m setup -a 'filter=ansible_devices'
    web01 | SUCCESS => {
        "ansible_facts": {
            "ansible_devices": {
                "sda": {
                    "holders": [],
                    "host": "SCSI storage controller: LSI Logic / Symbios Logic 53c1030 PCI-X Fusion-MPT Dual Ultra320 SCSI (rev 01)",
                    "links": {
                        "ids": [],
                        "labels": [],
                        "masters": [],
                        "uuids": []
                    },
                    "model": "VMware Virtual S",
                    "partitions": {
                        "sda1": {
                            "holders": [],
                            "links": {
                                "ids": [],
                                "labels": [],
                                "masters": [],
                                "uuids": [
                                    "8e547355-994a-4bad-a941-da93f4f1cdfd"
                                ]
                            },
                            "sectors": "2097152",
                            "sectorsize": 512,
                            "size": "1.00 GB",
                            "start": "2048",
                            "uuid": "8e547355-994a-4bad-a941-da93f4f1cdfd"
                        },
                        "sda2": {
                            "holders": [],
                            "links": {
                                "ids": [],
                                "labels": [],
                                "masters": [],
                                "uuids": [
                                    "9e4d046c-02cf-47bd-a4bf-1e8b5fa4bed5"
                                ]
                            },
                            "sectors": "2097152",
                            "sectorsize": 512,
                            "size": "1.00 GB",
                            "start": "2099200",
                            "uuid": "9e4d046c-02cf-47bd-a4bf-1e8b5fa4bed5"
                        },
                        "sda3": {
                            "holders": [],
                            "links": {
                                "ids": [],
                                "labels": [],
                                "masters": [],
                                "uuids": [
                                    "7348b9b1-f2a7-46c6-bede-4f22224dc168"
                                ]
                            },
                            "sectors": "37746688",
                            "sectorsize": 512,
                            "size": "18.00 GB",
                            "start": "4196352",
                            "uuid": "7348b9b1-f2a7-46c6-bede-4f22224dc168"
                        }
                    },
                    "removable": "0",
                    "rotational": "1",
                    "sas_address": null,
                    "sas_device_handle": null,
                    "scheduler_mode": "deadline",
                    "sectors": "41943040",
                    "sectorsize": "512",
                    "size": "20.00 GB",
                    "support_discard": "0",
                    "vendor": "VMware,",
                    "virtual": 1
                },
                "sr0": {
                    "holders": [],
                    "host": "IDE interface: Intel Corporation 82371AB/EB/MB PIIX4 IDE (rev 01)",
                    "links": {
                        "ids": [
                            "ata-VMware_Virtual_IDE_CDROM_Drive_00000000000000000001"
                        ],
                        "labels": [],
                        "masters": [],
                        "uuids": []
                    },
                    "model": "VMware IDE CDR00",
                    "partitions": {},
                    "removable": "1",
                    "rotational": "1",
                    "sas_address": null,
                    "sas_device_handle": null,
                    "scheduler_mode": "deadline",
                    "sectors": "2097151",
                    "sectorsize": "512",
                    "size": "1024.00 MB",
                    "support_discard": "0",
                    "vendor": "NECVMWar",
                    "virtual": 1
                },
                "sr1": {
                    "holders": [],
                    "host": "IDE interface: Intel Corporation 82371AB/EB/MB PIIX4 IDE (rev 01)",
                    "links": {
                        "ids": [
                            "ata-VMware_Virtual_IDE_CDROM_Drive_10000000000000000001"
                        ],
                        "labels": [],
                        "masters": [],
                        "uuids": []
                    },
                    "model": "VMware IDE CDR10",
                    "partitions": {},
                    "removable": "1",
                    "rotational": "1",
                    "sas_address": null,
                    "sas_device_handle": null,
                    "scheduler_mode": "deadline",
                    "sectors": "2097151",
                    "sectorsize": "512",
                    "size": "1024.00 MB",
                    "support_discard": "0",
                    "vendor": "NECVMWar",
                    "virtual": 1
                }
            },
            "discovered_interpreter_python": "/usr/bin/python"
        },
        "changed": false
    }
    
    1. 其他信息参数
    ansible_all_ipv4_addresses:仅显示ipv4的信息。
    ansible_devices:仅显示磁盘设备信息。
    ansible_distribution:显示是什么系统,例:centos,suse等。
    ansible_distribution_major_version:显示是系统主版本。
    ansible_distribution_version:仅显示系统版本。
    ansible_machine:显示系统类型,例:32位,还是64位。
    ansible_eth0:仅显示eth0的信息。
    ansible_hostname:仅显示主机名。
    ansible_kernel:仅显示内核版本。
    ansible_lvm:显示lvm相关信息。
    ansible_memtotal_mb:显示系统总内存。
    ansible_memfree_mb:显示可用系统内存。
    ansible_memory_mb:详细显示内存情况。
    ansible_swaptotal_mb:显示总的swap内存。
    ansible_swapfree_mb:显示swap内存的可用内存。
    ansible_mounts:显示系统磁盘挂载情况。
    ansible_processor:显示cpu个数(具体显示每个cpu的型号)。
    ansible_processor_vcpus:显示cpu个数(只显示总的个数)。
    

    此处匹配规则支持通配符,后面我们在使用playbook的时候,会针对这些内置变量参考使用。

    Ansible示例

    一键部署rsync,nfs,nginx,httpd,上传作业代码

    1. m01配置密钥登录
    [root@m01 ~]# yum install -y ansible
    # 创建密钥对
    [root@m01 ~]# ssh-keygen
    # 推送公钥
    [root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.4
    [root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.5
    [root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.6
    [root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.7
    [root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.8
    [root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.9
    [root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.31
    [root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.41
    [root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.51
    [root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.61
    
    1. 编写主机清单
    [web_group]
    web01 ansible_ssh_host=172.16.1.7
    web02 ansible_ssh_host=172.16.1.8
    
    [db_group]
    db01 ansible_ssh_host=172.16.1.51
    
    [nfs_group]
    nfs ansible_ssh_host=172.16.1.31
    
    [backup_group]
    backup ansible_ssh_host=172.16.1.41
    
    [lb_group]
    lb01 ansible_ssh_host=172.16.1.5
    lb02 ansible_ssh_host=172.16.1.6
    
    [rsync_server:children]
    nfs_group
    backup_group
    
    [nfs_server:children]
    web_group
    nfs_group
    
    [lnmp_server:children]
    web_group
    lb_group
    
    1. 编写脚本测试
    #!/bin/bash
    
    # 创建用户及组
    ansible 'all' -m group -a 'name=www gid=666 state=present' &&
    ansible 'all' -m user -a 'name=www uid=666 group=www state=present shell=/sbin/nologin create_home=false' &&
    
    # 部署httpd服务
    ansible 'web_group' -m yum -a 'name=httpd,php state=present' &&
    # 替换http服务启动用户及组
    ansible 'web_group' -m shell -a "sed -i '/^User/c User www' /etc/httpd/conf/httpd.conf" &&
    ansible 'web_group' -m shell -a "sed -i '/^Group/c Group www' /etc/httpd/conf/httpd.conf" &&
    # 启动httpd服务
    ansible 'web_group' -m systemd -a 'name=httpd  state=started enabled=yes' &&
    
    # 上传代码,并修改图片路径
    ansible 'web_group' -m copy -a 'src=/root/httpd_file/ dest=/var/www/html/ owner=www group=www '
    # 远程推送作业代码
    ansible 'web_group' -m file -a 'path=/var/www/html/uploads state=directory owner=www group=www' &&
    
    # 部署nfs服务
    ansible 'nfs_server' -m yum -a 'name=nfs-utils  state=present' && 
    # 推送nfs服务配置文件
    ansible 'nfs_group' -m copy -a 'content="/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)" dest=/etc/exports' &&
    # 启动nfs服务并开机自启
    ansible 'nfs_server' -m systemd -a 'name=nfs-server  state=started enabled=yes' &&
    
    # 远程下载rsync服务
    ansible 'rsync_server' -m yum -a 'name=rsync  state=present' &&
    # 推送rsync配置文件
    ansible 'backup_group' -m copy -a 'src=/root/rsync_file   dest=/etc/rsyncd.conf' &&
    # 推送密码文件至rsync服务端
    ansible 'backup_group' -m copy -a 'content=rsync_backup:123 dest=/etc/rsync.passwd mode=0600' &&
    # 推送密码文件至rsync客户端
    ansible 'nfs_group' -m copy -a 'content=123 dest=/etc/rsync.pass mode=0600' &&
    # 启动rsync服务,并加入开机自启
    ansible 'rsync_server' -m systemd -a 'name=rsyncd  state=started enabled=yes' &&
    
    # 远程下载mariadb服务
    ansible 'db_group' -m yum -a 'name=mariadb-server  state=present' &&
    # 启动并加入开机自启
    ansible 'db_group' -m systemd -a 'name=mariadb  state=started enabled=yes' &&
    
    # 推送nginx官方源
    ansible 'lnmp_server' -m copy -a 'src=/etc/yum.repos.d/nginx.repo dest=/etc/yum.repos.d/' &&
    # 远程下载nginx
    ansible 'lnmp_server' -m yum -a 'name=nginx state=present' &&
    # 远程修改nginx配置文件
    ansible 'lnmp_server' -m shell -a "sed -i '/^user/c user www;' /etc/nginx/nginx.conf" &&
    # 启动nginx
    ansible 'lnmp_server' -m systemd -a 'name=nginx  state=started enabled=yes' 
    
    1. 编写脚本所需配置文件
    [root@m01 ~]# vim /root/rsync_file
    uid = www
    gid = www
    port = 873
    fake super = yes
    use chroot = no
    max connections = 200
    timeout = 600
    ignore errors
    read only = false
    list = false
    auth users = rsync_backup
    secrets file = /etc/rsync.passwd
    log file = /var/log/rsyncd.log
    #####################################
    [backup]
    comment = welcome to oldboyedu backup!
    path = /backup
    [data]
    comment = welcome to oldboyedu nfs!
    path = /data
    
    # 传作业压缩包到目录里,并解压修改上传图片路径
    [root@m01 ~]# cd httpd_file 
    
    # 创建nginx官方源
    [root@m01 ~]# vim /etc/yum.repos.d/nginx.repo
    [nginx]
    name=nginx repo
    baseurl=http://nginx.org/packages/centos/7/$basearch/
    gpgcheck=0
    enabled=1
    
    1. 执行脚本
      测试:web上http服务,上传作业代码

    img

    测试:lb上nginx服务
    img

    测试:测试db上mysql服务
    img

    测试:nfs服务

    img

    测试:rsync服务

  • 相关阅读:
    BZOJ_3159_决战
    11.19 ~ 11.25训练计划+总结
    BZOJ_1304_[CQOI2009]叶子的染色_树形DP
    BZOJ_1999_[Noip2007]Core树网的核_单调队列+树形DP
    BZOJ_4033_[HAOI2015]树上染色_树形DP
    BZOJ_5338_ [TJOI2018]xor_可持久化trie
    BZOJ_2957_楼房重建_线段树
    BZOJ_3124_[Sdoi2013]直径_树形DP
    BZOJ_4987_Tree_树形DP
    「JOISC 2019 Day2」两个天线(线段树)
  • 原文地址:https://www.cnblogs.com/backups/p/ansible_2.html
Copyright © 2011-2022 走看看