ansible晋级操作之ad-hoc命令
所谓的ad-hoc命令!
如果我们敲入一些命令去比较快的完成一些事情,而不需要将这些执行的命令特别保存下来, 这样的命令就叫做 ad-hoc 命令。Ansible提供两种方式去完成任务,一是 ad-hoc 命令,一是写 Ansible playbook.前者可以解决一些简单的任务, 后者解决较复杂的任务.
在学习了 playbooks 之后,你才能体会到 Ansible 真正的强大之处在哪里.
在什么情境下去使用ad-hoc 命令呢?
比如说查看ip,查看服务状态等.那种少了命令即可实现的操作
测试操作
[root@localhost ~]# ansible group1 -a "ls"
[DEPRECATION WARNING]: DEFAULT_SUDO_USER option, In favor of Ansible Become, which is a generic framework. See
become_user. , use become instead. This feature will be removed in version 2.8. Deprecation warnings can be disabled
by setting deprecation_warnings=False in ansible.cfg.
10.0.15.60 | CHANGED | rc=0 >>
test1.txt
10.0.15.66 | CHANGED | rc=0 >>
test2.txt
-------------------------------------------------------
group1是在/etc/ansible/hosts中设置的组,即操作当前组中的主机
不了解的朋友可以看看我上篇博客:传送门
#上面的警告可以通过修改配置文件进行注释
编辑ansible.cfg 修改deprecation_warnings 为False即可
ansible group1 -a "ls" -u username #-u username 表示指定的用户执行
ansible有许多模块,默认是 ‘command’,也就是命令模块
我们可以通过 -m 选项来指定“不同的模块”.在前面所示的例子中, 因为我们是要在 group1 组下的服务器中执行 ls 命令,因为是执行命令,所以就不需要指定command模块。使用 默认设定就OK
注意:command 模块不支持 shell 变量,也不支持管道等 shell 相关的东西.如果你想使用 shell相关的这些东西, 请使用’shell’ 模块.
shell模块使用
[root@localhost ~]# ansible group1 -m shell -a 'echo $PATH'
10.0.15.66 | CHANGED | rc=0 >>
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
10.0.15.60 | CHANGED | rc=0 >>
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/local/cpgroup/jdk/bin:/usr/local/cpgroup/jdk/jre/bin:/usr/local/cpgroup/ant/dist/bin:/usr/local/cpgroup/maven/bin:/usr/local/cpgroup/python/bin:/usr/local/git/bin
!!!注意使用Ansible ad-hoc 命令行接口时(与使用 Playbooks 的情况相反)。尤其注意shell 引号的规则。比如在上面的例子中,如果使用双引号”echo $PATH”,求出PATH”变量在当前系统的值,而我们想要将这个命令传递到其他机器上面
[root@localhost ~]# ansible group1 -m shell -a "echo $PATH"
10.0.15.66 | CHANGED | rc=0 >>
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/local/go/bin:/root/bin
10.0.15.60 | CHANGED | rc=0 >>
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/local/go/bin:/root/bin
[root@localhost ~]# echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/local/go/bin:/root/bin
ansible下的scp
[root@localhost ~]# ansible group1 -m copy -a "src=/root/1.txt dest=/root/1.txt"
10.0.15.66 | CHANGED => {
"changed": true,
"checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709",
"dest": "/root/1.txt",
"gid": 0,
"group": "root",
"md5sum": "d41d8cd98f00b204e9800998ecf8427e",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 0,
"src": "/root/.ansible/tmp/ansible-tmp-1550550512.6-88436779222448/source",
"state": "file",
"uid": 0
}
10.0.15.60 | CHANGED => {
"changed": true,
"checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709",
"dest": "/root/1.txt",
"gid": 0,
"group": "root",
"md5sum": "d41d8cd98f00b204e9800998ecf8427e",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 0,
"src": "/root/.ansible/tmp/ansible-tmp-1550550512.59-19910559807601/source",
"state": "file",
"uid": 0
}
ansible修改文件权限
[root@localhost ~]# ansible group1 -m file -a "dest=/root/1.txt mode=777"
10.0.15.60 | CHANGED => {
"changed": true,
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"path": "/root/1.txt",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
10.0.15.66 | CHANGED => {
"changed": true,
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"path": "/root/1.txt",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
修改文件所属用户所属组
[root@localhost ~]# ansible group1 -m file -a "dest=/root/1.txt mode=644 owner=www-data group=www-data"
10.0.15.66 | CHANGED => {
"changed": true,
"gid": 1000,
"group": "www-data",
"mode": "0644",
"owner": "www-data",
"path": "/root/1.txt",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 0,
"state": "file",
"uid": 1000
}
10.0.15.60 | CHANGED => {
"changed": true,
"gid": 1001,
"group": "www-data",
"mode": "0644",
"owner": "www-data",
"path": "/root/1.txt",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 0,
"state": "file",
"uid": 1001
}
创建与删除
ansible group -m file -a "dest=/root/test state=directory"
没有state参数默认创建文件,添加后变为创建目录
state=absent 这个参数代表删除文件
在创建过程中可以在双引号中添加一些其他参数 如mode owner group等
yum的管理
Ansible 提供对 yum 和 apt 的支持
#查看当前包是否安装
[root@localhost ~]# ansible group1 -m yum -a "name=net-tools state=present"
10.0.15.66 | SUCCESS => {
"ansible_facts": {
"pkg_mgr": "yum"
},
"changed": false,
"msg": "",
"rc": 0,
"results": [
"net-tools-2.0-0.24.20131004git.el7.x86_64 providing net-tools is already installed"
]
}
10.0.15.60 | SUCCESS => {
"ansible_facts": {
"pkg_mgr": "yum"
},
"changed": false,
"msg": "",
"rc": 0,
"results": [
"net-tools-2.0-0.22.20131004git.el7.x86_64 providing net-tools is already installed"
]
}
ansible进行用户管理
使用 ‘user’ 模块可以方便的创建账户,删除账户,或是管理现有的账户
创建用户
[root@localhost ~]# ansible all -m user -a "name=test password=123456"
[WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this
module to work properly.
10.0.15.66 | CHANGED => {
"changed": true,
"comment": "",
"create_home": true,
"group": 1001,
"home": "/home/test",
"name": "test",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1001
}
10.0.15.60 | CHANGED => {
"changed": true,
"comment": "",
"create_home": true,
"group": 1002,
"home": "/home/test",
"name": "test",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1002
}
删除用户
[root@localhost ~]# ansible all -m user -a "name=test state=absent"
10.0.15.60 | CHANGED => {
"changed": true,
"force": false,
"name": "test",
"remove": false,
"state": "absent"
}
10.0.15.66 | CHANGED => {
"changed": true,
"force": false,
"name": "test",
"remove": false,
"state": "absent"
}
创建组
[root@localhost ~]# ansible all -m group -a "name=test"
10.0.15.66 | CHANGED => {
"changed": true,
"gid": 1001,
"name": "test",
"state": "present",
"system": false
}
10.0.15.60 | CHANGED => {
"changed": true,
"gid": 1002,
"name": "test",
"state": "present",
"system": false
}
删除组
[root@localhost ~]# ansible all -m group -a "name=test state=absent"
10.0.15.60 | CHANGED => {
"changed": true,
"name": "test",
"state": "absent"
}
10.0.15.66 | CHANGED => {
"changed": true,
"name": "test",
"state": "absent"
}
官方文档:传送门