zoukankan      html  css  js  c++  java
  • Ansible常用模块介绍及使用(2)

    Ansible模块

    在上一篇博客《Ansible基础认识及安装使用详解(一)–技术流ken》中以及简单的介绍了一下ansible的模块。ansible是基于模块工作的,所以我们必须掌握几个常用的模块以便能够从容应对日常的工作。

    相信大家在看完上一篇博客之后应该也已经知道可以使用ansible-doc -s 模块名,可以获取到模块的使用帮助,在本篇博客中就不再赘述。

    Ansible常用模块介绍

    ansible常用模块主要有如下12个:

    复制代码
    ping 模块:            尝试连接主机,如果测试成功会返回‘pong’
    command模块:          在远程节点执行命令
    yum模块:              使用yum软件包管理工具管理软件包
    shell模块:            和command模块类似,执行命令,支持变量等符号
    cron模块 :            管理定时任务
    service模块:          管理程序服务
    file模块:             设置文件属性
    copy模块:             复制本地文件到远程主机
    script模块:           传送本地的一个脚本并在远程主机上执行
    setup模块: 获取远程主机的参数信息 user模块: 管理用户账户 group模块: 添加或者删除用户组
    复制代码

    Ansible常用模块使用详解

    下面就针对每个模块的使用进行一一演示

    (一)command模块

    command的模块是在远程主机执行命令。默认使用此模块,所以可以省略

    例:获取远程主机的ip信息

    复制代码
    [root@ken ~]# ansible all -m command -a "ip a"
    10.220.5.138 | SUCCESS | rc=0 >>
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
           valid_lft forever preferred_lft forever
        inet6 ::1/128 scope host 
           valid_lft forever preferred_lft forever
    2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000
        link/ether 00:0c:29:a9:90:16 brd ff:ff:ff:ff:ff:ff
        inet 10.220.5.138/24 brd 10.220.5.255 scope global noprefixroute eth0
           valid_lft forever preferred_lft forever
        inet6 fe80::20c:29ff:fea9:9016/64 scope link 
           valid_lft forever preferred_lft forever
    
    10.220.5.139 | SUCCESS | rc=0 >>
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
           valid_lft forever preferred_lft forever
        inet6 ::1/128 scope host 
           valid_lft forever preferred_lft forever
    2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000
        link/ether 00:0c:29:65:31:ad brd ff:ff:ff:ff:ff:ff
        inet 10.220.5.139/24 brd 10.220.5.255 scope global noprefixroute eth0
           valid_lft forever preferred_lft forever
        inet6 fe80::20c:29ff:fe65:31ad/64 scope link 
           valid_lft forever preferred_lft forever
    复制代码

    (二)cron模块

    cron模块是管理定时任务

    例:在远程节点每隔5分钟往、/tmp/ken.txt输入111

    复制代码
    [root@ken ~]# ansible all -m cron -a "minute=*/5 job='echo 111>/tmp/ken.txt'  state=present"
    10.220.5.139 | SUCCESS => {
        "changed": true, 
        "envs": [], 
        "jobs": [
            "None", 
            "None"
        ]
    }
    10.220.5.138 | SUCCESS => {
        "changed": true, 
        "envs": [], 
        "jobs": [
            "None", 
            "None"
        ]
    }
    复制代码

    可以查看是否已经设置成功。可以看到已经安装成功

    复制代码
    [root@ken ~]# ansible all  -a "crontab -l"
    10.220.5.138 | SUCCESS | rc=0 >>
    #Ansible: None
    */5 * * * * echo 111>/tmp/ken.txt
    
    10.220.5.139 | SUCCESS | rc=0 >>
    #Ansible: None
    */5 * * * * echo 111>/tmp/ken.txt
    复制代码

    移除计划任务

    复制代码
    [root@ken ~]# ansible all  -a "crontab -r"
    10.220.5.138 | SUCCESS | rc=0 >>
    
    
    10.220.5.139 | SUCCESS | rc=0 >>
    
    
    [root@ken ~]# ansible all  -a "crontab -l"
    10.220.5.139 | FAILED | rc=1 >>
    no crontab for rootnon-zero return code
    
    10.220.5.138 | FAILED | rc=1 >>
    no crontab for rootnon-zero return code
    复制代码

    (三)copy模块

    copy模块是复制本机文件到远程节点之上

    例:复制本机/tmp/ken.sh 到远程节点上的/tmp下

    复制代码
    [root@ken ~]# ansible all -m copy -a "src=/tmp/ken.sh dest=/tmp"
    10.220.5.138 | SUCCESS => {
        "changed": true, 
        "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", 
        "dest": "/tmp/ken.sh", 
        "gid": 0, 
        "group": "root", 
        "md5sum": "d41d8cd98f00b204e9800998ecf8427e", 
        "mode": "0644", 
        "owner": "root", 
        "size": 0, 
        "src": "/root/.ansible/tmp/ansible-tmp-1542373625.27-167828199145082/source", 
        "state": "file", 
        "uid": 0
    }
    10.220.5.139 | SUCCESS => {
        "changed": true, 
        "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", 
        "dest": "/tmp/ken.sh", 
        "gid": 0, 
        "group": "root", 
        "md5sum": "d41d8cd98f00b204e9800998ecf8427e", 
        "mode": "0644", 
        "owner": "root", 
        "size": 0, 
        "src": "/root/.ansible/tmp/ansible-tmp-1542373625.3-279713897725048/source", 
        "state": "file", 
        "uid": 0
    }
    复制代码

    查看是否已经真的传送过去了。发现在远程主机的/tmp目录下面已经有个刚刚我们传送过去的文件了

    [root@ken ~]# ansible all -m shell -a "ls /tmp | grep ken.sh"
    10.220.5.138 | SUCCESS | rc=0 >>
    ken.sh
    
    10.220.5.139 | SUCCESS | rc=0 >>
    ken.sh

    (四)yum模块

    yum模块是用来管理远程安装包的

    例:在远程节点下载httpd服务

    复制代码
    [root@ken ~]# ansible all -m yum -a "name=httpd state=present"
    10.220.5.138 | SUCCESS => {
        "changed": true, 
        "msg": "file:///mnt/repodata/repomd.xml: [Errno 14] curl#37 - "Couldn't open file /mnt/repodata/repomd.xml"
    Trying other mirror.
    ", 
        "rc": 0, 
        "results": [
            "Loaded plugins: fastestmirror, langpacks
    Loading mirror speeds from cached hostfile
    Resolving Dependencies
    --> Running transaction check
    ---> Package httpd.x86_64 0:2.4.6-80.el7.centos.1 will be installed
    --> Finished Dependency Resolution
    
    Dependencies Resolved
    
    ================================================================================
     Package      Arch          Version                        Repository      Size
    ================================================================================
    Installing:
     httpd        x86_64        2.4.6-80.el7.centos.1          updates        2.7 M
    
    Transaction Summary
    ================================================================================
    Install  1 Package
    
    Total download size: 2.7 M
    Installed size: 9.4 M
    Downloading packages:
    Running transaction check
    Running transaction test
    Transaction test succeeded
    Running transaction
      Installing : httpd-2.4.6-80.el7.centos.1.x86_64                           1/1 
      Verifying  : httpd-2.4.6-80.el7.centos.1.x86_64                           1/1 
    
    Installed:
      httpd.x86_64 0:2.4.6-80.el7.centos.1                                          
    
    Complete!
    "
        ]
    }
    10.220.5.139 | SUCCESS => {
        "changed": true, 
        "msg": "", 
        "rc": 0, 
        "results": [
            "Loaded plugins: fastestmirror, langpacks
    Loading mirror speeds from cached hostfile
    Resolving Dependencies
    --> Running transaction check
    ---> Package httpd.x86_64 0:2.4.6-80.el7.centos.1 will be installed
    --> Finished Dependency Resolution
    
    Dependencies Resolved
    
    ================================================================================
     Package      Arch          Version                        Repository      Size
    ================================================================================
    Installing:
     httpd        x86_64        2.4.6-80.el7.centos.1          updates        2.7 M
    
    Transaction Summary
    ================================================================================
    Install  1 Package
    
    Total download size: 2.7 M
    Installed size: 9.4 M
    Downloading packages:
    Running transaction check
    Running transaction test
    Transaction test succeeded
    Running transaction
      Installing : httpd-2.4.6-80.el7.centos.1.x86_64                           1/1 
      Verifying  : httpd-2.4.6-80.el7.centos.1.x86_64                           1/1 
    
    Installed:
      httpd.x86_64 0:2.4.6-80.el7.centos.1                                          
    
    Complete!
    "
        ]
    }
    复制代码

    查看是否已经安装成功

    复制代码
    [root@ken ~]# ansible all  -m yum -a "list=httpd"
    10.220.5.138 | SUCCESS => {
        "changed": false, 
        "results": [
            {
                "arch": "x86_64", 
                "envra": "0:httpd-2.4.6-80.el7.centos.1.x86_64", 
                "epoch": "0", 
                "name": "httpd", 
                "release": "80.el7.centos.1", 
                "repo": "installed", 
                "version": "2.4.6", 
                "yumstate": "installed"
            }, 
            {
                "arch": "x86_64", 
                "envra": "0:httpd-2.4.6-80.el7.centos.1.x86_64", 
                "epoch": "0", 
                "name": "httpd", 
                "release": "80.el7.centos.1", 
                "repo": "updates", 
                "version": "2.4.6", 
                "yumstate": "available"
            }, 
            {
                "arch": "x86_64", 
                "envra": "0:httpd-2.4.6-80.el7.centos.x86_64", 
                "epoch": "0", 
                "name": "httpd", 
                "release": "80.el7.centos", 
                "repo": "centos7", 
                "version": "2.4.6", 
                "yumstate": "available"
            }, 
            {
                "arch": "x86_64", 
                "envra": "0:httpd-2.4.6-80.el7.centos.x86_64", 
                "epoch": "0", 
                "name": "httpd", 
                "release": "80.el7.centos", 
                "repo": "ken", 
                "version": "2.4.6", 
                "yumstate": "available"
            }
        ]
    }
    10.220.5.139 | SUCCESS => {
        "changed": false, 
        "results": [
            {
                "arch": "x86_64", 
                "envra": "0:httpd-2.4.6-80.el7.centos.1.x86_64", 
                "epoch": "0", 
                "name": "httpd", 
                "release": "80.el7.centos.1", 
                "repo": "installed", 
                "version": "2.4.6", 
                "yumstate": "installed"
            }, 
            {
                "arch": "x86_64", 
                "envra": "0:httpd-2.4.6-80.el7.centos.1.x86_64", 
                "epoch": "0", 
                "name": "httpd", 
                "release": "80.el7.centos.1", 
                "repo": "updates", 
                "version": "2.4.6", 
                "yumstate": "available"
            }, 
            {
                "arch": "x86_64", 
                "envra": "0:httpd-2.4.6-80.el7.centos.x86_64", 
                "epoch": "0", 
                "name": "httpd", 
                "release": "80.el7.centos", 
                "repo": "centos7", 
                "version": "2.4.6", 
                "yumstate": "available"
            }
        ]
    }
    复制代码

    (五)service模块

    service模块是用来管理服务程序的

    例:启动远程节点的httpd服务

    复制代码
    [root@ken ~]# ansible all  -m service -a "name=httpd state=restarted"
    10.220.5.138 | SUCCESS => {
        "changed": true, 
        "name": "httpd", 
        "state": "started", 
        "status": {
            "ActiveEnterTimestampMonotonic": "0", 
            "ActiveExitTimestampMonotonic": "0", 
            "ActiveState": "inactive", 
            "After": "nss-lookup.target systemd-journald.socket network.target tmp.mount system.slice remote-fs.target -.mount basic.target", 
            "AllowIsolate": "no", 
            "AmbientCapabilities": "0", 
            "AssertResult": "no", 
            "AssertTimestampMonotonic": "0", 
            "Before": "shutdown.target", 
            "BlockIOAccounting": "no", 
    ....
    复制代码

    输出信息很长,我就省略了。现在查看是否已经启动成功

    [root@ken ~]# ansible all  -m shell -a "ss -tnl | grep 80"
    10.220.5.139 | SUCCESS | rc=0 >>
    LISTEN     0      128         :::80                      :::*                  
    
    10.220.5.138 | SUCCESS | rc=0 >>
    LISTEN     0      128         :::80                      :::*

    (六)file模块

    file模块是用来设置文件属性的

    例:在远程节点的/tmp下创建一个test.txt文件

    复制代码
    [root@ken ~]# ansible all  -m file  -a "state=touch path=/tmp/test.txt"
    10.220.5.139 | SUCCESS => {
        "changed": true, 
        "dest": "/tmp/test.txt", 
        "gid": 0, 
        "group": "root", 
        "mode": "0644", 
        "owner": "root", 
        "size": 0, 
        "state": "file", 
        "uid": 0
    }
    10.220.5.138 | SUCCESS => {
        "changed": true, 
        "dest": "/tmp/test.txt", 
        "gid": 0, 
        "group": "root", 
        "mode": "0644", 
        "owner": "root", 
        "size": 0, 
        "state": "file", 
        "uid": 0
    }
    复制代码

    查看文件是否已经创建成功

    [root@ken ~]# ansible all  -m shell -a "ls /tmp | grep test.txt"
    10.220.5.138 | SUCCESS | rc=0 >>
    test.txt
    
    10.220.5.139 | SUCCESS | rc=0 >>
    test.txt

    (七)shell模块

    shell模块和command模块类似即远程执行命令

    但是比command更强大

    例如:统计远程节点/tmp目录下有多少文件

    我们首先使用command看下效果

    复制代码
    [root@ken ~]# ansible all  -a "ls /tmp | wc -l"
    10.220.5.139 | FAILED | rc=2 >>
    /tmp:
    total 4
    drwx------ 2 root root  65 Nov 17 05:25 ansible_aIMVHi
    -rw-r--r-- 1 root root   0 Nov 17 05:07 ken.sh
    -rw-r--r-- 1 root root   0 Nov 17 05:00 ken.txt
    drwx------ 3 root root  17 Nov  7 16:04 systemd-private-2e376cd91398450f85a81bc060207ef8-chronyd.service-TxdhUO
    drwx------ 3 root root  17 Nov  7 16:05 systemd-private-2e376cd91398450f85a81bc060207ef8-httpd.service-k8IZOZ
    drwx------ 3 root root  17 Nov 15 15:58 systemd-private-5c9f32d6cff64520b10075e086d943ab-chronyd.service-iAH3c0
    drwx------ 3 root root  17 Nov 15 15:58 systemd-private-5c9f32d6cff64520b10075e086d943ab-httpd.service-dsAqeg
    drwx------ 3 root root  17 Nov 14 15:56 systemd-private-65ded84926e64a90b0a201a805f752ca-chronyd.service-eSj3iR
    drwx------ 3 root root  17 Nov 16 16:00 systemd-private-6706ba5361284cd4a0c91f3c8b68c606-chronyd.service-sLgAei
    drwx------ 3 root root  17 Nov 17 05:17 systemd-private-6706ba5361284cd4a0c91f3c8b68c606-httpd.service-u6vla7
    -rw-r--r-- 1 root root   0 Nov 17 05:22 test.txt
    drwx------ 2 root root   6 Nov 15 15:58 vmware-root
    -rw------- 1 root root 467 Nov 15 16:02 yum_save_tx.2018-11-15.16-02.KHC9kd.yumtxls: cannot access |: No such file or directory
    ls: cannot access wc: No such file or directorynon-zero return code
    
    10.220.5.138 | FAILED | rc=2 >>
    /tmp:
    total 0
    drwx------ 2 root   root   65 Nov 16 21:25 ansible_v4MF1q
    drwxr-xr-x 2 root   root   19 Nov  7 09:35 hsperfdata_root
    drwxr-xr-x 2 zabbix zabbix 19 Nov  7 08:48 hsperfdata_zabbix
    ...
    复制代码

    可以看到命令执行失败

    现在我们再使用shell执行相同的操作看下效果

    可以发现这次获取到了我们所需要的信息

    [root@ken ~]# ansible all  -m shell -a "ls /tmp | wc -l"
    10.220.5.138 | SUCCESS | rc=0 >>
    13
    
    10.220.5.139 | SUCCESS | rc=0 >>
    13

    (八)ping模块

    ping模块可以探测远程主机

    不用加任何的参数信息

    获取成功就会返回pong

    复制代码
    [root@ken ~]# ansible all -m ping
    10.220.5.139 | SUCCESS => {
        "changed": false, 
        "ping": "pong"
    }
    10.220.5.138 | SUCCESS => {
        "changed": false, 
        "ping": "pong"
    }
    复制代码

    接下来还有四个常用模块,因为我换了自己的电脑,所以IP地址不再是上面的那些。

    (九)setup模块

    setup模块用来获取节点的参数信息

    获取到的信息很详细,大家如果感兴趣可以研究一下

    复制代码
    [root@ken ~]# ansible all -m setup
    192.168.43.176 | SUCCESS => {
        "ansible_facts": {
            "ansible_all_ipv4_addresses": [
                "192.168.11.5", 
                "192.168.43.176"
            ], 
            "ansible_all_ipv6_addresses": [
                "fe80::20c:29ff:fea5:e9ae", 
                "2408:84f4:83:54f1:20c:29ff:fea5:e9a4", 
                "fe80::20c:29ff:fea5:e9a4"
            ], 
            "ansible_apparmor": {
                "status": "disabled"
            }, 
            "ansible_architecture": "x86_64", 
            "ansible_bios_date": "07/02/2015", 
            "ansible_bios_version": "6.00", 
            "ansible_cmdline": {
                "BOOT_IMAGE": "/vmlinuz-3.10.0-862.el7.x86_64", 
                "biosdevname": "0", 
                "crashkernel": "auto", 
                "net.ifnames": "0", 
                "quiet": true, 
                "rd.lvm.lv": "centos/swap", 
                "rhgb": true, 
                "ro": true, 
                "root": "/dev/mapper/centos-root"
            }, 
            "ansible_date_time": {
                "date": "2018-11-16", 
                "day": "16", 
                "epoch": "1542378922", 
                "hour": "22", 
                "iso8601": "2018-11-16T14:35:22Z", 
                "iso8601_basic": "20181116T223522739565", 
                "iso8601_basic_short": "20181116T223522", 
                "iso8601_micro": "2018-11-16T14:35:22.739656Z", 
                "minute": "35", 
                "month": "11", 
                "second": "22", 
                "time": "22:35:22", 
                "tz": "CST", 
                "tz_offset": "+0800", 
                "weekday": "Friday", 
                "weekday_number": "5", 
                "weeknumber": "46", 
                "year": "2018"
            }, 
    ...
    复制代码

    (十)script模块

    作用是将本地的一个脚本传送至远程主机上面并运行

    无需加多余参数,只需要在-a后面加上本地脚本路径即可

    复制代码
    [root@ken ~]# ansible all -m script -a /tmp/test.sh
    192.168.43.175 | CHANGED => {
        "changed": true, 
        "rc": 0, 
        "stderr": "Shared connection to 192.168.43.175 closed.
    ", 
        "stderr_lines": [
            "Shared connection to 192.168.43.175 closed."
        ], 
        "stdout": "server
    ", 
        "stdout_lines": [
            "server"
        ]
    }
    192.168.43.176 | CHANGED => {
        "changed": true, 
        "rc": 0, 
        "stderr": "Shared connection to 192.168.43.176 closed.
    ", 
        "stderr_lines": [
            "Shared connection to 192.168.43.176 closed."
        ], 
        "stdout": "agent
    ", 
        "stdout_lines": [
            "agent"
        ]
    }
    复制代码

    (十一)user模块

    user模块是请求的是useradd, userdel, usermod三个指令

    如下的命令含义是创建一个ken用户,shell类型为/sbin/nologin,uid号为454,系统用户

    复制代码
    [root@ken ~]# ansible all -m user -a "name=ken shell=/sbin/nologin uid=454 state=present"
    192.168.43.176 | FAILED! => {
        "changed": false, 
        "msg": "useradd: UID 454 is not unique
    ", 
        "name": "ken", 
        "rc": 4
    }
    192.168.43.175 | CHANGED => {
        "changed": true, 
        "comment": "", 
        "create_home": true, 
        "group": 100, 
        "home": "/home/ken", 
        "name": "ken", 
        "shell": "/sbin/nologin", 
        "state": "present", 
        "system": false, 
        "uid": 454
    }
    复制代码

    从上面的执行结果来看192.168.43.176执行失败了,根据提示可知uid454的用户可能已经存在,让我们来看一下是否真的存在

    命令返回结果显示uid454为nginx用户

    [root@ken ~]# ansible 192.168.43.176 -a "grep 454 /etc/passwd"
    192.168.43.176 | CHANGED | rc=0 >>
    nginx:x:454:454:Nginx web server:/var/lib/nginx:/sbin/nologin

    再来看一下192.168.43.175执行成功的

    [root@ken ~]# ansible 192.168.43.175 -a "tail -1 /etc/passwd"
    192.168.43.175 | CHANGED | rc=0 >>
    ken:x:454:100::/home/ken:/sbin/nologin

    (十二)group模块

    goup模块请求的是groupadd, groupdel, groupmod 三个指令

    如下命令含义是创建一个名为test1的组,gid为1122,在远程主机可用

    复制代码
    [root@ken ~]# ansible all -m group -a "name=test1 gid=1122 state=present"
    192.168.43.176 | CHANGED => {
        "changed": true, 
        "gid": 1122, 
        "name": "test1", 
        "state": "present", 
        "system": false
    }
    192.168.43.175 | CHANGED => {
        "changed": true, 
        "gid": 1122, 
        "name": "test1", 
        "state": "present", 
        "system": false
    }
  • 相关阅读:
    poj 2488 DFS
    畅通工程 并查集模版
    KMP 模板
    poj 1426 DFS
    poj 2528 线段数
    poj 3468 线段数 修改区间(点)
    CVPR2012文章阅读(2)A Unified Approach to Salient Object Detection via Low Rank Matrix Recovery
    如何制定目标
    Saliency Map 最新综述
    计算机视觉模式识别重要会议杂志
  • 原文地址:https://www.cnblogs.com/it-peng/p/11399420.html
Copyright © 2011-2022 走看看