标签:常用 CHANGED a1 ansible 模块 rc cst root
ansible常用模块
ansible常用模块使用详解
ansible常用模块有:
- ping
- yum
- template
- copy
- user
- group
- service
- raw
- command
- shell
- script
ansible常用模块raw、command、shell的区别:
- shell模块调用的/bin/sh指令执行
- command模块不是调用的shell的指令,所以没有bash的环境变量
- raw很多地方和shell类似,更多的地方建议使用shell和command模块。但是如果是使用老版本python,需要用到raw,又或者是客户端是路由器,因为没有安装python模块,那就需要使用raw模块了
//为了方便演示,修改etc下的hosts文件,给134主机写一个映射,命名为a1
[root@cst ~]# vim /etc/hosts
192.168.102.132 a1
//修改inventory文件
[root@cst ~]# vim /etc/ansible/inventory
[phps]
a1
ansible常用模块之ping
ping模块用于检查指定节点机器是否连通,用法很简单,不涉及参数,主机如果在线,则回复pong
[root@cst ~]# ansible all -m ping
a1 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
ansible常用模块之command
command模块用于在远程主机上执行命令,ansible默认就是使用command模块。
command模块有一个缺陷就是不能使用管道符和重定向功能。
//查看受控主机的etc目录下yum.repos.d目录的内容
[root@cst ~]# ansible a1 -m -a 'ls /etc/yum.repos.d/'
a1 | CHANGED | rc=0 >>
CentOS-Base.repo
percona-original-release.repo.bak
redhat.repo
[root@cst ~]# ansible a1 -m command -a 'ls /etc/yum.repos.d/'
a1 | CHANGED | rc=0 >>
CentOS-Base.repo
percona-original-release.repo.bak
redhat.repo
//在受控主机的/opt目录下新建一个文件test
[root@cst ~]# ansible a1 -a 'touch /opt/test'
[WARNING]: Consider using the file module with state=touch rather than running
'touch'. If you need to use command because file is insufficient you can add
'warn: false' to this command task or set 'command_warnings=False' in
ansible.cfg to get rid of this message.
a1 | CHANGED | rc=0 >>
[root@cst ~]# ansible a1 -a 'ls /opt'
a1 | CHANGED | rc=0 >>
mydata
test
//command模块不支持管道符,不支持重定向
尝试将123456写入到刚刚的test文件中,然后查看效果
[root@cst ~]# ansible a1 -a 'echo 123456 > /opt/test'
a1 | CHANGED | rc=0 >>
123456 > /opt/test
[root@cst ~]# ansible a1 -a 'cat /opt/test'
a1 | CHANGED | rc=0 >>
可以看到,看上去写入的命令执行成功了,但查询的时候并没有看到任何内容
同理,让我们查询一下是否安装过vim
[root@cst ~]# ansible a1 -a 'rpm -qa |grep vim'
[WARNING]: Consider using the yum, dnf or zypper module rather than running
'rpm'. If you need to use command because yum, dnf or zypper is insufficient
you can add 'warn: false' to this command task or set 'command_warnings=False'
in ansible.cfg to get rid of this message.
a1 | CHANGED | rc=0 >>
expat-2.2.5-4.el8.x86_64
python3-syspurpose-1.25.17-1.el8.x86_64
geolite2-city-20180605-1.el8.noarch
pcre-cpp-8.42-4.el8.x86_64
cronie-anacron-1.5.2-4.el8.x86_64
xkeyboard-config-2.24-3.el8.noarch
……
其他输出内容省略,可以看到,管道符后的查询命令没有生效
ansible常用模块之raw
raw模块用于在远程主机上执行命令,其支持管道符与重定向
//将123456写入到刚刚的test文件中,然后查看效果
[root@cst ~]# ansible a1 -m raw -a 'echo 123456 > /opt/test'
a1 | CHANGED | rc=0 >>
Shared connection to a1 closed.
[root@cst ~]# ansible a1 -m raw -a 'cat /opt/test'
a1 | CHANGED | rc=0 >>
123456
Shared connection to a1 closed.
//查询一下是否安装过vim
[root@cst ~]# ansible a1 -m raw -a 'rpm -qa |grep vim'
a1 | CHANGED | rc=0 >>
vim-minimal-8.0.1763-13.el8.x86_64
vim-common-8.0.1763-13.el8.x86_64
vim-X11-8.0.1763-13.el8.x86_64
vim-filesystem-8.0.1763-13.el8.noarch
vim-enhanced-8.0.1763-13.el8.x86_64
Shared connection to a1 closed.
ansible常用模块之shell
shell模块用于在受控机上执行受控机上的脚本,亦可直接在受控机上执行命令。
shell模块亦支持管道与重定向。
//在受控机132上写一个脚本,然后在主控机上执行
[root@132 ~]# mkdir /opt/script
[root@132 ~]# cd /opt/script/
[root@132 script]# vim a.sh
#!/bin/bash
echo abc 123 456 def
[root@cst ~]# ansible a1 -m shell -a '/bin/bash /opt/script/a.sh &> /opt/abc'
a1 | CHANGED | rc=0 >>
[root@cst ~]# ansible a1 -a 'cat /opt/abc'
a1 | CHANGED | rc=0 >>
abc 123 456 def
ansible常用模块之script
script模块用于在受控机上执行主控机上的脚本
//在主控机上写一个脚本
[root@cst ~]# cd /etc/ansible/
[root@cst ansible]# mkdir scripts
[root@cst ansible]# ls
ansible.cfg hosts inventory roles scripts
[root@cst ansible]# cd scripts/
[root@cst scripts]# vim aa.sh
#!/bin/bash
ip a > /opt/123
//用主控机在受控机上执行后查看效果
[root@cst ~]# ansible a1 -m script -a '/etc/ansible/scripts/aa.sh'
a1 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to a1 closed.\r\n",
"stderr_lines": [
"Shared connection to a1 closed."
],
"stdout": "",
"stdout_lines": []
}
[root@cst ~]# ansible a1 -a 'cat /opt/123'
a1 | CHANGED | rc=0 >>
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:f9:49:ea brd ff:ff:ff:ff:ff:ff
inet 192.168.102.132/24 brd 192.168.102.255 scope global dynamic noprefixroute ens160
valid_lft 1460sec preferred_lft 1460sec
inet6 fe80::7dbc:25ce:3e17:2/64 scope link noprefixroute
valid_lft forever preferred_lft forever
ansible常用模块之template
template模块用于生成一个模板,并可将其传输至远程主机上。
//在主控机上写一个文件传到受控机的opt目录下
[root@cst ~]# echo sdasadas > 6666
[root@cst ~]# ansible a1 -m template -a 'src=6666 dest=/opt'
a1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "147c9ea433282e03286c37f76e46507dbf816179",
"dest": "/opt/6666",
"gid": 0,
"group": "root",
"md5sum": "26b943f570825b0d7b355eb5a4a322a1",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:usr_t:s0",
"size": 9,
"src": "/root/.ansible/tmp/ansible-tmp-1610046444.1653154-2639-78913265354542/source",
"state": "file",
"uid": 0
}
[root@cst ~]# ansible a1 -a 'ls /opt'
a1 | CHANGED | rc=0 >>
123
6666
ab
abc
abc.txt
mydata
script
test
[root@cst ~]# ansible a1 -a 'cat /opt/6666'
a1 | CHANGED | rc=0 >>
sdasadas
ansible常用模块之yum/dnf
yum模块用于在指定节点机器上通过yum管理软件,其支持的参数主要有两个
- name:要管理的包名
- state:要进行的操作
state常用的值:
- latest:安装软件
- installed:安装软件
- present:安装软件
- removed:卸载软件
- absent:卸载软件
若想使用yum来管理软件,请确保受控机上的yum源无异常。
//在受控机上看vsftpd是否安装
[root@132 ~]# rpm -qa |grep zsh
[root@132 ~]#
//在主控机上使用yum模块在受控机上安装vsftpd
[root@cst ~]# ansible a1 -m dnf -a 'name=vsftpd state=present'
a1 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"msg": "Nothing to do",
"rc": 0,
"results": []
}
//在受控机上查看
[root@132 ~]# rpm -qa |grep vsftpd
vsftpd-3.0.3-31.el8.x86_64
ansible常用模块之copy
copy模块用于复制文件至远程受控机。
//把主控机上opt目录中1234文件复制到受控机的tmp目录下,并命名为abc
[root@cst opt]# ls
1234 mydata script
[root@cst opt]# ansible a1 -m copy -a 'src=/opt/1234 dest=/tmp/abc'
a1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709",
"dest": "/tmp/abc",
"gid": 0,
"group": "root",
"md5sum": "d41d8cd98f00b204e9800998ecf8427e",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 0,
"src": "/root/.ansible/tmp/ansible-tmp-1610047573.6644232-2801-230209187865521/source",
"state": "file",
"uid": 0
}
[root@cst opt]# ansible a1 -a 'ls /tmp'
a1 | CHANGED | rc=0 >>
abc
ansible_command_payload_2cp8uwc5
hsperfdata_root
systemd-private-c657a0d0022a4577ae14c162ef0a2f23-mariadb.service-kaK3Sk
vmware-root_954-2722108059
vmware-root_957-3988097346
vmware-root_958-2730693406
vmware-root_959-3979643072
vmware-root_962-2990678749
vmware-root_965-4256676100
vmware-root_968-2965448017
vmware-root_969-4281777807
vmware-root_977-4282171025
ansible常用模块之group
group模块用于在受控机上添加或删除组。
//在主控机上为受控机添加一个组,名为tom,gid为2000
[root@cst ~]# ansible a1 -m group -a 'name=tom gid=2000 state=present'
a1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"gid": 2000,
"name": "tom",
"state": "present",
"system": false
}
[root@cst ~]# ansible a1 -a 'grep tom /etc/group'
a1 | CHANGED | rc=0 >>
tom:x:2000:
//删除该组
[root@cst ~]# ansible a1 -m group -a 'name=tom gid=2000 state=absent'
a1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "tom",
"state": "absent"
}
[root@cst ~]# ansible a1 -a 'grep tom /etc/group'
a1 | FAILED | rc=1 >>
non-zero return code
ansible常用模块之user
user模块用于管理受控机的用户帐号。
//在受控机上添加一个系统用户,用户名为mysqld,uid为306,设置其shell为/sbin/nologin,无家目录
[root@cst ~]# ansible a1 -m user -a 'name=mysqld uid=306 system=yes create_home=no shell=/sbin/nologin state=present'
a1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"comment": "",
"create_home": false,
"group": 306,
"home": "/home/mysqld",
"name": "mysqld",
"shell": "/sbin/nologin",
"state": "present",
"system": true,
"uid": 306
}
[root@cst ~]# ansible a1 -m shell -a 'grep mysqld /etc/passwd'
a1 | CHANGED | rc=0 >>
mysqld:x:306:306::/home/mysqld:/sbin/nologin
[root@cst ~]# ansible a1 -a 'ls /home'
a1 | CHANGED | rc=0 >>
mike
//修改mysqld用户的uid为458
[root@cst ~]# ansible a1 -m user -a 'name=mysqld uid=458'
a1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"append": false,
"changed": true,
"comment": "",
"group": 306,
"home": "/home/mysqld",
"move_home": false,
"name": "mysqld",
"shell": "/sbin/nologin",
"state": "present",
"uid": 458
}
[root@cst ~]# ansible a1 -m shell -a 'grep mysqld /etc/passwd'
a1 | CHANGED | rc=0 >>
mysqld:x:458:306::/home/mysqld:/sbin/nologin
//删除受控机上的mysqld用户
[root@cst ~]# ansible a1 -m user -a 'name=mysqld state=absent'
a1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"force": false,
"name": "mysqld",
"remove": false,
"state": "absent"
}
[root@cst ~]# ansible a1 -m shell -a 'grep mysqld /etc/passwd'
a1 | FAILED | rc=1 >>
non-zero return code
ansible常用模块之service
service模块用于管理受控机上的服务。
//查看受控机上的vsftpd服务是否启动
[root@cst ~]# ansible a1 -a 'systemctl is-active vsftpd'
a1 | FAILED | rc=3 >>
inactivenon-zero return code
//启动受控机上的vsftpd服务
[root@cst ~]# ansible a1 -m service -a 'name=vsftpd state=started'
a1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "vsftpd",
"state": "started",
"status": {
"ActiveEnterTimestampMonotonic": "0",
……
[root@cst ~]# ansible a1 -a 'systemctl is-active vsftpd'
a1 | CHANGED | rc=0 >>
active
//查看受控机上的vsftpd服务是否开机自动启动
[root@cst ~]# ansible a1 -a 'systemctl is-enabled vsftpd'
a1 | FAILED | rc=1 >>
disablednon-zero return code
//设置受控机上的vsftpd服务开机自动启动
[root@cst ~]# ansible a1 -m service -a 'name=vsftpd enabled=yes'
a1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"enabled": true,
"name": "vsftpd",
"status": {
"ActiveEnterTimestamp": "Thu 2021-01-07 03:50:31 CST",
……
[root@cst ~]# ansible a1 -a 'systemctl is-enabled vsftpd'
a1 | CHANGED | rc=0 >>
enabled
//停止受控机上的vsftpd服务
[root@cst ~]# ansible a1 -m service -a 'name=vsftpd state=stopped'
a1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "vsftpd",
"state": "stopped",
"status": {
"ActiveEnterTimestamp": "Thu 2021-01-07 03:50:31 CST",
……
[root@cst ~]# ansible a1 -a 'systemctl is-active vsftpd'
a1 | FAILED | rc=3 >>
inactivenon-zero return code
标签:常用,CHANGED,a1,ansible,模块,rc,cst,root 来源: https://www.cnblogs.com/sarenn/p/14244357.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。