ansible模块有很多,具体模块的使用方法可以使用 ansible-doc 命令可以详细的查看,最下面给的还有实例,很是方便。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
ansible-doc service # 查看模块 service 的使用方法
less 436
Copyright (C) 1984-2009 Mark Nudelman
less comes with NO WARRANTY, to the extent permitted by law.
For information about the terms of redistribution,
see the file named README in the less distribution.
Homepage: http://www.greenwoodsoftware.com/less
> SERVICE
Controls services on remote hosts. Supported init systems include
BSD init, OpenRC, SysV, Solaris SMF, systemd, upstart.
Options (= is mandatory):
- arguments
Additional arguments provided on the command line
.......
.......
EXAMPLES: # 下面给的一些实例,很是实用
# Example action to start service httpd, if not running
- service: name=httpd state=started
# Example action to stop service httpd, if running
- service: name=httpd state=stopped
...
...
下面我自己罗列的一写常用的模块使用方法,便于以后查找使用。
copy 复制本地文件到远程(类似scp命令)
1
2
3
4
5
6
7
- copy: src=/srv/myfiles/foo.conf dest=/etc/foo.conf owner=foo group=foo mode=0644
- copy: src=/srv/myfiles/foo.conf dest=/etc/foo.conf owner=foo group=foo mode="u=rw,g=r,o=r"
- copy: src=/srv/myfiles/foo.conf dest=/etc/foo.conf owner=foo group=foo mode="u+rw,g-wx,o-rwx"
- copy: src=/mine/ntp.conf dest=/etc/ntp.conf owner=root group=root mode=644 backup=yes
- copy: src=/mine/sudoers dest=/etc/sudoers validate='visudo -cf %s'
ansible test -m copy -a 'src=/tmp/test.txt dest=/tmp/t.txt' # 将本地'/tmp/test.txt'文件复制到test主机并重命名'/tmp/t.txt'
ansible test -m copy -a 'src=/tmp/dir dest=/tmp/' # 将本地'/tmp/dir'目录复制到test主机'/tmp/'目录下
fetch 远程文件copy到本地
1
2
3
4
- fetch: src=/tmp/somefile dest=/tmp/fetched
- fetch: src=/tmp/somefile dest=/tmp/prefix-{{ ansible_hostname }} flat=yes
- fetch: src=/tmp/uniquefile dest=/tmp/special/ flat=yes
- fetch: src=/tmp/uniquefile dest=special/prefix-{{ ansible_hostname }} flat=yes
replace 替换(类似sed命令)
1
ansible test -m replace -a "dest=/etc/hosts regexp='Old' replace='New' backeup=yes"
authorized_key 添加互信
1
2
3
4
5
6
7
8
- authorized_key: user=test state=present key=\"{{ lookup('file', '/home/test/.ssh/id_rsa.pub') }}\" # 添加test互信
- authorized_key: user=test # 远程用户
state=present # 新建,absent删除
key=\"{{ lookup('file', '/home/test/.ssh/id_rsa.pub') }}\" # 本地公钥
path='/data/test/.ssh/authorized_keys' # 额外指定远程用户权限文件,默认是远程用户的家目录下/$HOMEDIR/.ssh/authorized_keys
manage_dir=no # 根据path指定的路径创建远程用户权限文件authorized_keys
ansible all -m authorized_key -a "user=root state=present key=\"{{ lookup('file', '/root/.ssh/id_rsa.pub') }}\"" -k # 将本地root的公钥导入到远程用户root的authorized_keys里
ansible all -m authorized_key -a "user=root state=present key=\"{{ lookup('file', '/home/test/.ssh/id_rsa.pub') }}\"" -k # 将本地test的公钥导入到远程用户root的authorized_keys里
synchronize 同步(类似rsync命令)
1
2
3
4
5
6
7
8
9
10
11
12
13
src=/some/relative/path dest=/some/absolute/path
dest_port=22 # 指定远程端口
delete=yes # 使两边的内容一样(即以推送方为主)
compress=yes # 开启压缩,默认为开启
--exclude=.git # 忽略同步.git结尾的文件
recursive=yes # 递归
checksum=yes # 默认 no
archive=no
links=yes
times=no
- synchronize: src=/tmp/helloworld dest=/var/www/helloword rsync_opts=--no-motd,--exclude=.gi dest_port=22
- synchronize: src=/tmp/dir dest=/tmp/ dest_port=2020 delete=yes recursive=yes rsync_opts=--no-motd,--exclude=.log # 通过2020端口拷贝目录/tmp/dir到远程/tmp/下面,保持和源目录结构一致,忽略 .log文件
- synchronize: src=/tmp/dir dest=/tmp/ dest_port=2020 delete=yes recursive=yes rsync_opts=--exclude-from=/tmp/ex # 通过2020端口拷贝目录/tmp/dir到远程/tmp/下面,保持和源目录结构一致并且过滤/tmp/ex文件里的内容
lineinfile 行替换
1
2
3
4
5
6
7
- lineinfile: dest=/etc/selinux/config regexp=^SELINUX= line=SELINUX=enforcing # 将以“SELINUX”开头的行换成 “SELINUX=enforcing”
- lineinfile: dest=/etc/sudoers state=absent regexp="^%wheel" # 将以 %wheel 开头的行删除
- lineinfile: dest=/etc/hosts regexp='^127\.0\.0\.1' line='127.0.0.1 localhost' owner=root group=root mode=0644
- lineinfile: dest=/etc/httpd/conf/httpd.conf regexp="^Listen " insertafter="^#Listen " line="Listen 8080" # 将以 #Listen 开头行的下面的 以Listen开头的行换成 Listen 8080
- lineinfile: dest=/etc/httpd/conf/httpd.conf insertafter="^#Listen " line="Listen 8080" # 在 #Listen 开头行的下面的 添加 Listen 8080 新行
- lineinfile: dest=/etc/httpd/conf/httpd.conf regexp="^Listen " insertbefore="^#Listen " line="Listen 8080" # 将以 #Listen 开头行的上面的 以Listen开头的行换成 Listen 8080
- lineinfile: dest=/tmp/testfile line="192.168.1.99 foo.lab.net foo" # 添加一个新行
unarchive 解压缩
1
2
3
4
5
6
7
8
9
10
src
copy yes|no # yes:默认,压缩包在本地,src=本地压缩包路径,dest=解压到远程路径;no远程主机已存在压缩包,src=远程压缩包路径,dest=解压到远程路径
creates # 创建文件目录,当文件存在就不执行
dest
group
mode
owner
- unarchive: src=foo.tgz dest=/var/lib/foo
- unarchive: src=/tmp/foo.zip dest=/usr/local/bin copy=no
- unarchive: src=/tmp/test.tar.gz dest=/opt/tmp/ creates=/opt/tmp/ copy=no
mysql_relication mysql的主从复制
1
2
3
- mysql_replication: mode=stopslave
- mysql_replication: mode=changemaster master_host=192.168.1.1 master_log_file=mysql-bin.000009 master_log_pos=4578
- mysql_replication: mode=getslave login_host=ansible.example.com login_port=3308
mysql_user mysql的用户授权
1
2
3
4
5
- mysql_user: name=bob password=12345 priv=*.*:ALL state=present # 所以权限
- mysql_user: name=bob password=12345 priv=*.*:ALL,GRANT state=present # 所以权限包括 with grant option
- mysql_user: name=bob append_privs=true priv=*.*:REQUIRESSL state=present
- mysql_user: login_user=root login_password=123456 name=sally state=absent # 删除用户
- mysql_user: name=replication password=12345 priv=*.*:"REPLICATION CLIENT" state=present # 创建从用户
运维网声明
1、欢迎大家加入本站运维交流群:群②:261659950 群⑤:202807635 群⑦870801961 群⑧679858003
2、本站所有主题由该帖子作者发表,该帖子作者与运维网 享有帖子相关版权
3、所有作品的著作权均归原作者享有,请您和我们一样尊重他人的著作权等合法权益。如果您对作品感到满意,请购买正版
4、禁止制作、复制、发布和传播具有反动、淫秽、色情、暴力、凶杀等内容的信息,一经发现立即删除。若您因此触犯法律,一切后果自负,我们对此不承担任何责任
5、所有资源均系网友上传或者通过网络收集,我们仅提供一个展示、介绍、观摩学习的平台,我们不对其内容的准确性、可靠性、正当性、安全性、合法性等负责,亦不承担任何法律责任
6、所有作品仅供您个人学习、研究或欣赏,不得用于商业或者其他用途,否则,一切后果均由您自己承担,我们对此不承担任何法律责任
7、如涉及侵犯版权等问题,请您及时通知我们,我们将立即采取措施予以解决
8、联系人Email:admin@iyunv.com 网址:www.yunweiku.com