|
(1)、command模块:默认模块,用于在各被管理节点运行指定的命令;
相关选项如下:
creates:一个文件名,当该文件存在,则该命令不执行
free_form:要执行的linux指令
chdir:在执行指令之前,先切换到该目录
removes:一个文件名,当该文件不存在,则该选项不执行
executable:切换shell来执行指令,该执行路径必须是一个绝对路径
[root@mail ansible]# ansible webservers -m command -a 'ifconfig eth0'
node2 | success | rc=0 >>
eth0 Link encap:Ethernet HWaddr 00:0C:29:A3:A6:AA
inet addr:192.168.9.12 Bcast:192.168.11.255 Mask:255.255.252.0
inet6 addr: fe80::20c:29ff:fea3:a6aa/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:122795 errors:0 dropped:0 overruns:0 frame:0
TX packets:280 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:10895221 (10.3 MiB) TX bytes:27024 (26.3 KiB)
node1 | success | rc=0 >>
eth0 Link encap:Ethernet HWaddr 00:0C:29:20:16:2E
inet addr:192.168.9.11 Bcast:192.168.11.255 Mask:255.255.252.0
inet6 addr: fe80::20c:29ff:fe20:162e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:122812 errors:0 dropped:0 overruns:0 frame:0
TX packets:270 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:10897214 (10.3 MiB) TX bytes:26930 (26.2 KiB)
(2)、user模块:用户模块,用于在各被管理节点管理用户所使用;
[root@mail ansible]# ansible webservers -m user -a 'name=bjwf125'
node2 | success >> {
"changed": true,
"comment": "",
"createhome": true,
"group": 500,
"home": "/home/bjwf125",
"name": "bjwf125",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 500
}
node1 | success >> {
"changed": true,
"comment": "",
"createhome": true,
"group": 500,
"home": "/home/bjwf125",
"name": "bjwf125",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 500
}
[root@node1 ~]# tail -1 /etc/passwd
bjwf125:x:500:500::/home/bjwf125:/bin/bash
(3)、group模块:用户组模块,用于在被各管理节点管理用户组所使用;
[root@mail ansible]# ansible webservers -m group -a 'name=mysql gid=306'
node2 | success >> {
"changed": true,
"gid": 306,
"name": "mysql",
"state": "present",
"system": false
}
node1 | success >> {
"changed": true,
"gid": 306,
"name": "mysql",
"state": "present",
"system": false
}
[root@node1 ~]# grep mysql /etc/group
mysql:x:306:
[root@node1 ~]# tail -1 /etc/gshadow
mysql:!::
[root@node1 ~]# tail -1 /etc/group #多种方法查看结果(个人为了增强记忆)
(4)、cron模块:计划任务模块,用户在各被管理节点管理计划任务;
[root@mail ansible]# ansible webservers -m cron -a "name=time minute='*/2' job='/usr/sbin/ntpdate 10.0.1.200'"
node1 | success >> {
"changed": true,
"jobs": [
"time"
]
}
node2 | success >> {
"changed": true,
"jobs": [
"time"
]
}
[root@node1 ~]# crontab -l #在被管理节点查看cron任务
*/5 * * * * /sbin/hwclock -s
#Ansible: time
*/2 * * * * /usr/sbin/ntpdate 10.0.1.200
移除cron
[root@mail ~]# ansible webservers -m cron -a "name=time minute='*/2' job='/usr/sbin/ntpdate 10.0.1.200' state=absent"
node1 | success >> {
"changed": false,
"jobs": []
}
node2 | success >> {
"changed": false,
"jobs": []
}
[root@node1 ~]# crontab -l #在被管理节点查看cron任务
*/5 * * * * /sbin/hwclock -s
(5)、copy模块:复制模块,复制文件至各管理节点:
###这里需要注意的事,必须把各节点的selinux给关闭了,不然会失败的。
相关选项如下:
backup:在覆盖之前,将源文件备份,备份文件包含时间信息。有两个选项:yes|no
content:用于替代“src”,可以直接设定指定文件的值
dest:必选项。要将源文件复制到的远程主机的绝对路径,如果源文件是一个目录,那么该路径
也必须是个目录
directory_mode:递归设定目录的权限,默认为系统默认权限
force:如果目标主机包含该文件,但内容不同,如果设置为yes,则强制覆盖,如果为no,则只
有当目标主机的目标位置不存在该文件时,才复制。默认为yes
others:所有的file模块里的选项都可以在这里使用
src:被复制到远程主机的本地文件,可以是绝对路径,也可以是相对路径。如果路径是一个目录
,它将递归复制。在这种情况下,如果路径使用“/”来结尾,则只复制目录里的内容,如果没有
使用“/”来结尾,则包含目录在内的整个内容全部复制,类似于rsync。
[root@mail ~]# ansible all -m copy -a 'src=/etc/fstab dest=/tmp/fstab.ansible mode=654'
node2 | success >> {
"changed": true,
"checksum": "677ecf6a60822701d7d32e8722d22222be85c6ce",
"dest": "/tmp/fstab.ansible",
"gid": 0,
"group": "root",
"md5sum": "e784c8bb3dde9df0e8248941def7ac7f",
"mode": "0654",
"owner": "root",
"size": 805,
"src": "/root/.ansible/tmp/ansible-tmp-1452739223.25-249168597668683/source",
"state": "file",
"uid": 0
}
node1 | success >> {
"changed": true,
"checksum": "677ecf6a60822701d7d32e8722d22222be85c6ce",
"dest": "/tmp/fstab.ansible",
"gid": 0,
"group": "root",
"md5sum": "e784c8bb3dde9df0e8248941def7ac7f",
"mode": "0654",
"owner": "root",
"size": 805,
"src": "/root/.ansible/tmp/ansible-tmp-1452739223.24-124628130207594/source",
"state": "file",
"uid": 0
}
[root@node1 tmp]# ll
-rw-r-xr-- 1 root root 805 Jan 14 10:40 fstab.ansible
(6)、file模块:文件模块,修改各节点指定的文件属性;
file模块的相关选项:
force:需要在两种情况下强制创建软链接,一种是源文件不存在,但之后会建立的情况
下;另一种是目标软链接已存在,需要先取消之前的软链,然后创建新的软链,有两个
选项:yes|no
group:定义文件/目录的属组
mode:定义文件/目录的权限
owner:定义文件/目录的属主
path:必选项,定义文件/目录的路径
recurse:递归设置文件的属性,只对目录有效
src:被链接的源文件路径,只应用于state=link的情况
dest:被链接到的路径,只应用于state=link的情况
state:
directory:如果目录不存在,就创建目录
file:即使文件不存在,也不会被创建
link:创建软链接
hard:创建硬链接
touch:如果文件不存在,则会创建一个新的文件,如果文件或目录已存在,则更新
其最后修改时间
absent:删除目录、文件或者取消链接文件
[root@mail ~]# ansible all -m file -a 'path=/tmp/fstab.ansible mode=600 owner=bjwf125'
node2 | success >> {
"changed": true,
"gid": 0,
"group": "root",
"mode": "0600",
"owner": "bjwf125",
"path": "/tmp/fstab.ansible",
"size": 805,
"state": "file",
"uid": 500
}
node1 | success >> {
"changed": true,
"gid": 0,
"group": "root",
"mode": "0600",
"owner": "bjwf125",
"path": "/tmp/fstab.ansible",
"size": 805,
"state": "file",
"uid": 500
}
#注:path:指定节点文件路径 mode:指定权限 owner:指定属主
[root@node2 tmp]# ll
-rw------- 1 bjwf125 root 805 Jan 14 10:40 fstab.ansible
(7)、ping模块:测试模块,测试各个被管理节点是否在线;
[root@mail ~]# ansible all -m ping
node2 | success >> {
"changed": false,
"ping": "pong"
}
node1 | success >> {
"changed": false,
"ping": "pong"
}
(8)、service模块:管理各个节点的服务
[root@mail ~]# ansible all -m service -a 'name=ntpd enabled=true'
node1 | success >> {
"changed": true,
"enabled": true,
"name": "ntpd"
}
node2 | success >> {
"changed": true,
"enabled": true,
"name": "ntpd"
}
(9)、shell模块:与command模块功能相同,但比command的模块功能更加强大
[root@mail ~]# ansible all -m shell -a 'cat /etc/group | grep mysql'
node1 | success | rc=0 >>
mysql:x:306:
node2 | success | rc=0 >>
mysql:x:306:
(10)、script模块:自动复制脚本至各节点,并运行之
[root@mail ~]# cat ansible.sh
#!/bin/bash
#
echo "welcome to mylinux." > /tmp/mylinux
[root@mail ~]# ansible all -m script -a '/root/ansible.sh'
node2 | success >> {
"changed": true,
"rc": 0,
"stderr": "",
"stdout": ""
}
node1 | success >> {
"changed": true,
"rc": 0,
"stderr": "",
"stdout": ""
}
[root@node1 tmp]# cat mylinux
welcome to mylinux.
(11)、setup模块:收集ansible的facters
[root@mail ~]# ansible all -m setup
node1 | success >> { #用来查看远程主机的一些基本信息(很强大,感觉超出“基本”了)
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.9.11"
],
"ansible_all_ipv6_addresses": [
"fe80::20c:29ff:fe20:162e"
],
"ansible_architecture": "x86_64",
"ansible_bios_date": "07/02/2015",
"ansible_bios_version": "6.00",
"ansible_cmdline": {
"KEYBOARDTYPE": "pc",
"KEYTABLE": "us",
"LANG": "en_US.UTF-8",
"SYSFONT": "latarcyrheb-sun16",
"quiet": true,
"rd_NO_DM": true,
"rd_NO_LUKS": true,
"rd_NO_LVM": true,
"rd_NO_MD": true,
"rhgb": true,
"ro": true,
"root": "UUID=a4588fdb-b266-4f99-b5d5-013149014d55"
},
"ansible_date_time": {
"date": "2016-01-14",
"day": "14",
"epoch": "1452741270",
"hour": "11",
"iso8601": "2016-01-14T03:14:30Z",
"iso8601_micro": "2016-01-14T03:14:30.591778Z",
"minute": "14",
"month": "01",
"second": "30",
"time": "11:14:30",
"tz": "HKT",
"tz_offset": "+0800",
"weekday": "Thursday",
"year": "2016"
},
(12)、yum模块:用于在各个管理节点安装软件所使用
[root@mail ~]# ansible all -m yum -a 'name=httpd state=present'
node1 | success >> {
"changed": false,
"msg": "",
"rc": 0,
"results": [
"httpd-2.2.15-47.el6.centos.1.x86_64 providing httpd is already installed"
]
}
node2 | success >> {
"changed": false,
"msg": "",
"rc": 0,
"results": [
"httpd-2.2.15-47.el6.centos.1.x86_64 providing httpd is already installed"
]
}
[root@node1 tmp]# rpm -q httpd
httpd-2.2.15-47.el6.centos.1.x86_64
(13)、更多模块
其他常用模块,比如synchronize、acl就不再一一列举了,可以结合自身所需要的系统环境来进行测试。
##更多模块可以参考:
[root@mail ~]# ansible-doc -l
Homepage: http://www.greenwoodsoftware.com/less
a10_server Manage A10 Networks AX/SoftAX/Thunder/vThunder devices
a10_service_group Manage A10 Networks AX/SoftAX/Thunder/vThunder devices
a10_virtual_server Manage A10 Networks AX/SoftAX/Thunder/vThunder devices
acl Sets and retrieves file ACL information.
add_host add a host (and alternatively a group) to the ansible-playbook in...
airbrake_deployment Notify airbrake about app deployments
alternatives Manages alternative programs for common commands
apache2_module enables/disables a module of the Apache2 webserver
apt Manages apt-packages
apt_key Add or remove an apt key
apt_repository Add and remove APT repositories
apt_rpm apt_rpm package manager
assemble Assembles a configuration file from fragments
assert Fail with custom message
at Schedule the execution of a command or script file via the at com...
authorized_key Adds or removes an SSH authorized key
azure create or terminate a virtual machine in azure
bigip_facts Collect facts from F5 BIG-IP devices
bigip_monitor_http Manages F5 BIG-IP LTM http monitors
bigip_monitor_tcp Manages F5 BIG-IP LTM tcp monitors
bigip_node Manages F5 BIG-IP LTM nodes
bigip_pool Manages F5 BIG-IP LTM pools
bigip_pool_member Manages F5 BIG-IP LTM pool members
bigpanda Notify BigPanda about deployments
##或者一些网址: http://docs.ansible.com/modules_by_category.html |
|