|
|
Ansible版本
[iyunv@HA2 tmp]# rpm -q ansibleansible-2.1.2.0-1.el6.noarch
Ansible配置文件
[iyunv@HA2 tmp]# rpm -ql ansible | less/etc/ansible
/etc/ansible/ansible.cfg //配置文件
/etc/ansible/hosts //主机清单
/etc/ansible/roles //角色
/usr/bin/ansible //主程序
/usr/bin/ansible-console
/usr/bin/ansible-doc //文档命令
/usr/bin/ansible-galaxy
/usr/bin/ansible-playbook //剧本
/usr/bin/ansible-pull
/usr/bin/ansible-vault
Ansible语法
ansible <host-pattern> [options]
//all所有/etc/ansible/hosts定义主机 “/”目录下bin并且统计多少行
[iyunv@HA2 tmp]# ansible all -a 'ls / ' | grep -o "^bin" |wc -l
3
添加一个crontab任务,名称为Test,没4分钟执行一次
[iyunv@HA2 tmp]# ansible all -m cron -a "name=Test minute=*/4 job='/bin/date >> /tmp/date.log'"
172.16.0.5 | SUCCESS => { "changed": true,
"envs": [],
"jobs": [ "1",
"None",
"Test"
]
}172.16.0.4 | SUCCESS => { "changed": true,
"envs": [],
"jobs": [ "1",
"None",
"Test"
]
}172.16.0.2 | SUCCESS => { "changed": true,
"envs": [],
"jobs": [ "1",
"None",
"Test"
]
}
//查看确实有我们所定义的内容
[iyunv@HA2 tmp]# ansible all -a 'crontab -l'
172.16.0.5 | SUCCESS | rc=0 >>
#Ansible:
1*/5 * * * * /bin/date > /tmp/date.log
#Ansible: None
*/2 * * * * ls / >> /tmp/root.log
#Ansible: Test
*/4 * * * * /bin/date >> /tmp/date.log
172.16.0.4 | SUCCESS | rc=0 >>
#Ansible:
1*/5 * * * * /bin/date > /tmp/date.log
#Ansible: None
*/2 * * * * ls / >> /tmp/root.log
#Ansible: Test
*/4 * * * * /bin/date >> /tmp/date.log
172.16.0.2 | SUCCESS | rc=0 >>
#Ansible:
1*/5 * * * * /bin/date > /tmp/date.log
#Ansible: None
*/2 * * * * ls / >> /tmp/root.log
#Ansible: Test
*/4 * * * * /bin/date >> /tmp/date.log
删除Test这条crontab任务,并确认是否删除
[iyunv@HA2 tmp]# ansible all -m cron -a "state=absent name=Test minute=*/4 job='/bin/date >> /tmp/date.log'" //删除任务
172.16.0.5 | SUCCESS => { "changed": true,
"envs": [],
"jobs": [ "1",
"None"
]
}172.16.0.4 | SUCCESS => { "changed": true,
"envs": [],
"jobs": [ "1",
"None"
]
}172.16.0.2 | SUCCESS => { "changed": true,
"envs": [],
"jobs": [ "1",
"None"
]
}
[iyunv@HA2 tmp]# ansible all -a 'crontab -l' //已删除
172.16.0.5 | SUCCESS | rc=0 >>
#Ansible:
1*/5 * * * * /bin/date > /tmp/date.log
#Ansible: None
*/2 * * * * ls / >> /tmp/root.log
172.16.0.4 | SUCCESS | rc=0 >>
#Ansible:
1*/5 * * * * /bin/date > /tmp/date.log
#Ansible: None
*/2 * * * * ls / >> /tmp/root.log
172.16.0.2 | SUCCESS | rc=0 >>
#Ansible:
1*/5 * * * * /bin/date > /tmp/date.log
#Ansible: None
*/2 * * * * ls / >> /tmp/root.log
fetch 备份神器
[iyunv@HA2 tmp]# mkdir `date +%Y` //创建本地备份目录
[iyunv@HA2 tmp]# ls
2016 date.log yum.log
[iyunv@HA2 tmp]# ansible all -m fetch -a "src=/tmp/fstab1 dest=/tmp/2016" //拉取远程/tmp/fstab1文件备份到本地目录/tmp/2016下
172.16.0.5 | SUCCESS => { "changed": true,
"checksum": "1f9cc35736c5df82cd013c7c4445f8ba9fb05062",
"dest": "/tmp/2016/172.16.0.5/tmp/fstab1",
"md5sum": "30fe33abd75b1a24286d146306d3481f",
"remote_checksum": "1f9cc35736c5df82cd013c7c4445f8ba9fb05062",
"remote_md5sum": null
}172.16.0.2 | SUCCESS => { "changed": true,
"checksum": "1f9cc35736c5df82cd013c7c4445f8ba9fb05062",
"dest": "/tmp/2016/172.16.0.2/tmp/fstab1",
"md5sum": "30fe33abd75b1a24286d146306d3481f",
"remote_checksum": "1f9cc35736c5df82cd013c7c4445f8ba9fb05062",
"remote_md5sum": null
}172.16.0.4 | SUCCESS => { "changed": true,
"checksum": "1f9cc35736c5df82cd013c7c4445f8ba9fb05062",
"dest": "/tmp/2016/172.16.0.4/tmp/fstab1",
"md5sum": "30fe33abd75b1a24286d146306d3481f",
"remote_checksum": "1f9cc35736c5df82cd013c7c4445f8ba9fb05062",
"remote_md5sum": null
}
[iyunv@HA2 tmp]# tree 2016/ //查看是否备份成功2016/
├── 172.16.0.2│ └── tmp
│ └── fstab1
├── 172.16.0.4│ └── tmp
│ └── fstab1
└── 172.16.0.5
└── tmp
└── fstab16 directories, 3 files
file创建远程连接
[iyunv@HA2 tmp]# ansible all -m file -a 'src=/tmp/fstab1 path=/var/fstab.link state=link'
//创建远程文件/tmp/fstab1软连接为/var/fstab.link
172.16.0.5 | SUCCESS => { "changed": true,
"dest": "/var/fstab.link",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"size": 11,
"src": "/tmp/fstab1",
"state": "link",
"uid": 0
}
172.16.0.4 | SUCCESS => { "changed": true,
"dest": "/var/fstab.link",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:var_t:s0",
"size": 11,
"src": "/tmp/fstab1",
"state": "link",
"uid": 0
}
172.16.0.2 | SUCCESS => { "changed": true,
"dest": "/var/fstab.link",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:var_t:s0",
"size": 11,
"src": "/tmp/fstab1",
"state": "link",
"uid": 0
}
[iyunv@HA2 tmp]# ansible all -m shell -a 'ls -l /var/fst*' //验证是否正确
172.16.0.5 | SUCCESS | rc=0 >>
lrwxrwxrwx 1 root root 11 Oct 29 22:43 /var/fstab.link -> /tmp/fstab1
172.16.0.2 | SUCCESS | rc=0 >>
lrwxrwxrwx. 1 root root 11 Oct 29 22:43 /var/fstab.link -> /tmp/fstab1
172.16.0.4 | SUCCESS | rc=0 >>
lrwxrwxrwx. 1 root root 11 Oct 29 22:43 /var/fstab.link -> /tmp/fstab1
[iyunv@HA2 tmp]# ansible all -m file -a 'src=/tmp/fstab1 path=/var/fstab.link state=absent'//删除软连接,state=absent即可
172.16.0.5 | SUCCESS => { "changed": true,
"path": "/var/fstab.link",
"state": "absent"}
172.16.0.2 | SUCCESS => { "changed": true,
"path": "/var/fstab.link",
"state": "absent"}
172.16.0.4 | SUCCESS => { "changed": true,
"path": "/var/fstab.link",
"state": "absent"}
[iyunv@HA2 tmp]# ansible all -m shell -a 'ls -l /var/fst*' //验证是否删除
172.16.0.5 | FAILED | rc=2 >>ls: cannot access /var/fst*: No such file or directory
172.16.0.2 | FAILED | rc=2 >>ls: cannot access /var/fst*: No such file or directory
172.16.0.4 | FAILED | rc=2 >>ls: cannot access /var/fst*: No such file or directory
file属性修改
path= owner= mode= 等等比如
[iyunv@HA2 tmp]# ansible all -m file -a 'path=/tmp/fstab1 mode=0777' //设定属性等于777
172.16.0.5 | SUCCESS => { "changed": false,
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"path": "/tmp/fstab1",
"size": 711,
"state": "file",
"uid": 0}172.16.0.2 | SUCCESS => { "changed": false,
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"path": "/tmp/fstab1",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 711,
"state": "file",
"uid": 0}172.16.0.4 | SUCCESS => { "changed": false,
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"path": "/tmp/fstab1",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 711,
"state": "file",
"uid": 0}
[iyunv@HA2 tmp]# ansible all -a 'ls -l /tmp/fstab1' //验证权限,没错都是777
172.16.0.5 | SUCCESS | rc=0 >>
-rwxrwxrwx 1 root root 711 Oct 29 20:00 /tmp/fstab1172.16.0.2 | SUCCESS | rc=0 >>
-rwxrwxrwx. 1 root root 711 Oct 29 20:00 /tmp/fstab1172.16.0.4 | SUCCESS | rc=0 >>
-rwxrwxrwx. 1 root root 711 Oct 29 20:00 /tmp/fstab1
file創建目錄
path= state=directory
[iyunv@HA2 tmp]# ansible all -m file -a 'path=/tmp/test state=directory'//在/tmp下創建test目錄
172.16.0.5 | SUCCESS => { "changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/tmp/test",
"size": 4096,
"state": "directory",
"uid": 0}172.16.0.2 | SUCCESS => { "changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/tmp/test",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 6,
"state": "directory",
"uid": 0}172.16.0.4 | SUCCESS => { "changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/tmp/test",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 6,
"state": "directory",
"uid": 0}
[iyunv@HA2 tmp]# ansible all -m shell -a 'ls -l /tmp/ | grep test'//驗證是否創建test,發現有test目錄證明創建成功
172.16.0.5 | SUCCESS | rc=0 >>
drwxr-xr-x 2 root root 4096 Oct 29 23:02 test-rw-r--r-- 1 root root 8 Oct 29 20:06 testfile172.16.0.2 | SUCCESS | rc=0 >>
drwxr-xr-x. 2 root root 6 Oct 29 23:02 test-rw-r--r--. 1 root root 8 Oct 29 20:06 testfile172.16.0.4 | SUCCESS | rc=0 >>
drwxr-xr-x. 2 root root 6 Oct 29 23:02 test-rw-r--r--. 1 root root 8 Oct 29 20:06 testfile
yum 安裝
[iyunv@HA2 tmp]# ansible all -m yum -a 'name=httpd'
yum 卸載
[iyunv@HA2 tmp]# ansible all -m yum -a 'name=httpd state=absent'
copy ,拷貝本地/tmp/date.log至遠程主機的/tmp目錄下
[iyunv@HA2 tmp]# ansible all -m copy -a "src=/tmp/date.log dest=/tmp"
service 啟動服務并開機主動啟動(enabled等於1為自動啟動,0為關閉自動啟動)
[iyunv@HA2 tmp]# ansible all -m service -a "name=httpd state=started enabled=1"
service 停止并關閉自動自動
[iyunv@HA2 tmp]# ansible all -m service -a "name=httpd state=stopped enabled=0"
service 重啟服務
[iyunv@HA2 tmp]# ansible all -m service -a "name=httpd state=restarted"
service 重載
[iyunv@HA2 tmp]# ansible all -m service -a "name=httpd state=reloaded"
user 創建用戶
[iyunv@HA2 tmp]# ansible all -m user -a "name=mysql uid=306 system=yes"
定义Ansible的yaml
yaml格式
用户增删示例
- hosts:all //定义远程主机
remote_user: root //定义远程用户为root
tasks: //定义任务,以缩进为引导
- name: create a user user5 //定义任务名称
user: user=user5
system=ture uid=555 [state=absent]
//定义创建user5用户系统用户uid为555 []中为删除
- name: create a user user6 //定义任务名称
user: user=user6 uid=666 [state=absent]
//定义创建user5用户系统用户uid为555 []中为删除
只检测不执行
[iyunv@HA2 ansible]# ansible-playbook --check xxx.yaml
检查在那些主机上会执行
[iyunv@HA2 ansible]# ansible-playbook --list-host xxx.yaml
检查会执行那些TAGS
[iyunv@HA2 ansible]# ansible-playbook --list-tags xxx.yaml
检查tasks列表
[iyunv@HA2 ansible]# ansible-playbook --list-tasks xxx.yaml
执行
[iyunv@HA2 ansible]# ansible-playbook xxx.yaml
yaml格式
服务安装配置示例
- hosts: webserver //定义远程主机
remote_user: root //定义远程用户为root
tasks: //定义任务
- name: Yum install httpd service //定义任务名称
yum: name=httpd //定义Yum Module安装服务
- name: Copy cinfigure
copy: src=config/httpd/conf/httpd.conf7 dest=/etc/httpd/conf/httpd.conf
tags: config //定义tags标签
notify: reload httpd
//定义notify通知必须与handlers -name:values一致
- name: Service httpd start
service: name=httpd state=started
handlers: //定义handlers
- name: reload httpd //定义调用上面notify的名称
service: name=httpd state=reloaded //采取的动作
只运行tags标签的config
[iyunv@HA2 working]# ansible-playbook -t config xxx.yaml
只运行tags标签的connfig并且触发notify通知
[iyunv@HA2 working]# ansible-playbook -t config web.yaml
PLAY [webserver] ***************************************************************
TASK [setup] *******************************************************************
ok: [172.16.0.4]
ok: [172.16.0.2]
TASK [Copy cinfigure] **********************************************************
changed: [172.16.0.2] //发现配置文件有变动host
changed: [172.16.0.4] //发现配置文件有变动host
RUNNING HANDLER [reload httpd] //运行了我们定义的任务
*************************************************
changed: [172.16.0.4] //handlers采取的动作host
changed: [172.16.0.2] //handlers采取的动作host
PLAY RECAP *********************************************************************
172.16.0.2 : ok=3 changed=2 unreachable=0 failed=0
172.16.0.4 : ok=3 changed=2 unreachable=0 failed=0
yaml格式
服务安装配置示例
- hosts: dbserver //定义远程主机
remote_user: root //定义远程用户
tasks: //定义任务
- name: install {{ pkname }} //使用变量,执行命令时可以传参变量最好保持一致
yum: name={{ pkname }} //使用变量,执行命令时可以传参,变量最好保持一致
执行示例,建议执行前做检查
[iyunv@HA2 working]# ansible-playbook -e pkname=memcached --check memcached.yaml
//执行前检查,-e参数表示使用变量,pkname=values为传参的软件包名称
[iyunv@HA2 working]# ansible-playbook -e pkname=memcached memcached.yaml
//-e参数表示使用变量,pkname=values为传参的软件包名称
PLAY [dbserver] ****************************************************************
TASK [setup] *******************************************************************
ok: [172.16.0.5]
TASK [install memcached] *******************************************************
changed: [172.16.0.5]
PLAY RECAP *********************************************************************
172.16.0.5 : ok=2 changed=1 unreachable=0 failed=0
Host Inventory
定义向不同主机传递不同参数
[iyunv@HA2 working]# cat ../hosts | grep -v "#"
[webserver]
172.16.0.2 hname=www1 //hname为变量名
172.16.0.4 hname=www2 //hname为变量名
[dbserver]
172.16.0.5 hname=dbserver
定义向不同主机传递不同参数yaml
[iyunv@HA2 working]# cat hname.yaml
- hosts: all
remote_user: root
tasks:
- name: Modify Hostname
hostname: name={{ hname }} //这里一定要用{{ values }}
执行
[iyunv@HA2 working]# ansible-playbook hname.yaml
查看结果
[iyunv@HA2 working]# ansible all -a "hostname"172.16.0.5 | SUCCESS | rc=0 >>
dbserver172.16.0.2 | SUCCESS | rc=0 >>
www1172.16.0.4 | SUCCESS | rc=0 >>
www2
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2016-10-31 10:12:18
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡