ping模块
验证主机的连通性
[root@monster1 ~]# ansible all -m ping
192.168.71.131 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
[root@monster1 ~]#
shell模块
执行shell命令
[root@monster1 ~]# ansible all -m shell -a 'df -h'
192.168.71.131 | CHANGED | rc=0 >>
Filesystem Size Used Avail Use% Mounted on
devtmpfs 716M 0 716M 0% /dev
tmpfs 730M 0 730M 0% /dev/shm
tmpfs 730M 8.7M 722M 2% /run
tmpfs 730M 0 730M 0% /sys/fs/cgroup
/dev/mapper/cl_fedora-root 17G 2.2G 15G 14% /
/dev/nvme0n1p2 1014M 155M 860M 16% /boot
/dev/nvme0n1p1 599M 9.0M 590M 2% /boot/efi
tmpfs 146M 0 146M 0% /run/user/0
[root@monster1 ~]#
command模块
此模块是默认模块,不指定模块默认使用此模块,只能执行些简单命令,不支持特殊符号
[root@monster1 ~]# ansible all -a 'hostname'
192.168.71.131 | CHANGED | rc=0 >>
monster2
[root@monster1 ~]#
script模块
执行分发脚本,如下创建了个docker安装redis以及启动redis容器并显示正在运行的容器,再通过ansible分发给所有主机执行。
[root@monster1 ~]# cat redis.sh
docker pull redis
docker run --restart=always --log-opt max-size=100m --log-opt max-file=2 -p 6379:6379 --name myredis -d redis redis-server
docker ps
[root@monster1 ~]# ansible all -m script -a 'redis.sh'
安装过程的信息太多只截最后面的信息了
file模块
用来创建目录、文件、软连接
path 路径
src 源
state 状态(directory创建目录、file默认状态,修改文件内容,如果文件不存在不会创建文件、touch创建文件、link软连接)
…
[root@monster1 ~]# ansible all -m file -a 'path=data/file state=directory'
192.168.71.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "data/file",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
[root@monster1 ~]# ansible all -m file -a 'path=data/file/file.log state=touch'
192.168.71.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "data/file/file.log",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
[root@monster1 ~]# ansible all -m file -a 'src=~/data/file path=/file state=link'
192.168.71.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/file",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:root_t:s0",
"size": 15,
"src": "/root/data/file",
"state": "link",
"uid": 0
}
[root@monster1 ~]#
copy模块
复制文件到其它服务器节点,注意斜杠的区别,/data/copy是copy整个目录本身包括里面的文件,/data/copy/是只复制copy里面的文件。
src 源
dest 目标
backup 覆盖前备份,backup=yes
owner 修改所有者
group 修改用户组
mode 权限
[root@monster1 ~]# ansible all -m copy -a 'src=/data/copy dest=/data/'
192.168.71.131 | CHANGED => {
"changed": true,
"dest": "/data/",
"src": "/data/copy"
}
[root@monster1 ~]# ansible all -m copy -a 'src=/data/copy dest=/data/ backup=yes owner=monster group=monster mode=777'
192.168.71.131 | CHANGED => {
"changed": true,
"dest": "/data/",
"src": "/data/copy"
}
[root@monster1 ~]#
systemd模块
管理开机自不自启,服务开启关闭重启指令
name 服务名称
enable 开机自启enable=yes
state 服务状态,started开启、stopped关闭、restarted重启、reloaded重载配置
daemon_reload 重新加载systelctl配置,daemon_reload=yes
[root@monster1 copy]# ansible all -m systemd -a 'name=firewalld state=stopped'
192.168.71.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "firewalld",
"state": "stopped",
"status": {
"ActiveEnterTimestamp": "Fri 2022-12-23 02:24:01 EST",
"ActiveEnterTimestampMonotonic": "90582071019",
"ActiveExitTimestamp": "Thu 2022-12-22 01:15:40 EST",
"ActiveExitTimestampMonotonic": "80805568",
"ActiveState": "active",
.......
yum模块
name 软件包名字
state installed安装,removed删除,latest安装或更新
root@monster1 ~]# ansible all -m yum -a 'name=nginx state=installed'
192.168.71.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"changes": {
"installed": [
"nginx"
]
},
"msg": "Warning: RPMDB altered outside of yum.\n",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: ftp.yz.yamagata-u.ac.jp\n * epel: hkg.mirror.rackspace.com\n * extras: ftp.yz.yamagata-u.ac.jp\n * updates: ftp.yz.yamagata-u.ac.jp\nResolving Dependencies\n--> Running transaction check\n---> Package nginx.aarch64 1:1.22.1-1.el7.ngx will be installed\n--> Processing Dependency: libpcre2-8.so.0()(64bit) for package: 1:nginx-1.22.1-1.el7.ngx.aarch64\n--> Running transaction check\n---> Package pcre2.aarch64 0:10.23-2.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n nginx aarch64 1:1.22.1-1.el7.ngx nginx-stable 736 k\nInstalling for dependencies:\n pcre2 aarch64 10.23-2.el7 base 179 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+1 Dependent package)\n\nTotal size: 915 k\nInstalled size: 3.3 M\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : pcre2-10.23-2.el7.aarch64 1/2 \n Installing : 1:nginx-1.22.1-1.el7.ngx.aarch64 2/2 \n----------------------------------------------------------------------\n\nThanks for using nginx!\n\nPlease find the official documentation for nginx here:\n* https://nginx.org/en/docs/\n\nPlease subscribe to nginx-announce mailing list to get\nthe most important news about nginx:\n* https://nginx.org/en/support.html\n\nCommercial subscriptions for nginx are available on:\n* https://nginx.com/products/\n\n----------------------------------------------------------------------\n Verifying : pcre2-10.23-2.el7.aarch64 1/2 \n Verifying : 1:nginx-1.22.1-1.el7.ngx.aarch64 2/2 \n\nInstalled:\n nginx.aarch64 1:1.22.1-1.el7.ngx \n\nDependency Installed:\n pcre2.aarch64 0:10.23-2.el7 \n\nComplete!\n"
]
}
[root@monster1 ~]#
yum_repository源模块
name yum源名字
description 注释信息
baseurl 下载地址
enabled 是否启动源,yes/no
gpgcheck 是否启动gpgcheck,yes/no
file yum源的文件名
[root@monster1 ~]# ansible all -m yum_repository -a 'name=nginx-stable description="注释信息----可有可无" baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ enabled=yes gpgcheck=no file=nginx'
192.168.71.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"repo": "nginx-stable",
"state": "present"
}
[root@monster1 ~]#
get_url模块
下载文件
url 下载链接地址
dest 下载到哪个目录
[root@monster1 ~]# ansible all -m get_url -a 'dest=/data url=https://mirrors.tuna.tsinghua.edu.cn/epel/7/x86_64/Packages/e/epel-release-7-14.noarch.rpm'
192.168.71.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum_dest": null,
"checksum_src": "772e0dbc7c1690a950cd733901097cdeabd8dc09",
"dest": "/data/epel-release-7-14.noarch.rpm",
"elapsed": 1,
"gid": 0,
"group": "root",
"md5sum": "966ae7fbf5106958334a7ec9a8c22ba4",
"mode": "0644",
"msg": "OK (15608 bytes)",
"owner": "root",
"secontext": "system_u:object_r:default_t:s0",
"size": 15608,
"src": "/root/.ansible/tmp/ansible-tmp-1671853530.03-21495152662750/tmpzt6pvM",
"state": "file",
"status_code": 200,
"uid": 0,
"url": "https://mirrors.tuna.tsinghua.edu.cn/epel/7/x86_64/Packages/e/epel-release-7-14.noarch.rpm"
}
[root@monster1 ~]#
cron模块
name 注释
minute 分钟
hour 小时
day 天
month 月
week 周
job 指定命令或脚本
state present 添加任务,absent删除任务
[root@monster1 ~]# ansible all -m cron -a 'name=alltime minute=*/2 job="/sbin/ntpdate ntp1.aliyun.com &>dev/null" state=present'
192.168.71.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"alltime"
]
}
[root@monster1 ~]#
group模块
name 组名字
gid 组gid
state present添加,absent删除
[root@monster1 ~]# ansible all -m group -a 'name=monster gid=1888 state=present'
192.168.71.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 1888,
"name": "monster",
"state": "present",
"system": false
}
[root@monster1 ~]#
user模块
name 用户名
uid 指定id
group 指定组
gourps 指定多个组
shell 指定命令
create_home 创建家目录
state present添加,absent删除
[root@monster1 ~]# ansible all -m user -a 'name=monster group=monster uid=1888 create_home=no shell=/sbin/nologin state=present'
192.168.71.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"append": false,
"changed": true,
"comment": "",
"group": 1888,
"home": "/home/monster",
"move_home": false,
"name": "monster",
"shell": "/sbin/nologin",
"state": "present",
"uid": 1888
}
[root@monster1 ~]#
