JZTXT

ansible批量管理工具学习

发布时间 2023-04-13 09:49:13作者: 往事已成昨天

ansible批量管理工具学习(一)

小张的知识杂货铺 2022-12-03 19:48 发表于浙江
收录于合集#ansible2个
centos7配置yum源
mkdir baklsmv *.repo bak/wget   -O   /etc/yum.repos.d/CentOS-Base.repo    http://mirrors.aliyun.com/repo/Centos-7.repoyum clean allyum makecacheyum  -y   install   epel-releaseyum clean allyum makecache
安装ansible
root@client yum.repos.d]# yum install ansible -yLoaded plugins: fastestmirror, langpacksLoading mirror speeds from cached hostfile * base: mirrors.aliyun.com * epel: mirror.01link.hk * extras: mirrors.aliyun.com * updates: mirrors.aliyun.comResolving Dependencies--> Running transaction check---> Package ansible.noarch 0:2.9.27-1.el7 will be installed............
Installed:  ansible.noarch 0:2.9.27-1.el7Dependency Installed:  python-babel.noarch 0:0.9.6-8.el7                python-jinja2.noarch 0:2.7.2-4.el7  python-markupsafe.x86_64 0:0.11-10.el7           python-paramiko.noarch 0:2.1.1-9.el7  python2-httplib2.noarch 0:0.18.1-3.el7           python2-jmespath.noarch 0:0.9.4-2.el7  sshpass.x86_64 0:1.06-2.el7
Complete![root@client yum.repos.d]#
查看ansible版本信息[root@client ~]# ansible --versionansible 2.9.27  config file = /etc/ansible/ansible.cfg  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']  ansible python module location = /usr/lib/python2.7/site-packages/ansible  executable location = /usr/bin/ansible  python version = 2.7.5 (default, Oct 30 2018, 23:45:53) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]
ansible相关文件
[root@client ~]# ll /etc/ansible/total 24-rw-r--r--. 1 root root 19985 Jan 16  2022 ansible.cfg-rw-r--r--. 1 root root  1016 Jan 16  2022 hostsdrwxr-xr-x. 2 root root     6 Jan 16  2022 roles/etc/ansible/ansible.cfg  主机配置文件/etc/ansible/hosts        主机清单/etc/ansible/roles        存放角色目录
ansible命令
#列出所有模块ansible-doc -l#查看指定模块的帮助用法ansible-doc ping#查看指定模块的帮助用法ansible-doc -s ping选项说明:--version          #显示版本-m module          #指定模块。默认为command-v                 #详细过程 -vv -vvv更详细--list-hosts       #显示主机列表 可简写 --list-k,--ask-pass     #提示输入ssh连接密码。默认key验证-c,--check        #检查,并不执行-T,--timeout=     #执行命令的超时时间,默认10s-u,--user=user    #执行远程执行的用户-b,--become       #代替旧版的sudo切换--become-user=user #指定sudo用的runas用户,默认root-k,--ask-become-pass#提示输入sudo时的口令

#配置文件的主机名称[root@ansible ~]# cat /etc/ansible/hosts文件最后位置## db-[99:101]-node.example.com[websrvs]192.168.160.[129:130]
[dbsrvs]192.168.160.130
[appssrvs]192.168.160.[128:130]
#ping主机ALL:表示所有inventory中的所有主机[root@ansible ~]# ansible all  -m  ping192.168.160.129 | SUCCESS => {    "ansible_facts": {        "discovered_interpreter_python": "/usr/bin/python"    },    "changed": false,    "ping": "pong"}192.168.160.130 | SUCCESS => {......}192.168.160.128 | SUCCESS => { ......}
#查看分组机器信息[root@ansible ~]# ansible appssrvs --list-hosts  hosts (3):    192.168.160.128    192.168.160.129    192.168.160.130
#通配符 * ansible "*" -m pingansible 192.168.160.* -m pingansible "*" --list-hosts或关系128或130ansible 192.168.160.128:192.168.160.130 -m pingansible "websrvs:dbsrvs" -m ping逻辑与在websrvs组并且在dbsrvs组中的主机ansible "websrvs:&dbsrvs" -m ping逻辑非在websrvs组中,单不在dbsrvs组中的主机(单引号)ansible 'websrvs:!dbsrvs' -m ping正则表达式ansible "~(web|db)srvs" -m ping以wang用户执行ping存活检测ansible all -m ping -u wang -k
ansible命令执行过程
1.加载自己的配置文件默认/etc/ansible/ansible.cfg2.加载自己对应的模块文件,如:command3.通过ansible将模块或命令生成对应的临时py文件,并将该文件传输只远程服务器的对应执行用户$HOME/.ansible/tmp/ansible-tmp-数字/xxx.py文件4.给文件+x执行5.执行并返回结果6.删除临时py文件,退出#查看执行过程ansible "~(web|db)srvs" -v -m  pingansible "~(web|db)srvs" -vv -m  pingansible "~(web|db)srvs" -vvv -m  ping

ansible相关模块

ansible-galaxy
#查看ansible-galaxy list#安装ansible-galaxy install geerlingguy.mysql#卸载ansible-galaxy remove  geerlingguy.mysql

ansible-playbook

ansible-vault encrypt hello.yml #加密文件ansible-vault decrypt hello.yml #解密文件ansible-vault rekey hello.yml   #修改加密密码
ansible-console
[root@ansible ~]# ansible-consoleWelcome to the ansible console.Type help or ? to list commands.
root@all (3)[f:5]$ list192.168.160.130192.168.160.128192.168.160.129root@all (3)[f:5]$ cd appssrvsroot@appssrvs (3)[f:5]$ list192.168.160.128192.168.160.129192.168.160.130root@appssrvs (3)[f:5]$ cd websrvsroot@websrvs (2)[f:5]$ list192.168.160.129192.168.160.130
切换组:cd 主机组 设置并发数;forks n  列出当前组主机列表:list
ansible-常用模块
commadn模块
功能:远程主机上执行命令,默认模块,可以忽略-m选项[root@ansible ~]# ansible websrvs -m command -a 'cat /etc/redhat-release'192.168.160.129 | CHANGED | rc=0 >>CentOS Linux release 7.6.1810 (Core)192.168.160.130 | CHANGED | rc=0 >>CentOS Linux release 7.6.1810 (Core)[root@ansible ~]# ansible websrvs -m command -a 'chdir=/etc cat redhat-release'192.168.160.129 | CHANGED | rc=0 >>CentOS Linux release 7.6.1810 (Core)192.168.160.130 | CHANGED | rc=0 >>CentOS Linux release 7.6.1810 (Core)
[root@ansible ~]# ansible all -m command -a 'removes=/tmp/test.txt cat /etc/redhat-release'192.168.160.130 | CHANGED | rc=0 >>CentOS Linux release 7.6.1810 (Core)192.168.160.128 | SUCCESS | rc=0 >>skipped, since /tmp/test.txt does not exist192.168.160.129 | CHANGED | rc=0 >>CentOS Linux release 7.6.1810 (Core)[root@ansible ~]# ansible all -m command -a 'creates=/tmp/test.txt cat /etc/redhat-release'192.168.160.130 | SUCCESS | rc=0 >>skipped, since /tmp/test.txt exists192.168.160.129 | SUCCESS | rc=0 >>skipped, since /tmp/test.txt exists192.168.160.128 | CHANGED | rc=0 >>CentOS Linux release 7.6.1810 (Core)
shell模块
功能:和command类似,用shell执行命令#查看主机名[root@ansible ~]# ansible all -m shell -a 'echo $HOSTNAME'192.168.160.130 | CHANGED | rc=0 >>clinet1192.168.160.128 | CHANGED | rc=0 >>ansible192.168.160.129 | CHANGED | rc=0 >>client#修改密码[root@ansible ~]# ansible all -m shell -a 'echo 123456| passwd --stdin root '192.168.160.130 | CHANGED | rc=0 >>Changing password for user root.passwd: all authentication tokens updated successfully.192.168.160.129 | CHANGED | rc=0 >>Changing password for user root.passwd: all authentication tokens updated successfully.192.168.160.128 | CHANGED | rc=0 >>Changing password for user root.passwd: all authentication tokens updated successfully.
[root@ansible ~]# ansible all -m shell -a 'echo hello >/tmp/hello.log '192.168.160.128 | CHANGED | rc=0 >>
192.168.160.130 | CHANGED | rc=0 >>
192.168.160.129 | CHANGED | rc=0 >>
[root@ansible ~]# ansible all -m shell -a 'ls -l /tmp/hello.log '192.168.160.128 | CHANGED | rc=0 >>-rw-r--r-- 1 root root 6 Dec  1 20:51 /tmp/hello.log192.168.160.129 | CHANGED | rc=0 >>-rw-r--r-- 1 root root 6 Dec  1 20:51 /tmp/hello.log192.168.160.130 | CHANGED | rc=0 >>-rw-r--r-- 1 root root 6 Dec  1 20:51 /tmp/hello.log#查看文件removes文件存在就执行后面的命令[root@ansible ~]# ansible all -m shell -a ' chdir=/tmp  removes=/etc/issue cat /tmp/hello.log '192.168.160.130 | CHANGED | rc=0 >>hello192.168.160.128 | CHANGED | rc=0 >>hello192.168.160.129 | CHANGED | rc=0 >>hello#查看文件,文件存在就不执行后面的命令(creates)[root@ansible ~]# ansible all -m shell -a ' chdir=/tmp  creates=/etc/issue cat /tmp/hello.log '192.168.160.128 | SUCCESS | rc=0 >>skipped, since /etc/issue exists192.168.160.130 | SUCCESS | rc=0 >>skipped, since /etc/issue exists192.168.160.129 | SUCCESS | rc=0 >>skipped, since /etc/issue exists
#修改ansible默认模块为shell模块[root@ansible ~]# vim /etc/ansible/ansible.cfg# default module name for /usr/bin/ansible#module_name = commandmodule_name = shell
script模块
功能:在远程主机上运行ansible服务器上的脚本
ansible websrvs -m script -a  '/root/test.sh'
copy模块
功能:将ansible服务器主控端复制文件到远程主机#直接在远端生成文件ansible websrvs -m copy -a "content='test line1\ntest line2' dest=/tmp/test.txt"#拷贝文件到远端服务器ansible websrvs -m copy -a "src=/etc/redhat-release dest=/tmp/os.txt"#拷贝文件夹到远端ansible websrvs -m copy -a "src=/etc/sysconfig dest=/tmp/"
fetch模块
功能:从远程主机提取文件到ansible的主控端,copy相反,目前不支持目录#提取远程主机版本信息ansible all -m fetch -a 'src=/etc/redhat-release dest=/tmp/release'
[root@ansible ~]# tree /tmp/release//tmp/release/├── 192.168.160.128│   └── etc│       └── redhat-release├── 192.168.160.129│   └── etc│       └── redhat-release└── 192.168.160.130    └── etc        └── redhat-release
6 directories, 3 file
file模块
功能:设置文件属性#创建空文件ansible websrvs -m file -a 'path=/tmp/test111.txt state=touch'#删除文件ansible websrvs -m file -a 'path=/tmp/test111.txt state=absent'#创建目录并修改目录属性ansible websrvs -m file -a "path=/tmp/ceshi state=directory owner=test group=test"#创建软连接ansible websrvs -m file -a 'src=/tmp/test.txt dest=/tmp/os.txt-link state=link'
[root@client ~]# ll /tmp/total 16drwxr-xr-x  2 test test    6 Dec  2 19:42 ceshidrwxr-xr-x  2 root root    6 Dec  2 19:39 mysql-rw-r--r--  1 root root   38 Dec  2 12:31 os.txtlrwxrwxrwx  1 root root   13 Dec  2 19:45 os.txt-link -> /tmp/test.txtdrwx------  3 root root   17 Dec  2 12:09 systemd-private-da01c930b85a45cd9c96230851426d44-chronyd.service-tu4Vtsdrwx------  3 root root   17 Dec  2 12:09 systemd-private-da01c930b85a45cd9c96230851426d44-cups.service-0Fldo3drwxr-xr-x  2 root root    6 Dec  2 19:41 test-rw-r--r--  1 root root   21 Dec  2 12:29 test.txtdrwx------  2 root root    6 Dec  1 10:20 vmware-root_6190-1002485829drwx------  2 root root    6 Dec  2 12:09 vmware-root_6266-692817840-rw-------. 1 root root 1927 Nov 30 10:03 yum_save_tx.2022-11-30.10-03.xDXfGb.yumtx-rw-------. 1 root root 1927 Nov 30 10:10 yum_save_tx.2022-11-30.10-10.NBMhSW.yumtx[root@client ~
unarchive模块
功能:解包解压缩两种用法:1.将ansible主机上的压缩包传到远程主机后解压缩至特定目录,设置copy=yes2.将远程主机上的某个压缩包解压到指定路径下,设置copy=no#将etc打包tar zcvf /root/etc.tar.gz /etc#将ansible主机上etc.tar.gz 用户解压到目标主机目录下,并修改所属用户ansible websrvs -m unarchive -a 'src=/root/etc.tar.gz dest=/tmp/data/ owner=test'#将压缩包拷贝到远程主机ansible websrvs -m copy -a 'src=/root/etc.tar.gz dest=/tmp/data'#本地解压压缩包到/opt目录下,需要添加copy=no参数,说明包在本地不需要拷贝过去ansible websrvs -m unarchive -a 'src=/tmp/data/etc.tar.gz dest=/opt/  mode=700 copy=no'
archive模块
功能:打包压缩#将ansible主机的的/var/log/打包压缩并复制到远端主机的目录下ansible websrvs -m archive -a 'path=/var/log/ dest=/tmp/data/log.tar.gz format=tar owner=test mode=0600'#查看打包的文件[root@ansible ~]# ansible websrvs  -a 'ls -l /tmp/data'192.168.160.129 | CHANGED | rc=0 >>total 22016-rw-r--r--   1 root root 11756951 Dec  3 15:05 etc.tar.gz-rw-------   1 test root 10772480 Dec  3 15:14 log.tar.gz192.168.160.130 | CHANGED | rc=0 >>total 22216-rw-r--r-- 1 root root 11756951 Dec  3 15:05 etc.tar.gz-rw------- 1 test root 10987520 Dec  3 15:14 log.tar.gz
hostname模块
功能:管理主机名#修改主机名ansible 192.168.160.130 -m hostname -a 'name=centos7-study'ansible 192.168.160.129 -m hostname -a  'name=centos7-study_1'#查看修改后主机名[root@ansible ~]# ansible all -a  'hostname'192.168.160.129 | CHANGED | rc=0 >>centos7-study_1192.168.160.130 | CHANGED | rc=0 >>centos7-study192.168.160.128 | CHANGED | rc=0 >>ansible
cron模块
功能:计划任务支持时间:minute.hour.day.month.weekday分-小时-天-月-周
#创建计划任务ansible dbsrvs -m cron -a 'hour=2 minute=30 weekday=1-5 name="backup" job=/root/backup.sh'#查看计划任务[root@ansible ~]# ansible dbsrvs -a 'crontab -l'192.168.160.130 | CHANGED | rc=0 >>#Ansible: backup30 2 * * 1-5 /root/backup.sh#2点30 每周一到周五#禁用计划任务ansible dbsrvs -m cron -a 'hour=2 minute=30 weekday=1-5 name="backup" job=/root/backup.sh disabled=yes''
[root@ansible ~]# ansible dbsrvs -a 'crontab -l'192.168.160.130 | CHANGED | rc=0 >>#Ansible: backup#30 2 * * 1-5 /root/backup.sh
#启用计划任务ansible dbsrvs -m cron -a 'hour=2 minute=30 weekday=1-5 name="backup" job=/root/backup.sh disabled=no'
删除计划任务ansible dbsrvs -m cron -a 'name='backup' state=absent'
yum模块
功能:管理软件包,只支持rehl,centos 不支持ubuntu其他版本#安装yum包ansible websrvs -m yum -a "name=httpd"#卸载软件包ansible websrvs -m yum -a "name=httpd state=absent
service模块
功能:管理服务#启动服务ansible websrvs -m service -a "name=httpd state=started"#停止服务ansible websrvs -m service -a "name=httpd state=stopped"#启动服务设置开机启动ansible websrvs -m service -a "name=httpd state=started enabled=yes"#修改端口ansible websrvs -m shell -a "sed -i 's/^Listen 80/Listen 8080/' /etc/httpd/conf/httpd.conf"#重启服务ansible websrvs -m service -a "name=httpd state=restarted"#查看端口ss -ntl
group模块
功能:管理组#新建组并指定idansible websrvs -m group -a 'name=ceshi gid=88 system=yes'#删除组ansible websrvs -m group -a 'name=ceshi state=absent'
user模块
功能:管理用户#新建用户指定用户组和家目录ansible websrvs -m user -a 'name=user1 comment="test user" uid=2048 home=/tmp/user1 group=test'#删除用户寄家目录ansible websrvs -m user -a 'name=user1 state=absent remove=yes'
lineinfile模块
功能:相当于sed,可以修改文件内容#修改文件内容ansible all -m lineinfile -a "path=/etc/selinux/config regexp='^SELINUX=' line='SELINUX=enforcing'"ansible all -m lineinfile -a "path=/etc/selinux/config regexp='^SELINUX=' line='SELINUX=disabled'"#将fstab文件注释行删除ansible  all -m lineinfile -a 'dest=/etc/fstab state=absent regexp="^#"'
replace模块
功能:类似于sed,主要基于正则进行匹配和替换#修改文件将uuid开头全部注释ansible all -m replace -a "path=/etc/fstab regexp='^(UUID.*)' replace='#\1'"#修改文件将#开头全部改回ansible all -m replace -a "path=/etc/fstab regexp='^#(.*)' replace='\1'"
setup模块
功能:用来收集主机的系统信息#查看主机全部信息ansible websrvs -m setup#过滤信息ansible all -m setup -a 'filter=ansible_distribution_major_version'ansible all -m setup -a 'filter=ansible_python_version'ansible all -m setup -a 'filter=ansible_nodename'ansible all -m setup -a 'filter=ansible_domain'ansible all -m setup -a 'filter=ansible_memory_mb'ansible all -m setup -a 'filter=ansible_memtotal_mb'ansible all -m setup -a 'filter=ansible_nodename'ansible all -m setup -a 'filter=ansible_domain'ansible all -m setup -a 'filter=ansible_memory_mb'ansible all -m setup -a 'filter=ansible_os_family'ansible all -m setup -a 'filter=ansible_all_ipv4_addresses'ansible all -m setup -a 'filter=ansible_processor_vcpus'

 

 

 

小张的知识杂货铺
日常学习技术分享,带你体会学习的乐趣
15篇原创内容

关注小张的知识杂货铺,让我们一起学习一起进步图片

 

 

 

收录于合集 #ansible
 2
上一篇自动化运维工具ansible
阅读 184
小张的知识杂货铺
15篇原创内容