模块(也被称为 “task plugins” 或 “library plugins”),可以在Ansible-playbooks和Ansible命令中运用它们。
官方文档:
Ansible所有模块列表:https://docs.ansible.com/ansible/list_of_all_modules.html
环境:Centos 6.6
ansible 2.2.1.0
Command模块
Ansible command模块:https://docs.ansible.com/ansible/list_of_commands_modules.html
在远程主机上执行命令
常用选项:
creates:判断,当该文件存在时,则该命令不执行
free_form:需要执行的Linux指令
chdir:在执行命令之前,先切换到该指定的目录
removes:判断,当该文件不存在时,则该选项不执行
executable:切换shell来执行命令,该执行路径必须是一个绝对路径
1 2 3 4 5 6 7 8 9 10 11 12 13
| [root@Ansible ~] SSH password: 192.168.31.110 | SUCCESS | rc=0 >> host1 [root@Ansible ~]
|
1 2 3 4 5 6 7 8 9 10
| [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> lost+found [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> skipped, since /tmp/ansible_test_cpoy.txt exists [root@Ansible ~]
|
1 2 3 4 5 6 7 8 9 10
| [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> lost+found [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> skipped, since /tmp/bbb.txt.txt does not exist [root@Ansible ~]
|
1 2 3 4 5 6 7 8 9 10 11
| [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> total 20500 -rw-r--r-- 1 root root 20971520 Feb 6 15:42 game1 -rw-r--r-- 1 root root 20458 Feb 6 15:43 game1.tar.gz [root@Ansible ~]
|
Shell模块
Ansible shell模块:https://docs.ansible.com/ansible/shell_module.html
Ansible raw:https://docs.ansible.com/ansible/raw_module.html
1 2 3 4 5 6 7 8 9 10 11
| [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> root 1013 1 0 10:36 ? 00:00:00 crond [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> root 1013 1 0 10:36 ? 00:00:00 crond [root@Ansible ~]
|
File模块
Ansible File模块:https://docs.ansible.com/ansible/list_of_files_modules.html
file - Sets attributes of file:https://docs.ansible.com/ansible/file_module.html
常用选项:
force:在两种情况下强制创建软链接。1、源文件不存在但之后会建立的情况;2、目标软件已存在,需要先取消之前的软链接,然后创建新的软链接。选项:yes|no
group:定义文件/目录的属组
mode:定义文件/目录的权限
path:必选项,定义文件/目录的路径
recurse:递归的设置文件的属性,只对目录有效
src:要被链接到的路径,只应用于state=link的情况
dest:被链接到的路径,只应用于state=link的情况
state:
- directory:如果目录不存在,创建目录
- file:即使文件不存在,也不会被创建
- link:创建软链接;hard:创建硬链接
- touch:如果文件不存在,则会创建一个新的文件,如果已存在,则更新其最后修改时间
- absent:删除目录/文件或者取消链接文件
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
| [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "dest": "/tmp/test.txt", "gid": 0, "group": "root", "mode": "0644", "owner": "root", "size": 0, "state": "file", "uid": 0 } [root@Ansible ~] [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> -rw-r--r-- 1 root root 0 Feb 6 10:38 /tmp/test.txt [root@Ansible ~] [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "path": "/tmp/test.txt", "state": "absent" } [root@Ansible ~]
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
| [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "gid": 12, "group": "mail", "mode": "0777", "owner": "root", "path": "/tmp/test_dir", "size": 4096, "state": "directory", "uid": 0 } [root@Ansible ~] [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> drwxrwxrwx 2 root mail 4096 Feb 6 10:47 /tmp/test_dir [root@Ansible ~]
|
Copy模块:
Ansible copy模块:https://docs.ansible.com/ansible/copy_module.html
复制文件到远程主机
常用选项
backup:在覆盖之前将源文件备份,备份文件包含时间信息,选项:yes|no
content:用于替代”src”,可以直接设定文件的值
directory_node:递归的设定目录权限,默认为系统默认权限
force:如果目标主机包含该文件,但内容不同,如果设置为yes,则强制覆盖;如果设置为no,则只有当目标主机的目标位置不存在该文件时,才复制。默认为yes
others:所有file模块里的选项都可以在这里使用
src:要复制到远程主机的文件在本地的地址,可以是绝对路径,也可以是相对路径。如果路径是一个目录,它将递归复制。在这种情况下,如果路径使用“/”来结尾,则只复制目录里的内容,如果没有使用“/”来结尾,则包含目录在内的整个内容全部复制,类似于rsync
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
| [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "checksum": "e6c4fbd4fe7607f3e6ebf68b2ea4ef694da7b4fe", "dest": "/tmp/ansible_test_cpoy.txt", "gid": 12, "group": "mail", "md5sum": "2d282102fa671256327d4767ec23bc6b", "mode": "0600", "owner": "root", "size": 21, "src": "/root/.ansible/tmp/ansible-tmp-1486364820.02-66604881581156/source", "state": "file", "uid": 0 } [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> -rw------- 1 root mail 21 Feb 6 15:07 /tmp/ansible_test_cpoy.txt [root@Ansible ~]
|
Service模块
Ansible service模块:https://docs.ansible.com/ansible/service_module.html
用于管理服务
常用选项:
arguments:为命令提供一些附加参数
enabled:是否开机启动,选项 yes|no
name:必选项,服务名称
pattern:定义一个模式,如果通过status指令来查看服务状态时,没有响应,它会通过ps命令在进程中根据该模式进行查找,如果匹配到,则认为该服务依然运行
runlevel:运行级别
sleep:如果执行了restarted,则在stop和start之间等待几秒钟
state:对当前服务执行启动/停止/重启/重新加载等操作(started/stopped/restarted/reloaded)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
| [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "enabled": true, "name": "nginx", "state": "started" } [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> root 2638 1 0 17:40 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf nginx 2640 2638 0 17:40 ? 00:00:00 nginx: worker process [root@Ansible ~] [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> nginx 0:off 1:off 2:on 3:on 4:on 5:on 6:off nginx-debug 0:off 1:off 2:off 3:off 4:off 5:off 6:off [root@Ansible ~] [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": false, "name": "nginx", "state": "started" } [root@Ansible ~] [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "name": "network", "state": "started" } [root@Ansible ~]
|
Cron模块
Ansible cron模块:https://docs.ansible.com/ansible/cron_module.html
用于管理计划任务
常用参数:
backup:对远程主机上的原计划任务内容修改之前做备份
cron_file:如果指定该选项,则用该文件替换远程主机上cron.d目录下的用户的任务计划
day:日(1-31,*,*/2,…)
hour:小时(0-23,*,*/2,…)
minute:分钟(0-59,*,*/2,…)
month:月(0-12,*,…)
weekday:周(0-7,*,…)
job:要执行的任务,依赖于state=present
name:该任务的描述
special_time:指定什么时候执行,参数:reboot,yearly,annually,monthly,weekly,daily,hourly
state:确认该任务计划是创建还是删除
user:以哪个用户身份执行
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51
| [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "envs": [], "jobs": [ "reboot system" ] } [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> 0 5 * * * /sbin/reboot [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "envs": [], "jobs": [] } [root@Ansible ~] [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "envs": [], "jobs": [ "check home directory" ] } [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> */5 * * * * ls -lht /home [root@Ansible ~] [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "envs": [], "jobs": [ "echo reboot" ] } [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> @reboot echo reboot_successful [root@Ansible ~]
|
FileSystem
Ansible FileSystem模块:https://docs.ansible.com/ansible/filesystem_module.html
块设备上创建文件系统
选项:
dev:目标块设备
force:在一个已有文件系统的设备上强制创建
fstype:文件系统的类型
opts:传递给mkfs命令的选项
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
| [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true } [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> Disk /dev/sdb: 107.4 GB, 107374182400 bytes 255 heads, 63 sectors/track, 13054 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 [root@Ansible ~]
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44
| [root@Ansible ~] #!/bin/bash fdisk /dev/sdb <<EOF n p 1 +10G p w EOF [root@Ansible ~] [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "checksum": "f265923f0a4578e36c82418df1a068a55867c1b1", "dest": "/tmp/fdisk.sh", "gid": 0, "group": "root", "md5sum": "87c9e0b074e4828b37d6e334d1cf7ce1", "mode": "0644", "owner": "root", "size": 71, "src": "/root/.ansible/tmp/ansible-tmp-1486437971.22-237961786906240/source", "state": "file", "uid": 0 } [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> ... Disk /dev/sdb: 107.4 GB, 107374182400 bytes 255 heads, 63 sectors/track, 13054 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x166637ee Device Boot Start End Blocks Id System /dev/sdb1 1 1306 10490413+ 83 Linux [root@Ansible ~]
|
Mount模块
Ansible mount模块:https://docs.ansible.com/ansible/mount_module.html
dump:存储(见fstab文件第5列)。注意,如果设置为null并且状态设置为present,它将停止工作,并且将在后续运行中进行重复条目。对Solaris系统没有影响。
fstype:必选项,文件系统类型,要求状态是present或mounted
name:必选项,挂载点
opts:传递给mount命令的参数
src:必选项,要挂载的设备路径。要求状态是present或mounted
state:必选项。选项为present/absent/mounted/unmounted
- present:只处理fstab中的配置
- absent:删除挂载点
- mounted:自动创建挂载点并挂载
- unmounted:卸载
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
| [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "dump": "0", "fstab": "/etc/fstab", "fstype": "ext4", "name": "/mnt", "opts": "rw", "passno": "0", "src": "/dev/sdb1" } [root@Ansible ~] [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> Filesystem Size Used Avail Use% Mounted on /dev/sdb1 9.8G 23M 9.3G 1% /mnt [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> /dev/sdb1 /mnt ext4 rw 0 0 [root@Ansible ~]
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37
| [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> 100+0 records in 100+0 records out 104857600 bytes (105 MB) copied, 0.241784 s, 434 MB/s [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true } [root@Ansible ~] [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "dump": "0", "fstab": "/etc/fstab", "fstype": "ext4", "name": "/yfshare", "opts": "defaults", "passno": "0", "src": "/dev/loop0" } [root@Ansible ~] [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> /dev/loop0 93M 1.6M 87M 2% /yfshare [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> /dev/loop0 /yfshare ext4 defaults 0 0 [root@Ansible ~] [root@Ansible ~]
|
Yum模块
Ansible Packaging Modules:https://docs.ansible.com/ansible/list_of_packaging_modules.html
Ansible yum模块:https://docs.ansible.com/ansible/yum_module.html
使用yum包管理器来管理软件包
选项:
conf_file:yum的配置文件
disable_gpg_check:关闭gpg_check
disablerepo:不启用某个源
enablerepo:启用某个源
list:查看yum列表
name:要进行操作的软件包名字,也可以传递一个url或者一个本地的rpm包的路径
state:状态(present/installed/absent/removed/latest)
1 2 3 4 5 6 7 8 9 10 11 12
| [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "msg": "", "rc": 0, "results": [ "Loaded plugins: fastestmirror\nSetting up Remove Process\nResolving Dependencies\n--> Running transaction check\n---> Package nginx.x86_64 0:1.10.3-1.el6.ngx will be erased\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n ... ] } [root@Ansible ~]#
|
1 2 3 4 5 6 7 8 9 10 11
| [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": false, "msg": "", "rc": 0, "results": [ "nginx-1.10.3-1.el6.ngx.x86_64 providing nginx is already installed" ] } [root@Ansible ~]
|
User模块
Ansible User模块:https://docs.ansible.com/ansible/user_module.html
常用参数:
home:指定用户家目录
group:设置用户主组
groups:设置用户的附属组
uid:设置用户的UID
password:设置用户的密码,密码必须为加密后的值
name:创建用户的用户名
createhhome:选项yes|no,值为yes时才创建用户家目录
system:选项yes|no,默认为no,值为yes时创建的用户为系统用户
remove:当state=absent时,remove=yes则表示连同家目录一起删除,等价于userdel -r
state:选项present|absent,创建用户或删除用户
shell:设置用户的shell环境
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
| [root@Ansible ~] $1$K28XAyId$YUKHvYzbbO9C8RkzGIzNo1 [root@Ansible ~] [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "comment": "", "createhome": true, "group": 1000, "home": "/home/user1", "name": "user1", "password": "NOT_LOGGING_PASSWORD", "shell": "/bin/bash", "state": "present", "system": false, "uid": 1001 } [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> uid=1001(user1) gid=1000(yfshare) groups=1000(yfshare) [root@Ansible ~]
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
| [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "comment": "", "createhome": true, "group": 1002, "groups": "yfshare", "home": "/home/user2", "name": "user2", "password": "NOT_LOGGING_PASSWORD", "shell": "/bin/bash", "state": "present", "system": false, "uid": 1002 } [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> uid=1002(user2) gid=1002(user2) groups=1002(user2),1000(yfshare) [root@Ansible ~]
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14
| [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "force": false, "name": "user1", "remove": true, "state": "absent" } [root@Ansible ~] 192.168.31.110 | FAILED | rc=1 >> id: user1: No such user [root@Ansible ~]
|
Group模块
Ansible group模块:https://docs.ansible.com/ansible/group_module.html
选项:
gid:设置组的GID
name:组名
state:选项为present|absent,创建组或删除组
system:选项为yes|no,值为yes,则创建系统组
1 2 3 4 5 6 7 8 9 10 11 12 13 14
| [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "gid": 1000, "name": "yfshare", "state": "present", "system": false } [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> yfshare:x:1000: [root@Ansible ~]
|
1 2 3 4 5 6 7 8 9 10 11
| [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "name": "yfshare", "state": "absent" } [root@Ansible ~] 192.168.31.110 | FAILED | rc=1 >> [root@Ansible ~]
|
Synchronize模块
Ansible synchronize模块:https://docs.ansible.com/ansible/synchronize_module.html
archive:归档,相当于同时开启recursive(递归)、links、perms、times、owner、group、-D选项都为yes ,默认该项为开启
checksum:跳过检测sum值,默认关闭
delete:删除不存在的文件(源主机没有但目标主机中存在的文件),默认no
dest:从源同步到目的主机的路径,可以为绝对路径或相对路径
src:在源主机上将要同步到目的主机的路径,可为绝对路径或相对路径
dest_port:目标主机上的SSH端口号,在Ansible 2.0之前,ansible_ssh_port变量值优先于此变量
existing_only:在目的主机上不创建新文件
links:将符号链接复制为符号链接
copy_links:复制链接文件,默认为no
owner:保留所有者(仅超级用户)
mode:选项push和pull。push模式,从本机向远程主机传送文件;pull模式从远程主机上取文件
recursive:递归到目录
rsync_path:指定在远程主机上运行rsync命令
times:保留修改时间
compress:在传输过程中是否压缩文件,选项yes|no
dirs:传速目录不进行递归,默认为no,即进行目录递归
rsync_opts:指定rsync参数选项
set_remote_user:主要用于/etc/ansible/hosts中定义或默认使用的用户与rsync使用的用户不同的情况
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
| "msg": "Failed to find required executable ssh" "msg": "Failed to find required executable rsync" [root@Ansible ~] root@192.168.31.110's password: 192.168.31.110 | SUCCESS => { "changed": true, "cmd": "/usr/bin/rsync --delay-updates -F --compress --archive --rsh 'ssh -S none -o StrictHostKeyChecking=no' --out-format='<<CHANGED>>%i %n%L' \"/tmp/helloworld.txt\" \"root@192.168.31.110:/tmp/\"", "msg": "<f+++++++++ helloworld.txt\n", "rc": 0, "stdout_lines": [ "<f+++++++++ helloworld.txt" ] } [root@Ansible ~]# ansible test_hosts -a 'cat /tmp/helloworld.txt' 192.168.31.110 | SUCCESS | rc=0 >> hello world [root@Ansible ~]#
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
| [root@Ansible ~] root@192.168.31.110's password: 192.168.31.110 | SUCCESS => { "changed": true, "cmd": "/usr/bin/rsync --delay-updates -F --compress --delete-after --archive --rsh 'ssh -S none -o StrictHostKeyChecking=no' --out-format='<<CHANGED>>%i %n%L' \"/tmp/test\" \"root@192.168.31.110:/tmp/synchronize_test\"", "msg": "cd+++++++++ test/\n ··· ] } [root@Ansible ~]# [root@Ansible ~]# ansible test_hosts -a 'ls /tmp/synchronize_test' 192.168.31.110 | SUCCESS | rc=0 >> test [root@Ansible ~]#
|
get_url模块
主要用于从http、ftp、https服务器上下载文件(类似于wget)
Ansible get_url模块:https://docs.ansible.com/ansible/get_url_module.html
选项:
checksum:文件下载完成后进行校验
timeout:请求超时时间,默认为10s
url:文件下载地址
url_username:用户名,基于HTTP的基本认证
url_password:密码
use_proxy:选项yes|no,默认为yes,即使用代理
dest:下载文件存储的绝对路径
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
| [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "checksum_dest": null, "checksum_src": "a1b756c6a431552e5012a9332c68dc1ef3ec463c", "dest": "/tmp/0_README.txt", "gid": 0, "group": "root", "md5sum": "99bc97977d71be899bef0c5664fae3fb", "mode": "0644", "msg": "OK (2210 bytes)", "owner": "root", "size": 2210, "src": "/tmp/tmp8GUXc4", "state": "file", "uid": 0, "url": "http://archive.kernel.org/centos-vault/6.7/isos/x86_64/0_README.txt" } [root@Ansible ~] [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> -rw-r--r-- 1 root root 2210 Feb 8 19:33 /tmp/0_README.txt [root@Ansible ~]
|
unarchive模块
Ansible unarchive模块:https://docs.ansible.com/ansible/unarchive_module.html
用于解压文件
选项:
remote_src:选项yes|no,默认为no,值为yes表示文件已复制到远程主机,added in Ansible 2.2
creates:如果文件存在,则不执行解压命令
dest:在远程主机上解压的绝对路径
group:设置解压后文件/目录的属组
owner:设置解压后文件/目录的属主
list_files:选项yes|no,默认为no,值为yes,解压后列出压缩包的文件,added in Ansible 2.0
mode:解压后文件的权限
src:值为yes,如果remote_src=no (default),本地压缩文件复制到目的服务器,绝对路径相对路径均可;如果remote_src=yes,直接在目标服务器上解压文件;如果remote_src=yes和src包含URL,则先下载文件
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39
| [root@Ansible ~] 192.168.31.110 | SUCCESS => { "changed": true, "dest": "/tmp/", "extract_results": { "cmd": [ "/usr/bin/unzip", "-o", "/root/.ansible/tmp/ansible-tmp-1486610818.84-40104290759151/source", "-d", "/tmp/" ], "err": "", "out": "Archive: /root/.ansible/tmp/ansible-tmp-1486610818.84-40104290759151/source\n inflating: /tmp/newsid.exe \n inflating: /tmp/Eula.txt \n", "rc": 0 }, "files": [ "newsid.exe", "Eula.txt" ], "gid": 0, "group": "root", "handler": "ZipArchive", "mode": "01777", "owner": "root", "size": 4096, "src": "/root/.ansible/tmp/ansible-tmp-1486610818.84-40104290759151/source", "state": "directory", "uid": 0 } [root@Ansible ~] [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> total 240 drwx------ 2 root root 4096 Feb 9 11:28 ansible_zimVwy -rw------- 1 yfshare root 7005 Jul 28 2006 Eula.txt -rw------- 1 yfshare root 228152 Nov 1 2006 newsid.exe [root@Ansible ~]
|
Setup模块
Ansible Setup模块:https://docs.ansible.com/ansible/setup_module.html
playbooks自动收集远程主机上可用变量,这些变量用于playbooks
1 2 3 4 5 6 7 8 9 10 11
| [root@Ansible ~] 192.168.31.110 | SUCCESS => { "ansible_facts": { "ansible_all_ipv4_addresses": [ "192.168.31.110" ], "ansible_all_ipv6_addresses": [ "fe80::20c:29ff:fe5c:dc6d" ], "ansible_architecture": "x86_64", ...
|
Template模块
Ansible Template模块:https://docs.ansible.com/ansible/template_module.html
模版由jinja2模版语言处理,模版设计文档参考这里
模版中可以使用六个附加变量:
- ansible_managed(通过ansible.cfg的defaults部分配置)包含一个字符串,可用户描述模版名称,主机,模版文件修改时间和所有者uid
- template_host包含模版机器的节点名称
- template_uid所有者的用户ID
- template_path模版路径
- template_fullpath模版的绝对路径
- telmpate_run_date模版显示日期
常用选项:
backup:选项yes|no,默认为no,创建一个包含时间戳的备份文件
src:本地文件的路径
dest:远程主机的文件位置
force:选项yes|no,默认为yes,覆盖远程主机上的同名文件,如果为否,只有当远程主机上不存在此文件时,才传输文件
owner:文件/目录的所有者,chown
group:文件/目录的所属组,chown
mode:文件/目录的权限,chmod
validate:在复制之前需要验证命令,要验证的文件的路径通过“%s”传递
1 2 3 4 5 6 7 8
| - template: src: etc/ssh/sshd_config.j2 dest: /etc/ssh/sshd_config owner: root group: root mode: '0600' validate: /usr/sbin/sshd -t -f %s backup: yes
|
script模块
Ansible script模块:http://docs.ansible.com/ansible/script_module.html
在远程主机上执行脚本
1 2 3 4 5 6
| [root@Ansible ~] [root@Ansible ~] #!/bin/bash echo 'This is a test script' > /tmp/script.ansible useradd Jack_wang [root@Ansible ~]
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
| [root@Ansible ~] Enter passphrase for key '/root/.ssh/id_rsa': 192.168.31.110 | SUCCESS => { "changed": true, "rc": 0, "stderr": "Shared connection to 192.168.31.110 closed.\r\n", "stdout": "", "stdout_lines": [] } [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> uid=502(Jack_wang) gid=502(Jack_wang) groups=502(Jack_wang) [root@Ansible ~] 192.168.31.110 | SUCCESS | rc=0 >> This is a test script [root@Ansible ~]
|
参考文档:http://breezey.blog.51cto.com/2400275/1555530/
本文出自”Jack Wang Blog”:http://www.yfshare.vip/2017/04/05/Ansible常用模块/