请注意,本文编写于 2048 天前,最后修改于 1797 天前,其中某些信息可能已经过时。
1. 命令行参数
-v,–verbose 详细模式,如果命令执行成功,输出详细的结果(-vv –vvv -vvvv)
-i PATH,–inventory=PATH 指定host文件的路径,默认是在/etc/ansible/hosts(生产环境经常用到)
-f NUM,–forks=NU NUM是指定一个整数,默认是5,指定fork开启同步进程的个数。
-m NAME,–module-name=NAME 指定使用的module名称,默认是command
-m DIRECTORY,–module-path=DIRECTORY 指定module的目录来加载module,默认是/usr/share/ansible,
-a,MODULE_ARGS 指定module模块的参数
-k,-ask-pass 提示输入ssh的密码,而不是使用基于ssh的密钥认证
-sudo 指定使用sudo获得root权限(生产环境经常用到)
-K,-ask-sudo-pass 提示输入sudo密码,与–sudo一起使用 (生产环境经常用到)
-u USERNAME,-user=USERNAME 指定移动端的执行用户
-C,-check 测试此命令执行会改变什么内容,不会真正的去执行2. command模块测试环境
[root@temp01 ~]# ansible all -a "pwd"
192.168.3.70 | SUCCESS | rc=0 >>
/root
192.168.3.60 | SUCCESS | rc=0 >>
/root
[root@temp01 ~]# ansible all -m command -a "pwd" #-m command 原来是可以省略的,ansible 默认模块就是command
192.168.3.70 | SUCCESS | rc=0 >>
/root
192.168.3.60 | SUCCESS | rc=0 >>
/root3. 再用ping模块
#-f 参数用法
[root@temp01 ~]# ansible all -m ping -f 1 #all 表示hosts里面所有主机 -m 调用模块 -f 指定同步进程数
192.168.3.60 | SUCCESS => {
"changed": false,
"ping": "pong"
}
192.168.3.70 | SUCCESS => {
"changed": false,
"ping": "pong"
}
#-C参数用法
[root@temp01 ~]# ansible all -m ping -f 1 -C
192.168.3.60 | SUCCESS => {
"changed": false,
"ping": "pong"
}
192.168.3.70 | SUCCESS => {
"changed": false,
"ping": "pong"
}4. user模块
[root@temp01 ~]# ansible db -m user -a 'name=DBA uid=505 home=/home/dba shell=/sbin/nologin'
192.168.3.70 | SUCCESS => {
"changed": true,
"comment": "",
"createhome": true,
"group": 505,
"home": "/home/dba",
"name": "DBA",
"shell": "/sbin/nologin",
"state": "present",
"system": false,
"uid": 505
}
[root@temp01 ~]# ansible db -m user -a 'name=DBA state=absent' #state属性有:present表示添加,absend表示删除,state属性默认是present
192.168.3.70 | SUCCESS => {
"changed": true,
"force": false,
"name": "DBA",
"remove": false,
"state": "absent"
}
修改用户密码
[root@temp01 ansible_playbook]# ansible all -m shell -a 'echo "123456" | passwd foo --stdin'
192.168.3.60 | SUCCESS | rc=0 >>
Changing password for user foo.
passwd: all authentication tokens updated successfully.
192.168.3.70 | SUCCESS | rc=0 >>
Changing password for user foo.
passwd: all authentication tokens updated successfully.看看下面这个坑
[root@temp01 ~]# ansible all -m cron -a "name=cat minute='*/1' job='ls /root'"
192.168.3.70 | FAILED! => {
"changed": false,
"failed": true,
"msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!"
}
192.168.3.60 | FAILED! => {
"changed": false,
"failed": true,
"msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!"
}[root@temp01 ~]# ansible all -m copy -a "src=/etc/ansible/hosts dest=/root mode=600"
192.168.3.60 | FAILED! => {
"changed": false,
"checksum": "8add7a4e56ae6f7a1c6d0218ce757510d195bb3c",
"failed": true,
"msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!"
}
192.168.3.70 | FAILED! => {
"changed": false,
"checksum": "8add7a4e56ae6f7a1c6d0218ce757510d195bb3c",
"failed": true,
"msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!"
}需要在客户端安装libselinux-python库
yum模块
[root@temp01 ~]# ansible all -m yum -a 'name=libselinux-python state=present'
192.168.3.70 | SUCCESS => {
"changed": true,
"msg": "warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY\nImporting GPG key 0xC105B9DE:\n Userid : CentOS-6 Key (CentOS 6 Official Signing Key) <centos-6-key@centos.org>\n Package: centos-release-6-5.el6.centos.11.1.x86_64 (@anaconda-CentOS-201311272149.x86_64/6.5)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6\n",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror, security\nLoading mirror speeds from cached hostfile\n * base: mirrors.zju.edu.cn\n * extras: centos.ustc.edu.cn\n * updates: mirrors.zju.edu.cn\nSetting up Install Process\nResolving Dependencies\n--> Running transaction check\n---> Package libselinux-python.x86_64 0:2.0.94-7.el6 will be installed\n--> Processing Dependency: libselinux = 2.0.94-7.el6 for package: libselinux-python-2.0.94-7.el6.x86_64\n--> Running transaction check\n---> Package libselinux.x86_64 0:2.0.94-5.3.el6_4.1 will be updated\n--> Processing Dependency: libselinux = 2.0.94-5.3.el6_4.1 for package: libselinux-utils-2.0.94-5.3.el6_4.1.x86_64\n---> Package libselinux.x86_64 0:2.0.94-7.el6 will be an update\n--> Running transaction check\n---> Package libselinux-utils.x86_64 0:2.0.94-5.3.el6_4.1 will be updated\n---> Package libselinux-utils.x86_64 0:2.0.94-7.el6 will be an update\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n libselinux-python x86_64 2.0.94-7.el6 base 203 k\nUpdating for dependencies:\n libselinux x86_64 2.0.94-7.el6 base 109 k\n libselinux-utils x86_64 2.0.94-7.el6 base 82 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package(s)\nUpgrade 2 Package(s)\n\nTotal download size: 394 k\nDownloading Packages:\n--------------------------------------------------------------------------------\nTotal 210 kB/s | 394 kB 00:01 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6\nRunning rpm_check_debug\nRunning Transaction Test\nTransaction Test Succeeded\nRunning Transaction\n\r Updating : libselinux-2.0.94-7.el6.x86_64 1/5 \n\r Installing : libselinux-python-2.0.94-7.el6.x86_64 2/5 \n\r Updating : libselinux-utils-2.0.94-7.el6.x86_64 3/5 \n\r Cleanup : libselinux-utils-2.0.94-5.3.el6_4.1.x86_64 4/5 \n\rCleanup : libselinux-2.0.94-5.3.el6_4.1.x86_64 5/5 \n\r Verifying : libselinux-python-2.0.94-7.el6.x86_64 1/5 \n\r Verifying : libselinux-utils-2.0.94-7.el6.x86_64 2/5 \n\r Verifying : libselinux-2.0.94-7.el6.x86_64 3/5 \n\r Verifying : libselinux-2.0.94-5.3.el6_4.1.x86_64 4/5 \n\r Verifying : libselinux-utils-2.0.94-5.3.el6_4.1.x86_64 5/5 \n\nInstalled:\n libselinux-python.x86_64 0:2.0.94-7.el6 \n\nDependency Updated:\n libselinux.x86_64 0:2.0.94-7.el6 libselinux-utils.x86_64 0:2.0.94-7.el6 \n\nComplete!\n"
]
}
192.168.3.60 | SUCCESS => {
"changed": true,
"msg": "warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY\nImporting GPG key 0xC105B9DE:\n Userid : CentOS-6 Key (CentOS 6 Official Signing Key) <centos-6-key@centos.org>\n Package: centos-release-6-5.el6.centos.11.1.x86_64 (@anaconda-CentOS-201311272149.x86_64/6.5)\n From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6\n",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror, security\nLoading mirror speeds from cached hostfile\n * base: mirrors.cn99.com\n * extras: mirrors.cn99.com\n * updates: mirrors.cn99.com\nSetting up Install Process\nResolving Dependencies\n--> Running transaction check\n---> Package libselinux-python.x86_64 0:2.0.94-7.el6 will be installed\n--> Processing Dependency: libselinux = 2.0.94-7.el6 for package: libselinux-python-2.0.94-7.el6.x86_64\n--> Running transaction check\n--->Package libselinux.x86_64 0:2.0.94-5.3.el6_4.1 will be updated\n--> Processing Dependency: libselinux = 2.0.94-5.3.el6_4.1 for package: libselinux-utils-2.0.94-5.3.el6_4.1.x86_64\n---> Package libselinux.x86_64 0:2.0.94-7.el6 will be an update\n--> Running transaction check\n---> Package libselinux-utils.x86_64 0:2.0.94-5.3.el6_4.1 will be updated\n---> Package libselinux-utils.x86_64 0:2.0.94-7.el6 will be an update\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n libselinux-python x86_64 2.0.94-7.el6 base 203 k\nUpdatingfor dependencies:\n libselinux x86_64 2.0.94-7.el6 base 109 k\n libselinux-utils x86_64 2.0.94-7.el6 base 82 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package(s)\nUpgrade 2 Package(s)\n\nTotal download size: 394 k\nDownloading Packages:\n--------------------------------------------------------------------------------\nTotal 70 kB/s | 394 kB 00:05 \nRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6\nRunning rpm_check_debug\nRunning Transaction Test\nTransaction Test Succeeded\nRunning Transaction\n\r Updating : libselinux-2.0.94-7.el6.x86_64 1/5 \n\r Installing : libselinux-python-2.0.94-7.el6.x86_64 2/5 \n\r Updating : libselinux-utils-2.0.94-7.el6.x86_64 3/5 \n\r Cleanup : libselinux-utils-2.0.94-5.3.el6_4.1.x86_64 4/5 \n\r Cleanup : libselinux-2.0.94-5.3.el6_4.1.x86_64 5/5 \n\r Verifying : libselinux-python-2.0.94-7.el6.x86_64 1/5 \n\r Verifying : libselinux-utils-2.0.94-7.el6.x86_64 2/5 \n\r Verifying : libselinux-2.0.94-7.el6.x86_64 3/5 \n\r Verifying : libselinux-2.0.94-5.3.el6_4.1.x86_64 4/5 \n\r Verifying : libselinux-utils-2.0.94-5.3.el6_4.1.x86_64 5/5 \n\nInstalled:\n libselinux-python.x86_64 0:2.0.94-7.el6 \n\nDependency Updated:\n libselinux.x86_64 0:2.0.94-7.el6 libselinux-utils.x86_64 0:2.0.94-7.el6 \n\nComplete!\n"
]
}service 模块
[root@temp01 ~]# ansible all -m service -a 'name=sshd state=restarted' #state属性有running,started,stopped,restarted,reloaded
192.168.3.60 | SUCCESS => {
"changed": true,
"name": "sshd",
"state": "started"
}
192.168.3.70 | SUCCESS => {
"changed": true,
"name": "sshd",
"state": "started"
}yum模块还是介绍下
[root@temp01 ~]# ansible all -m yum -a 'name=ntp state=present' #state属性有absent,present,installed,removed,latest
192.168.3.70 | SUCCESS => {
"changed": false,
"msg": "",
"rc": 0,
"results": [
"ntp-4.2.6p5-1.el6.centos.x86_64 providing ntp is already installed"
]
}
192.168.3.60 | SUCCESS => {
"changed": false,
"msg": "",
"rc": 0,
"results": [
"ntp-4.2.6p5-1.el6.centos.x86_64 providing ntp is already installed"
]
}script模块 远程执行脚本
[root@temp01 ~]# cat ansible.sh #脚本内容
#!/bin/bash
echo "Hello world" >>/root/ansible.log
[root@temp01 ~]# ansible all -m script -a 'ansible.sh'
192.168.3.70 | SUCCESS => {
"changed": true,
"rc": 0,
"stderr": "",
"stdout": "",
"stdout_lines": []
}
192.168.3.60 | SUCCESS => {
"changed": true,
"rc": 0,
"stderr": "",
"stdout": "",
"stdout_lines": []
}
[root@example_02 ~]# pwd #跳转到客户端验证
/root
[root@example_02 ~]# cat ansible.log
Hello worldshell模块
shell 模块与command模块区别 ,shell支持管道符和变更,下面这个例子说明问题
[root@temp01 ~]# ansible all -m mommand -a 'cat /etc/passwd | grep root'
ERROR! this task 'mommand' has extra params, which is only allowed in the following modules: command, win_command, shell, win_shell, script, include, include_vars, add_host, group_by, set_fact, raw, meta
[root@temp01 ~]# ansible all -m shell -a 'cat /etc/passwd | grep root'
192.168.3.70 | SUCCESS | rc=0 >>
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
192.168.3.60 | SUCCESS | rc=0 >>
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologinfile模块
修改文件属性
[root@temp01 ~]# ansible all -m file -a 'path=/root/ansible.log owner=root mode=777 group=root' #修改文件属性
192.168.3.60 | SUCCESS => {
"changed": true,
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"path": "/root/ansible.log",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 12,
"state": "file",
"uid": 0
}
192.168.3.70 | SUCCESS => {
"changed": true,
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"path": "/root/ansible.log",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 12,
"state": "file",
"uid": 0
}新建目录:类 mkdir -p
[root@temp01 ~]# ansible all -m file -a 'dest=/root/1/2/3/4/ mode=755 owner=root group=root state=directory'
192.168.3.60 | SUCCESS => {
"changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/root/1/2/3/4/",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 4096,
"state": "directory",
"uid": 0
}
192.168.3.70 | SUCCESS => {
"changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/root/1/2/3/4/",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 4096,
"state": "directory",
"uid": 0
}
[root@example_02 ~]# ll
total 48
-rw-------. 1 root root 1106 Jul 11 05:26 anaconda-ks.cfg
-rwxrwxrwx. 1 root root 12 Dec 30 02:53 ansible.log
-rw-------. 1 root root 1052 Dec 30 01:09 hosts
-rw-r--r--. 1 root root 23089 Jul 11 05:26 install.log
-rw-r--r--. 1 root root 6240 Jul 11 05:24 install.log.syslog
[root@example_02 ~]# cd 1/2/3/4/ #转到客户端验证
You have new mail in /var/spool/mail/root
[root@example_02 4]# pwd
/root/1/2/3/4删除目录文件
[root@temp01 ~]# ansible all -m file -a 'dest=/root/1/2/3/4/ state=absent'
192.168.3.60 | SUCCESS => {
"changed": true,
"path": "/root/1/2/3/4/",
"state": "absent"
}
192.168.3.70 | SUCCESS => {
"changed": true,
"path": "/root/1/2/3/4/",
"state": "absent"
}
[root@example_02 ~]# cd 1/2/3/4 #跳转验证
-bash: cd: 1/2/3/4: No such file or directory
[root@example_02 ~]#