ansible模块命令的使用_? !的博客-爱代码爱编程
1、以all主机组为目标执行id命令
2、使用copy模块修改所有主机上的/etc/motd文件内容为welcome to ansible
3、使用command模块查看/etc/motd文件的内容
4、使用user模块创建用户wukong,uid为2000
5、使用yum模块安装httpd软件包并使用service模块启动该服务
一、配置受控主机的基础环境
#配置yum网络源
[root@node0-8 yum.repos.d]# vim aliyun.repo
[AppStream]
name=app
baseurl=http://mirrors.163.com/centos-vault/8.2.2004/AppStream/x86_64/os/
gpgcheck=0
[BaseOS]
name=base
baseurl=http://mirrors.163.com/centos-vault/8.2.2004/BaseOS/x86_64/os/
gpgcheck=0
[epel]
name=epel
baseurl=https://mirrors.aliyun.com/epel-archive/8.2.2020-11-04/Everything/x86_64/
gpgcheck=0
#关闭防火墙和selinux
[root@node0-8 ~]# systemctl disable --now firewalld #关闭防火墙
[root@node0-8 ~]# vim /etc/selinux/config
SELINUX=disabled #关闭selinux
#配置时间服务器
[root@node0-8 ~]# vim /etc/chrony.conf
pool ntp.aliyun.com iburst
pool ntp.sjtu.edu.cn iburst #添加时间服务器
pool 210.72.145.44 iburst
[root@node0-8 ~]# vim /etc/crontab
0 9 * * * chronyc sources &> /etc/null #每天早上9点自动同步时间
#创建普通用户
[root@node0-8 ~]# useradd xiaobai
i[root@node0-8 ~]# id xiaobai
uid=1000(xiaobai) gid=1000(xiaobai) groups=1000(xiaobai)
[root@node0-8 ~]# echo 123 | passwd --stdin xiaobai #设置普通用户密码
Changing password for user xiaobai.
passwd: all authentication tokens updated successfully.
#更改/etc/sudoers文件,使普通用户能够使用sudo命令,并且免密
[root@node0-8 ~]# vim /etc/sudoers
root ALL=(ALL) ALL
xiaobai ALL=(ALL) NOPASSWD:ALL
#写好对应域名
[root@node0-8 ~]# vim /etc/hosts
192.168.32.137 server79
192.168.32.138 node0
192.168.32.147 node1
二、配置控制主机server的基础环境
#配置yum网络源
[root@server79 yum.repos.d]# vim aliyun.repo
[aliyun]
name=aliyun
baseurl=https://mirrors.aliyun.com/centos/7.9.2009/os/x86_64/
gpgcheck=0
[epel]
name=epel
baseurl=https://mirrors.aliyun.com/epel/7/x86_64/
gpgcheck=0
#关闭防火墙和selinux
[root@server79 yum.repos.d]# systemctl disable --now firewalld #关闭防火墙
[root@server79 yum.repos.d]# vim /etc/selinux/config
SELINUX=disabled #关闭selinux
[root@server79 yum.repos.d]# getenforce
Disabled
#配置时间服务器
[root@server79 ~]# vim /etc/chrony.conf
pool ntp.aliyun.com iburst
pool s1c.time.edu.cn iburst #添加时间服务器
pool 210.72.145.44 iburst
[root@server79 ~]# systemctl enable --now chronyd
[root@server79 ~]# vim /etc/crontab
0 9 * * * chronyc sources &> /etc/null #每天早上9点自动同步时间
[root@server79 ~]# systemctl enable --now crond
#创建普通用户
[root@server79 ~]# useradd xiaobai
[root@server79 ~]# id xiaobai
uid=1001(xiaobai) gid=1001(xiaobai) groups=1001(xiaobai)
[root@server79 ~]# echo xiaobai:123 | chpasswd #设置普通用户密码
#更改/etc/sudoers文件,使普通用户能够使用sudo命令,并且免密
[root@server79 ~]# vim /etc/sudoers
root ALL=(ALL) ALL
xiaobai ALL=(ALL) NOPASSWD:ALL
#在普通用户生成公私钥,进行免密登录
[root@server79 ~]# su - xiaobai
[xiaobai@server79 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/xiaobai/.ssh/id_rsa):
Created directory '/home/xiaobai/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/xiaobai/.ssh/id_rsa.
Your public key has been saved in /home/xiaobai/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:6o1j90GUhmjim/EjdEPvOL0Zw0b3Kz4ERbEY1aV8X74 xiaobai@server79
The key's randomart image is:
+---[RSA 2048]----+
| .o+o .. |
| . +.+.. |
| . + o.= o . .|
| . + ..o . o.|
| + o S.o o|
| . * O o.. .|
| + * B.. . E |
| oo*.=o. . |
| .oo+ooo. |
+----[SHA256]-----+
[xiaobai@server79 ~]$ ssh-copy-id xiaobai@192.168.32.138 #将公钥传给受控主机
[xiaobai@server79 ~]$ ssh-copy-id xiaobai@192.168.32.147
#安装python和ansible
[root@server79 ~]# yum install python -y #使用root用户进行安装
[root@server79 ~]# yum install ansible -y
#查看ansible版本和测试
[root@server79 ~]# ansible --version
ansible 2.9.27
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /bin/ansible
python version = 2.7.5 (default, Jun 28 2022, 15:30:04) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]
[root@server79 ~]# ansible localhost -m ping
localhost | SUCCESS => {
"changed": false,
"ping": "pong"
}
#写好对应域名
[root@server79 ~]# vim /etc/hosts
192.168.32.137 server79
192.168.32.138 node0
192.168.32.147 node1
三、使用ansible连接受控主机并进行模块命令的使用
#编写ansible配置文件
[xiaobai@server79 ~]$ mkdir ansible
[xiaobai@server79 ~]$ cd ./ansible
[xiaobai@server79 ansible]$ vim ansible.cfg #在当前家目录下创建并编写ansible的配置文件
[defaults]
inventory=./inventory ;指定清单文件
remote_user=xiaobai ;指定受控节点的用户,未指定为当前用户
ask_pass=false ;是否提示输入ssh密码,使用密钥时可以设定为false
[privilege_escalation]
become=true ;登录到受控主机后是否切换用户
become_method=sudo ;使用什么方式切换用户
become_user=root ;切换的哪个用户
become_ask_pass=false ;切换用户是否提示输入密码,如果是false则提前更改/etc/sudoers文件
#编写ansible清单文件
[xiaobai@server79 ansible]$ vim inventory
node0
node1
server79
#测试清单和连接
[xiaobai@server79 ansible]$ ansible all --list
hosts (3):
node0
node1
server79
[xiaobai@server79 ansible]$ ansible all -m ping
node1 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
node0 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
server79 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
1、以all主机组为目标执行id命令
#使用ansible的command模块查看普通用户
[xiaobai@server79 ansible]$ ansible all -m command -a 'id xiaobai'
node1 | CHANGED | rc=0 >>
uid=1001(xiaobai) gid=1001(xiaobai) groups=1001(xiaobai)
server79 | CHANGED | rc=0 >>
uid=1001(xiaobai) gid=1001(xiaobai) groups=1001(xiaobai)
node0 | CHANGED | rc=0 >>
uid=1000(xiaobai) gid=1000(xiaobai) groups=1000(xiaobai)
2、使用copy模块修改所有主机上的/etc/motd文件内容为welcome to ansible
[xiaobai@server79 ansible]$ ansible all -m copy -a 'content="welcome to ansible\n" dest=/etc/motd'
node1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "be2ff9fcbc3a14e6a25b7b3b9694bd609932c2a8",
"dest": "/etc/motd",
"gid": 0,
"group": "root",
"md5sum": "3cf0bed579ed98f458513f63bc965156",
"mode": "0644",
"owner": "root",
"size": 19,
"src": "/home/xiaobai/.ansible/tmp/ansible-tmp-1669125286.63-5466-72797344474556/source",
"state": "file",
"uid": 0
}
node0 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "be2ff9fcbc3a14e6a25b7b3b9694bd609932c2a8",
"dest": "/etc/motd",
"gid": 0,
"group": "root",
"md5sum": "3cf0bed579ed98f458513f63bc965156",
"mode": "0644",
"owner": "root",
"size": 19,
"src": "/home/xiaobai/.ansible/tmp/ansible-tmp-1669125286.71-5465-123861559876151/source",
"state": "file",
"uid": 0
}
server79 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "be2ff9fcbc3a14e6a25b7b3b9694bd609932c2a8",
"dest": "/etc/motd",
"gid": 0,
"group": "root",
"md5sum": "3cf0bed579ed98f458513f63bc965156",
"mode": "0644",
"owner": "root",
"size": 19,
"src": "/home/xiaobai/.ansible/tmp/ansible-tmp-1669125286.63-5467-213316770980505/source",
"state": "file",
"uid": 0
}
3、使用command模块查看/etc/motd文件的内容
#查看写入内容
[xiaobai@server79 ansible]$ ansible all -m command -a 'cat /etc/motd'
node1 | CHANGED | rc=0 >>
welcome to ansible
server79 | CHANGED | rc=0 >>
welcome to ansible
node0 | CHANGED | rc=0 >>
welcome to ansible
4、使用user模块创建用户wukong,uid为2000
#创建wukong用户uid为2000
[xiaobai@server79 ansible]$ ansible all -m user -a 'name=wukong uid=2000 state=present'
node1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 2000,
"home": "/home/wukong",
"name": "wukong",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 2000
}
node0 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 2000,
"home": "/home/wukong",
"name": "wukong",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 2000
}
server79 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 2000,
"home": "/home/wukong",
"name": "wukong",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 2000
}
#查看wukong用户
[xiaobai@server79 ansible]$ ansible all -m command -a 'id wukong'
node1 | CHANGED | rc=0 >>
uid=2000(wukong) gid=2000(wukong) groups=2000(wukong)
server79 | CHANGED | rc=0 >>
uid=2000(wukong) gid=2000(wukong) groups=2000(wukong)
node0 | CHANGED | rc=0 >>
uid=2000(wukong) gid=2000(wukong) groups=2000(wukong)
5、使用yum模块安装httpd软件包并使用service模块启动该服务
#用yum模块安装httpd
[xiaobai@server79 ansible]$ ansible all -m yum -a 'name=httpd state=latest'
server79 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"changes": {
"installed": [],
"updated": []
},
"msg": "",
"rc": 0,
"results": [
"All packages providing httpd are up to date",
""
]
}
node1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"changes": {
"installed": [
"httpd"
],
"updated": []
},
"msg": "",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\nResolving Dependencies\n--> Running transaction check\n---> Package httpd.x86_64 0:2.4.6-95.el7.centos will be installed\n--> Processing Dependency: httpd-tools = 2.4.6-95.el7.centos for package: httpd-2.4.6-95.el7.centos.x86_64\n--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-95.el7.centos.x86_64\n--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-95.el7.centos.x86_64\n--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-95.el7.centos.x86_64\n--> Running transaction check\n---> Package apr.x86_64 0:1.4.8-7.el7 will be installed\n---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed\n---> Package httpd-tools.x86_64 0:2.4.6-95.el7.centos will be installed\n---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n httpd x86_64 2.4.6-95.el7.centos aliyun 2.7 M\nInstalling for dependencies:\n apr x86_64 1.4.8-7.el7 aliyun 104 k\n apr-util x86_64 1.5.2-6.el7 aliyun 92 k\n httpd-tools x86_64 2.4.6-95.el7.centos aliyun 93 k\n mailcap noarch 2.1.41-2.el7 aliyun 31 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+4 Dependent packages)\n\nTotal download size: 3.0 M\nInstalled size: 10 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 242 kB/s | 3.0 MB 00:12 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : apr-1.4.8-7.el7.x86_64 1/5 \n Installing : apr-util-1.5.2-6.el7.x86_64 2/5 \n Installing : httpd-tools-2.4.6-95.el7.centos.x86_64 3/5 \n Installing : mailcap-2.1.41-2.el7.noarch 4/5 \n Installing : httpd-2.4.6-95.el7.centos.x86_64 5/5 \n Verifying : httpd-tools-2.4.6-95.el7.centos.x86_64 1/5 \n Verifying : mailcap-2.1.41-2.el7.noarch 2/5 \n Verifying : apr-1.4.8-7.el7.x86_64 3/5 \n Verifying : httpd-2.4.6-95.el7.centos.x86_64 4/5 \n Verifying : apr-util-1.5.2-6.el7.x86_64 5/5 \n\nInstalled:\n httpd.x86_64 0:2.4.6-95.el7.centos \n\nDependency Installed:\n apr.x86_64 0:1.4.8-7.el7 apr-util.x86_64 0:1.5.2-6.el7 \n httpd-tools.x86_64 0:2.4.6-95.el7.centos mailcap.noarch 0:2.1.41-2.el7 \n\nComplete!\n"
]
}
node0 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Installed: apr-util-bdb-1.6.1-6.el8.x86_64",
"Installed: httpd-2.4.37-21.module_el8.2.0+494+1df74eae.x86_64",
"Installed: httpd-filesystem-2.4.37-21.module_el8.2.0+494+1df74eae.noarch",
"Installed: mod_http2-1.11.3-3.module_el8.2.0+486+c01050f0.1.x86_64",
"Installed: httpd-tools-2.4.37-21.module_el8.2.0+494+1df74eae.x86_64",
"Installed: mailcap-2.1.48-3.el8.noarch",
"Installed: apr-util-openssl-1.6.1-6.el8.x86_64",
"Installed: centos-logos-httpd-80.5-2.el8.noarch",
"Installed: apr-1.6.3-9.el8.x86_64",
"Installed: apr-util-1.6.1-6.el8.x86_64"
]
}
#使用service模块启动该服务
[xiaobai@server79 ansible]$ ansible all -m service -a 'name=httpd state=started'
server79 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "httpd",
"state": "started"
node0 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "httpd",
"state": "started"
node1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"name": "httpd",
"state": "started"