ansible-doc到底有多好用,助你玩转各种模块
#使用ansible-doc:查看各种模块的帮助
#命令格式: ansible-doc -l #列出所有的模块列表 ansible-doc -s 模块名 #查看指定模块的参数 ansible-doc 模块名 #查看指定模块的详细参数 #示例 ansible-doc copy #查看copy模块的帮助 ansible-doc yum #查看yum模块的帮助 #查看yum帮助信息 EXAMPLES: - name: install the latest version of Apache yum: name: httpd state: latest - name: ensure a list of packages installed yum: name: "{{ packages }}" vars: packages: - httpd - httpd-tools - name: remove the Apache package yum: name: httpd state: absent
#提示:
#在传送命令下载的时候如果此前有操作过,那些会显示执行成功,但是会显示绿色 #传送显示颜色信息说明 1.黄色:对远程节点进行相应修改 2.绿色:对远程节点不进行相应修改 3.红色:操作执行有问题 4.紫色:表示对命令执行发出警告信息(可能存在问题)
#常见模块概览
#常用模块 示例 command #ansible k8s-node -m command -a 'uptime' shell #ansible k8s-node -m shell -a "free -m" scripts #ansible k8s-node -m script -a "/etc/ansible/init.sh" copy #ansible k8s-node -m copy -a "src=/etc/hosts dest=/tmp owner=root group=root mode=0755" yum #ansible k8s-node -m yum -a "name=httpd state=latest" yum_repository #添加yum仓库,用法可ansible-doc yum_repository查看帮助 group #ansible k8s-node -m group -a "name=www gid=666" user #ansible k8s-node -m user -a "name=user1 state=present" service #ansible k8s-node -m service -a "name=httpd state=restarted" file #ansible k8s-node -m file -a "path=/data state=directory owner=www group=www recurese=yes" recurese(递归授权) state=touch(创建文件) sysctl #ansible k8s-node -m sysctl -a "name=net.ipv4.ip_forward value=1 reload=yes" stat #ansible k8s-node -m stat -a "path=/tmp/hosts" get url #ansible k8s-node -m get_url -a "url=//dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm dest=/tmp/ mode=0440 force=yes" cron #ansible k8s-node -m cron -a "name=list minute=*/30 job='ls tmp'" setup mount #参数解释:-m:指定模块名,-a:命令参数
#常用模块的使用
1.command模块
为默认的模块,不指定-m参数时,就是使用command模块 有些命令不能执行,如:"<" "|" ">" "&"等 缺点:不支持管道,无法批量执行命令 #示例:检查ansible节点的内核版本 [root@k8s-master ~]# ansible k8s-node -a 'uname -r' 192.168.86.132 | CHANGED | rc=0 >> 3.10.0-1062.el7.x86_64 192.168.86.133 | CHANGED | rc=0 >> 3.10.0-1062.el7.x86_64 #提示:不指定hosts文件,默认使用/etc/ansible/hosts
2.shell模块
#在远程命令通过/bin/sh执行,支持各种命令 [root@k8s-master ~]# ansible k8s-node -m shell -a "free -m" #提示: #-a:是指定模块需要执行的命令 #-m: 指定模块名 192.168.86.133 | CHANGED | rc=0 >> total used free shared buff/cache available Mem: 1819 190 1391 9 237 1479 Swap: 2047 0 2047 192.168.86.132 | CHANGED | rc=0 >> total used free shared buff/cache available Mem: 1819 194 1366 9 258 1473 Swap: 2047 0 2047
3.scripts模块
#使用scripts模块可以在本地写一个脚本,在远程服务器上执行 [root@k8s-master ansible]# cat /etc/ansible/init.sh #!/bin/bash date hostname #执行 [root@k8s-master ansible]# ansible k8s-node -m script -a "/etc/ansible/init.sh" 192.168.86.133 | CHANGED => { "changed": true, "rc": 0, "stderr": "Shared connection to 192.168.86.133 closed.\r\n", "stderr_lines": [ "Shared connection to 192.168.86.133 closed." ], "stdout": "Sun May 24 23:50:48 EDT 2020\r\nnode2\r\n", "stdout_lines": [ "Sun May 24 23:50:48 EDT 2020", "node2" ] } 192.168.86.132 | CHANGED => { ..... }
4.copy模块
#实现主控制端向目标主机拷贝文件,类似scp功能 例如:将ansible主机上的/etc/hosts文件复制到主机组中的/tmp目录下 [root@k8s-master ~]# ansible k8s-node -m copy -a "src=/etc/hosts dest=/tmp owner=root group=root mode=0755" 192.168.86.133 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true, "checksum": "7335999eb54c15c67566186bdfc46f64e0d5a1aa", "dest": "/tmp/hosts", "gid": 0, "group": "root", "md5sum": "54fb6627dbaa37721048e4549db3224d", "mode": "0755", "owner": "root", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 158, "src": "/root/.ansible/tmp/ansible-tmp-1590378818.52-2470-232195177895701/source", "state": "file", "uid": 0 } #参数解释: src: 指定源文件 dest: 指定目标文件 owner: 所属主 group: 所属组 mode: 权限 #查看效果 [root@node1 ~]# cd /tmp/ [root@node1 tmp]# ls -l total 4 -rwxr-xr-x. 1 root root 158 May 24 23:53 hosts
5.yum模块
#yum模块可以提供的status状态:latest,present,installed ,更多信息使用ansible-doc查看帮助 例子:安装httpd [root@k8s-master ~]# ansible k8s-node -m yum -a "name=httpd state=latest" #提示:name=包名 移除 tasks: - name: install httpd Packages yum: name=httpd state=removed
6.yum_repository 添加仓库模块
[root@game project]# cat task_2.yml - hosts: all tasks: - name: Add Nginx Repo yum_repository: name: CentOS-nginx description: EPEL Nginx repo baseurl: http://nginx.org/packages/centos/7/$basearch/ gpgcheck: no enabled: yes #更多参数可参考ansible-doc yum_repository
7.service模块
#远程主机系统服务管理 #service常用参数 name参数:用户指定需要操作的服务名称,如:nginx state参数:指定服务的状态,启动服务为started,停止位stopped,重启为restarted enabled参数:设置为开启启动,yes:为开机启动,no不开机启动 #例子:重启httpd服务 [root@k8s-master ~]# ansible k8s-node -m service -a "name=httpd state=restarted"
8.user用户模块
例如:添加用户 [root@k8s-master ~]# ansible k8s-node -m user -a "name=user1 state=present" #提示:更多命令查看帮助ansible-doc user
9.sysctl模块
#远程主机sysctl配置 例如:开启路由转发功能 [root@k8s-master ~]# ansible k8s-node -m sysctl -a "name=net.ipv4.ip_forward value=1 reload=yes" 192.168.86.132 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true } 192.168.86.133 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true } #查看效果 [root@node1 ~]# cat /proc/sys/net/ipv4/ip_forward 1
10.cron定时任务模块
#设定定时任务:远程主机crontab配置 例子:增加每30分钟执行ls /tmp [root@k8s-master ~]# ansible k8s-node -m cron -a "name=list minute=*/30 job='ls tmp'" 192.168.86.133 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true, "envs": [], "jobs": [ "list" ] } 192.168.86.132 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true, "envs": [], "jobs": [ "list" ] } 查看效果 [root@node1 ~]# crontab -l #Ansible: list */30 * * * * ls tmp
11.stat模块
#获取远程文件信息 [root@k8s-master ~]# ansible k8s-node -m stat -a "path=/tmp/hosts" 192.168.86.133 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "stat": { "atime": 1590378819.9538696, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "7335999eb54c15c67566186bdfc46f64e0d5a1aa", "ctime": 1590378819.9598696, "dev": 64768, "device_type": 0, "executable": true, "exists": true, "gid": 0, "gr_name": "root", ........ "xoth": true, "xusr": true } }
12.get url模块
#实现远程主机下载指定url到本地 例如:下载epel-release-latest-7.noarch.rpm到主机清单中的tmp目录下 [root@k8s-master ~]# ansible k8s-node -m get_url -a "url=//dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm dest=/tmp/ mode=0440 force=yes" #提示:url=https://xxx 的等号=前后不能有空格 #扩展:force=yes的作用 [root@k8s-master ~]# ansible-doc -s get_url #在此输出找force信息 如果force=yes,下载文件如果内容和源目录下的内容不一样,则替换,如果一样就不下载了,如果force=no。则目标不存在才下载文件 #查看效果 [root@node1 ~]# ls -l /tmp/epel-release-latest-7.noarch.rpm -r--r-----. 1 root root 15264 May 25 00:11 /tmp/epel-release-latest-7.noarch.rpm
13.setup模块
setup模块主要用于收集远程主机的基本信息,可以作为变量来获取 #相关参数 ansible_all_ipv4_addresses # ipv4的所有地址 ansible_all_ipv6_addresses # ipv6的所有地址 ansible_date_time # 获取到控制节点时间 ansible_default_ipv4 # 默认的ipv4地址 ansible_distribution # 系统 ansible_distribution_major_version # 系统的大版本 ansible_distribution_version # 系统的版本号 ansible_domain #系统所在的域 ansible_env #系统的环境变量 ansible_hostname #系统的主机名 ansible_fqdn #系统的全名 ansible_machine #系统的架构 ansible_memory_mb #系统的内存信息 ansible_os_family # 系统的家族 ansible_pkg_mgr # 系统的包管理工具 ansible_processor_cores #系统的cpu的核数(每颗) ansible_processor_count #系统cpu的颗数 ansible_processor_vcpus #系统cpu的总个数=cpu的颗数*CPU的核数 ansible_python # 系统上的python ansible cache -m setup -a 'filter=*processor*' # 用来搜索
