4.2 Ansible中的常用模块
Ansible中的常用模块
- Ansible实现管理的方式
- Ad-Hoc执行方式中如何获取帮助
- Ansible命令运行方式及常用参数
- 常用参数
- Ansible的基本颜色代表信息
- Ansible中的常用模块
Ansible实现管理的方式
Ad-Hoc ##使用ansible命令直接进行管理,主要用于临时操作环境
playbook ##ansible脚本,主要用于大型项目场景,需要提前设置
Ad-Hoc执行方式中如何获取帮助
ansible-doc ##显示模块帮助的命令##格式
ansible-doc [参数] [模块...]-l ##列出可用模块
-s ##显示指定模块的playbook片段
Ansible命令运行方式及常用参数
##格式
ansible 清单 -m 模块 -a 模块参数
常用参数
--version ##显示版本
-m module ##指定模块,默认为command
-v ##显示详细过程, -vv/-vvv可以更详细
--list ##显示主机列表
-k ##提示输入ssh连接密码
-C ##预执行检测
-T ##设置命令的超时时间,默认为10s
-u ##指定远程执行的用户
-b ##执行sudo切换身份操作
-become-user=USERNAME ##指定sudo的用户
-K ##提示输入sudo密码
Ansible的基本颜色代表信息
绿色 ##执行成功但对远程主机并没有进行修改
黄色 ##执行成功并对远程主机进行了修改
红色 ##执行失败
Ansible中的常用模块
- Command
##command##功能
在远程主机执行命令,此模块为默认模块##常用参数
chdir ##执行命令前先进入到指定目录
cmd ##运行命令指定
creates ##如果文件存在将不运行
removes ##如果文件存在将运行
free_form ##在远程主机中至性的命令,此参数不需要加##举例
ansible all -m command -a "useradd Test" -u root -k
ansible all -m command -a "userdel -r Test" -u root -k
ansible all -m command -a "chdir=/etc cat passwd " -u root -k
ansible all -m command -a "chdir=/etc creates=/etc/passwd cat passwd " -u root -
k
ansible all -m command -a "chdir /etc removes=/etc/passwd cat passwd " -u root -
k##注意事项
Linux中的很多通配符在command模块中不支持
- Shell
##shell##功能
与Command功能类似##常用参数
chdir ##执行命令前进入到指定用户
cmd ##运行命令指定
creates ##如果文件存在将不运行
removes ##如果文件存在将运行
free_form ##在远程主机至性的命令,此参数通常不需要加
executable ##指定执行环境,默认为sh##实例
ansible all -m shell -a "executable=sh ps ax | grep $$" -k
- Script
##功能
在Ansible主机中写好的脚本在受控主机中执行##实例
vim /mnt/Test.sh
#!/bin/bash
echo $HOSTNAMEansible all -m script -a "/mnt/Test.sh"
- Copy
##功能
从ansible主机复制文件到受控主机##常用参数
src ##源文件
desc ##目的地文件
owner ##指定目的地文件所有人
group ##指定目的地文件所有组
mode ##指定目的地文件权限
backup=yes ##当受控主机中存在文件时,备份原文件
content ##指定文本内容直接在受控主机中生成文件##示例
ansible all -m copy -a "src=/root/Test dest=/mnt/Test owner=Test mode=777 backup=yes"
ansible all -m copy -a "content='Hello World\nHello Linux\n' dest=/mnt/File owner=root mode=600"
- Fetch
##功能
从受控主机把文件复制到Ansible主机,但不支持目录##常用参数
src ##受控主机的源文件
dest ##本机目录
flat ##基本名称功能##实例
ansible all -m fetch "src=/etc/hostname dest=/mnt/"
ansible all -m fetch "src=etc/hostname dest=/mnt/ flat=yes"##实例过程
[root@Node1 .ansible]# ansible all -m fetch -a "src=/etc/hostname dest=/mnt/"
172.25.254.237 | CHANGED => {"changed": true,"checksum": "ec83c296550407766f210bd093f5f20f4bc3705b","dest": "/mnt/172.25.254.237/etc/hostname","md5sum": "d72e5cb6e85354489cdd58411a4b4459","remote_checksum": "ec83c296550407766f210bd093f5f20f4bc3705b","remote_md5sum": null
}
172.25.254.137 | CHANGED => {"changed": true,"checksum": "2ee6b4155d449849a8aaee74a42ba4bd5b707744","dest": "/mnt/172.25.254.137/etc/hostname","md5sum": "06878442dd9b3eb634b7676e091e968f","remote_checksum": "2ee6b4155d449849a8aaee74a42ba4bd5b707744","remote_md5sum": null
}
[root@Node1 .ansible]# ls -l /mnt/
total 0
drwxr-xr-x 3 root root 17 Mar 16 16:56 172.25.254.137
drwxr-xr-x 3 root root 17 Mar 16 16:56 172.25.254.237
[root@Node1 .ansible]# ansible all -m fetch -a "src=/etc/hostname dest=/mnt/ flat=yes"
172.25.254.237 | CHANGED => {"changed": true,"checksum": "ec83c296550407766f210bd093f5f20f4bc3705b","dest": "/mnt/hostname","md5sum": "d72e5cb6e85354489cdd58411a4b4459","remote_checksum": "ec83c296550407766f210bd093f5f20f4bc3705b","remote_md5sum": null
}
172.25.254.137 | CHANGED => {"changed": true,"checksum": "2ee6b4155d449849a8aaee74a42ba4bd5b707744","dest": "/mnt/hostname","md5sum": "06878442dd9b3eb634b7676e091e968f","remote_checksum": "2ee6b4155d449849a8aaee74a42ba4bd5b707744","remote_md5sum": null
}
[root@Node1 .ansible]# ls -l /mnt/
total 4
drwxr-xr-x 3 root root 17 Mar 16 16:56 172.25.254.137
drwxr-xr-x 3 root root 17 Mar 16 16:56 172.25.254.237
-rw-r--r-- 1 root root 17 Mar 16 16:56 hostname
[root@Node1 .ansible]# cat /mnt/hostname
Node2.westos.org
##可以看到hostname中只有一行内容,并不是只进行了一次操作,而是后续操作覆盖了之前文件中的内容,最终只剩下一个结果.
6. File
##功能
设置文件的属性##常用参数
path ##指定目标名称
state ##指定操作状态##touch 建立##absent 删除##directory 递归/创建目录##link 建立链接##hard 建立硬链接
mode ##设定权限
owner ##设定文件用户
group ##设定文件组
src ##源文件
dest ##目标文件
recurse=yes ##递归更改##实例
ansible all -m file -a 'path=/mnt/Test state=touch'
在所有受控主机的mnt目录下创建Test文件
ansible all -m file -a 'path=/mnt/Test state=absent'
删除所有受控主机mnt目录下的Test文件
ansible all -m file -a 'path=/mnt/TestDir state=directory'
在所有受控主机的mnt目录下创建TestDir目录
ansible all -m file -a 'path=/mnt/TestDir state=directory mode=777 owner=root group=root recurse=yes'
在所有受控主机的mnt目录下执行权限修改ia,将TestDir目录及其内部文件的权限均更改为777,所有者和所有组为root
ansible all -m file -a 'src=/mnt/Test dest=/mnt/TestFile state=hard'
在所有受控主机的mnt目录下建立TestFile硬链接文件,内容为Test
ansible all -m file -a 'src=/mnt/Test dest=/mnt/TestFile2 state=link'
在所有受控主机的mnt目录下建立指向Test文件的软链接文件TestFile2
[root@Node1 ~]# cd .ansible/##尝试创建文件
[root@Node1 .ansible]# ansible all -m file -a 'path=/mnt/Test state=touch owner=root group=root mode=777'
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"dest": "/mnt/Test","gid": 0,"group": "root","mode": "0777","owner": "root","size": 0,"state": "file","uid": 0
}
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"dest": "/mnt/Test","gid": 0,"group": "root","mode": "0777","owner": "root","size": 0,"state": "file","uid": 0
}##检查创建结果
[root@Node1 .ansible]# ansible all -m shell -a 'ls -lR /mnt'
172.25.254.237 | CHANGED | rc=0 >>
/mnt:
total 0
-rwxrwxrwx 1 root root 0 Mar 17 09:33 Test
172.25.254.137 | CHANGED | rc=0 >>
/mnt:
total 0
-rwxrwxrwx 1 root root 0 Mar 17 09:33 Test##创建软链接
[root@Node1 .ansible]# ansible all -m file -a 'src=/mnt/Test dest=/mnt/TestFile state=link'
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"dest": "/mnt/TestFile","gid": 0,"group": "root","mode": "0777","owner": "root","size": 9,"src": "/mnt/Test","state": "link","uid": 0
}
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"dest": "/mnt/TestFile","gid": 0,"group": "root","mode": "0777","owner": "root","size": 9,"src": "/mnt/Test","state": "link","uid": 0
}
[root@Node1 .ansible]# ansible all -m shell -a 'ls -lR /mnt'
172.25.254.237 | CHANGED | rc=0 >>
/mnt:
total 0
-rwxrwxrwx 1 root root 0 Mar 17 09:33 Test
lrwxrwxrwx 1 root root 9 Mar 17 09:36 TestFile -> /mnt/Test
172.25.254.137 | CHANGED | rc=0 >>
/mnt:
total 0
-rwxrwxrwx 1 root root 0 Mar 17 09:33 Test
lrwxrwxrwx 1 root root 9 Mar 17 09:36 TestFile -> /mnt/Test##创建硬链接
[root@Node1 .ansible]# ansible all -m file -a 'src=/mnt/Test dest=/mnt/TestFile2 state=hard'
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"dest": "/mnt/TestFile2","gid": 0,"group": "root","mode": "0777","owner": "root","size": 0,"src": "/mnt/Test","state": "hard","uid": 0
}
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"dest": "/mnt/TestFile2","gid": 0,"group": "root","mode": "0777","owner": "root","size": 0,"src": "/mnt/Test","state": "hard","uid": 0
}##查看ID号,可以看到软链接和硬链接的区别
[root@Node1 .ansible]# ansible all -m shell -a 'ls -li /mnt'
172.25.254.137 | CHANGED | rc=0 >>
total 0
3205406 -rwxrwxrwx 2 root root 0 Mar 17 09:33 Test
3205407 lrwxrwxrwx 1 root root 9 Mar 17 09:36 TestFile -> /mnt/Test
3205406 -rwxrwxrwx 2 root root 0 Mar 17 09:33 TestFile2
172.25.254.237 | CHANGED | rc=0 >>
total 0
3205394 -rwxrwxrwx 2 root root 0 Mar 17 09:33 Test
3205407 lrwxrwxrwx 1 root root 9 Mar 17 09:36 TestFile -> /mnt/Test
3205394 -rwxrwxrwx 2 root root 0 Mar 17 09:33 TestFile2
- Unarchive
##作用
解压缩##常用参数
copy ##默认为yes 从Ansible主机复制文件到受控主机##设定为No时,从受控主机中寻找src文件
remote_src ##功能同copy相反##设定为yes时表示包在受控主机##设定为no时表示包在Ansible主机
src ##包路径
dest ##受控主机目录
mode ##解压后文件权限,只有当copy=yes时才生效##实例
ansible all -m unarchive -a 'src=/mnt/etc.tar.gz dest=/mnt owner=root'
讲本机mnt目录下的etc.tar.gz解压并将其中的内容复制到受控主机的mnt目录,设定所有者为root
- Archive
##作用
压缩##常用参数
path ##打包目录名称
dest ##声明打包文件名称
format ##打包格式
owner ##指定文件所有人
mode ##指定文件所有组
##实例
ansible all -m archive -a 'path=/etc dest=/mnt/etc.tar.gz format=gz'
- Cron
##作用
计划任务##常用参数
minute ##分钟设置
hour ##小时设置
month ##月设置
weekday ##周设置
name ##任务名称
job ##任务脚本或命令
disabled ##yes 禁用计划任务##no 启动计划任务
state ##absent 删除计划任务##实例
ansible all -m cron -a "job='echo Hello' name=Test disabled=no"
为受控主机设定名为Test的系统定时任务,默认时间顺序 内容为输出Hello,并启动计划任务
ansible all -m cron -a "job='echo Hello' name= Test state=absent"
删除受控主机上指定的计划任务
- yum_repository
##作用
配置系统软件仓库源文件##常用参数
name ##指定仓库名称
baseurl ##指定源路径
description ##指定仓库描述
file ##指定仓库文件名称
enabled ##仓库是否启用
gpgcheck ##长裤是否检测gpgkey
state ##默认值为present##present 建立##absent 删除##实例
ansible all -m yum_repository -a "name=AppStream description=AppStream baseurl=http://172.25.254.36/Test/AppStream gpgcheck=no enabled=1 file=NeuWings"
在NeuWings.repo中建立名为AppStream 描述也为AppStream 源路径如上所示 不检测gpgcheck的软件仓库并启用ansible all -m yum_repository -a "name=AppStream description=AppStream baseurl=http://172.25.254.36/Test/AppStream enabled=0 file=NeuWings"
关闭刚刚建立的AppStream仓库ansible all -m yum_repository -a "name=AppStream description=AppStream baseurl=http://172.25.254.36/Test/AppStream enabled=1 file=NeuWings state=absent"
删除刚刚建立的AppStream仓库
[root@Node1 .ansible]# ansible all -m yum_repository -a "name=AppStream description=AppStream baseurl=http://172.25.254.36/Test/AppStream gpgcheck=no enabled=1 file=NeuWings"
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"repo": "AppStream","state": "present"
}
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"repo": "AppStream","state": "present"
}
[root@Node1 .ansible]# ansible all -m shell -a "cat /etc/yum.repos.d/NeuWings.repo"
172.25.254.237 | CHANGED | rc=0 >>
[AppStream]
baseurl = http://172.25.254.36/Test/AppStream
enabled = 1
gpgcheck = 0
name = AppStream
172.25.254.137 | CHANGED | rc=0 >>
[AppStream]
baseurl = http://172.25.254.36/Test/AppStream
enabled = 1
gpgcheck = 0
name = AppStream
[root@Node1 .ansible]# ansible all -m yum_repository -a "name=BaseOS description=BaseOS baseurl=http://172.25.254.36/Test/BaseOS gpgcheck=no enabled=1 file=NeuWings"
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"repo": "BaseOS","state": "present"
}
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"repo": "BaseOS","state": "present"
}
[root@Node1 .ansible]# ansible all -m shell -a "cat /etc/yum.repos.d/NeuWings.repo"
172.25.254.237 | CHANGED | rc=0 >>
[AppStream]
baseurl = http://172.25.254.36/Test/Appstream
enabled = 1
gpgcheck = 0
name = AppStream[BaseOS]
baseurl = http://172.25.254.36/Test/BaseOS
enabled = 1
gpgcheck = 0
name = BaseOS
172.25.254.137 | CHANGED | rc=0 >>
[AppStream]
baseurl = http://172.25.254.36/Test/Appstream
enabled = 1
gpgcheck = 0
name = AppStream[BaseOS]
baseurl = http://172.25.254.36/Test/BaseOS
enabled = 1
gpgcheck = 0
name = BaseOS
[root@Node1 .ansible]# ansible all -m yum_repository -a "name=AppStream description=AppStream basrurl=http://172.25.254.36/Test/Appstream enabled=1 file=NeuWings state=absent"
172.25.254.237 | FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": false,"msg": "Unsupported parameters for (yum_repository) module: basrurl Supported parameters include: async, attributes, backup, bandwidth, baseurl, content, cost, delimiter, deltarpm_metadata_percentage, deltarpm_percentage, description, directory_mode, enabled, enablegroups, exclude, failovermethod, file, follow, force, gpgcakey, gpgcheck, gpgkey, group, http_caching, include, includepkgs, ip_resolve, keepalive, keepcache, metadata_expire, metadata_expire_filter, metalink, mirrorlist, mirrorlist_expire, mode, name, owner, params, password, priority, protect, proxy, proxy_password, proxy_username, regexp, remote_src, repo_gpgcheck, reposdir, retries, s3_enabled, selevel, serole, setype, seuser, skip_if_unavailable, src, ssl_check_cert_permissions, sslcacert, sslclientcert, sslclientkey, sslverify, state, throttle, timeout, ui_repoid_vars, unsafe_writes, username"
}
172.25.254.137 | FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": false,"msg": "Unsupported parameters for (yum_repository) module: basrurl Supported parameters include: async, attributes, backup, bandwidth, baseurl, content, cost, delimiter, deltarpm_metadata_percentage, deltarpm_percentage, description, directory_mode, enabled, enablegroups, exclude, failovermethod, file, follow, force, gpgcakey, gpgcheck, gpgkey, group, http_caching, include, includepkgs, ip_resolve, keepalive, keepcache, metadata_expire, metadata_expire_filter, metalink, mirrorlist, mirrorlist_expire, mode, name, owner, params, password, priority, protect, proxy, proxy_password, proxy_username, regexp, remote_src, repo_gpgcheck, reposdir, retries, s3_enabled, selevel, serole, setype, seuser, skip_if_unavailable, src, ssl_check_cert_permissions, sslcacert, sslclientcert, sslclientkey, sslverify, state, throttle, timeout, ui_repoid_vars, unsafe_writes, username"
}
[root@Node1 .ansible]# ansible all -m yum_repository -a "name=AppStream description=AppStream baseurl=http://172.25.254.36/Test/Appstream enabled=1 file=NeuWings state=absent"
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"repo": "AppStream","state": "absent"
}
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"repo": "AppStream","state": "absent"
}
[root@Node1 .ansible]# ansible all -m shell -a "cat /etc/yum.repos.d/NeuWings.repo"
172.25.254.137 | CHANGED | rc=0 >>
[BaseOS]
baseurl = http://172.25.254.36/Test/BaseOS
enabled = 1
gpgcheck = 0
name = BaseOS
172.25.254.237 | CHANGED | rc=0 >>
[BaseOS]
baseurl = http://172.25.254.36/Test/BaseOS
enabled = 1
gpgcheck = 0
name = BaseOS
[root@Node1 .ansible]# ansible all -m yum_repository -a "name=AppStream description=AppStream baseurl=http://172.25.254.36/Test/AppStream gpgcheck=no enabled=1 file=NeuWings"
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"repo": "AppStream","state": "present"
}
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"repo": "AppStream","state": "present"
}
- DNF
##作用
管理系统中的dnf仓库及管理软件##常用参数
name ##指定软件包
state ##指定动作##present 安装##latest 更新##absent 删除
list ##列出指定信息##httpd##installed##all##available
disable_gpg_check ##手动禁用gpgkey检测
enablerepo ##指定安装包来源
disablerepo ##禁用安装包来源
autoremove ##是否卸载依赖性##默认为no##no 不卸载依赖性,只卸载软件本身##yes 同时卸载其依赖性##实例
ansible all -m dnf -a 'name=httpd state=latest'
ansible all -m dnf -a 'name="dhcp-server,mariadb-server" state=present'
ansible all -m dnf -a 'name=httpd state=absent autoremove=yes'
ansible all -m dnf -a 'name=httpd state=present enablerepo=AppStream'
ansible all -m dnf -a 'name="*" state=latest'
ansible all -m dnf -a 'name="http://172.25.254.36/Softwares/QQ.rpm" state=present'
ansible all -m dnf -a 'name="@Virtualization Tools" state=present'
ansible all -m dnf -a 'name="@Virtualization Tools" state=absent autoremove=yes'
[root@Node1 .ansible]# ansible all -m dnf -a 'name=httpd state=latest'
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"msg": "","rc": 0,"results": ["Installed: apr-util-bdb-1.6.1-6.el8.x86_64","Installed: httpd-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64","Installed: httpd-filesystem-2.4.37-21.module+el8.2.0+5008+cca404a3.noarch","Installed: httpd-tools-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64","Installed: mod_http2-1.11.3-3.module+el8.2.0+4377+dc421495.x86_64","Installed: apr-util-openssl-1.6.1-6.el8.x86_64","Installed: apr-1.6.3-9.el8.x86_64","Installed: apr-util-1.6.1-6.el8.x86_64","Installed: redhat-logos-httpd-81.1-1.el8.noarch"]
}
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"msg": "","rc": 0,"results": ["Installed: apr-util-bdb-1.6.1-6.el8.x86_64","Installed: httpd-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64","Installed: httpd-filesystem-2.4.37-21.module+el8.2.0+5008+cca404a3.noarch","Installed: httpd-tools-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64","Installed: mod_http2-1.11.3-3.module+el8.2.0+4377+dc421495.x86_64","Installed: apr-util-openssl-1.6.1-6.el8.x86_64","Installed: apr-1.6.3-9.el8.x86_64","Installed: apr-util-1.6.1-6.el8.x86_64","Installed: redhat-logos-httpd-81.1-1.el8.noarch"]
}
[root@Node1 .ansible]# ansible all -m dnf -a 'name="httpd mariadb-server" state=present'
172.25.254.237 | FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": false,"msg": "It appears that a space separated string of packages was passed in as an argument. To operate on several packages, pass a comma separated string of packages or a list of packages."
}
172.25.254.137 | FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": false,"msg": "It appears that a space separated string of packages was passed in as an argument. To operate on several packages, pass a comma separated string of packages or a list of packages."
}
[root@Node1 .ansible]# ansible all -m dnf -a 'name="dhcp-server,mariadb-server" state=present'
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"msg": "","rc": 0,"results": ["Installed: perl-DBD-MySQL-4.046-3.module+el8.1.0+2938+301254e2.x86_64","Installed: dhcp-server-12:4.3.6-40.el8.x86_64","Installed: mariadb-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Installed: mariadb-backup-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Installed: mariadb-common-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Installed: mariadb-connector-c-3.0.7-1.el8.x86_64","Installed: mariadb-connector-c-config-3.0.7-1.el8.noarch","Installed: mariadb-errmsg-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Installed: mariadb-gssapi-server-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Installed: mariadb-server-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Installed: mariadb-server-utils-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64"]
}
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"msg": "","rc": 0,"results": ["Installed: perl-DBD-MySQL-4.046-3.module+el8.1.0+2938+301254e2.x86_64","Installed: dhcp-server-12:4.3.6-40.el8.x86_64","Installed: mariadb-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Installed: mariadb-backup-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Installed: mariadb-common-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Installed: mariadb-connector-c-3.0.7-1.el8.x86_64","Installed: mariadb-connector-c-config-3.0.7-1.el8.noarch","Installed: mariadb-errmsg-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Installed: mariadb-gssapi-server-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Installed: mariadb-server-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Installed: mariadb-server-utils-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64"]
}
[root@Node1 .ansible]# ansible all -m dnf -a 'name=httpd state=absent autoremove=yes'
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"msg": "","rc": 0,"results": ["Removed: redhat-logos-httpd-81.1-1.el8.noarch","Removed: mod_http2-1.11.3-3.module+el8.2.0+4377+dc421495.x86_64","Removed: apr-1.6.3-9.el8.x86_64","Removed: apr-util-1.6.1-6.el8.x86_64","Removed: apr-util-bdb-1.6.1-6.el8.x86_64","Removed: apr-util-openssl-1.6.1-6.el8.x86_64","Removed: httpd-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64","Removed: httpd-filesystem-2.4.37-21.module+el8.2.0+5008+cca404a3.noarch","Removed: httpd-tools-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64"]
}
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"msg": "","rc": 0,"results": ["Removed: redhat-logos-httpd-81.1-1.el8.noarch","Removed: mod_http2-1.11.3-3.module+el8.2.0+4377+dc421495.x86_64","Removed: apr-1.6.3-9.el8.x86_64","Removed: apr-util-1.6.1-6.el8.x86_64","Removed: apr-util-bdb-1.6.1-6.el8.x86_64","Removed: apr-util-openssl-1.6.1-6.el8.x86_64","Removed: httpd-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64","Removed: httpd-filesystem-2.4.37-21.module+el8.2.0+5008+cca404a3.noarch","Removed: httpd-tools-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64"]
}
[root@Node1 .ansible]# ansible all -m dnf -a 'name="*" state=latest'
172.25.254.137 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": false,"msg": "Nothing to do","rc": 0,"results": []
}
172.25.254.237 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": false,"msg": "Nothing to do","rc": 0,"results": []
}
[root@Node1 .ansible]# ansible all -m dnf -a 'name="httpd,mariadb-server,dhcp-server" state=absent autoremove=yes'
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"msg": "","rc": 0,"results": ["Removed: mariadb-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Removed: mariadb-backup-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Removed: mariadb-common-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Removed: mariadb-connector-c-3.0.7-1.el8.x86_64","Removed: mariadb-connector-c-config-3.0.7-1.el8.noarch","Removed: mariadb-errmsg-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Removed: mariadb-gssapi-server-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Removed: mariadb-server-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Removed: mariadb-server-utils-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Removed: dhcp-server-12:4.3.6-40.el8.x86_64","Removed: perl-DBD-MySQL-4.046-3.module+el8.1.0+2938+301254e2.x86_64"]
}
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"msg": "","rc": 0,"results": ["Removed: mariadb-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Removed: mariadb-backup-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Removed: mariadb-common-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Removed: mariadb-connector-c-3.0.7-1.el8.x86_64","Removed: mariadb-connector-c-config-3.0.7-1.el8.noarch","Removed: mariadb-errmsg-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Removed: mariadb-gssapi-server-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Removed: mariadb-server-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Removed: mariadb-server-utils-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64","Removed: dhcp-server-12:4.3.6-40.el8.x86_64","Removed: perl-DBD-MySQL-4.046-3.module+el8.1.0+2938+301254e2.x86_64"]
}
[root@Node1 .ansible]# ansible all -m dnf -a 'name="@Virtualization Tools" state=present'
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"msg": "","rc": 0,"results": ["Group virtualization-tools installed.","Installed: libguestfs-1:1.38.4-15.module+el8.2.0+5297+222a20af.x86_64","Installed: virtio-win-1.9.11-1.el8.noarch","Installed: hivex-1.3.15-7.module+el8.1.0+4066+0f1aadab.x86_64","Installed: syslinux-6.04-4.el8.x86_64","Installed: syslinux-extlinux-nonlinux-6.04-4.el8.noarch","Installed: syslinux-nonlinux-6.04-4.el8.noarch","Installed: syslinux-extlinux-6.04-4.el8.x86_64","Installed: supermin-5.1.19-9.module+el8.1.0+4066+0f1aadab.x86_64","Installed: scrub-2.5.2-14.el8.x86_64"]
}
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"msg": "","rc": 0,"results": ["Group virtualization-tools installed.","Installed: libguestfs-1:1.38.4-15.module+el8.2.0+5297+222a20af.x86_64","Installed: virtio-win-1.9.11-1.el8.noarch","Installed: hivex-1.3.15-7.module+el8.1.0+4066+0f1aadab.x86_64","Installed: syslinux-6.04-4.el8.x86_64","Installed: syslinux-extlinux-nonlinux-6.04-4.el8.noarch","Installed: syslinux-nonlinux-6.04-4.el8.noarch","Installed: syslinux-extlinux-6.04-4.el8.x86_64","Installed: supermin-5.1.19-9.module+el8.1.0+4066+0f1aadab.x86_64","Installed: scrub-2.5.2-14.el8.x86_64"]
}
[root@Node1 .ansible]# ansible all -m dnf -a 'name="@Virtualization Tools" state=absent autoremove=yes'
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"msg": "","rc": 0,"results": ["Removed: libguestfs-1:1.38.4-15.module+el8.2.0+5297+222a20af.x86_64","Removed: hivex-1.3.15-7.module+el8.1.0+4066+0f1aadab.x86_64","Removed: supermin-5.1.19-9.module+el8.1.0+4066+0f1aadab.x86_64","Removed: syslinux-6.04-4.el8.x86_64","Removed: syslinux-extlinux-6.04-4.el8.x86_64","Removed: scrub-2.5.2-14.el8.x86_64","Removed: syslinux-extlinux-nonlinux-6.04-4.el8.noarch","Removed: syslinux-nonlinux-6.04-4.el8.noarch","Removed: virtio-win-1.9.11-1.el8.noarch"]
}
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"msg": "","rc": 0,"results": ["Removed: libguestfs-1:1.38.4-15.module+el8.2.0+5297+222a20af.x86_64","Removed: hivex-1.3.15-7.module+el8.1.0+4066+0f1aadab.x86_64","Removed: supermin-5.1.19-9.module+el8.1.0+4066+0f1aadab.x86_64","Removed: syslinux-6.04-4.el8.x86_64","Removed: syslinux-extlinux-6.04-4.el8.x86_64","Removed: scrub-2.5.2-14.el8.x86_64","Removed: syslinux-extlinux-nonlinux-6.04-4.el8.noarch","Removed: syslinux-nonlinux-6.04-4.el8.noarch","Removed: virtio-win-1.9.11-1.el8.noarch"]
}
- Service
##作用
管理系统服务状态##常用参数
name ##指定服务名称
state ##指定对服务的动作##started##stoped##restarted##reloaded##需要注意的是,并非所有服务都支持reloaded
enabled ##设置服务开机是否启动##yes 开机启动##no 开机不启动##实例
ansible all -m service -a "name=httpd state=started enabled=yes"
ansible all -m service -a "name=httpd state=reloaded enabled=yes"
ansible all -m service -a "name=httpd state=restarted enabled=yes"
- Firewalld
##作用
对于火墙服务规则进行管理##常用参数
zone ##指定火墙的域
service ##服务名称
permanent ##是否永久生效
state ##操作状态##enabled 允许##disabled 拒绝
immediate ##立即生效##实例
ansible all -m firewalld -a "zone=public service=http permanent=yes state=enabled immediate=yes"
##实验操作
##为所有受控主机安装Apache服务
[root@Node1 .ansible]# ansible all -m dnf -a "name=httpd state=latest"
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"msg": "","rc": 0,"results": ["Installed: apr-util-bdb-1.6.1-6.el8.x86_64","Installed: httpd-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64","Installed: httpd-filesystem-2.4.37-21.module+el8.2.0+5008+cca404a3.noarch","Installed: httpd-tools-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64","Installed: mod_http2-1.11.3-3.module+el8.2.0+4377+dc421495.x86_64","Installed: apr-util-openssl-1.6.1-6.el8.x86_64","Installed: apr-1.6.3-9.el8.x86_64","Installed: apr-util-1.6.1-6.el8.x86_64","Installed: redhat-logos-httpd-81.1-1.el8.noarch"]
}
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"msg": "","rc": 0,"results": ["Installed: apr-util-bdb-1.6.1-6.el8.x86_64","Installed: httpd-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64","Installed: httpd-filesystem-2.4.37-21.module+el8.2.0+5008+cca404a3.noarch","Installed: httpd-tools-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64","Installed: mod_http2-1.11.3-3.module+el8.2.0+4377+dc421495.x86_64","Installed: apr-util-openssl-1.6.1-6.el8.x86_64","Installed: apr-1.6.3-9.el8.x86_64","Installed: apr-util-1.6.1-6.el8.x86_64","Installed: redhat-logos-httpd-81.1-1.el8.noarch"]
}##在所有受控主机上临时开启Apache服务
[root@Node1 .ansible]# ansible all -m service -a "name=httpd state=started enabled=no"
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"enabled": false,"name": "httpd","state": "started","status": {"ActiveEnterTimestampMonotonic": "0","ActiveExitTimestampMonotonic": "0","ActiveState": "inactive","After": "basic.target -.mount tmp.mount network.target systemd-tmpfiles-setup.service httpd-init.service system.slice remote-fs.target systemd-journald.socket sysinit.target nss-lookup.target","AllowIsolate": "no","AllowedCPUs": "","AllowedMemoryNodes": "","AmbientCapabilities": "","AssertResult": "no","AssertTimestampMonotonic": "0","Before": "shutdown.target","BlockIOAccounting": "no","BlockIOWeight": "[not set]","CPUAccounting": "no","CPUAffinity": "","CPUQuotaPerSecUSec": "infinity","CPUSchedulingPolicy": "0","CPUSchedulingPriority": "0","CPUSchedulingResetOnFork": "no","CPUShares": "[not set]","CPUUsageNSec": "[not set]","CPUWeight": "[not set]","CacheDirectoryMode": "0755","CanIsolate": "no","CanReload": "yes","CanStart": "yes","CanStop": "yes","CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend","CollectMode": "inactive","ConditionResult": "no","ConditionTimestampMonotonic": "0","ConfigurationDirectoryMode": "0755","Conflicts": "shutdown.target","ControlPID": "0","DefaultDependencies": "yes","Delegate": "no","Description": "The Apache HTTP Server","DevicePolicy": "auto","Documentation": "man:httpd.service(8)","DynamicUser": "no","EffectiveCPUs": "","EffectiveMemoryNodes": "","Environment": "LANG=C","ExecMainCode": "0","ExecMainExitTimestampMonotonic": "0","ExecMainPID": "0","ExecMainStartTimestampMonotonic": "0","ExecMainStatus": "0","ExecReload": "{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -k graceful ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }","ExecStart": "{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -DFOREGROUND ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }","FailureAction": "none","FileDescriptorStoreMax": "0","FragmentPath": "/usr/lib/systemd/system/httpd.service","GID": "[not set]","GuessMainPID": "yes","IOAccounting": "no","IOSchedulingClass": "0","IOSchedulingPriority": "0","IOWeight": "[not set]","IPAccounting": "no","IPEgressBytes": "18446744073709551615","IPEgressPackets": "18446744073709551615","IPIngressBytes": "18446744073709551615","IPIngressPackets": "18446744073709551615","Id": "httpd.service","IgnoreOnIsolate": "no","IgnoreSIGPIPE": "yes","InactiveEnterTimestampMonotonic": "0","InactiveExitTimestampMonotonic": "0","JobRunningTimeoutUSec": "infinity","JobTimeoutAction": "none","JobTimeoutUSec": "infinity","KeyringMode": "private","KillMode": "mixed","KillSignal": "28","LimitAS": "infinity","LimitASSoft": "infinity","LimitCORE": "infinity","LimitCORESoft": "infinity","LimitCPU": "infinity","LimitCPUSoft": "infinity","LimitDATA": "infinity","LimitDATASoft": "infinity","LimitFSIZE": "infinity","LimitFSIZESoft": "infinity","LimitLOCKS": "infinity","LimitLOCKSSoft": "infinity","LimitMEMLOCK": "65536","LimitMEMLOCKSoft": "65536","LimitMSGQUEUE": "819200","LimitMSGQUEUESoft": "819200","LimitNICE": "0","LimitNICESoft": "0","LimitNOFILE": "262144","LimitNOFILESoft": "1024","LimitNPROC": "2690","LimitNPROCSoft": "2690","LimitRSS": "infinity","LimitRSSSoft": "infinity","LimitRTPRIO": "0","LimitRTPRIOSoft": "0","LimitRTTIME": "infinity","LimitRTTIMESoft": "infinity","LimitSIGPENDING": "2690","LimitSIGPENDINGSoft": "2690","LimitSTACK": "infinity","LimitSTACKSoft": "8388608","LoadState": "loaded","LockPersonality": "no","LogLevelMax": "-1","LogRateLimitBurst": "0","LogRateLimitIntervalUSec": "0","LogsDirectoryMode": "0755","MainPID": "0","MemoryAccounting": "yes","MemoryCurrent": "[not set]","MemoryDenyWriteExecute": "no","MemoryHigh": "infinity","MemoryLimit": "infinity","MemoryLow": "0","MemoryMax": "infinity","MemorySwapMax": "infinity","MountAPIVFS": "no","MountFlags": "","NFileDescriptorStore": "0","NRestarts": "0","NUMAMask": "","NUMAPolicy": "n/a","Names": "httpd.service","NeedDaemonReload": "no","Nice": "0","NoNewPrivileges": "no","NonBlocking": "no","NotifyAccess": "main","OOMScoreAdjust": "0","OnFailureJobMode": "replace","PermissionsStartOnly": "no","Perpetual": "no","PrivateDevices": "no","PrivateMounts": "no","PrivateNetwork": "no","PrivateTmp": "yes","PrivateUsers": "no","ProtectControlGroups": "no","ProtectHome": "no","ProtectKernelModules": "no","ProtectKernelTunables": "no","ProtectSystem": "no","RefuseManualStart": "no","RefuseManualStop": "no","RemainAfterExit": "no","RemoveIPC": "no","Requires": "-.mount system.slice sysinit.target","RequiresMountsFor": "/var/tmp","Restart": "no","RestartUSec": "100ms","RestrictNamespaces": "no","RestrictRealtime": "no","RestrictSUIDSGID": "no","Result": "success","RootDirectoryStartOnly": "no","RuntimeDirectoryMode": "0755","RuntimeDirectoryPreserve": "no","RuntimeMaxUSec": "infinity","SameProcessGroup": "no","SecureBits": "0","SendSIGHUP": "no","SendSIGKILL": "yes","Slice": "system.slice","StandardError": "inherit","StandardInput": "null","StandardInputData": "","StandardOutput": "journal","StartLimitAction": "none","StartLimitBurst": "5","StartLimitIntervalUSec": "10s","StartupBlockIOWeight": "[not set]","StartupCPUShares": "[not set]","StartupCPUWeight": "[not set]","StartupIOWeight": "[not set]","StateChangeTimestampMonotonic": "0","StateDirectoryMode": "0755","StatusErrno": "0","StopWhenUnneeded": "no","SubState": "dead","SuccessAction": "none","SyslogFacility": "3","SyslogLevel": "6","SyslogLevelPrefix": "yes","SyslogPriority": "30","SystemCallErrorNumber": "0","TTYReset": "no","TTYVHangup": "no","TTYVTDisallocate": "no","TasksAccounting": "yes","TasksCurrent": "[not set]","TasksMax": "4304","TimeoutStartUSec": "1min 30s","TimeoutStopUSec": "1min 30s","TimerSlackNSec": "50000","Transient": "no","Type": "notify","UID": "[not set]","UMask": "0022","UnitFilePreset": "disabled","UnitFileState": "disabled","UtmpMode": "init","Wants": "httpd-init.service","WatchdogTimestampMonotonic": "0","WatchdogUSec": "0"}
}
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"enabled": false,"name": "httpd","state": "started","status": {"ActiveEnterTimestampMonotonic": "0","ActiveExitTimestampMonotonic": "0","ActiveState": "inactive","After": "sysinit.target systemd-journald.socket httpd-init.service tmp.mount network.target basic.target -.mount remote-fs.target nss-lookup.target system.slice systemd-tmpfiles-setup.service","AllowIsolate": "no","AllowedCPUs": "","AllowedMemoryNodes": "","AmbientCapabilities": "","AssertResult": "no","AssertTimestampMonotonic": "0","Before": "shutdown.target","BlockIOAccounting": "no","BlockIOWeight": "[not set]","CPUAccounting": "no","CPUAffinity": "","CPUQuotaPerSecUSec": "infinity","CPUSchedulingPolicy": "0","CPUSchedulingPriority": "0","CPUSchedulingResetOnFork": "no","CPUShares": "[not set]","CPUUsageNSec": "[not set]","CPUWeight": "[not set]","CacheDirectoryMode": "0755","CanIsolate": "no","CanReload": "yes","CanStart": "yes","CanStop": "yes","CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend","CollectMode": "inactive","ConditionResult": "no","ConditionTimestampMonotonic": "0","ConfigurationDirectoryMode": "0755","Conflicts": "shutdown.target","ControlPID": "0","DefaultDependencies": "yes","Delegate": "no","Description": "The Apache HTTP Server","DevicePolicy": "auto","Documentation": "man:httpd.service(8)","DynamicUser": "no","EffectiveCPUs": "","EffectiveMemoryNodes": "","Environment": "LANG=C","ExecMainCode": "0","ExecMainExitTimestampMonotonic": "0","ExecMainPID": "0","ExecMainStartTimestampMonotonic": "0","ExecMainStatus": "0","ExecReload": "{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -k graceful ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }","ExecStart": "{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -DFOREGROUND ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }","FailureAction": "none","FileDescriptorStoreMax": "0","FragmentPath": "/usr/lib/systemd/system/httpd.service","GID": "[not set]","GuessMainPID": "yes","IOAccounting": "no","IOSchedulingClass": "0","IOSchedulingPriority": "0","IOWeight": "[not set]","IPAccounting": "no","IPEgressBytes": "18446744073709551615","IPEgressPackets": "18446744073709551615","IPIngressBytes": "18446744073709551615","IPIngressPackets": "18446744073709551615","Id": "httpd.service","IgnoreOnIsolate": "no","IgnoreSIGPIPE": "yes","InactiveEnterTimestampMonotonic": "0","InactiveExitTimestampMonotonic": "0","JobRunningTimeoutUSec": "infinity","JobTimeoutAction": "none","JobTimeoutUSec": "infinity","KeyringMode": "private","KillMode": "mixed","KillSignal": "28","LimitAS": "infinity","LimitASSoft": "infinity","LimitCORE": "infinity","LimitCORESoft": "infinity","LimitCPU": "infinity","LimitCPUSoft": "infinity","LimitDATA": "infinity","LimitDATASoft": "infinity","LimitFSIZE": "infinity","LimitFSIZESoft": "infinity","LimitLOCKS": "infinity","LimitLOCKSSoft": "infinity","LimitMEMLOCK": "65536","LimitMEMLOCKSoft": "65536","LimitMSGQUEUE": "819200","LimitMSGQUEUESoft": "819200","LimitNICE": "0","LimitNICESoft": "0","LimitNOFILE": "262144","LimitNOFILESoft": "1024","LimitNPROC": "2690","LimitNPROCSoft": "2690","LimitRSS": "infinity","LimitRSSSoft": "infinity","LimitRTPRIO": "0","LimitRTPRIOSoft": "0","LimitRTTIME": "infinity","LimitRTTIMESoft": "infinity","LimitSIGPENDING": "2690","LimitSIGPENDINGSoft": "2690","LimitSTACK": "infinity","LimitSTACKSoft": "8388608","LoadState": "loaded","LockPersonality": "no","LogLevelMax": "-1","LogRateLimitBurst": "0","LogRateLimitIntervalUSec": "0","LogsDirectoryMode": "0755","MainPID": "0","MemoryAccounting": "yes","MemoryCurrent": "[not set]","MemoryDenyWriteExecute": "no","MemoryHigh": "infinity","MemoryLimit": "infinity","MemoryLow": "0","MemoryMax": "infinity","MemorySwapMax": "infinity","MountAPIVFS": "no","MountFlags": "","NFileDescriptorStore": "0","NRestarts": "0","NUMAMask": "","NUMAPolicy": "n/a","Names": "httpd.service","NeedDaemonReload": "no","Nice": "0","NoNewPrivileges": "no","NonBlocking": "no","NotifyAccess": "main","OOMScoreAdjust": "0","OnFailureJobMode": "replace","PermissionsStartOnly": "no","Perpetual": "no","PrivateDevices": "no","PrivateMounts": "no","PrivateNetwork": "no","PrivateTmp": "yes","PrivateUsers": "no","ProtectControlGroups": "no","ProtectHome": "no","ProtectKernelModules": "no","ProtectKernelTunables": "no","ProtectSystem": "no","RefuseManualStart": "no","RefuseManualStop": "no","RemainAfterExit": "no","RemoveIPC": "no","Requires": "system.slice -.mount sysinit.target","RequiresMountsFor": "/var/tmp","Restart": "no","RestartUSec": "100ms","RestrictNamespaces": "no","RestrictRealtime": "no","RestrictSUIDSGID": "no","Result": "success","RootDirectoryStartOnly": "no","RuntimeDirectoryMode": "0755","RuntimeDirectoryPreserve": "no","RuntimeMaxUSec": "infinity","SameProcessGroup": "no","SecureBits": "0","SendSIGHUP": "no","SendSIGKILL": "yes","Slice": "system.slice","StandardError": "inherit","StandardInput": "null","StandardInputData": "","StandardOutput": "journal","StartLimitAction": "none","StartLimitBurst": "5","StartLimitIntervalUSec": "10s","StartupBlockIOWeight": "[not set]","StartupCPUShares": "[not set]","StartupCPUWeight": "[not set]","StartupIOWeight": "[not set]","StateChangeTimestampMonotonic": "0","StateDirectoryMode": "0755","StatusErrno": "0","StopWhenUnneeded": "no","SubState": "dead","SuccessAction": "none","SyslogFacility": "3","SyslogLevel": "6","SyslogLevelPrefix": "yes","SyslogPriority": "30","SystemCallErrorNumber": "0","TTYReset": "no","TTYVHangup": "no","TTYVTDisallocate": "no","TasksAccounting": "yes","TasksCurrent": "[not set]","TasksMax": "4304","TimeoutStartUSec": "1min 30s","TimeoutStopUSec": "1min 30s","TimerSlackNSec": "50000","Transient": "no","Type": "notify","UID": "[not set]","UMask": "0022","UnitFilePreset": "disabled","UnitFileState": "disabled","UtmpMode": "init","Wants": "httpd-init.service","WatchdogTimestampMonotonic": "0","WatchdogUSec": "0"}
}
[root@Node1 .ansible]# ansible all -m shell -a "systemctl status httpd"
172.25.254.137 | CHANGED | rc=0 >>
● httpd.service - The Apache HTTP ServerLoaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)Active: active (running) since Wed 2021-03-17 13:55:04 CST; 30s agoDocs: man:httpd.service(8)Main PID: 47975 (httpd)Status: "Running, listening on: port 80"Tasks: 213 (limit: 4304)Memory: 19.1MCGroup: /system.slice/httpd.service├─47975 /usr/sbin/httpd -DFOREGROUND├─47976 /usr/sbin/httpd -DFOREGROUND├─47977 /usr/sbin/httpd -DFOREGROUND├─47978 /usr/sbin/httpd -DFOREGROUND└─47979 /usr/sbin/httpd -DFOREGROUNDMar 17 13:55:04 Node2.westos.org systemd[1]: Starting The Apache HTTP Server...
Mar 17 13:55:04 Node2.westos.org systemd[1]: Started The Apache HTTP Server.
Mar 17 13:55:04 Node2.westos.org httpd[47975]: Server configured, listening on: port 80
172.25.254.237 | CHANGED | rc=0 >>
● httpd.service - The Apache HTTP ServerLoaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)Active: active (running) since Wed 2021-03-17 13:55:04 CST; 30s agoDocs: man:httpd.service(8)Main PID: 47813 (httpd)Status: "Running, listening on: port 80"Tasks: 213 (limit: 4304)Memory: 21.1MCGroup: /system.slice/httpd.service├─47813 /usr/sbin/httpd -DFOREGROUND├─47814 /usr/sbin/httpd -DFOREGROUND├─47815 /usr/sbin/httpd -DFOREGROUND├─47816 /usr/sbin/httpd -DFOREGROUND└─47817 /usr/sbin/httpd -DFOREGROUNDMar 17 13:55:04 Node3.westos.org systemd[1]: Starting The Apache HTTP Server...
Mar 17 13:55:04 Node3.westos.org systemd[1]: Started The Apache HTTP Server.
Mar 17 13:55:04 Node3.westos.org httpd[47813]: Server configured, listening on: port 80
[root@Node1 .ansible]# ansible all -m firewalld -a "zone=public service=httpd permanent=yes immediate=yes state=enabled"
172.25.254.237 | FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": false,"msg": "ERROR: Exception caught: org.fedoraproject.FirewallD1.Exception: INVALID_SERVICE: 'httpd' not among existing services Permanent and Non-Permanent(immediate) operation, Services are defined by port/tcp relationship and named as they are in /etc/services (on most systems)"
}
172.25.254.137 | FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": false,"msg": "ERROR: Exception caught: org.fedoraproject.FirewallD1.Exception: INVALID_SERVICE: 'httpd' not among existing services Permanent and Non-Permanent(immediate) operation, Services are defined by port/tcp relationship and named as they are in /etc/services (on most systems)"
}
[root@Node1 .ansible]# ansible all -m firewalld -a "zone=public service=http permanent=yes immediate=yes state=enabled"
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"msg": "Permanent and Non-Permanent(immediate) operation, Changed service http to enabled"
}
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"msg": "Permanent and Non-Permanent(immediate) operation, Changed service http to enabled"
}
[root@Node1 .ansible]# ansible all -m shell -a "firewall-cmd --list-all"
172.25.254.137 | CHANGED | rc=0 >>
public (active)target: defaulticmp-block-inversion: nointerfaces: ens3sources: services: cockpit dhcpv6-client http sshports: protocols: masquerade: noforward-ports: source-ports: icmp-blocks: rich rules: 172.25.254.237 | CHANGED | rc=0 >>
public (active)target: defaulticmp-block-inversion: nointerfaces: ens3sources: services: cockpit dhcpv6-client http sshports: protocols: masquerade: noforward-ports: source-ports: icmp-blocks: rich rules:
- User
##作用
管理远程主机上的账户,如创建/修改/删除/为用户创建密钥##常用参数
name ##必须参数,指定操作对象的用户名称
group ##指定用户所在的基本组
groups ##指定用户所在的附加组
append ##指定附加组的添加情况,默认情况下为no,意思为替换附加组而不是追加
shell ##指定用户的默认shell
uid ##指定用户的UID号
comment ##指定用户的注释信息
state ##用于指定用户是否存在于远程主机##persent 建立##absent 删除
remove ##删除用户时是否删除用户家目录,默认值为no
password ##用于指定用户密码,但密码为明文##为了安全加密##可以用openssl password -6 '密码'生成加密字符
generate_ssh_key ##为用户生成sshkey##实例
ansible all -m user -a 'name=TestBench state=present uid=9961 group=9961 comment="TestBench User" generate_ssh_key=yes'
ansible all -m user -a 'name=TestBench remove=yes state=absent'
- Group
##作用
用于管理远程主机上的组##常用参数
name ##必须参数,用于指定操作组的名称
state ##用于指定组的状态##present 建立##absent 删除
gid ##用于指定组的GID##实例
ansible all -m group -a "name=Test state=present gid=9961"
absible all -m group -a "name=Test state=absent"
##实验操作
##建立下文需要使用的用户组
[root@Node1 .ansible]# ansible all -m group -a 'name=TestBench state=present gid=9961'
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"gid": 9961,"name": "TestBench","state": "present","system": false
}
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"gid": 9961,"name": "TestBench","state": "present","system": false
}##建立TestBench用户并设定具体信息,同时为其分配SSHKey
[root@Node1 .ansible]# ansible all -m user -a 'name=TestBench state=present uid=9961 group=9961 comment="TestBench User" generate_ssh_key=yes'
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"comment": "TestBench User","create_home": true,"group": 9961,"home": "/home/TestBench","name": "TestBench","shell": "/bin/bash","ssh_fingerprint": "3072 SHA256:jWdVvrzIKekLTl0qSi5AGewuMC5RyZ7D+4pDcaZK0WI ansible-generated on Node3.westos.org (RSA)","ssh_key_file": "/home/TestBench/.ssh/id_rsa","ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDb4zD5CAwVL1oKmE8fjdzkmCUG52qBGjyy09eyo4qXs4FaqTb1wEem8lcUmM7CdQjqC7AGhhkFGuLQ6DtUA26aEx983HK2azbhYkFLYc3MmdR5Q25H8EOtNtpOgRXjyIi4zuLd9IN9DPxUg0G7S/fRJnuePA/R7/w1ReGgl241Nr3NYlVndsWbOwxhzjk8Iont1hZH4TZYUD7NdhrB+BiNp5+6LKu3+6QPo5SGjlMeOXoug6Ni5e2m1vadHRrJDrdbkUE7sVaRJT17puZTWsVRLh28d/LNqj2YkEWKS5crqfhJMcdm/CMCxEncW7ApML6Xhewd2TYssJdJf6q3911r82eyKl9I7KAfdd88YZbO35fFBJZ4Uep41mj0m9RDmprfiEyQK6pVhSCyEF3JmQ4zwdl5SYQAmq7NIXjn7kuEI7Yy/ILfHQTe5XdsyDrJf2Qa7URowH8TxWJFRpRQ7f7zoIqRxzOxjIVD2s8ColBpKvr9Ozag3DuCWfmBUucw/S8= ansible-generated on Node3.westos.org","state": "present","system": false,"uid": 9961
}
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"comment": "TestBench User","create_home": true,"group": 9961,"home": "/home/TestBench","name": "TestBench","shell": "/bin/bash","ssh_fingerprint": "3072 SHA256:xxN1ZP9rYJxN1RVlm4dQkqwonOdThnCJvHF/Q3BRbbY ansible-generated on Node2.westos.org (RSA)","ssh_key_file": "/home/TestBench/.ssh/id_rsa","ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvslbIRt7OJy+4vmhETBDmsWpaSh946Ra22RtqnF+v/R18RGpjGhFU59rDaKo/blY81daSKtvGZ/syHOzfkUQwVrhXQ4ogEiBJSklyLw8d6s+633muz9NH/ZVVIOuZHgbPpTTwQkIB8NU0qrypq/GODBt7VJpKjbfvUFiltClrr7r2eusVCCYNUdkT83NjzZ1xrXLgbO+PD7kfwQO/ewIlsAQtg8Lpjv+Hub1UwB7cfMKUY5V8F4dtBHz+JxuLMCH3HoInk0mKW+5s5Lk7DzbpBmwuev9Xvclzpb9X0FNUyFayoreaPPlbLIxShhdegI6ksway6eAQh9JuVyKVjvcNvjc4SZBe/OImzJ5Pybmdl0e1NhNlowYvkdXxiEzN+xoJV49FbBug5y2C0LuQOEQaWANabdOI6k0AkCmWdpjoioKoEtDTZmSFvfj8N1uKiZWRlP4bZmz5/q4fAW+5quDfn//mKdoXd26cjq+G8QFKMD36n5NhuHDuKoZPlU0AmVk= ansible-generated on Node2.westos.org","state": "present","system": false,"uid": 9961
}##查看受控主机的私钥和公钥,可以看到各不相同
[root@Node1 .ansible]# ansible all -m shell -a "cat /home/TestBench/.ssh/id_rsa"
172.25.254.137 | CHANGED | rc=0 >>
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEAr7JWyEbezicvuL5oREwQ5rFqWkofeOkWttkbapxfr/0dfERqYxoR
VOfaw2iqP25WPNXWkirbxmf7Mhzs35FEMFa4V0OKIBIgSUpJci8PHerPut95rs/TR/2VVS
DrmR4Gz6U08EJCAfDVNKq8qavxjgwbe1SaSo2371BYpbQpa6+69nrrFQgmDVHZE/NzY82d
ca1y4Gzvjw+5H8EDv3sCJbAELYPC6Y7/h7m9VMAe3HzClGOVfBeHbQR8/icbizAh9x6CJ5
NJilvubOS5Ow826QZsLnr/V73Jc6W/V9BTVMhWsqK3mjz5WyyMUoYXXoCOpLMGsungEIfS
blcilY73Db43OEmQXvziJsyeT8m5nZdHtTYTZaMGL5HV8YhMzfsaCVePRWwboOctgtC7kD
hEGlgDWm3TiOpNAJAplnaY6IqCqBLQ02Zkhb34/DdbiomVkZT+G2Zs+f6uHwFvuarg35//
5inaF3dunI6vhvEBSjA9+p+TYbhw7iqGT5VNAJlZAAAFoJZTPaSWUz2kAAAAB3NzaC1yc2
EAAAGBAK+yVshG3s4nL7i+aERMEOaxalpKH3jpFrbZG2qcX6/9HXxEamMaEVTn2sNoqj9u
VjzV1pIq28Zn+zIc7N+RRDBWuFdDiiASIElKSXIvDx3qz7rfea7P00f9lVUg65keBs+lNP
BCQgHw1TSqvKmr8Y4MG3tUmkqNt+9QWKW0KWuvuvZ66xUIJg1R2RPzc2PNnXGtcuBs748P
uR/BA797AiWwBC2DwumO/4e5vVTAHtx8wpRjlXwXh20EfP4nG4swIfcegieTSYpb7mzkuT
sPNukGbC56/1e9yXOlv1fQU1TIVrKit5o8+VssjFKGF16AjqSzBrLp4BCH0m5XIpWO9w2+
NzhJkF784ibMnk/JuZ2XR7U2E2WjBi+R1fGITM37GglXj0VsG6DnLYLQu5A4RBpYA1pt04
jqTQCQKZZ2mOiKgqgS0NNmZIW9+Pw3W4qJlZGU/htmbPn+rh8Bb7mq4N+f/+Yp2hd3bpyO
r4bxAUowPfqfk2G4cO4qhk+VTQCZWQAAAAMBAAEAAAGAIKBTcTmH4mxwdjQVlKkzckN75m
xhT8ipCSdj6fZD5qBwO0VRJDoRAd1USHlFNCY/KWjkQZxn134zrWilrBaDvR49eSb3nWEA
UdvTq7qFah7SmHcrV4UMTRAQDRDh7zseNK0PGZaUP1wDm5YhFrjxUFl7OPnK9RFAGNaov4
ynLHIjm+XThcJPnqWWVBgfU2c5V4TIEljoW36l9/mVwpcLHQiEnhcbuNdvKDsbp4NNt9AL
KhccCUEtStdMhr2oZb54IWHxhYW9DwkQAKSJ9jM4TM13SSQjrO02UZHl7iJfS4do2SlOgp
hfgHxk5a1XJB1A68RoNXRpJ0zuUbB3O7uhdQ834HFyA49uyE8EpdafHXy/PAezMFsbA8fN
e+EFabM9tDYfkl4HUSWO8TSTZ3SYaQbfL7vTaVZVtSDY4X3osRt03pJzLzzSzQaI45rDkB
fjaK0drGk2+PbeGGGv3x5h2RTOaBNVJcPA0HKcL0lZ8pHvwbXM+1nZMtX8JPBQyFIJAAAA
wHXuZ2froUU79KAJovNmdB++T955pTy34w+XZgf8ZShxOm286QMonLq/GXgp1Slk66q/Gd
VEaDP7UQryUr/1uSHFEHvAmeCzCw5VGbGUy4/PGcX7Q8c14Wuarem+MbU61h1nJhQPopRV
FpRr0ShpdvRvYiCQSMuGm7EYp3IvkKBdW5jC6G11FMzSitdxj8AjXCYH1QttTcOXSIZHLG
Am5JMEGvo5DimuhudwRI+z2NDFkkTCFREfNY/xGeat91OtJgAAAMEA3I4jNP2YtQ4l6igh
oR39M6n4LditanwrlixKLUoUi3e2aFg/fD5dasNz+9ZSWDO1q/YtvHk9wriwkdcNYkitAW
gKJZRFlwOgX4fHPqCr7WlmjnWx45+pSk5C5UrKwSWmCmQ4SdFlYtCBVHEwm0lP97Xt8b1N
KsquJvkUdKTL9Stg927W+fbCxwg28Vaxjoa5R2rqrD8ES+6rnubSPlkZ/nTV5ZsLo30x9K
cGDbuqlaXRO+Oyr4nz9e7iUPRnhPwPAAAAwQDL7qyfDEaWqHc8gmVPtGw8HlAaekBnKI70
ppwqOTnS+fPfYtXEvn3MZnUlH1Ll+0r2L32WjEL6VtFzhHsXXREHJdEyp3D1zN18xBVwl4
2UqvuDadujSOs+eoi/SEsBq9uV3JWIFjIociHg+SwLcPRwDup778ZqtT5vbyhEYo/XumIk
Q9mA61GagEm3q0s5JsHbgel/6+RSZNgRIEoUqWPFuYq/BGkKJpv72Red3JXwaOM5Nf6Kvn
FCdnoSpPuuzBcAAAAlYW5zaWJsZS1nZW5lcmF0ZWQgb24gTm9kZTIud2VzdG9zLm9yZwEC
AwQFBg==
-----END OPENSSH PRIVATE KEY-----
172.25.254.237 | CHANGED | rc=0 >>
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEA2+Mw+QgMFS9aCphPH43c5JglBudqgRo8stPXsqOKl7OBWqk29cBH
pvJXFJjOwnUI6guwBoYZBRri0Og7VANumhMffNxytms24WJBS2HNzJnUeUNuR/BDrTbaTo
EV48iIuM7i3fSDfQz8VINBu0v30SZ7njwP0e/8NUXhoJduNTa9zWJVZ3bFmzsMYc45PCKJ
7dYWR+E2WFA+zXYawfgYjaefuiyrt/ukD6OUho5THjl6LoOjYuXtptb2nR0ayQ63W5FBO7
FWkSU9e6bmU1rFUS4dvHfyzao9mJBFikuXK6n4STHHZvwjAsRJ3FuwKTC+l4XsHdk2LLCX
SX+qt/dda/NnsipfSOygH3XfPGGWzt+XxQSWeFHqeNZo9JvUQ5qa34hMkCuqVYUgshBdyZ
kOM8HZeUmEAJquzSF45+5LhCO2MvyC3x0E3uV3bMg6yX9kGu1EaMB/E8ViRUaUUO3+86CK
kcczsYyFQ9rPAqJQaSr6/Ts2oNw7gln5gVLnMP0vAAAFoOh3+GXod/hlAAAAB3NzaC1yc2
EAAAGBANvjMPkIDBUvWgqYTx+N3OSYJQbnaoEaPLLT17KjipezgVqpNvXAR6byVxSYzsJ1
COoLsAaGGQUa4tDoO1QDbpoTH3zccrZrNuFiQUthzcyZ1HlDbkfwQ6022k6BFePIiLjO4t
30g30M/FSDQbtL99Eme548D9Hv/DVF4aCXbjU2vc1iVWd2xZs7DGHOOTwiie3WFkfhNlhQ
Ps12GsH4GI2nn7osq7f7pA+jlIaOUx45ei6Do2Ll7abW9p0dGskOt1uRQTuxVpElPXum5l
NaxVEuHbx38s2qPZiQRYpLlyup+Ekxx2b8IwLESdxbsCkwvpeF7B3ZNiywl0l/qrf3XWvz
Z7IqX0jsoB913zxhls7fl8UElnhR6njWaPSb1EOamt+ITJArqlWFILIQXcmZDjPB2XlJhA
Cars0heOfuS4QjtjL8gt8dBN7ld2zIOsl/ZBrtRGjAfxPFYkVGlFDt/vOgipHHM7GMhUPa
zwKiUGkq+v07NqDcO4JZ+YFS5zD9LwAAAAMBAAEAAAGASzIqsT87QpNq62yiwlu1SsdtAi
tplLTwRQeFICYlYzOT7PkpPml/F2yQsw5+xqlXXxKYI+L/82r6Xg7NGzIBRNd9USniYNfR
cMo1Ih5UTr/clYulzxwvSLEVfvtODROrDehSVS0lOkKSmCQ6+l5EZVYPuFE558V2LpGzU0
P2AGS0C+Sw6C0J7sgGt/vaPuJg4ODxxasS9qiakZDuHZ9GZksIqJZWMxjvRhne1RUe/5sQ
WY/S9CNFXmTs+VXWryNElrjABlq8+NdiPpG3ArPC4oURkkMyFfUfgi6C/8EfOkkpoW0pXd
SZKX5vnmMlTnD+xkiUvqQneKH32jHAcD6Hydn74RckwB88MSUnBHm0MiIE402wVHl8EVIF
Jg4S8zXFM54frcHSQekza2ejCIOEMb20LTkYr1ZwSjObZgVfVTEDKvu+NDamQLBzFU4fgd
H6CYw63iyk01dMgzEQc3ak6KzAGcASgkDb1ZqKfcFK/gfmZQVeZURWUd5NnMLA0NOBAAAA
wQCwgIYtWiIqmeo5ix421znPfmx/Q3c7F6tqr3YQq35DebKfEpn8ncOB9YdnxvHiK/4zUB
9on5KUWankgW6BeHHt5NSJTN4xCImAFiX+DCqPHx65k3d6kjJ6fDwN37dAIlOPhnMF8DIU
wzQBxiopPYxk1OR/+h4mloo0YiCmWFur1VeHenRtH12xemJYKbi8HTesyrS6D83KnCkQ/q
XDLWAdGuNrTwASLPN5JEQo3k0gyUD1LdAdDkRXYw6fb+JnXM4AAADBAPbe12EkZRcqENjF
rRn94532xj3hpQEr1f3cqzNgg/WaWAbHRE6XQLj1BkopIkmgaZCsgs7rwRz7A0+I4ZtKCI
z2B1u0KulZ4vIVDyPxM2MDpRJE4UB+1AL1RnPAFXdEgzoIq8aT/yZ/q/0kJWeWhUsaltz3
trEuYSGaBpkWiK8rwflIluPVXaUuaXwonI3CRBcbo1Ji5g7+0Nsde9SbmFAmLNuOy3jEcB
KVqYQ+qxKzvtRXWzpeSezxbQ0fRr+1XwAAAMEA5ATl3begD+KmPX6bXGvCJeXr5xIqPSyD
BrBv0nZNs23uRJ96+VknNdkHY2EpSrnN+dXEbDRX/mBcam8aO/yC97u++M8M3Ctike0UJ5
mMFk1z5NdVbXGUWXtyXkey53fC1JEW8VNRCm4SAoPKivbr531LiEr48GX07uCF+1AjZBCr
B8a7gVL0xMOTeKDXqoUFBIYlGnu3/xvTrqGs1Zwvi2FpGw5HNQrPzqT0975sR2aZWz4xRG
BLtFVRtR9p8HoxAAAAJWFuc2libGUtZ2VuZXJhdGVkIG9uIE5vZGUzLndlc3Rvcy5vcmcB
AgMEBQ==
-----END OPENSSH PRIVATE KEY-----
[root@Node1 .ansible]# ansible all -m shell -a "cat /home/TestBench/.ssh/id_rsa.pub"
172.25.254.237 | CHANGED | rc=0 >>
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDb4zD5CAwVL1oKmE8fjdzkmCUG52qBGjyy09eyo4qXs4FaqTb1wEem8lcUmM7CdQjqC7AGhhkFGuLQ6DtUA26aEx983HK2azbhYkFLYc3MmdR5Q25H8EOtNtpOgRXjyIi4zuLd9IN9DPxUg0G7S/fRJnuePA/R7/w1ReGgl241Nr3NYlVndsWbOwxhzjk8Iont1hZH4TZYUD7NdhrB+BiNp5+6LKu3+6QPo5SGjlMeOXoug6Ni5e2m1vadHRrJDrdbkUE7sVaRJT17puZTWsVRLh28d/LNqj2YkEWKS5crqfhJMcdm/CMCxEncW7ApML6Xhewd2TYssJdJf6q3911r82eyKl9I7KAfdd88YZbO35fFBJZ4Uep41mj0m9RDmprfiEyQK6pVhSCyEF3JmQ4zwdl5SYQAmq7NIXjn7kuEI7Yy/ILfHQTe5XdsyDrJf2Qa7URowH8TxWJFRpRQ7f7zoIqRxzOxjIVD2s8ColBpKvr9Ozag3DuCWfmBUucw/S8= ansible-generated on Node3.westos.org
172.25.254.137 | CHANGED | rc=0 >>
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvslbIRt7OJy+4vmhETBDmsWpaSh946Ra22RtqnF+v/R18RGpjGhFU59rDaKo/blY81daSKtvGZ/syHOzfkUQwVrhXQ4ogEiBJSklyLw8d6s+633muz9NH/ZVVIOuZHgbPpTTwQkIB8NU0qrypq/GODBt7VJpKjbfvUFiltClrr7r2eusVCCYNUdkT83NjzZ1xrXLgbO+PD7kfwQO/ewIlsAQtg8Lpjv+Hub1UwB7cfMKUY5V8F4dtBHz+JxuLMCH3HoInk0mKW+5s5Lk7DzbpBmwuev9Xvclzpb9X0FNUyFayoreaPPlbLIxShhdegI6ksway6eAQh9JuVyKVjvcNvjc4SZBe/OImzJ5Pybmdl0e1NhNlowYvkdXxiEzN+xoJV49FbBug5y2C0LuQOEQaWANabdOI6k0AkCmWdpjoioKoEtDTZmSFvfj8N1uKiZWRlP4bZmz5/q4fAW+5quDfn//mKdoXd26cjq+G8QFKMD36n5NhuHDuKoZPlU0AmVk= ansible-generated on Node2.westos.org##删除测试用账户,同时删除其家目录
[root@Node1 .ansible]# ansible all -m user -a "name=TestBench remove=yes state=absent"
172.25.254.237 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"force": false,"name": "TestBench","remove": true,"state": "absent"
}
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": true,"force": false,"name": "TestBench","remove": true,"state": "absent"
}
[root@Node1 .ansible]# ansible all -m group -a "name=TestBench state=absent"
172.25.254.237 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": false,"name": "TestBench","state": "absent"
}
172.25.254.137 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": false,"name": "TestBench","state": "absent"
}
- Lineinfile
path ##指定要操作的文件
line ##指定文本内容
regexp ##使用正则表达式匹配相应的行##当替换文本时##如果有多行文本符合条件,只有最后一行会被替换##但当删除文本时##如果有多行文本都能被匹配,均会被删除
state ##当想要删除对应的文本时需要将state参数设置为absent##默认为present##present 添加##absent 删除
backrefs ##当内容无匹配规则时不对文件做任何更改##默认值为no##用于向后引用regexp变量信息
insertafter ##将文本插入到指定的行之后##insertafter参数的值可以使用EOF或正则表达式##EOF表示文件末尾
insertbefore ##将文本插入到指定的行之前##insertbefore参数的值可以使用BOF或正则表达式
backup ##是否在修改文件之前对文件进行备份
create ##当要操作的文件不存在时,是否创建对应的文件##实例
vim /mnt/Test
Hello World
Hello Test
Hello Linuxansible all -m lineinfile -a 'path=/mnt/Test line="Hello World"'
ansible all -m lineinfile -a 'path=/mnt/Test regexp="^Test" line="Test Word"'
ansible all -m lineinfile -a 'path=/mnt/Test regexp="(H.{4}).*(T.{3})" line="\1" backrefs=yes'
ansible all -m lineinfile -a 'path=/mnt/Test line="########END########" insertafter=EOF'
ansible all -m lineinfile -a 'path=/mnt/Test line="########BEGIN########" insertbefore=BOF'
[root@Node1 .ansible]# ansible 172.25.254.137 -m shell -a "touch /mnt/Test"
[WARNING]: Consider using the file module with state=touch rather than running
'touch'. If you need to use command because file is insufficient you can add
'warn: false' to this command task or set 'command_warnings=False' in
ansible.cfg to get rid of this message.
172.25.254.137 | CHANGED | rc=0 >>[root@Node1 .ansible]# ansible 172.25.254.137 -m lineinfile -a 'path=/mnt/Test line="########END########" insertafter=EOF'
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"backup": "","changed": true,"msg": "line added"
}
[root@Node1 .ansible]# ansible 172.25.254.137 -m lineinfile -a 'path=/mnt/Test line="########BEGIN########" insertbefore=BOF'
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"backup": "","changed": true,"msg": "line added"
}
[root@Node1 .ansible]# ansible all -m lineinfile -a 'path=/mnt/Test regexp="(H.{4}).*(T.{3})" line="\1" backrefs=yes'
172.25.254.237 | FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": false,"msg": "Destination /mnt/Test does not exist !","rc": 257
}
172.25.254.137 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"backup": "","changed": true,"msg": "line replaced"
}
- Replace
##作用
根据指定的正则表达式替换文件中的字符串,所有被匹配的字符串都会被替换
与lineinfile不同的是只替换匹配部分而不是处理整行##常用参数
path ##指定要操作的文件
regexp ##指定一个正则表达式##文件中与正则匹配的字符串都会被替换
replace ##指定最终要替换成的字符串
backup ##是否在修改文件之前对文件进行备份,最好设置为yes##实例
ansible all -m replace -a 'path=/mnt/Test regexp="World" replace="Word" backup=yes'
- Setup
##作用
用于收集远程主机的一些基本信息##常用参数
filter ##用于进行条件过滤.##如果设置,仅返回匹配过滤条件的信息##实例
ansible all -m setup
ansible all -m setup -a "filter='ansible_all_ipv4_addresses'"
- Debug
##作用
用于在调试中输出信息##常用参数
msg: ##调试输出的信息
var: ##将某个任务至性的输出作为变量传递给debug模块##debug会直接将其打印输出
verbosity: ##debug的级别##默认为0级,全部显示##等级越高,显示的越少##实例
ansible all -m debug -a 'msg="Hello World" verbosity=0'
4.2 Ansible中的常用模块相关推荐
- Ansible中的常用模块介绍
文章目录 一.ansible实现管理的方式 二.Ad-Hoc执行方式中如何获得帮助 三.ansible命令运行方式及常用参数 四.ansible的基本颜色代表信息 五.ansible中的常用模块 让设 ...
- Python中的常用模块
1.sys模块(内置模块) 在sys模块中定义了一些函数和变量,用来设置和获取系统的信息. # Python中的常用模块:sys模块 import sys sys.path.append('./tes ...
- Ansible简介及常用模块
一.基础介绍 1.简介 ansible是新出现的自动化运维工具,基于Python开发,集合了众多运维工具(puppet.cfengine.chef.func.fabric)的优点,实现了批量系统配置. ...
- Ansible基础和常用模块(一)
文章目录 1. Ansible 概述 2. Ansible 安装配置 3. Ansible Inventory 清单 4. Ansible ad-hoc 5. Ansible 功能模块 5.1 Ans ...
- Ansible几个常用模块
文章目录 一,Ansible简介 二,Ansible安装 三,Ansible 命令行模块 1.command 模块 2.shell模块 3.cron 模块 4.user模块 5.group模块 6.c ...
- ansible命令行常用模块
1.shell 模块 此模块用于在各被管理节点运行指定的命令 [root@xinlibao tmp]# ansible test -m shell -a 'cd /tmp/ && to ...
- 总结Ansible中常用模块
文章目录 前言 一.ansible实现管理的方式 二.Ad-Hoc执行方式中如何获得帮助 三.ansible命令运行方式及常用参数 四.ansible的基本颜色代表信 五.ansible中的常用模块 ...
- Ansible简介及各模块用法实操
目录 一,Ansible简介及工作原理过程 1,简介 2,工作原理过程 二,基础坏境配置 1,安装 2,ssh配置 三,Ansible入门及常用模块用法 1,静态资产 2,自定义动态资产 3,使用资 ...
- ansible自动化运维(二)——环境部署及常用模块的使用
实验环境 主机 ip server1(主控端) 172.25.6.1 server2(节点) 172.25.6.2 server3(节点) 172.25.6.3 一.环境部署 ansible的配置文件 ...
最新文章
- Android判断应用是否拥有某种权限
- 图文具体解释 IntelliJ IDEA 15 创建 Maven 构建的 Java Web 项目(使用 Jetty 容器)
- Vue CLI 3开发中屏蔽烦人的EsLint错误
- SDEBECMSrv服务
- 在家办公上课成强需求 钉钉峰值流量暴增百倍
- 常见危险函数及特殊函数(一)
- suse11 mysql 5.7_SUSE Linux系统中单实例二进制方式安装MySQL 5.7.22
- 如何理解互斥锁、条件锁、读写锁以及自旋锁?(转载)
- DPDK之KNI原理
- java中猜字母_Java有大神会写 猜字母游戏
- VSCode配置cpp环境
- 微信公众平台 登陆php,javascript - 微信公众号开发,如何使用户保持登录状态
- 神鬼传奇客户端解包图片(ui\common)
- 数据挖掘经典算法--priori算法
- 三级等保 关闭111端口
- android8 保卫萝卜,保卫萝卜挑战8攻略图解,学会这些,轻松过第八关
- 怎么在php中加拼图游戏,js+html5实现可在手机上玩的拼图游戏
- 【遗传算法GA】--计算函数最值(Python)
- linux中哪个系统适合做服务器
- IOS开发之——更换Storyboard
热门文章
- Java集成AWS的SES服务
- Kibana:Kibana Query Language - KQL
- 通达信l2数据接口与MACD指标结合
- 批处理bat一键安装APK
- 计算机英语词汇频率统计,托福英语语法经典词汇与频率统计
- Fatal: HttpRequestException encountered.
- 大数据生态系统组件基础学习
- 用深度学习做命名实体识别(二):文本标注工具brat
- linux环境变量占位符,linuxea:go fmt简单用法和占位符使用(6)
- 锐捷设备设置console和enable密码