学海无涯
go,go,go

ansible-常用模块:yum、synchronize、user、setup(三)

yum模块
常用参数
name参数:必须参数,用于指定要操作的唯一的仓库ID,也就是”.repo”配置文件中每个仓库对应的”中括号”内的仓库ID。
baseurl参数:此参数用于设置 yum 仓库的 baseurl。
description参数:此参数用于设置仓库的注释信息,也就是”.repo”配置文件中每个仓库对应的”name字段”对应的内容。
file参数:此参数用于设置仓库的配置文件名称,即设置”.repo”配置文件的文件名前缀,在不使用此参数的情况下,默认以 name 参数的仓库ID作为”.repo”配置文件的文件名前缀,同一个”.repo” 配置文件中可以存在多个 yum 源。
enabled参数:此参数用于设置是否激活对应的 yum 源,此参数默认值为 yes,表示启用对应的 yum 源,设置为 no 表示不启用对应的 yum 源。
gpgcheck参数:此参数用于设置是否开启 rpm 包验证功能,默认值为 no,表示不启用包验证,设置为 yes 表示开启包验证功能。
gpgcakey参数:当 gpgcheck 参数设置为 yes 时,需要使用此参数指定验证包所需的公钥。
state参数:默认值为 present,当值设置为 absent 时,表示删除对应的 yum 源。

name=指定你要安装的命令或者软件的名称
[root@ansible tmp]# ansible all -m yum -a 'name=dstat'
192.168.2.196 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "changes": {
        "installed": [
            "dstat"
        ]
    }, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirrors.aliyun.com\n * extras: mirrors.aliyun.com\n * updates: mirrors.aliyun.com\nResolving Dependencies\n--> Running transaction check\n---> Package dstat.noarch 0:0.7.2-12.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package         Arch             Version                  Repository      Size\n================================================================================\nInstalling:\n dstat           noarch           0.7.2-12.el7             base           163 k\n\nTransaction Summary\n================================================================================\nInstall  1 Package\n\nTotal download size: 163 k\nInstalled size: 752 k\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n  Installing : dstat-0.7.2-12.el7.noarch                                    1/1 \n  Verifying  : dstat-0.7.2-12.el7.noarch                                    1/1 \n\nInstalled:\n  dstat.noarch 0:0.7.2-12.el7                                                   \n\nComplete!\n"
    ]
}

#检查。安装成功
[root@ansible tmp]# ansible all -m shell -a 'rpm -ql dstat'
[WARNING]: Consider using the yum, dnf or zypper module rather than running 'rpm'.  If you need to use command because yum, dnf or zypper is insufficient you can add
'warn: false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid of this message.

192.168.2.197 | CHANGED | rc=0 >>
/usr/bin/dstat
/usr/share/doc/dstat-0.7.2
/usr/share/doc/dstat-0.7.2/AUTHORS
/usr/share/doc/dstat-0.7.2/COPYING
/usr/share/doc/dstat-0.7.2/ChangeLog
/usr/share/doc/dstat-0.7.2/README
/usr/share/doc/dstat-0.7.2/TODO
/usr/share/doc/dstat-0.7.2/counter-rollovers.html
/usr/share/doc/dstat-0.7.2/counter-rollovers.txt
/usr/share/doc/dstat-0.7.2/cplugins.html
/usr/share/doc/dstat-0.7.2/cplugins.txt
/usr/share/doc/dstat-0.7.2/dstat-paper.html
/usr/share/doc/dstat-0.7.2/dstat-paper.txt
/usr/share/doc/dstat-0.7.2/dstat.1.html
/usr/share/doc/dstat-0.7.2/dstat.1.txt
/usr/share/doc/dstat-0.7.2/examples
/usr/share/doc/dstat-0.7.2/examples.html
/usr/share/doc/dstat-0.7.2/examples.txt
/usr/share/doc/dstat-0.7.2/examples/curstest
/usr/share/doc/dstat-0.7.2/examples/devtest.py
/usr/share/doc/dstat-0.7.2/examples/mmpipe.py
/usr/share/doc/dstat-0.7.2/examples/mstat.py
/usr/share/doc/dstat-0.7.2/examples/read.py
/usr/share/doc/dstat-0.7.2/examples/tdbtest
/usr/share/doc/dstat-0.7.2/performance.html
/usr/share/doc/dstat-0.7.2/performance.txt
/usr/share/doc/dstat-0.7.2/screen.html
/usr/share/doc/dstat-0.7.2/screen.txt
/usr/share/dstat
/usr/share/dstat/dstat.py
/usr/share/dstat/dstat.pyc
/usr/share/dstat/dstat.pyo
/usr/share/dstat/dstat_battery.


卸载
name指定要删除软件或命令的名称,state=absent表示删除
[root@ansible tmp]# ansible all -m yum -a 'name=dstat state=abesnt'
synchronize模块
选项说明
archive                # 是否采用归档模式同步,即以源文件相同属性同步到目标地址
checksum               # 是否效验
compress               # 开启压缩,默认为开启
copy_links             # 同步的时候是否复制连接
delete                 # 删除源中没有而目标存在的文件(即以推送方为主)
dest=                  # 目标地址
dest_port              # 目标接受的端口,ansible配置文件中的 ansible_ssh_port 变量优先级高于该 dest_port 变量
dirs                   # 以非递归的方式传输目录
existing_only          # Skip creating new files on receiver.
group                  # Preserve group
links                  # Copy symlinks as symlinks.
mode                   # 模式,rsync 同步的方式 PUSH\PULL,默认都是推送push。如果你在使用拉取pull功能的时候,可以参考如下来实现mode=pull   更改推送模式为拉取模式
recursive              # 是否递归 yes/no
rsync_opts             # 使用rsync 的参数
rsync_path             # 服务的路径,指定 rsync 命令来在远程服务器上运行。这个参考rsync命令的--rsync-path参数,--rsync-path=PATH     # 指定远程服务器上的rsync命令所在路径信息
rsync_timeout          # 指定 rsync 操作的 IP 超时时间,和rsync命令的 --timeout 参数效果一样.
set_remote_user        # put user@ for the remote paths. If you have a custom ssh config to define the remote user for
src=\‘#\‘"                 # 源,同步的数据源
times                  # 
--exclude=.Git  忽略同步.git结尾的文件

由于模块默认启用了archive参数,该参数默认开启了recursive, links, perms, times, owner,group和-D参数。如果你将该参数设置为no,那么你将停止很多参数,比如会导致如下目的递归失败,导致无法拉取
使用rsync 模块,系统必须安装rsync 包,否则无法使用这个模块

[root@lnmp ~]# ansible test -m synchronize -a "src=/etc/hosts dest=/tmp/"
10.128.30.74 | SUCCESS => {
"changed": true, 
"cmd": "/usr/bin/rsync --delay-updates -F --compress --archive --rsh=/usr/bin/ssh -S none -o Port=52113 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null --out-format=<<CHANGED>>%i %n%L /etc/hosts 10.128.30.74:/tmp/", 
"msg": "<f+++++++++ hosts\n", 
"rc": 0, 
"stdout_lines": [
"<f+++++++++ hosts"
]
}
src=/etc/hosts 指定管理机要推送目标源文件
dest=/tmp 指定被控主机接收文件目录‘


推送目录
[root@lnmp test]# ansible test -m synchronize -a "src=/tmp/test dest=/tmp"
10.128.30.74 | SUCCESS => {
"changed": true, 
"cmd": "/usr/bin/rsync --delay-updates -F --compress --archive --rsh=/usr/bin/ssh -S none -o Port=52113 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null --out-format=<<CHANGED>>%i %n%L /tmp/test 10.128.30.74:/tmp", 
"msg": ".d..t...... test/\n<f+++++++++ test/aa\n", 
"rc": 0, 
"stdout_lines": [
".d..t...... test/", 
"<f+++++++++ test/aa"
]
}
src=/tmp/test 指定管理机要推送目标源文件
dest=/tmp 指定被控主机接收文件目录
[root@lamp test]# pwd
/tmp/test
[root@lamp test]# ls -l|wc -l
1001
推送1000个小文件1秒搞定

从被管理机器上面拉取文件
[root@lnmp test]# ansible test -m synchronize -a "src=/tmp/test/aa dest=/tmp mode=pull"
10.128.30.74 | SUCCESS => {
"changed": true, 
"cmd": "/usr/bin/rsync --delay-updates -F --compress --archive --rsh=/usr/bin/ssh -S none -o Port=52113 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null --out-format=<<CHANGED>>%i %n%L 10.128.30.74:/tmp/test/aa /tmp", 
"msg": ">f+++++++++ aa\n", 
"rc": 0, 
"stdout_lines": [
">f+++++++++ aa"
]
}
src=/tmp/test/aa 被控主机要拉取到管理机器的文件路径
dest=/tmp 啦到管理机器目录路径
mode=pull 把推送模式改为拉取

拉取目录
[root@lnmp tmp]# ansible test -m synchronize -a "src=/tmp/test dest=/tmp mode=pull"
10.128.30.74 | SUCCESS => {
"changed": true, 
"cmd": "/usr/bin/rsync --delay-updates -F --compress --archive --rsh=/usr/bin/ssh -S none -o Port=52113 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null --out-format=<<CHANGED>>%i %n%L 10.128.30.74:/tmp/test /tmp", 
"msg": "cd+++++++++ test/\n>f+++++++++ test/aa\n", 
"rc": 0, 
"stdout_lines": [
"cd+++++++++ test/", 
">f+++++++++ test/aa"
]
}
[root@lnmp tmp]# ls
a test
src=/tmp/test被控主机要拉取到管理机器的目录路径
dest=/tmp 啦到管理机器目录路径
mode=pull 把推送模式改为拉取
user模块
name=test2 指定要创建的账号
comment="user test"加描述
uid=2000设置uid
home=/app/test2指定家目录
group=wang指定组组为wang
groups=root,wang,bin设置好几个辅助组
[root@ansible tmp]# ansible all -m user -a 'name=test22 comment="test22的描述信息" uid=2000 home=/tmp/test22 group=wang groups=root,bin'
192.168.2.189 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "test22的描述信息", 
    "create_home": true, 
    "group": 1000, 
    "groups": "root,bin", 
    "home": "/tmp/test22", 
    "name": "test22", 
    "shell": "/bin/bash", 
    "state": "present", 
    "stderr": "useradd: warning: the home directory already exists.\nNot copying any file from skel directory into it.\n", 
    "stderr_lines": [
        "useradd: warning: the home directory already exists.", 
        "Not copying any file from skel directory into it."
    ], 
    "system": false, 
    "uid": 2000
}
192.168.2.196 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "test22的描述信息", 
    "create_home": true, 
    "group": 1000, 
    "groups": "root,bin", 
    "home": "/tmp/test22", 
    "name": "test22", 
    "shell": "/bin/bash", 
    "state": "present", 
    "stderr": "useradd: warning: the home directory already exists.\nNot copying any file from skel directory into it.\n", 
    "stderr_lines": [
        "useradd: warning: the home directory already exists.", 
        "Not copying any file from skel directory into it."
    ], 
    "system": false, 
    "uid": 2000
}
192.168.2.197 | CHANGED => {
    "ansible_facts": {


#检查
[root@ansible tmp]# ansible all -a 'getent passwd test22'
192.168.2.197 | CHANGED | rc=0 >>
test22:x:2000:1000:test22的描述信息:/tmp/test22:/bin/bash

192.168.2.196 | CHANGED | rc=0 >>
test22:x:2000:1000:test22的描述信息:/tmp/test22:/bin/bash

192.168.2.189 | CHANGED | rc=0 >>
test22:x:2000:1000:test22的描述信息:/tmp/test22:/bin/bash

创建系统用户
shell=/sbin/nologin指定创建用户的shell为/sbin/nologin
system=yes表示创建的是系统用户
[root@ansible tmp]# ansible all -m user -a 'name=sysuser system=yes shell=/sbin/nologin'
192.168.2.196 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 995, 
    "home": "/home/sysuser", 
    "name": "sysuser", 
    "shell": "/sbin/nologin", 
    "state": "present", 
    "system": true, 
    "uid": 997
}
192.168.2.197 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 995, 
    "home": "/home/sysuser", 
    "name": "sysuser", 
    "shell": "/sbin/nologin", 
    "state": "present", 
    "system": true, 
    "uid": 997
}
192.168.2.189 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 995, 
    "home": "/home/sysuser", 
    "name": "sysuser", 
    "shell": "/sbin/nologin", 
    "state": "present", 
    "system": true, 
    "uid": 997
}

检查
[root@ansible tmp]# ansible all -a 'id sysuser'
192.168.2.196 | CHANGED | rc=0 >>
uid=997(sysuser) gid=995(sysuser) groups=995(sysuser)

192.168.2.189 | CHANGED | rc=0 >>
uid=997(sysuser) gid=995(sysuser) groups=995(sysuser)

192.168.2.197 | CHANGED | rc=0 >>
uid=997(sysuser) gid=995(sysuser) groups=995(sysuser)

[root@ansible tmp]# ansible all -a 'getent passwd sysuser'
192.168.2.196 | CHANGED | rc=0 >>
sysuser:x:997:995::/home/sysuser:/sbin/nologin

192.168.2.197 | CHANGED | rc=0 >>
sysuser:x:997:995::/home/sysuser:/sbin/nologin

192.168.2.189 | CHANGED | rc=0 >>
sysuser:x:997:995::/home/sysuser:/sbin/nologin
setup模块:这个setup模块是用来记录显示每个主机所有系统状态信息,如主机名,ip地址,mac地址等等,setup模块
有主机非常多的信息,里面的信息都是键值对。写剧本可以使用setup里面的变量来做条件判断执行剧本,或者直接把
变量拿到剧本里面使用
显示web的主机
[root@ansible ansible]# ansible web --list-hosts
  hosts (2):
    192.168.2.189
    192.168.2.196
显示所有的主机
[root@ansible ansible]# ansible all --list-hosts
  hosts (3):
    192.168.2.189
    192.168.2.196
    192.168.2.197

setup模块操作 
显示所有主机版本
-m指定模块为setup
grep过滤关键字version版本
[root@ansible ansible]# ansible all -m setup |grep version
        "ansible_bios_version": "6.00", 
        "ansible_distribution_major_version": "7",   过滤到的主机版本变量
        "ansible_distribution_version": "7.5", 
        "ansible_kernel_version": "#1 SMP Fri Apr 20 16:44:24 UTC 2018", 
        "ansible_product_version": "None", 
            "version": {
            "version_info": [
        "ansible_python_version": "2.7.5", 
        "ansible_bios_version": "6.00", 
        "ansible_distribution_major_version": "7", 
        "ansible_distribution_version": "7.5", 
        "ansible_kernel_version": "#1 SMP Fri Apr 20 16:44:24 UTC 2018", 
        "ansible_product_version": "None", 
            "version": {
            "version_info": [
        "ansible_python_version": "2.7.5", 
        "ansible_bios_version": "6.00", 
        "ansible_distribution_major_version": "7", 
        "ansible_distribution_version": "7.5", 
        "ansible_kernel_version": "#1 SMP Fri Apr 20 16:44:24 UTC 2018", 
        "ansible_product_version": "None", 
            "version": {
            "version_info": [
        "ansible_python_version": "2.7.5", 
		
		
"ansible_distribution_major_version": "7",   过滤到的主机版本变量

显示所有被管理机器的ip地址
[root@ansible ansible]# ansible all -m setup|grep -C3 addresses
192.168.2.197 | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "192.168.2.197"
        ], 
        "ansible_all_ipv6_addresses": [
            "fe80::9fc:e65a:6509:88b", 
            "fe80::ad83:d880:8712:38d2", 
            "fe80::bd47:70d2:e1fc:f307"
--
}
192.168.2.196 | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "192.168.2.196"
        ], 
        "ansible_all_ipv6_addresses": [
            "fe80::9fc:e65a:6509:88b", 
            "fe80::ad83:d880:8712:38d2", 
            "fe80::bd47:70d2:e1fc:f307"
--
}
192.168.2.189 | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "192.168.2.189"
        ], 
        "ansible_all_ipv6_addresses": [
            "fe80::9fc:e65a:6509:88b", 
            "fe80::ad83:d880:8712:38d2", 
            "fe80::bd47:70d2:e1fc:f307"



setup本身支持过滤使用filter=*address*过滤出ip地址
[root@ansible ansible]# ansible all -m setup -a 'filter=*address*'
192.168.2.197 | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "192.168.2.197"
        ], 
        "ansible_all_ipv6_addresses": [
            "fe80::9fc:e65a:6509:88b", 
            "fe80::ad83:d880:8712:38d2", 
            "fe80::bd47:70d2:e1fc:f307"
        ], 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.2.196 | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "192.168.2.196"
        ], 
        "ansible_all_ipv6_addresses": [
            "fe80::9fc:e65a:6509:88b", 
            "fe80::ad83:d880:8712:38d2", 
            "fe80::bd47:70d2:e1fc:f307"
        ], 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
192.168.2.189 | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "192.168.2.189"
        ], 
        "ansible_all_ipv6_addresses": [
            "fe80::9fc:e65a:6509:88b", 
            "fe80::ad83:d880:8712:38d2", 
            "fe80::bd47:70d2:e1fc:f307"
        ], 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
赞(0) 打赏
未经允许不得转载:YYQ运维技术博客_运维的工作学习之路 » ansible-常用模块:yum、synchronize、user、setup(三)
分享到: 更多 (0)

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址

运维devops

联系我们关于本博客

觉得文章有用就打赏一下文章作者

支付宝扫一扫打赏

微信扫一扫打赏