0 command
默认,直接-a "ifconfig"
1 shell
用到变量、管道时
ansible s21 -m shell -a "echo pwd | passwd --stdin user1"
此时用command无效
2 script
将本地脚本复制到远程,并运行
ansible s21 -m script -a "/tmp/test.sh"
3 debug
ansible s21 -m debug -a "msg={{ 'mypassword' | password_hash('sha512', 'mysecretsalt') }}"
4 cron
state:
present
absent
ansible s21 -m cron -a 'minute="*/10" job="/bin/echo hello" name="test cron job" state=present'
5 user
5.1 playbook直接设定方式
---
- hosts: s21
gather_facts: false
tasks:
- name: change user passwd
user: name={{ item.name }} password={{ item.chpass | password_hash('sha512') }} update_password=always
with_items:
- { name: 'u1', chpass: 'abc' }
- { name: 'u2', chpass: 'bcd' }
ansible-playbook user.yml
5.2 playbook传参数方式
---
- hosts: s21
gather_facts: false
tasks:
- name: Change password
user: name={{ name1 }} password={{ chpass | password_hash('sha512') }} update_password=always
ansible-playbook user-param.yml -e "name1=u1 chpass=aaa"
5.3 python手动加密
>>> import crypt
>>> crypt.crypt('abc')
'$6$1JV5iq/jgGos6Bwe$yIuouAmby/zljZFmayyVb.rvSaqRihi9oWYj25OsIruhwQqeBhO5Om78pNFOWu1Q1E58mfq1wBZiS0B6x7xMu0'
ansible s21 -m user -a 'name=u1 password=$6$1JV5iq/jgGos6Bwe$yIuouAmby/zljZFmayyVb.rvSaqRihi9oWYj25OsIruhwQqeBhO5Om78pNFOWu1Q1E58mfq1wBZiS0B6x7xMu0 state=present'
5.4 shell模式
ansible s21 -m shell -a "echo pwd | passwd --stdin user1"
6 group
ansible s21 -m group -a 'name=mysql system=yes'
ansible s21 -m user -a 'name=mysql system=yes group=mysql'
7 copy
有源拷贝
ansible s21 -m copy -a "src=user.yml dest=/tmp/ owner=u1 mode=600"
无源创建
ansible s225 -m copy -a "content='aaa
' dest=/tmp/test/abc"
8 file
权限
ansible s21 -m file -a 'owner=mysql group=mysql mode=664 path=/tmp/a.txt'
软链接
ansible s225 -m file -a 'path=/tmp/test/d src=/tmp/test/abc state=link'
等同ln -s abc d
9 service
ansible s21 -m service -a "name=httpd state=started enabled=true"
# started stoped restarted
10 yum
ansible s21 -m yum -a 'name=lrzsz state=present'
# present latest absent
版本号
11 setup 收集信息
ansible s12 -m setup
12 lineinfile
ansible s225 -m lineinfile -a "path=/tmp/test/abc line=aaa"
匹配确保一行内容存在,否则添加。
ansible s225 -m lineinfile -a "path=/tmp/test/abc regexp="^aaa" line=AAA"
替换,多行匹配仅对最后次。未匹配到时添加
ansible s225 -m lineinfile -a "path=/tmp/test/abc regexp="^aadfsf" line=ZZZ backrefs=yes"
未匹配到不添加
ansible s225 -m lineinfile -a "path=/tmp/test/abc regexp="^aaa" state=absent"
删除所有匹配行。 (以便删除重复再添加等操作)