ansible基础-ansible的安装和常用模块介绍
作者:尹正杰
版权声明:原创作品,谢绝转载!否则将追究法律责任。
一.ansible基础知识
1>.什么是ansible
ansible是新出现的自动化运维工具,基于Python开发,集合了众多运维工具(puppet、cfengine、chef、func、fabric)的优点,实现了批量系统配置、批量程序部署、批量运行命令等功能。
2>.ansible特点
模块化:调用特定的模块,完成特定任务。
基于Python语言实现,由Paramiko,PyYAML和Jinja2三个关键模块。
部署简单:agentless。
支持自定义模块。
支持playbook。
幂等性特性。
2>.ansible架构图
二.安装和配置ansible
1>.查看yum源,我们此处默认你的服务器是可以联网
[root@node101.yinzhengjie.org.cn ~]# yum repolist Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.shu.edu.cn * extras: mirrors.shu.edu.cn * updates: mirrors.nwsuaf.edu.cn repo id repo name status base/7/x86_64 CentOS-7 - Base 10,019 extras/7/x86_64 CentOS-7 - Extras 371 updates/7/x86_64 CentOS-7 - Updates 1,158 repolist: 11,548 [root@node101.yinzhengjie.org.cn ~]#
2>.查看当前的yum支持的ansible版本
[root@node101.yinzhengjie.org.cn ~]# yum info ansible Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.shu.edu.cn * extras: mirrors.shu.edu.cn * updates: mirrors.nwsuaf.edu.cn Available Packages Name : ansible Arch : noarch Version : 2.4.2.0 Release : 2.el7 Size : 7.6 M Repo : extras/7/x86_64 Summary : SSH-based configuration management, deployment, and task execution system URL : http://ansible.com License : GPLv3+ Description : : Ansible is a radically simple model-driven configuration management, : multi-node deployment, and remote task execution system. Ansible works : over SSH and does not require any software or daemons to be installed : on remote nodes. Extension modules can be written in any language and : are transferred to managed machines automatically. [root@node101.yinzhengjie.org.cn ~]#
3>.安装ansible
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# yum -y install ansible Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.shu.edu.cn * extras: mirrors.shu.edu.cn * updates: mirrors.nwsuaf.edu.cn Resolving Dependencies --> Running transaction check ---> Package ansible.noarch 0:2.4.2.0-2.el7 will be installed --> Processing Dependency: sshpass for package: ansible-2.4.2.0-2.el7.noarch --> Processing Dependency: python2-jmespath for package: ansible-2.4.2.0-2.el7.noarch --> Processing Dependency: python-six for package: ansible-2.4.2.0-2.el7.noarch --> Processing Dependency: python-setuptools for package: ansible-2.4.2.0-2.el7.noarch --> Processing Dependency: python-passlib for package: ansible-2.4.2.0-2.el7.noarch --> Processing Dependency: python-paramiko for package: ansible-2.4.2.0-2.el7.noarch --> Processing Dependency: python-jinja2 for package: ansible-2.4.2.0-2.el7.noarch --> Processing Dependency: python-httplib2 for package: ansible-2.4.2.0-2.el7.noarch --> Processing Dependency: python-cryptography for package: ansible-2.4.2.0-2.el7.noarch --> Processing Dependency: PyYAML for package: ansible-2.4.2.0-2.el7.noarch --> Running transaction check ---> Package PyYAML.x86_64 0:3.10-11.el7 will be installed --> Processing Dependency: libyaml-0.so.2()(64bit) for package: PyYAML-3.10-11.el7.x86_64 ---> Package python-httplib2.noarch 0:0.9.2-1.el7 will be installed ---> Package python-jinja2.noarch 0:2.7.2-2.el7 will be installed --> Processing Dependency: python-babel >= 0.8 for package: python-jinja2-2.7.2-2.el7.noarch --> Processing Dependency: python-markupsafe for package: python-jinja2-2.7.2-2.el7.noarch ---> Package python-paramiko.noarch 0:2.1.1-9.el7 will be installed --> Processing Dependency: python2-pyasn1 for package: python-paramiko-2.1.1-9.el7.noarch ---> Package python-passlib.noarch 0:1.6.5-2.el7 will be installed ---> Package python-setuptools.noarch 0:0.9.8-7.el7 will be installed --> Processing Dependency: python-backports-ssl_match_hostname for package: python-setuptools-0.9.8-7.el7.noarch ---> Package python-six.noarch 0:1.9.0-2.el7 will be installed ---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed --> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64 --> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64 --> Processing Dependency: python-ipaddress for package: python2-cryptography-1.7.2-2.el7.x86_64 --> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64 --> Processing Dependency: libcrypto.so.10(OPENSSL_1.0.2)(64bit) for package: python2-cryptography-1.7.2-2.el7.x86_64 ---> Package python2-jmespath.noarch 0:0.9.0-3.el7 will be installed ---> Package sshpass.x86_64 0:1.06-2.el7 will be installed --> Running transaction check ---> Package libyaml.x86_64 0:0.1.4-11.el7_0 will be installed ---> Package openssl-libs.x86_64 1:1.0.1e-42.el7.9 will be updated --> Processing Dependency: openssl-libs(x86-64) = 1:1.0.1e-42.el7.9 for package: 1:openssl-1.0.1e-42.el7.9.x86_64 ---> Package openssl-libs.x86_64 1:1.0.2k-16.el7 will be an update ---> Package python-babel.noarch 0:0.9.6-8.el7 will be installed ---> Package python-backports-ssl_match_hostname.noarch 0:3.5.0.1-1.el7 will be installed --> Processing Dependency: python-backports for package: python-backports-ssl_match_hostname-3.5.0.1-1.el7.noarch ---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed --> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64 ---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed ---> Package python-idna.noarch 0:2.4-1.el7 will be installed ---> Package python-ipaddress.noarch 0:1.0.16-2.el7 will be installed ---> Package python-markupsafe.x86_64 0:0.11-10.el7 will be installed ---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed --> Running transaction check ---> Package openssl.x86_64 1:1.0.1e-42.el7.9 will be updated ---> Package openssl.x86_64 1:1.0.2k-16.el7 will be an update ---> Package python-backports.x86_64 0:1.0-8.el7 will be installed ---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed --> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch --> Running transaction check ---> Package python-ply.noarch 0:3.4-11.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ========================================================================================================================================================================================================================================= Package Arch Version Repository Size ========================================================================================================================================================================================================================================= Installing: ansible noarch 2.4.2.0-2.el7 extras 7.6 M Installing for dependencies: PyYAML x86_64 3.10-11.el7 base 153 k libyaml x86_64 0.1.4-11.el7_0 base 55 k python-babel noarch 0.9.6-8.el7 base 1.4 M python-backports x86_64 1.0-8.el7 base 5.8 k python-backports-ssl_match_hostname noarch 3.5.0.1-1.el7 base 13 k python-cffi x86_64 1.6.0-5.el7 base 218 k python-enum34 noarch 1.0.4-1.el7 base 52 k python-httplib2 noarch 0.9.2-1.el7 extras 115 k python-idna noarch 2.4-1.el7 base 94 k python-ipaddress noarch 1.0.16-2.el7 base 34 k python-jinja2 noarch 2.7.2-2.el7 base 515 k python-markupsafe x86_64 0.11-10.el7 base 25 k python-paramiko noarch 2.1.1-9.el7 updates 269 k python-passlib noarch 1.6.5-2.el7 extras 488 k python-ply noarch 3.4-11.el7 base 123 k python-pycparser noarch 2.14-1.el7 base 104 k python-setuptools noarch 0.9.8-7.el7 base 397 k python-six noarch 1.9.0-2.el7 base 29 k python2-cryptography x86_64 1.7.2-2.el7 base 502 k python2-jmespath noarch 0.9.0-3.el7 extras 39 k python2-pyasn1 noarch 0.1.9-7.el7 base 100 k sshpass x86_64 1.06-2.el7 extras 21 k Updating for dependencies: openssl x86_64 1:1.0.2k-16.el7 base 493 k openssl-libs x86_64 1:1.0.2k-16.el7 base 1.2 M Transaction Summary ========================================================================================================================================================================================================================================= Install 1 Package (+22 Dependent packages) Upgrade ( 2 Dependent packages) Total download size: 14 M Downloading packages: Delta RPMs disabled because /usr/bin/applydeltarpm not installed. warning: /var/cache/yum/x86_64/7/base/packages/PyYAML-3.10-11.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY Public key for PyYAML-3.10-11.el7.x86_64.rpm is not installed (1/25): PyYAML-3.10-11.el7.x86_64.rpm | 153 kB 00:00:00 (2/25): libyaml-0.1.4-11.el7_0.x86_64.rpm | 55 kB 00:00:00 (3/25): python-backports-1.0-8.el7.x86_64.rpm | 5.8 kB 00:00:00 (4/25): python-backports-ssl_match_hostname-3.5.0.1-1.el7.noarch.rpm | 13 kB 00:00:00 (5/25): openssl-1.0.2k-16.el7.x86_64.rpm | 493 kB 00:00:00 (6/25): python-enum34-1.0.4-1.el7.noarch.rpm | 52 kB 00:00:00 (7/25): python-cffi-1.6.0-5.el7.x86_64.rpm | 218 kB 00:00:00 (8/25): python-babel-0.9.6-8.el7.noarch.rpm | 1.4 MB 00:00:00 Public key for python-httplib2-0.9.2-1.el7.noarch.rpm is not installed (9/25): python-httplib2-0.9.2-1.el7.noarch.rpm | 115 kB 00:00:00 (10/25): python-idna-2.4-1.el7.noarch.rpm | 94 kB 00:00:00 (11/25): python-ipaddress-1.0.16-2.el7.noarch.rpm | 34 kB 00:00:00 (12/25): python-markupsafe-0.11-10.el7.x86_64.rpm | 25 kB 00:00:00 Public key for python-paramiko-2.1.1-9.el7.noarch.rpm is not installed (13/25): python-paramiko-2.1.1-9.el7.noarch.rpm | 269 kB 00:00:00 (14/25): python-jinja2-2.7.2-2.el7.noarch.rpm | 515 kB 00:00:00 (15/25): python-ply-3.4-11.el7.noarch.rpm | 123 kB 00:00:00 (16/25): python-passlib-1.6.5-2.el7.noarch.rpm | 488 kB 00:00:00 (17/25): python-pycparser-2.14-1.el7.noarch.rpm | 104 kB 00:00:00 (18/25): python-six-1.9.0-2.el7.noarch.rpm | 29 kB 00:00:00 (19/25): python-setuptools-0.9.8-7.el7.noarch.rpm | 397 kB 00:00:00 (20/25): python2-pyasn1-0.1.9-7.el7.noarch.rpm | 100 kB 00:00:00 (21/25): python2-jmespath-0.9.0-3.el7.noarch.rpm | 39 kB 00:00:01 (22/25): python2-cryptography-1.7.2-2.el7.x86_64.rpm | 502 kB 00:00:01 (23/25): ansible-2.4.2.0-2.el7.noarch.rpm | 7.6 MB 00:00:04 openssl-libs-1.0.2k-16.el7.x86 FAILED http://mirrors.njupt.edu.cn/centos/7.6.1810/os/x86_64/Packages/openssl-libs-1.0.2k-16.el7.x86_64.rpm: [Errno 14] HTTP Error 302 - Found===================================================== ] 2.0 MB/s | 12 MB 00:00:00 ETA Trying other mirror. sshpass-1.06-2.el7.x86_64.rpm FAILED 95% [=======================================================================================- ] 134 kB/s | 13 MB 00:00:05 ETA http://mirrors.njupt.edu.cn/centos/7.6.1810/extras/x86_64/Packages/sshpass-1.06-2.el7.x86_64.rpm: [Errno 14] HTTP Error 302 - Found===============================================================- ] 134 kB/s | 13 MB 00:00:05 ETA Trying other mirror. (24/25): sshpass-1.06-2.el7.x86_64.rpm | 21 kB 00:00:00 (25/25): openssl-libs-1.0.2k-16.el7.x86_64.rpm | 1.2 MB 00:00:02 ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 595 kB/s | 14 MB 00:00:23 Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 Importing GPG key 0xF4A80EB5: Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>" Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5 Package : centos-release-7-2.1511.el7.centos.2.10.x86_64 (@anaconda) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/27 Installing : python-ipaddress-1.0.16-2.el7.noarch 2/27 Installing : python-six-1.9.0-2.el7.noarch 3/27 Updating : 1:openssl-libs-1.0.2k-16.el7.x86_64 4/27 Updating : 1:openssl-1.0.2k-16.el7.x86_64 5/27 Installing : python-httplib2-0.9.2-1.el7.noarch 6/27 Installing : python-enum34-1.0.4-1.el7.noarch 7/27 Installing : libyaml-0.1.4-11.el7_0.x86_64 8/27 Installing : PyYAML-3.10-11.el7.x86_64 9/27 Installing : python-backports-1.0-8.el7.x86_64 10/27 Installing : python-backports-ssl_match_hostname-3.5.0.1-1.el7.noarch 11/27 Installing : python-setuptools-0.9.8-7.el7.noarch 12/27 Installing : python-babel-0.9.6-8.el7.noarch 13/27 Installing : python-passlib-1.6.5-2.el7.noarch 14/27 Installing : python-ply-3.4-11.el7.noarch 15/27 Installing : python-pycparser-2.14-1.el7.noarch 16/27 Installing : python-cffi-1.6.0-5.el7.x86_64 17/27 Installing : python-markupsafe-0.11-10.el7.x86_64 18/27 Installing : python-jinja2-2.7.2-2.el7.noarch 19/27 Installing : python-idna-2.4-1.el7.noarch 20/27 Installing : python2-cryptography-1.7.2-2.el7.x86_64 21/27 Installing : python-paramiko-2.1.1-9.el7.noarch 22/27 Installing : sshpass-1.06-2.el7.x86_64 23/27 Installing : python2-jmespath-0.9.0-3.el7.noarch 24/27 Installing : ansible-2.4.2.0-2.el7.noarch 25/27 Cleanup : 1:openssl-1.0.1e-42.el7.9.x86_64 26/27 Cleanup : 1:openssl-libs-1.0.1e-42.el7.9.x86_64 27/27 Verifying : python-jinja2-2.7.2-2.el7.noarch 1/27 Verifying : python-backports-ssl_match_hostname-3.5.0.1-1.el7.noarch 2/27 Verifying : python2-jmespath-0.9.0-3.el7.noarch 3/27 Verifying : sshpass-1.06-2.el7.x86_64 4/27 Verifying : python-setuptools-0.9.8-7.el7.noarch 5/27 Verifying : 1:openssl-libs-1.0.2k-16.el7.x86_64 6/27 Verifying : 1:openssl-1.0.2k-16.el7.x86_64 7/27 Verifying : python-six-1.9.0-2.el7.noarch 8/27 Verifying : python-idna-2.4-1.el7.noarch 9/27 Verifying : python-markupsafe-0.11-10.el7.x86_64 10/27 Verifying : python-ply-3.4-11.el7.noarch 11/27 Verifying : python-passlib-1.6.5-2.el7.noarch 12/27 Verifying : python-paramiko-2.1.1-9.el7.noarch 13/27 Verifying : python-babel-0.9.6-8.el7.noarch 14/27 Verifying : python-backports-1.0-8.el7.x86_64 15/27 Verifying : python-cffi-1.6.0-5.el7.x86_64 16/27 Verifying : python-pycparser-2.14-1.el7.noarch 17/27 Verifying : libyaml-0.1.4-11.el7_0.x86_64 18/27 Verifying : ansible-2.4.2.0-2.el7.noarch 19/27 Verifying : python-ipaddress-1.0.16-2.el7.noarch 20/27 Verifying : python-enum34-1.0.4-1.el7.noarch 21/27 Verifying : python-httplib2-0.9.2-1.el7.noarch 22/27 Verifying : python2-pyasn1-0.1.9-7.el7.noarch 23/27 Verifying : PyYAML-3.10-11.el7.x86_64 24/27 Verifying : python2-cryptography-1.7.2-2.el7.x86_64 25/27 Verifying : 1:openssl-libs-1.0.1e-42.el7.9.x86_64 26/27 Verifying : 1:openssl-1.0.1e-42.el7.9.x86_64 27/27 Installed: ansible.noarch 0:2.4.2.0-2.el7 Dependency Installed: PyYAML.x86_64 0:3.10-11.el7 libyaml.x86_64 0:0.1.4-11.el7_0 python-babel.noarch 0:0.9.6-8.el7 python-backports.x86_64 0:1.0-8.el7 python-backports-ssl_match_hostname.noarch 0:3.5.0.1-1.el7 python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 python-httplib2.noarch 0:0.9.2-1.el7 python-idna.noarch 0:2.4-1.el7 python-ipaddress.noarch 0:1.0.16-2.el7 python-jinja2.noarch 0:2.7.2-2.el7 python-markupsafe.x86_64 0:0.11-10.el7 python-paramiko.noarch 0:2.1.1-9.el7 python-passlib.noarch 0:1.6.5-2.el7 python-ply.noarch 0:3.4-11.el7 python-pycparser.noarch 0:2.14-1.el7 python-setuptools.noarch 0:0.9.8-7.el7 python-six.noarch 0:1.9.0-2.el7 python2-cryptography.x86_64 0:1.7.2-2.el7 python2-jmespath.noarch 0:0.9.0-3.el7 python2-pyasn1.noarch 0:0.1.9-7.el7 sshpass.x86_64 0:1.06-2.el7 Dependency Updated: openssl.x86_64 1:1.0.2k-16.el7 openssl-libs.x86_64 1:1.0.2k-16.el7 Complete! [root@node101.yinzhengjie.org.cn ~]#
4>.配置ansible服务器配置各个节点无密码登录
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# cat /etc/redhat-release CentOS Linux release 7.2.1511 (Core) [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# uname -r 3.10.0-327.el7.x86_64 [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# uname -m x86_64 [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# cat /etc/hosts | grep yinzhengjie 172.30.1.101 node101.yinzhengjie.org.cn 172.30.1.102 node102.yinzhengjie.org.cn 172.30.1.103 node103.yinzhengjie.org.cn [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa Generating public/private rsa key pair. Created directory '/root/.ssh'. Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: a8:60:4a:58:d1:9f:d9:0e:a1:15:b2:4c:10:e1:93:31 root@node101.yinzhengjie.org.cn The key's randomart image is: +--[ RSA 2048]----+ | E=o .. | | . B.oo | | = o+ = | |.. .. =.. | |..o .oS | |.o . . . | |. . | | | | | +-----------------+ [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ssh-copy-id root@node101.yinzhengjie.org.cn The authenticity of host 'node101.yinzhengjie.org.cn (172.30.1.101)' can't be established. ECDSA key fingerprint is 1e:0d:ad:e0:1d:0b:ba:8a:c5:ad:bd:81:5d:33:6b:3f. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@node101.yinzhengjie.org.cn's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@node101.yinzhengjie.org.cn'" and check to make sure that only the key(s) you wanted were added. [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ssh-copy-id root@node102.yinzhengjie.org.cn The authenticity of host 'node102.yinzhengjie.org.cn (172.30.1.102)' can't be established. ECDSA key fingerprint is 1e:0d:ad:e0:1d:0b:ba:8a:c5:ad:bd:81:5d:33:6b:3f. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@node102.yinzhengjie.org.cn's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@node102.yinzhengjie.org.cn'" and check to make sure that only the key(s) you wanted were added. [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ssh-copy-id root@node103.yinzhengjie.org.cn The authenticity of host 'node103.yinzhengjie.org.cn (172.30.1.103)' can't be established. ECDSA key fingerprint is 1e:0d:ad:e0:1d:0b:ba:8a:c5:ad:bd:81:5d:33:6b:3f. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@node103.yinzhengjie.org.cn's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@node103.yinzhengjie.org.cn'" and check to make sure that only the key(s) you wanted were added. [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ssh node102.yinzhengjie.org.cn Last login: Fri Mar 8 05:01:58 2019 from 172.30.1.1 [root@node102.yinzhengjie.org.cn ~]# [root@node102.yinzhengjie.org.cn ~]# logout Connection to node102.yinzhengjie.org.cn closed. [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ssh node103.yinzhengjie.org.cn Last login: Fri Mar 8 05:02:00 2019 from 172.30.1.1 [root@node103.yinzhengjie.org.cn ~]# [root@node103.yinzhengjie.org.cn ~]# [root@node103.yinzhengjie.org.cn ~]# logout Connection to node103.yinzhengjie.org.cn closed. [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ssh node101.yinzhengjie.org.cn Last login: Fri Mar 8 05:01:45 2019 from 172.30.1.1 [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# logout Connection to node101.yinzhengjie.org.cn closed. [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
5>.ansible简单实用格式
[root@node101.yinzhengjie.org.cn ~]# ansible HOST-PATTERN -m MOD_NAME -a MOD_ARGS -f FORK -C -u USERNAME -c CONNECTION HOST-PATTERN: 主机模式,指定管理的主机,这个被管理的主机必须得纳入ansible的hosts配置文件(默认路径为:"/etc/ansible/hosts") MOD_NAME: 指定要是用的模块来管理我们指定的主机。 MOD_ARGS: 指定模块参数 FORK: 指定批次,比如我们指定了主机模式,该模式下有50台机器,这个时候我们如果不指定批次的话,就会瞬间启动50个线程,对服务器压力较大,我们可以将这50个操作按照批次来进行! USERNAME: 这个我没有咋用过,用的不多哈~ CONNECTION: 这个参数我们用的也不多!
6>.编辑ansible的主机配置文件
[root@node101.yinzhengjie.org.cn ~]# echo "node[101:103].yinzhengjie.org.cn" > /etc/ansible/hosts [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# tail -1 /etc/ansible/hosts node[101:103].yinzhengjie.org.cn [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# cat /etc/ansible/hosts [web] node[101:102].yinzhengjie.org.cn [db] node[102:103].yinzhengjie.org.cn [tomcat] node[101:103].yinzhengjie.org.cn [redis] node101.yinzhengjie.org.cn [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible web -m ping node101.yinzhengjie.org.cn | SUCCESS => { "changed": false, "ping": "pong" } node102.yinzhengjie.org.cn | SUCCESS => { "changed": false, "ping": "pong" } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible db -m ping node102.yinzhengjie.org.cn | SUCCESS => { "changed": false, "ping": "pong" } node103.yinzhengjie.org.cn | SUCCESS => { "changed": false, "ping": "pong" } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible tomcat -m ping node101.yinzhengjie.org.cn | SUCCESS => { "changed": false, "ping": "pong" } node103.yinzhengjie.org.cn | SUCCESS => { "changed": false, "ping": "pong" } node102.yinzhengjie.org.cn | SUCCESS => { "changed": false, "ping": "pong" } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible redis -m ping node101.yinzhengjie.org.cn | SUCCESS => { "changed": false, "ping": "pong" } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
7>.验证ansible配置文件是否生效
[root@node101.yinzhengjie.org.cn ~]# ansible --list-hosts web hosts (2): node101.yinzhengjie.org.cn node102.yinzhengjie.org.cn [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# ansible --list-hosts db hosts (2): node102.yinzhengjie.org.cn node103.yinzhengjie.org.cn [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# ansible --list-hosts tomcat hosts (3): node101.yinzhengjie.org.cn node102.yinzhengjie.org.cn node103.yinzhengjie.org.cn [root@node101.yinzhengjie.org.cn ~]#
三.ansible的常用模块介绍
1>.获取ansible支持的模块列表
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible-doc -l a10_server Manage A10 Networks AX/SoftAX/Thunder/vThunder devices' server object. a10_server_axapi3 Manage A10 Networks AX/SoftAX/Thunder/vThunder devices a10_service_group Manage A10 Networks AX/SoftAX/Thunder/vThunder devices' service groups. a10_virtual_server Manage A10 Networks AX/SoftAX/Thunder/vThunder devices' virtual servers. accelerate Enable accelerated mode on remote node aci_aep Manage attachable Access Entity Profile (AEP) on Cisco ACI fabrics (infra:AttEntityP) aci_ap Manage top level Application Profile (AP) objects on Cisco ACI fabrics (fv:Ap) aci_bd Manage Bridge Domains (BD) on Cisco ACI Fabrics (fv:BD) aci_bd_subnet Manage Subnets on Cisco ACI fabrics (fv:Subnet) aci_bd_to_l3out Bind Bridge Domain to L3 Out on Cisco ACI fabrics (fv:RsBDToOut) aci_config_rollback Provides rollback and rollback preview functionality for Cisco ACI fabrics (config:ImportP) aci_config_snapshot Manage Config Snapshots on Cisco ACI fabrics (config:Snapshot, config:ExportP) aci_contract Manage contract resources on Cisco ACI fabrics (vz:BrCP) aci_contract_subject Manage initial Contract Subjects on Cisco ACI fabrics (vz:Subj) aci_contract_subject_to_filter Bind Contract Subjects to Filters on Cisco ACI fabrics (vz:RsSubjFiltAtt) aci_epg Manage End Point Groups (EPG) on Cisco ACI fabrics (fv:AEPg) aci_epg_monitoring_policy Manage monitoring policies on Cisco ACI fabrics (mon:EPGPol) aci_epg_to_contract Bind EPGs to Contracts on Cisco ACI fabrics (fv:RsCons and fv:RsProv) aci_epg_to_domain Bind EPGs to Domains on Cisco ACI fabrics (fv:RsDomAtt) aci_filter Manages top level filter objects on Cisco ACI fabrics (vz:Filter) aci_filter_entry Manage filter entries on Cisco ACI fabrics (vz:Entry) aci_intf_policy_fc Manage Fibre Channel interface policies on Cisco ACI fabrics (fc:IfPol) aci_intf_policy_l2 Manage Layer 2 interface policies on Cisco ACI fabrics (l2:IfPol) aci_intf_policy_lldp Manage LLDP interface policies on Cisco ACI fabrics (lldp:IfPol) aci_intf_policy_mcp Manage MCP interface policies on Cisco ACI fabrics (mcp:IfPol) aci_intf_policy_port_channel Manage port channel interface policies on Cisco ACI fabrics (lacp:LagPol) aci_intf_policy_port_security Manage port security on Cisco ACI fabrics (l2:PortSecurityPol) aci_l3out_route_tag_policy Manage route tag policies on Cisco ACI fabrics (l3ext:RouteTagPol) aci_rest Direct access to the Cisco APIC REST API aci_taboo_contract Manage taboo contracts on Cisco ACI fabrics (vz:BrCP) aci_tenant Manage tenants on Cisco ACI fabrics (fv:Tenant) aci_tenant_action_rule_profile Manage action rule profiles on Cisco ACI fabrics (rtctrl:AttrP) aci_tenant_ep_retention_policy Manage End Point (EP) retention protocol policies on Cisco ACI fabrics (fv:EpRetPol) aci_tenant_span_dst_group Manage SPAN destination groups on Cisco ACI fabrics (span:DestGrp) aci_tenant_span_src_group Manage SPAN source groups on Cisco ACI fabrics (span:SrcGrp) aci_tenant_span_src_group_to_dst_group Manage SPAN source group to destination group bindings on Cisco ACI fabrics (span:SpanLbl) aci_vrf Manage VRF (private networks aka. contexts) on Cisco ACI fabrics (fv:Ctx) acl Sets and retrieves file ACL information. add_host add a host (and alternatively a group) to the ansible-playbook in-memory inventory airbrake_deployment Notify airbrake about app deployments :
2>.查看某个模块的使用方法
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible-doc --help Usage: ansible-doc [-l|-s] [options] [-t <plugin type] [plugin] plugin documentation tool Options: -a, --all **For internal testing only** Show documentation for all plugins. -h, --help show this help message and exit -l, --list List available plugins -M MODULE_PATH, --module-path=MODULE_PATH prepend colon-separated path(s) to module library (default=[u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']) -s, --snippet Show playbook snippet for specified plugin(s) -t TYPE, --type=TYPE Choose which plugin type (defaults to "module") -v, --verbose verbose mode (-vvv for more, -vvvv to enable connection debugging) --version show program's version number and exit See man pages for Ansible CLI options or website for tutorials https://docs.ansible.com [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible-doc -s ping - name: Try to connect to host, verify a usable python and return `pong' on success ping: data: # Data to return for the `ping' return value. If this parameter is set to `crash', the module will cause an exception. [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
3>.使用ping模块案例展示(该模块用于测试主机的连通性)
[root@node101.yinzhengjie.org.cn ~]# ansible all -m ping node101.yinzhengjie.org.cn | SUCCESS => { "changed": false, "ping": "pong" } node103.yinzhengjie.org.cn | SUCCESS => { "changed": false, "ping": "pong" } node102.yinzhengjie.org.cn | SUCCESS => { "changed": false, "ping": "pong" } [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m ping -a data="hello" node103.yinzhengjie.org.cn | SUCCESS => { "changed": false, "ping": "hello" } node101.yinzhengjie.org.cn | SUCCESS => { "changed": false, "ping": "hello" } node102.yinzhengjie.org.cn | SUCCESS => { "changed": false, "ping": "hello" } [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m ping -a data="crash" node103.yinzhengjie.org.cn | FAILED! => { "changed": false, "module_stderr": "Shared connection to node103.yinzhengjie.org.cn closed. ", "module_stdout": "Traceback (most recent call last): File "/tmp/ansible_IaF7Qy/ansible_module_ping.py", line 82, in <module> main() File "/tmp/ansible_IaF7Qy/ansible_module_ping.py", line 72, in main raise Exception("boom") Exception: boom ", "msg": "MODULE FAILURE", "rc": 0 } node101.yinzhengjie.org.cn | FAILED! => { "changed": false, "module_stderr": "Shared connection to node101.yinzhengjie.org.cn closed. ", "module_stdout": "Traceback (most recent call last): File "/tmp/ansible_q1d2hC/ansible_module_ping.py", line 82, in <module> main() File "/tmp/ansible_q1d2hC/ansible_module_ping.py", line 72, in main raise Exception("boom") Exception: boom ", "msg": "MODULE FAILURE", "rc": 0 } node102.yinzhengjie.org.cn | FAILED! => { "changed": false, "module_stderr": "Shared connection to node102.yinzhengjie.org.cn closed. ", "module_stdout": "Traceback (most recent call last): File "/tmp/ansible_Sey9Kz/ansible_module_ping.py", line 82, in <module> main() File "/tmp/ansible_Sey9Kz/ansible_module_ping.py", line 72, in main raise Exception("boom") Exception: boom ", "msg": "MODULE FAILURE", "rc": 0 } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
4>.comand模块案例展示(该模块用于在远程主机上运行命令)
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible-doc -s command - name: Executes a command on a remote node command: chdir: # Change into this directory before running the command. creates: # A filename or (since 2.0) glob pattern, when it already exists, this step will *not* be run. free_form: # (required) The command module takes a free form command to run. There is no parameter actually named 'free form'. See the examples! removes: # A filename or (since 2.0) glob pattern, when it does not exist, this step will *not* be run. stdin: # Set the stdin of the command directly to the specified value. warn: # If command_warnings are on in ansible.cfg, do not warn about this particular line if set to `no'. [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# chdir: 执行命令前切换工作目录至指定的位置。 creates: /PATH/TO/SOMEFILE_OR_DIR:如果此处给定的文件或目录存在,则不执行命令。 free_form: (必需)命令模块使用自由格式的命令运行。没有名为“free form”的参数。请参阅示例! removes: /PATH/TO/SOMEFILE_OR_DIR:如果此处给定的文件或目录不存在,则不执行命令。 stdin: 将命令的stdin直接设置为指定值。 warn: 如果ansible.cfg中的命令“warnings”处于打开状态,则如果设置为“no”,则不要对此特定行发出警告。
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m command -a 'mktemp /tmp/file.XXXX' node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> /tmp/file.njeG node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> /tmp/file.1erW node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> /tmp/file.dliL [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m command -a 'ls /tmp' node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> ansible_xuxDYd file.njeG node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> ansible_iMnDT_ file.1erW node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> ansible__UTTtL file.dliL [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# ansible all -m command -a 'useradd jason' node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> [root@node101.yinzhengjie.org.cn ~]#
5>.shell模块案例展示(该模块用于在远程主机用shell进程下运行命令,支持shell解释器特性,如管道等等)
[root@node101.yinzhengjie.org.cn ~]# ansible-doc -s shell - name: Execute commands in nodes. shell: chdir: # cd into this directory before running the command creates: # a filename, when it already exists, this step will *not* be run. executable: # change the shell used to execute the command. Should be an absolute path to the executable. free_form: # (required) The shell module takes a free form command to run, as a string. There's not an actual option named "free form". See the examples! removes: # a filename, when it does not exist, this step will *not* be run. stdin: # Set the stdin of the command directly to the specified value. warn: # if command warnings are on in ansible.cfg, do not warn about this particular line if set to no/false. [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m command -a 'id jason || jasonuseradd jason' node102.yinzhengjie.org.cn | FAILED | rc=1 >> id: extra operand ‘||’ Try 'id --help' for more information.non-zero return code node101.yinzhengjie.org.cn | FAILED | rc=1 >> id: extra operand ‘||’ Try 'id --help' for more information.non-zero return code node103.yinzhengjie.org.cn | FAILED | rc=1 >> id: extra operand ‘||’ Try 'id --help' for more information.non-zero return code [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'id jason || jasonuseradd jason' node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> uid=1001(jason) gid=1001(jason) groups=1001(jason) node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> uid=1001(jason) gid=1001(jason) groups=1001(jason) node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> uid=1001(jason) gid=1001(jason) groups=1001(jason) [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m command -a 'echo yinzhengjie.org.cn | passwd --stdin jason' node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> yinzhengjie.org.cn | passwd --stdin jason node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> yinzhengjie.org.cn | passwd --stdin jason node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> yinzhengjie.org.cn | passwd --stdin jason [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'tail -1 /etc/shadow' node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> jason:!!:17963:0:99999:7::: node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> jason:!!:17963:0:99999:7::: node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> jason:!!:17963:0:99999:7::: [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'echo yinzhengjie.org.cn | passwd --stdin jason' node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> Changing password for user jason. passwd: all authentication tokens updated successfully. node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> Changing password for user jason. passwd: all authentication tokens updated successfully. node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> Changing password for user jason. passwd: all authentication tokens updated successfully. [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'tail -1 /etc/shadow' node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> jason:$1$pgfXQsuQ$L6f8J4A.sk5yVUo49tqFU.:17963:0:99999:7::: node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> jason:$1$yUw4VPTa$apwu1/ZmhEw84Ij1NqHqt.:17963:0:99999:7::: node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> jason:$1$EajB6gKX$SwYdST7gMr2IExXULag7F.:17963:0:99999:7::: [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
6>.group模块案例展示(该模块用于管理组账号,添加和移除用户)
[root@node101.yinzhengjie.org.cn ~]# ansible-doc -s group - name: Add or remove groups group: gid: # Optional `GID' to set for the group. name: # (required) Name of the group to manage. state: # Whether the group should be present or not on the remote host. system: # If `yes', indicates that the group created is a system group. [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# gid: 选项“gid”为组设置。 name: (必需)要管理的组的名称。 state: 组是否应出现在远程主机上。 system: 如果“是”,则表示创建的组是系统组。
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible node102.yinzhengjie.org.cn -m group -a 'name=mygrp gid=2000 system=yes' node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "gid": 2000, "name": "mygrp", "state": "present", "system": true } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible node102.yinzhengjie.org.cn -m group -a 'name=mygrp gid=2000 system=yes' node102.yinzhengjie.org.cn | SUCCESS => { "changed": false, "gid": 2000, "name": "mygrp", "state": "present", "system": true } [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible node102.yinzhengjie.org.cn -m group -a 'name=mygrp state=absent' node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "name": "mygrp", "state": "absent" } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible node102.yinzhengjie.org.cn -m group -a 'name=mygrp state=absent' node102.yinzhengjie.org.cn | SUCCESS => { "changed": false, "name": "mygrp", "state": "absent" } [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible node102.yinzhengjie.org.cn -m group -a 'name=mygrp gid=2000' node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "gid": 2000, "name": "mygrp", "state": "present", "system": false } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible node102.yinzhengjie.org.cn -m shell -a 'tail -1 /etc/group' node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> mygrp:x:2000: [root@node101.yinzhengjie.org.cn ~]#
7>.user模块案例展示(该模块用于管理用户账号的模块)
root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible-doc -s user - name: Manage user accounts user: append: # If `yes', will only add groups, not set them to just the list in `groups'. comment: # Optionally sets the description (aka `GECOS') of user account. createhome: # Unless set to `no', a home directory will be made for the user when the account is created or if the home directory does not exist. expires: # An expiry time for the user in epoch, it will be ignored on platforms that do not support this. Currently supported on Linux and FreeBSD. force: # When used with `state=absent', behavior is as with `userdel --force'. generate_ssh_key: # Whether to generate a SSH key for the user in question. This will *not* overwrite an existing SSH key. group: # Optionally sets the user's primary group (takes a group name). groups: # Puts the user in list of groups. When set to the empty string ('groups='), the user is removed from all groups except the primary group. Before version 2.3, the only input format allowed was a 'comma separated string', now it should be able to accept YAML lists also. home: # Optionally set the user's home directory. local: # Forces the use of "local" command alternatives on platforms that implement it. This is useful in environments that use centralized authentification when you want to manipulate the local users. I.E. it uses `luseradd` instead of `useradd`. This requires that these commands exist on the targeted host, otherwise it will be a fatal error. login_class: # Optionally sets the user's login class for FreeBSD, OpenBSD and NetBSD systems. move_home: # If set to `yes' when used with `home=', attempt to move the user's home directory to the specified directory if it isn't there already. name: # (required) Name of the user to create, remove or modify. non_unique: # Optionally when used with the -u option, this option allows to change the user ID to a non-unique value. password: # Optionally set the user's password to this crypted value. See the user example in the github examples directory for what this looks like in a playbook. See http://docs.ansible.com/ansible/faq.html #how-do-i-generate-crypted-passwords-for-the-user-module for details on various ways to generate these password values. Note on Darwin system, this value has to be cleartext. Beware of security issues. remove: # When used with `state=absent', behavior is as with `userdel --remove'. seuser: # Optionally sets the seuser type (user_u) on selinux enabled systems. shell: # Optionally set the user's shell. skeleton: # Optionally set a home skeleton directory. Requires createhome option! ssh_key_bits: # Optionally specify number of bits in SSH key to create. ssh_key_comment: # Optionally define the comment for the SSH key. ssh_key_file: # Optionally specify the SSH key filename. If this is a relative filename then it will be relative to the user's home directory. ssh_key_passphrase: # Set a passphrase for the SSH key. If no passphrase is provided, the SSH key will default to having no passphrase. ssh_key_type: # Optionally specify the type of SSH key to generate. Available SSH key types will depend on implementation present on target host. state: # Whether the account should exist or not, taking action if the state is different from what is stated. system: # When creating an account, setting this to `yes' makes the user a system account. This setting cannot be changed on existing users. uid: # Optionally sets the `UID' of the user. update_password: # `always' will update passwords if they differ. `on_create' will only set the password for newly created users. [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# ansible node102.yinzhengjie.org.cn -m user -a 'name=tom state=present uid=1200 groups=mygrp shell=/bin/tcsh' node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "comment": "", "createhome": true, "group": 1200, "groups": "mygrp", "home": "/home/tom", "name": "tom", "shell": "/bin/tcsh", "state": "present", "system": false, "uid": 1200 } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible node102.yinzhengjie.org.cn -m shell -a 'tail -1 /etc/passwd' node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> tom:x:1200:1200::/home/tom:/bin/tcsh [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible node102.yinzhengjie.org.cn -m shell -a 'tail -2 /etc/group' node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> mygrp:x:2000:tom tom:x:1200: [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# ansible node102.yinzhengjie.org.cn -m shell -a 'tail -1 /etc/passwd' node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> tom:x:1200:1200::/home/tom:/bin/tcsh [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible node102.yinzhengjie.org.cn -m shell -a 'tail -2 /etc/group' node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> mygrp:x:2000:tom tom:x:1200: [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible node102.yinzhengjie.org.cn -m user -a 'name=tom state=absent uid=1200 groups=mygrp shell=/bin/tcsh' node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "force": false, "name": "tom", "remove": false, "state": "absent" } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible node102.yinzhengjie.org.cn -m shell -a 'tail -2 /etc/group' node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> jason:x:1001: mygrp:x:2000: [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible node102.yinzhengjie.org.cn -m shell -a 'tail -1 /etc/passwd' node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> jason:x:1001:1001::/home/jason:/bin/bash [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
8>.copy模块案例展示(该模块用于将本地的文件拷贝到别的位置)
[root@node101.yinzhengjie.org.cn ~]# ansible-doc -s copy - name: Copies files to remote locations copy: attributes: # Attributes the file or directory should have. To get supported flags look at the man page for `chattr' on the target system. This string should contain the attributes in the same order as the one displayed by `lsattr'. backup: # Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. content: # When used instead of `src', sets the contents of a file directly to the specified value. For anything advanced or with formatting also look at the template module. decrypt: # This option controls the autodecryption of source files using vault. dest: # (required) Remote absolute path where the file should be copied to. If `src' is a directory, this must be a directory too. If `dest' is a nonexistent path and if either `dest' ends with "/" or `src' is a directory, `dest' is created. If `src' and `dest' are files, the parent directory of `dest' isn't created: the task fails if it doesn't already exist. directory_mode: # When doing a recursive copy set the mode for the directories. If this is not set we will use the system defaults. The mode is only set on directories which are newly created, and will not affect those that already existed. follow: # This flag indicates that filesystem links in the destination, if they exist, should be followed. force: # the default is `yes', which will replace the remote file when contents are different than the source. If `no', the file will only be transferred if the destination does not exist. group: # Name of the group that should own the file/directory, as would be fed to `chown'. local_follow: # This flag indicates that filesystem links in the source tree, if they exist, should be followed. mode: # Mode the file or directory should be. For those used to `/usr/bin/chmod' remember that modes are actually octal numbers (like 0644). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx' or `u=rw,g=r,o=r'). owner: # Name of the user that should own the file/directory, as would be fed to `chown'. remote_src: # If `no', it will search for `src' at originating/master machine. If `yes' it will go to the remote/target machine for the `src'. Default is `no'. Currently `remote_src' does not support recursive copying. selevel: # Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the `range'. `_default' feature works as for `seuser'. serole: # Role part of SELinux file context, `_default' feature works as for `seuser'. setype: # Type part of SELinux file context, `_default' feature works as for `seuser'. seuser: # User part of SELinux file context. Will default to system policy, if applicable. If set to `_default', it will use the `user' portion of the policy if available. src: # Local path to a file to copy to the remote server; can be absolute or relative. If path is a directory, it is copied recursively. In this case, if path ends with "/", only inside contents of that directory are copied to destination. Otherwise, if it does not end with "/", the directory itself with all contents is copied. This behavior is similar to Rsync. unsafe_writes: # Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner. This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption. validate: # The validation command to run before copying into place. The path to the file to validate is passed in via '%s' which must be present as in the example below. The command is passed securely so shell features like expansion and pipes won't work. [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# mkdir ansible_workshop [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# cp /etc/issue ansible_workshop/ [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ll ansible_workshop/ total 4 -rw-r--r--. 1 root root 23 Mar 8 06:34 issue [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m copy -a 'src=./ansible_workshop/issue dest=/tmp/issue.txt' node101.yinzhengjie.org.cn | SUCCESS => { "changed": true, "checksum": "5c76e3b565c91e21bee303f15c728c71e6b39540", "dest": "/tmp/issue.txt", "gid": 0, "group": "root", "md5sum": "f078fe086dfc22f64b5dca2e1b95de2c", "mode": "0644", "owner": "root", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1552055792.6-176365855011546/source", "state": "file", "uid": 0 } node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "checksum": "5c76e3b565c91e21bee303f15c728c71e6b39540", "dest": "/tmp/issue.txt", "gid": 0, "group": "root", "md5sum": "f078fe086dfc22f64b5dca2e1b95de2c", "mode": "0644", "owner": "root", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1552055792.63-13729688590513/source", "state": "file", "uid": 0 } node103.yinzhengjie.org.cn | SUCCESS => { "changed": true, "checksum": "5c76e3b565c91e21bee303f15c728c71e6b39540", "dest": "/tmp/issue.txt", "gid": 0, "group": "root", "md5sum": "f078fe086dfc22f64b5dca2e1b95de2c", "mode": "0644", "owner": "root", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1552055792.6-277255447251178/source", "state": "file", "uid": 0 } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'ls /tmp | grep issue' node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> issue.txt node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> issue.txt node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> issue.txt [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# ansible all -m user -a 'name=user2 state=present uid=1202' node101.yinzhengjie.org.cn | SUCCESS => { "changed": true, "comment": "", "createhome": true, "group": 1202, "home": "/home/user2", "name": "user2", "shell": "/bin/bash", "state": "present", "system": false, "uid": 1202 } node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "comment": "", "createhome": true, "group": 1202, "home": "/home/user2", "name": "user2", "shell": "/bin/bash", "state": "present", "system": false, "uid": 1202 } node103.yinzhengjie.org.cn | SUCCESS => { "changed": true, "comment": "", "createhome": true, "group": 1202, "home": "/home/user2", "name": "user2", "shell": "/bin/bash", "state": "present", "system": false, "uid": 1202 } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m copy -a 'src=/etc/fstab dest=/tmp/fstab.txt owner=user2 mode=0600' node101.yinzhengjie.org.cn | SUCCESS => { "changed": true, "checksum": "97c39bfb0020e0c28fb1eceaca147f4e00df1ab3", "gid": 0, "group": "root", "mode": "0600", "owner": "user2", "path": "/tmp/fstab.txt", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 501, "state": "file", "uid": 1202 } node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "checksum": "97c39bfb0020e0c28fb1eceaca147f4e00df1ab3", "gid": 0, "group": "root", "mode": "0600", "owner": "user2", "path": "/tmp/fstab.txt", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 501, "state": "file", "uid": 1202 } node103.yinzhengjie.org.cn | SUCCESS => { "changed": true, "checksum": "97c39bfb0020e0c28fb1eceaca147f4e00df1ab3", "gid": 0, "group": "root", "mode": "0600", "owner": "user2", "path": "/tmp/fstab.txt", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 501, "state": "file", "uid": 1202 } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'ls -l /tmp | grep fstab' node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-------. 1 user2 root 501 Mar 8 06:47 fstab.txt node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-------. 1 user2 root 501 Mar 8 06:47 fstab.txt node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-------. 1 user2 root 501 Mar 8 06:47 fstab.txt [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m copy -a "dest=/tmp/somecontent.txt content='hello world '" node101.yinzhengjie.org.cn | SUCCESS => { "changed": true, "checksum": "22596363b3de40b06f981fb85d82312e8c0ed511", "dest": "/tmp/somecontent.txt", "gid": 0, "group": "root", "md5sum": "6f5902ac237024bdd0c176cb93063dc4", "mode": "0644", "owner": "root", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 12, "src": "/root/.ansible/tmp/ansible-tmp-1552056954.59-116122062071229/source", "state": "file", "uid": 0 } node103.yinzhengjie.org.cn | SUCCESS => { "changed": true, "checksum": "22596363b3de40b06f981fb85d82312e8c0ed511", "dest": "/tmp/somecontent.txt", "gid": 0, "group": "root", "md5sum": "6f5902ac237024bdd0c176cb93063dc4", "mode": "0644", "owner": "root", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 12, "src": "/root/.ansible/tmp/ansible-tmp-1552056954.62-131712031277524/source", "state": "file", "uid": 0 } node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "checksum": "22596363b3de40b06f981fb85d82312e8c0ed511", "dest": "/tmp/somecontent.txt", "gid": 0, "group": "root", "md5sum": "6f5902ac237024bdd0c176cb93063dc4", "mode": "0644", "owner": "root", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 12, "src": "/root/.ansible/tmp/ansible-tmp-1552056954.6-103797046254254/source", "state": "file", "uid": 0 } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'cat /tmp/somecontent.txt' node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> hello world node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> hello world node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> hello world [root@node101.yinzhengjie.org.cn ~]#
9>.file模块案例展示(该模块用于管理文件,比如创建连接文件,修改属性,创建目录,具体是什么类型可以使用state指定!)
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible-doc -s file - name: Sets attributes of files file: attributes: # Attributes the file or directory should have. To get supported flags look at the man page for `chattr' on the target system. This string should contain the attributes in the same order as the one displayed by `lsattr'. follow: # This flag indicates that filesystem links, if they exist, should be followed. force: # force the creation of the symlinks in two cases: the source file does not exist (but will appear later); the destination exists and is a file (so, we need to unlink the "path" file and create symlink to the "src" file in place of it). group: # Name of the group that should own the file/directory, as would be fed to `chown'. mode: # Mode the file or directory should be. For those used to `/usr/bin/chmod' remember that modes are actually octal numbers (like 0644). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx' or `u=rw,g=r,o=r'). owner: # Name of the user that should own the file/directory, as would be fed to `chown'. path: # (required) path to the file being managed. Aliases: `dest', `name' recurse: # recursively set the specified file attributes (applies only to state=directory) selevel: # Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the `range'. `_default' feature works as for `seuser'. serole: # Role part of SELinux file context, `_default' feature works as for `seuser'. setype: # Type part of SELinux file context, `_default' feature works as for `seuser'. seuser: # User part of SELinux file context. Will default to system policy, if applicable. If set to `_default', it will use the `user' portion of the policy if available. src: # path of the file to link to (applies only to `state=link'). Will accept absolute, relative and nonexisting paths. Relative paths are not expanded. state: # If `directory', all immediate subdirectories will be created if they do not exist, since 1.7 they will be created with the supplied permissions. If `file', the file will NOT be created if it does not exist, see the [copy] or [template] module if you want that behavior. If `link', the symbolic link will be created or changed. Use `hard' for hardlinks. If `absent', directories will be recursively deleted, and files or symlinks will be unlinked. Note that `absent' will not cause `file' to fail if the `path' does not exist as the state did not change. If `touch' (new in 1.4), an empty file will be created if the `path' does not exist, while an existing file or directory will receive updated file access and modification times (similar to the way `touch` works from the command line). unsafe_writes: # Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner. This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption. [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'ls -l /tmp | grep issue' node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-r--r--. 1 root root 23 Mar 8 06:36 issue.txt node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-r--r--. 1 root root 23 Mar 8 06:36 issue.txt node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-r--r--. 1 root root 23 Mar 8 06:36 issue.txt [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m file -a "group=mygrp mode=0660 path=/tmp/issue.txt" node101.yinzhengjie.org.cn | FAILED! => { "changed": false, "gid": 0, "group": "root", "mode": "0644", "msg": "chgrp failed: failed to look up group mygrp", "owner": "root", "path": "/tmp/issue.txt", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 23, "state": "file", "uid": 0 } node103.yinzhengjie.org.cn | FAILED! => { "changed": false, "gid": 0, "group": "root", "mode": "0644", "msg": "chgrp failed: failed to look up group mygrp", "owner": "root", "path": "/tmp/issue.txt", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 23, "state": "file", "uid": 0 } node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "gid": 2000, "group": "mygrp", "mode": "0660", "owner": "root", "path": "/tmp/issue.txt", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 23, "state": "file", "uid": 0 } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'ls -l /tmp | grep issue' node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-r--r--. 1 root root 23 Mar 8 06:36 issue.txt node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-rw----. 1 root mygrp 23 Mar 8 06:36 issue.txt node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-r--r--. 1 root root 23 Mar 8 06:36 issue.txt [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m file -a "path=/tmp/download mode=0770 state=directory" node101.yinzhengjie.org.cn | SUCCESS => { "changed": true, "gid": 0, "group": "root", "mode": "0770", "owner": "root", "path": "/tmp/download", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 6, "state": "directory", "uid": 0 } node103.yinzhengjie.org.cn | SUCCESS => { "changed": true, "gid": 0, "group": "root", "mode": "0770", "owner": "root", "path": "/tmp/download", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 6, "state": "directory", "uid": 0 } node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "gid": 0, "group": "root", "mode": "0770", "owner": "root", "path": "/tmp/download", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 6, "state": "directory", "uid": 0 } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'ls -l /tmp | grep download' node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> drwxrwx---. 2 root root 6 Mar 8 07:05 download node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> drwxrwx---. 2 root root 6 Mar 8 07:05 download node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> drwxrwx---. 2 root root 6 Mar 8 07:05 download [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'ls -l /tmp | grep issue' node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-r--r--. 1 root root 23 Mar 8 06:36 issue.txt node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-r--r--. 1 root root 23 Mar 8 06:36 issue.txt node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-rw----. 1 root mygrp 23 Mar 8 06:36 issue.txt [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m file -a "path=/tmp/issue.link src=/tmp/issue.txt state=link" node103.yinzhengjie.org.cn | SUCCESS => { "changed": true, "dest": "/tmp/issue.link", "gid": 0, "group": "root", "mode": "0777", "owner": "root", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 14, "src": "/tmp/issue.txt", "state": "link", "uid": 0 } node101.yinzhengjie.org.cn | SUCCESS => { "changed": true, "dest": "/tmp/issue.link", "gid": 0, "group": "root", "mode": "0777", "owner": "root", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 14, "src": "/tmp/issue.txt", "state": "link", "uid": 0 } node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "dest": "/tmp/issue.link", "gid": 0, "group": "root", "mode": "0777", "owner": "root", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 14, "src": "/tmp/issue.txt", "state": "link", "uid": 0 } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'ls -l /tmp | grep issue' node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> lrwxrwxrwx. 1 root root 14 Mar 8 07:08 issue.link -> /tmp/issue.txt -rw-r--r--. 1 root root 23 Mar 8 06:36 issue.txt node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> lrwxrwxrwx. 1 root root 14 Mar 8 07:08 issue.link -> /tmp/issue.txt -rw-rw----. 1 root mygrp 23 Mar 8 06:36 issue.txt node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> lrwxrwxrwx. 1 root root 14 Mar 8 07:08 issue.link -> /tmp/issue.txt -rw-r--r--. 1 root root 23 Mar 8 06:36 issue.txt [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'ls -l /tmp | grep issue' node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> lrwxrwxrwx. 1 root root 14 Mar 8 07:08 issue.link -> /tmp/issue.txt -rw-r--r--. 1 root root 23 Mar 8 06:36 issue.txt node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> lrwxrwxrwx. 1 root root 14 Mar 8 07:08 issue.link -> /tmp/issue.txt -rw-r--r--. 1 root root 23 Mar 8 06:36 issue.txt node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> lrwxrwxrwx. 1 root root 14 Mar 8 07:08 issue.link -> /tmp/issue.txt -rw-rw----. 1 root mygrp 23 Mar 8 06:36 issue.txt [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m file -a "path=/tmp/issue.hard src=/tmp/issue.txt state=hard" node101.yinzhengjie.org.cn | SUCCESS => { "changed": true, "dest": "/tmp/issue.hard", "gid": 0, "group": "root", "mode": "0644", "owner": "root", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 23, "src": "/tmp/issue.txt", "state": "hard", "uid": 0 } node103.yinzhengjie.org.cn | SUCCESS => { "changed": true, "dest": "/tmp/issue.hard", "gid": 0, "group": "root", "mode": "0644", "owner": "root", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 23, "src": "/tmp/issue.txt", "state": "hard", "uid": 0 } node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "dest": "/tmp/issue.hard", "gid": 2000, "group": "mygrp", "mode": "0660", "owner": "root", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 23, "src": "/tmp/issue.txt", "state": "hard", "uid": 0 } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'ls -l /tmp | grep issue' node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-rw----. 2 root mygrp 23 Mar 8 06:36 issue.hard lrwxrwxrwx. 1 root root 14 Mar 8 07:08 issue.link -> /tmp/issue.txt -rw-rw----. 2 root mygrp 23 Mar 8 06:36 issue.txt node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-r--r--. 2 root root 23 Mar 8 06:36 issue.hard lrwxrwxrwx. 1 root root 14 Mar 8 07:08 issue.link -> /tmp/issue.txt -rw-r--r--. 2 root root 23 Mar 8 06:36 issue.txt node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-r--r--. 2 root root 23 Mar 8 06:36 issue.hard lrwxrwxrwx. 1 root root 14 Mar 8 07:08 issue.link -> /tmp/issue.txt -rw-r--r--. 2 root root 23 Mar 8 06:36 issue.txt [root@node101.yinzhengjie.org.cn ~]#
10>.fetch模块案例展示(该模块用于从远程主机复制的模块)
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible-doc -s fetch - name: Fetches a file from remote nodes fetch: dest: # (required) A directory to save the file into. For example, if the `dest' directory is `/backup' a `src' file named `/etc/profile' on host `host.example.com', would be saved into `/backup/host.example.com/etc/profile' fail_on_missing: # When set to 'yes', the task will fail if the remote file cannot be read for any reason. Prior to Ansible-2.4, setting this would only fail if the source file was missing. The default was changed to "yes" in Ansible-2.4. flat: # Allows you to override the default behavior of appending hostname/path/to/file to the destination. If dest ends with '/', it will use the basename of the source file, similar to the copy module. Obviously this is only handy if the filenames are unique. src: # (required) The file on the remote system to fetch. This `must' be a file, not a directory. Recursive fetching may be supported in a later release. validate_checksum: # Verify that the source and destination checksums match after the files are fetched. [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible node102.yinzhengjie.org.cn -m fetch -a 'src=/tmp/issue.txt dest=/var/tmp' node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "checksum": "5c76e3b565c91e21bee303f15c728c71e6b39540", "dest": "/var/tmp/node102.yinzhengjie.org.cn/tmp/issue.txt", "md5sum": "f078fe086dfc22f64b5dca2e1b95de2c", "remote_checksum": "5c76e3b565c91e21bee303f15c728c71e6b39540", "remote_md5sum": null } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m fetch -a 'src=/tmp/issue.txt dest=/var/tmp' node102.yinzhengjie.org.cn | SUCCESS => { "changed": false, "checksum": "5c76e3b565c91e21bee303f15c728c71e6b39540", "dest": "/var/tmp/node102.yinzhengjie.org.cn/tmp/issue.txt", "file": "/tmp/issue.txt", "md5sum": "f078fe086dfc22f64b5dca2e1b95de2c" } node101.yinzhengjie.org.cn | SUCCESS => { "changed": true, "checksum": "5c76e3b565c91e21bee303f15c728c71e6b39540", "dest": "/var/tmp/node101.yinzhengjie.org.cn/tmp/issue.txt", "md5sum": "f078fe086dfc22f64b5dca2e1b95de2c", "remote_checksum": "5c76e3b565c91e21bee303f15c728c71e6b39540", "remote_md5sum": null } node103.yinzhengjie.org.cn | SUCCESS => { "changed": true, "checksum": "5c76e3b565c91e21bee303f15c728c71e6b39540", "dest": "/var/tmp/node103.yinzhengjie.org.cn/tmp/issue.txt", "md5sum": "f078fe086dfc22f64b5dca2e1b95de2c", "remote_checksum": "5c76e3b565c91e21bee303f15c728c71e6b39540", "remote_md5sum": null } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ll /var/tmp/ total 0 drwxr-xr-x. 3 root root 16 Mar 8 06:41 node101.yinzhengjie.org.cn drwxr-xr-x. 3 root root 16 Mar 8 06:41 node102.yinzhengjie.org.cn drwxr-xr-x. 3 root root 16 Mar 8 06:41 node103.yinzhengjie.org.cn [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# tree /var/tmp/ /var/tmp/ ├── node101.yinzhengjie.org.cn │ └── tmp │ └── issue.txt ├── node102.yinzhengjie.org.cn │ └── tmp │ └── issue.txt └── node103.yinzhengjie.org.cn └── tmp └── issue.txt 6 directories, 3 files [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
11>.get_url模块案例展示(该模块用于基于哪个url下载文件的)
[root@node101.yinzhengjie.org.cn ~]# ansible-doc -s get_url - name: Downloads files from HTTP, HTTPS, or FTP to node get_url: attributes: # Attributes the file or directory should have. To get supported flags look at the man page for `chattr' on the target system. This string should contain the attributes in the same order as the one displayed by `lsattr'. backup: # Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. checksum: # If a checksum is passed to this parameter, the digest of the destination file will be calculated after it is downloaded to ensure its integrity and verify that the transfer completed successfully. Format: <algorithm>:<checksum>, e.g. checksum="sha256:D98291AC[...]B6DC7B97" If you worry about portability, only the sha1 algorithm is available on all platforms and python versions. The third party hashlib library can be installed for access to additional algorithms. Additionally, if a checksum is passed to this parameter, and the file exist under the `dest' location, the `destination_checksum' would be calculated, and if checksum equals `destination_checksum', the file download would be skipped (unless `force' is true). client_cert: # PEM formatted certificate chain file to be used for SSL client authentication. This file can also include the key as well, and if the key is included, `client_key' is not required. client_key: # PEM formatted file that contains your private key to be used for SSL client authentication. If `client_cert' contains both the certificate and key, this option is not required. dest: # (required) Absolute path of where to download the file to. If `dest' is a directory, either the server provided filename or, if none provided, the base name of the URL on the remote server will be used. If a directory, `force' has no effect. If `dest' is a directory, the file will always be downloaded (regardless of the `force' option), but replaced only if the contents changed.. force: # If `yes' and `dest' is not a directory, will download the file every time and replace the file if the contents change. If `no', the file will only be downloaded if the destination does not exist. Generally should be `yes' only for small local files. Prior to 0.6, this module behaved as if `yes' was the default. force_basic_auth: # httplib2, the library used by the uri module only sends authentication information when a webservice responds to an initial request with a 401 status. Since some basic auth services do not properly send a 401, logins will fail. This option forces the sending of the Basic authentication header upon initial request. group: # Name of the group that should own the file/directory, as would be fed to `chown'. headers: # Add custom HTTP headers to a request in the format "key:value,key:value". mode: # Mode the file or directory should be. For those used to `/usr/bin/chmod' remember that modes are actually octal numbers (like 0644). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx' or `u=rw,g=r,o=r'). others: # all arguments accepted by the [file] module also work here owner: # Name of the user that should own the file/directory, as would be fed to `chown'. selevel: # Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the `range'. `_default' feature works as for `seuser'. serole: # Role part of SELinux file context, `_default' feature works as for `seuser'. setype: # Type part of SELinux file context, `_default' feature works as for `seuser'. seuser: # User part of SELinux file context. Will default to system policy, if applicable. If set to `_default', it will use the `user' portion of the policy if available. sha256sum: # If a SHA-256 checksum is passed to this parameter, the digest of the destination file will be calculated after it is downloaded to ensure its integrity and verify that the transfer completed successfully. This option is deprecated. Use `checksum' instead. timeout: # Timeout in seconds for URL request. tmp_dest: # Absolute path of where temporary file is downloaded to. Defaults to `TMPDIR', `TEMP' or `TMP' env variables or a platform specific value. https://docs.python.org/2/library/tempfile.html#tempfile.tempdir unsafe_writes: # Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner. This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption. url: # (required) HTTP, HTTPS, or FTP URL in the form (http|https|ftp)://[user[:pass]]@host.domain[:port]/path url_password: # The password for use in HTTP basic authentication. If the `url_username' parameter is not specified, the `url_password' parameter will not be used. url_username: # The username for use in HTTP basic authentication. This parameter can be used without `url_password' for sites that allow empty passwords. use_proxy: # if `no', it will not use a proxy, even if one is defined in an environment variable on the target hosts. validate_certs: # If `no', SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m get_url -a "dest=/tmp/ url=https://mirrors.aliyun.com/ceph/rpm-luminous/el7/x86_64/ceph-12.2.9-0.el7.x86_64.rpm" node103.yinzhengjie.org.cn | SUCCESS => { "changed": true, "checksum_dest": null, "checksum_src": "0556d9ec37224656243b0a46dbd3521d1905e29e", "dest": "/tmp/ceph-12.2.9-0.el7.x86_64.rpm", "gid": 0, "group": "root", "md5sum": "b388d04a30312cb128129fc742dddd74", "mode": "0644", "msg": "OK (3024 bytes)", "owner": "root", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 3024, "src": "/tmp/tmpSjd6nI", "state": "file", "status_code": 200, "uid": 0, "url": "https://mirrors.aliyun.com/ceph/rpm-luminous/el7/x86_64/ceph-12.2.9-0.el7.x86_64.rpm" } node101.yinzhengjie.org.cn | SUCCESS => { "changed": true, "checksum_dest": null, "checksum_src": "0556d9ec37224656243b0a46dbd3521d1905e29e", "dest": "/tmp/ceph-12.2.9-0.el7.x86_64.rpm", "gid": 0, "group": "root", "md5sum": "b388d04a30312cb128129fc742dddd74", "mode": "0644", "msg": "OK (3024 bytes)", "owner": "root", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 3024, "src": "/tmp/tmpL88dfr", "state": "file", "status_code": 200, "uid": 0, "url": "https://mirrors.aliyun.com/ceph/rpm-luminous/el7/x86_64/ceph-12.2.9-0.el7.x86_64.rpm" } node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "checksum_dest": null, "checksum_src": "0556d9ec37224656243b0a46dbd3521d1905e29e", "dest": "/tmp/ceph-12.2.9-0.el7.x86_64.rpm", "gid": 0, "group": "root", "md5sum": "b388d04a30312cb128129fc742dddd74", "mode": "0644", "msg": "OK (3024 bytes)", "owner": "root", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 3024, "src": "/tmp/tmpIsAff7", "state": "file", "status_code": 200, "uid": 0, "url": "https://mirrors.aliyun.com/ceph/rpm-luminous/el7/x86_64/ceph-12.2.9-0.el7.x86_64.rpm" } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'ls -l /tmp | grep ceph' node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-r--r--. 1 root root 3024 Mar 8 07:16 ceph-12.2.9-0.el7.x86_64.rpm node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-r--r--. 1 root root 3024 Mar 8 07:16 ceph-12.2.9-0.el7.x86_64.rpm node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> -rw-r--r--. 1 root root 3024 Mar 8 07:16 ceph-12.2.9-0.el7.x86_64.rpm [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
12>.cron模块案例展示(为类unix主机定义周期性任务的模块)
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible-doc -s cron - name: Manage cron.d and crontab entries. cron: backup: # If set, create a backup of the crontab before it is modified. The location of the backup is returned in the `backup_file' variable by this module. cron_file: # If specified, uses this file instead of an individual user's crontab. If this is a relative path, it is interpreted with respect to /etc/cron.d. (If it is absolute, it will typically be /etc/crontab). Many linux distros expect (and some require) the filename portion to consist solely of upper- and lower-case letters, digits, underscores, and hyphens. To use the `cron_file' parameter you must specify the `user' as well. day: # Day of the month the job should run ( 1-31, *, */2, etc ) disabled: # If the job should be disabled (commented out) in the crontab. Only has effect if state=present env: # If set, manages a crontab's environment variable. New variables are added on top of crontab. "name" and "value" parameters are the name and the value of environment variable. hour: # Hour when the job should run ( 0-23, *, */2, etc ) insertafter: # Used with `state=present' and `env'. If specified, the environment variable will be inserted after the declaration of specified environment variable. insertbefore: # Used with `state=present' and `env'. If specified, the environment variable will be inserted before the declaration of specified environment variable. job: # The command to execute or, if env is set, the value of environment variable. The command should not contain line breaks. Required if state=present. minute: # Minute when the job should run ( 0-59, *, */2, etc ) month: # Month of the year the job should run ( 1-12, *, */2, etc ) name: # Description of a crontab entry or, if env is set, the name of environment variable. Required if state=absent. Note that if name is not set and state=present, then a new crontab entry will always be created, regardless of existing ones. reboot: # If the job should be run at reboot. This option is deprecated. Users should use special_time. special_time: # Special time specification nickname. state: # Whether to ensure the job or environment variable is present or absent. user: # The specific user whose crontab should be modified. weekday: # Day of the week that the job should run ( 0-6 for Sunday-Saturday, *, etc ) [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m cron -a "minute=*/5 job='/usr/sbin/ntpdate node101.yinzhengjie.org.cn &> /dev/null' name=timesync" node101.yinzhengjie.org.cn | SUCCESS => { "changed": true, "envs": [], "jobs": [ "timesync" ] } node103.yinzhengjie.org.cn | SUCCESS => { "changed": true, "envs": [], "jobs": [ "timesync" ] } node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "envs": [], "jobs": [ "timesync" ] } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'crontab -l' node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> #Ansible: timesync */5 * * * * /usr/sbin/ntpdate node101.yinzhengjie.org.cn &> /dev/null node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> #Ansible: timesync */5 * * * * /usr/sbin/ntpdate node101.yinzhengjie.org.cn &> /dev/null node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> #Ansible: timesync */5 * * * * /usr/sbin/ntpdate node101.yinzhengjie.org.cn &> /dev/null [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'crontab -l' node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> #Ansible: timesync */5 * * * * /usr/sbin/ntpdate node101.yinzhengjie.org.cn &> /dev/null node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> #Ansible: timesync */5 * * * * /usr/sbin/ntpdate node101.yinzhengjie.org.cn &> /dev/null node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> #Ansible: timesync */5 * * * * /usr/sbin/ntpdate node101.yinzhengjie.org.cn &> /dev/null [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m cron -a "state=absent name=timesync" node103.yinzhengjie.org.cn | SUCCESS => { "changed": true, "envs": [], "jobs": [] } node101.yinzhengjie.org.cn | SUCCESS => { "changed": true, "envs": [], "jobs": [] } node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "envs": [], "jobs": [] } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'crontab -l' node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
13>.yum模块案例展示(该模块用于包的管理工具,和debian的apt,suse的zypper,Fedora的dnf等类似)
[root@node101.yinzhengjie.org.cn ~]# ansible-doc -s yum - name: Manages packages with the `yum' package manager yum: allow_downgrade: # Specify if the named package and version is allowed to downgrade a maybe already installed higher version of that package. Note that setting allow_downgrade=True can make this module behave in a non-idempotent way. The task could end up with a set of packages that does not match the complete list of specified packages to install (because dependencies between the downgraded package and others can cause changes to the packages which were in the earlier transaction). conf_file: # The remote yum configuration file to use for the transaction. disable_gpg_check: # Whether to disable the GPG checking of signatures of packages being installed. Has an effect only if state is `present' or `latest'. disablerepo: # `Repoid' of repositories to disable for the install/update operation. These repos will not persist beyond the transaction. When specifying multiple repos, separate them with a ",". enablerepo: # `Repoid' of repositories to enable for the install/update operation. These repos will not persist beyond the transaction. When specifying multiple repos, separate them with a ",". exclude: # Package name(s) to exclude when state=present, or latest installroot: # Specifies an alternative installroot, relative to which all packages will be installed. list: # Package name to run the equivalent of yum list <package> against. name: # (required) Package name, or package specifier with version, like `name-1.0'. If a previous version is specified, the task also needs to turn `allow_downgrade' on. See the `allow_downgrade' documentation for caveats with downgrading packages. When using state=latest, this can be '*' which means run `yum -y update'. You can also pass a url or a local path to a rpm file (using state=present). To operate on several packages this can accept a comma separated list of packages or (as of 2.0) a list of packages. security: # If set to `yes', and `state=latest' then only installs updates that have been marked security related. skip_broken: # Resolve depsolve problems by removing packages that are causing problems from the trans‐ action. state: # Whether to install (`present' or `installed', `latest'), or remove (`absent' or `removed') a package. update_cache: # Force yum to check if cache is out of date and redownload if needed. Has an effect only if state is `present' or `latest'. validate_certs: # This only applies if using a https url as the source of the rpm. e.g. for localinstall. If set to `no', the SSL certificates will not be validated. This should only set to `no' used on personally controlled sites using self-signed certificates as it avoids verifying the source site. Prior to 2.1 the code worked as if this was set to `yes'. [root@node101.yinzhengjie.org.cn ~]#
root@node101.yinzhengjie.org.cn ~]# ansible all -m yum -a "name=git state=installed" ...... 4 4:5.16.3-294.el7_6 perl-Carp.noarch 0:1.26-244.el7 perl-Encode.x86_64 0:2.51-7.el7 perl-Error.noarch 1:0.17020-2.el7 perl-Exporter.noarch 0:5.68-3.el7 perl-File-Path.noarch 0:2.09-2.el7 perl-File-Temp.noarch 0:0.23.01-3.el7 perl-Filter.x86_64 0:1.49-3.el7 perl-Getopt-Long.noarch 0:2.40-3.el7 perl-Git.noarch 0:1.8.3.1-20.el7 perl-HTTP-Tiny.noarch 0:0.033-3.el7 perl-PathTools.x86_64 0:3.40-5.el7 perl-Pod-Escapes.noarch 1:1.04-294.el7_6 perl-Pod-Perldoc.noarch 0:3.20-4.el7 perl-Pod-Simple.noarch 1:3.28-4.el7 perl-Pod-Usage.noarch 0:1.63-3.el7 perl-Scalar-List-Utils.x86_64 0:1.27-248.el7 perl-Socket.x86_64 0:2.010-4.el7 perl-Storable.x86_64 0:2.45-3.el7 perl-TermReadKey.x86_64 0:2.30-20.el7 perl-Text-ParseWords.noarch 0:3.29-4.el7 perl-Time-HiRes.x86_64 4:1.9725-3.el7 perl-Time-Local.noarch 0:1.2300-2.el7 perl-constant.noarch 0:1.27-2.el7 perl-libs.x86_64 4:5.16.3-294.el7_6 perl-macros.x86_64 4:5.16.3-294.el7_6 perl-parent.noarch 1:0.225-244.el7 perl-podlators.noarch 0:2.5.1-3.el7 perl-threads.x86_64 0:1.87-4.el7 perl-threads-shared.x86_64 0:1.43-6.el7 rsync.x86_64 0:3.1.2-4.el7 Complete! " ] } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'yum info git' [WARNING]: Consider using yum module rather than running yum node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.nwsuaf.edu.cn * extras: mirrors.neusoft.edu.cn * updates: mirrors.neusoft.edu.cn Installed Packages Name : git Arch : x86_64 Version : 1.8.3.1 Release : 20.el7 Size : 22 M Repo : installed From repo : updates Summary : Fast Version Control System URL : http://git-scm.com/ License : GPLv2 Description : Git is a fast, scalable, distributed revision control system with : an unusually rich command set that provides both high-level : operations and full access to internals. : : The git rpm installs the core tools with minimal dependencies. To : install all git packages, including tools for integrating with : other SCMs, install the git-all meta-package. node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.shu.edu.cn * extras: mirrors.shu.edu.cn * updates: mirrors.nwsuaf.edu.cn Installed Packages Name : git Arch : x86_64 Version : 1.8.3.1 Release : 20.el7 Size : 22 M Repo : installed From repo : updates Summary : Fast Version Control System URL : http://git-scm.com/ License : GPLv2 Description : Git is a fast, scalable, distributed revision control system with : an unusually rich command set that provides both high-level : operations and full access to internals. : : The git rpm installs the core tools with minimal dependencies. To : install all git packages, including tools for integrating with : other SCMs, install the git-all meta-package. node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.shu.edu.cn * extras: mirrors.neusoft.edu.cn * updates: mirrors.neusoft.edu.cn Installed Packages Name : git Arch : x86_64 Version : 1.8.3.1 Release : 20.el7 Size : 22 M Repo : installed From repo : updates Summary : Fast Version Control System URL : http://git-scm.com/ License : GPLv2 Description : Git is a fast, scalable, distributed revision control system with : an unusually rich command set that provides both high-level : operations and full access to internals. : : The git rpm installs the core tools with minimal dependencies. To : install all git packages, including tools for integrating with : other SCMs, install the git-all meta-package. [root@node101.yinzhengjie.org.cn ~]#
14>.pip模块案例展示(用于安装和Python相关的模块,需要安装pip)
[root@node101.yinzhengjie.org.cn ~]# ansible-doc -s pip - name: Manages Python library dependencies. pip: chdir: # cd into this directory before running the command editable: # Pass the editable flag. executable: # The explicit executable or a pathname to the executable to be used to run pip for a specific version of Python installed in the system. For example `pip-3.3', if there are both Python 2.7 and 3.3 installations in the system and you want to run pip for the Python 3.3 installation. It cannot be specified together with the 'virtualenv' parameter (added in 2.1). By default, it will take the appropriate version for the python interpreter use by ansible, e.g. pip3 on python 3, and pip2 or pip on python 2. extra_args: # Extra arguments passed to pip. name: # The name of a Python library to install or the url of the remote package. As of 2.2 you can supply a list of names. requirements: # The path to a pip requirements file, which should be local to the remote system. File can be specified as a relative path if using the chdir option. state: # The state of module The 'forcereinstall' option is only available in Ansible 2.1 and above. umask: # The system umask to apply before installing the pip package. This is useful, for example, when installing on systems that have a very restrictive umask by default (e.g., 0077) and you want to pip install packages which are to be used by all users. Note that this requires you to specify desired umask mode in octal, with a leading 0 (e.g., 0077). version: # The version number to install of the Python library specified in the `name' parameter virtualenv: # An optional path to a `virtualenv' directory to install into. It cannot be specified together with the 'executable' parameter (added in 2.1). If the virtualenv does not exist, it will be created before installing packages. The optional virtualenv_site_packages, virtualenv_command, and virtualenv_python options affect the creation of the virtualenv. virtualenv_command: # The command or a pathname to the command to create the virtual environment with. For example `pyvenv', `virtualenv', `virtualenv2', `~/bin/virtualenv', `/usr/local/bin/virtualenv'. virtualenv_python: # The Python executable used for creating the virtual environment. For example `python3.5', `python2.7'. When not specified, the Python version used to run the ansible module is used. This parameter should not be used when `virtualenv_command' is using `pyvenv' or the `-m venv' module. virtualenv_site_packages: # Whether the virtual environment will inherit packages from the global site-packages directory. Note that if this setting changed on an already existing virtual environment it will not have any effect, the environment must be deleted and newly created. [root@node101.yinzhengjie.org.cn ~]#
15>.nmp模块案例展示(该模块用于管理前端的node.js模块)
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible-doc -s npm - name: Manage node.js packages with npm npm: executable: # The executable location for npm. This is useful if you are using a version manager, such as nvm global: # Install the node.js library globally ignore_scripts: # Use the --ignore-scripts flag when installing. name: # The name of a node.js library to install path: # The base path where to install the node.js libraries production: # Install dependencies in production mode, excluding devDependencies registry: # The registry to install modules from. state: # The state of the node.js library version: # The version to be installed [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
16>.hostname模块案例展示(该模块用于管理主机名的)
[root@node101.yinzhengjie.org.cn ~]# ansible-doc -s hostname - name: Manage hostname hostname: name: # (required) Name of the host [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
17>.server模块案例展示(该模块用于管理服务)
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible-doc -s service - name: Manage services. service: arguments: # Additional arguments provided on the command line enabled: # Whether the service should start on boot. *At least one of state and enabled are required.* name: # (required) Name of the service. pattern: # If the service does not respond to the status command, name a substring to look for as would be found in the output of the `ps' command as a stand-in for a status result. If the string is found, the service will be assumed to be running. runlevel: # For OpenRC init scripts (ex: Gentoo) only. The runlevel that this service belongs to. sleep: # If the service is being `restarted' then sleep this many seconds between the stop and start command. This helps to workaround badly behaving init scripts that exit immediately after signaling a process to stop. state: # `started'/`stopped' are idempotent actions that will not run commands unless necessary. `restarted' will always bounce the service. `reloaded' will always reload. *At least one of state and enabled are required.* Note that reloaded will start the service if it is not already started, even if your chosen init system wouldn't normally. use: # The service module actually uses system specific modules, normally through auto detection, this setting can force a specific module. Normally it uses the value of the 'ansible_service_mgr' fact and falls back to the old 'service' module when none matching is found. [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# ansible all -m yum -a "name=httpd state=installed" ......... mailcap.noarch 0:2.1.41-2.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: httpd x86_64 2.4.6-88.el7.centos base 2.7 M Installing for dependencies: apr x86_64 1.4.8-3.el7_4.1 base 103 k apr-util x86_64 1.5.2-6.el7 base 92 k httpd-tools x86_64 2.4.6-88.el7.centos base 90 k mailcap noarch 2.1.41-2.el7 base 31 k Transaction Summary ================================================================================ Install 1 Package (+4 Dependent packages) Total download size: 3.0 M Installed size: 10 M Downloading packages: -------------------------------------------------------------------------------- Total 132 kB/s | 3.0 MB 00:23 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : apr-1.4.8-3.el7_4.1.x86_64 1/5 Installing : apr-util-1.5.2-6.el7.x86_64 2/5 Installing : httpd-tools-2.4.6-88.el7.centos.x86_64 3/5 Installing : mailcap-2.1.41-2.el7.noarch 4/5 Installing : httpd-2.4.6-88.el7.centos.x86_64 5/5 Verifying : httpd-tools-2.4.6-88.el7.centos.x86_64 1/5 Verifying : apr-1.4.8-3.el7_4.1.x86_64 2/5 Verifying : mailcap-2.1.41-2.el7.noarch 3/5 Verifying : httpd-2.4.6-88.el7.centos.x86_64 4/5 Verifying : apr-util-1.5.2-6.el7.x86_64 5/5 Installed: httpd.x86_64 0:2.4.6-88.el7.centos Dependency Installed: apr.x86_64 0:1.4.8-3.el7_4.1 apr-util.x86_64 0:1.5.2-6.el7 httpd-tools.x86_64 0:2.4.6-88.el7.centos mailcap.noarch 0:2.1.41-2.el7 Complete! " ] } [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a 'yum info httpd' [WARNING]: Consider using yum module rather than running yum node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.shu.edu.cn * extras: mirrors.shu.edu.cn * updates: mirrors.nwsuaf.edu.cn Installed Packages Name : httpd Arch : x86_64 Version : 2.4.6 Release : 88.el7.centos Size : 9.4 M Repo : installed From repo : base Summary : Apache HTTP Server URL : http://httpd.apache.org/ License : ASL 2.0 Description : The Apache HTTP Server is a powerful, efficient, and extensible : web server. node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.shu.edu.cn * extras: mirrors.neusoft.edu.cn * updates: mirrors.neusoft.edu.cn Installed Packages Name : httpd Arch : x86_64 Version : 2.4.6 Release : 88.el7.centos Size : 9.4 M Repo : installed From repo : base Summary : Apache HTTP Server URL : http://httpd.apache.org/ License : ASL 2.0 Description : The Apache HTTP Server is a powerful, efficient, and extensible : web server. node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.nwsuaf.edu.cn * extras: mirrors.nwsuaf.edu.cn * updates: mirrors.nwsuaf.edu.cn Installed Packages Name : httpd Arch : x86_64 Version : 2.4.6 Release : 88.el7.centos Size : 9.4 M Repo : installed From repo : base Summary : Apache HTTP Server URL : http://httpd.apache.org/ License : ASL 2.0 Description : The Apache HTTP Server is a powerful, efficient, and extensible : web server. [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible all -m service -a "name=httpd state=started enabled=true" node101.yinzhengjie.org.cn | SUCCESS => { "changed": true, "enabled": true, "name": "httpd", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "network.target nss-lookup.target system.slice basic.target systemd-journald.socket remote-fs.target -.mount", "AllowIsolate": "no", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "yes", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "The Apache HTTP Server", "DevicePolicy": "auto", "Documentation": "man:httpd(8) man:apachectl(8)", "EnvironmentFile": "/etc/sysconfig/httpd (ignore_errors=no)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecReload": "{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -k graceful ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStart": "{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -DFOREGROUND ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStop": "{ path=/bin/kill ; argv[]=/bin/kill -WINCH ${MAINPID} ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/httpd.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "httpd.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "18", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "15033", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "15033", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "httpd.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "main", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "yes", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target -.mount", "RequiresMountsFor": "/tmp /var/tmp", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "notify", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "Wants": "system.slice", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } node103.yinzhengjie.org.cn | SUCCESS => { "changed": true, "enabled": true, "name": "httpd", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "systemd-journald.socket system.slice remote-fs.target nss-lookup.target -.mount basic.target network.target", "AllowIsolate": "no", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "yes", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "The Apache HTTP Server", "DevicePolicy": "auto", "Documentation": "man:httpd(8) man:apachectl(8)", "EnvironmentFile": "/etc/sysconfig/httpd (ignore_errors=no)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecReload": "{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -k graceful ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStart": "{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -DFOREGROUND ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStop": "{ path=/bin/kill ; argv[]=/bin/kill -WINCH ${MAINPID} ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/httpd.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "httpd.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "18", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "15033", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "15033", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "httpd.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "main", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "yes", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target -.mount", "RequiresMountsFor": "/tmp /var/tmp", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "notify", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "Wants": "system.slice", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } node102.yinzhengjie.org.cn | SUCCESS => { "changed": true, "enabled": true, "name": "httpd", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "system.slice nss-lookup.target network.target systemd-journald.socket remote-fs.target -.mount basic.target", "AllowIsolate": "no", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "yes", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "The Apache HTTP Server", "DevicePolicy": "auto", "Documentation": "man:httpd(8) man:apachectl(8)", "EnvironmentFile": "/etc/sysconfig/httpd (ignore_errors=no)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecReload": "{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -k graceful ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStart": "{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -DFOREGROUND ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStop": "{ path=/bin/kill ; argv[]=/bin/kill -WINCH ${MAINPID} ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/httpd.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "httpd.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "18", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "15033", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "15033", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "httpd.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "main", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "yes", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "-.mount basic.target", "RequiresMountsFor": "/tmp /var/tmp", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "notify", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "Wants": "system.slice", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# ansible all -m shell -a "systemctl is-enabled httpd" node101.yinzhengjie.org.cn | SUCCESS | rc=0 >> enabled node102.yinzhengjie.org.cn | SUCCESS | rc=0 >> enabled node103.yinzhengjie.org.cn | SUCCESS | rc=0 >> enabled [root@node101.yinzhengjie.org.cn ~]#
18.git模块案例展示(使用版本控制功能,需要安装git程序包)
[root@node101.yinzhengjie.org.cn ~]# ansible-doc -s git - name: Deploy software (or files) from git checkouts git: accept_hostkey: # if `yes', ensure that "-o StrictHostKeyChecking=no" is present as an ssh options. archive: # Specify archive file path with extension. If specified, creates an archive file of the specified format containing the tree structure for the source tree. Allowed archive formats ["zip", "tar.gz", "tar", "tgz"] bare: # if `yes', repository will be created as a bare repo, otherwise it will be a standard repo with a workspace. clone: # If `no', do not clone the repository if it does not exist locally depth: # Create a shallow clone with a history truncated to the specified number or revisions. The minimum possible value is `1', otherwise ignored. Needs `git>=1.9.1' to work correctly. dest: # (required) The path of where the repository should be checked out. This parameter is required, unless `clone' is set to `no'. executable: # Path to git executable to use. If not supplied, the normal mechanism for resolving binary paths will be used. force: # If `yes', any modified files in the working repository will be discarded. Prior to 0.7, this was always 'yes' and could not be disabled. Prior to 1.9, the default was `yes` key_file: # Specify an optional private key file to use for the checkout. recursive: # if `no', repository will be cloned without the --recursive option, skipping sub-modules. reference: # Reference repository (see "git clone --reference ...") refspec: # Add an additional refspec to be fetched. If version is set to a `SHA-1' not reachable from any branch or tag, this option may be necessary to specify the ref containing the `SHA-1'. Uses the same syntax as the 'git fetch' command. An example value could be "refs/meta/config". remote: # Name of the remote. repo: # (required) git, SSH, or HTTP(S) protocol address of the git repository. ssh_opts: # Creates a wrapper script and exports the path as GIT_SSH which git then automatically uses to override ssh arguments. An example value could be "-o StrictHostKeyChecking=no" track_submodules: # if `yes', submodules will track the latest commit on their master branch (or other branch specified in .gitmodules). If `no', submodules will be kept at the revision specified by the main project. This is equivalent to specifying the --remote flag to git submodule update. umask: # The umask to set before doing any checkouts, or any other repository maintenance. update: # If `no', do not retrieve new revisions from the origin repository Operations like archive will work on the existing (old) repository and might not respond to changes to the options version or remote. verify_commit: # if `yes', when cloning or checking out a `version' verify the signature of a GPG signed commit. This requires `git' version>=2.1.0 to be installed. The commit MUST be signed and the public key MUST be present in the GPG keyring. version: # What version of the repository to check out. This can be the the literal string `HEAD', a branch name, a tag name. It can also be a `SHA-1' hash, in which case `refspec' needs to be specified if the given revision is not already available. [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# ansible node103.yinzhengjie.org.cn -m git -a "repo=https://github.com/kubernetes/kubernetes.git dest=/tmp/kubernetes" .....此过程等待时间相对较长!我们可以看到.git目录有在不断的增大! [root@node103.yinzhengjie.org.cn ~]# [root@node103.yinzhengjie.org.cn ~]# du -sh /tmp/kubernetes/.git/ 256M /tmp/kubernetes/.git/ [root@node103.yinzhengjie.org.cn ~]# [root@node103.yinzhengjie.org.cn ~]#
19>.setup模块案例展示(该模块用于获取系统的环境信息,如系统版本,内存大小,CPU的核心数等等)
[root@node101.yinzhengjie.org.cn ~]# ansible-doc -s setup - name: Gathers facts about remote hosts setup: fact_path: # path used for local ansible facts (*.fact) - files in this dir will be run (if executable) and their results be added to ansible_local facts if a file is not executable it is read. Check notes for Windows options. (from 2.1 on) File/results format can be json or ini-format filter: # if supplied, only return facts that match this shell-style (fnmatch) wildcard. gather_subset: # if supplied, restrict the additional facts collected to the given subset. Possible values: all, min, hardware, network, virtual, ohai, and facter Can specify a list of values to specify a larger subset. Values can also be used with an initial `!' to specify that that specific subset should not be collected. For instance: !hardware, !network, !virtual, !ohai, !facter. If !all is specified then only the min subset is collected. To avoid collecting even the min subset, specify !all and !min subsets. To collect only specific facts, use !all, !min, and specify the particular fact subsets. Use the filter parameter if you do not want to display some collected facts. gather_timeout: # Set the default timeout in seconds for individual fact gathering [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ansible node103.yinzhengjie.org.cn -m setup node103.yinzhengjie.org.cn | SUCCESS => { "ansible_facts": { "ansible_all_ipv4_addresses": [ "172.30.1.103" ], "ansible_all_ipv6_addresses": [ "fe80::20c:29ff:fe2d:854d" ], "ansible_apparmor": { "status": "disabled" }, "ansible_architecture": "x86_64", "ansible_bios_date": "07/02/2015", "ansible_bios_version": "6.00", "ansible_cmdline": { "BOOT_IMAGE": "/vmlinuz-3.10.0-327.el7.x86_64", "LANG": "en_US.UTF-8", "crashkernel": "auto", "quiet": true, "rhgb": true, "ro": true, "root": "UUID=78ac4e81-6cff-4c37-a934-66f99eaa6faa" }, "ansible_date_time": { "date": "2019-03-08", "day": "08", "epoch": "1552098415", "hour": "18", "iso8601": "2019-03-09T02:26:55Z", "iso8601_basic": "20190308T182655943482", "iso8601_basic_short": "20190308T182655", "iso8601_micro": "2019-03-09T02:26:55.943560Z", "minute": "26", "month": "03", "second": "55", "time": "18:26:55", "tz": "PST", "tz_offset": "-0800", "weekday": "Friday", "weekday_number": "5", "weeknumber": "09", "year": "2019" }, "ansible_default_ipv4": { "address": "172.30.1.103", "alias": "eno16777736", "broadcast": "172.30.1.255", "gateway": "172.30.1.254", "interface": "eno16777736", "macaddress": "00:0c:29:2d:85:4d", "mtu": 1500, "netmask": "255.255.255.0", "network": "172.30.1.0", "type": "ether" }, "ansible_default_ipv6": {}, "ansible_device_links": { "ids": { "sr0": [ "ata-VMware_Virtual_IDE_CDROM_Drive_00000000000000000001" ], "sr1": [ "ata-VMware_Virtual_IDE_CDROM_Drive_10000000000000000001" ] }, "labels": { "sr1": [ "CentOS\x207\x20x86_64" ] }, "masters": {}, "uuids": { "sda1": [ "eb3fbdbb-66dc-4fa1-a3ae-bc306b3dbaee" ], "sda2": [ "ddfa1c29-f51f-4432-87cc-b7e5b0f86cbc" ], "sda3": [ "78ac4e81-6cff-4c37-a934-66f99eaa6faa" ], "sr1": [ "2015-12-09-23-03-16-00" ] } }, "ansible_devices": { "sda": { "holders": [], "host": "", "links": { "ids": [], "labels": [], "masters": [], "uuids": [] }, "model": "VMware Virtual S", "partitions": { "sda1": { "holders": [], "links": { "ids": [], "labels": [], "masters": [], "uuids": [ "eb3fbdbb-66dc-4fa1-a3ae-bc306b3dbaee" ] }, "sectors": "614400", "sectorsize": 512, "size": "300.00 MB", "start": "2048", "uuid": "eb3fbdbb-66dc-4fa1-a3ae-bc306b3dbaee" }, "sda2": { "holders": [], "links": { "ids": [], "labels": [], "masters": [], "uuids": [ "ddfa1c29-f51f-4432-87cc-b7e5b0f86cbc" ] }, "sectors": "4196352", "sectorsize": 512, "size": "2.00 GB", "start": "616448", "uuid": "ddfa1c29-f51f-4432-87cc-b7e5b0f86cbc" }, "sda3": { "holders": [], "links": { "ids": [], "labels": [], "masters": [], "uuids": [ "78ac4e81-6cff-4c37-a934-66f99eaa6faa" ] }, "sectors": "100044800", "sectorsize": 512, "size": "47.71 GB", "start": "4812800", "uuid": "78ac4e81-6cff-4c37-a934-66f99eaa6faa" } }, "removable": "0", "rotational": "1", "sas_address": null, "sas_device_handle": null, "scheduler_mode": "deadline", "sectors": "104857600", "sectorsize": "512", "size": "50.00 GB", "support_discard": "0", "vendor": "VMware,", "virtual": 1 }, "sr0": { "holders": [], "host": "", "links": { "ids": [ "ata-VMware_Virtual_IDE_CDROM_Drive_00000000000000000001" ], "labels": [], "masters": [], "uuids": [] }, "model": "VMware IDE CDR00", "partitions": {}, "removable": "1", "rotational": "1", "sas_address": null, "sas_device_handle": null, "scheduler_mode": "cfq", "sectors": "2097151", "sectorsize": "512", "size": "1024.00 MB", "support_discard": "0", "vendor": "NECVMWar", "virtual": 1 }, "sr1": { "holders": [], "host": "", "links": { "ids": [ "ata-VMware_Virtual_IDE_CDROM_Drive_10000000000000000001" ], "labels": [ "CentOS\x207\x20x86_64" ], "masters": [], "uuids": [ "2015-12-09-23-03-16-00" ] }, "model": "VMware IDE CDR10", "partitions": {}, "removable": "1", "rotational": "1", "sas_address": null, "sas_device_handle": null, "scheduler_mode": "cfq", "sectors": "1234944", "sectorsize": "2048", "size": "2.36 GB", "support_discard": "0", "vendor": "NECVMWar", "virtual": 1 } }, "ansible_distribution": "CentOS", "ansible_distribution_file_parsed": true, "ansible_distribution_file_path": "/etc/redhat-release", "ansible_distribution_file_variety": "RedHat", "ansible_distribution_major_version": "7", "ansible_distribution_release": "Core", "ansible_distribution_version": "7.2.1511", "ansible_dns": { "nameservers": [ "172.30.1.254" ], "search": [ "yinzhengjie.org.cn" ] }, "ansible_domain": "yinzhengjie.org.cn", "ansible_effective_group_id": 0, "ansible_effective_user_id": 0, "ansible_eno16777736": { "active": true, "device": "eno16777736", "features": { "busy_poll": "off [fixed]", "fcoe_mtu": "off [fixed]", "generic_receive_offload": "on", "generic_segmentation_offload": "on", "highdma": "off [fixed]", "large_receive_offload": "off [fixed]", "loopback": "off [fixed]", "netns_local": "off [fixed]", "ntuple_filters": "off [fixed]", "receive_hashing": "off [fixed]", "rx_all": "off", "rx_checksumming": "off", "rx_fcs": "off", "rx_vlan_filter": "on [fixed]", "rx_vlan_offload": "on", "rx_vlan_stag_filter": "off [fixed]", "rx_vlan_stag_hw_parse": "off [fixed]", "scatter_gather": "on", "tcp_segmentation_offload": "on", "tx_checksum_fcoe_crc": "off [fixed]", "tx_checksum_ip_generic": "on", "tx_checksum_ipv4": "off [fixed]", "tx_checksum_ipv6": "off [fixed]", "tx_checksum_sctp": "off [fixed]", "tx_checksumming": "on", "tx_fcoe_segmentation": "off [fixed]", "tx_gre_segmentation": "off [fixed]", "tx_gso_robust": "off [fixed]", "tx_ipip_segmentation": "off [fixed]", "tx_lockless": "off [fixed]", "tx_mpls_segmentation": "off [fixed]", "tx_nocache_copy": "off", "tx_scatter_gather": "on", "tx_scatter_gather_fraglist": "off [fixed]", "tx_sit_segmentation": "off [fixed]", "tx_tcp6_segmentation": "off [fixed]", "tx_tcp_ecn_segmentation": "off [fixed]", "tx_tcp_segmentation": "on", "tx_udp_tnl_segmentation": "off [fixed]", "tx_vlan_offload": "on [fixed]", "tx_vlan_stag_hw_insert": "off [fixed]", "udp_fragmentation_offload": "off [fixed]", "vlan_challenged": "off [fixed]" }, "hw_timestamp_filters": [], "ipv4": { "address": "172.30.1.103", "broadcast": "172.30.1.255", "netmask": "255.255.255.0", "network": "172.30.1.0" }, "ipv6": [ { "address": "fe80::20c:29ff:fe2d:854d", "prefix": "64", "scope": "link" } ], "macaddress": "00:0c:29:2d:85:4d", "module": "e1000", "mtu": 1500, "pciid": "0000:02:01.0", "promisc": false, "speed": 1000, "timestamping": [ "tx_software", "rx_software", "software" ], "type": "ether" }, "ansible_env": { "HOME": "/root", "LANG": "en_US.UTF-8", "LESSOPEN": "||/usr/bin/lesspipe.sh %s", "LOGNAME": "root", "MAIL": "/var/mail/root", "PATH": "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin", "PWD": "/root", "SELINUX_LEVEL_REQUESTED": "", "SELINUX_ROLE_REQUESTED": "", "SELINUX_USE_CURRENT_RANGE": "", "SHELL": "/bin/bash", "SHLVL": "2", "SSH_CLIENT": "172.30.1.101 46040 22", "SSH_CONNECTION": "172.30.1.101 46040 172.30.1.103 22", "SSH_TTY": "/dev/pts/1", "TERM": "xterm", "USER": "root", "XDG_RUNTIME_DIR": "/run/user/0", "XDG_SESSION_ID": "19", "_": "/usr/bin/python" }, "ansible_fips": false, "ansible_form_factor": "Other", "ansible_fqdn": "node103.yinzhengjie.org.cn", "ansible_hostname": "node103", "ansible_interfaces": [ "lo", "eno16777736" ], "ansible_kernel": "3.10.0-327.el7.x86_64", "ansible_lo": { "active": true, "device": "lo", "features": { "busy_poll": "off [fixed]", "fcoe_mtu": "off [fixed]", "generic_receive_offload": "on", "generic_segmentation_offload": "on", "highdma": "on [fixed]", "large_receive_offload": "off [fixed]", "loopback": "on [fixed]", "netns_local": "on [fixed]", "ntuple_filters": "off [fixed]", "receive_hashing": "off [fixed]", "rx_all": "off [fixed]", "rx_checksumming": "on [fixed]", "rx_fcs": "off [fixed]", "rx_vlan_filter": "off [fixed]", "rx_vlan_offload": "off [fixed]", "rx_vlan_stag_filter": "off [fixed]", "rx_vlan_stag_hw_parse": "off [fixed]", "scatter_gather": "on", "tcp_segmentation_offload": "on", "tx_checksum_fcoe_crc": "off [fixed]", "tx_checksum_ip_generic": "on [fixed]", "tx_checksum_ipv4": "off [fixed]", "tx_checksum_ipv6": "off [fixed]", "tx_checksum_sctp": "off [fixed]", "tx_checksumming": "on", "tx_fcoe_segmentation": "off [fixed]", "tx_gre_segmentation": "off [fixed]", "tx_gso_robust": "off [fixed]", "tx_ipip_segmentation": "off [fixed]", "tx_lockless": "on [fixed]", "tx_mpls_segmentation": "off [fixed]", "tx_nocache_copy": "off [fixed]", "tx_scatter_gather": "on [fixed]", "tx_scatter_gather_fraglist": "on [fixed]", "tx_sit_segmentation": "off [fixed]", "tx_tcp6_segmentation": "on", "tx_tcp_ecn_segmentation": "on", "tx_tcp_segmentation": "on", "tx_udp_tnl_segmentation": "off [fixed]", "tx_vlan_offload": "off [fixed]", "tx_vlan_stag_hw_insert": "off [fixed]", "udp_fragmentation_offload": "on", "vlan_challenged": "on [fixed]" }, "hw_timestamp_filters": [], "ipv4": { "address": "127.0.0.1", "broadcast": "host", "netmask": "255.0.0.0", "network": "127.0.0.0" }, "ipv6": [ { "address": "::1", "prefix": "128", "scope": "host" } ], "mtu": 65536, "promisc": false, "timestamping": [ "rx_software", "software" ], "type": "loopback" }, "ansible_local": {}, "ansible_lsb": {}, "ansible_machine": "x86_64", "ansible_machine_id": "d1667a8e7e71407d8b380ec3588d6c19", "ansible_memfree_mb": 3396, "ansible_memory_mb": { "nocache": { "free": 3578, "used": 198 }, "real": { "free": 3396, "total": 3776, "used": 380 }, "swap": { "cached": 0, "free": 2048, "total": 2048, "used": 0 } }, "ansible_memtotal_mb": 3776, "ansible_mounts": [ { "block_available": 12090770, "block_size": 4096, "block_total": 12499494, "block_used": 408724, "device": "/dev/sda3", "fstype": "xfs", "inode_available": 49994340, "inode_total": 50022400, "inode_used": 28060, "mount": "/", "options": "rw,seclabel,relatime,attr2,inode64,noquota", "size_available": 49523793920, "size_total": 51197927424, "uuid": "78ac4e81-6cff-4c37-a934-66f99eaa6faa" }, { "block_available": 48762, "block_size": 4096, "block_total": 75947, "block_used": 27185, "device": "/dev/sda1", "fstype": "xfs", "inode_available": 306870, "inode_total": 307200, "inode_used": 330, "mount": "/boot", "options": "rw,seclabel,relatime,attr2,inode64,noquota", "size_available": 199729152, "size_total": 311078912, "uuid": "eb3fbdbb-66dc-4fa1-a3ae-bc306b3dbaee" } ], "ansible_nodename": "node103.yinzhengjie.org.cn", "ansible_os_family": "RedHat", "ansible_pkg_mgr": "yum", "ansible_processor": [ "0", "GenuineIntel", "Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz", "1", "GenuineIntel", "Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz" ], "ansible_processor_cores": 2, "ansible_processor_count": 1, "ansible_processor_threads_per_core": 1, "ansible_processor_vcpus": 2, "ansible_product_name": "VMware Virtual Platform", "ansible_product_serial": "VMware-56 4d 02 1d 11 c9 80 17-d2 f9 99 c1 21 2d 85 4d", "ansible_product_uuid": "564D021D-11C9-8017-D2F9-99C1212D854D", "ansible_product_version": "None", "ansible_python": { "executable": "/usr/bin/python", "has_sslcontext": true, "type": "CPython", "version": { "major": 2, "micro": 5, "minor": 7, "releaselevel": "final", "serial": 0 }, "version_info": [ 2, 7, 5, "final", 0 ] }, "ansible_python_version": "2.7.5", "ansible_real_group_id": 0, "ansible_real_user_id": 0, "ansible_selinux": { "config_mode": "enforcing", "mode": "permissive", "policyvers": 28, "status": "enabled", "type": "targeted" }, "ansible_selinux_python_present": true, "ansible_service_mgr": "systemd", "ansible_ssh_host_key_ecdsa_public": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLc4QsqAEfqTr9pbPN00BWwGm/WrSlie/wRJomj0yr49Kl4e2vnURC0pp9ntIfXM8k77CsjU5LvGSE0Rp1HjXoo=", "ansible_ssh_host_key_ed25519_public": "AAAAC3NzaC1lZDI1NTE5AAAAIOwEVW/b+vaFbH2PjbP0z2ZbNgMMQMxwcjJvkl4O4E/q", "ansible_ssh_host_key_rsa_public": "AAAAB3NzaC1yc2EAAAADAQABAAABAQDM5pE4BDCwyIyUaT7vC1SLwfiYUnUsAPVuyNM6R2fw/HeML+M7YXg7aAS/PlBjvaYIOQu0z4SgjSQwhqE+828pwP9J2Glaff0/xl46xBIdik8GPnoTy8Fx/Xd8XDjU48DeVFqPeXeSPMrhF+pjqtW5YuTNY4vMiKQ0qRUmJ5bJ8uzJjGEIcmILhyULPK8okxs9QuQKXCxRdaK03tmWjLZ5Fc5GD36XeyaudoDJfxNC85Iim7NrosA4AtuUT5ajCAOWQBY8YaINK2SlVgOwgGxBdfumBGorK9tFBZFxicJOfmdTpW8owrz11JRYHujuLYcLery7e9RTeynxxOU/Q6cz", "ansible_swapfree_mb": 2048, "ansible_swaptotal_mb": 2048, "ansible_system": "Linux", "ansible_system_capabilities": [ "cap_chown", "cap_dac_override", "cap_dac_read_search", "cap_fowner", "cap_fsetid", "cap_kill", "cap_setgid", "cap_setuid", "cap_setpcap", "cap_linux_immutable", "cap_net_bind_service", "cap_net_broadcast", "cap_net_admin", "cap_net_raw", "cap_ipc_lock", "cap_ipc_owner", "cap_sys_module", "cap_sys_rawio", "cap_sys_chroot", "cap_sys_ptrace", "cap_sys_pacct", "cap_sys_admin", "cap_sys_boot", "cap_sys_nice", "cap_sys_resource", "cap_sys_time", "cap_sys_tty_config", "cap_mknod", "cap_lease", "cap_audit_write", "cap_audit_control", "cap_setfcap", "cap_mac_override", "cap_mac_admin", "cap_syslog", "35", "36+ep" ], "ansible_system_capabilities_enforced": "True", "ansible_system_vendor": "VMware, Inc.", "ansible_uptime_seconds": 10249, "ansible_user_dir": "/root", "ansible_user_gecos": "root", "ansible_user_gid": 0, "ansible_user_id": "root", "ansible_user_shell": "/bin/bash", "ansible_user_uid": 0, "ansible_userspace_architecture": "x86_64", "ansible_userspace_bits": "64", "ansible_virtualization_role": "guest", "ansible_virtualization_type": "VMware", "gather_subset": [ "all" ], "module_setup": true }, "changed": false } [root@node101.yinzhengjie.org.cn ~]#
20>.