1、ansible安裝部署過程特別簡(jiǎn)單,學(xué)習(xí)曲線很平坦;
2、不需要單獨(dú)安裝客戶端,知識(shí)利用現(xiàn)有的SSHD服務(wù)(協(xié)議)即可。
3、基于Python開發(fā),集合了眾多運(yùn)維工具(puppet、chef、func、fabric)的優(yōu)點(diǎn),實(shí)現(xiàn)了批量系統(tǒng)配置、批量程序部署、批量運(yùn)行命令等功能。
創(chuàng)新互聯(lián)公司專業(yè)為企業(yè)提供德州網(wǎng)站建設(shè)、德州做網(wǎng)站、德州網(wǎng)站設(shè)計(jì)、德州網(wǎng)站制作等企業(yè)網(wǎng)站建設(shè)、網(wǎng)頁(yè)設(shè)計(jì)與制作、德州企業(yè)網(wǎng)站模板建站服務(wù),十年德州做網(wǎng)站經(jīng)驗(yàn),不只是建網(wǎng)站,更提供有價(jià)值的思路和整體網(wǎng)絡(luò)服務(wù)。
1、部署簡(jiǎn)單,只需在主控端部署Ansible環(huán)境,被控端無需做任何操作;
2、默認(rèn)使用SSH協(xié)議對(duì)設(shè)備進(jìn)行管理;
3、有大量常規(guī)運(yùn)維操作模塊,可實(shí)現(xiàn)日常絕大部分操作;
4、配置簡(jiǎn)單、功能強(qiáng)大、擴(kuò)展性強(qiáng);
5、支持API及自定義模塊,可通過Python輕松擴(kuò)展;
6、通過Playbooks來定制強(qiáng)大的配置、狀態(tài)管理;
7、輕量級(jí),無需在客戶端安裝agent,更新時(shí),只需在操作機(jī)上進(jìn)行一次更新即可;
8、提供一個(gè)功能強(qiáng)大、操作性強(qiáng)的Web管理界面和REST API接口——AWX平臺(tái)。
Ansible:Ansible核心程序。
HostInventory:記錄由Ansible管理的主機(jī)信息,包括端口、密碼、ip等。
Playbooks:“劇本”YAML格式文件,多個(gè)任務(wù)定義在一個(gè)文件中,定義主機(jī)需要調(diào)用哪些模塊來完成的功能。
CoreModules:核心模塊,主要操作是通過調(diào)用核心模塊來完成管理任務(wù)。
CustomModules:自定義模塊,完成核心模塊無法完成的功能,支持多種語言。
ConnectionPlugins:連接插件,Ansible和Host通信使用
ad-hoc模式(點(diǎn)對(duì)點(diǎn)模式)
使用單個(gè)模塊,支持批量執(zhí)行單條命令。ad-hoc 命令是一種可以快速輸入的命令,而且不需要保存起來的命令。就相當(dāng)于bash中的一句話shell。
playbook模式(劇本模式)
是Ansible主要管理方式,也是Ansible功能強(qiáng)大的關(guān)鍵所在。playbook通過多個(gè)task集合完成一類功能,如Web服務(wù)的安裝部署、數(shù)據(jù)庫(kù)服務(wù)器的批量備份等??梢院?jiǎn)單地把playbook理解為通過組合多條ad-hoc操作的配置文件。
簡(jiǎn)單理解就是Ansible在運(yùn)行時(shí), 首先讀取ansible.cfg中的配置, 根據(jù)規(guī)則獲取Inventory中的管理主機(jī)列表, 并行的在這些主機(jī)中執(zhí)行配置的任務(wù), 最后等待執(zhí)行返回的結(jié)果。
環(huán)境
管理端:CentOS 7-2 192.168.18.147
被管理端1:CentOS 7-3 192.168.18.128
被管理端2:CentOS 7-4 192.168.18.148
管理端:
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
[root@localhost ~]# yum install epel-release -y
[root@localhost ~]# yum install ansible -y
[root@localhost ~]# ansible --version
ansible 2.9.2
[root@localhost ~]# yum install tree -y
[root@localhost ~]# tree /etc/ansible/
/etc/ansible/
├── ansible.cfg #配置文件
├── hosts
└── roles
1 directory, 2 files
`配置主機(jī)清單`
[root@localhost ~]# vim /etc/ansible/hosts
#在24行下插入以下內(nèi)容
[webserver]
192.168.18.128
[MySQL]
192.168.18.148
`生成密鑰對(duì)`
[root@localhost ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): #直接回車
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): #輸入密碼:abc123
Enter same passphrase again: #再次輸入密碼:abc123
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:5RvIVqbI9hscNK1Y4YivNnnUEgQeNfNm/WJcBXr8jWc root@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
| oo= . ... |
| . + * + o . |
| o o O B + |
| o @ @ + . o |
| O S * . o E|
| = = o + o |
| = . + . |
| . o o |
| . |
+----[SHA256]-----+
`密鑰對(duì)位置`
[root@localhost ~]# ls -la
總用量 56
......
drwx------. 2 root root 38 1月 22 17:34 .ssh
......此處省略多行
[root@localhost ~]# cd .ssh/
[root@localhost .ssh]# ls
id_rsa(私鑰) id_rsa.pub(公鑰)
`把密鑰推給被管理端1`
[root@localhost .ssh]# ssh-copy-id root@192.168.18.128
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.18.128 (192.168.18.128)' can't be established.
ECDSA key fingerprint is SHA256:mTT+FEtzAu4X3D5srZlz93S3gye8MzbqVZFDzfJd4Gk.
ECDSA key fingerprint is MD5:fa:5a:88:23:49:60:9b:b8:7e:4b:14:4b:3f:cd:96:a0.
Are you sure you want to continue connecting (yes/no)? yes #確認(rèn)鏈接
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.18.128's password: #輸入相對(duì)應(yīng)被管理端的root密碼
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.18.128'"
and check to make sure that only the key(s) you wanted were added.
`把密鑰推給被管理端2`
[root@localhost .ssh]# ssh-copy-id root@192.168.18.148
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.18.148 (192.168.18.148)' can't be established.
ECDSA key fingerprint is SHA256:mTT+FEtzAu4X3D5srZlz93S3gye8MzbqVZFDzfJd4Gk.
ECDSA key fingerprint is MD5:fa:5a:88:23:49:60:9b:b8:7e:4b:14:4b:3f:cd:96:a0.
Are you sure you want to continue connecting (yes/no)? yes #確認(rèn)鏈接
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.18.148's password: #輸入相對(duì)應(yīng)被管理端的root密碼
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.18.148'"
and check to make sure that only the key(s) you wanted were added.
驗(yàn)證密鑰是否推送成功:
被管理端1:192.168.18.128
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
[root@localhost ~]# cd .ssh/
[root@localhost .ssh]# ls
authorized_keys
#此時(shí)密鑰推送成功
被管理端2:
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
[root@localhost ~]# cd .ssh/
[root@localhost .ssh]# ls
authorized_keys
#此時(shí)密鑰推送成功
1、command模塊
`使用IP地址查看被管理端1的時(shí)間`
[root@localhost .ssh]# ansible 192.168.18.128 -m command -a 'date'
Enter passphrase for key '/root/.ssh/id_rsa': #輸入密鑰密碼abc123
192.168.18.128 | CHANGED | rc=0 >>
2020年 02月 02日 星期日 15:53:20 CST
`使用別名查看被管理端2的時(shí)間`
[root@localhost .ssh]# ansible mysql -m command -a 'date'
Enter passphrase for key '/root/.ssh/id_rsa': #輸入密鑰密碼abc123
192.168.18.148 | CHANGED | rc=0 >>
2020年 02月 02日 星期日 15:55:13 CST
`為避免總是輸入密碼的麻煩,我們可以執(zhí)行免交互代理`
[root@localhost .ssh]# ssh-agent bash
[root@localhost .ssh]# ssh-add
Enter passphrase for /root/.ssh/id_rsa: #輸入密鑰密碼abc123
Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa)
[root@localhost .ssh]# ansible webserver -m command -a 'date'
192.168.18.128 | CHANGED | rc=0 >>
2020年 02月 02日 星期日 16:01:40 CST
#此時(shí)可以免交互直接顯示時(shí)間
`所有hosts主機(jī)執(zhí)行date命令`
[root@localhost .ssh]# ansible all -a 'date'
192.168.18.128 | CHANGED | rc=0 >>
2020年 02月 02日 星期日 16:21:08 CST
192.168.18.148 | CHANGED | rc=0 >>
2020年 02月 02日 星期日 16:21:08 CST
2、cron模塊【兩種狀態(tài)(state):present表示添加(可以省略),absent表示移除】
[root@localhost .ssh]# ansible mysql -m cron -a 'minute="*/1" job="/usr/bin/echo hello" name="test hello"'
192.168.18.148 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": [
"test hello"
]
}
[root@localhost .ssh]# ansible mysql -a 'crontab -l'
192.168.18.148 | CHANGED | rc=0 >>
#Ansible: test hello
*/1 * * * * /usr/bin/echo hello
此時(shí)我們可以進(jìn)入被管理端2進(jìn)行驗(yàn)證:
[root@localhost .ssh]# crontab -l
#Ansible: test hello
*/1 * * * * /usr/bin/echo hello
您在 /var/spool/mail/root 中有新郵件
[root@localhost .ssh]# vim /var/spool/mail/root
From root@localhost.localdomain Sun Feb 2 16:40:02 2020
Return-Path:
X-Original-To: root
Delivered-To: root@localhost.localdomain
Received: by localhost.localdomain (Postfix, from userid 0)
id 2255A319AE4E; Sun, 2 Feb 2020 16:40:02 +0800 (CST)
From: "(Cron Daemon)"
To: root@localhost.localdomain
Subject: Cron /usr/bin/echo hello
Content-Type: text/plain; charset=UTF-8
Auto-Submitted: auto-generated
Precedence: bulk
X-Cron-Env:
X-Cron-Env:
X-Cron-Env:
X-Cron-Env:
X-Cron-Env:
X-Cron-Env:
X-Cron-Env:
X-Cron-Env:
Message-Id: <20200202084002.2255A319AE4E@localhost.localdomain>
Date: Sun, 2 Feb 2020 16:40:02 +0800 (CST)
hello
#以下省略多行,每分鐘生成一個(gè)
此時(shí)移除計(jì)劃性任務(wù),使用absent:
[root@localhost .ssh]# ansible mysql -m cron -a 'name="test hello" state=absent'
192.168.18.148 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"envs": [],
"jobs": []
}
`此時(shí)再回到被管理端2中會(huì)發(fā)現(xiàn)計(jì)劃任務(wù)消失`
[root@localhost ~]# crontab -l
3、user模塊【user模塊是請(qǐng)求的是useradd, userdel, usermod三個(gè)指令】
`創(chuàng)建用戶test01`
[root@localhost ~]# ansible all -m user -a 'name=test01'
192.168.18.128 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1001,
"home": "/home/test01",
"name": "test01",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1001
}
192.168.18.148 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1001,
"home": "/home/test01",
"name": "test01",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1001
}
`此時(shí)回到被管理端1中驗(yàn)證添加用戶`
[root@localhost ~]# id test01
uid=1001(test01) gid=1001(test01) 組=1001(test01)
`此時(shí)回到被管理端2中驗(yàn)證添加用戶`
[root@localhost ~]# id test01
uid=1001(test01) gid=1001(test01) 組=1001(test01)
#此時(shí)兩臺(tái)被管理端test01用戶均添加成功
`刪除webserver端中的test01用戶`
[root@localhost ~]# ansible webserver -m user -a 'name=test01 state=absent'
192.168.18.128 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"force": false,
"name": "test01",
"remove": false,
"state": "absent"
}
`此時(shí)回到被管理端1:webserver中驗(yàn)證用戶情況`
[root@localhost ~]# id test01
id: test01: no such user
#此時(shí)顯示找不到,說明已被刪除
group模塊【group模塊請(qǐng)求的是groupadd, groupdel, groupmod 三個(gè)指令】
`創(chuàng)建mysql組`
[root@localhost ~]# ansible mysql -m group -a 'name=mysql gid=306 system=yes'
192.168.18.148 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 306,
"name": "mysql",
"state": "present",
"system": true
}
`遠(yuǎn)程查看被管理端2:mysql中是否有mysql組`
[root@localhost ~]# ansible mysql -a 'tail /etc/group'
192.168.18.148 | CHANGED | rc=0 >>
postfix:x:89:
stapusr:x:156:
stapsys:x:157:
stapdev:x:158:
tcpdump:x:72:
zhou:x:1000:
dhcpd:x:177:
named:x:25:
test01:x:1001:
mysql:x:306: #此時(shí)有mysql組,同時(shí)gid號(hào)為306
`創(chuàng)建新用戶test02并添加到mysql組`
[root@localhost ~]# ansible mysql -m user -a 'name=test02 uid=306 group=mysql system=yes'
192.168.18.148 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 306,
"home": "/home/test02",
"name": "test02",
"shell": "/bin/bash",
"state": "present",
"system": true,
"uid": 306
}
`遠(yuǎn)程查看被管理端2:mysql中是否在mysql組是否有新創(chuàng)建的用戶test02`
[root@localhost ~]# ansible mysql -a 'id test02'
192.168.18.148 | CHANGED | rc=0 >>
uid=306(test02) gid=306(mysql) 組=306(mysql)
copy模塊
`遠(yuǎn)程把被管理端2:mysql中的etc目錄下fstab自動(dòng)掛載文件,復(fù)制到opt目錄下并且取名為fstab.bk,屬組為root,權(quán)限為644`
[root@localhost ~]# ansible mysql -m copy -a 'src=/etc/fstab dest=/opt/fstab.bk owner=root mode=644'
192.168.18.148 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "100f3bbf6644926857bbec2a40ab2f70bf1c060b",
"dest": "/opt/fstab.bk",
"gid": 0,
"group": "root",
"md5sum": "f57167de0e8f6f2963771a72af8a2840",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:usr_t:s0",
"size": 595,
"src": "/root/.ansible/tmp/ansible-tmp-1580693038.81-171191249824445/source",
"state": "file",
"uid": 0
}
`遠(yuǎn)程查看被管理端2:mysql的opt目錄下是否在mysql組是否有fstab.bk文件`
[root@localhost ~]# ansible mysql -a 'ls -l /opt'
192.168.18.148 | CHANGED | rc=0 >>
總用量 4
-rw-r--r--. 1 root root 595 2月 3 09:24 fstab.bk
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
`指定內(nèi)容this is test,重定向生成新文件test.txt在opt目錄下`
[root@localhost ~]# ansible mysql -m copy -a 'content="this is test" dest=/opt/test.txt'
192.168.18.148 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"checksum": "b6794b2000d94d348203d0279c2e7322b922cb16",
"dest": "/opt/test.txt",
"gid": 0,
"group": "root",
"md5sum": "8c6d115258631625b625486f81b09532",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:usr_t:s0",
"size": 12,
"src": "/root/.ansible/tmp/ansible-tmp-1580693472.89-123279558248268/source",
"state": "file",
"uid": 0
}
`遠(yuǎn)程查看被管理端2:mysql的opt目錄下的test.txt文件中內(nèi)容是否為this is test`
[root@localhost ~]# ansible mysql -a 'cat /opt/test.txt'
192.168.18.148 | CHANGED | rc=0 >>
this is test
file模塊
`路徑opt下的文件test.txt,用戶為test02,組指定為mysql,權(quán)限為666`
[root@localhost ~]# ansible mysql -m file -a 'path=/opt/test.txt owner=test02 group=mysql mode=666'
192.168.18.148 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"gid": 306,
"group": "mysql",
"mode": "0666",
"owner": "test02",
"path": "/opt/test.txt",
"secontext": "system_u:object_r:usr_t:s0",
"size": 12,
"state": "file",
"uid": 306
}
`此時(shí)回到被管理端2:mysql中opt目錄下的test.txt文件的詳細(xì)情況`
[root@localhost ~]# cd /opt/
[root@localhost opt]# ls -l
總用量 8
-rw-r--r--. 1 root root 595 2月 3 09:24 fstab.bk
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
-rw-rw-rw-. 1 test02 mysql 12 2月 3 09:31 test.txt
#此時(shí)test.txt文件屬主為test02,屬組為mysql,權(quán)限為666
`設(shè)置/opt/test.txt.link為/opt/test.txt的鏈接文件`
[root@localhost ~]# ansible mysql -m file -a 'src=/opt/test.txt path=/opt/test.txt.link state=link'
192.168.18.148 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/opt/test.txt.link",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 13,
"src": "/opt/test.txt",
"state": "link",
"uid": 0
}
`此時(shí)回到被管理端2:mysql中opt目錄下查看此鏈接文件`
[root@localhost opt]# ls -l
總用量 8
-rw-r--r--. 1 root root 595 2月 3 09:24 fstab.bk
drwxr-xr-x. 2 root root 6 3月 26 2015 rh
-rw-rw-rw-. 1 test02 mysql 12 2月 3 09:31 test.txt
lrwxrwxrwx. 1 root root 13 2月 3 09:59 test.txt.link -> /opt/test.txt #鏈接性的文件
`創(chuàng)建一個(gè)空文件`
[root@localhost ~]# ansible mysql -m file -a 'path=/opt/abc.txt state=touch'
192.168.18.148 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dest": "/opt/abc.txt",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
`此時(shí)回到被管理端2:mysql中opt目錄下abc.txt文件的詳細(xì)情況`
[root@localhost opt]# ls #此時(shí)有abc.txt文件
abc.txt fstab.bk rh test.txt test.txt.link
[root@localhost opt]# cat abc.txt #因?yàn)槭强瘴募?,所以沒有內(nèi)容
`刪除創(chuàng)建的abc.txt空文件`
[root@localhost ~]# ansible mysql -m file -a 'path=/opt/abc.txt state=absent'
192.168.18.148 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"path": "/opt/abc.txt",
"state": "absent"
}
`此時(shí)回到被管理端2:mysql中opt目錄下是否有abc.txt文件`
[root@localhost opt]# ls
fstab.bk rh test.txt test.txt.link
ping模塊
`測(cè)試兩臺(tái)被管理端是否在線`
[root@localhost ~]# ansible all -m ping
192.168.18.148 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
192.168.18.128 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
yum模塊
`在被管理端1:webserver中安裝httpd服務(wù)`
[root@localhost ~]# ansible webserver -m yum -a 'name=httpd'
192.168.18.128 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"changes": {
"installed": [
"httpd"
]
},
"msg": "",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror, langpacks\nLoading mirror speeds from cached hostfile\n * base: mirrors.huaweicloud.com\n * extras: mirror.bit.edu.cn\n * updates: mirror.bit.edu.cn\nResolving Dependencies\n--> Running transaction check\n---> Package httpd.x86_64 0:2.4.6-90.el7.centos will be installed\n--> Processing Dependency: httpd-tools = 2.4.6-90.el7.centos for package: httpd-2.4.6-90.el7.centos.x86_64\n--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-90.el7.centos.x86_64\n--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-90.el7.centos.x86_64\n--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-90.el7.centos.x86_64\n--> Running transaction check\n---> Package apr.x86_64 0:1.4.8-5.el7 will be installed\n---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed\n---> Package httpd-tools.x86_64 0:2.4.6-90.el7.centos will be installed\n---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n httpd x86_64 2.4.6-90.el7.centos base 2.7 M\nInstalling for dependencies:\n apr x86_64 1.4.8-5.el7 base 103 k\n apr-util x86_64 1.5.2-6.el7 base 92 k\n httpd-tools x86_64 2.4.6-90.el7.centos base 91 k\n mailcap noarch 2.1.41-2.el7 base 31 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+4 Dependent packages)\n\nTotal download size: 3.0 M\nInstalled size: 10 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 1.0 MB/s | 3.0 MB 00:03 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : apr-1.4.8-5.el7.x86_64 1/5 \n Installing : apr-util-1.5.2-6.el7.x86_64 2/5 \n Installing : httpd-tools-2.4.6-90.el7.centos.x86_64 3/5 \n Installing : mailcap-2.1.41-2.el7.noarch 4/5 \n Installing : httpd-2.4.6-90.el7.centos.x86_64 5/5 \n Verifying : apr-1.4.8-5.el7.x86_64 1/5 \n Verifying : mailcap-2.1.41-2.el7.noarch 2/5 \n Verifying : httpd-tools-2.4.6-90.el7.centos.x86_64 3/5 \n Verifying : apr-util-1.5.2-6.el7.x86_64 4/5 \n Verifying : httpd-2.4.6-90.el7.centos.x86_64 5/5 \n\nInstalled:\n httpd.x86_64 0:2.4.6-90.el7.centos \n\nDependency Installed:\n apr.x86_64 0:1.4.8-5.el7 apr-util.x86_64 0:1.5.2-6.el7 \n httpd-tools.x86_64 0:2.4.6-90.el7.centos mailcap.noarch 0:2.1.41-2.el7 \n\nComplete!\n"
]
}
#安裝完成后會(huì)顯示過程
`此時(shí)可以返回被管理端1:webserver中查看httpd服務(wù)是否安裝成功`
[root@localhost ~]# rpm -q httpd
httpd-2.4.6-90.el7.centos.x86_64 #此時(shí)服務(wù)安裝完成
`可以用以下命令移除服務(wù)`
[root@localhost ~]# ansible webserver -m yum -a 'name=httpd state=absent'
service模塊
`啟動(dòng)被管理端2中的httpd服務(wù)`
[root@localhost ~]# ansible webserver -m service -a 'enabled=true name=httpd state=started'
192.168.18.128 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"enabled": true,
"name": "httpd",
"state": "started",
......此處省略多行
`此時(shí)到被管理端1:webserver中查看httpd服務(wù)的狀態(tài)`
[root@localhost ~]# systemctl status httpd.service
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since 一 2020-02-03 10:24:28 CST; 2min 25s ago
#此時(shí)狀態(tài)顯示為running運(yùn)行
shell模塊
`創(chuàng)建一個(gè)用戶,為用戶生成免交互密碼`
[root@localhost ~]# ansible webserver -m user -a 'name=jarry' #創(chuàng)建新用戶jarry
192.168.18.128 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1001,
"home": "/home/jarry",
"name": "jarry",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1001
}
[root@localhost ~]# ansible webserver -m shell -a 'echo abc123 | passwd --stdin jarry'
192.168.18.128 | CHANGED | rc=0 >>
更改用戶 jarry 的密碼 。
passwd:所有的身份驗(yàn)證令牌已經(jīng)成功更新。
#生成jarry用戶的登錄密碼為abc123
script模塊
`首先在管理端編寫腳本`
[root@localhost ~]# cd /opt/
[root@localhost opt]# vim test.sh
#!/bin/bash
echo "this is test script" > /opt/script.txt
chmod 666 /opt/script.txt
[root@localhost opt]# ls
rh test.sh
[root@localhost opt]# chmod +x test.sh #給予執(zhí)行權(quán)限
`對(duì)所有被管理端執(zhí)行test.sh腳本`
[root@localhost opt]# ansible all -m script -a 'test.sh'
192.168.18.128 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.18.128 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.18.128 closed."
],
"stdout": "",
"stdout_lines": []
}
192.168.18.148 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.18.148 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.18.148 closed."
],
"stdout": "",
"stdout_lines": []
}
`驗(yàn)證兩臺(tái)被管理端的opt目錄下是否有script.txt文件`
#被管理端1:
[root@localhost ~]# cd /opt/
[root@localhost opt]# ls
rh script.txt
[root@localhost opt]# cat script.txt
this is test script
#被管理端2:
[root@localhost opt]# ls
fstab.bk rh script.txt test.txt test.txt.link
[root@localhost opt]# cat script.txt
this is test script
setup模塊
`列出被管理端2:mysql的所有主機(jī)信息`
[root@localhost opt]# ansible mysql -m setup
192.168.18.148 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.122.1",
"192.168.18.148"
],
"ansible_all_ipv6_addresses": [
"fe80::1cb1:b734:7f72:576f",
"fe80::578f:4368:6a2c:80d7",
"fe80::6a0c:e6a0:7978:3543"
],
"ansible_apparmor": {
"status": "disabled"
},
"ansible_architecture": "x86_64",
"ansible_bios_date": "07/29/2019",
"ansible_bios_version": "6.00",
"ansible_cmdline": {
"BOOT_IMAGE": "/vmlinuz-3.10.0-693.el7.x86_64",
"LANG": "zh_CN.UTF-8",
"crashkernel": "auto",
"quiet": true,
"rhgb": true,
"ro": true,
"root": "UUID=32c169ff-9bf7-4d89-a2f1-a99a7e59d4f2"
},
"ansible_date_time": {
"date": "2020-02-03",
"day": "03",
"epoch": "1580698171",
"hour": "10",
"iso8601": "2020-02-03T02:49:31Z",
"iso8601_basic": "20200203T104931948449",
"iso8601_basic_short": "20200203T104931",
"iso8601_micro": "2020-02-03T02:49:31.948682Z",
"minute": "49",
"month": "02",
"second": "31",
"time": "10:49:31",
"tz": "CST",
"tz_offset": "+0800",
"weekday": "星期一",
"weekday_number": "1",
"weeknumber": "05",
"year": "2020"
},
"ansible_default_ipv4": {
"address": "192.168.18.148",
"alias": "ens33",
"broadcast": "192.168.18.255",
"gateway": "192.168.18.2",
"interface": "ens33",
"macaddress": "00:0c:29:79:45:8e",
"mtu": 1500,
"netmask": "255.255.255.0",
"network": "192.168.18.0",
"type": "ether"
},
......
......
......