Ansible之常用模块(二)
1、hostname:此模块的主要作用是管理远端节点主机名
模块帮助:
root@localhost ~]# ansible-doc -s hostname
- name: Manage hostname
hostname:
name: # (required) Name of the host
[root@localhost ~]#
说明:通常我们使用这个模块是在playbook里使用,通过一些变量的控制,给定不同的主机以不同的主机名。
常用参数说明:
name:指定远端节点主机名称
[root@localhost ~]# ansible 192.168.0.99 -m shell -a 'hostname'
192.168.0.99 | SUCCESS | rc=0 >>
docker [root@localhost ~]# ansible 192.168.0.99 -m hostname -a 'name=test'
192.168.0.99 | SUCCESS => {
"ansible_facts": {
"ansible_domain": "",
"ansible_fqdn": "test",
"ansible_hostname": "test",
"ansible_nodename": "test"
},
"changed": true,
"name": "test"
}
[root@localhost ~]# ansible 192.168.0.99 -m shell -a 'hostname'
192.168.0.99 | SUCCESS | rc=0 >>
test [root@localhost ~]#
说明:以上命令是给192.168.0.99这台主机更改主机名
2、cron:此模块的主要作用是管理计划任务
模块帮助:
[root@localhost ~]# ansible-doc -s cron
- name: Manage cron.d and crontab entries.
cron:
backup: # If set, create a backup of the crontab before it is modified. The location of the backup is returned in
the `backup_file' variable by this module.
cron_file: # If specified, uses this file instead of an individual user's crontab. If this is a relative path, it is
interpreted with respect to /etc/cron.d. (If it is absolute, it will
typically be /etc/crontab). Many linux distros expect (and some require)
the filename portion to consist solely of upper- and lower-case letters,
digits, underscores, and hyphens. To use the `cron_file' parameter you
must specify the `user' as well.
day: # Day of the month the job should run ( 1-31, *, */2, etc )
disabled: # If the job should be disabled (commented out) in the crontab. Only has effect if state=present
env: # If set, manages a crontab's environment variable. New variables are added on top of crontab. "name" and
"value" parameters are the name and the value of environment variable.
hour: # Hour when the job should run ( 0-23, *, */2, etc )
insertafter: # Used with `state=present' and `env'. If specified, the environment variable will be inserted after the
declaration of specified environment variable.
insertbefore: # Used with `state=present' and `env'. If specified, the environment variable will be inserted before the
declaration of specified environment variable.
job: # The command to execute or, if env is set, the value of environment variable. The command should not
contain line breaks. Required if state=present.
minute: # Minute when the job should run ( 0-59, *, */2, etc )
month: # Month of the year the job should run ( 1-12, *, */2, etc )
name: # Description of a crontab entry or, if env is set, the name of environment variable. Required if
state=absent. Note that if name is not set and state=present, then a new
crontab entry will always be created, regardless of existing ones.
reboot: # If the job should be run at reboot. This option is deprecated. Users should use special_time.
special_time: # Special time specification nickname.
state: # Whether to ensure the job or environment variable is present or absent.
user: # The specific user whose crontab should be modified.
weekday: # Day of the week that the job should run ( 0-6 for Sunday-Saturday, *, etc )
[root@localhost ~]#
常用参数说明:
backup:是否备份之前的计划任务,默认为no
[root@localhost ~]# ansible websers -m shell -a 'crontab -l'
192.168.0.99 | FAILED | rc=1 >>
no crontab for rootnon-zero return code 192.168.0.218 | FAILED | rc=1 >>
no crontab for rootnon-zero return code [root@localhost ~]# ansible websers -m cron -a 'name=test minute=*/4 job="/usr/bin/wall hello world" '
192.168.0.218 | SUCCESS => {
"changed": true,
"envs": [],
"jobs": [
"test"
]
}
192.168.0.99 | SUCCESS => {
"changed": true,
"envs": [],
"jobs": [
"test"
]
}
[root@localhost ~]# ansible websers -m shell -a 'crontab -l'
192.168.0.218 | SUCCESS | rc=0 >>
#Ansible: test
*/4 * * * * /usr/bin/wall hello world 192.168.0.99 | SUCCESS | rc=0 >>
#Ansible: test
*/4 * * * * /usr/bin/wall hello world [root@localhost ~]# ansible websers -m cron -a 'name=test2 minute=*/2 job="/usr/bin/wall this is test" backup=yes '
192.168.0.218 | SUCCESS => {
"backup_file": "/tmp/crontab3sg1oa",
"changed": true,
"envs": [],
"jobs": [
"test",
"test2"
]
}
192.168.0.99 | SUCCESS => {
"backup_file": "/tmp/crontabMvYnq7",
"changed": true,
"envs": [],
"jobs": [
"test",
"test2"
]
}
[root@localhost ~]# ansible websers -m shell -a 'crontab -l'
192.168.0.218 | SUCCESS | rc=0 >>
#Ansible: test
*/4 * * * * /usr/bin/wall hello world
#Ansible: test2
*/2 * * * * /usr/bin/wall this is test 192.168.0.99 | SUCCESS | rc=0 >>
#Ansible: test
*/4 * * * * /usr/bin/wall hello world
#Ansible: test2
*/2 * * * * /usr/bin/wall this is test [root@localhost ~]# ansible websers -m shell -a 'cat /tmp/crontab*'
192.168.0.218 | SUCCESS | rc=0 >>
#Ansible: test
*/4 * * * * /usr/bin/wall hello world 192.168.0.99 | SUCCESS | rc=0 >>
#Ansible: test
*/4 * * * * /usr/bin/wall hello world [root@localhost ~]#
说明:指定了backup=yes,它默认会把原有的计划任务备份到远端节点主机的/tmp/下,名为crontab+随机字符串。
day:表示时间日,取值范围(1-31),支持’*‘,表示每日的意思,*/2表示每两日
hour:表示时间小时,取值范围(0-23),支持*, */2
minute:表示时间分钟,取值范围(0-59),支持* ,*/2
month:表示时间月,取值范围(1-12),支持* , */2
weekday:表示时间周,取值范围(0-6或者1-7),支持*
user:表示创建几乎任务的用户
[root@localhost ~]# ansible websers -m cron -a 'name=test3 minute=*/2 job="/usr/bin/wall this is test3" user=qiuhom '
192.168.0.218 | SUCCESS => {
"changed": true,
"envs": [],
"jobs": [
"test3"
]
}
192.168.0.99 | SUCCESS => {
"changed": true,
"envs": [],
"jobs": [
"test3"
]
}
[root@localhost ~]# ansible websers -m shell -a 'crontab -u qiuhom -l'
192.168.0.218 | SUCCESS | rc=0 >>
#Ansible: test3
*/2 * * * * /usr/bin/wall this is test3 192.168.0.99 | SUCCESS | rc=0 >>
#Ansible: test3
*/2 * * * * /usr/bin/wall this is test3 [root@localhost ~]#
state:指定计划任务是present(新建)或者absent(删除),若不指定state的值,默认是新建计划任务
[root@localhost ~]# ansible websers -m shell -a 'crontab -u qiuhom -l'
192.168.0.218 | SUCCESS | rc=0 >>
#Ansible: test3
*/2 * * * * /usr/bin/wall this is test3
#Ansible: hehe
*/2 * * * * /usr/bin/wall hhheee 192.168.0.99 | SUCCESS | rc=0 >>
#Ansible: test3
*/2 * * * * /usr/bin/wall this is test3
#Ansible: hehe
*/2 * * * * /usr/bin/wall hhheee [root@localhost ~]# ansible websers -m cron -a 'name=hehe user=qiuhom state=absent'
192.168.0.218 | SUCCESS => {
"changed": true,
"envs": [],
"jobs": [
"test3"
]
}
192.168.0.99 | SUCCESS => {
"changed": true,
"envs": [],
"jobs": [
"test3"
]
}
[root@localhost ~]# ansible websers -m shell -a 'crontab -u qiuhom -l'
192.168.0.218 | SUCCESS | rc=0 >>
#Ansible: test3
*/2 * * * * /usr/bin/wall this is test3 192.168.0.99 | SUCCESS | rc=0 >>
#Ansible: test3
*/2 * * * * /usr/bin/wall this is test3 [root@localhost ~]#
说明:state=absent是从用户的计划任务列表中删除计划任务,它不是把计划任务给注释掉,而是删除。删除计划任务只需指定计划任务名称以及用户就可以,若没有指定用户,它默认是root用户。
disabled:是否禁用计划任务(被注释),此选项只能在state=present的时候才有效
[root@localhost ~]# ansible websers -m cron -a 'name=xxxx hour=2 minute=30 day=14 month=11 job="/usr/bin/wall ahahahahh" disabled=yes '
192.168.0.218 | SUCCESS => {
"changed": true,
"envs": [],
"jobs": [
"test",
"test2",
"xxxx"
]
}
192.168.0.99 | SUCCESS => {
"changed": true,
"envs": [],
"jobs": [
"test",
"test2",
"xxxx"
]
}
[root@localhost ~]#
[root@localhost ~]# ansible websers -m shell -a 'crontab -l'
192.168.0.218 | SUCCESS | rc=0 >>
#Ansible: test
*/4 * * * * /usr/bin/wall hello world
#Ansible: test2
*/2 * * * * /usr/bin/wall this is test
#Ansible: xxxx
#30 2 14 11 * /usr/bin/wall ahahahahh 192.168.0.99 | SUCCESS | rc=0 >>
#Ansible: test
*/4 * * * * /usr/bin/wall hello world
#Ansible: test2
*/2 * * * * /usr/bin/wall this is test
#Ansible: xxxx
#30 2 14 11 * /usr/bin/wall ahahahahh [root@localhost ~]#
[root@localhost ~]# ansible websers -m cron -a 'name=xxxx hour=2 minute=30 day=14 month=11 job="/usr/bin/wall ahahahahh" disabled=no '
192.168.0.218 | SUCCESS => {
"changed": true,
"envs": [],
"jobs": [
"test",
"test2",
"xxxx"
]
}
192.168.0.99 | SUCCESS => {
"changed": true,
"envs": [],
"jobs": [
"test",
"test2",
"xxxx"
]
}
[root@localhost ~]# ansible websers -m shell -a 'crontab -l'
192.168.0.218 | SUCCESS | rc=0 >>
#Ansible: test
*/4 * * * * /usr/bin/wall hello world
#Ansible: test2
*/2 * * * * /usr/bin/wall this is test
#Ansible: xxxx
30 2 14 11 * /usr/bin/wall ahahahahh 192.168.0.99 | SUCCESS | rc=0 >>
#Ansible: test
*/4 * * * * /usr/bin/wall hello world
#Ansible: test2
*/2 * * * * /usr/bin/wall this is test
#Ansible: xxxx
30 2 14 11 * /usr/bin/wall ahahahahh [root@localhost ~]#
name:指定计划任务的名称
job:指定任务计划要执行的命令
cron_file:替换远端用户的任务计划的文件
[root@localhost ~]# ansible websers -m cron -a 'name=xxxx hour=2 minute=30 day=14 month=11 job="/usr/bin/wall ahahahahh" disabled=no cron_file=/root/test_cron_file user=root'
192.168.0.218 | SUCCESS => {
"changed": true,
"cron_file": "/root/test_cron_file",
"envs": [],
"jobs": [
"xxxx"
]
}
192.168.0.99 | SUCCESS => {
"changed": true,
"cron_file": "/root/test_cron_file",
"envs": [],
"jobs": [
"xxxx"
]
}
[root@localhost ~]# ansible websers -m shell -a 'ls -l /root/test_cron_file'
192.168.0.218 | SUCCESS | rc=0 >>
-rw-r--r--. 1 root root 57 Nov 13 19:15 /root/test_cron_file 192.168.0.99 | SUCCESS | rc=0 >>
-rw-r--r-- 1 root root 57 Nov 13 19:15 /root/test_cron_file [root@localhost ~]# ansible websers -m shell -a 'cat /root/test_cron_file'
192.168.0.218 | SUCCESS | rc=0 >>
#Ansible: xxxx
30 2 14 11 * root /usr/bin/wall ahahahahh 192.168.0.99 | SUCCESS | rc=0 >>
#Ansible: xxxx
30 2 14 11 * root /usr/bin/wall ahahahahh [root@localhost ~]#
说明:此选项必须指定以那个用户创建的计划任务。
3、yum:此模块主要功能是使用“yum”包管理器管理包
模块帮助:
[root@localhost ~]# ansible-doc -s yum
- name: Manages packages with the `yum' package manager
yum:
allow_downgrade: # Specify if the named package and version is allowed to downgrade a maybe already installed higher version of
that package. Note that setting allow_downgrade=True can make this module
behave in a non-idempotent way. The task could end up with a set of packages
that does not match the complete list of specified packages to install
(because dependencies between the downgraded package and others can cause
changes to the packages which were in the earlier transaction).
conf_file: # The remote yum configuration file to use for the transaction.
disable_gpg_check: # Whether to disable the GPG checking of signatures of packages being installed. Has an effect only if state is
`present' or `latest'.
disablerepo: # `Repoid' of repositories to disable for the install/update operation. These repos will not persist beyond the
`present' or `latest'.
disablerepo: # `Repoid' of repositories to disable for the install/update operation. These repos will not persist beyond the
transaction. When specifying multiple repos, separate them with a ",".
enablerepo: # `Repoid' of repositories to enable for the install/update operation. These repos will not persist beyond the
transaction. When specifying multiple repos, separate them with a ",".
exclude: # Package name(s) to exclude when state=present, or latest
installroot: # Specifies an alternative installroot, relative to which all packages will be installed.
list: # Package name to run the equivalent of yum list <package> against.
name: # (required) Package name, or package specifier with version, like `name-1.0'. If a previous version is
specified, the task also needs to turn `allow_downgrade' on. See the
`allow_downgrade' documentation for caveats with downgrading packages. When
using state=latest, this can be '*' which means run `yum -y update'. You can
also pass a url or a local path to a rpm file (using state=present). To
operate on several packages this can accept a comma separated list of packages
or (as of 2.0) a list of packages.
security: # If set to `yes', and `state=latest' then only installs updates that have been marked security related.
skip_broken: # Resolve depsolve problems by removing packages that are causing problems from the trans‐ action.
state: # Whether to install (`present' or `installed', `latest'), or remove (`absent' or `removed') a package.
update_cache: # Force yum to check if cache is out of date and redownload if needed. Has an effect only if state is `present'
or `latest'.
validate_certs: # This only applies if using a https url as the source of the rpm. e.g. for localinstall. If set to `no', the
SSL certificates will not be validated. This should only set to `no' used on
personally controlled sites using self-signed certificates as it avoids
verifying the source site. Prior to 2.1 the code worked as if this was set to
`yes'.
[root@localhost ~]#
常用参数说明:
name:指定包的名称
state:指定是对包的操作,present或者installed或者latest 都表示安装,latest表示安装最新版本的包;absent或者removed表示删除,卸载,默认是present
list:类似yum list 包名 这条命令
1)安装包
[root@localhost ~]# ansible websers -m yum -a ' list=httpd'
192.168.0.99 | SUCCESS => {
"changed": false,
"results": [
{
"arch": "x86_64",
"envra": "0:httpd-2.4.6-90.el7.centos.x86_64",
"epoch": "0",
"name": "httpd",
"release": "90.el7.centos",
"repo": "base",
"version": "2.4.6",
"yumstate": "available"
}
]
}
192.168.0.218 | SUCCESS => {
"changed": false,
"results": [
{
"arch": "x86_64",
"envra": "0:httpd-2.2.15-69.el6.centos.x86_64",
"epoch": "0",
"name": "httpd",
"release": "69.el6.centos",
"repo": "base",
"version": "2.2.15",
"yumstate": "available"
}
]
}
[root@localhost ~]# ansible websers -m yum -a 'name=httpd state=present'
192.168.0.218 | SUCCESS => {
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror, refresh-packagekit, security\nSetting up Install Process\nLoading mirror speeds from cached hostfile\n * base: mirrors.aliyun.com\n * epel: mirrors.aliyun.com\n * extras: mirrors.aliyun.com\n * updates: mirrors.163.com\nResolving Dependencies\n--> Running transaction check\n---> Package httpd.x86_64 0:2.2.15-69.el6.centos will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n httpd x86_64 2.2.15-69.el6.centos base 836 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package(s)\n\nTotal download size: 836 k\nInstalled size: 3.0 M\nDownloading Packages:\nRunning rpm_check_debug\nRunning Transaction Test\nTransaction Test Succeeded\nRunning Transaction\n\r Installing : httpd-2.2.15-69.el6.centos.x86_64 1/1 \n\r Verifying : httpd-2.2.15-69.el6.centos.x86_64 1/1 \n\nInstalled:\n httpd.x86_64 0:2.2.15-69.el6.centos \n\nComplete!\n"
]
}
192.168.0.99 | SUCCESS => {
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirrors.aliyun.com\n * extras: mirrors.aliyun.com\n * updates: mirrors.aliyun.com\nResolving Dependencies\n--> Running transaction check\n---> Package httpd.x86_64 0:2.4.6-90.el7.centos will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n httpd x86_64 2.4.6-90.el7.centos base 2.7 M\n\nTransaction Summary\n================================================================================\nInstall 1 Package\n\nTotal download size: 2.7 M\nInstalled size: 9.4 M\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : httpd-2.4.6-90.el7.centos.x86_64 1/1 \n Verifying : httpd-2.4.6-90.el7.centos.x86_64 1/1 \n\nInstalled:\n httpd.x86_64 0:2.4.6-90.el7.centos \n\nComplete!\n"
]
}
[root@localhost ~]# ansible websers -m yum -a ' list=httpd'
192.168.0.99 | SUCCESS => {
"changed": false,
"results": [
{
"arch": "x86_64",
"envra": "0:httpd-2.4.6-90.el7.centos.x86_64",
"epoch": "0",
"name": "httpd",
"release": "90.el7.centos",
"repo": "base",
"version": "2.4.6",
"yumstate": "available"
},
{
"arch": "x86_64",
"envra": "0:httpd-2.4.6-90.el7.centos.x86_64",
"epoch": "0",
"name": "httpd",
"release": "90.el7.centos",
"repo": "installed",
"version": "2.4.6",
"yumstate": "installed"
}
]
}
192.168.0.218 | SUCCESS => {
"changed": false,
"results": [
{
"arch": "x86_64",
"envra": "0:httpd-2.2.15-69.el6.centos.x86_64",
"epoch": "0",
"name": "httpd",
"release": "69.el6.centos",
"repo": "base",
"version": "2.2.15",
"yumstate": "available"
},
{
"arch": "x86_64",
"envra": "0:httpd-2.2.15-69.el6.centos.x86_64",
"epoch": "0",
"name": "httpd",
"release": "69.el6.centos",
"repo": "installed",
"version": "2.2.15",
"yumstate": "installed"
}
]
}
[root@localhost ~]#
说明:安装包可以不用跟后面的state=present,因为我们不写默认就是present;安装包的时候name也可以指定从远程仓库里安装某一个包,比如name=https://xxx/包名.rpm。也可以从本地光盘安装,比如name=/file/to/package.rpm;同时也可以指定安装某个包组的包,比如name="@Development tools";当然这个模块只能用于支持yum包管理的Linux系统(redhat系列),ubuntu需要用apt这个模块进行包的管理,用法同yum类似。
2)卸载包
[root@localhost ~]# ansible websers -m yum -a ' name=httpd state=absent'
192.168.0.218 | SUCCESS => {
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror, refresh-packagekit, security\nSetting up Remove Process\nResolving Dependencies\n--> Running transaction check\n---> Package httpd.x86_64 0:2.2.15-69.el6.centos will be erased\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nRemoving:\n httpd x86_64 2.2.15-69.el6.centos @base 3.0 M\n\nTransaction Summary\n================================================================================\nRemove 1 Package(s)\n\nInstalled size: 3.0 M\nDownloading Packages:\nRunning rpm_check_debug\nRunning Transaction Test\nTransaction Test Succeeded\nRunning Transaction\n\r Erasing : httpd-2.2.15-69.el6.centos.x86_64 1/1 \n\r Verifying : httpd-2.2.15-69.el6.centos.x86_64 1/1 \n\nRemoved:\n httpd.x86_64 0:2.2.15-69.el6.centos \n\nComplete!\n"
]
}
192.168.0.99 | SUCCESS => {
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror\nResolving Dependencies\n--> Running transaction check\n---> Package httpd.x86_64 0:2.4.6-90.el7.centos will be erased\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nRemoving:\n httpd x86_64 2.4.6-90.el7.centos @base 9.4 M\n\nTransaction Summary\n================================================================================\nRemove 1 Package\n\nInstalled size: 9.4 M\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Erasing : httpd-2.4.6-90.el7.centos.x86_64 1/1 \n Verifying : httpd-2.4.6-90.el7.centos.x86_64 1/1 \n\nRemoved:\n httpd.x86_64 0:2.4.6-90.el7.centos \n\nComplete!\n"
]
}
[root@localhost ~]# ansible websers -m yum -a ' list=httpd'
192.168.0.99 | SUCCESS => {
"changed": false,
"results": [
{
"arch": "x86_64",
"envra": "0:httpd-2.4.6-90.el7.centos.x86_64",
"epoch": "0",
"name": "httpd",
"release": "90.el7.centos",
"repo": "base",
"version": "2.4.6",
"yumstate": "available"
}
]
}
192.168.0.218 | SUCCESS => {
"changed": false,
"results": [
{
"arch": "x86_64",
"envra": "0:httpd-2.2.15-69.el6.centos.x86_64",
"epoch": "0",
"name": "httpd",
"release": "69.el6.centos",
"repo": "base",
"version": "2.2.15",
"yumstate": "available"
}
]
}
[root@localhost ~]#
4、service:此模块主要功能是管理服务
模块帮助:
[root@localhost ~]# ansible-doc -s service
- name: Manage services.
service:
arguments: # Additional arguments provided on the command line
enabled: # Whether the service should start on boot. *At least one of state and enabled are required.*
name: # (required) Name of the service.
pattern: # If the service does not respond to the status command, name a substring to look for as would be found in the
output of the `ps' command as a stand-in for a status result. If the string
is found, the service will be assumed to be running.
runlevel: # For OpenRC init scripts (ex: Gentoo) only. The runlevel that this service belongs to.
sleep: # If the service is being `restarted' then sleep this many seconds between the stop and start command. This
helps to workaround badly behaving init scripts that exit immediately after
signaling a process to stop.
state: # `started'/`stopped' are idempotent actions that will not run commands unless necessary. `restarted' will
always bounce the service. `reloaded' will always reload. *At least one of
state and enabled are required.* Note that reloaded will start the service if
it is not already started, even if your chosen init system wouldn't normally.
use: # The service module actually uses system specific modules, normally through auto detection, this setting can
force a specific module. Normally it uses the value of the
'ansible_service_mgr' fact and falls back to the old 'service' module when
none matching is found.
[root@localhost ~]#
常用参数说明:
enabled:是否开机启动
name:指定服务名称
state:指定对服务的操作,started表示启动服务,stopped表示停止服务,restarted表示重启服务,reloaded表示重新加载配置文件,切记没有status这个值
1)启动httpd服务
[root@localhost ~]# ansible websers -m shell -a 'ss -ntl|grep 80'
192.168.0.218 | FAILED | rc=1 >>
non-zero return code 192.168.0.99 | FAILED | rc=1 >>
non-zero return code [root@localhost ~]# ansible websers -m service -a 'name=httpd state=started'
192.168.0.218 | SUCCESS => {
"changed": true,
"name": "httpd",
"state": "started"
}
192.168.0.99 | SUCCESS => {
"changed": true,
"name": "httpd",
"state": "started",
"status": {
"ActiveEnterTimestampMonotonic": "0",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "inactive",
"After": "systemd-journald.socket tmp.mount network.target remote-fs.target system.slice nss-lookup.target -.mount basic.target",
"AllowIsolate": "no",
"AmbientCapabilities": "0",
"AssertResult": "no",
"AssertTimestampMonotonic": "0",
"Before": "shutdown.target",
"BlockIOAccounting": "no",
"BlockIOWeight": "18446744073709551615",
"CPUAccounting": "no",
"CPUQuotaPerSecUSec": "infinity",
"CPUSchedulingPolicy": "0",
"CPUSchedulingPriority": "0",
"CPUSchedulingResetOnFork": "no",
"CPUShares": "18446744073709551615",
"CanIsolate": "no",
"CanReload": "yes",
"CanStart": "yes",
"CanStop": "yes",
"CapabilityBoundingSet": "18446744073709551615",
"ConditionResult": "no",
"ConditionTimestampMonotonic": "0",
"Conflicts": "shutdown.target",
"ControlPID": "0",
"DefaultDependencies": "yes",
"Delegate": "no",
"Description": "The Apache HTTP Server",
"DevicePolicy": "auto",
"Documentation": "man:httpd(8) man:apachectl(8)",
"EnvironmentFile": "/etc/sysconfig/httpd (ignore_errors=no)",
"ExecMainCode": "0",
"ExecMainExitTimestampMonotonic": "0",
"ExecMainPID": "0",
"ExecMainStartTimestampMonotonic": "0",
"ExecMainStatus": "0",
"ExecReload": "{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -k graceful ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"ExecStart": "{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -DFOREGROUND ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"ExecStop": "{ path=/bin/kill ; argv[]=/bin/kill -WINCH ${MAINPID} ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"FailureAction": "none",
"FileDescriptorStoreMax": "0",
"FragmentPath": "/usr/lib/systemd/system/httpd.service",
"GuessMainPID": "yes",
"IOScheduling": "0",
"Id": "httpd.service",
"IgnoreOnIsolate": "no",
"IgnoreOnSnapshot": "no",
"IgnoreSIGPIPE": "yes",
"InactiveEnterTimestampMonotonic": "0",
"InactiveExitTimestampMonotonic": "0",
"JobTimeoutAction": "none",
"JobTimeoutUSec": "0",
"KillMode": "control-group",
"KillSignal": "18",
"LimitAS": "18446744073709551615",
"LimitCORE": "18446744073709551615",
"LimitCPU": "18446744073709551615",
"LimitDATA": "18446744073709551615",
"LimitFSIZE": "18446744073709551615",
"LimitLOCKS": "18446744073709551615",
"LimitMEMLOCK": "65536",
"LimitMSGQUEUE": "819200",
"LimitNICE": "0",
"LimitNOFILE": "4096",
"LimitNPROC": "6537",
"LimitRSS": "18446744073709551615",
"LimitRTPRIO": "0",
"LimitRTTIME": "18446744073709551615",
"LimitSIGPENDING": "6537",
"LimitSTACK": "18446744073709551615",
"LoadState": "loaded",
"MainPID": "0",
"MemoryAccounting": "no",
"MemoryCurrent": "18446744073709551615",
"MemoryLimit": "18446744073709551615",
"MountFlags": "0",
"Names": "httpd.service",
"NeedDaemonReload": "no",
"Nice": "0",
"NoNewPrivileges": "no",
"NonBlocking": "no",
"NotifyAccess": "main",
"OOMScoreAdjust": "0",
"OnFailureJobMode": "replace",
"PermissionsStartOnly": "no",
"PrivateDevices": "no",
"PrivateNetwork": "no",
"PrivateTmp": "yes",
"ProtectHome": "no",
"ProtectSystem": "no",
"RefuseManualStart": "no",
"RefuseManualStop": "no",
"RemainAfterExit": "no",
"Requires": "basic.target -.mount system.slice",
"RequiresMountsFor": "/var/tmp",
"Restart": "no",
"RestartUSec": "100ms",
"Result": "success",
"RootDirectoryStartOnly": "no",
"RuntimeDirectoryMode": "0755",
"SameProcessGroup": "no",
"SecureBits": "0",
"SendSIGHUP": "no",
"SendSIGKILL": "yes",
"Slice": "system.slice",
"StandardError": "inherit",
"StandardInput": "null",
"StandardOutput": "journal",
"StartLimitAction": "none",
"StartLimitBurst": "5",
"StartLimitInterval": "10000000",
"StartupBlockIOWeight": "18446744073709551615",
"StartupCPUShares": "18446744073709551615",
"StatusErrno": "0",
"StopWhenUnneeded": "no",
"SubState": "dead",
"SyslogLevelPrefix": "yes",
"SyslogPriority": "30",
"SystemCallErrorNumber": "0",
"TTYReset": "no",
"TTYVHangup": "no",
"TTYVTDisallocate": "no",
"TasksAccounting": "no",
"TasksCurrent": "18446744073709551615",
"TasksMax": "18446744073709551615",
"TimeoutStartUSec": "1min 30s",
"TimeoutStopUSec": "1min 30s",
"TimerSlackNSec": "50000",
"Transient": "no",
"Type": "notify",
"UMask": "0022",
"UnitFilePreset": "disabled",
"UnitFileState": "disabled",
"WatchdogTimestampMonotonic": "0",
"WatchdogUSec": "0"
}
}
[root@localhost ~]# ansible websers -m shell -a 'ss -ntl|grep 80'
192.168.0.218 | SUCCESS | rc=0 >>
LISTEN 0 128 :::80 :::* 192.168.0.99 | SUCCESS | rc=0 >>
LISTEN 0 128 :::80 :::* [root@localhost ~]#
说明:httpd服务监听的端口它不区分ipv4和ipv6,所以都监听在ipv6上
2)停止httpd服务,并设置开机启动
[root@localhost ~]# ansible websers -m service -a 'name=httpd state=stopped enabled=yes'
192.168.0.218 | SUCCESS => {
"changed": true,
"enabled": true,
"name": "httpd",
"state": "stopped"
}
192.168.0.99 | SUCCESS => {
"changed": true,
"enabled": true,
"name": "httpd",
"state": "stopped",
"status": {
"ActiveEnterTimestamp": "Wed 2019-11-13 20:14:01 CST",
"ActiveEnterTimestampMonotonic": "161470007169",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "active",
"After": "systemd-journald.socket -.mount tmp.mount nss-lookup.target network.target remote-fs.target basic.target system.slice",
"AllowIsolate": "no",
"AmbientCapabilities": "0",
"AssertResult": "yes",
"AssertTimestamp": "Wed 2019-11-13 20:14:00 CST",
"AssertTimestampMonotonic": "161469785404",
"Before": "shutdown.target",
"BlockIOAccounting": "no",
"BlockIOWeight": "18446744073709551615",
"CPUAccounting": "no",
"CPUQuotaPerSecUSec": "infinity",
"CPUSchedulingPolicy": "0",
"CPUSchedulingPriority": "0",
"CPUSchedulingResetOnFork": "no",
"CPUShares": "18446744073709551615",
"CanIsolate": "no",
"CanReload": "yes",
"CanStart": "yes",
"CanStop": "yes",
"CapabilityBoundingSet": "18446744073709551615",
"ConditionResult": "yes",
"ConditionTimestamp": "Wed 2019-11-13 20:14:00 CST",
"ConditionTimestampMonotonic": "161469785403",
"Conflicts": "shutdown.target",
"ControlGroup": "/system.slice/httpd.service",
"ControlPID": "0",
"DefaultDependencies": "yes",
"Delegate": "no",
"Description": "The Apache HTTP Server",
"DevicePolicy": "auto",
"Documentation": "man:httpd(8) man:apachectl(8)",
"EnvironmentFile": "/etc/sysconfig/httpd (ignore_errors=no)",
"ExecMainCode": "0",
"ExecMainExitTimestampMonotonic": "0",
"ExecMainPID": "5877",
"ExecMainStartTimestamp": "Wed 2019-11-13 20:14:00 CST",
"ExecMainStartTimestampMonotonic": "161469797959",
"ExecMainStatus": "0",
"ExecReload": "{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -k graceful ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"ExecStart": "{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -DFOREGROUND ; ignore_errors=no ; start_time=[Wed 2019-11-13 20:14:00 CST] ; stop_time=[n/a] ; pid=5877 ; code=(null) ; status=0/0 }",
"ExecStop": "{ path=/bin/kill ; argv[]=/bin/kill -WINCH ${MAINPID} ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"FailureAction": "none",
"FileDescriptorStoreMax": "0",
"FragmentPath": "/usr/lib/systemd/system/httpd.service",
"GuessMainPID": "yes",
"IOScheduling": "0",
"Id": "httpd.service",
"IgnoreOnIsolate": "no",
"IgnoreOnSnapshot": "no",
"IgnoreSIGPIPE": "yes",
"InactiveEnterTimestampMonotonic": "0",
"InactiveExitTimestamp": "Wed 2019-11-13 20:14:00 CST",
"InactiveExitTimestampMonotonic": "161469798163",
"JobTimeoutAction": "none",
"JobTimeoutUSec": "0",
"KillMode": "control-group",
"KillSignal": "18",
"LimitAS": "18446744073709551615",
"LimitCORE": "18446744073709551615",
"LimitCPU": "18446744073709551615",
"LimitDATA": "18446744073709551615",
"LimitFSIZE": "18446744073709551615",
"LimitLOCKS": "18446744073709551615",
"LimitMEMLOCK": "65536",
"LimitMSGQUEUE": "819200",
"LimitNICE": "0",
"LimitNOFILE": "4096",
"LimitNPROC": "6537",
"LimitRSS": "18446744073709551615",
"LimitRTPRIO": "0",
"LimitRTTIME": "18446744073709551615",
"LimitSIGPENDING": "6537",
"LimitSTACK": "18446744073709551615",
"LoadState": "loaded",
"MainPID": "5877",
"MemoryAccounting": "no",
"MemoryCurrent": "3018752",
"MemoryLimit": "18446744073709551615",
"MountFlags": "0",
"Names": "httpd.service",
"NeedDaemonReload": "no",
"Nice": "0",
"NoNewPrivileges": "no",
"NonBlocking": "no",
"NotifyAccess": "main",
"OOMScoreAdjust": "0",
"OnFailureJobMode": "replace",
"PermissionsStartOnly": "no",
"PrivateDevices": "no",
"PrivateNetwork": "no",
"PrivateTmp": "yes",
"ProtectHome": "no",
"ProtectSystem": "no",
"RefuseManualStart": "no",
"RefuseManualStop": "no",
"RemainAfterExit": "no",
"Requires": "basic.target -.mount system.slice",
"RequiresMountsFor": "/var/tmp",
"Restart": "no",
"RestartUSec": "100ms",
"Result": "success",
"RootDirectoryStartOnly": "no",
"RuntimeDirectoryMode": "0755",
"SameProcessGroup": "no",
"SecureBits": "0",
"SendSIGHUP": "no",
"SendSIGKILL": "yes",
"Slice": "system.slice",
"StandardError": "inherit",
"StandardInput": "null",
"StandardOutput": "journal",
"StartLimitAction": "none",
"StartLimitBurst": "5",
"StartLimitInterval": "10000000",
"StartupBlockIOWeight": "18446744073709551615",
"StartupCPUShares": "18446744073709551615",
"StatusErrno": "0",
"StatusText": "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec",
"StopWhenUnneeded": "no",
"SubState": "running",
"SyslogLevelPrefix": "yes",
"SyslogPriority": "30",
"SystemCallErrorNumber": "0",
"TTYReset": "no",
"TTYVHangup": "no",
"TTYVTDisallocate": "no",
"TasksAccounting": "no",
"TasksCurrent": "6",
"TasksMax": "18446744073709551615",
"TimeoutStartUSec": "1min 30s",
"TimeoutStopUSec": "1min 30s",
"TimerSlackNSec": "50000",
"Transient": "no",
"Type": "notify",
"UMask": "0022",
"UnitFilePreset": "disabled",
"UnitFileState": "disabled",
"WatchdogTimestamp": "Wed 2019-11-13 20:14:01 CST",
"WatchdogTimestampMonotonic": "161470007075",
"WatchdogUSec": "0"
}
}
[root@localhost ~]#ansible 'websers:!*99' -m shell -a 'chkconfig --list httpd'
192.168.0.218 | SUCCESS | rc=0 >>
httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off [root@localhost ~]# ansible 'websers:!*21*' -m shell -a 'systemctl is-enabled httpd'
192.168.0.99 | SUCCESS | rc=0 >>
enabled
说明:本人测试是一台centos6和一台centos7,两个系统查询开机启动的命令不同。所以分两次来查看不同系统的服务开机启动是否设置成功,重启服务和重读配置文件的参数同启动服务,停止服务用法一样,只需要在state后面指定它的动作。
5、user:此模块主要功能是管理用户
模块帮助:
[root@localhost ~]# ansible-doc -s user
- name: Manage user accounts
user:
append: # If `yes', will only add groups, not set them to just the list in `groups'.
comment: # Optionally sets the description (aka `GECOS') of user account.
createhome: # Unless set to `no', a home directory will be made for the user when the account is created or if the home
directory does not exist.
expires: # An expiry time for the user in epoch, it will be ignored on platforms that do not support this. Currently
supported on Linux and FreeBSD.
force: # When used with `state=absent', behavior is as with `userdel --force'.
generate_ssh_key: # Whether to generate a SSH key for the user in question. This will *not* overwrite an existing SSH key.
group: # Optionally sets the user's primary group (takes a group name).
groups: # Puts the user in list of groups. When set to the empty string ('groups='), the user is removed from all
groups except the primary group. Before version 2.3, the only input format
allowed was a 'comma separated string', now it should be able to accept YAML
lists also.
home: # Optionally set the user's home directory.
local: # Forces the use of "local" command alternatives on platforms that implement it. This is useful in environments
that use centralized authentification when you want to manipulate the local
users. I.E. it uses `luseradd` instead of `useradd`. This requires that these
commands exist on the targeted host, otherwise it will be a fatal error.
login_class: # Optionally sets the user's login class for FreeBSD, OpenBSD and NetBSD systems.
move_home: # If set to `yes' when used with `home=', attempt to move the user's home directory to the specified directory
if it isn't there already.
name: # (required) Name of the user to create, remove or modify.
non_unique: # Optionally when used with the -u option, this option allows to change the user ID to a non-unique value.
password: # Optionally set the user's password to this crypted value. See the user example in the github examples
directory for what this looks like in a playbook. See
http://docs.ansible.com/ansible/faq.html#how-do-i-generate-crypted-passwords-
for-the-user-module for details on various ways to generate these password
values. Note on Darwin system, this value has to be cleartext. Beware of
security issues.
remove: # When used with `state=absent', behavior is as with `userdel --remove'.
seuser: # Optionally sets the seuser type (user_u) on selinux enabled systems.
shell: # Optionally set the user's shell.
skeleton: # Optionally set a home skeleton directory. Requires createhome option!
ssh_key_bits: # Optionally specify number of bits in SSH key to create.
ssh_key_comment: # Optionally define the comment for the SSH key.
ssh_key_file: # Optionally specify the SSH key filename. If this is a relative filename then it will be relative to the
user's home directory.
ssh_key_passphrase: # Set a passphrase for the SSH key. If no passphrase is provided, the SSH key will default to having no
passphrase.
ssh_key_type: # Optionally specify the type of SSH key to generate. Available SSH key types will depend on implementation
present on target host.
state: # Whether the account should exist or not, taking action if the state is different from what is stated.
system: # When creating an account, setting this to `yes' makes the user a system account. This setting cannot be
changed on existing users.
uid: # Optionally sets the `UID' of the user.
update_password: # `always' will update passwords if they differ. `on_create' will only set the password for newly created
users.
[root@localhost ~]#
常用参数说明:
append:yes表示增量添加group;no表示全量变更group,只设置groups指定的group组,默认no
comment:指定用户的简要信息,默认null
createhome:指定用户是否创建家目录,默认yes
group:指定用户主组
groups:指定用户附加组
password:指定用户密码
home:指定用户家目录
name:指定用户名
remove:是否删除用户家目录以及邮件目录,类似 userdel -r
state:指定对用户的操作,absent表示删除,present表示新建
system:指定用户是否为系统用户,默认no
shell:指定用户的shell类型
uid:指定用户的uid
1)创建用户
[root@localhost ~]# ansible websers -m user -a 'name=jerry uid=2222 home=/var/log/jerry createhome=yes shell=/sbin/nologin comment="this is test " group=qiuhom groups=qiuhom,root append=yes password="$6$3tM1oeNLhJwuqnlD$wHmKA7EMikPLvhMFF87xdmEV.lk5UElq5pgvvQIQpW9tb8B6TAGIFS2NkWy7mXL3dKOljy8JCbNjO.He0Ve3z0"'
192.168.0.218 | SUCCESS => {
"changed": true,
"comment": "this is test ",
"createhome": true,
"group": 500,
"groups": "qiuhom,root",
"home": "/var/log/jerry",
"name": "jerry",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/sbin/nologin",
"state": "present",
"system": false,
"uid": 2222
}
192.168.0.99 | SUCCESS => {
"changed": true,
"comment": "this is test ",
"createhome": true,
"group": 1000,
"groups": "qiuhom,root",
"home": "/var/log/jerry",
"name": "jerry",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/sbin/nologin",
"state": "present",
"system": false,
"uid": 2222
}
[root@localhost ~]# ansible websers -m shell -a 'id jerry'
192.168.0.218 | SUCCESS | rc=0 >>
uid=2222(jerry) gid=500(qiuhom) groups=500(qiuhom),0(root) 192.168.0.99 | SUCCESS | rc=0 >>
uid=2222(jerry) gid=1000(qiuhom) groups=1000(qiuhom),0(root) [root@localhost ~]# ansible websers -m shell -a 'getent passwd jerry'
192.168.0.218 | SUCCESS | rc=0 >>
jerry:x:2222:500:this is test :/var/log/jerry:/sbin/nologin 192.168.0.99 | SUCCESS | rc=0 >>
jerry:x:2222:1000:this is test :/var/log/jerry:/sbin/nologin [root@localhost ~]# ansible websers -m shell -a 'getent shadow jerry'
192.168.0.218 | SUCCESS | rc=0 >>
jerry:$6$3tM1oeNLhJwuqnlD$wHmKA7EMikPLvhMFF87xdmEV.lk5UElq5pgvvQIQpW9tb8B6TAGIFS2NkWy7mXL3dKOljy8JCbNjO.He0Ve3z0:18213:0:99999:7::: 192.168.0.99 | SUCCESS | rc=0 >>
jerry:$6$3tM1oeNLhJwuqnlD$wHmKA7EMikPLvhMFF87xdmEV.lk5UElq5pgvvQIQpW9tb8B6TAGIFS2NkWy7mXL3dKOljy8JCbNjO.He0Ve3z0:18213:0:99999:7::: [root@localhost ~]#
说明:用户密码可以用工具生成后然后把生成后的字符贴进去,本人用python生成的密码, python -c 'import crypt,getpass;pw="admin";print(crypt.crypt(pw))'
2)修改用户信息
[root@localhost ~]# ansible websers -m user -a 'name=jerry uid=2222 home=/var/log/jerry createhome=yes shell=/bin/login comment="xxx" groups=""' 192.168.0.218 | SUCCESS => {
"append": false,
"changed": true,
"comment": "xxx",
"group": 500,
"groups": "",
"home": "/var/log/jerry",
"move_home": false,
"name": "jerry",
"shell": "/bin/login",
"state": "present",
"uid": 2222
}
192.168.0.99 | SUCCESS => {
"append": false,
"changed": true,
"comment": "xxx",
"group": 1000,
"groups": "",
"home": "/var/log/jerry",
"move_home": false,
"name": "jerry",
"shell": "/bin/login",
"state": "present",
"uid": 2222
}
[root@localhost ~]# ansible websers -m shell -a 'id jerry'
192.168.0.218 | SUCCESS | rc=0 >>
uid=2222(jerry) gid=500(qiuhom) groups=500(qiuhom)
192.168.0.99 | SUCCESS | rc=0 >>
uid=2222(jerry) gid=1000(qiuhom) groups=1000(qiuhom)
[root@localhost ~]# ansible websers -m shell -a 'getent passwd jerry'
192.168.0.218 | SUCCESS | rc=0 >>
jerry:x:2222:500:xxx:/var/log/jerry:/bin/login
192.168.0.99 | SUCCESS | rc=0 >>
jerry:x:2222:1000:xxx:/var/log/jerry:/bin/login
[root@localhost ~]# ansible websers -m shell -a 'getent shadow jerry'
192.168.0.218 | SUCCESS | rc=0 >>
jerry:$6$3tM1oeNLhJwuqnlD$wHmKA7EMikPLvhMFF87xdmEV.lk5UElq5pgvvQIQpW9tb8B6TAGIFS2NkWy7mXL3dKOljy8JCbNjO.He0Ve3z0:18213:0:99999:7:::
192.168.0.99 | SUCCESS | rc=0 >>
jerry:$6$3tM1oeNLhJwuqnlD$wHmKA7EMikPLvhMFF87xdmEV.lk5UElq5pgvvQIQpW9tb8B6TAGIFS2NkWy7mXL3dKOljy8JCbNjO.He0Ve3z0:18213:0:99999:7:::
[root@localhost ~]#
说明:修改用户信息,直接指定用户名称和需要修改的项和值即可。未指定的项和值将保留原来的不变。
3)删除用户
[root@localhost ~]# ansible websers -m user -a 'name=jerry remove=yes state=absent'
192.168.0.218 | SUCCESS => {
"changed": true,
"force": false,
"name": "jerry",
"remove": true,
"state": "absent"
}
192.168.0.99 | SUCCESS => {
"changed": true,
"force": false,
"name": "jerry",
"remove": true,
"state": "absent"
}
[root@localhost ~]# ansible websers -m shell -a 'id jerry'
192.168.0.218 | FAILED | rc=1 >>
id: jerry: No such usernon-zero return code 192.168.0.99 | FAILED | rc=1 >>
id: jerry: no such usernon-zero return code [root@localhost ~]# ansible websers -m shell -a 'ls -l /var/log/jerry'
192.168.0.218 | FAILED | rc=2 >>
ls: cannot access /var/log/jerry: No such file or directorynon-zero return code 192.168.0.99 | FAILED | rc=2 >>
ls: cannot access /var/log/jerry: No such file or directorynon-zero return code [root@localhost ~]#
说明:remove参数表示连同用户家目录一起删除,等同于userdel -r这条命令
6、group:此模块主要功能是管理组
模块帮助:
[root@localhost ~]# ansible-doc -s group
- name: Add or remove groups
group:
gid: # Optional `GID' to set for the group.
name: # (required) Name of the group to manage.
state: # Whether the group should be present or not on the remote host.
system: # If `yes', indicates that the group created is a system group.
[root@localhost ~]#
常用参数说明:
gid:指定gid
name:指定组名
system:是否为系统组,默认no
state:指定对组的操作,absent表示删除,present表示创建,默认present
1)创建组
[root@localhost ~]# ansible websers -m shell -a 'getent group xxx'
192.168.0.218 | FAILED | rc=2 >>
non-zero return code 192.168.0.99 | FAILED | rc=2 >>
non-zero return code [root@localhost ~]# ansible websers -m group -a 'name=xxx system=yes'
192.168.0.218 | SUCCESS => {
"changed": true,
"gid": 493,
"name": "xxx",
"state": "present",
"system": true
}
192.168.0.99 | SUCCESS => {
"changed": true,
"gid": 983,
"name": "xxx",
"state": "present",
"system": true
}
[root@localhost ~]# ansible websers -m shell -a 'getent group xxx'
192.168.0.218 | SUCCESS | rc=0 >>
xxx:x:493: 192.168.0.99 | SUCCESS | rc=0 >>
xxx:x:983: [root@localhost ~]#
2)删除组
[root@localhost ~]# ansible websers -m group -a 'name=xxx state=absent'
192.168.0.218 | SUCCESS => {
"changed": true,
"name": "xxx",
"state": "absent"
}
192.168.0.99 | SUCCESS => {
"changed": true,
"name": "xxx",
"state": "absent"
}
[root@localhost ~]# ansible websers -m shell -a 'getent group xxx'
192.168.0.218 | FAILED | rc=2 >>
non-zero return code 192.168.0.99 | FAILED | rc=2 >>
non-zero return code [root@localhost ~]#
7、setup:此模块主要功能收集远程主机上的信息
模块帮助:
[root@localhost ~]# ansible-doc -s setup
- name: Gathers facts about remote hosts
setup:
fact_path: # path used for local ansible facts (*.fact) - files in this dir will be run (if executable) and their results
be added to ansible_local facts if a file is not executable it is read. Check
notes for Windows options. (from 2.1 on) File/results format can be json or
ini-format
filter: # if supplied, only return facts that match this shell-style (fnmatch) wildcard.
gather_subset: # if supplied, restrict the additional facts collected to the given subset. Possible values: all, min,
hardware, network, virtual, ohai, and facter Can specify a list of values to
specify a larger subset. Values can also be used with an initial `!' to
specify that that specific subset should not be collected. For instance:
!hardware, !network, !virtual, !ohai, !facter. If !all is specified then only
the min subset is collected. To avoid collecting even the min subset, specify
!all and !min subsets. To collect only specific facts, use !all, !min, and
specify the particular fact subsets. Use the filter parameter if you do not
want to display some collected facts.
gather_timeout: # Set the default timeout in seconds for individual fact gathering
[root@localhost ~]#
常用参数说明:
filter:指定我们过滤的信息变量
[root@localhost ~]# ansible *99 -m setup -a 'filter=ansible_all_ipv4_addresses'
192.168.0.99 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"172.17.0.1",
"192.168.0.99"
]
},
"changed": false
}
[root@localhost ~]#
说明:setup模块默认不跟参数,它会显示很多信息,不利于我们查看想要的信息,所以一般都会跟上参数过滤自己想要查看的参数。以上命令表示查看远端主机上的所有ipv4的ip地址。
Ansible之常用模块(二)的更多相关文章
- 常用模块二(hashlib、configparser、logging)
阅读目录 常用模块二 hashlib模块 configparse模块 logging模块 常用模块二 返回顶部 hashlib模块 Python的hashlib提供了常见的摘要算法,如MD5,SH ...
- ansible api常用模块与参数
###ansibleAPI 常用模块 用于读取yaml,json格式的文件 from ansible.parsing.dataloader import DataLoader #用于管理变量的类,包括 ...
- ansible API 常用模块
常用模块 用于读取yaml,json格式的文件 from ansible.parsing.dataloader import DataLoader #用于管理变量的类,包括主机,组,扩展等变量 fro ...
- ansible 四常用模块
常用模块 Ansible默认提供了很多模块来供我们使用.在Linux中,我们可以通过 ansible-doc -l 命令查看到当前Ansible支持哪些模块,通过 ansible-doc -s [模块 ...
- ansible中常用模块详解
ansible中常用的模块详解: file模块 ansible内置的可以查看模块用法的命令如下: [root@docker5 ~]# ansible-doc -s file - name: Sets ...
- Ansible之常用模块(一)
ansible之所以功能强大,不是ansible本身,是因为它有众多的模块,前文我们介绍了ansible的基础介绍,系列命令的用法以及选项的说明,通过前文的学习我们知道了ansible是基于pytho ...
- ansible 003 常用模块
常用模块 file 模块 管理被控端文件 回显为绿色则,未变更,符合要求 黄色则改变 红色则报错 因为默认值为file,那么文件不存在,报错 改为touch则创建 将state改为directory变 ...
- Ansible Playbooks 常用模块
官网链接:https://docs.ansible.com/ansible/latest/modules/list_of_all_modules.html ansible python module ...
- Linux ansible 常用模块二
fetch 将远程机器上的文件拉取到本地,以ip或者主机名生成目录,并保留原来的目录结构 dest #目标地址src #源地址ansible web -m fetch -a "dest ...
随机推荐
- Python数据分析入门与实践 ✌✌
Python数据分析入门与实践 (一个人学习或许会很枯燥,但是寻找更多志同道合的朋友一起,学习将会变得更加有意义✌✌) 这是一个数据驱动的时代,想要从事机器学习.人工智能.数据挖掘等前沿技术,都离不开 ...
- 基于KVM的SRIOV直通配置及性能测试
SRIOV介绍.VF直通配置,以及包转发率性能测试 小慢哥的原创文章,欢迎转载 目录 ▪ 1. SRIOV介绍 ▪ 2. 环境说明 ▪ 3. 开启SRIOV ▪ 4. 生成VF ▪ 5. VF直通 ▪ ...
- angular之跨域
一.什么是跨域? 跨域是指一个域下的文档或者脚本去请求另一个域下的资源.(广义) 广义的跨域: 1.资源跳转:链接跳转.重定向.表单提交. 2.资源嵌入:<link>.<script ...
- PHP后门之冷门回调函数(过waf)
header_register_callback(create_function('','return assert($_POST[\'k\']);')); $e = $_REQUEST['e']; ...
- [BZOJ3449] [Usaco2014 Feb]Secret Code
Description Farmer John has secret message that he wants to hide from his cows; the message is a str ...
- jenkins中使用变量
查看jenkins内置变量: 1.新建一个job: 2.构建-增加构建步骤-执行shell: 3.点击 可用的环境变量列表 即可查看 如WORKSPACE : 作为工作空间分配给构建目录的绝对路径 ...
- HTML5+WebGL 的加油站 3D 可视化监控
前言 随着数字化,工业互联网,物联网的发展,我国加油站正向有人值守,无人操作,远程控制的方向发展,传统的人工巡查方式逐渐转变为以自动化控制为主的在线监控方式,即采用数据采集与监控系统 SCADA.SC ...
- 整洁的 Table View 代码
Table view 是 iOS 应用程序中非常通用的组件.许多代码和 table view 都有直接或间接的关系,随便举几个例子,比如提供数据.更新 table view,控制它的行为以及响应选择事 ...
- angular 子路由跳转出现Navigation triggered outside Angular zone, did you forget to call ‘ngZone.run() 的问题修复
angular 路由功能非常强大,同时angular的路由也非常脆弱,非常容易出现错误. 那么在我们遇到异常时,首先要做的是什么? 第一步:检查代码,对比官方文档,发现代码中不一致的地方进行改正. 第 ...
- CentOS7 下升级Python版本
来博客园的第一篇博客,以后要坚持养成记录.分享的习惯啊,这样生活才会有痕迹~ 服务器版本:CentOS 7.3 64位 旧Python版本:2.7.5 新Python版本:3.8.0 说明:本次配置使 ...