自动化运维工具-Ansible之2-ad-hoc
自动化运维工具-Ansible之2-ad-hoc
目录
Ansible ad-hoc
ad-hoc就是“临时命令”,执行完即结束,并不会保存
ad-hoc模式使用场景
比如在多台机器上查看某个进程是否启动,或拷贝指定文件到本地,等等
ad-hoc模式的命令使用
#批量查看磁盘信息[root@m01 ~]# ansible web_group -m command -a 'df -h' -i ./hostsweb02 | CHANGED | rc=0 >>文件系统 容量 已用 可用 已用% 挂载点/dev/sda3 18G 1.1G 17G 6% /devtmpfs 981M 0 981M 0% /devtmpfs 992M 0 992M 0% /dev/shmtmpfs 992M 9.5M 982M 1% /runtmpfs 992M 0 992M 0% /sys/fs/cgroup/dev/sda1 1014M 124M 891M 13% /boottmpfs 199M 0 199M 0% /run/user/0web01 | CHANGED | rc=0 >>文件系统 容量 已用 可用 已用% 挂载点/dev/sda3 18G 1.1G 17G 6% /devtmpfs 981M 0 981M 0% /devtmpfs 992M 0 992M 0% /dev/shmtmpfs 992M 9.5M 982M 1% /runtmpfs 992M 0 992M 0% /sys/fs/cgroup/dev/sda1 1014M 124M 891M 13% /boottmpfs 199M 0 199M 0% /run/user/0#批量查看内存信息[root@m01 ~]# ansible web_group -m command -a 'free -m' -i ./hostsweb01 | CHANGED | rc=0 >>total used free shared buff/cache availableMem: 1982 143 1688 9 150 1668Swap: 1023 0 1023web02 | CHANGED | rc=0 >>total used free shared buff/cache availableMem: 1982 142 1684 9 155 1666Swap: 1023 0 1023
ad-hoc结果返回颜色
绿色: 代表被管理端主机没有被修改
黄色: 代表被管理端主机发现变更
红色: 代表出现了故障,注意查看提示
ad-hoc常用模块
command # 执行shell命令(不支持管道等特殊字符)shell # 执行shell命令scripts # 执行shell脚本yum_repository # 配置yum仓库yum # 安装软件copy # 变更配置文件file # 建立目录或文件service # 启动与停止服务mount # 挂载设备cron # 定时任务get_url # 下载软件firewalld # 防火墙selinux # selinux
ansible-doc帮助手册
[root@m01 ~]# ansible-doc -l # 查看所有模块说明[root@m01 ~]# ansible-doc copy # 查看指定模块方法[root@m01 ~]# ansible-doc -s copy # 查看指定模块参数
Ansible命令模块
command默认模块, 执行shell命令,不支持管道等特殊字符
[root@m01 ~]# ansible web01 -a "hostname"
shell执行shell命令,支持管道等特殊字符,使用$需要\转义
[root@m01 ~]# ansible web01 -m shell -a "ps -ef|grep nginx" -f 50
[root@m01 ~]# ansible 'web01' -m shell -a "ifconfig eth0 | awk 'NR==2 {print $2}'"web01 | CHANGED | rc=0 >>inet 10.0.0.7 netmask 255.255.255.0 broadcast 10.0.0.255[root@m01 ~]# ansible 'web01' -m shell -a "ifconfig eth0 | awk 'NR==2 {print \$2}'"web01 | CHANGED | rc=0 >>10.0.0.7
script执行shell脚本
# 编写脚本[root@m01 ~]# vim /root/yum.sh#!/usr/bin/bashyum install -y vsftpd#在本地运行模块,等同于在远程执行,不需要将脚本文件进行推送目标主机执行[root@m01 ~]# ansible web01 -m script -a "/root/yum.sh"
Ansible软件管理模块
yum安装软件
[root@m01 ~]# ansible web01 -m yum -a "name=httpd state=present"[root@m01 ~]# ansible-doc yumnamehttpd # 指定要安装的软件包名称file:// # 指定本地安装路径(yum localinstall 本地rpm包)http:// # 指定yum源(从远程仓库获取rpm包)state # 指定使用yum的方法installed,present # 安装软件包removed,absent # 移除软件包latest # 安装最新软件包exclude=kernel*,foo* # 排除某些包list=ansible # 类似于yum list查看是否可以安装disablerepo="epel,ol7_latest" # 禁用指定的yum仓库download_only=true # 只下载不安装
yum_repository配置yum仓库
# 添加yum仓库[root@m01 ~]# ansible web01 -m yum_repository -a "name=oldboy_epel description=EPEL baseurl=https://download.fedoraproject.org/pub/epel/$releasever/$basearch/" -i ./hosts# 仓库名和配置文件名不同[root@m01 ~]# ansible web01 -m yum_repository -a 'name=oldboy_epel description=EPEL file=test_oldboy baseurl=https://download.fedoraproject.org/pub/base/$releasever/$basearch/ gpgcheck=no' -i ./hosts# 添加mirrorlist[root@m01 ~]# ansible web01 -m yum_repository -a 'name=oldboy_epel description=EPEL file=test_oldboy baseurl=https://download.fedoraproject.org/pub/base/$releasever/$basearch/ gpgcheck=no mirrorlist=http://mirrorlist.repoforge.org/el7/mirrors-rpmforge enabled=no' -i ./hosts# 删除yum仓库及文件[root@m01 ~]# ansible web01 -m yum_repository -a 'name=oldboy_epel file=test_oldboy state=absent' -i ./hosts# 开启gpgcheck[root@m01 ~]# ansible web01 -m yum_repository -a 'name=oldboy_epel description=EPEL file=test_oldboy baseurl=https://download.fedoraproject.org/pub/base/$releasever/$basearch/ gpgcheck=yes gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7' -i ./hostsname #yum源里[]中的内容description #yum源里name的值file #yum源的文件名mirrorlist #yum源的列表baseurl # yum源中的仓库地址gpgcheck # yum源是否检查检查秘钥noyesstateabsent # 删除present # 添加(默认)enabled # 是否启用仓库noyes
Ansible文件管理模块
copy
src # 推送数据的源文件信息dest # 推送数据的目标路径backup: # 目标文件是否备份yes # 备份no # 不备份follow: # 是否识别软链接yesnocontent # 直接在被管理端文件中添加内容group # 将本地文件推送到远端,指定文件属组信息owner # 将本地文件推送到远端,指定文件属主信息mode # 将本地文件推送到远端,指定文件权限信息
# 推送文件并授权[root@m01 ~]# ansible web01 -m copy -a "src=/etc/passwd dest=/tmp/oldboy.txt owner=www group=www mode=777"# 在推送覆盖远程端文件前,对远端已有文件按照时间信息备份[root@m01 ~]# ansible web01 -m copy -a "src=/etc/passwd dest=/tmp/oldboy.txt backup=yes"# 直接向远端文件内写入数据信息,并且会覆盖远端文件内原有数据信息[root@m01 ~]# ansible web01 -m copy -a "content='oldboy' dest=/tmp/oldboy.txt"#识别软链接[root@m01 ~]# ansible 'web01' -m copy -a 'src=/root/test dest=/tmp owner=nginx group=nginx mode=0644 follow=yes'[root@m01 ~]# ansible 'web01' -m copy -a 'src=/root/test dest=/tmp owner=nginx group=nginx mode=0644 follow=no'
file
src: # 源文件(如果做软链接就是远程机器上的文件)dest: # 目标文件(如果做软链接就是远程机器上的链接文件)path # 指定远程主机目录或文件信息recurse # 递归授权yesstatedirectory # 在远端创建目录(默认递归)touch # 在远端创建文件link # link或hard表示创建链接文件absent # 表示删除文件或目录mode # 设置文件或目录权限owner # 设置文件或目录属主信息group # 设置文件或目录属组信息
# 递归创建目录并授权[root@m01 ~]# ansible web01 -m file -a "path=/tmp/tmp1/oldboy_dir state=directory mode=0777 owner=root group=root"[root@m01 ~]# ansible web01 -m file -a "path=/tmp/tmp/oldboy_dir state=directory owner=www group=www mode=0700 recurse=yes"# 创建文件并授权[root@m01 ~]# ansible web01 -m file -a "path=/tmp/oldboy_file state=touch mode=0555 owner=root group=root"# 做软连接[root@m01 ~]# ansible web01 -m file -a "src=/tmp/oldboy_dir dest=/tmp/oldboy_dir_link state=link"# 删除文件[root@m01 ~]# ansible web01 -m file -a 'path=/tmp/oldboy_dir_link state=absent'# 递归授权目录
get_url
[root@m01 ~]# ansible-doc get_urlurl # 指定下载地址dest # 指定下载目录mode # 指定权限checksum # 校验加密算法md5sha256
# 下载包并授权[root@m01 ~]# ansible web01 -m get_url -a 'url=https://mirrors.aliyun.com/zabbix/zabbix/3.4/rhel/7/x86_64/zabbix-agent-3.4.0-1.el7.x86_64.rpm dest=/tmp mode=0644'#下载包时验证[root@web01 /tmp]# md5sum zabbix-agent-3.4.0-1.el7.x86_64.rpmba1f2511fc30423bdbb183fe33f3dd0f index.html[root@m01 ~]# ansible web01 -m get_url -a 'url=https://mirrors.aliyun.com/zabbix/zabbix/3.4/rhel/7/x86_64/zabbix-agent-3.4.0-1.el7.x86_64.rpm dest=/opt mode=0644 checksum=md5:ba1f2511fc30423bdbb183fe33f3dd0f'
Ansible服务管理模块
service
[root@m01 ~]# ansible-doc serviceEXAMPLES:- name: Start service httpd, if not startedservice:name: httpdstate: startedenabled: yesname: httpd # 服务的名字state:started # 启动服务stopped # 停止服务restarted # 重启服务reloaded # 重载服务enabled: # 开机自启yesno
systemd
[root@m01 ~]# ansible-doc systemdEXAMPLES:- name: Start service httpd, if not startedsystemd:name: httpdstate: startedenabled: yesdaemon_reload: yesname: httpd # 服务的名字state:started # 启动服务stopped # 停止服务restarted # 重启服务reloaded # 重载服务enabled: # 开机自启yesnodaemon_reload: # 后台启动
# 停止nginx服务[root@m01 ~]# ansible web01 -m service -a 'name=nginx state=stopped'# 启动httpd服务,并加入开机自启[root@m01 ~]# ansible web01 -m systemd -a 'name=httpd state=started enabled=yes'
Ansible用户管理模块
group
name #指定创建的组名gid #指定组的gidstateabsent #移除远端主机的组present #创建远端主机的组(默认)
# 创建用户组[root@m01 ~]# ansible web01 -m group -a 'name=www state=present gid=777'# 删除用户组[root@m01 ~]# ansible web01 -m group -a 'name=www state=absent'
user
- name: Add the user 'johnd' with a specific uid and a primary group of 'admin'user:name: johnd # 用户名comment: John Doe # 用户的注释uid: 1040 # 用户uidgroup: admin # 用户的组名称groups: admins,developers # 指定附加组名称shell: /bin/bash # 指定登录脚本append: yes # 添加附加组时使用remove: yes # 移除家目录generate_ssh_key: yes # 是否生成密钥对ssh_key_bits: 2048 # 秘钥加密的位数ssh_key_file: .ssh/id_rsa # 秘钥文件expires: 1422403387 # 用户的有效时间state:present # 添加用户(默认)absent # 删除用户create_home:yes/no # 是否创建家目录password # 给用户添加密码(单引号)
# 创建用户指定uid和gid,不创建家目录也不允许登陆[root@m01 ~]# ansible web01 -m user -a 'name=www uid=666 group=666 shell=/sbin/nologin create_home=false'# 仅删除用户[root@m01 ~]# ansible web01 -m user -a 'name=www state=absent'# 删除用户及用户组[root@m01 ~]# ansible web01 -m user -a 'name=www state=absent remove=yes'# 将明文密码进行hash加密,然后创建用户并设定密码(密码必须是密文)[root@m01 ~]# ansible web01 -m debug -a "msg={{ 'oldboy' | password_hash('sha512', 'salt') }}"web01 | SUCCESS => {"msg": "$6$salt$xaunY8IjwsGxX14Fn5MU7iRza9R7crMbDiMUAG0b7Ku0f9pE.Am4ScvdCxURf.y0hsHX4o5bo3JSn/.DDXP8u1"}[root@m01 ~]# ansible web01 -m user -a 'name=oldboy1 password=$6$salt$xaunY8IjwsGxX14Fn5MU7iRza9R7crMbDiMUAG0b7Ku0f9pE.Am4ScvdCxURf.y0hsHX4o5bo3JSn/.DDXP8u1 create_home=true shell=/bin/bash'
注意:
- 如果用户名字跟组名字相同,删除用户是会将组也删除
- 当组下面有多个用户,删除的与组同名的用户也不会删除组
# 创建用户并生成秘钥对[root@m01 ~]# ansible web01 -m user -a "name=oldboy uid=888 group=root shell=/bin/bash generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa" -i ./hostsweb01 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"},"changed": true,"comment": "","create_home": true,"group": 0,"home": "/home/oldboy","name": "oldboy","shell": "/bin/bash","ssh_fingerprint": "2048 SHA256:WEMHCpSjxxqFwlzrCk1FqrPqeq6N/SHxL1gFTSqHlGM ansible-generated on web01 (RSA)","ssh_key_file": "/home/oldboy/.ssh/id_rsa","ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDRx+bCYGh4FqpKoPzyXrR8ef9GwoY6l6QEFQ0+XPynR22fd9Lbs1eUxWDm5aH4ZO8sPaI8a5xmj88Sipwl0FxlQTjD2X/vreZNEDbwFWrbZ24VvPkfPSSWBh5SxLH6pJt8pGQpPVWuLRMx6yOOxRB1hh9bGFzQNg5z8xqzeogTOoI7cxSFZVuUb5affNj8H5mCw2nAvblV+HNhRzbMlwr+9/EWcCWHDnlVYcELHXjpNJcyGB3VFOu1MPkmLaSTcaB73O0eRvZQkYMBePKJC44tvjHihGhvCk9rzh8qvzHxvMgoMD/+0uKAlIwEvOyfAczb7fxllU0rDtbyPtjbuLsR ansible-generated on web01","state": "present","system": false,"uid": 888}web02 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"},"changed": true,"comment": "","create_home": true,"group": 0,"home": "/home/oldboy","name": "oldboy","shell": "/bin/bash","ssh_fingerprint": "2048 SHA256:IepfOosi2Xm8kfr4nOPAhG3fec6o8kpMnJ0/RwN+0F8 ansible-generated on web02 (RSA)","ssh_key_file": "/home/oldboy/.ssh/id_rsa","ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEcO9iDKg4X8ya/y9E0eDelAFMp/rxiDSzW31r+REawaQyF4oywcdIagpz0MTg2BeF2WdaYUmHmtmSTfSOMif26+R1FLcL9f9NYu3io/0388jukcTfyN02diXWgqoKtt4Gbm8Bq8sWE4tX/FSYl42fG6bX1AyDSMzzB7ERr2AD/Y9KuKt7cEXDinGjqTFEXw6+x1wBHpotkUisYiZCci+1Nx4YSznVRBveZTlpxMUYmKgwkUXQIt+RoOYzjgD++0md8O7lwJGgODZkahlrf2pOQnmpS4isLi9or4N+DVnqD+cXb/RjgJzPIJZYazgRY3vtAU9DDqm5i049x/VxEqFj ansible-generated on web02","state": "present","system": false,"uid": 888}
Ansible定时任务模块
cron
- name: Ensure a job that runs at 2 and 5 exists. Creates an entry like "0 5,2 * * ls -alh > /dcron:name: "check dirs" # 定时任务的注释minute: "0" # 分钟hour: "5,2" # 小时day: "2" # 日month: "2" # 月weekday: "2" # 周job: "ls -alh > /dev/null" # 定时任务的内容state:absent # 删除定时任务present # 添加定时任务
# 添加定时任务[root@m01 ~]# ansible web01 -m cron -a 'name="时间同步" minute=*/10 job="/usr/sbin/ntpdate time1.aliyun.com &> /dev/null"'# 修改定时任务(名字相同,只修改内容)[root@m01 ~]# ansible web01 -m cron -a 'name="时间同步" job="/usr/sbin/ntpdate time1.aliyun.com &> /dev/null"'# 删除相应定时任务(只能用name参数)[root@m01 ~]# ansible web01 -m cron -a "name='时间同步' state=absent"# 注释相应定时任务[root@m01 ~]# ansible web01 -m cron -a 'name="时间同步" job="/usr/sbin/ntpdate time1.aliyun.com &> /dev/null" disabled=yes'
Ansible磁盘挂载模块
mount
- name: Mount DVD read-onlymount:path: /mnt/dvd # 挂载的目录(nfs客户端)src: /dev/sr0 # 远端被挂载的目录 (nfs服务端)fstype: nfs # 挂载类型opts: ro,noauto # 自动挂载的参数state:present # 开机挂载,仅将挂载配置写入/etc/fstabunmounted # 卸载设备,不会清除/etc/fstab写入的配置mounted # 卸载设备,会清理/etc/fstab写入的配置(常用)absent # 取消临时挂载,并且清理自动挂载(常用)
[root@m01 ~]# ansible web01 -m mount -a "src=172.16.1.31:/data path=/data fstype=nfs opts=defaults state=present"[root@m01 ~]# ansible web02 -m mount -a "src=172.16.1.31:/data path=/data fstype=nfs opts=defaults state=mounted"[root@m01 ~]# ansible web02 -m mount -a "src=172.16.1.31:/data path=/data fstype=nfs opts=defaults state=unmounted"[root@m01 ~]# ansible web02 -m mount -a "src=172.16.1.31:/data path=/data fstype=nfs opts=defaults state=absent"
Ansible防火墙模块
selinux
# 关闭selinux修改配置文件,必须重启[root@m01 ~]# ansible web01 -m selinux -a 'state=disabled'[WARNING]: SELinux state temporarily changed from 'enforcing' to 'permissive'. State change will take effect next reboot.web01 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"},"changed": true,"configfile": "/etc/selinux/config","msg": "Config SELinux state changed from 'enforcing' to 'disabled'","policy": "targeted","reboot_required": true,"state": "disabled"}# 临时关闭[root@m01 ~]# ansible web01 -m shell -a 'setenforce 0'web01 | CHANGED | rc=0 >>[root@m01 ~]# ansible web01 -m shell -a 'getenforce'web01 | CHANGED | rc=0 >>Permissive
firewalld
service: https # 指定开放或关闭的服务名称permanent:yes # 永久生效no # 临时生效state:enabled # 开启disable # 关闭port: 8081/tcp 161-162/udp # 防火墙配置的端口zone: dmz # 指定配置空间rich_rule: # 辅规则source: 192.0.2.0/24 # 防火墙配置的源ipmasquerade:yes # 开启ip伪装no # 关闭ip伪装interface: eth2 # 绑定网卡immediate # 临时生效
# 允许访问http,永久生效[root@m01 ~]# ansible web01 -m firewalld -a 'service=http permanent=yes state=enabled'# 允许80端口被访问,临时生效[root@m01 ~]# ansible web01 -m firewalld -a 'port=80/tcp state=enabled'[root@m01 ~]# ansible web_group -m firewalld -a "service=http immediate=yes permanent=yes state=enabled"# 允许10.0.0.0/24网段访问22端口[root@m01 ~]# ansible web01 -m firewalld -a 'rich_rule="rule family=ipv4 source address=10.0.0.0/24 service name=ssh accept" state=enabled'# 允许10.0.0.0/24网段访问所有服务[root@m01 ~]# ansible web01 -m firewalld -a 'source=10.0.0.0/24 zone=trusted state=enabled permanent=yes'
Ansible压缩解压模块
Archive压缩
- name: Compress directory /path/to/foo/ into /path/to/foo.tgzarchive:path: /path/to/foo #要压缩的文件或目录dest: /path/to/foo.tgz #压缩后的文件format:bz2, gz, tar, xz, zip #指定打包的类型
#1.打包站点目录[root@m01 /package]# ansible web01 -m archive -a 'path=/code dest=/tmp/code.tar.gz'
unarchive解压
- name: Unarchive a file that is already on the remote machineunarchive:src: /tmp/foo.zip #要解压的包dest: /usr/local/bin #解压到目标位置remote_src:yes #要解压的包在受控端no #要解压的包在控制端
#1.解压控制端的包到受控端[root@m01 /package]# ansible web01 -m unarchive -a 'src=/package/php.tar.gz dest=/tmp/'#2.解压受控端的包到受控端[root@m01 /package]# ansible web02 -m unarchive -a 'src=/package/php.tar.gz dest=/tmp/ remote_src=yes'
Ansible主机信息模块
这个模块非常实用
在公司中总会有一些需求
比如:
1.根据不同主机不同IP创建对应IP的目录
2.根据不同主机不同主机名创建对应主机名的目录
3.自动化运维平台需要自动获取到主机的IP地址,内存信息,磁盘信息,主机名...等
4.如果安装数据库,分配内存为物理内存的80%,此时有3台不同物理内存的机器2G、4G、16G
写一个playbook的情况下,我需要获取到对应主机的内存并作出计算,写判断。
setup
- 获取所有主机信息
[root@m01 ~]# ansible web01 -m setupweb01 | SUCCESS => {"ansible_facts": {"ansible_all_ipv4_addresses": ["10.0.0.7"],"ansible_all_ipv6_addresses": ["fe80::20c:29ff:fef8:9880"],"ansible_apparmor": {"status": "disabled"},"ansible_architecture": "x86_64","ansible_bios_date": "04/13/2018","ansible_bios_version": "6.00","ansible_cmdline": {"BOOT_IMAGE": "/vmlinuz-3.10.0-862.el7.x86_64","LANG": "en_US.UTF-8","biosdevname": "0","net.ifnames": "0","quiet": true,"rhgb": true,"ro": true,"root": "UUID=7348b9b1-f2a7-46c6-bede-4f22224dc168"},"ansible_date_time": {"date": "2019-09-10","day": "10","epoch": "1568115243","hour": "19","iso8601": "2019-09-10T11:34:03Z","iso8601_basic": "20190910T193403218395","iso8601_basic_short": "20190910T193403","iso8601_micro": "2019-09-10T11:34:03.218468Z","minute": "34","month": "09","second": "03","time": "19:34:03","tz": "CST","tz_offset": "+0800","weekday": "星期二","weekday_number": "2","weeknumber": "36","year": "2019"},"ansible_default_ipv4": {"address": "10.0.0.7","alias": "eth0","broadcast": "10.0.0.255","gateway": "10.0.0.2","interface": "eth0","macaddress": "00:0c:29:f8:98:80","mtu": 1500,"netmask": "255.255.255.0","network": "10.0.0.0","type": "ether"},"ansible_default_ipv6": {},"ansible_device_links": {"ids": {"sr0": ["ata-VMware_Virtual_IDE_CDROM_Drive_00000000000000000001"],"sr1": ["ata-VMware_Virtual_IDE_CDROM_Drive_10000000000000000001"]},"labels": {},"masters": {},"uuids": {"sda1": ["8e547355-994a-4bad-a941-da93f4f1cdfd"],"sda2": ["9e4d046c-02cf-47bd-a4bf-1e8b5fa4bed5"],"sda3": ["7348b9b1-f2a7-46c6-bede-4f22224dc168"]}},"ansible_devices": {"sda": {"holders": [],"host": "SCSI storage controller: LSI Logic / Symbios Logic 53c1030 PCI-X Fusion-MPT Dual Ultra320 SCSI (rev 01)","links": {"ids": [],"labels": [],"masters": [],"uuids": []},"model": "VMware Virtual S","partitions": {"sda1": {"holders": [],"links": {"ids": [],"labels": [],"masters": [],"uuids": ["8e547355-994a-4bad-a941-da93f4f1cdfd"]},"sectors": "2097152","sectorsize": 512,"size": "1.00 GB","start": "2048","uuid": "8e547355-994a-4bad-a941-da93f4f1cdfd"},"sda2": {"holders": [],"links": {"ids": [],"labels": [],"masters": [],"uuids": ["9e4d046c-02cf-47bd-a4bf-1e8b5fa4bed5"]},"sectors": "2097152","sectorsize": 512,"size": "1.00 GB","start": "2099200","uuid": "9e4d046c-02cf-47bd-a4bf-1e8b5fa4bed5"},"sda3": {"holders": [],"links": {"ids": [],"labels": [],"masters": [],"uuids": ["7348b9b1-f2a7-46c6-bede-4f22224dc168"]},"sectors": "37746688","sectorsize": 512,"size": "18.00 GB","start": "4196352","uuid": "7348b9b1-f2a7-46c6-bede-4f22224dc168"}},"removable": "0","rotational": "1","sas_address": null,"sas_device_handle": null,"scheduler_mode": "deadline","sectors": "41943040","sectorsize": "512","size": "20.00 GB","support_discard": "0","vendor": "VMware,","virtual": 1},"sr0": {"holders": [],"host": "IDE interface: Intel Corporation 82371AB/EB/MB PIIX4 IDE (rev 01)","links": {"ids": ["ata-VMware_Virtual_IDE_CDROM_Drive_00000000000000000001"],"labels": [],"masters": [],"uuids": []},"model": "VMware IDE CDR00","partitions": {},"removable": "1","rotational": "1","sas_address": null,"sas_device_handle": null,"scheduler_mode": "deadline","sectors": "2097151","sectorsize": "512","size": "1024.00 MB","support_discard": "0","vendor": "NECVMWar","virtual": 1},"sr1": {"holders": [],"host": "IDE interface: Intel Corporation 82371AB/EB/MB PIIX4 IDE (rev 01)","links": {"ids": ["ata-VMware_Virtual_IDE_CDROM_Drive_10000000000000000001"],"labels": [],"masters": [],"uuids": []},"model": "VMware IDE CDR10","partitions": {},"removable": "1","rotational": "1","sas_address": null,"sas_device_handle": null,"scheduler_mode": "deadline","sectors": "2097151","sectorsize": "512","size": "1024.00 MB","support_discard": "0","vendor": "NECVMWar","virtual": 1}},"ansible_distribution": "CentOS","ansible_distribution_file_parsed": true,"ansible_distribution_file_path": "/etc/redhat-release","ansible_distribution_file_variety": "RedHat","ansible_distribution_major_version": "7","ansible_distribution_release": "Core","ansible_distribution_version": "7.5","ansible_dns": {"nameservers": ["10.0.0.2"]},"ansible_domain": "","ansible_effective_group_id": 0,"ansible_effective_user_id": 0,"ansible_env": {"HOME": "/root","LANG": "zh_CN.UTF-8","LESSOPEN": "||/usr/bin/lesspipe.sh %s","LOGNAME": "root","LS_COLORS": "rs=0:di=38;5;27:ln=38;5;51:mh=44;38;5;15:pi=40;38;5;11:so=38;5;13:do=38;5;5:bd=48;5;232;38;5;11:cd=48;5;232;38;5;3:or=48;5;232;38;5;9:mi=05;48;5;232;38;5;15:su=48;5;196;38;5;15:sg=48;5;11;38;5;16:ca=48;5;196;38;5;226:tw=48;5;10;38;5;16:ow=48;5;10;38;5;21:st=48;5;21;38;5;15:ex=38;5;34:*.tar=38;5;9:*.tgz=38;5;9:*.arc=38;5;9:*.arj=38;5;9:*.taz=38;5;9:*.lha=38;5;9:*.lz4=38;5;9:*.lzh=38;5;9:*.lzma=38;5;9:*.tlz=38;5;9:*.txz=38;5;9:*.tzo=38;5;9:*.t7z=38;5;9:*.zip=38;5;9:*.z=38;5;9:*.Z=38;5;9:*.dz=38;5;9:*.gz=38;5;9:*.lrz=38;5;9:*.lz=38;5;9:*.lzo=38;5;9:*.xz=38;5;9:*.bz2=38;5;9:*.bz=38;5;9:*.tbz=38;5;9:*.tbz2=38;5;9:*.tz=38;5;9:*.deb=38;5;9:*.rpm=38;5;9:*.jar=38;5;9:*.war=38;5;9:*.ear=38;5;9:*.sar=38;5;9:*.rar=38;5;9:*.alz=38;5;9:*.ace=38;5;9:*.zoo=38;5;9:*.cpio=38;5;9:*.7z=38;5;9:*.rz=38;5;9:*.cab=38;5;9:*.jpg=38;5;13:*.jpeg=38;5;13:*.gif=38;5;13:*.bmp=38;5;13:*.pbm=38;5;13:*.pgm=38;5;13:*.ppm=38;5;13:*.tga=38;5;13:*.xbm=38;5;13:*.xpm=38;5;13:*.tif=38;5;13:*.tiff=38;5;13:*.png=38;5;13:*.svg=38;5;13:*.svgz=38;5;13:*.mng=38;5;13:*.pcx=38;5;13:*.mov=38;5;13:*.mpg=38;5;13:*.mpeg=38;5;13:*.m2v=38;5;13:*.mkv=38;5;13:*.webm=38;5;13:*.ogm=38;5;13:*.mp4=38;5;13:*.m4v=38;5;13:*.mp4v=38;5;13:*.vob=38;5;13:*.qt=38;5;13:*.nuv=38;5;13:*.wmv=38;5;13:*.asf=38;5;13:*.rm=38;5;13:*.rmvb=38;5;13:*.flc=38;5;13:*.avi=38;5;13:*.fli=38;5;13:*.flv=38;5;13:*.gl=38;5;13:*.dl=38;5;13:*.xcf=38;5;13:*.xwd=38;5;13:*.yuv=38;5;13:*.cgm=38;5;13:*.emf=38;5;13:*.axv=38;5;13:*.anx=38;5;13:*.ogv=38;5;13:*.ogx=38;5;13:*.aac=38;5;45:*.au=38;5;45:*.flac=38;5;45:*.mid=38;5;45:*.midi=38;5;45:*.mka=38;5;45:*.mp3=38;5;45:*.mpc=38;5;45:*.ogg=38;5;45:*.ra=38;5;45:*.wav=38;5;45:*.axa=38;5;45:*.oga=38;5;45:*.spx=38;5;45:*.xspf=38;5;45:","MAIL": "/var/mail/root","PATH": "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin","PWD": "/root","SELINUX_LEVEL_REQUESTED": "","SELINUX_ROLE_REQUESTED": "","SELINUX_USE_CURRENT_RANGE": "","SHELL": "/bin/bash","SHLVL": "2","SSH_CLIENT": "10.0.0.51 53512 22","SSH_CONNECTION": "10.0.0.51 53512 10.0.0.7 22","SSH_TTY": "/dev/pts/1","TERM": "xterm-256color","USER": "root","XDG_RUNTIME_DIR": "/run/user/0","XDG_SESSION_ID": "87","_": "/usr/bin/python"},"ansible_eth0": {"active": true,"device": "eth0","features": {"busy_poll": "off [fixed]","fcoe_mtu": "off [fixed]","generic_receive_offload": "on","generic_segmentation_offload": "on","highdma": "off [fixed]","hw_tc_offload": "off [fixed]","l2_fwd_offload": "off [fixed]","large_receive_offload": "off [fixed]","loopback": "off [fixed]","netns_local": "off [fixed]","ntuple_filters": "off [fixed]","receive_hashing": "off [fixed]","rx_all": "off","rx_checksumming": "off","rx_fcs": "off","rx_udp_tunnel_port_offload": "off [fixed]","rx_vlan_filter": "on [fixed]","rx_vlan_offload": "on","rx_vlan_stag_filter": "off [fixed]","rx_vlan_stag_hw_parse": "off [fixed]","scatter_gather": "on","tcp_segmentation_offload": "on","tx_checksum_fcoe_crc": "off [fixed]","tx_checksum_ip_generic": "on","tx_checksum_ipv4": "off [fixed]","tx_checksum_ipv6": "off [fixed]","tx_checksum_sctp": "off [fixed]","tx_checksumming": "on","tx_fcoe_segmentation": "off [fixed]","tx_gre_csum_segmentation": "off [fixed]","tx_gre_segmentation": "off [fixed]","tx_gso_partial": "off [fixed]","tx_gso_robust": "off [fixed]","tx_ipip_segmentation": "off [fixed]","tx_lockless": "off [fixed]","tx_nocache_copy": "off","tx_scatter_gather": "on","tx_scatter_gather_fraglist": "off [fixed]","tx_sctp_segmentation": "off [fixed]","tx_sit_segmentation": "off [fixed]","tx_tcp6_segmentation": "off [fixed]","tx_tcp_ecn_segmentation": "off [fixed]","tx_tcp_mangleid_segmentation": "off","tx_tcp_segmentation": "on","tx_udp_tnl_csum_segmentation": "off [fixed]","tx_udp_tnl_segmentation": "off [fixed]","tx_vlan_offload": "on [fixed]","tx_vlan_stag_hw_insert": "off [fixed]","udp_fragmentation_offload": "off [fixed]","vlan_challenged": "off [fixed]"},"hw_timestamp_filters": [],"ipv4": {"address": "10.0.0.7","broadcast": "10.0.0.255","netmask": "255.255.255.0","network": "10.0.0.0"},"ipv6": [{"address": "fe80::20c:29ff:fef8:9880","prefix": "64","scope": "link"}],"macaddress": "00:0c:29:f8:98:80","module": "e1000","mtu": 1500,"pciid": "0000:02:01.0","promisc": false,"speed": 1000,"timestamping": ["tx_software","rx_software","software"],"type": "ether"},"ansible_fibre_channel_wwn": [],"ansible_fips": false,"ansible_form_factor": "Other","ansible_fqdn": "web01","ansible_hostname": "web01","ansible_hostnqn": "","ansible_interfaces": ["lo","eth0"],"ansible_is_chroot": false,"ansible_iscsi_iqn": "","ansible_kernel": "3.10.0-862.el7.x86_64","ansible_lo": {"active": true,"device": "lo","features": {"busy_poll": "off [fixed]","fcoe_mtu": "off [fixed]","generic_receive_offload": "on","generic_segmentation_offload": "on","highdma": "on [fixed]","hw_tc_offload": "off [fixed]","l2_fwd_offload": "off [fixed]","large_receive_offload": "off [fixed]","loopback": "on [fixed]","netns_local": "on [fixed]","ntuple_filters": "off [fixed]","receive_hashing": "off [fixed]","rx_all": "off [fixed]","rx_checksumming": "on [fixed]","rx_fcs": "off [fixed]","rx_udp_tunnel_port_offload": "off [fixed]","rx_vlan_filter": "off [fixed]","rx_vlan_offload": "off [fixed]","rx_vlan_stag_filter": "off [fixed]","rx_vlan_stag_hw_parse": "off [fixed]","scatter_gather": "on","tcp_segmentation_offload": "on","tx_checksum_fcoe_crc": "off [fixed]","tx_checksum_ip_generic": "on [fixed]","tx_checksum_ipv4": "off [fixed]","tx_checksum_ipv6": "off [fixed]","tx_checksum_sctp": "on [fixed]","tx_checksumming": "on","tx_fcoe_segmentation": "off [fixed]","tx_gre_csum_segmentation": "off [fixed]","tx_gre_segmentation": "off [fixed]","tx_gso_partial": "off [fixed]","tx_gso_robust": "off [fixed]","tx_ipip_segmentation": "off [fixed]","tx_lockless": "on [fixed]","tx_nocache_copy": "off [fixed]","tx_scatter_gather": "on [fixed]","tx_scatter_gather_fraglist": "on [fixed]","tx_sctp_segmentation": "on","tx_sit_segmentation": "off [fixed]","tx_tcp6_segmentation": "on","tx_tcp_ecn_segmentation": "on","tx_tcp_mangleid_segmentation": "on","tx_tcp_segmentation": "on","tx_udp_tnl_csum_segmentation": "off [fixed]","tx_udp_tnl_segmentation": "off [fixed]","tx_vlan_offload": "off [fixed]","tx_vlan_stag_hw_insert": "off [fixed]","udp_fragmentation_offload": "on","vlan_challenged": "on [fixed]"},"hw_timestamp_filters": [],"ipv4": {"address": "127.0.0.1","broadcast": "host","netmask": "255.0.0.0","network": "127.0.0.0"},"ipv6": [{"address": "::1","prefix": "128","scope": "host"}],"mtu": 65536,"promisc": false,"timestamping": ["rx_software","software"],"type": "loopback"},"ansible_local": {},"ansible_lsb": {},"ansible_machine": "x86_64","ansible_machine_id": "c9d400bd3c1249bd81b2d49252985ab6","ansible_memfree_mb": 1068,"ansible_memory_mb": {"nocache": {"free": 1622,"used": 360},"real": {"free": 1068,"total": 1982,"used": 914},"swap": {"cached": 0,"free": 1023,"total": 1023,"used": 0}},"ansible_memtotal_mb": 1982,"ansible_mounts": [{"block_available": 227935,"block_size": 4096,"block_total": 259584,"block_used": 31649,"device": "/dev/sda1","fstype": "xfs","inode_available": 523962,"inode_total": 524288,"inode_used": 326,"mount": "/boot","options": "rw,seclabel,relatime,attr2,inode64,noquota","size_available": 933621760,"size_total": 1063256064,"uuid": "8e547355-994a-4bad-a941-da93f4f1cdfd"},{"block_available": 69275,"block_size": 262144,"block_total": 73684,"block_used": 4409,"device": "10.0.0.31:/data","fstype": "nfs4","inode_available": 9409536,"inode_total": 9436672,"inode_used": 27136,"mount": "/opt","options": "rw,relatime,vers=4.1,rsize=262144,wsize=262144,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=10.0.0.7,local_lock=none,addr=10.0.0.31","size_available": 18160025600,"size_total": 19315818496,"uuid": "N/A"},{"block_available": 4354375,"block_size": 4096,"block_total": 4715776,"block_used": 361401,"device": "/dev/sda3","fstype": "xfs","inode_available": 9403419,"inode_total": 9436672,"inode_used": 33253,"mount": "/","options": "rw,seclabel,relatime,attr2,inode64,noquota","size_available": 17835520000,"size_total": 19315818496,"uuid": "7348b9b1-f2a7-46c6-bede-4f22224dc168"}],"ansible_nodename": "web01","ansible_os_family": "RedHat","ansible_pkg_mgr": "yum","ansible_proc_cmdline": {"BOOT_IMAGE": "/vmlinuz-3.10.0-862.el7.x86_64","LANG": "en_US.UTF-8","biosdevname": "0","net.ifnames": "0","quiet": true,"rhgb": true,"ro": true,"root": "UUID=7348b9b1-f2a7-46c6-bede-4f22224dc168"},"ansible_processor": ["0","GenuineIntel","Intel(R) Core(TM) i7-8850H CPU @ 2.60GHz"],"ansible_processor_cores": 1,"ansible_processor_count": 1,"ansible_processor_threads_per_core": 1,"ansible_processor_vcpus": 1,"ansible_product_name": "VMware Virtual Platform","ansible_product_serial": "VMware-56 4d a5 a2 9d f3 51 25-4d 67 a8 58 f8 f8 98 80","ansible_product_uuid": "A2A54D56-F39D-2551-4D67-A858F8F89880","ansible_product_version": "None","ansible_python": {"executable": "/usr/bin/python","has_sslcontext": true,"type": "CPython","version": {"major": 2,"micro": 5,"minor": 7,"releaselevel": "final","serial": 0},"version_info": [2,7,5,"final",0]},"ansible_python_version": "2.7.5","ansible_real_group_id": 0,"ansible_real_user_id": 0,"ansible_selinux": {"config_mode": "disabled","mode": "permissive","policyvers": 31,"status": "enabled","type": "targeted"},"ansible_selinux_python_present": true,"ansible_service_mgr": "systemd","ansible_ssh_host_key_ecdsa_public": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAiDBJtsjcCuaEVqC4e2tPeN3X7FbSfbWq4gDx65v5AX8yPzZcufMmv0yydrCvbkb3HhMGqVJ7oNMioQdyqiu8Q=","ansible_ssh_host_key_ed25519_public": "AAAAC3NzaC1lZDI1NTE5AAAAIBVg0/vQDn4AFzoNyeGcB61Jr3a+Cv3hu36XOW+BAgv+","ansible_ssh_host_key_rsa_public": "AAAAB3NzaC1yc2EAAAADAQABAAABAQC4PhQf/9RtL4kuFejVDjQoT8ng10Wdf5SA884Nu9l5wfrBLTVpKUusox5g4lU9+cuYicZiEYmasvxQbACsI90OybLUs26eUymRMtYQiS+N9Mfz0I+CLSssIEtUd5nplNoaPLM7dvgej1YxzLoz8mF6XkwhTLCd3nnye/YxuYYecGNZRCi2q6mkMYjO0HuHtqeSyoK+gPB2so7p7QrC3kcYbgblKfztDDUJ11tmYTBQJdDm7+ICztFjiwyWsnOvbItpOyI2M6neDkN8KCqoDwDYKCbXSbs6uamWkInlz03G9LGuIf+B/rhG6pmFVxG3Ac9h1tS5b6H2DJRMxQR+Vf5/","ansible_swapfree_mb": 1023,"ansible_swaptotal_mb": 1023,"ansible_system": "Linux","ansible_system_capabilities": ["cap_chown","cap_dac_override","cap_dac_read_search","cap_fowner","cap_fsetid","cap_kill","cap_setgid","cap_setuid","cap_setpcap","cap_linux_immutable","cap_net_bind_service","cap_net_broadcast","cap_net_admin","cap_net_raw","cap_ipc_lock","cap_ipc_owner","cap_sys_module","cap_sys_rawio","cap_sys_chroot","cap_sys_ptrace","cap_sys_pacct","cap_sys_admin","cap_sys_boot","cap_sys_nice","cap_sys_resource","cap_sys_time","cap_sys_tty_config","cap_mknod","cap_lease","cap_audit_write","cap_audit_control","cap_setfcap","cap_mac_override","cap_mac_admin","cap_syslog","35","36+ep"],"ansible_system_capabilities_enforced": "True","ansible_system_vendor": "VMware, Inc.","ansible_uptime_seconds": 96743,"ansible_user_dir": "/root","ansible_user_gecos": "root","ansible_user_gid": 0,"ansible_user_id": "root","ansible_user_shell": "/bin/bash","ansible_user_uid": 0,"ansible_userspace_architecture": "x86_64","ansible_userspace_bits": "64","ansible_virtualization_role": "guest","ansible_virtualization_type": "VMware","discovered_interpreter_python": "/usr/bin/python","gather_subset": ["all"],"module_setup": true},"changed": false}
- 获取IP地址(使用setup获取的信息,指定对应的小标题获取指定的信息)
[root@m01 ~]# ansible web01 -m setup -a 'filter=ansible_default_ipv4'web01 | SUCCESS => {"ansible_facts": {"ansible_default_ipv4": {"address": "10.0.0.7","alias": "eth0","broadcast": "10.0.0.255","gateway": "10.0.0.2","interface": "eth0","macaddress": "00:0c:29:f8:98:80","mtu": 1500,"netmask": "255.255.255.0","network": "10.0.0.0","type": "ether"},"discovered_interpreter_python": "/usr/bin/python"},"changed": false}
- 获取主机名
[root@m01 ~]# ansible web01 -m setup -a 'filter=ansible_fqdn'web01 | SUCCESS => {"ansible_facts": {"ansible_fqdn": "web01","discovered_interpreter_python": "/usr/bin/python"},"changed": false}
- 获取内存信息
[root@m01 ~]# ansible web01 -m setup -a 'filter=ansible_memory_mb'web01 | SUCCESS => {"ansible_facts": {"ansible_memory_mb": {"nocache": {"free": 1622,"used": 360},"real": {"free": 1068,"total": 1982,"used": 914},"swap": {"cached": 0,"free": 1023,"total": 1023,"used": 0}},"discovered_interpreter_python": "/usr/bin/python"},"changed": false}
- 获取磁盘信息
web01 | SUCCESS => {"ansible_facts": {"ansible_memory_mb": {"nocache": {"free": 1622,"used": 360},"real": {"free": 1068,"total": 1982,"used": 914},"swap": {"cached": 0,"free": 1023,"total": 1023,"used": 0}},"discovered_interpreter_python": "/usr/bin/python"},"changed": false}[root@m01 ~]# ansible_devices^C[root@m01 ~]# ansible web01 -m setup -a 'filter=ansible_devices'web01 | SUCCESS => {"ansible_facts": {"ansible_devices": {"sda": {"holders": [],"host": "SCSI storage controller: LSI Logic / Symbios Logic 53c1030 PCI-X Fusion-MPT Dual Ultra320 SCSI (rev 01)","links": {"ids": [],"labels": [],"masters": [],"uuids": []},"model": "VMware Virtual S","partitions": {"sda1": {"holders": [],"links": {"ids": [],"labels": [],"masters": [],"uuids": ["8e547355-994a-4bad-a941-da93f4f1cdfd"]},"sectors": "2097152","sectorsize": 512,"size": "1.00 GB","start": "2048","uuid": "8e547355-994a-4bad-a941-da93f4f1cdfd"},"sda2": {"holders": [],"links": {"ids": [],"labels": [],"masters": [],"uuids": ["9e4d046c-02cf-47bd-a4bf-1e8b5fa4bed5"]},"sectors": "2097152","sectorsize": 512,"size": "1.00 GB","start": "2099200","uuid": "9e4d046c-02cf-47bd-a4bf-1e8b5fa4bed5"},"sda3": {"holders": [],"links": {"ids": [],"labels": [],"masters": [],"uuids": ["7348b9b1-f2a7-46c6-bede-4f22224dc168"]},"sectors": "37746688","sectorsize": 512,"size": "18.00 GB","start": "4196352","uuid": "7348b9b1-f2a7-46c6-bede-4f22224dc168"}},"removable": "0","rotational": "1","sas_address": null,"sas_device_handle": null,"scheduler_mode": "deadline","sectors": "41943040","sectorsize": "512","size": "20.00 GB","support_discard": "0","vendor": "VMware,","virtual": 1},"sr0": {"holders": [],"host": "IDE interface: Intel Corporation 82371AB/EB/MB PIIX4 IDE (rev 01)","links": {"ids": ["ata-VMware_Virtual_IDE_CDROM_Drive_00000000000000000001"],"labels": [],"masters": [],"uuids": []},"model": "VMware IDE CDR00","partitions": {},"removable": "1","rotational": "1","sas_address": null,"sas_device_handle": null,"scheduler_mode": "deadline","sectors": "2097151","sectorsize": "512","size": "1024.00 MB","support_discard": "0","vendor": "NECVMWar","virtual": 1},"sr1": {"holders": [],"host": "IDE interface: Intel Corporation 82371AB/EB/MB PIIX4 IDE (rev 01)","links": {"ids": ["ata-VMware_Virtual_IDE_CDROM_Drive_10000000000000000001"],"labels": [],"masters": [],"uuids": []},"model": "VMware IDE CDR10","partitions": {},"removable": "1","rotational": "1","sas_address": null,"sas_device_handle": null,"scheduler_mode": "deadline","sectors": "2097151","sectorsize": "512","size": "1024.00 MB","support_discard": "0","vendor": "NECVMWar","virtual": 1}},"discovered_interpreter_python": "/usr/bin/python"},"changed": false}
- 其他信息参数
ansible_all_ipv4_addresses:仅显示ipv4的信息。ansible_devices:仅显示磁盘设备信息。ansible_distribution:显示是什么系统,例:centos,suse等。ansible_distribution_major_version:显示是系统主版本。ansible_distribution_version:仅显示系统版本。ansible_machine:显示系统类型,例:32位,还是64位。ansible_eth0:仅显示eth0的信息。ansible_hostname:仅显示主机名。ansible_kernel:仅显示内核版本。ansible_lvm:显示lvm相关信息。ansible_memtotal_mb:显示系统总内存。ansible_memfree_mb:显示可用系统内存。ansible_memory_mb:详细显示内存情况。ansible_swaptotal_mb:显示总的swap内存。ansible_swapfree_mb:显示swap内存的可用内存。ansible_mounts:显示系统磁盘挂载情况。ansible_processor:显示cpu个数(具体显示每个cpu的型号)。ansible_processor_vcpus:显示cpu个数(只显示总的个数)。
此处匹配规则支持通配符,后面我们在使用playbook的时候,会针对这些内置变量参考使用。
Ansible示例
一键部署rsync,nfs,nginx,httpd,上传作业代码
- m01配置密钥登录
[root@m01 ~]# yum install -y ansible# 创建密钥对[root@m01 ~]# ssh-keygen# 推送公钥[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.4[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.5[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.6[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.7[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.8[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.9[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.31[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.41[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.51[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.61
- 编写主机清单
[web_group]web01 ansible_ssh_host=172.16.1.7web02 ansible_ssh_host=172.16.1.8[db_group]db01 ansible_ssh_host=172.16.1.51[nfs_group]nfs ansible_ssh_host=172.16.1.31[backup_group]backup ansible_ssh_host=172.16.1.41[lb_group]lb01 ansible_ssh_host=172.16.1.5lb02 ansible_ssh_host=172.16.1.6[rsync_server:children]nfs_groupbackup_group[nfs_server:children]web_groupnfs_group[lnmp_server:children]web_grouplb_group
- 编写脚本测试
#!/bin/bash# 创建用户及组ansible 'all' -m group -a 'name=www gid=666 state=present' &&\ansible 'all' -m user -a 'name=www uid=666 group=www state=present shell=/sbin/nologin create_home=false' &&\# 部署httpd服务ansible 'web_group' -m yum -a 'name=httpd,php state=present' &&\# 替换http服务启动用户及组ansible 'web_group' -m shell -a "sed -i '/^User/c User www' /etc/httpd/conf/httpd.conf" &&\ansible 'web_group' -m shell -a "sed -i '/^Group/c Group www' /etc/httpd/conf/httpd.conf" &&\# 启动httpd服务ansible 'web_group' -m systemd -a 'name=httpd state=started enabled=yes' &&\# 上传代码,并修改图片路径ansible 'web_group' -m copy -a 'src=/root/httpd_file/ dest=/var/www/html/ owner=www group=www '# 远程推送作业代码ansible 'web_group' -m file -a 'path=/var/www/html/uploads state=directory owner=www group=www' &&\# 部署nfs服务ansible 'nfs_server' -m yum -a 'name=nfs-utils state=present' &&\# 推送nfs服务配置文件ansible 'nfs_group' -m copy -a 'content="/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)" dest=/etc/exports' &&\# 启动nfs服务并开机自启ansible 'nfs_server' -m systemd -a 'name=nfs-server state=started enabled=yes' &&\# 远程下载rsync服务ansible 'rsync_server' -m yum -a 'name=rsync state=present' &&\# 推送rsync配置文件ansible 'backup_group' -m copy -a 'src=/root/rsync_file dest=/etc/rsyncd.conf' &&\# 推送密码文件至rsync服务端ansible 'backup_group' -m copy -a 'content=rsync_backup:123 dest=/etc/rsync.passwd mode=0600' &&\# 推送密码文件至rsync客户端ansible 'nfs_group' -m copy -a 'content=123 dest=/etc/rsync.pass mode=0600' &&\# 启动rsync服务,并加入开机自启ansible 'rsync_server' -m systemd -a 'name=rsyncd state=started enabled=yes' &&\# 远程下载mariadb服务ansible 'db_group' -m yum -a 'name=mariadb-server state=present' &&\# 启动并加入开机自启ansible 'db_group' -m systemd -a 'name=mariadb state=started enabled=yes' &&\# 推送nginx官方源ansible 'lnmp_server' -m copy -a 'src=/etc/yum.repos.d/nginx.repo dest=/etc/yum.repos.d/' &&\# 远程下载nginxansible 'lnmp_server' -m yum -a 'name=nginx state=present' &&\# 远程修改nginx配置文件ansible 'lnmp_server' -m shell -a "sed -i '/^user/c user www;' /etc/nginx/nginx.conf" &&\# 启动nginxansible 'lnmp_server' -m systemd -a 'name=nginx state=started enabled=yes'
- 编写脚本所需配置文件
[root@m01 ~]# vim /root/rsync_fileuid = wwwgid = wwwport = 873fake super = yesuse chroot = nomax connections = 200timeout = 600ignore errorsread only = falselist = falseauth users = rsync_backupsecrets file = /etc/rsync.passwdlog file = /var/log/rsyncd.log#####################################[backup]comment = welcome to oldboyedu backup!path = /backup[data]comment = welcome to oldboyedu nfs!path = /data# 传作业压缩包到目录里,并解压修改上传图片路径[root@m01 ~]# cd httpd_file# 创建nginx官方源[root@m01 ~]# vim /etc/yum.repos.d/nginx.repo[nginx]name=nginx repobaseurl=http://nginx.org/packages/centos/7/$basearch/gpgcheck=0enabled=1
- 执行脚本
测试:web上http服务,上传作业代码
测试:lb上nginx服务
测试:测试db上mysql服务
测试:nfs服务
测试:rsync服务
自动化运维工具-Ansible之2-ad-hoc的更多相关文章
- CentOS7Linux中自动化运维工具Ansible的安装,以及通过模块批量管理多台主机
使用自动化运维工具Ansible集中化管理服务器 Ansible概述 Ansible是一款为类Unix系统开发的自由开源的配置和自动化工具.它用Python写成,类似于saltstack和Puppet ...
- 自动化运维工具Ansible详细部署 (转载)
自动化运维工具Ansible详细部署 标签:ansible 原创作品,允许转载,转载时请务必以超链接形式标明文章 原始出处 .作者信息和本声明.否则将追究法律责任.http://sofar.blog. ...
- 自动化运维工具Ansible详细部署 - 人生理想在于坚持不懈 - 51CTO技术博客
自动化运维工具Ansible详细部署 - 人生理想在于坚持不懈 - 51CTO技术博客 自动化运维工具Ansible详细部署
- 自动化运维工具Ansible介绍
一个由 Python 编写的强大的配置管理解决方案.尽管市面上已经有很多可供选择的配置管理解决方案,但他们各有优劣,而 ansible 的特点就在于它的简洁. 让 ansible 在主流的配置管理系统 ...
- 在CentOS7.6上安装自动化运维工具Ansible以及playbook案例实操
前言 Ansible是一款优秀的自动化IT运维工具,具有远程安装.远程部署应用.远程管理能力,支持Windows.Linux.Unix.macOS和大型机等多种操作系统. 下面就以CentOS 7.6 ...
- 自动化运维工具-Ansible基础
目录 自动化运维工具-Ansible基础 什么是Ansible 同类型软件对比 Ansible的功能及优点 Ansible的架构 Ansible的执行流程 安装Ansible ansible配置文件 ...
- 自动化运维工具-Ansible之7-roles
自动化运维工具-Ansible之7-roles 目录 自动化运维工具-Ansible之7-roles Ansible Roles基本概述 Ansible Roles目录结构 Ansible Roles ...
- 自动化运维工具-Ansible之6-Jinja2模板
自动化运维工具-Ansible之6-Jinja2模板 目录 自动化运维工具-Ansible之6-Jinja2模板 Ansible Jinja2模板概述 Ansible Jinja2模板使用 Ansib ...
- 自动化运维工具-Ansible之5-流程控制
自动化运维工具-Ansible之5-流程控制 目录 自动化运维工具-Ansible之5-流程控制 playbook条件语句 单条件 多条件 多条件运算 示例 playbook循环语句 with_ite ...
- 自动化运维工具-Ansible之3-playbook
自动化运维工具-Ansible之3-playbook 目录 自动化运维工具-Ansible之3-playbook PlayBook初识 YAML语法 PlayBook部署httpd PlayBook实 ...
随机推荐
- 老猿学5G扫盲贴:与用户和终端相关的名词UE、SUPI、GPSI、PEI
专栏:Python基础教程目录 专栏:使用PyQt开发图形界面Python应用 专栏:PyQt+moviepy音视频剪辑实战 专栏:PyQt入门学习 老猿Python博文目录 老猿学5G博文目录 和4 ...
- Python字符串学习相关问题
Python中format_map与format字符串格式化的区别 Python中使用f字符串进行字符串格式化的方法 Python中使用百分号占位符的字符串格式化方法中%s和%r的输出内容有何不同? ...
- PyQt学习随笔:Qt事件类QEvent详解
QEvent类是PyQt5.QtCore中定义的事件处理的基类,事件对象包含了事件对应的参数. <Python & PyQt学习随笔:PyQt主程序的基本框架>介绍了PyQt程序通 ...
- MongoDB 复合索引结构
- go学习49天
写文件操作 func OpenFile(name string,flag int,perm FileMode) (file *File,err error)
- 题解-CF802C Heidi and Library (hard)
题面 CF802C Heidi and Library (hard) 有一个大小为 \(k\) 的空书架.有 \(n\) 天和 \(n\) 种书,每天要求书架中有书 \(a_i\).每天可以多次买书, ...
- protobuf 协议浅析
目录 Protobuf 协议浅析 1. Protobuf 介绍 1.1 Protobuf 基本概念 1.2 Protobuf 的优点 1.3 Protobuf, JSON, XML 的区别 2. Pr ...
- Android之Activity启动流程详解(基于api28)
前言 Activity作为Android四大组件之一,他的启动绝对没有那么简单.这里涉及到了系统服务进程,启动过程细节很多,这里我只展示主体流程.activity的启动流程随着版本的更替,代码细节一直 ...
- sql注入之双查询注入
双查询注入前需要了解什么是子查询 子查询可以理解在一个select语句中再插入一个select 里面的select语句就是子查询 例子:select concat((select database() ...
- 新手入门 : Windows Phone 8.1 开发 视频学习地址
本视频资源来自Microsoft Virtual Academy http://www.microsoftvirtualacademy.com/ 下面为视频下载地址! 新手入门 : Windows P ...