您现在的位置是:主页 > news > 惠州专业做网站/如何在网上做销售推广

惠州专业做网站/如何在网上做销售推广

admin2025/6/22 10:00:57news

简介惠州专业做网站,如何在网上做销售推广,电子商务网站建设与维护试卷,长春专业网站建设价格ansible常用模块介绍 一、 ansible的功能 批量执行远程命令,可以对远程的多台主机同时进行命令的执行 批量安装和配置软件服务,可以对远程的多台主机进行自动化的方式配置和管理各种服务 编排高级的企业级复杂的IT架构任务,Ansible的Playb…

惠州专业做网站,如何在网上做销售推广,电子商务网站建设与维护试卷,长春专业网站建设价格ansible常用模块介绍 一、 ansible的功能 批量执行远程命令,可以对远程的多台主机同时进行命令的执行 批量安装和配置软件服务,可以对远程的多台主机进行自动化的方式配置和管理各种服务 编排高级的企业级复杂的IT架构任务,Ansible的Playb…

ansible常用模块介绍

一、 ansible的功能

  • 批量执行远程命令,可以对远程的多台主机同时进行命令的执行

  • 批量安装和配置软件服务,可以对远程的多台主机进行自动化的方式配置和管理各种服务

  • 编排高级的企业级复杂的IT架构任务,Ansible的Playbook和role可以轻松实现大型的IT复杂架构

  • 提供自动化运维工具的开发API,有很多运维工具,如jumpserver就是基于 ansible 实现自动化管理功能

二、 ansible的特性

  • 模块化:调用特定的模块完成特定任务,支持自定义模块,可使用任何编程语言写模块

  • Paramiko(python对ssh的实现),PyYAML,Jinja2(模板语言)三个关键模块

  • 基于Python语言实现

  • 部署简单,基于python和SSH(默认已安装),agentless,无需代理不依赖PKI(无需ssl)

  • 安全,基于OpenSSH

  • 幂等性:一个任务执行1遍和执行n遍效果一样,不因重复执行带来意外情况,此特性非绝对

  • 支持playbook编排任务,YAML格式,编排任务,支持丰富的数据结构

  • 较强大的多层解决方案 role

三、ansible的安装

#CentOS 的EPEL源的rpm包安装
[root@centos ~]#yum install ansible#查看版本
[root@ansible ~]#ansible --version
ansible 2.9.27config file = /etc/ansible/ansible.cfgconfigured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']ansible python module location = /usr/lib/python2.7/site-packages/ansibleexecutable location = /usr/bin/ansiblepython version = 2.7.5 (default, Oct 14 2020, 14:45:30) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]#ubuntu 安装
[root@ubuntu ~]#apt -y install ansible

四、ansible 使用前准备

ansible 相关工具大多数是通过ssh协议,实现对远程主机的配置管理、应用部署、任务执行等功能 建议:使用此工具前,先配置ansible主控端能基于密钥认证的方式联系各个被管理节点

[root@ansible ~]#vim /etc/ssh/ssh_config
#修改下面一行,实现首次登录不显示询问提示
StrictHostKeyChecking no#检查对应服务器的host_key,建议取消此行注释,实现第一次连接自动信任目标主机
[root@ansible ~]#vim /etc/ansible/ansible.cfg
host_key_checking = False#脚本实现基于key验证
[root@ansible ~]#vim ssh_key.sh
#!/bin/bash
PASS=linux2021.
#设置网段最后的地址,4-255之间,越小扫描越快
END=254IP=`ip a s eth0 | awk -F'[ /]+' 'NR==3{print $3}'`
NET=${IP%.*}.rm -f /root/.ssh/id_rsa
[ -e ./SCANIP.log ] && rm -f SCANIP.log
for((i=3;i<="$END";i++));do
ping -c 1 -w 1  ${NET}$i &> /dev/null  && echo "${NET}$i" >> SCANIP.log &
done
waitssh-keygen -P "" -f /root/.ssh/id_rsa
rpm -q sshpass || yum -y install sshpass
sshpass -p $PASS ssh-copy-id -o StrictHostKeyChecking=no $IPAliveIP=(`cat SCANIP.log`)
for n in ${AliveIP[*]};do
sshpass -p $PASS scp -o StrictHostKeyChecking=no -r /root/.ssh root@${n}:
done#把.ssh/known_hosts拷贝到所有主机,使它们第一次互相访问时不需要输入回车
for n in ${AliveIP[*]};do
scp /root/.ssh/known_hosts ${n}:.ssh/
done#注:ansible_connection=local  #指定本地连接,无需ssh配置
ansible_connection=ssh 需要StrictHostKeyChecking no#主机清单配置
[root@ansible ~]#vim /etc/ansible/hosts
[local]
10.0.0.7 ansible_connection=ssh[webservers]
10.0.0.17
10.0.0.27[dbservers]
10.0.0.7
10.0.0.17[appservers]
10.0.0.7
10.0.0.17
10.0.0.27#验证测试
[root@ansible ~]#ansible all -m ping
10.0.0.27 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"},"changed": false,"ping": "pong"
}
10.0.0.17 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"},"changed": false,"ping": "pong"
}
10.0.0.7 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"},"changed": false,"ping": "pong"
}

五、获取帮助

#ansible-doc,此工具用来显示模块帮助,相当于man格式:
ansible-doc [options] [module...]
-l, --list    #列出可用模块
-s, --snippet #显示指定模块的playbook片段#查看帮助
ansible --help
man ansible
ansible-doc --help#列出所有模块
ansible-doc -l#查看指定模块帮助用法
ansible-doc ping#查看指定模块帮助用法,显示指定模块的playbook代码段
ansible-doc -s ping

六、ansible常用模块介绍

6.1、Command 模块

功能:在远程主机执行命令,此为默认模块,可忽略 -m 选项

注意:此命令不支持 $VARNAME < > | ; & 等,可用shell模块实现,此模块不具有幂等性

[root@ansible ~]#ansible webservers -m command -a 'hostname -I'
10.0.0.17 | CHANGED | rc=0 >>
10.0.0.17
10.0.0.27 | CHANGED | rc=0 >>
10.0.0.27[root@ansible ~]#ansible webservers -m command -a 'touch /data/ansible.log'
[root@ansible ~]#ansible webservers -m command -a 'ls -l /data/ansible.log'
10.0.0.27 | CHANGED | rc=0 >>
-rw-r--r-- 1 root root 0 Mar  1 19:24 /data/ansible.log
10.0.0.17 | CHANGED | rc=0 >>
-rw-r--r-- 1 root root 0 Mar  1 19:24 /data/ansible.log[root@ansible ~]#ansible webservers -m command -a 'rm /data/ansible.log'
[root@ansible ~]#ansible webservers -m command -a 'chdir=/data/ ls -l'
10.0.0.27 | CHANGED | rc=0 >>
total 0
10.0.0.17 | CHANGED | rc=0 >>
total 0
-rw-r--r-- 1 root root 0 Mar  1 19:36 test.log[root@ansible ~]#ansible webservers -m command -a 'creates=/data/mysql mkdir /data/mysql'
[root@ansible ~]#ansible webservers -m command -a 'ls -l /data/'
10.0.0.27 | CHANGED | rc=0 >>
total 0
drwxr-xr-x 2 root root 6 Mar  1 19:46 mysql
10.0.0.17 | CHANGED | rc=0 >>
total 0
drwxr-xr-x 2 root root 6 Mar  1 19:46 mysql
-rw-r--r-- 1 root root 0 Mar  1 19:36 test.log
[root@ansible ~]#ansible webservers -m command -a 'creates=/data/mysql mkdir /data/mysql'
10.0.0.27 | SUCCESS | rc=0 >>
skipped, since /data/mysql exists
10.0.0.17 | SUCCESS | rc=0 >>
skipped, since /data/mysql exists

6.2、Shell 模块

和command相似,用shell执行命令,支持各种符号,比如:*,$, >

注意:此模块不具有幂等性

[root@ansible ~]#ansible webservers -m shell -a 'echo hello > /data/hello.log'
[root@ansible ~]#ansible webservers -m shell -a 'ls -l /data/hello.log'
10.0.0.27 | CHANGED | rc=0 >>
-rw-r--r-- 1 root root 6 Mar  1 19:55 /data/hello.log
10.0.0.17 | CHANGED | rc=0 >>
-rw-r--r-- 1 root root 6 Mar  1 19:55 /data/hello.log
[root@ansible ~]#ansible webservers -m shell -a 'cat /data/hello.log'
10.0.0.27 | CHANGED | rc=0 >>
hello
10.0.0.17 | CHANGED | rc=0 >>
hello#将shell模块代替command,设为模块
[root@ansible ~]#vim /etc/ansible/ansible.cfg
module_name = shell[root@ansible ~]#ansible webservers -a 'echo $HOSTNAME'
10.0.0.17 | CHANGED | rc=0 >>
centos7
10.0.0.27 | CHANGED | rc=0 >>
centos7

6.3、Script 模块

功能:在远程主机上运行ansible服务器上的脚本(无需执行权限)

注意:此模块不具有幂等性

[root@ansible ~]#vim test.sh
#!/bin/bash
hostname -I
[root@ansible ~]#chmod +x test.sh
[root@ansible ~]#ansible webservers -m script -a '/root/test.sh'
10.0.0.27 | CHANGED => {"changed": true,"rc": 0,"stderr": "Shared connection to 10.0.0.27 closed.\r\n","stderr_lines": ["Shared connection to 10.0.0.27 closed."],"stdout": "10.0.0.27 \r\n","stdout_lines": ["10.0.0.27 "]
}
10.0.0.17 | CHANGED => {"changed": true,"rc": 0,"stderr": "Shared connection to 10.0.0.17 closed.\r\n","stderr_lines": ["Shared connection to 10.0.0.17 closed."],"stdout": "10.0.0.17 \r\n","stdout_lines": ["10.0.0.17 "]
}[root@ansible ~]#chmod -x test.sh
[root@ansible ~]#ll test.sh
-rw-r--r-- 1 root root 429 Mar  1 20:18 test.sh
[root@ansible ~]#ansible webservers -m script -a '/root/test.sh'
10.0.0.17 | CHANGED => {"changed": true,"rc": 0,"stderr": "Shared connection to 10.0.0.17 closed.\r\n","stderr_lines": ["Shared connection to 10.0.0.17 closed."],"stdout": "10.0.0.17 \r\n","stdout_lines": ["10.0.0.17 "]
}
10.0.0.27 | CHANGED => {"changed": true,"rc": 0,"stderr": "Shared connection to 10.0.0.27 closed.\r\n","stderr_lines": ["Shared connection to 10.0.0.27 closed."],"stdout": "10.0.0.27 \r\n","stdout_lines": ["10.0.0.27 "]
}

6.4、Copy 模块

功能:从ansible服务器主控端复制文件到远程主机

注意: src=file 如果是没指明路径,则为当前目录或当前目录下的files目录下的file文件

#如目标存在,默认覆盖,此处指定先备份
[root@ansible ~]#ansible webservers -m copy -a 'src=ssh_key.sh dest=/data/ssh.sh owner=chen group=bin mode=700'
[root@centos7 data]#ll /data/
total 8
-rw-r--r-- 1 root root    6 Mar  1 19:55 hello.log
drwxr-xr-x 2 root root    6 Mar  1 19:46 mysql
-rwx------ 1 chen bin  1195 Mar  1 20:46 ssh.sh
-rw-r--r-- 1 root root    0 Mar  1 19:36 test.log#复制/etc目录自身,注意/etc/后面没有/,ansible拷贝文件夹比较慢
[root@ansible ~]#ansible webservers -m copy -a "src=/etc dest=/data/"
#复制/etc/下的文件,不包括/etc/目录自身,注意/etc/后面有/
[root@ansible ~]#ansible webservers -m copy -a "src=/etc/ dest=/data/"
[root@centos7 ~]#ls /data/
at.deny         fuse.conf    machine-id   named.conf           passwd-        shadow          system-release-cpe
autofs.conf     group-       mailcap      named.rfc1912.zones  profile        shadow-         vimrc
centos-release  inittab      man_db.conf  netconfig            rwtab          statetab        yum.conf
cron.deny       locale.conf  mime.types   os-release           sestatus.conf  system-release

6.5、Get_url 模块

功能: 用于将文件从http、https或ftp下载到被管理机节点上

常用参数如下:

url: 下载文件的URL,支持HTTP,HTTPS或FTP协议
dest: 下载到目标路径(绝对路径),如果目标是一个目录,就用服务器上面文件的名称,如果目标设置了名
称就用目标设置的名称
owner:指定属主
group:指定属组
mode:指定权限
force: 如果yes,dest不是目录,将每次下载文件,如果内容改变,替换文件。如果否,则只有在目标不存
在时才会下载该文件
checksum: 对目标文件在下载后计算摘要,以确保其完整性示例: checksum="sha256:D98291AC[...]B6DC7B97",checksum="sha256:http://example.com/path/sha256sum.txt"
url_username: 用于HTTP基本认证的用户名。 对于允许空密码的站点,此参数可以不使用
`url_password'
url_password: 用于HTTP基本认证的密码。 如果未指定`url_username'参数,则不会使用
`url_password'参数
validate_certs:如果“no”,SSL证书将不会被验证。 适用于自签名证书在私有网站上使用
timeout: URL请求的超时时间,秒为单位[root@ansible ~]#wget http://nginx.org/download/nginx-1.18.0.tar.gz
[root@ansible ~]#md5sum nginx-1.18.0.tar.gz
b2d33d24d89b8b1f87ff5d251aa27eb8  nginx-1.18.0.tar.gz
[root@ansible ~]#openssl md5 nginx-1.18.0.tar.gz
MD5(nginx-1.18.0.tar.gz)= b2d33d24d89b8b1f87ff5d251aa27eb8
[root@ansible ~]#ansible webservers -m get_url -a 'url=http://nginx.org/download/nginx-1.18.0.tar.gz dest=/usr/local/src/nginx.tar.gz checksum="md5:b2d33d24d89b8b1f87ff5d251aa27eb8"'
[root@centos7 ~]#ll /usr/local/src/
total 1016
-rw-r--r-- 1 root root 1039530 Mar  2 09:09 nginx.tar.gz

6.6、Fetch 模块

功能:从远程主机提取文件至ansible的主控端,该模块的工作原理与[copy]类似,但与之相反,它用于从远程机器获取文件,并将它们存储在本地文件树中,按主机名组织,目前不支持目录

[root@ansible ~]#ansible webservers -m fetch -a 'src=/var/log/messages dest=/data/log'
[root@ansible ~]#ll /data/
total 0
drwxr-xr-x 4 root root 40 Mar  2 09:27 log
[root@ansible ~]#tree /data/
/data/
└── log├── 10.0.0.17│   └── var│       └── log│           └── messages└── 10.0.0.27└── var└── log└── messages7 directories, 2 files

6.7、 File 模块

功能:设置文件属性,创建软链接等

#创建空文件
[root@ansible ~]#ansible webservers -m file -a 'path=/data/a.txt state=touch owner=chen'
[root@centos7 ~]#ll /data/a.txt
-rw-r--r-- 1 chen root 0 Mar  2 09:54 /data/a.txt#创建目录
[root@ansible ~]#ansible webservers -m file -a 'path=/data/mysql state=directory'
[root@centos7 ~]#ll /data/
total 0
drwxr-xr-x 2 root root 6 Mar  2 10:06 mysql#创建软链接
[root@ansible ~]#ansible webservers -m file -a 'path=/data/mysql-5.7 state=directory'
[root@ansible ~]#ansible webservers -m file -a 'src=/data/mysql-5.7 path=/data/mysql-link state=link'
[root@centos7 ~]#ll /data/
total 0
drwxr-xr-x 2 root root  6 Mar  2 10:06 mysql
drwxr-xr-x 2 root root  6 Mar  2 10:11 mysql-5.7
lrwxrwxrwx 1 root root 15 Mar  2 10:16 mysql-link -> /data/mysql-5.7#删除目录
[root@ansible ~]#ansible webservers -m file -a 'path=/data/mysql-5.7 state=absent'
[root@centos7 ~]#ll /data/
total 0
drwxr-xr-x 2 root root  6 Mar  2 10:06 mysql
lrwxrwxrwx 1 root root 15 Mar  2 10:16 mysql-link -> /data/mysql-5.7
[root@ansible ~]#ansible webservers -m file -a 'path=/data/mysql state=absent'
[root@centos7 ~]#ll /data/
total 0#删除软连接
[root@ansible ~]#ansible webservers -m file -a 'path=/data/mysql-link state=absent'
[root@centos7 ~]#ll /data/
total 0
drwxr-xr-x 2 root root 6 Mar  2 10:06 mysql

6.8、 stat 模块

功能:检查文件或文件系统的状态

注意:对于Windows目标,改用[win_stat]模块。

选项:

path:文件/对象的完整路径(必须)

常用的返回值判断:

exists: 判断是否存在
isuid: 调用用户的ID与所有者ID是否匹配
[root@ansible ~]#ansible 127.0.0.1 -m stat -a 'path=/etc/passwd'
127.0.0.1 | SUCCESS => {"changed": false,"stat": {"atime": 1646128667.779402,"attr_flags": "e","attributes": ["extents"],"block_size": 4096,"blocks": 8,"charset": "us-ascii","checksum": "34bed15b9d357e00aee055bd8912c2e9c7c29f25","ctime": 1645808037.8519013,"dev": 2050,"device_type": 0,"executable": false,"exists": true,"gid": 0,"gr_name": "root","inode": 5243586,"isblk": false,"ischr": false,"isdir": false,"isfifo": false,"isgid": false,"islnk": false,"isreg": true,"issock": false,"isuid": false,"mimetype": "text/plain","mode": "0644","mtime": 1645808037.8449013,"nlink": 1,"path": "/etc/passwd","pw_name": "root","readable": true,"rgrp": true,"roth": true,"rusr": true,"size": 1160,"uid": 0,"version": "18446744073124323490","wgrp": false,"woth": false,"writeable": true,"wusr": true,"xgrp": false,"xoth": false,"xusr": false}
}

6.9、unarchive 模块

功能:解包解压缩

实现有两种用法:

1、将ansible主机上的压缩包传到远程主机后解压缩至特定目录,设置copy=yes,此为默认值,可省略

2、将远程主机上的某个压缩包解压缩到指定路径下,设置copy=no

常见参数:

copy:默认为yes,当copy=yes,拷贝的文件是从ansible主机复制到远程主机上,如果设置为copy=no,
会在远程主机上寻找src源文件
remote_src:和copy功能一样且互斥,yes表示在远程主机,不在ansible主机,no表示文件在ansible主机上
src:源路径,可以是ansible主机上的路径,也可以是远程主机(被管理端或者第三方主机)上的路径,如果是远程主机上的路径,则需要设置copy=no
dest:远程主机上的目标路径
mode:设置解压缩后的文件权限
[root@ansible ~]#ansible webservers -m unarchive -a 'src=nginx-1.18.0.tar.gz dest=/usr/local/src owner=chen group=bin'
[root@centos7 ~]#ls /usr/local/src/
nginx-1.18.0  nginx.tar.gz
[root@ansible ~]#ansible webservers -m unarchive -a 'src=http://nginx.org/download/nginx-1.18.0.tar.gz dest=/data copy=no'
[root@centos7 ~]#ll /data/
total 0
drwxr-xr-x 8 1001 1001 158 Apr 21  2020 nginx-1.18.0[root@ansible ~]#ansible webservers -m unarchive -a 'src=/usr/local/src/nginx.tar.gz dest=/opt copy=no'
[root@centos7 ~]#ll /opt/
total 4
drwxr-xr-x 8 1001 1001 4096 Apr 21  2020 nginx-1.18.0

6.10、Archive 模块

功能:打包压缩保存在被管理节点

[root@ansible ~]#ansible webservers -m archive -a 'path=/var/log/ dest=/data/log.tar.bz2 format=bz2 owner=chen mode=0600'
[root@centos7 ~]#ll /data/
total 492
-rw------- 1 chen root 501654 Mar  2 11:37 log.tar.bz2
drwxr-xr-x 8 1001 1001    158 Apr 21  2020 nginx-1.18.0

6.11、Hostname 模块

功能:管理主机名,注意,此模块不修改“/etc/hosts”。

[root@ansible ~]#ansible 10.0.0.17 -m hostname -a 'name=nginx'
[root@centos7 ~]#hostname
nginx

6.12、Cron 模块

功能:计划任务,使用此模块管理crontab和环境变量条目。

支持时间:minute,hour,day,month,weekday

#备份数据库脚本
[root@centos7 ~]#cat /root/mysql_backup.sh
#!/bin/bash
mysqldump -A -F --single-transaction --master-data=2 -q -uroot |gzip >
/data/mysql_`date +%F_%T`.sql.gz#创建计划任务
[root@ansible ~]#ansible 10.0.0.17 -m cron -a 'hour=2 minute=30 weekday=1-5 name="backup mysql" job=/root/mysql_backup.sh'
[root@centos7 ~]#crontab -e
#Ansible: backup mysql
30 2 * * 1-5 /root/mysql_backup.sh#删除计划任务
[root@ansible ~]#ansible 10.0.0.17 -m cron -a "name='backup mysql' state=absent"

6.13、Yum 和 Apt 模块

功能:

yum 管理软件包,只支持RHEL,CentOS,fedora,不支持Ubuntu其它版本;

apt 模块管理 Debian 相关版本的软件包

#安装
[root@ansible ~]#ansible 10.0.0.17 -m yum -a 'name=sl'
[root@centos7 ~]#sl(@@) (  ) (@)  ( )  @@    ()    @     O     @     O      @(   )(@@@@)(    )(@@@)====        ________                ____________D _|  |_______/        \__I_I_____===__|_________||(_)---  |   H\________/ |   |        =|___ ___|      _________________/     |  |   H  |  |     |   |         ||_| |_||     _|                \_____A|      |  |   H  |__--------------------| [___] |   =|                        || ________|___H__/__|_____/[][]~\_______|       |   -|                        ||/ |   |-----------I_____I [][] []  D   |=======|____|________________________|___/ =| o |=-~~\  /~~\  /~~\  /~~\ ____Y___________|__|__________________________|_|/-=|___|=O=====O=====O=====O   |_____/~\___/          |_D__D__D_|  |_D__D__D_|\_/      \__/  \__/  \__/  \__/      \_/               \_/   \_/    \_/   \_/[root@ansible ~]#ansible 10.0.0.17 -m yum -a 'name=httpd'
[root@centos7 ~]#rpm -qi httpd
Name        : httpd
Version     : 2.4.6
Release     : 97.el7.centos.4
Architecture: x86_64
Install Date: Mon 31 Jan 2022 04:49:23 PM CST
Group       : System Environment/Daemons
Size        : 9821064
License     : ASL 2.0
Signature   : RSA/SHA256, Tue 25 Jan 2022 10:54:12 PM CST, Key ID 24c6a8a7f4a80eb5
Source RPM  : httpd-2.4.6-97.el7.centos.4.src.rpm
Build Date  : Tue 25 Jan 2022 10:10:28 PM CST
Build Host  : x86-02.bsys.centos.org
Relocations : (not relocatable)
Packager    : CentOS BuildSystem <http://bugs.centos.org>
Vendor      : CentOS
URL         : http://httpd.apache.org/
Summary     : Apache HTTP Server
Description :
The Apache HTTP Server is a powerful, efficient, and extensible
web server.#卸载
[root@ansible ~]#ansible 10.0.0.17 -m yum -a 'name=httpd,sl state=absent'
[root@centos7 ~]#rpm -qi httpd sl
package httpd is not installed
package sl is not installed#查看包
[root@ansible ~]#ansible 10.0.0.17 -m yum -a "list=tree"
10.0.0.17 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"},"changed": false,"results": [{"arch": "x86_64","envra": "0:tree-1.6.0-10.el7.x86_64","epoch": "0","name": "tree","release": "10.el7","repo": "base","version": "1.6.0","yumstate": "available"},{"arch": "x86_64","envra": "0:tree-1.6.0-10.el7.x86_64","epoch": "0","name": "tree","release": "10.el7","repo": "installed","version": "1.6.0","yumstate": "installed"}]
}[root@ansible ~]#ansible 10.0.0.17 -m yum -a "list=httpd"
10.0.0.17 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"},"changed": false,"results": [{"arch": "x86_64","envra": "0:httpd-2.4.6-95.el7.centos.x86_64","epoch": "0","name": "httpd","release": "95.el7.centos","repo": "base","version": "2.4.6","yumstate": "available"}]
}

6.14、yum_repository 模块

功能:将多个存储库添加到同一文件中,在基于RPM的Linux发行版中添加或删除YUM存储库

6.15、Service 模块

功能:管理服务,控制远程主机上的服务

[root@centos7 ~]#ss -ntl
State      Recv-Q Send-Q              Local Address:Port                             Peer Address:Port
LISTEN     0      128                             *:22                                          *:*
LISTEN     0      100                     127.0.0.1:25                                          *:*
LISTEN     0      128                          [::]:22                                       [::]:*
LISTEN     0      100                         [::1]:25                                       [::]:*
[root@ansible ~]#ansible 10.0.0.27 -m service -a 'name=httpd state=started enabled=yes'
[root@centos7 ~]#ss -ntl
State      Recv-Q Send-Q              Local Address:Port                             Peer Address:Port
LISTEN     0      128                             *:22                                          *:*
LISTEN     0      100                     127.0.0.1:25                                          *:*
LISTEN     0      128                          [::]:80                                       [::]:*
LISTEN     0      128                          [::]:22                                       [::]:*
LISTEN     0      100                         [::1]:25                                       [::]:*
[root@centos7 ~]#systemctl status httpd
● httpd.service - The Apache HTTP ServerLoaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)Active: active (running) since Wed 2022-03-02 19:58:36 CST; 4min 26s agoDocs: man:httpd(8)man:apachectl(8)Main PID: 1844 (httpd)Status: "Total requests: 0; Current requests/sec: 0; Current traffic:   0 B/sec"CGroup: /system.slice/httpd.service├─1844 /usr/sbin/httpd -DFOREGROUND├─1845 /usr/sbin/httpd -DFOREGROUND├─1846 /usr/sbin/httpd -DFOREGROUND├─1847 /usr/sbin/httpd -DFOREGROUND├─1848 /usr/sbin/httpd -DFOREGROUND└─1849 /usr/sbin/httpd -DFOREGROUNDMar 02 19:58:34 centos7 systemd[1]: Starting The Apache HTTP Server...
Mar 02 19:58:35 centos7 httpd[1844]: AH00558: httpd: Could not reliably determine the server's fully qualifie...essage
Mar 02 19:58:36 centos7 systemd[1]: Started The Apache HTTP Server.
Hint: Some lines were ellipsized, use -l to show in full.[root@ansible ~]#ansible 10.0.0.27 -m service -a 'name=httpd state=stopped enabled=no'
[root@centos7 ~]#systemctl status httpd
● httpd.service - The Apache HTTP ServerLoaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)Active: inactive (dead)Docs: man:httpd(8)man:apachectl(8)Mar 02 19:58:34 centos7 systemd[1]: Starting The Apache HTTP Server...
Mar 02 19:58:35 centos7 httpd[1844]: AH00558: httpd: Could not reliably determine the server's fully qualifie...essage
Mar 02 19:58:36 centos7 systemd[1]: Started The Apache HTTP Server.
Mar 02 20:12:21 centos7 systemd[1]: Stopping The Apache HTTP Server...
Mar 02 20:12:22 centos7 systemd[1]: Stopped The Apache HTTP Server.
Hint: Some lines were ellipsized, use -l to show in full.
[root@ansible ~]#ansible 10.0.0.27 -m service -a 'name=httpd state=restarted'

6.16、User 模块

功能:管理用户,管理用户帐户和用户属性

#创建用户
[root@ansible ~]#ansible 10.0.0.27 -m user -a 'name=user1 comment="test user" uid=2048 home=/app/user1 group=root'[root@ansible ~]#ansible 10.0.0.27 -m user -a 'name=nginx comment=nginx uid=88 group=nginx groups="root,daemon" shell=/sbin/nologin system=yes create_home=no home=/data/nginx non_unique=yes'#remove=yes表示删除用户及家目录等数据,默认remove=no
[root@ansible ~]#ansible 10.0.0.27 -m user -a 'name=nginx state=absent remove=yes'#生成123456加密的密码
ansible localhost -m debug -a "msg={{ '123456'|
password_hash('sha512','salt')}}"
localhost | SUCCESS => {
"msg": "$6$salt$MktMKPZJ6t59GfxcJU20DwcwQzfMvOlHFVZiOVD71w."
} #用上面创建的密码创建用户
ansible webservers -m user -a 'name=test
password="$6$salt$MktMKPZJ6t59GfxcJU20DwcwQzfMvOlHFVZiOVD71w."'#创建用户test,并生成4096bit的私钥
ansible webservers -m user -a 'name=test generate_ssh_key=yes ssh_key_bits=4096
ssh_key_file=.ssh/id_rsa'

6.17、Group 模块

功能:管理组

#创建组
ansible webservers -m group -a 'name=nginx gid=88 system=yes'#删除组
ansible webservers -m group -a 'name=nginx state=absent'

6.18、 Lineinfile 模块

ansible在使用sed进行替换时,经常会遇到需要转义的问题,而且ansible在遇到特殊符号进行替换时,存在问题,无法正常进行替换 。其实在ansible自身提供了两个模块:lineinfile模块和replace模块,可以方便的进行替换

此模块确保文件中有特定行,或使用替换现有行反向引用的正则表达式

一般在ansible当中去修改某个文件的单行进行替换的时候需要使用lineinfile模块

regexp参数 :使用正则表达式匹配对应的行,当替换文本时,如果有多行文本都能被匹配,则只有最后面被匹配到的那行文本才会被替换,当删除文本时,如果有多行文本都能被匹配,这么这些行都会被删除。

如果想进行多行匹配进行替换需要使用replace模块

功能:相当于sed,可以修改文件内容

[root@ansible ~]#ansible 10.0.0.27 -m lineinfile -a "path=/etc/httpd/conf/httpd.conf regexp='^Listen' line='Listen 8080'"
[root@centos7 ~]#grep Listen /etc/httpd/conf/httpd.conf
# Listen: Allows you to bind Apache to specific IP addresses and/or
# Change this to Listen on specific IP addresses as shown below to
#Listen 12.34.56.78:80
Listen 8080[root@ansible ~]#ansible webservers -m lineinfile -a "path=/etc/selinux/config regexp='^SELINUX=' line='SELINUX=disabled'"[root@centos7 ~]#cat /etc/fstab#
# /etc/fstab
# Created by anaconda on Mon Jan 31 16:11:24 2022
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
UUID=099f9e4c-8094-4e19-ace1-f99b7f81744b /                       ext4    defaults        1 1
UUID=b36add53-d3f4-4ef7-9444-3c69bffb95db /boot                   xfs     defaults        0 0
UUID=756b01bd-ccee-4563-a492-7368bb57b100 /data                   xfs     defaults        0 0
UUID=076fc1a8-ac81-4378-8fcf-6968c31519bc swap                    swap    defaults        0 0[root@ansible ~]#ansible 10.0.0.27  -m lineinfile -a 'dest=/etc/fstab state=absent regexp="^#"'
[root@centos7 ~]#cat /etc/fstabUUID=099f9e4c-8094-4e19-ace1-f99b7f81744b /                       ext4    defaults        1 1
UUID=b36add53-d3f4-4ef7-9444-3c69bffb95db /boot                   xfs     defaults        0 0
UUID=756b01bd-ccee-4563-a492-7368bb57b100 /data                   xfs     defaults        0 0
UUID=076fc1a8-ac81-4378-8fcf-6968c31519bc swap                    swap    defaults        0 0

6.19、Replace 模块

功能:该模块有点类似于sed命令,主要也是基于正则表达式进行匹配和替换,建议使用

此模块将替换文件中模式的所有实例

[root@ansible ~]#ansible 10.0.0.27 -m replace -a "path=/etc/fstab regexp='^(UUID.*)' replace='#\1'"
[root@ansible ~]#ansible 10.0.0.27 -m replace -a "path=/etc/fstab regexp='^#(UUID.*)' replace='\1'"[root@centos7 ~]#vim /etc/httpd/conf/httpd.conf
#Listen 12.34.56.78:80
Listen 8080
Listen 8080
Listen 8080[root@ansible ~]#ansible 10.0.0.27 -m replace -a "path=/etc/httpd/conf/httpd.conf regexp='^Listen.*' replace='Listen 80'"
[root@centos7 ~]#grep Listen /etc/httpd/conf/httpd.conf
# Listen: Allows you to bind Apache to specific IP addresses and/or
# Change this to Listen on specific IP addresses as shown below to
#Listen 12.34.56.78:80
Listen 80
Listen 80
Listen 80

6.20、SELinux 模块

功能:管理 SELInux 策略,配置SELinux模式和策略,使用后可能需要重新启动

[root@ansible ~]#ansible 10.0.0.27 -m selinux -a 'state=disabled'[root@ansible ~]#getenforce
Disabled[root@ansible ~]#grep -v '#' /etc/selinux/config
SELINUX=disabled
SELINUXTYPE=targeted

6.21、reboot 模块

功能:重启,重新启动一台机器,等待它停机、恢复并响应命令

[root@ansible ~]#ansible webservers -m reboot

6.22、mount 挂载和卸载

功能: 挂载和卸载文件系统,此模块控制“/etc/fstab”中的活动和配置装载点。

#临时挂载
[root@ansible ~]#ansible webservers -m mount -a 'src="UUID=b3e48f45-f933-4c8e-a700-22a159ec9077" path=/home fstype=xfs opts=noatime state=present'#临时取消挂载
[root@ansible ~]#ansible webservers -m mount -a 'path=/home fstype=xfs opts=noatime state=unmounted'#永久挂载
[root@ansible ~]#ansible webservers -m mount -a 'src=10.0.0.17:/data/wordpress path=/var/www/html/wpcontent/uploads opts="_netdev" state=mounted'#永久卸载
[root@ansible ~]#ansible webservers -m mount -a 'src=10.0.0.17:/data/wordpress path=/var/www/html/wpcontent/uploads state=absent'

6.23、Setup 模块

功能: setup 模块来收集主机的系统信息,这些 facts 信息可以直接以变量的形式使用,但是如果主机较多,会影响执行速度,playbooks会自动调用此模块,以收集有关的有用变量可以在剧本中使用的远程主机

可以使用 gather_facts:no 来禁止 Ansible 收集 facts 信息

[root@ansible ~]#ansible 10.0.0.27 -m setup
[root@ansible ~]#ansible 10.0.0.27 -m setup -a "filter=ansible_nodename"
10.0.0.27 | SUCCESS => {"ansible_facts": {"ansible_nodename": "centos7","discovered_interpreter_python": "/usr/bin/python"},"changed": false
}
[root@ansible ~]#ansible 10.0.0.27 -m setup -a "filter=ansible_hostname"
10.0.0.27 | SUCCESS => {"ansible_facts": {"ansible_hostname": "centos7","discovered_interpreter_python": "/usr/bin/python"},"changed": false
}[root@ansible ~]#ansible 10.0.0.27 -m setup -a "filter=ansible_memtotal_mb"
10.0.0.27 | SUCCESS => {"ansible_facts": {"ansible_memtotal_mb": 1980,"discovered_interpreter_python": "/usr/bin/python"},"changed": false
}[root@ansible ~]#ansible 10.0.0.27 -m setup -a "filter=ansible_processor_vcpus"
10.0.0.27 | SUCCESS => {"ansible_facts": {"ansible_processor_vcpus": 2,"discovered_interpreter_python": "/usr/bin/python"},"changed": false
}[root@ansible ~]#ansible 10.0.0.27 -m setup -a "filter=ansible_distribution_version"
10.0.0.27 | SUCCESS => {"ansible_facts": {"ansible_distribution_version": "7.9","discovered_interpreter_python": "/usr/bin/python"},"changed": false
}[root@ansible ~]#ansible 10.0.0.27 -m setup -a "filter=ansible_os_family"
10.0.0.27 | SUCCESS => {"ansible_facts": {"ansible_os_family": "RedHat","discovered_interpreter_python": "/usr/bin/python"},"changed": false
}#取默认IP
[root@ansible ~]#ansible 10.0.0.27 -m setup -a 'filter="ansible_default_ipv4"'
10.0.0.27 | SUCCESS => {"ansible_facts": {"ansible_default_ipv4": {"address": "10.0.0.27","alias": "eth0","broadcast": "10.0.0.255","gateway": "10.0.0.2","interface": "eth0","macaddress": "00:50:56:3b:17:bf","mtu": 1500,"netmask": "255.255.255.0","network": "10.0.0.0","type": "ether"},"discovered_interpreter_python": "/usr/bin/python"},"changed": false
}

6.24、debug 模块

功能:此模块可以用于输出信息,并且通过 msg 定制输出的信息内容,该模块在执行期间打印语句,对调试非常有用

注意:msg后面的变量有时需要加 " " 引起来

[root@ansible ~]#ansible 10.0.0.17 -m debug
10.0.0.17 | SUCCESS => {"msg": "Hello world!"
}

相关文章

最新文章