day 39-集群架构-自动化管理-ansible的模块

day 39-集群架构-自动化管理-ansible的模块

yum install ansible -y

创建公钥：

ssh-keygen -f ~/.ssh/id_rsa  -P '' -q

分发公钥

sshpass -p111111 ssh-copy-id -f -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 172.16.1.31

测试：

ssh 172.16.1.$n "ifconfig eth0"

ansible的模块：

1、shell模块功能说明：（是执行远端的脚本）

查看模块：

[root@backup ~]# ansible-doc -l shell

查看某个模块的具体参数帮助：

[root@backup ~]# ansible-doc -s shell

实践：增加文本文件：

[root@m01 ~]# ansible oldboy -m shell -a "echo oldboy >/tmp/tmp.txt"

远程查看：

[root@m01 ~]# ansible oldboy -m shell -a "cat /tmp/tmp.txt"

远程执行其他服务器的脚本：（其他服务器必须存在此脚本）

[root@m01 /server/scripts]# ansible oldboy -m shell -a "sh /server/scripts/beifen.sh"

2、copy模块功能说明：（拷贝）

[root@m01 /server/scripts]# ansible oldboy -m copy -a "src=/server/scripts/beifen.sh dest=/server/scripts/ mode=ugo+x"  #---如果其他服务器内有脚本需要拷贝并设置权限

在执行：

[root@m01 /server/scripts]#ansible oldboy -m shell -a "sh /server/scripts/beifen.sh"

实践1：把/etc/hosts拷贝到/opt下，权限设置400，用户和组设置root

ansible oldboy -m copy -a "src=/etc/hosts  dest=/opt mode=400 owner=root group=root"

实践2：把/etc/passwd拷贝/tmp下改名为oldgirl，用户和组为oldboy，权限600，如果有存在同名文件覆盖

ansible oldboy -m copy -a "src=/etc/passwd  dest=/tmp/oldgirl mode=600 owner=oldboy group=oldboy force=yes"

3、script模块功能说明：（是把本地的脚本在远端执行）

ansible oldboy -m script -a "/server/scripts/1.sh"

4、file模块功能说明：设置文件属性(比较鸡肋)

替代方案：

ansible oldboy  -m command -a "chmod 777 /etc/hosts warn=false"

ansible oldboy  -m command -a "chmod 644 /etc/hosts warn=false"

ansible oldboy  -m command -a "chown oldboy /etc/hosts warn=false"

ansible oldboy  -m command -a "chown root /etc/hosts warn=false"

创建目录：mkdir /tmp/oldboy_dir

ansible oldboy -m file -a "dest=/tmp/oldboy_dir state=directory"

递归设置权限：

ansible oldboy -m file -a "dest=/tmp/oldboy_dir state=directory mode=644 recurse=yes"

创建文件：touch /tmp/oldboy_file

ansible oldboy -m file -a "dest=/tmp/oldboy_file state=touch"

删除文件：rm -f /tmp/oldboy_file

ansible oldboy -m file -a "dest=/tmp/oldboy_file state=absent"

创建链接文件：ln -s /etc/hosts /tmp/link_file

ansible oldboy -m file -a "src=/etc/hosts dest=/tmp/link_file state=link"

ansible oldboy -m file -a "dest=/tmp/oldboy_file state=touch owner=oldboy group=oldboy mode=000"

ansible oldboy -m file -a "dest=/tmp/oldboy_file state=touch owner=oldboy group=oldboy mode=ugo=rwx"

5、yum模块功能说明:安装(更鸡肋)

永远不要用yum卸载（会直接删除依赖 会出错）

可用rpm -e 卸载

本机控制远端服务器安装（不包括本机）

ansible oldboy -m yum -a "name=nginx state=installed"

6、systemd模块功能说明：启动服务

远端启动

ansible oldboy -m systemd -a "name=crond.service enabled=no state=stopped "

名字是crond.service 开机自启动关毕  状态关闭

ansible oldboy -m command -a "systemctl status crond"

查看状态

ansible oldboy -m systemd -a "name=crond.service enabled=yes state=started"

名字是crond.service  开机自启动开启  状态开启

7、cron模块功能说明：管理定时任务（鸡肋）

创建定时任务：

ansible oldboy -m cron -a "name='sync time' minute=00 hour=00 job='/usr/sbin/ntpdate time.nist.gov >/dev/null 2>&1'"

结果：

#Ansible: sync time

00 00 * * * /usr/sbin/ntpdate time.nist.gov >/dev/null 2>&1

添加如下定时任务：

05 03 * * * /bin/sh /server/scripts/backup.sh /server/scripts/list >/dev/null 2>&1

命令如下：

ansible oldboy -m cron -a "name='backup data' minute=05 hour=03 job='/bin/sh /server/scripts/backup.sh /server/scripts/list >/dev/null 2>&1'"

结果：

#Ansible: backup data

05 03 * * * /bin/sh /server/scripts/backup.sh /server/scripts/list >/dev/null 2>&1

删除定时任务：

ansible oldboy -m cron -a "name='backup data' state=absent"

添加定时任务：

[root@m01 ~]# ansible oldboy -m cron -a "name='定时' minute=05 hour=03 job='/bin/sh /server/scripts/backup.sh >/dev/null 2>&1'"

注释定时任务：

[root@m01 ~]# ansible oldboy -m cron -a "name='backup data' minute=05 hour=04 job='/bin/sh /server/scripts/backup.sh' disabled=yes"

8、command模块功能说明

command  Executes a command on a remote node

功能说明：执行一个命令在远程节点上

操作实践：

ansible oldboy -m command -a "free -m"

ansible oldboy -m command -a "df -h"

ansible oldboy -m command -a "ls /root"

ansible oldboy -m command -a "cat redhat-release"

ansible oldboy -m command -a "cat /etc/redhat-release"

最通用的功能。

[root@m01 ~]# ansible oldboy -m command -a "cat /etc/redhat-release"

172.16.1.7 | CHANGED | rc=0 >>

CentOS Linux release 7.6.1810 (Core)

172.16.1.31 | CHANGED | rc=0 >>

CentOS Linux release 7.6.1810 (Core)

172.16.1.41 | CHANGED | rc=0 >>

CentOS Linux release 7.6.1810 (Core)

[root@m01 ~]# cat /server/scripts/cmd.sh

for n in 31 41

do

  echo "=====172.16.1.$n======"

  ssh 172.16.1.$n "$1"

done

[root@m01 ~]# sh /server/scripts/cmd.sh "cat /etc/redhat-release"

=====172.16.1.31======

CentOS Linux release 7.6.1810 (Core)

=====172.16.1.41======

CentOS Linux release 7.6.1810 (Core)

特殊：不支持的东西，例如 > < | &等 $HOME，替代方案用shell模块

ansible oldboy -m shell -a "ps -ef|grep ssh"

ansible oldboy -m shell -a "echo oldboy >/tmp/a.log"

参数：chdir=/tmp配置相当于cd /tmp

[root@m01 ~]# ansible oldboy  -m command -a "pwd chdir=/etc"

ansible oldboy  -m shell -a "cd /etc/;pwd"

参数：creates=/etc  相当于条件测试  [ -e /etc ]||pwd 和下面removes相反

[root@m01 ~]# ansible oldboy  -m command -a "pwd creates=/etc"

参数：removes=/root 相当于条件测试 [ -e /root ]&&ls /root

ansible oldboy  -m command -a "ls /root removes=/root"

ansible oldboy  -m shell -a "[ -d /etc ]||pwd"

[root@m01 ~]# ansible oldboy  -m command -a "cat /etc/hosts removes=/etc/hosts"

参数：warn=False 忽略警告

[root@m01 ~]# ansible oldboy  -m command -a "chmod 000 /etc/hosts warn=False"

9、service模块功能说明：

功能说明：启动停止服务

#相当于

#service crond stop|/etc/init.d/crond stop

#chkconfig crond off

ansible oldboy -m service -a "name=crond state=stop enabled=no"

#相当于/etc/init.d/crond start

chkconfig crond on

ansible oldboy -m service -a "name=crond state=started enabled=yes"

ansible oldboy -m command -a "name=crond state=started enabled=yes"