Ansible简介:
ansible是什么?
ansible是自动化运维工具
自动化运维工具那么多,比如(statstack,puppet,cfengine、chef、func、fabric)为什么,偏偏要使用ansible呢?
他有哪些好处,那他到底能做些什么呢?
好了,接下来一一说明:
首先ansible是新出现的自动化运维工具,基于Python开发,集合了众多运维工具(puppet、cfengine、chef、func、fabric)的优点,实现了批量系统配置、批量程序部署、批量运行命令等功能,ansible是基于模块工作的,本身没有批量部署的能力。真正具有批量部署的是ansible所运行的模块,ansible只是提供一种框架。
重点:他不像saltstack那种自动化运维工具,还点需要安装客户端才可以配合完成需求,在这方面ansible没有客户端,而且被管理的客户端也无需安装任何插件,也没有服务器端,只需要直接运行把ansible安装上后运行命令即可,是不是很简便呢,ansible只需要将自己的key值分享给客户端节点主机即可实现批量化运维管理。
ansible大体分为以下几个部分:
(1)、连接插件connection plugins:负责和被监控端实现通信;
(2)、host inventory:指定操作的主机,是一个配置文件里面定义监控的主机;
(3)、各种模块核心模块、command模块、自定义模块;
(4)、借助于插件完成记录日志邮件等功能;
(5)、playbook:剧本执行多个任务时,非必需可以让节点一次性运行多个任务。
ansible的具体优点:
(1)、轻量级,无需在客户端安装agent,更新时,只需在操作机上进行一次更新即可;
(2)、批量任务执行可以写成脚本,而且不用分发到远程就可以执行;
(3)、使用python编写,维护更简单,ruby语法过于复杂;
(4)、支持sudo。
ansible的运行过程:
接下来就开始正式安装ansible了
实验环境:
Centos7.2系统为例
在安装之前我们要,首先安装python环境,为什么呢?因为之前有提到过ansible是基于python语言开发的,所以ansible的所有功能都是通过python模块来实现的。
1.安装python2.7
官网安装包网址:https://www.python.org/ftp/python/2.7.8/Python-2.7.8.tgz
下载完后开始解压,配置
# tar xvzf Python-2.7.8.tgz
# cd Python-2.7.8
# ./configure --prefix=/usr/local编译安装python
[root@192 Python-2.7.8]# make && make install注意:将python头文件拷贝到标准目录,以避免编译ansible时,找不到所需的头文件
[root@192 Python-2.7.8]# cd /usr/local/include/python2.7/
[root@192 python2.7]# cp -a ./* /usr/local/include/接下来对旧版本的python做个备份,并符号链接到新版本的python
查看旧版本:
可以看到旧版本为2.7.5
[root@192 ~]# python -V
Python 2.7.5[root@192 ~]# cd /usr/bin/
[root@192 bin]# mv python python2.7.5
[root@192 bin]# ln -s /usr/local/bin/python接下来修改yum脚本,使其指向旧版本的python2.7.5,已避免其无法运行
[root@192 ~]# vim /usr/bin/yumyum脚本内容:
主要修改红颜色的部分
#!/usr/bin/python2.7.5
#!/usr/bin/python2.7.5
import sys
try:
import yum
except ImportError:
print >> sys.stderr, """\
There was a problem importing one of the Python modules
required to run yum. The error leading to this problem was:保存退出,检查一下yum源看是否能正常使用。
[root@192 ~]# yum list发现执行yum list命令卡主不动了,报了一堆错误,那是因为还有一个配置文件和没有修改
就是这个配置文件:
vi /usr/libexec/urlgrabber-ext-down进去修改一致即可:
#! /usr/bin/python2.7.5
# A very simple external downloader
# Copyright 2011-2012 Zdenek Pavlas
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public这次yum就可以正常使用了!!!
安装完了python环境,那么接下来就要安装ansible所需要的功能模块了。他们都是基于python提供的
2.安装setuptools模块
官方模块网址:https://pypi.python.org/packages/source/s/setuptools/setuptools-7.0.tar.gz
[root@192 ~]# tar zxf setuptools-7.0.tar.gz
[root@192 ~]# cd setuptools-7.0/
[root@192 setuptools-7.0]# python setup.py install运行时候,突然出现错误,如下图所示
creating 'dist/setuptools-7.0-py2.7.egg' and adding 'build/bdist.linux-x86_64/egg' to it
Traceback (most recent call last):
File "setup.py", line 219, in <module>
dist = setuptools.setup(**setup_params)
File "/usr/local/lib/python2.7/distutils/core.py", line 151, in setup
dist.run_commands()
File "/usr/local/lib/python2.7/distutils/dist.py", line 953, in run_commands
self.run_command(cmd)
File "/usr/local/lib/python2.7/distutils/dist.py", line 972, in run_command
cmd_obj.run()
File "/root/setuptools-7.0/setuptools/command/install.py", line 67, in run
self.do_egg_install()
File "/root/setuptools-7.0/setuptools/command/install.py", line 109, in do_egg_install
self.run_command('bdist_egg')
File "/usr/local/lib/python2.7/distutils/cmd.py", line 326, in run_command
self.distribution.run_command(command)
File "/usr/local/lib/python2.7/distutils/dist.py", line 972, in run_command
cmd_obj.run()
File "/root/setuptools-7.0/setuptools/command/bdist_egg.py", line 223, in run
dry_run=self.dry_run, mode=self.gen_header())
File "/root/setuptools-7.0/setuptools/command/bdist_egg.py", line 472, in make_zipfile
z = zipfile.ZipFile(zip_filename, mode, compression=compression)
File "/usr/local/lib/python2.7/zipfile.py", line 736, in __init__
"Compression requires the (missing) zlib module"
RuntimeError: Compression requires the (missing) zlib module
[root@192 setuptools-7.0]#出错的原因:
提示的很清楚,缺少 zlib模块导致安装失败
解决方式:
[root@192 ~]# yum -y install zlib zlib-devel下载成功后,进入python2.7的目录,重新执行
[root@192 ~]# cd Python-2.7.8/
[root@192 Python-2.7.8]# make && make install此时先前执行的 软连接仍旧生效
然后进入 setuptool目录,重新安装
[root@192 setuptools-7.0]# python setup.py install安装成功显示结果:
copying setuptools.egg-info/requires.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying setuptools.egg-info/top_level.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
creating 'dist/setuptools-7.0-py2.7.egg' and adding 'build/bdist.linux-x86_64/egg' to it
removing 'build/bdist.linux-x86_64/egg' (and everything under it)
Processing setuptools-7.0-py2.7.egg
Copying setuptools-7.0-py2.7.egg to /usr/local/lib/python2.7/site-packages
Adding setuptools 7.0 to easy-install.pth file
Installing easy_install script to /usr/local/bin
Installing easy_install-2.7 script to /usr/local/bin
Installed /usr/local/lib/python2.7/site-packages/setuptools-7.0-py2.7.egg
Processing dependencies for setuptools==7.0
Finished processing dependencies for setuptools==7.0
[root@192 setuptools-7.0]#3.安装pycrypto模块
官方模块网址:https://pypi.python.org/packages/source/p/pycrypto/pycrypto-2.6.1.tar.gz
[root@192 ~]# tar zxf pycrypto-2.6.1.tar.gz
[root@192 ~]# cd pycrypto-2.6.1/
[root@192 pycrypto-2.6.1]# python setup.py install4.安装PyYAML模块
官方模块网址:https://pypi.python.org/packages/source/P/PyYAML/PyYAML-3.11.tar.gz
[root@192 ~]# tar zxf PyYAML-3.11.tar.gz
[root@192 ~]# cd PyYAML-3.11/
[root@192 PyYAML-3.11]# python setup.py install5.安装Jinja2模块
官方模块网址:https://pypi.python.org/packages/source/M/MarkupSafe/MarkupSafe-0.9.3.tar.gz
[root@192 ~]# tar zxf MarkupSafe-0.9.3.tar.gz
[root@192 ~]# cd MarkupSafe-0.9.3/
[root@192 MarkupSafe-0.9.3]# python setup.py install官方模块网址:https://pypi.python.org/packages/source/J/Jinja2/Jinja2-2.7.3.tar.gz
[root@192 ~]# tar zxf Jinja2-2.7.3.tar.gz
[root@192 ~]# cd Jinja2-2.7.3/
[root@192 Jinja2-2.7.3]# python setup.py install6.安装paramiko模块
官方模块网址:https://pypi.python.org/packages/source/e/ecdsa/ecdsa-0.11.tar.gz
[root@192 ~]# tar zxf ecdsa-0.11.tar.gz
[root@192 ~]# cd ecdsa-0.11/
[root@192 ecdsa-0.11]# python setup.py install官方模块网址:https://pypi.python.org/packages/source/p/paramiko/paramiko-1.15.1.tar.gz
[root@192 ~]# tar zxf paramiko-1.15.1.tar.gz
[root@192 ~]# cd paramiko-1.15.1/
[root@192 paramiko-1.15.1]# python setup.py install7.安装simplejson模块
官方模块网址:https://pypi.python.org/packages/source/s/simplejson/simplejson-3.6.5.tar.gz
[root@192 ~]# tar zxf simplejson-3.6.5.tar.gz
[root@192 ~]# cd simplejson-3.6.5/
[root@192 simplejson-3.6.5]# python setup.py install接下来开始安装ansible以及进行ansible的相关配置
官方ansible安装包网址:https://codeload.github.com/ansible/ansible/tar.gz/v1.7.2
[root@192 ~]# tar zxf ansible-1.7.2.tar.gz
[root@192 ~]# cd ansible-1.7.2/
[root@192 ansible-1.7.2]# python setup.py install8.ansible的配置:
(1.)SSH免密钥登录设置
[root@192 ~]# ssh-keygen -t rsa -P ''key文件的名字可以随便起,但是一定要对应上。
[root@192 ~]# ssh-keygen -t rsa -P ''
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): /root/.ssh/id_rsa_storm1
Created directory '/root/.ssh'.
Your identification has been saved in /root/.ssh/id_rsa_storm1.
Your public key has been saved in /root/.ssh/id_rsa_storm1.pub.
The key fingerprint is:
39:05:df:15:a3:af:4f:dc:30:c1:b8:8c:97:b3:82:bb root@192.168.1.13
The key's randomart image is:
+--[ RSA 2048]----+
| . +. |
| o . = . |
| o + o |
| o o + . |
| S . * + |
| o . = + |
| . . o o .|
| . . o |
| E. . |
+-----------------+写入信任key值,受于authorized_keys文件权限:
[root@192 ~]# cd /root/.ssh/
[root@192 .ssh]# ls
id_rsa_storm1 id_rsa_storm1.pub
[root@192 .ssh]# cat /root/.ssh/id_rsa_storm1.pub >> /root/.ssh/authorized_keys
[root@192 .ssh]# chmod 600 /root/.ssh/authorized_keys接下来将authorized_keys文件分发拷贝到所有客户主机上:
[root@192 .ssh]# ls
authorized_keys id_rsa_storm1 id_rsa_storm1.pub known_hosts
[root@192 .ssh]# scp authorized_keys root@192.168.1.17:/root/.ssh/
root@192.168.1.17's password:
authorized_keys 100% 399 0.4KB/s 00:00
[root@192 .ssh]# scp authorized_keys root@192.168.1.18:/root/.ssh/
The authenticity of host '192.168.1.18 (192.168.1.18)' can't be established.
ECDSA key fingerprint is 37:8f:0c:17:94:47:51:eb:82:38:47:01:89:f0:ff:5c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.18' (ECDSA) to the list of known hosts.
root@192.168.1.18's password:
authorized_keys 100% 399 0.4KB/s 00:00然后在添加相应的权限:
[root@192 .ssh]# ls
authorized_keys
[root@192 .ssh]# chmod 600 /root/.ssh/authorized_keys这样免秘钥登录就配置完了,接下来开始配置ansible了
创建ansible主配置目录及配置文件
[root@192 ~]# mkdir -p /etc/ansible
[root@192 ~]# vim /etc/ansible/ansible.cfg注意:端口和key的文件一定要配置对
[defaults]
inventory = /etc/ansible/hosts
sudo_user=root
remote_port=22
host_key_checking=False
remote_user=root
log_path=/var/log/ansible.log
module_name=command
private_key_file=/root/.ssh/id_rsa_storm1
no_log:True主配置文件配好了,接下来开始配置要管理的节点客户端ip了
[root@192 ~]# cd /etc/ansible/
[root@192 ansible]# ls
ansible.cfg
[root@192 ansible]# vim hosts[storm_cluster]
192.168.1.13
192.168.1.17
192.168.1.18到此环境就部署配置好了,接下来进行个简单的测试
ansible storm_cluster -m command -a 'uptime'如下图所示,免秘钥登录,探测到三台主机存活
[root@192 ansible]# ansible storm_cluster -m command -a 'uptime'
192.168.1.18 | success | rc=0 >>
16:49:19 up 2:07, 4 users, load average: 0.00, 0.01, 0.13
192.168.1.13 | success | rc=0 >>
16:49:20 up 2:15, 4 users, load average: 0.08, 0.03, 0.05
192.168.1.17 | success | rc=0 >>
16:49:22 up 2:12, 4 users, load average: 0.34, 0.09, 0.07
[root@192 ansible]#9.ansible常用模块的使用
(1.)setup
用来查看远程主机的一些基本信息
ansible storm_cluster -m setup],
"ansible_nodename": "192.168.1.17",
"ansible_os_family": "RedHat",
"ansible_pkg_mgr": "yum",
"ansible_processor": [
"Intel(R) Core(TM) i3-2130 CPU @ 3.40GHz"
],
"ansible_processor_cores": 1,
"ansible_processor_count": 1,
"ansible_processor_threads_per_core": 1,
"ansible_processor_vcpus": 1,
"ansible_product_name": "VMware Virtual Platform",
"ansible_product_serial": "VMware-56 4d 3c 84 8e bc 43 9b-5a 60 08 d6 6c eb f2 45",
"ansible_product_uuid": "564D3C84-8EBC-439B-5A60-08D66CEBF245",
"ansible_product_version": "None",
"ansible_python_version": "2.7.5",
"ansible_selinux": {
"config_mode": "enforcing",
"mode": "enforcing",
"policyvers": 28,
"status": "enabled",
"type": "targeted"
},
"ansible_ssh_host_key_ecdsa_public": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDP/fKLgZgxXjmNUdIdpOTo7j94hOqSmWEMSOl4dVfX464AXQdk9dDcEvB+uXZTlw/ONRsXPBEx0q2Af2ihzQ2o=",
"ansible_ssh_host_key_rsa_public": "AAAAB3NzaC1yc2EAAAADAQABAAABAQDAagKWry+A1/ibuHuJrYsVQTE0an/MG72/GiIFgd9aCWNfDzOov7EjraDp7KhS1chtek9tz5s0lF25ofz9CKNqZgcIg4tibYw5GdvPRAzLRdn270Jy+JpC//kICc3VL5/xhd4nLHFjUnHEI8mNEvmpDTBvPwkwHX6o2UsfzQuEfao9/bxskho1lXf6V9hT+HfGxIhgoKfSV0GyDuJjel1IFvhpjdzrGkTqNss6BVeqb14FBWjoH0I3ohYZBMTPIcGPdTHuMvLjlCYHTHQLGttnMSw5Xlw/BmmwqzrwMbuCQ2i2oQ4jOPkIyOUq8fvb8XqNz8glsv2mJszKEzmS2rgf",
"ansible_swapfree_mb": 472,
"ansible_swaptotal_mb": 475,
"ansible_system": "Linux",
"ansible_system_vendor": "VMware, Inc.",
"ansible_user_id": "root",
"ansible_userspace_architecture": "x86_64",
"ansible_userspace_bits": "64",
"ansible_virbr0": {
"active": false,
"device": "virbr0",
"id": "8000.000000000000",
"interfaces": [],
"ipv4": {
"address": "192.168.122.1",
"netmask": "255.255.255.0",
"network": "192.168.122.0"
},
"mtu": 1500,
"promisc": false,
"stp": true,
"type": "bridge"
},
"ansible_virbr0_nic": {
"active": false,
"device": "virbr0-nic",
"macaddress": "52:54:00:ad:cb:74",
"mtu": 1500,
"promisc": false,
"type": "ether"
},
"ansible_virtualization_role": "guest",
"ansible_virtualization_type": "VMware",
"module_setup": true
},
"changed": false
}(2.)ping
用来测试远程主机的运行状态
ansible storm_cluster -m ping[root@192 ansible]# ansible storm_cluster -m ping
192.168.1.13 | success >> {
"changed": false,
"ping": "pong"
}
192.168.1.18 | success >> {
"changed": false,
"ping": "pong"
}
192.168.1.17 | success >> {
"changed": false,
"ping": "pong"
}(3.)file
设置文件的属性,及相关选项说明
force:需要在两种情况下强制创建软链接,一种是源文件不存在,但之后会建立的情况下;另一种是目标软链接已存在,需要先取消之前的软链,然后创建新的软链,有两个选项:yes|no
group:定义文件/目录的属组
mode:定义文件/目录的权限
owner:定义文件/目录的属主
path:必选项,定义文件/目录的路径
recurse:递归设置文件的属性,只对目录有效
src:被链接的源文件路径,只应用于state=link的情况
dest:被链接到的路径,只应用于state=link的情况
state:
directory:如果目录不存在,就创建目录
file:即使文件不存在,也不会被创建
link:创建软链接
hard:创建硬链接
touch:如果文件不存在,则会创建一个新的文件,如果文件或目录已存在,则更新其最后修改时间
absent:删除目录、文件或者取消链接文件
实例:远程文件符号链接创建
ansible storm_cluster -m file -a "src=/etc/resolv.conf dest=/tmp/resolv.conf state=link"[root@192 ansible]# ansible storm_cluster -m file -a "src=/etc/resolv.conf dest=/tmp/resolv.conf state=link"
192.168.1.17 | success >> {
"changed": true,
"dest": "/tmp/resolv.conf",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 16,
"src": "/etc/resolv.conf",
"state": "link",
"uid": 0
}
192.168.1.18 | success >> {
"changed": true,
"dest": "/tmp/resolv.conf",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 16,
"src": "/etc/resolv.conf",
"state": "link",
"uid": 0
}远程文件符号链接删除
ansible storm_cluster -m file -a "path=/tmp/resolv.conf state=absent"[root@192 ansible]# ansible storm_cluster -m file -a "path=/tmp/resolv.conf state=absent"
192.168.1.18 | success >> {
"changed": true,
"path": "/tmp/resolv.conf",
"state": "absent"
}
192.168.1.17 | success >> {
"changed": true,
"path": "/tmp/resolv.conf",
"state": "absent"
}
192.168.1.13 | success >> {
"changed": true,
"path": "/tmp/resolv.conf",
"state": "absent"
}远程文件信息查看
ansible storm_cluster -m command -a "ls -al /tmp/resolv.conf"[root@192 ansible]# ansible storm_cluster -m command -a "ls -al /tmp/resolv.conf"
192.168.1.18 | FAILED | rc=2 >>
ls: cannot access /tmp/resolv.conf: No such file or directory
192.168.1.13 | FAILED | rc=2 >>
ls: cannot access /tmp/resolv.conf: No such file or directory
192.168.1.17 | FAILED | rc=2 >>
ls: cannot access /tmp/resolv.conf: No such file or directory上述结果是因为软连接,已被删除掉了
(4.)copy
复制文件到远程主机
相关选项如下:
backup:在覆盖之前,将源文件备份,备份文件包含时间信息。有两个选项:yes|no
content:用于替代“src”,可以直接设定指定文件的值
dest:必选项。要将源文件复制到的远程主机的绝对路径,如果源文件是一个目录,那么该路径也必须是个目录
directory_mode:递归设定目录的权限,默认为系统默认权限
force:如果目标主机包含该文件,但内容不同,如果设置为yes,则强制覆盖,如果为no,则只有当目标主机的目标位置不存在该文件时,才复制。默认为yes
others:所有的file模块里的选项都可以在这里使用
src:被复制到远程主机的本地文件,可以是绝对路径,也可以是相对路径。如果路径是一个目录,它将递归复制。在这种情况下,如果路径使用“/”来结尾,则只复制目录里的内容,如果没有使用“/”来结尾,则包含目录在内的整个内容全部复制,类似于rsync。
实例:将本地文件“/etc/ansible/ansible.cfg”复制到远程服务器
ansible storm_cluster -m copy -a "src=/etc/ansible/ansible.cfg dest=/tmp/ansible.cfg owner=root group=root mode=0644"192.168.1.18 | success >> {
"changed": true,
"dest": "/tmp/ansible.cfg",
"gid": 0,
"group": "root",
"md5sum": "c5dbf4b7bb57fbaa9242b18e9c2da1a7",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 218,
"src": "/root/.ansible/tmp/ansible-tmp-1536052575.58-107941816844920/source",
"state": "file",
"uid": 0
}
192.168.1.17 | success >> {
"changed": true,
"dest": "/tmp/ansible.cfg",
"gid": 0,
"group": "root",
"md5sum": "c5dbf4b7bb57fbaa9242b18e9c2da1a7",
"mode": "0644",
"owner": "root",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 218,
"src": "/root/.ansible/tmp/ansible-tmp-1536052575.59-234288192163450/source",
"state": "file",
"uid": 0
}远程文件信息查看
ansible storm_cluster -m command -a "ls -al /tmp/ansible.cfg"[root@192 ansible]# ansible storm_cluster -m command -a "ls -al /tmp/ansible.cfg"
192.168.1.13 | FAILED | rc=2 >>
ls: cannot access /tmp/ansible.cfg: No such file or directory
192.168.1.18 | success | rc=0 >>
-rw-r--r--. 1 root root 218 Sep 4 17:16 /tmp/ansible.cfg
192.168.1.17 | success | rc=0 >>
-rw-r--r--. 1 root root 218 Sep 4 17:16 /tmp/ansible.cfg(5)、command
在远程主机上执行命令,相关选项如下:
creates:一个文件名,当该文件存在,则该命令不执行
free_form:要执行的linux指令
chdir:在执行指令之前,先切换到该目录
removes:一个文件名,当该文件不存在,则该选项不执行
executable:切换shell来执行指令,该执行路径必须是一个绝对路径
示例:
ansible storm_cluster -m command -a "uptime"[root@192 ansible]# ansible storm_cluster -m command -a "uptime"
192.168.1.13 | success | rc=0 >>
17:23:58 up 2:49, 4 users, load average: 0.00, 0.03, 0.05
192.168.1.17 | success | rc=0 >>
17:23:59 up 2:47, 4 users, load average: 0.00, 0.01, 0.05
192.168.1.18 | success | rc=0 >>
17:23:59 up 2:42, 4 users, load average: 0.00, 0.01, 0.05(6)、shell
切换到某个shell执行指定的指令,参数与command相同。
与command不同的是,此模块可以支持命令管道,同时还有另一个模块也具备此功能:raw
实例:
先在本地创建一个SHELL脚本
vim /tmp/rocketzhang_test.sh
#!/bin/sh
date +%F_%H:%M:%S#chmod +x /tmp/rocketzhang_test.sh将创建的脚本文件分发到远程
ansible storm_cluster -m copy -a "src=/tmp/rocketzhang_test.sh dest=/tmp/rocketzhang_test.sh owner=root group=root mode=0755"192.168.1.18 | success >> {
"changed": true,
"dest": "/tmp/test.sh",
"gid": 0,
"group": "root",
"md5sum": "8ea0ac9cfaf0b8147309d94a3af3b028",
"mode": "0755",
"owner": "root",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 31,
"src": "/root/.ansible/tmp/ansible-tmp-1536053419.29-91008923615849/source",
"state": "file",
"uid": 0
}
192.168.1.17 | success >> {
"changed": true,
"dest": "/tmp/test.sh",
"gid": 0,
"group": "root",
"md5sum": "8ea0ac9cfaf0b8147309d94a3af3b028",
"mode": "0755",
"owner": "root",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 31,
"src": "/root/.ansible/tmp/ansible-tmp-1536053419.3-9213016393864/source",
"state": "file",
"uid": 0
}远程执行
ansible storm_cluster -m shell -a "/tmp/rocketzhang_test.sh"192.168.1.17 | success | rc=0 >>
2018-09-04_17:39:24
192.168.1.18 | success | rc=0 >>
2018-09-04_17:39:24如上图可以看到远程脚本已经启动!!!
(7)、更多模块
其他常用模块,比如:service、cron、yum、synchronize就不一一例举,可以结合自身的系统环境进行测试。
service:系统服务管理
cron:计划任务管理
yum:yum软件包安装管理
synchronize:使用rsync同步文件
user:系统用户管理
group:系统用户组管理
更多模块可以参考:
ansible-doc –l参考如下:
[root@192 ansible]# ansible-doc -l
acl Sets and retrieves file ACL information.
add_host add a host (and alternatively a group) to the ansible-playbo
airbrake_deployment Notify airbrake about app deployments
alternatives Manages alternative programs for common commands
apache2_module enables/disables a module of the Apache2 webserver
apt Manages apt-packages
apt_key Add or remove an apt key
apt_repository Add and remove APT repositories
apt_rpm apt_rpm package manager
arista_interface Manage physical Ethernet interfaces
arista_l2interface Manage layer 2 interfaces
arista_lag Manage port channel (lag) interfaces
arista_vlan Manage VLAN resources
assemble Assembles a configuration file from fragments
assert Fail with custom message
at Schedule the execution of a command or script file via the a
authorized_key Adds or removes an SSH authorized key
azure create or terminate a virtual machine in azure
bigip_facts Collect facts from F5 BIG-IP devices
bigip_monitor_http Manages F5 BIG-IP LTM http monitors
bigip_monitor_tcp Manages F5 BIG-IP LTM tcp monitors
bigip_node Manages F5 BIG-IP LTM nodes
bigip_pool Manages F5 BIG-IP LTM pools
bigip_pool_member Manages F5 BIG-IP LTM pool members
boundary_meter Manage boundary meters
bzr Deploy software (or files) from bzr branches
campfire Send a message to Campfire
capabilities Manage Linux capabilities
cloudformation create a AWS CloudFormation stack
command Executes a command on a remote node
composer Dependency Manager for PHP
copy Copies files to remote locations.
cpanm Manages Perl library dependencies.
:相关网站:http://docs.ansible.com/modules_by_category.html
(8)、一些概念补充
playbook的组成:playbook是由一个或多个“play”组成的列表,可以让它们联同起来按事先编排的机制执行;所谓task无非是调用ansible的一个module,而在模块参数中可以使用变量;模块执行是幂等的,这意味着多次执行是安全的,因为其结果均一致;
执行模型:task list中的各任务按次序逐个在hosts中指定的所有主机上执行,即在所有主机上完成第一个任务后再开始第二个。在顺序运行某playbook时,如果中途发生错误,所有已执行任务都将回滚,因此,在修改playbook后重新执行一次即可;
task组成:每个task都应该有其name,用于playbook的执行结果输出,建议其内容尽可能清晰地描述任务执行步骤。如果未提供name,则action的结果将用于输出;
notify指定handler的执行机制:“notify”这个action可用于在每个play的最后被触发,在notify中列出的操作称为handler,仅在所有的变化发生完成后一次性地执行指定操作。
ansible视频网站:http://edu.51cto.com/course/course_id-2220.html
