目录
1、blockinfile模块使用:
在node1上文件ansible_text文件中写入内容 ansible
[root@server ~]# ansible client_1 -m shell -a "echo ansible > ansible_text"
client_1 | CHANGED | rc=0 >>
[student@client_1 ~]$ cat ansible_text
ansible
然后使用blockinfile模块,在文件中插入内容 blockinfile insert content
[root@server ~]# ansible client_1 -m blockinfile -a "path=/home/student/ansible_text block='blockinfile insert content'"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Block inserted"
}
[student@client_1 ~]$ cat ansible_text
ansible
# BEGIN ANSIBLE MANAGED BLOCK
blockinfile insert content
# END ANSIBLE MANAGED BLOCK
然后插入内容 blockinfile with marker 且使用指定标记: marker=#{mark}test
[root@server ~]# ansible client_1 -m blockinfile -a "path=/home/student/ansible_text block='blockinfile with marker' marker=#{mark}test"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Block inserted"
}
[student@client_1 ~]$ cat ansible_text
ansible
# BEGIN ANSIBLE MANAGED BLOCK
blockinfile insert content
# END ANSIBLE MANAGED BLOCK
#BEGINtest
blockinfile with marker
#ENDtest
在blockinfile insert content之前插入 insertbefore
[root@server ~]# ansible client_1 -m blockinfile -a "path=/home/student/ansible_text block='insertbefore' insertbefore='blockinfile insert content' marker=#{mark}before"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Block inserted"
}
[student@client_1 ~]$ cat ansible_text
ansible
# BEGIN ANSIBLE MANAGED BLOCK
#BEGINbefore
insertbefore
#ENDbefore
blockinfile insert content
# END ANSIBLE MANAGED BLOCK
#BEGINtest
blockinfile with marker
#ENDtest
在blockinfile insert content之后插入 insertafter
[root@server ~]# ansible client_1 -m blockinfile -a "path=/home/student/ansible_text block='insertafter' insertafter='blockinfile insert content' marker=#{mark}after"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Block inserted"
}
[student@client_1 ~]$ cat ansible_text
ansible
# BEGIN ANSIBLE MANAGED BLOCK
#BEGINbefore
insertbefore
#ENDbefore
blockinfile insert content
#BEGINafter
insertafter
#ENDafter
# END ANSIBLE MANAGED BLOCK
#BEGINtest
blockinfile with marker
#ENDtest
删除其中一行内容
[root@server ~]# ansible client_1 -m blockinfile -a "path=/home/student/ansible_text block='' state=absent marker=#{mark}test"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Block removed"
}
[student@client_1 ~]$ cat ansible_text
ansible
# BEGIN ANSIBLE MANAGED BLOCK
#BEGINbefore
insertbefore
#ENDbefore
blockinfile insert content
#BEGINafter
insertafter
#ENDafter
# END ANSIBLE MANAGED BLOCK
2、lineinfile模块使用
向node节点上文件 ansible_text2文件如插入内容 lineinfile insert content
[root@server ~]# ansible client_1 -m shell -a "echo lineinfile insert content > ansible_text2"
client_1 | CHANGED | rc=0 >>
[student@client_1 ~]$ cat ansible_text2
lineinfile insert content删除lineinfile insert content
[root@server ~]# ansible client_1 -m lineinfile -a "path=/home/student/ansible_text2 line='lineinfile insert content' state=absent"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"found": 1,
"msg": "1 line(s) removed"
}
[student@client_1 ~]$ cat ansible_text2
[student@client_1 ~]$ 重新插入lineinfile insert content
[root@server ~]# ansible client_1 -m lineinfile -a "path=/home/student/ansible_text2 line='lineinfile insert content'"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
[student@client_1 ~]$ cat ansible_text2
lineinfile insert content
在之前插入: insertbefore
[root@server ~]# ansible client_1 -m lineinfile -a "path=/home/student/ansible_text2 line=insertbefore insertbefore='lineinfile insert content'"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
[student@client_1 ~]$ cat ansible_text2
insertbefore
lineinfile insert content
在它之后插入: insertafter
[root@server ~]# ansible client_1 -m lineinfile -a "path=/home/student/ansible_text2 line=insertafter insertafter='lineinfile insert content'"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
[student@client_1 ~]$ cat ansible_text2
insertbefore
lineinfile insert content
insertafter
插入:Hello ansible,Hiiii
[root@server ~]# ansible client_1 -m lineinfile -a "path=/home/student/ansible_text2 line='Hello ansible,Hiiii'"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
[student@client_1 ~]$ cat ansible_text2
insertbefore
lineinfile insert content
insertafter
Hello ansible,Hiiii
文件中的"Hello ansible,Hiiii"替换成"Hiiii"(使用正则表达式和backrefs)
[root@server ~]# ansible client_1 -m lineinfile -a "path=/home/student/ansible_text2 regexp='(H.{4}).*(H.{4})' line='\2' backrefs=yes"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line replaced"
}
[student@client_1 ~]$ cat ansible_text2
insertbefore
lineinfile insert content
insertafter
Hiiii
3、archive模块使用
将node上的目录进行压缩
[root@server ~]# ansible client_1 -m archive -a "path=/home/student dest=/home/student/student.tar.gz format=gz"
client_1 | CHANGED => {
[student@client_1 ~]$ ll student.tar.gz
-rw-r--r--. 1 root root 201039 Aug 5 22:25 student.tar.gz
4、unarchive模块使用
[root@server ~]# ansible client_1 -m file -a "path=/home/student/unarchive_server state=directory"
client_1 | CHANGED => {
将node主机上的包解压
[root@server ~]# ansible client_1 -m file -a "path=/home/student/unarchive_client state=directory"
client_1 | CHANGED => {
[root@server ~]# ansible client_1 -m unarchive -a "src=/home/student/student.tar.gz dest=/home/student/unarchive_client copy=no"
client_1 | CHANGED => {
将server主机上的包解压到node主机且设置权限为644
[student@client_1 ~]$ ll -d unarchive_client
drwxr-xr-x. 3 root root 21 Aug 5 22:31 unarchive_client
[root@server ~]# ansible client_1 -m unarchive -a "src=/root/txt.tar.gz dest=/home/student/unarchive_server copy=yes"
client_1 | CHANGED => {
[student@client_1 ~]$ ll -d unarchive_server
drwxr-xr-x. 4 root root 273 Aug 5 22:35 unarchive_server
5、cron模块使用
在node上为student用户设置周一到周五早上的9:00输出闹钟到/root/alarm_cron
[root@server ~]# ansible client_1 -m cron -a "weekday=1-5 hour=9 user=student name='student_alarm' job='echo alarm > /root/alarm_cron'"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"envs": [],
"jobs": [
"student_alarm"
]
}
6、user模块使用
创建用户
[root@server ~]# ansible client_1 -m user -a "name=tom"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1113,
"home": "/home/tom",
"name": "tom",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1113
}
删除用户
[root@server ~]# ansible client_1 -m user -a "name=tom state=absent remove=yes"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"force": false,
"name": "tom",
"remove": true,
"state": "absent"
}
7、group模块使用
创建组
[root@server ~]# ansible client_1 -m group -a "name=cat"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"gid": 1113,
"name": "cat",
"state": "present",
"system": false
}
删除组
[root@server ~]# ansible client_1 -m group -a "name=cat state=absent"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "cat",
"state": "absent"
}
8、yum_repository模块使用
设置两个软件仓库BaseOS和APPStream(本地yum源的配置)到文件my.repo
[root@server ~]# ansible client_1 -m yum_repository -a "name=BaseOS description='BaseOS' baseurl='file:///run/media/root/RHEL-8-3-0-BaseOS-x86_64/BaseOS' gpgcheck=no file=/etc/yum.repos.d/my"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"repo": "BaseOS",
"state": "present"
}
[root@server ~]# ansible client_1 -m yum_repository -a "name=AppStream description='AppStream' baseurl='file:///run/media/root/RHEL-8-3-0-BaseOS-x86_64/AppStream' gpgcheck=no file=/etc/yum.repos.d/my"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"repo": "AppStream",
"state": "present"
}
[student@client_1 yum.repos.d]$ cat my.repo
[BaseOS]
async = 1
baseurl = file:///run/media/root/RHEL-8-3-0-BaseOS-x86_64/BaseOS
gpgcheck = 0
name = BaseOS
[AppStream]
async = 1
baseurl = file:///run/media/root/RHEL-8-3-0-BaseOS-x86_64/AppStream
gpgcheck = 0
name = AppStream
9、yum/dnf模块使用
安装软件 lrzsz
[root@server ~]# ansible client_1 -m command -a "yum clean all"
client_1 | CHANGED | rc=0 >>
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
18 files removedRepository AppStream is listed more than once in the configuration
[root@server ~]# ansible client_1 -m command -a "yum makecache"
client_1 | CHANGED | rc=0 >>
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
CentOS-8.5.2111 - Base - mirrors.aliyun.com 9.6 kB/s | 3.9 kB 00:00
CentOS-8.5.2111 - Extras - mirrors.aliyun.com 8.3 kB/s | 1.5 kB 00:00
CentOS-8.5.2111 - AppStream - mirrors.aliyun.co 846 B/s | 4.3 kB 00:05
Metadata cache created.
[root@server ~]# ansible client_1 -m yum -a "name=lrzsz"
client_1 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"msg": "Nothing to do",
"rc": 0,
"results": []
}
10、service/systemd模块使用
关闭防火墙
[root@server ~]# ansible client_1 -m service -a "name=firewalld state=stopped"
client_1 | CHANGED => {
重启防火墙
[root@server ~]# ansible client_1 -m service -a "name=firewalld state=restarted"
client_1 | CHANGED => {
禁用防火墙
[root@server ~]# ansible client_1 -m service -a "name=firewalld enabled=no"
client_1 | CHANGED => {
11、firewalld模块使用
添加端口22
[root@server ~]# ansible client_1 -m firewalld -a "port=22/tcp permanent=true immediate=true state=enabled"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Permanent and Non-Permanent(immediate) operation, Changed port 22/tcp to enabled"
}
添加服务 http
[root@server ~]# ansible client_1 -m firewalld -a "service=http permanent=true immediate=true state=enabled"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Permanent and Non-Permanent(immediate) operation, Changed service http to enabled"
}
添加富规则:允许192.168.xxx.0/24来访问http的80端口
[root@server ~]# ansible client_1 -m firewalld -a 'rich_rule="rule family=ipv4 source address=192.168.5.130/24 service name=http accept" state=enabled'
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Non-permanent operation, Changed rich_rule rule family=ipv4 source address=192.168.5.130/24 service name=http accept to enabled"
}
删除富规则
[root@server ~]# ansible client_1 -m firewalld -a 'rich_rule="rule family=ipv4 source address=192.168.5.130/24 service name=http accept" state=disabled'
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Non-permanent operation, Changed rich_rule rule family=ipv4 source address=192.168.5.130/24 service name=http accept to disabled"
}
12、selinux模块使用
设置selinux工作模式为permissive
[root@server ~]# ansible client_1 -m selinux -a "state=permissive policy=targeted"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"configfile": "/etc/selinux/config",
"msg": "SELinux state changed from 'enforcing' to 'permissive', Config SELinux state changed from 'enforcing' to 'permissive'",
"policy": "targeted",
"reboot_required": false,
"state": "permissive"
}
13、nmcli模块使用
在node上添加一块网卡,设置IP,gw, method, dns,type,和自动连接
[root@server ~]# ansible client_1 -m nmcli -a 'conn_name=ens160 ip4=192.168.5.199/24 gw4=192.168.5.2 dns4=8.8.8.8 state=present type=ethernet method4=manual autoconnect=true'
client_1 | CHANGED => {
"Exists": "Connections do exist so we are modifying them",
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"conn_name": "ens160",
"state": "present"
}
14、get_url模块使用
去梨视频找个视频下载下来
[root@server ~]# ansible client_1 -m get_url -a "url=https://video.pearvideo.com/mp4/adshort/20180817/cont-1414173-12687755_adpkg-ad_hd.mp4 dest=/home/student/lishipin.mp4"
client_1 | CHANGED => {
[student@client_1 ~]$ ls lishipin.mp4
lishipin.mp4
15、uri模块使用
访问百度,并能获取到百度源码
[root@server ~]# ansible client_1 -m uri -a "url=https://www.baidu.com return_content=yes"
16、parted模块使用
新增一块儿1GB的磁盘
然后对磁盘进行分区: 分区1: 400M,分区2: 200M, 分区3:200M,且设置分区1和分区2类型为LVM
[root@server ~]# ansible client_1 -m parted -a "device=/dev/sda number=1 flags=lvm part_end=400MB state=present"
client_1 | CHANGED => {
[root@server ~]# ansible client_1 -m parted -a "device=/dev/sda number=2 flags=lvm part_start=400MB part_end=600MB state=present"
client_1 | CHANGED => {
[root@server ~]# ansible client_1 -m parted -a "device=/dev/sda number=3 part_start=600MB part_end=800MB state=present"
client_1 | CHANGED => {
[student@client_1 ~]$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 1G 0 disk
├─sda1 8:1 0 380M 0 part
├─sda2 8:2 0 191M 0 part
└─sda3 8:3 0 191M 0 part
17、lvg模块使用
用上面parted建立的分区: 创建卷组
[root@server ~]# ansible client_1 -m lvg -a "pvs=/dev/sda1,/dev/sda2 vg=myvg"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true
}
18、lvol模块使用
在上面卷组的基础上创建逻辑卷:500M
[root@server ~]# ansible client_1 -m lvol -a "vg=myvg lv=mylv size=500M"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": ""
}
[student@client_1 ~]$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 1G 0 disk
├─sda1 8:1 0 380M 0 part
│ └─myvg-mylv 253:2 0 500M 0 lvm
├─sda2 8:2 0 191M 0 part
│ └─myvg-mylv 253:2 0 500M 0 lvm
└─sda3 8:3 0 191M 0 part 19、filesystem模块使用
为逻辑卷和分区3设置文件系统类型为 xfs
[root@server ~]# ansible client_1 -m filesystem -a "dev=/dev/myvg/mylv fstype=xfs force=yes"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true
}
[root@server ~]# ansible client_1 -m filesystem -a "dev=/dev/sda3 fstype=xfs force=yes"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true
}
20、mount模块使用
为上面的逻辑卷和分区3进行挂载(分别使用mounted和present)
-
mounted: 配置在fstab,并且挂载,挂载点不存在则自动创建
[root@server ~]# ansible client_1 -m mount -a "src=/dev/myvg/mylv path=/mnt fstype=xfs state=mounted"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup_file": "",
"boot": "yes",
"changed": true,
"dump": "0",
"fstab": "/etc/fstab",
"fstype": "xfs",
"name": "/mnt",
"opts": "defaults",
"passno": "0",
"src": "/dev/myvg/mylv"
}
[student@client_1 mnt]$ mount
……
/dev/mapper/myvg-mylv on /mnt type xfs (rw,relatime,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota)
[student@client_1 mnt]$ cat /etc/fstab
/dev/mapper/rhel-root / xfs defaults 0 0
UUID=6ae7e90c-2bc5-4ddb-bd61-1e59915a905f /boot xfs defaults 0 0
/dev/mapper/rhel-swap none swap defaults 0 0
/dev/myvg/mylv /mnt xfs defaults 0 0
- present: 只是在fstab配置, 不挂载
[root@server ~]# ansible client_1 -m mount -a "src=/dev/sda3 path=/mnt fstype=xfs state=present"
client_1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup_file": "",
"boot": "yes",
"changed": true,
"dump": "0",
"fstab": "/etc/fstab",
"fstype": "xfs",
"name": "/mnt",
"opts": "defaults",
"passno": "0",
"src": "/dev/sda3"
}
[student@client_1 mnt]$ mount
……
/dev/mapper/myvg-mylv on /mnt type xfs (rw,relatime,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota)
[student@client_1 mnt]$ cat /etc/fstab
/dev/mapper/rhel-root / xfs defaults 0 0
UUID=6ae7e90c-2bc5-4ddb-bd61-1e59915a905f /boot xfs defaults 0 0
/dev/mapper/rhel-swap none swap defaults 0 0
/dev/sda3 /mnt xfs defaults 0 0
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
