1 ansible命令详解
ansible命令的语法格式如下:
ansible <host-pattern> [-m module_name] [-a args]
host-pattern使用说明:
# 匹配所有主机all
ansible all -m ping
# 通配符
ansible "*" -m ping <==匹配所有主机同all
ansible 10.0.0.* -m ping <==匹配10.0.0网段的所有主机
# 与:在webservers组;并且在dbservers中的主机;
ansible "webservers:&dbservers" -m ping
# 或:在webservers组,或者在appservers中的主机;
ansible "webservers:appservers" -m ping
# 非:在webservers组,但不在apps组中的主机
ansible 'webservers:!apps' -m ping
#属于web或db但不属于app排除ftp组内的主机
ansible 'web:db:&app:!ftp' -m ping
# 正则表达式:匹配以web或者db服务支持的所有example.com域名
ansible "~(web|db).*\.example\.com" -m ping
选项说明如下:
| 选项 | 说明 |
|---|---|
| -m module | 指定模块,默认为command |
| -a args | 模块参数,没有参数可忽略 |
| --version | 显示版本 |
| --list-hosts | 显示主机列表,可简写 --list |
| -k, --ask-pass | 当使用ssh密码认证时,提示输入ssh连接密码,默认基于秘钥验证 |
| -K, --ask-become-pass | 提示输入sudo时的口令 |
| -C, --check | 仅检查,并不执行 |
| -T, --timeout=TIMEOUT | 执行命令的超时时间,默认10s |
| -U, --user=REMOTE_USER | 远程执行命令的用户 |
| -b, --become | 代替旧版的sudo 切换 |
| -v | 详细过程 –vv 、-vvv更详细 |
-
示例一:使用秘钥验证
ansible是否成功安装,使用ping模块检测:[root@xuzhichao ~]# ansible all -m ping 192.168.20.23 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" } 192.168.20.22 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" } -
示例二:使用ssh密码的方式管理被控端:
[root@xuzhichao ~]# ansible all -m ping -k SSH password: 192.168.20.22 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" } 192.168.20.23 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" } -
示例三:使用普通用户
xu在远程主机在使用sudo切换到root身份执行命令:[root@nginx02 ~]# visudo xu ALL=(ALL) ALL #第一个密码是ssh的密码(可以通过key验证解决),第二个密码是sudo的密码(可以通过visudo中的NOPASSWD选项解决) [root@xuzhichao ~]# ansible all -u xu -a "id" -k -K -b SSH password: BECOME password[defaults to SSH password]: 192.168.20.22 | CHANGED | rc=0 >> uid=0(root) gid=0(root) groups=0(root) 192.168.20.23 | CHANGED | rc=0 >> uid=0(root) gid=0(root) groups=0(root)
2 ansible-doc显示模块帮助信息
ansible-doc语法格式如下:
ansible-doc [options] [module…]
常用选项如下:
| 选项 | 说明 |
|---|---|
| -a | 显示所有模块的文档 |
| -l, --list | 列出可用模块 |
| -s, --snippet | 显示指定模块的playbook片段 |
-
示例一:查看
shell模块的帮助信息:[root@xuzhichao ~]# ansible-doc shell > SHELL (/usr/lib/python2.7/site-packages/ansible/modules/commands/shell.py) The `shell' module takes the command name followed by a list of space-delimited arguments. Either a free form command or `cmd' parameter is required, see the examples. It is almost exactly like the [command] module but runs the command through a shell (`/bin/sh') on the remote node. For Windows targets, use the [win_shell] module instead. * This module is maintained by The Ansible Core Team * note: This module has a corresponding action plugin. OPTIONS (= is mandatory): <==模块选项 - chdir Change into this directory before running the command. [Default: (null)] type: path version_added: 0.6 - cmd The command to run followed by optional arguments. [Default: (null)] type: str - creates A filename, when it already exists, this step will *not* be run. [Default: (null)] type: path EXAMPLES: <==使用示例 - name: Execute the command in remote shell; stdout goes to the specified file on the remote. shell: somescript.sh >> somelog.txt - name: Change the working directory to somedir/ before executing the command. shell: somescript.sh >> somelog.txt args: chdir: somedir/ # You can also use the 'args' form to provide the options. - name: This command will change the working directory to somedir/ and will only run when somedir/somelog.txt doesn't exist. shell: somescript.sh >> somelog.txt args: chdir: somedir/ creates: somelog.txt # You can also use the 'cmd' parameter instead of free form format. - name: This command will change the working directory to somedir/. shell: cmd: ls -l | grep log chdir: somedir/ - name: Run a command that uses non-posix shell-isms (in this example /bin/sh doesn't handle redirection and wildcards together but bash does) shell: cat < /tmp/*txt args: executable: /bin/bash - name: Run a command using a templated variable (always use quote filter to avoid injection) shell: cat {{ myfile|quote }} # You can use shell to run other executables to perform actions inline - name: Run expect to wait for a successful PXE boot via out-of-band CIMC shell: | set timeout 300 spawn ssh admin@{{ cimc_host }} expect "password:" send "{{ cimc_password }}\n" -
示例二:查看
ansible共加载了多少模块:[root@xuzhichao ~]# ansible-doc -l | wc -l 3387 -
示例三:查看模块的简要说明,主要包括用法和选项:
[root@xuzhichao ~]# ansible-doc -s shell - name: Execute shell commands on targets shell: chdir: # Change into this directory before running the command. cmd: # The command to run followed by optional arguments. creates: # A filename, when it already exists, this step will *not* be run. executable: # Change the shell used to execute the command. This expects an absolute path to the executable. free_form: # The shell module takes a free form command to run, as a string. There is no actual parameter named 'free form'. See the examples on how to use this module. removes: # A filename, when it does not exist, this step will *not* be run. stdin: # Set the stdin of the command directly to the specified value. stdin_add_newline: # Whether to append a newline to stdin data. warn: # Whether to enable task warnings.
3 ansible-playbook
功能:用于执行配置好的剧本。
语法格式为:
ansible-playbook <filename.yml> ... [options]
常用选项如下:
| 选项 | 说明 |
|---|---|
| -C,--check | 只检测可能会发生的改变,但不真正执行操作 |
| --list-hosts | 列出运行任务的主机 |
| --limit 主机列表 | 只针对主机列表中的主机执行 |
| -v | 显示过程 -vv -vvv 更详细 |
| --syntax-check | 检查语法 |
| -e | 向playbook命令中传递变量 |
| -i | 指定inventory主机清单文件,默认为/etc/ansible/roles |
示例:
#只检测
ansible-playbook file.yml --check
#执行剧本
ansible-playbook file.yml
#执行剧本,只针对hosts中的websrvs组
ansible-playbook file.yml --limit websrvs
4 ansible-galaxy
-
主要功能:管理从
https://galaxy.ansible.com下载的各种roles; -
获取
galaxy:从
https://galaxy.ansible.com获取,选取相应roles,复制下载命令 -
列出所有已安装的
galaxy:[root@xuzhichao ~]# ansible-galaxy list # /root/.ansible/roles - geerlingguy.apache, 3.1.4 # /usr/share/ansible/roles # /etc/ansible/roles -
安装
galaxy:[root@xuzhichao ~]# ansible-galaxy install geerlingguy.apache - downloading role 'apache', owned by geerlingguy - downloading role from https://github.com/geerlingguy/ansible-role-apache/archive/3.1.4.tar.gz - extracting geerlingguy.apache to /root/.ansible/roles/geerlingguy.apache - geerlingguy.apache (3.1.4) was installed successfully -
删除galaxy:
[root@xuzhichao ~]# ansible-galaxy remove geerlingguy.apache - successfully removed geerlingguy.apache
5 ansible-console
Ansible-console:2.0+新增,可交互执行命令。
使用示例如下:
[root@xuzhichao ~]# ansible-console
Welcome to the ansible console.
Type help or ? to list commands.
root@all (2)[f:5]# forks 5 <==设置并发数
root@all (2)[f:5]# cd NginxWebs <==切换主机组
root@NginxWebs (2)[f:5]# list <==列出主机组的成员
192.168.20.22
192.168.20.23
root@NginxWebs (2)[f:5]# shell df <==直接输入模块和服务名,不需要加-m和-a
192.168.20.23 | CHANGED | rc=0 >>
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 485896 0 485896 0% /dev
tmpfs 497840 0 497840 0% /dev/shm
tmpfs 497840 7864 489976 2% /run
tmpfs 497840 0 497840 0% /sys/fs/cgroup
/dev/mapper/centos-root 52403200 3284320 49118880 7% /
/dev/sda1 1038336 139940 898396 14% /boot
/dev/mapper/centos-home 154057220 119636 153937584 1% /data
tmpfs 99572 0 99572 0% /run/user/0
192.168.20.22 | CHANGED | rc=0 >>
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 485896 0 485896 0% /dev
tmpfs 497840 0 497840 0% /dev/shm
tmpfs 497840 7924 489916 2% /run
tmpfs 497840 0 497840 0% /sys/fs/cgroup
/dev/mapper/centos-root 52403200 3338584 49064616 7% /
/dev/sda1 1038336 139940 898396 14% /boot
/dev/mapper/centos-home 154057220 202628 153854592 1% /data
tmpfs 99572 0 99572 0% /run/user/0
root@NginxWebs (2)[f:5]# help <==列出所有的内置命令
Documented commands (type help <topic>):
========================================
EOF
a10
a10_server
a10_server_axapi3
a10_service_group
a10_virtual_server
accelerate
aci
......
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
