1. Ansible清单
1.1 清单的作用
作用:定义了ansible服务器管理的一批受管主机,通过执行Ansible模块,在调用过程中直接对清单中的主机进行批量管理
1.2清单文件的位置
清单配置文件的默认位置在 /etc/ansible/hosts,可以通过修改该配置文件来指定不同的默认清单文件。可以使用不同的格式编写此文件,包括INI样式和YAML。
对于默认清单我们一般不使用,通常为了方便每一位管理者的管理,管理者均会在自己的文件夹目录中设置自己的清单目录。
ansible清单文件的优先级
1.首先ANSIBLE_CONFIG环境变量指定的任何文件将覆盖所有其他配置文件,定义了此变量时Ansible将使用变量所指定的配置文件
[root@localhost opt]# ansible --version
ansible 2.9.23
config file = /opt/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Apr 11 2018, 07:36:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
[root@localhost opt]#2.其次如果没有设置该变量找执行ansible命令的当前目录中,是否有 ansible.cfg文件
实例://其次使用当前目录下的ansible.cfg文件环境配置
[root@localhost gg]# ansible --version
ansible 2.9.23
config file = /opt/gg/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Apr 11 2018, 07:36:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
[root@localhost gg]#3.如果找不到,再查找当前用户的家目录下是否有 .ansible.cfg~/.ansible.cfg
实例://再次使用当前用户家目录下的./ansibe.cfg文件配置
[root@localhost ~]# ansible --version
ansible 2.9.23
config file = /root/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Apr 11 2018, 07:36:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
[root@localhost ~]#ansible --version 命令中,会显示检查当前使用的是哪个配置文件;
设置环境变量 export ANSIBLE_CONFIG=
总结:ANSIBLE_CONFIG >> $ANSIBLE_CONFIG/ansible.cfg >> ~/.ansible.cfg>>/etc/ansible/ansible.cfgansible查看帮助文档
ansible-doc -l //列出所有核心模块和附加模块
实例:列出所有模块
[root@localhost ~]# ansible-doc -l
fortios_router_community_list Configure community lists in Fo...
azure_rm_devtestlab_info Get Azure DevTest Lab facts
ecs_taskdefinition register a task definition in e...
avi_alertscriptconfig Module for setup of AlertScript...
tower_receive Receive assets from Ansible Tow...
netapp_e_iscsi_target NetApp E-Series manage iSCSI ta...
azure_rm_acs Manage an Azure Container Servi...
fortios_log_syslogd2_filter Filters for remote system serve...
junos_rpc Runs an arbitrary RPC over NetC...ansible-doc modulename //查看某个模块的使用方法
ansible-doc -s modulename //查询某个模块的使用比较简洁的信息
实例:查看user模块的使用方法
[root@localhost ~]# ansible-doc -s user
- name: Manage user accounts
user:
append: # If `yes', add the user to the groups specified in `groups'. If
`no', user will only be added to
the groups specified in `groups',
removing them from all other
groups. Mutually exclusive with
`local'
authorization: # Sets the authorization of the user. Does nothing when used with
other platforms. Can set multiple
authorizations using comma
separation. To delete all
authorizations, use
`authorization='''. Currently
supported on Illumos/Solaris.也可以直接官网进行查看帮助文档
2.模块介绍
Ansible的三个命令模块
command
command:用于在远程主机上执行命令,ansible默认就是使用command模块。
不支持">“,”<“,”|“,”;“,”&"等符号
参数
参数 | 释义 |
chdir 在执行命令前进入到指定目录中 | |
creates 判断指定文件是否存在,如果存在,不执行后面的操作 | |
removes 判断指定文件是否存在,如果存在,执行后面的操作 |
控制两台主机使用hostname命令。
[root@master ansible]# cat inventory
192.168.101.100
[webservers]
192.168.101.120 ansible_user=root ansible_password=a
[root@master ansible]# ansible all -m command -a "hostname"
192.168.101.100 | CHANGED | rc=0 >>
localhost.localdomain
192.168.101.120 | CHANGED | rc=0 >>
node1chird
[root@master ansible]# cat inventory
192.168.101.100
[webservers]
192.168.101.120 ansible_user=root ansible_password=a
[root@master ansible]# ansible all -m command -a "hostname"
192.168.101.100 | CHANGED | rc=0 >>
localhost.localdomain
192.168.101.120 | CHANGED | rc=0 >>
node1shell
shell:类似于command模块,但是功能更多
支持">“,”<“,”|“,”;“,”&"等符号
参数:与command相同
实例:
[root@master ansible]# ansible 192.168.101.110 -m shell -a "yum list | grep httpd"
[WARNING]: Consider using the yum module rather than running 'yum'. If you need to use command
because yum is insufficient you can add 'warn: false' to this command task or set
'command_warnings=False' in ansible.cfg to get rid of this message.
192.168.101.110 | CHANGED | rc=0 >>
centos-logos-httpd.noarch 85.8-1.el8 appstream
dmlite-apache-httpd.x86_64 1.15.0-4.el8 epel
httpd.x86_64 2.4.37-40.module_el8.5.0+852+0aafc63b appstream
httpd-devel.x86_64 2.4.37-40.module_el8.5.0+852+0aafc63b appstream
httpd-filesystem.noarch 2.4.37-40.module_el8.5.0+852+0aafc63b appstream
httpd-manual.noarch 2.4.37-40.module_el8.5.0+852+0aafc63b appstream
httpd-tools.x86_64 2.4.37-40.module_el8.5.0+852+0aafc63b appstream
keycloak-httpd-client-install.noarch 1.0-2.el8 appstream
libmicrohttpd.i686 1:0.9.59-2.el8 baseos
libmicrohttpd.x86_64 1:0.9.59-2.el8 baseos
lighttpd.x86_64 1.4.55-3.el8 epel
lighttpd-fastcgi.x86_64 1.4.55-3.el8 epel
lighttpd-filesystem.noarch 1.4.55-3.el8raw
raw:用于在远程主机上执行命令,支持管道符与重定向
实例:
[root@master ansible]# ansible 192.168.101.110 -m raw -a "echo '123' > /abc/file1"
192.168.101.110 | CHANGED | rc=0 >>
Shared connection to 192.168.101.110 closed.
[root@master ansible]# ansible 192.168.101.110 -m raw -a "cat /abc/file1"
192.168.101.110 | CHANGED | rc=0 >>
123
Shared connection to 192.168.101.110 closed.
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
