目录
?练习1:在server2上执行hostname命令,命令如下。
练习1:在server2上创建一个文件/opt/hosts,并设置所有者为root,所属组为tom,权限为444,命令如下。
?练习2:为/opt/hosts创建一个软链接/opt/hosts123,命令如下。
?练习4:创建目录/op/xx,上下文设置为default_t,命令如下。
?练习5:把/opt/hosts的权限改成000,所有者改成tom,所属组改成users,命令如下。
练习1:把本地的文件/etc/ansible/hosts拷贝到目标机器的/opt目录中,并设置权限为 000,所有者为tom,命令如下
练习2:在被管理机器的/opt目录中创建11.txt,内容为123124,命令如下。?
ansible的基本用法如下。
ansible 机器名 ‐m 模块× ‐a "模块的参数”对被管理机器执行不同的操作,只需要调用不同的模块就可以了。ansible中内置了很多的模块,可以通过ansible-doc -l查看系统中所有的模块
[bdqn@RHEL813 ~]$ ansible-doc -l
a10_server Manage A10 Networks AX/SoftAX/Thunder/vThunder devices' ser...
a10_server_axapi3 Manage A10 Networks AX/SoftAX/Thunder/vThunder devices
a10_service_group Manage A10 Networks AX/SoftAX/Thunder/vThunder devices' ser...
a10_virtual_server Manage A10 Networks AX/SoftAX/Thunder/vThunder devices' vir...
aci_aaa_user Manage AAA users (aaa:User)
......按【Enter】键会一行一行地往下显示,按空格键会一页一页地往下显示,按【q】键退出
不同的模块有不同的参数,如果要查看某个模块的参数,可以通过如下语法来查看。?
ansible‐doc 模块名ansible中有很多模块,每个模块也有很多参数,我们是不可能把所有的模块、每个模块的所有参数都掌握的。所以,下面我们只讲解最常见的模块及这些模块中最常见的参数的使用方法
shell模块可以在远端执行操作系统命令,具体用法如下。?
ansible 主机组 ‐m shell ‐a "系统命令"?练习1:在server2上执行hostname命令,命令如下。
[bdqn@RHEL813 ~]$ ansible server2 -m shell -a "hostname"
server2 | CHANGED | rc=0 >>
RHEL8
[bdqn@RHEL813 ~]$ 这里rc=0的意思是执行此命令之后的返回值为0,rc的意思是returm code(返回值),为0说明正确执行了,非零说明没有正确执行。
练习2:在 server2上执行一个错误的命令,命令如下。 ?
[bdqn@RHEL813 ~]$ ansible server2 -m shell -a "hostnamexx"
server2 | FAILED | rc=127 >>
/bin/sh: hostnamexx: 未找到命令non-zero return code
[bdqn@RHEL813 ~]$ ?这里rc=127的意思是执行此命令之后的返回值为127,非零说明没有正确执行。
file模块用于创建和删除文件/目录,修改文件/目录属性,其常见的参数包括以下几个。 ?
(1)path:用于指定文件/目录的路径,此选项可以用name或dest替代。(2)state:指定行为。(3)touch:创建文件。(4)directory:创建目录。(5)file:对已存文件进行修改。(6)absent:删除。(7)link:软链接。(8)hard:硬链接。(9)其他参数:owner指定所有者,group指定所属组,mode指定权限,setype指定上下文
[bdqn@RHEL813 ~]$ ansible server2 -m file -a "path=/opt/hosts owner=root group=tom mode=444 state=touch"
server2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"dest": "/opt/hosts",
"gid": 1001,
"group": "tom",
"mode": "0444",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 0,
"state": "file",
"uid": 0
}
[bdqn@RHEL813 ~]$
需要注意的是,此处用path指定的文件,替换成name也是可以的,即name=/opt/hosts。查看文件的属性,命令如下。
[bdqn@RHEL813 ~]$ ansible server2 -m shell -a "ls -l /opt/hosts"
server2 | CHANGED | rc=0 >>
-r--r--r--. 1 root tom 0 12月 18 10:59 /opt/hosts
[bdqn@RHEL813 ~]$ ?练习2:为/opt/hosts创建一个软链接/opt/hosts123,命令如下。
[bdqn@RHEL813 ~]$ ansible server2 -m file -a "src=/opt/hosts dest=/opt/hosts123 state=link"
server2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"dest": "/opt/hosts123",
"gid": 0,
"group": "root",
"mode": "0777",
"owner": "root",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 10,
"src": "/opt/hosts",
"state": "link",
"uid": 0
}
[bdqn@RHEL813 ~]$
?验证,命令如下
[bdqn@RHEL813 ~]$ ansible server2 -m shell -a "ls -l /opt/"
server2 | CHANGED | rc=0 >>
总用量 0
-r--r--r--. 1 root tom 0 12月 18 10:59 hosts
lrwxrwxrwx. 1 root root 10 12月 18 11:03 hosts123 -> /opt/hosts
[bdqn@RHEL813 ~]$
[bdqn@RHEL813 ~]$ ansible server2 -m file -a "name=/opt/hosts123 state=absent"
server2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"path": "/opt/hosts123",
"state": "absent"
}
[bdqn@RHEL813 ~]$
[bdqn@RHEL813 ~]$ ansible server2 -m file -a "name=/opt/xx state=directory setype=default_t"
server2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/opt/xx",
"secontext": "unconfined_u:object_r:default_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
[bdqn@RHEL813 ~]$
[bdqn@RHEL813 ~]$ ansible server2 -m file -a "name=/opt/hosts owner=tom
group=users mode=000"
server2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"gid": 100,
"group": "users",
"mode": "0000",
"owner": "tom",
"path": "/opt/hosts",
"secontext": "unconfined_u:object_r:usr_t:s0",
"size": 0,
"state": "file",
"uid": 1001
}
[bdqn@RHEL813 ~]$
?验证,命令如下。
[bdqn@RHEL813 ~]$ ansible server2 -m shell -a "ls -l /opt/hosts"
server2 | CHANGED | rc=0 >>
----------. 1 tom users 0 12月 18 10:59 /opt/hosts
[bdqn@RHEL813 ~]$
注意指定文件时用name或 path都是可以的。
?清空server2 上/opt中所有的内容,命令如下。
[bdqn@RHEL813 ~]$ ansible server2 -m shell -a "rm -rf /opt/*"
[WARNING]: Consider using the file module with state=absent rather than running 'rm'. If you need to use command because
file is insufficient you can add 'warn: false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid
of this message.
server2 | CHANGED | rc=0 >>
[bdqn@RHEL813 ~]$
上面的WARNING可以忽略不管,如果不想显示此消息,则在ansible.cfg的[defaults]字段下添加 command warnings=False即可
copy用于把本地的文件拷贝到被管理机器,语法如下。?
ansible 主机组 ‐m copy ‐a "src=/path1/file1 dest=path2/"?作用是把本地的/path1/file1拷贝到目的主机的/path2中。
(1) src:源文件。(2)dest:目的地,即拷贝到哪里。(3)owner:所有者。(4)group:所属组。? (5)mode:权限。
练习1:把本地的文件/etc/ansible/hosts拷贝到目标机器的/opt目录中,并设置权限为 000,所有者为tom,命令如下
[bdqn@RHEL813 ~]$ ansible server2 -m copy -a "src=/etc/ansible/hosts owner=tom mode=000 dest=/opt"
server2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "da996f1a52dbae3b6b43a6c50d761e4ed5ec9a9f",
"dest": "/opt/hosts",
"gid": 0,
"group": "root",
"md5sum": "1564b951dc7c8511c6f9ee842653c541",
"mode": "0000",
"owner": "tom",
"secontext": "system_u:object_r:usr_t:s0",
"size": 1016,
"src": "/home/bdqn/.ansible/tmp/ansible-tmp-1702869506.0677-3313-4605688721729/source",
"state": "file",
"uid": 1001
}
[bdqn@RHEL813 ~]$
[bdqn@RHEL813 ~]$ ansible server2 -m shell -a "ls -l /opt/hosts"
server2 | CHANGED | rc=0 >>
----------. 1 tom root 1016 12月 18 11:18 /opt/hosts
[bdqn@RHEL813 ~]$
练习2:在被管理机器的/opt目录中创建11.txt,内容为123124,命令如下。?
[bdqn@RHEL813 ~]$ ansible server2 -m copy -a "content="123124" dest=/opt/11.txt"
server2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "42c231120f22dfd0f0ee3446cdcc5fb5dfb02855",
"dest": "/opt/11.txt",
"gid": 0,
"group": "root",
"md5sum": "42ed37b390f90c05bded56edb191e152",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:usr_t:s0",
"size": 6,
"src": "/home/bdqn/.ansible/tmp/ansible-tmp-1702869643.357178-3382-56372508734075/source",
"state": "file",
"uid": 0
}
[bdqn@RHEL813 ~]$
?验证/opt/11.txt的内容,命令如下。
[bdqn@RHEL813 ~]$ ansible server2 -m shell -a "cat /opt/11.txt"
server2 | CHANGED | rc=0 >>
123124
[bdqn@RHEL813 ~]$
fetch用于把文件从被管理机器拷贝到当前目录中,命令如下?
[bdqn@RHEL813 ~]$ ansible server2 -m fetch -a "src=/opt/hosts dest=."
server2 | CHANGED => {
"changed": true,
"checksum": "da996f1a52dbae3b6b43a6c50d761e4ed5ec9a9f",
"dest": "/home/bdqn/server2/opt/hosts",
"md5sum": "1564b951dc7c8511c6f9ee842653c541",
"remote_checksum": "da996f1a52dbae3b6b43a6c50d761e4ed5ec9a9f",
"remote_md5sum": null
}
[bdqn@RHEL813 ~]$
?查看,命令如下。
[bdqn@RHEL813 ~]$ tree server2
server2
└── opt
└── hosts
1 directory, 1 file
[bdqn@RHEL813 ~]$
利用yum_repository设置yum 源,一个标准的repo配置文件如下所示。?
[root@RHEL813 ~]# cat /etc/yum.repos.d/aa.repo
[aa]
name=aa
baseurl=file:///mnt/AppStream
enabled=1
gpgcheck=0
[root@RHEL813 ~]# ?其中[ ]中的名称用于区分不同的yum 源。这里参数的含义如下。
(1)name:此 yum 源的描述信息。(2) baseurl:用于指定yum源的具体地址。(3)enabled:用于指定是否启用此 yum 源。(4)gpgcheck:用于指定在安装软件包时,是否要进行数字签名的验证,一般设置为0即可。(5)gpgkey:在gpgcheck设置为1的情况下,用于指定公钥的位置。
(1)name:repo配置文件里 [] 中的名称。(2)description:repo配置文件里name字段的描述信息。(3)baseurl :用于指定yum源的位置。(4)enabled :是否启用源,值为true 或false。(5)gpgcheck:是否启用数字签名验证,值为true或falsc。(6) gpgkey:用于指定公钥的 位置。
命令如下
[bdqn@RHEL813 ~]$ ansible server2 -m yum_repository -a "name=app description='this is appstream' baseurl=ftp://192.168.8.11/dvd/AppStream gpgcheck=yes gpgkey=ftp://192.168.103.17/dvd/RPM-GPG-KEY-redhat-release"
server2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"repo": "app",
"state": "present"
}
[bdqn@RHEL813 ~]$
[bdqn@RHEL813 ~]$ ansible server2 -m shell -a "ls /etc/yum.repos.d/"
server2 | CHANGED | rc=0 >>
app.repo
redhat.repo
[bdqn@RHEL813 ~]$
[bdqn@RHEL813 ~]$ ansible server2 -m yum_repository -a "name=baseos description='this is baseos' baseurl=ftp://192.168.8.11/dvd/BaseOS gpgcheck=yes gpgkey=ftp://192.168.8.11/dvd/RPM-GPG-KEY-redhat-release"
server2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"repo": "baseos",
"state": "present"
}
[bdqn@RHEL813 ~]$
?验证,命令如下
[bdqn@RHEL813 ~]$ ansible server2 -m shell -a "ls /etc/yum.repos.d/"
server2 | CHANGED | rc=0 >>
app.repo
baseos.repo
redhat.repo
[bdqn@RHEL813 ~]$