ansible系统命令帮助文档查看方法:
ansible-doc -l --- 列出所有可用的模块信息
ansible-doc -s cron --- 查看指定模块的参数信息
ansible mount -m setup -vvvv --- 主要用于排查ansible批量管理错误(输出详细信息)
ansible软件命令参数总结(最常用)
-k, --ask-pass ask for connection password
以交互方式输入密码,进行远程管理
开始之前需要给客户端做SSH认证,在/etc/ansible/hosts 配置一个test组,里面填写主机IP
[test]
192.168.0.24
192.168.0.151
备注:需要熟练掌握/etc/ansible/,主要功能是:Inventory主机信息配置、Ansible工具功能配置等。
执行文件目录:/usr/bin/,主要功能是:Ansible系列命令默认存放目录。Ansible所有的可执行文件存放在该目录下。
四、ansible基本配置模块或者说是常用模块
1,copy 模块
2,file 模块
3,cron 模块
4,group 模块
5,user 模块
6,yum 模块
7,service 模块
8,script 模块
9,ping 模块
10,command 模块
11,raw 模块
12,get_url 模块
13,synchronize 模块
4.1)copy 模块:
目的:把主控端/data下的nagios-3.5.1.tar.gz文件拷贝到【test】组节点上
命令参数:ansible test -m copy -a ‘src=/data/nagios-3.5.1.tar.gz dest=/data/‘
[root@Ansible data]# ansible test -m copy -a ‘src=/data/nagios-3.5.1.tar.gz dest=/data/‘
192.168.0.24 | SUCCESS => {
"changed": true,
"checksum": "486fd6c75db47000b96d6eebb1654c30d5e9bc72",
"dest": "/data/nagios-3.5.1.tar.gz",
"gid": 0,
"group": "root",
"md5sum": "9947ed3d220b4da86710884260d42856",
"mode": "0644",
"owner": "root",
"size": 1763584,
"src": "/root/.ansible/tmp/ansible-tmp-1521010564.77-89092202669155/source",
"state": "file",
"uid": 0
}
192.168.0.151 | SUCCESS => {
"changed": true,
"checksum": "486fd6c75db47000b96d6eebb1654c30d5e9bc72",
"dest": "/data/nagios-3.5.1.tar.gz",
"gid": 0,
"group": "root",
"md5sum": "9947ed3d220b4da86710884260d42856",
"mode": "0644",
"owner": "root",
"size": 1763584,
"src": "/root/.ansible/tmp/ansible-tmp-1521010564.78-232268640712511/source",
"state": "file",
"uid": 0
}
4.2)file模块:
目的:更改指定【test】组节点上/tmp/t.sh的权限为755,属主和属组为root
命令参数:ansible test -m file -a "dest=/soft mode=755 owner=root group=root"
[root@Ansible data]# ansible test -m file -a "dest=/soft mode=755 owner=root group=root"
192.168.0.24 | SUCCESS => {
"changed": false,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/soft",
"size": 4096,
"state": "directory",
"uid": 0
}
192.168.0.151 | SUCCESS => {
"changed": false,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/soft",
"size": 4096,
"state": "directory",
"uid": 0
}
4.3)cron模块:
目的:在指定【test】组节点上定义一个计划任务,每隔5分钟到NTPserver上更新一次时间
命令:ansible test -m cron -a ‘name="#time sync by tony at 2018-01-29 " minute=/5 hour= day= month= weekday= job="/usr/sbin/ntpdate pool.ntp.org >/dev/null 2>&1"‘
[root@Ansible ~]# ansible test -m cron -a ‘name="#time sync by tony at 2018-01-29 " minute=/5 hour= day= month= weekday= job="/usr/sbin/ntpdate pool.ntp.org >/dev/null 2>&1"‘
192.168.0.24 | SUCCESS => {
"changed": true,
"envs": [],
"jobs": [
"#time sync by tony at 2018-01-29 "
]
}
4.4)group模块:
目的:在指定【test】组节点上创建一个组名为steki,gid为2018的组
命令:ansible test -m group -a ‘gid=2018 name=steki‘
[root@Ansible data]# ansible test -m group -a ‘gid=2018 name=steki‘
192.168.0.24 | SUCCESS => {
"changed": true,
"gid": 2018,
"name": "steki",
"state": "present",
"system": false
}
192.168.0.151 | SUCCESS => {
"changed": true,
"gid": 2018,
"name": "steki",
"state": "present",
"system": false
}
4.5.1)user模块:
目的:在指定【test】组节点上创建一个用户名为steki,组为steki的用户
命令:ansible test -m user -a ‘name=steki group=steki state=present‘
[root@Ansible data]# ansible test -m user -a ‘name=steki group=steki state=present‘
192.168.0.24 | SUCCESS => {
"changed": true,
"comment": "",
"createhome": true,
"group": 2018,
"home": "/home/steki",
"name": "steki",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 501
}
192.168.0.151 | SUCCESS => {
"changed": true,
"comment": "",
"createhome": true,
"group": 2018,
"home": "/home/steki",
"name": "steki",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 501
}
4.5.2)删除用户:
命令:ansible test -m user -a ‘name=tom group=tom state=absent remove=yes‘
[root@Ansible data]# ansible test -m user -a ‘name=tom group=tom state=absent remove=yes‘
192.168.0.24 | SUCCESS => {
"changed": true,
"force": false,
"name": "tom",
"remove": true,
"state": "absent"
}
192.168.0.151 | SUCCESS => {
"changed": true,
"force": false,
"name": "tom",
"remove": true,
"state": "absent"
}
4.6)yum模块:
目的:在指定【test】组节点上安装nmap服务
命令:ansible test -m yum -a "state=present name=nmap"
[root@Ansible data]# ansible test -m yum -a "state=present name=nmap"
192.168.0.151 | SUCCESS => {
"changed": false,
"msg": "",
"rc": 0,
"results": [
"2:nmap-5.51-6.el6.x86_64 providing nmap is already installed"
]
}
192.168.0.24 | SUCCESS => {
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Loaded plugins: aliases, changelog, downloadonly, fastestmirror, kabi, presto,\n
: security, tmprepo, verify, versionlock\nLoading support for CentOS kernel ABI\nLoading mirror
speeds from cached hostfile\n base: mirrors.aliyun.com\n epel: mirror01.idc.hinet.net\n extras:
mirrors.aliyun.com\n updates: mirrors.aliyun.com\nSetting up Install
Process\nResolving Dependencies\n--> Running transaction check\n--->
Package nmap.x86_64 2:5.51-6.el6 will be installed\n-->
Finished Dependency Resolution\n\nDependencies Resolved\n\n
================================================================================\n Package
Arch Version Repository
Size\n================================================================================\nInstalling:\n nmap
x86_64 2:5.51-6.el6 base
2.8 M\n\nTransaction Summary\n================================================================================\nInstall
1 Package(s)\n\nTotal download size: 2.8 M\nInstalled size: 9.7 M\nDownloading Packages:\nSetting up and reading Presto
delta metadata\nProcessing delta metadata\nPackage(s) data still to download: 2.8 M\nRunning rpm_check_debug\nRunning
Transaction Test\nTransaction Test Succeeded\nRunning Transaction\n\r Installing : 2:nmap-5.51-6.el6.x86_64 1/1 \n\r Verifying : 2:nmap-5.51-6.el6.x86_64 1/1 \n\nInstalled:\n nmap.x86_64 2:5.51-6.el6 \n\nComplete!\n"
]
}
一般安装完软件后需要启动服务,你可以使用一下命令;如:
[root@Ansible ~]# ansible 192.168.0.24 -m command -a ‘/etc/init.d/mysqld start‘
4.7)service模块:
目的:启动指定【test】组节点上的httpd 服务,并让其开机自启动
命令:ansible 10.1.1.113 -m service -a ‘name=httpd state=restarted enabled=yes‘
[root@Ansible data]# ansible test -m service -a ‘name=httpd state=restarted enabled=yes‘
192.168.0.24 | SUCCESS => {
"changed": true,
"enabled": true,
"name": "httpd",
"state": "started"
}
192.168.0.151 | SUCCESS => {
"changed": true,
"enabled": true,
"name": "httpd",
"state": "started"
}
4.8)script模块:
目的:在指定【test】组节点上执行/root/a.sh脚本(该脚本是在ansible控制节点上的)
命令:ansible 10.1.1.113 -m script -a ‘/root/a.sh‘
4.9)ping模块:
目的:启动指定【test】组节点上机器是否还能连通
命令:ansible test -m ping
[root@Ansible data]# ansible test -m ping
192.168.0.24 | SUCCESS => {
"changed": false,
"ping": "pong"
}
192.168.0.151 | SUCCESS => {
"changed": false,
"ping": "pong"
}
4.10)command模块:
目的:启动指定【test】组节点上机器。
命令:ansible test -m command -a ‘ifconfig‘
[root@Ansible ~]# ansible test -m command -a ‘ifconfig‘
192.168.0.24 | SUCCESS | rc=0 >>
eth0 Link encap:Ethernet HWaddr 00:0C:29:78:5F:F7
inet addr:192.168.0.24 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe78:5ff7/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:357529 errors:0 dropped:0 overruns:0 frame:0
TX packets:29159 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:167617670 (159.8 MiB) TX bytes:2146356 (2.0 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:9 errors:0 dropped:0 overruns:0 frame:0
TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:612 (612.0 b) TX bytes:612 (612.0 b)
192.168.0.151 | SUCCESS | rc=0 >>
eth0 Link encap:Ethernet HWaddr 00:0C:29:4C:57:41
inet addr:192.168.0.151 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe4c:5741/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1957267 errors:0 dropped:0 overruns:0 frame:0
TX packets:968117 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:141562715 (135.0 MiB) TX bytes:1266001670 (1.1 GiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:31005 errors:0 dropped:0 overruns:0 frame:0
TX packets:31005 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4433126 (4.2 MiB) TX bytes:4433126 (4.2 MiB)
4.11)raw模块:
目的:在指定【test】组节点上运行hostname命令
命令:ansible test -m raw -a ‘hostname‘
[root@Ansible ~]# ansible test -m raw -a ‘hostname‘
192.168.0.24 | SUCCESS | rc=0 >>
Ansible
192.168.0.151 | SUCCESS | rc=0 >>
Nagios-Server
查看3306服务端口有没有启动。
[root@Ansible ~]# ansible test -m raw -a "netstat -lntup |grep 3306"
192.168.0.151 | SUCCESS | rc=0 >>
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 9217/mysqld
192.168.0.24 | SUCCESS | rc=0 >>
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 33502/mysqld
4.12)get_url模块:
目的:将http://192.168.0.22/download/cmake-2.8.8.tar.gz文件下载到指定【test】组节点的/data目录下
命令:ansible test -m get_url -a ‘url=http://192.168.0.22/download/cmake-2.8.8.tar.gz dest=/data‘
[root@Ansible ~]# ansible test -m get_url -a ‘url=http://192.168.0.22/download/cmake-2.8.8.tar.gz dest=/data‘
192.168.0.24 | SUCCESS => {
"changed": true,
"checksum_dest": null,
"checksum_src": "a74dfc3e0a0d7f857ac5dda03bb99ebf07676da1",
"dest": "/data/cmake-2.8.8.tar.gz",
"gid": 0,
"group": "root",
"md5sum": "ba74b22c788a0c8547976b880cd02b17",
"mode": "0644",
"msg": "OK (5691656 bytes)",
"owner": "root",
"size": 5691656,
"src": "/tmp/tmpGRtAis",
"state": "file",
"status_code": 200,
"uid": 0,
"url": "http://192.168.0.22/download/cmake-2.8.8.tar.gz"
}
192.168.0.151 | SUCCESS => {
"changed": true,
"checksum_dest": null,
"checksum_src": "a74dfc3e0a0d7f857ac5dda03bb99ebf07676da1",
"dest": "/data/cmake-2.8.8.tar.gz",
"gid": 0,
"group": "root",
"md5sum": "ba74b22c788a0c8547976b880cd02b17",
"mode": "0644",
"msg": "OK (5691656 bytes)",
"owner": "root",
"size": 5691656,
"src": "/tmp/tmpLdf_hW",
"state": "file",
"status_code": 200,
"uid": 0,
"url": "http://192.168.0.22/download/cmake-2.8.8.tar.gz"
}
完成后查看一下你下载的文件:
[root@Ansible ~]# ansible test -m command -a ‘ls /data‘
4.13)synchronize模块
目的:将主控方/data目录推送到指定节点的/tmp目录下
命令:ansible test -m synchronize -a ‘src=/data/soft dest=/tmp/ compress=yes‘
delete=yes 使两边的内容一样(即以推送方为主)
compress=yes 开启压缩,默认为开启
--exclude=.git 忽略同步.git结尾的文件
[root@Ansible ~]# ansible test -m synchronize -a ‘src=/data/soft dest=/tmp/ compress=yes‘
192.168.0.24 | SUCCESS => {
"changed": true,
"cmd": "/usr/bin/rsync --delay-updates -F --compress --archive --rsh=/usr/bin/ssh -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null --out-format=<<CHANGED>>%i %n%L /data/soft 192.168.0.24:/tmp/",
"msg": "cd+++++++++ soft/\n<f+++++++++ soft/Class-Accessor-0.31.tar.gz\n<f+++++++++ soft/Config-Tiny-2.12.tar.gz\n<f+++++++++ soft/Math-Calc-Units-1.07.tar.gz\n<f+++++++++ soft/Nagios-Plugin-0.34.tar.gz\n<f+++++++++ soft/Params-Validate-0.91.tar.gz\n<f+++++++++ soft/Regexp-Common-2010010201.tar.gz\n<f+++++++++ soft/check_iostat\n<f+++++++++ soft/check_memory.pl\n<f+++++++++ soft/check_mysql\n<f+++++++++ soft/libart_lgpl-2.3.17.tar.gz\n<f+++++++++ soft/nagios-3.5.1.tar.gz\n<f+++++++++ soft/nagios-plugins-1.4.16.tar.gz\n<f+++++++++ soft/nrpe-2.12.tar.gz\n<f+++++++++ soft/pnp-0.4.14.tar.gz\n<f+++++++++ soft/rrdtool-1.2.14.tar.gz\n",
"rc": 0,
"stdout_lines": [
"cd+++++++++ soft/",
"<f+++++++++ soft/Class-Accessor-0.31.tar.gz",
"<f+++++++++ soft/Config-Tiny-2.12.tar.gz",
"<f+++++++++ soft/Math-Calc-Units-1.07.tar.gz",
"<f+++++++++ soft/Nagios-Plugin-0.34.tar.gz",
"<f+++++++++ soft/Params-Validate-0.91.tar.gz",
"<f+++++++++ soft/Regexp-Common-2010010201.tar.gz",
"<f+++++++++ soft/check_iostat",
"<f+++++++++ soft/check_memory.pl",
"<f+++++++++ soft/check_mysql",
"<f+++++++++ soft/libart_lgpl-2.3.17.tar.gz",
"<f+++++++++ soft/nagios-3.5.1.tar.gz",
"<f+++++++++ soft/nagios-plugins-1.4.16.tar.gz",
"<f+++++++++ soft/nrpe-2.12.tar.gz",
"<f+++++++++ soft/pnp-0.4.14.tar.gz",
"<f+++++++++ soft/rrdtool-1.2.14.tar.gz"
]
}
192.168.0.151 | SUCCESS => {
"changed": true,
"cmd": "/usr/bin/rsync --delay-updates -F --compress --archive --rsh=/usr/bin/ssh -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null --out-format=<<CHANGED>>%i %n%L /data/soft 192.168.0.151:/tmp/",
"msg": "cd+++++++++ soft/\n<f+++++++++ soft/Class-Accessor-0.31.tar.gz\n<f+++++++++ soft/Config-Tiny-2.12.tar.gz\n<f+++++++++ soft/Math-Calc-Units-1.07.tar.gz\n<f+++++++++ soft/Nagios-Plugin-0.34.tar.gz\n<f+++++++++ soft/Params-Validate-0.91.tar.gz\n<f+++++++++ soft/Regexp-Common-2010010201.tar.gz\n<f+++++++++ soft/check_iostat\n<f+++++++++ soft/check_memory.pl\n<f+++++++++ soft/check_mysql\n<f+++++++++ soft/libart_lgpl-2.3.17.tar.gz\n<f+++++++++ soft/nagios-3.5.1.tar.gz\n<f+++++++++ soft/nagios-plugins-1.4.16.tar.gz\n<f+++++++++ soft/nrpe-2.12.tar.gz\n<f+++++++++ soft/pnp-0.4.14.tar.gz\n<f+++++++++ soft/rrdtool-1.2.14.tar.gz\n",
"rc": 0,
"stdout_lines": [
"cd+++++++++ soft/",
"<f+++++++++ soft/Class-Accessor-0.31.tar.gz",
"<f+++++++++ soft/Config-Tiny-2.12.tar.gz",
"<f+++++++++ soft/Math-Calc-Units-1.07.tar.gz",
"<f+++++++++ soft/Nagios-Plugin-0.34.tar.gz",
"<f+++++++++ soft/Params-Validate-0.91.tar.gz",
"<f+++++++++ soft/Regexp-Common-2010010201.tar.gz",
"<f+++++++++ soft/check_iostat",
"<f+++++++++ soft/check_memory.pl",
"<f+++++++++ soft/check_mysql",
"<f+++++++++ soft/libart_lgpl-2.3.17.tar.gz",
"<f+++++++++ soft/nagios-3.5.1.tar.gz",
"<f+++++++++ soft/nagios-plugins-1.4.16.tar.gz",
"<f+++++++++ soft/nrpe-2.12.tar.gz",
"<f+++++++++ soft/pnp-0.4.14.tar.gz",
"<f+++++++++ soft/rrdtool-1.2.14.tar.gz"
]
}
完成后查看一下你推送的文件:
[root@Ansible ~]# ansible test -m command -a ‘ls /tmp‘
192.168.0.24 | SUCCESS | rc=0 >>
ansible_88QywI
soft
192.168.0.151 | SUCCESS | rc=0 >>
ansible_lFLfGd
soft
原文地址:http://blog.51cto.com/hwg1227/2087562