Hello everyone, I am from 9 in the morning to 12 in the evening, and I am currently doing operation and maintenance related work. Blogging is for accumulation, I hope everyone will make progress together!
My homepage: 9 am to 12 pm
Column name: Ansible from entry to proficiency and determined to become an ansible boss
♣Ansible's advanced commands
ansible-playbook
palybook is a list of one or more palys. The main function of play is to dress up the hosts that have been merged into a group in advance as the roles defined in advance through the task in ansible. Fundamentally speaking, the so-called task is nothing more than a module that calls ansible. By organizing multiple plays in a playbook, they can be combined to sing a big play together according to the pre-arranged mechanism.
A playbook consists of the following parts:
Inventory
Modules
Ad Hoc Commands
Playbooks
tasks:即调用模块完成的操作
variables:变量
templates:模板
handlers:触发器,由某子任务触发执行操作
roles:角色
write a simple script
--- #固定格式,可以不写
- hosts: test #表示你要操作的主机组,注意空格
remote_user: root #以root身份远程操作
tasks:
- name: test #说明
command: hostname #要执行的命令
implement:
[root@master ansible]# vim test.yml
[root@master ansible]# ansible-playbook test.yml
PLAY [test] ***************************************************************************************************************************************************************
TASK [Gathering Facts] ****************************************************************************************************************************************************
ok: [192.168.1.1]
TASK [test] ***************************************************************************************************************************************************************
changed: [192.168.1.1]
PLAY RECAP ****************************************************************************************************************************************************************
139.9.198.12 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
ansible-vault
Encrypt important information
encrypted script
Re-enter password twice
[root@master ansible]# ansible-vault encrypt test.yml
New Vault password:
Confirm New Vault password:
Encryption successful
When viewing the script, you must also use the ansible-vault command, otherwise you will see encrypted content, such as
[root@master ansible]# cat test.yml
$ANSIBLE_VAULT;1.1;AES256
61373337616563376334636235306530356635343530653862376533636331333161313661643430
3532313561363438386233646366643266323365633632330a393433383866306631643461653233
33616333316664383463353638373131363431373630666161363335623664653136643264323565
6630373939336262390a316562626665336534353466656133613133373262646662393764373965
61326161336335616364373034383133623763313465633136623861353536643438343537626232
31646161633932346466653663616330633438343637613231643234316530386435633231356332
34326639383934613062373463356632353866623165306230343833623863313634323932623763
37326434616332643931653939666361626537346566666633633536336537336231626237376134
3239
decrypt script
[root@master ansible]# ansible-vault decrypt test.yml
Vault password:
Decryption successful
[root@master ansible]# cat test.yml
---
- hosts: test
remote_user: root
tasks:
- name: test
command: hostname
view script
[root@master ansible]# ansible-vault view test.yml
Vault password:
---
- hosts: test
remote_user: root
tasks:
- name: test
command: hostname
edit script
[root@master ansible]# ansible-vault edit test.yml
Vault password:
---
- hosts: test
remote_user: root
tasks:
- name: test
command: hostname
~
change password
You need to enter the old password before entering the new password twice
[root@master ansible]# ansible-vault rekey test.yml
Vault password:
New Vault password:
Confirm New Vault password:
Rekey successful
create new file
[root@master ansible]# ansible-vault create test2.yml
New Vault password:
Confirm New Vault password:
ansible-console
interactive tool
含义:
root:执行用户
all: 主机清单
(1):代表主机个数
[f:5]: fork=5 5并发请求
Modified to 10 concurrency
root@all (1)[f:5]$ forks 10
root@all (1)[f:10]$
input ? Or help can view the prompt, that is, the module name
console operation
Execute the view date command
root@all (1)[f:5]$ command date
139.9.198.12 | CHANGED | rc=0 >>
Mon May 29 17:39:09 CST 2023
Modify the target host time
If there are multiple hosts, to modify the information of a host, you need to use cd to switch
root@all (1)[f:5]$ cd 192.168.1.1
[email protected] (1)[f:5]$ date -s "2023-05-29 17:40:00"