Two: Ansible common module
A: Ansible command module
1.1 command
# 默认模块, 执行命令 [root@m01 ~]# ansible web_group -a "hostname" 1.2 shell
# 如果需要一些管道操作,则使用shell [root@m01 ~]# ansible web_group -m shell -a "ps -ef|grep nginx" -f 50
注意:command不识别管道符之类的操作1.3 script
# 编写脚本
[root@m01 ~]# vim /root/yum.sh
#!/usr/bin/bash
yum install -y vsftpd
#在本地运行模块,等同于在远程执行,不需要将脚本文件进行推送目标主机执行
[root@m01 ~]# ansible web_group -m script -a "/root/yum.sh"Two: Ansible software management module
1.1 yum
#查看使用方法
[root@m01 ~]# ansible-doc yum
state:
present 安装软件包 默认是present,可以不写
absent 移除软件包
latest 安装最新软件包
name
(包名httpd) #本地yum源
file:// #指定本地安装路径(yum localinstall 本地rpm包)
http:// #指定yum源(从远程仓库获取rpm包)
[root@m01 ~]# ansible web_group -m yum -a "name=httpd state=present"1.2 cron: Task Timing
ansible web_group -m cron -a 'name="aaaaaaa" minute=0 hour=5,2 day=2 month=1 weekday=1-7 state=present job="/bin/sh /root/a.sh > /dev/null"'
name:注释
state:
present
absent
job:crontab要执行的命令
删除:
ansible web_group -m cron -a 'name="aaaaaaa state=absent"
分时日月周不写就直接*号1.3 yum_repository: YUM build warehouse
[root@m01 ~]# ansible 'web_group' -m yum_repository -a "name=nginx description='zls_nginx' baseurl=http://nginx.org/packages/centos/7/$basearch/"
name: 指定repo文件名
description:描述(repo文件中name的值)
baseurl: 指定yum源
file:如果定义了file那么文件名以file为准,如果没有定义file文件名以name为准
state:
present #创建(默认)
absent #删除
[root@m01 ~]# ansible 'web_group' -m yum_repository -a "name=nginx_new file='zls_nginx_new' description='zls_nginx' baseurl=http://nginx.org/packages/centos/7/$basearch/ gpgcheck=no"
#删除
[root@m01 ~]# ansible 'web_group' -m yum_repository -a "name=nginx state=absent"
[root@m01 ~]# ansible 'web_group' -m yum_repository -a "name=nginx_new file=zls_nginx_new state=absent"
[root@m01 ~]# ansible 'web_group' -m yum_repository -a "name=nginx123 file=zls_nginx_new state=absent"
# 在已有的仓库文件中添加一个仓库
[root@m01 ~]# ansible 'web_group' -m yum_repository -a "name=nginx123 file='zls_nginx_new' description='zls_nginx' baseurl=http://download.driverzeng.com gpgcheck=no"Three: Ansible file management module
1.1 file
[root@m01 ~]# ansible web_group -m file -a 'path=/tmp/zls state=directory owner=root group=root mode=0644'
path: 指定创建的路径
state:
touch:创建文件
directory:创建目录
file:修改文件属性(默认)
link:软连接
absent:删除指定的文件或目录
owner:指定属主
group:指定属组
mode:指定权限1.2 get_url: Download
[root@m01 ~]# ansible web01 -m get_url -a 'url=https://mirrors.aliyun.com/zabbix/zabbix/4.4/rhel/7/x86_64/zabbix-agent-4.4.0-1.el7.x86_64.rpm dest=/tmp mode=0644'
[root@m01 ~]# ansible web01 -m get_url -a 'url=http://test.driverzeng.com/Zabbix_File/percona-release-0.1-3.noarch.rpm dest=/tmp mode=0644 checksum=md5:ea13c36cf79e131bded48bac4f7e88c2'
url:指定软件包地址
dest:指定下载的路径
mode:指定文件的权限
checksum:
md5:
sha256:1.3 unarchive: Unzip
[root@m01 ~]# ansible web02 -m unarchive -a 'src=/root/wordpress-5.0.3-zh_CN.tar.gz dest=/tmp'
src:指定压缩包的路径
dest:指定解压的位置
remote_src:
yes:
no:(默认)Four: Ansible service management module
systemd
[root@m01 ~]# ansible web01 -m systemd -a 'name=nginx state=started'
name:指定服务名
state:
started
stopped
restarted
reloaded
enabled:
true
falseFive: Ansible user management module
1.1 user
#创建用户指定uid和gid,不创建家目录也不允许登陆
[root@m01 ~]# ansible web_group -m user -a "name=qls uid=888 group=888 shell=/sbin/nologin create_home=false"1.2 group
[root@m01 ~]# ansible web_group -m group -a 'name=qls state=present gid=250'
name:指定组名
state:
present:创建
absent:删除
gid:指定组的idSix: Ansible disk mount module
mount: mount
[root@m01 ~]# ansible web01 -m mount -a 'path=/data src=172.16.1.31:/data fstype=nfs state=mounted'
path:挂载的路径
src:挂载点
fstype:挂载类型
state:
present # 开机挂载,仅将挂载配置写入/etc/fstab
absent # 卸载,并清除/etc/fstab
mounted # 挂载并写入/etc/fstab
unmounted # 卸载,不清除 /etc/fstabSeven: Ansible host information module
setup
Why talk about this module?
Automated done little friends will find this module very useful
In the company there are always some demand
For example:
1. Create different depending on a host of IP corresponding to the IP directory
2. Create a directory corresponding to the host name, depending on the host name of a different host
3. Automated operation and maintenance platform required to automatically obtain the IP address of the host, memory information, disk information, host name ... etc.
4. If the installation database memory is allocated 80% of the physical memory, then there are three different physical memory of the machine 2G, 4G, 16G
in the case of writing a playbook, I need to get to the corresponding memory of the host and make calculations, write judgments.
1.获取IP地址
[root@m01 ~]# ansible web01 -m setup -a 'filter=ansible_default_ipv4'
web01 | SUCCESS => {
"ansible_facts": {
"ansible_default_ipv4": {
"address": "10.0.0.7",
"alias": "eth0",
"broadcast": "10.0.0.255",
"gateway": "10.0.0.2",
"interface": "eth0",
"macaddress": "00:0c:29:f8:98:80",
"mtu": 1500,
"netmask": "255.255.255.0",
"network": "10.0.0.0",
"type": "ether"
},
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false
}
2.获取主机名
[root@m01 ~]# ansible web01 -m setup -a 'filter=ansible_fqdn'
web01 | SUCCESS => {
"ansible_facts": {
"ansible_fqdn": "web01",
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false
}
3.获取内存信息
[root@m01 ~]# ansible web01 -m setup -a 'filter=ansible_memory_mb'
web01 | SUCCESS => {
"ansible_facts": {
"ansible_memory_mb": {
"nocache": {
"free": 1622,
"used": 360
},
"real": {
"free": 1068,
"total": 1982,
"used": 914
},
"swap": {
"cached": 0,
"free": 1023,
"total": 1023,
"used": 0
}
},
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false
}
4.其他信息参数
ansible_all_ipv4_addresses:仅显示ipv4的信息。
ansible_devices:仅显示磁盘设备信息。
ansible_distribution:显示是什么系统,例:centos,suse等。
ansible_distribution_major_version:显示是系统主版本。
ansible_distribution_version:仅显示系统版本。
ansible_machine:显示系统类型,例:32位,还是64位。
ansible_eth0:仅显示eth0的信息。
ansible_hostname:仅显示主机名。
ansible_kernel:仅显示内核版本。
ansible_lvm:显示lvm相关信息。
ansible_memtotal_mb:显示系统总内存。
ansible_memfree_mb:显示可用系统内存。
ansible_memory_mb:详细显示内存情况。
ansible_swaptotal_mb:显示总的swap内存。
ansible_swapfree_mb:显示swap内存的可用内存。
ansible_mounts:显示系统磁盘挂载情况。
ansible_processor:显示cpu个数(具体显示每个cpu的型号)。
ansible_processor_vcpus:显示cpu个数(只显示总的个数)。
Eight: Ansible firewall module
1.1 selinux
[root@m01 ~]# ansible web01 -m selinux -a 'state=disabled'1.2 firewalld
[root@m01 ~]# ansible web01 -m firewalld -a 'port=80/tcp state=enabled'Nine: Ansible database module
1.1 mysql_db: Create a database
- name: Create a new database with name 'jiangwei'
mysql_db:
name: jiangwei
state: present
此时,遇到一个问题,playbook建库时,需要先登陆到数据库,登陆到数据库这个动作必须要自动完成,此时引入:
- login_host
Host running the database.
[Default: localhost]
type: str
- login_password
The password used to authenticate with.
[Default: (null)]
type: str
- login_port
Port of the MySQL server. Requires `login_host' be defined as
other than localhost if login_port is used.
[Default: 3306]
type: int
- login_user
The username used to authenticate with.
[Default: (null)]
type: str
EX:
- name: Create a new database with name 'jiangwei'
mysql_db:
login_user: root
login_password: '123'
login_host: localhost
name: jiangwei
state: present1.2 mysql_user: Create a database user
- name: Create database user with password and all database privileges =
mysql_user:
name: bob
password: 12345
priv: '*.*:ALL'
state: present
EX:
- name: Create MySQL User
mysql_user:
name: wordpress
password: '123456'
priv: '*.*:ALL'
host: '%'
state: present