In this chapter
ansible system commands
ansible-doc display module Help
ansible-doc [options] [module...]
-l,--list //列出可用模块
-s,--snippet //显示指定模块的playbook片段
示例:
ansible-doc -l 列出所有模块
ansible-doc ping 查看指定模块帮助用法
ansible-doc -s ping 查看指定模块帮助用法
ansible command
ansible configuration management, application deployment, task execution and other functions through ssh, recommendations ansible terminal to contact each managed node-based key authentication methods
ansible <host-pattern> [-m module_name] [-a args]
--version 显示版本
-m module 指定模块,默认为command
-v 详细过程 –vv -vvv更详细
--list-hosts 显示主机列表,可简写 --list
-k, --ask-pass 提示输入ssh连接密码,默认Key验证
-C, --check 检查,并不执行
-T, --timeout=TIMEOUT 执行命令的超时时间,默认10s
-u, --user=REMOTE_USER 执行远程执行的用户
-b, --become 代替旧版的sudo 切换
--become-user=USERNAME 指定sudo的runas用户,默认为root
-K, --ask-become-pass 提示输入sudo时的口令
ansible的 Host-pattern
all //表示所有 inventory中的所有主机
"*"
"*srvs*"
"websrvs:appsrvs" // 或关系
"websrvs:&dbsrvs" // 逻辑与
"websrvs:!dbsrvs" //在websrvs中不在dbsrvs中
"~(web|db).*\.xuepeng\.com" //匹配web.xuepeng.com或db.xuepeng.com
ansible command execution process
- Load your own configuration files by default /etc/ansible/ansible.cfg
- Load module file corresponding to itself, such as command
- Or by ansible command generation module corresponding to py temporary files, the file transfer to the corresponding remote server performs user $ HOME / .ansible / tmp / ansible-tmp- digital file /XXX.py
- + X to the file execution
- Execution and returns the result
- Py delete temporary files and exit
Execution state:
- Green: the successful implementation of the operation and do not need to change
- Yellow: the successful execution and make changes to the target host
- Red: execution failed
ansible using the example
ansible all -m ping -u zhangsan -k //以zhangsan用户执行ping存活检测
ansible all -m ping -u zhangsan -k -b //以zhangsan sudo至root执行ping存活检测
ansible all -m ping -u zhangsan -k -b --become-user=admin //以zhangsan sudo至admin用户执行ping存活检测
ansible all -m command -u wang -a 'ls /root' -b --become-user=root -k -K
ansible-galaxy
连接 https://galaxy.ansible.com 下载相应的roles
列出所有已安装的galaxy
ansible-galaxy list
安装galaxy
ansible-galaxy install geerlingguy.redis
删除galaxy
ansible-galaxy remove geerlingguy.redis
ansible-vault
功能:管理加密解密yml文件
ansible-vault [create|decrypt|edit|encrypt|rekey|view]
ansible-vault encrypt hello.yml 加密
ansible-vault decrypt hello.yml 解密
ansible-vault view hello.yml 查看
ansible-vault edit hello.yml 编辑加密文件
ansible-vault rekey hello.yml 修改口令
ansible-vault create new.yml 创建新文件
ansible-playbook
cat hello.yml
---
- hosts: websrvs
remote_user: root
tasks:
- name: hello world
command: /usr/bin/wall hello world
ansible-playbook hello.yml
ansible-console
[root@ansible ~]# ansible-console
Welcome to the ansible console.
Type help or ? to list commands.
root@all (5)[f:5]$ list
192.168.209.9
192.168.209.29
192.168.209.59
192.168.209.39
192.168.209.49
root@all (5)[f:5]$ forks 10
root@all (5)[f:10]$ cd websrvs
root@websrvs (2)[f:10]$ yum name=screen state=present
