当前位置：首页 > ops >正文

ansible模块使用实践

ops 2025/6/16 8:34:26

ansible模块使用实践

常用命令
手册使用
查看主机清单
authorized_key
setup
command&shell&raw
script
file
- 创建文件目录
- 删除文件目录
- 修改权限
- 创建链接
copy
template
fetch
lineinfile
- 整行替换(复杂用sed)
- 添加内容
- - - 默认添加
    - 匹配行前添加
    - 匹配行后添加
- 修改内容及权限
- 删除行
replace 单词替换
blocakinfile 插入行
user
- 创建用户,组
- 删除用户,组
- 修改用户密码
yum_repository
yum
service
parted
lvg
lvol
filesystem
mount
firewalld
unarchive 解压
archive 压缩

https://www.cnblogs.com/hujinzhong/p/12155691.html 扩展知识

官网

https://galaxy.ansible.com/

https://github.com/ansible/ansible

常用模块

https://blog.csdn.net/weixin_40917409/article/details/83089937?ops_request_misc=%257B%2522request%255Fid%2522%253A%2522160682688919195271645673%2522%252C%2522scm%2522%253A%252220140713.130102334.pc%255Fall.%2522%257D&request_id=160682688919195271645673&biz_id=0&utm_medium=distribute.pc_search_result.none-task-blog-2_allfirst_rank_v2~rank_v28-1-83089937.pc_first_rank_v2_rank_v28&utm_term=ansible%E7%9A%84get_url%E6%A8%A1%E5%9D%97%E8%AF%A6%E8%A7%A3&spm=1018.2118.3001.4449

常用命令

# -k 参数，可以手动输入目标主机ssh的密码
[root@master ansible]# ansible-playbook -k init.yml
#一条命令书写任务
[root@master ansible]# ansible node1 -m authorized_key -a "user=webop state=present key='{{ lookup('file', '/home/liuhongdi/.ssh/id_rsa.pub') }}'"

手册使用

#查看所有模块
[root@master ansible]# ansible-doc -l
#查看包含copy的模块
[root@master ansible]# ansible-doc -l | grep copy
vsphere_copy                                                  Copy a file to a VMware datastore             
win_copy                                                      Copies files to remote locations on windows hosts                                   
bigip_file_copy                                               Manage files in datastores on a BIG-IP         
ec2_ami_copy                                                  copies AMI between AWS regions, return new image id                                 
win_robocopy                                                  Synchronizes the contents of two directories using Robocopy                         
copy                                                          Copy files to remote locations                 
na_ontap_lun_copy                                             NetApp ONTAP copy LUNs                         
icx_copy                                                      Transfer files from or to remote Ruckus ICX 7000 series switches                    
unarchive                                                     Unpacks an archive after (optionally) copying it from the local machine             
ce_file_copy                                                  Copy a file to a remote cloudengine device over SCP on HUAWEI CloudEngine switches  
postgresql_copy                                               Copy data between a file/program and a PostgreSQL table                             
ec2_snapshot_copy                                             copies an EC2 snapshot and returns the new Snapshot ID                              
nxos_file_copy                                                Copy a file to a remote NXOS device           
netapp_e_volume_copy                                          NetApp E-Series create volume copy pairs
#详细的模块描述手册
[root@master ansible]# ansible-doc copy
#只包含模块参数用法的模块描述手册
[root@master ansible]# ansible-doc -s copy

查看主机清单

#查看所有主机
[root@master ansible]# ansible all --list-hostshosts (3):192.168.1.21192.168.1.22192.168.1.23
#查看指定组的主机
[root@master ansible]# ansible node1 --list-hostshosts (1):192.168.1.21
[root@master ansible]# ansible node --list-hostshosts (3):192.168.1.21192.168.1.22192.168.1.23
#使用列出node组中的主机
[root@master ansible]# ansible-inventory node --graph 
@node:|--192.168.1.21|--192.168.1.22|--192.168.1.23	
#使用列出node组的主机同时带上变量
[root@master ansible]# ansible-inventory node --graph --vars
@node:|--192.168.1.21|  |--{ansible_port = 22}|--192.168.1.22|  |--{ansible_port = 22}|--192.168.1.23|  |--{ansible_port = 22}
#以json列出所有主机
[root@master ansible]# ansible-inventory --list

authorized_key

   - name: 配置免密authorized_key:user: rootstate: presentkey: "{{ lookup('file', '/root/.ssh/id_rsa.pub')}}"
#或者
[root@master ~]# ansible -v node1 -m authorized_key -a "user=root state=present key='{{ lookup('file', '/root/.ssh/id_rsa.pub')}}'"#user  目标主机用户
#present：保证目标节点上会保存Ansible端本次分发的公钥
#absent：保证目标节点上没有Ansible端本次分发的公钥
#key: 公钥
#读取/root/.ssh/id_rsa.pub文件内容给key，然后把key作为root连接的公钥第二种主机下发秘钥方法
[root@master ~]# cat mianmi.sh 
#!/bin/bash
for i in 21
dosshpass -p 1 ssh-copy-id -i /root/.ssh/id_rsa.pub -o StrictHostKeyChecking=no 192.168.1.$i
done
#sshpass 免密登录的工具，可以非交互式输入密码;StrictHostKeyChecking=no  取消yes

setup

[root@master ansible]# ansible  node1 -m setup
#filter过滤变量#查看主机名
[root@master ~]# ansible node1 -m setup -a 'filter=ansible_fqdn'	
192.168.1.21 | SUCCESS => {"ansible_facts": {"ansible_fqdn": "node1", 	#这里"discovered_interpreter_python": "/usr/bin/python"}, "changed": false
}
#查看地址
[root@master ~]# ansible node1 -m setup -a 'filter=*address*'
192.168.1.21 | SUCCESS => {"ansible_facts": {"ansible_all_ipv4_addresses": ["192.168.1.21"], "ansible_all_ipv6_addresses": ["fd15:4ba5:5a2b:1008:20c:29ff:fe4c:8a47", "fe80::20c:29ff:fe4c:8a47"], "discovered_interpreter_python": "/usr/bin/python"}, "changed": false
}

command&shell&raw

#共同点  都没有幂等性
#不同点
command	要求受管主机上安装Python。command可以在受管主机上执行shell命令，但是不支持环境变量和操作符（例如 '|', '<', '>', '&'）
shell	shell模块调用的/bin/sh指令执行
raw		不需要受管主机上安装Python，直接使用远程shell运行命令，通常用于无法安装Python的系统（例如网络设备等）#测试 使用不同模块查看系统时间和内核版本
#command	命令执行失败，不支持 &
[root@master ~]#  ansible -v  node1 -m command -a "date && uname -r"
Using /etc/ansible/ansible.cfg as config file
192.168.1.21 | FAILED | rc=1 >>
date：选项需要一个参数 -- r
Try 'date --help' for more information.non-zero return code#shell
Try 'date --help' for more information.non-zero return code
[root@master ~]# ansible -v  node