思享工具箱

ansible 基本命令学习与踩坑

摘要:
1.命令行参数-v,–verbose verbose mode。如果命令成功执行,则详细结果-iPATH,–inventory=PATH指定主机文件的路径。默认值在/etc/responsible/hosts fnUM中。–forks=NUNUM是整数。默认值为5。指定了fork启动的同步进程数。

1. 命令行参数

-v,–verbose   				详细模式,如果命令执行成功,输出详细的结果(-vv –vvv -vvvv)
-i PATH,–inventory=PATH   	     指定host文件的路径,默认是在/etc/ansible/hosts(生产环境经常用到) 
-f NUM,–forks=NU  			NUM是指定一个整数,默认是5,指定fork开启同步进程的个数。 
-m NAME,–module-name=NAME   		指定使用的module名称,默认是command
-m DIRECTORY,–module-path=DIRECTORY   	指定module的目录来加载module,默认是/usr/share/ansible, 
-a,MODULE_ARGS   			指定module模块的参数 
-k,-ask-pass     			提示输入ssh的密码,而不是使用基于ssh的密钥认证
-sudo                   		指定使用sudo获得root权限(生产环境经常用到)
-K,-ask-sudo-pass       		提示输入sudo密码,与–sudo一起使用 (生产环境经常用到)
-u USERNAME,-user=USERNAME  		指定移动端的执行用户 
-C,-check               		测试此命令执行会改变什么内容,不会真正的去执行

2. command模块测试环境

[root@temp01 ~]# ansible all -a "pwd"
192.168.3.70 | SUCCESS | rc=0 >>
/root

192.168.3.60 | SUCCESS | rc=0 >>
/root

 [root@temp01 ~]# ansible all -m command -a "pwd"    #-m command 原来是可以省略的,ansible 默认模块就是command
 192.168.3.70 | SUCCESS | rc=0 >>
 /root

 192.168.3.60 | SUCCESS | rc=0 >>
 /root

3. 再用ping模块

#-f 参数用法
[root@temp01 ~]# ansible all -m ping -f 1    #all 表示hosts里面所有主机 -m 调用模块 -f 指定同步进程数
192.168.3.60 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
192.168.3.70 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
#-C参数用法
[root@temp01 ~]# ansible all -m ping -f 1 -C  
192.168.3.60 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
192.168.3.70 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}

4. user模块

[root@temp01 ~]# ansible db -m user -a 'name=DBA uid=505 home=/home/dba shell=/sbin/nologin'
192.168.3.70 | SUCCESS => {
    "changed": true,
    "comment": "",
    "createhome": true,
    "group": 505,
    "home": "/home/dba",
    "name": "DBA",
    "shell": "/sbin/nologin",
    "state": "present",
    "system": false,
    "uid": 505
}
[root@temp01 ~]# ansible db -m user -a 'name=DBA state=absent'    #state属性有:present表示添加,absend表示删除,state属性默认是present
192.168.3.70 | SUCCESS => {
    "changed": true,
    "force": false,
    "name": "DBA",
    "remove": false,
    "state": "absent"
}

 修改用户密码

[root@temp01 ansible_playbook]# ansible all -m shell -a 'echo "123456" | passwd  foo --stdin'
192.168.3.60 | SUCCESS | rc=0 >>
Changing password for user foo.
passwd: all authentication tokens updated successfully.

192.168.3.70 | SUCCESS | rc=0 >>
Changing password for user foo.
passwd: all authentication tokens updated successfully.

5. 看看下面这个坑

[root@temp01 ~]# ansible all -m cron -a "name=cat minute='*/1' job='ls /root'"
192.168.3.70 | FAILED! => {
    "changed": false,
    "failed": true,
    "msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!"
}
192.168.3.60 | FAILED! => {
    "changed": false,
    "failed": true,
    "msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!"
}
[root@temp01 ~]# ansible all -m copy -a "src=/etc/ansible/hosts dest=/root mode=600"
192.168.3.60 | FAILED! => {
    "changed": false,
    "checksum": "8add7a4e56ae6f7a1c6d0218ce757510d195bb3c",
    "failed": true,
    "msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!"
}
192.168.3.70 | FAILED! => {
    "changed": false,
    "checksum": "8add7a4e56ae6f7a1c6d0218ce757510d195bb3c",
    "failed": true,
    "msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!"
}

需要在客户端安装libselinux-python库

方法如下,随便介绍下yum模块,哈哈

[root@temp01 ~]# ansible all -m yum -a 'name=libselinux-python state=present'
192.168.3.70 | SUCCESS => {
    "changed": true,
    "msg": "warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Importing GPG key 0xC105B9DE:
 Userid : CentOS-6 Key (CentOS 6 Official Signing Key) <centos-6-key@centos.org>
 Package: centos-release-6-5.el6.centos.11.1.x86_64 (@anaconda-CentOS-201311272149.x86_64/6.5)
 From   : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
",
    "rc": 0,
    "results": [
        "Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
 * base: mirrors.zju.edu.cn
 * extras: centos.ustc.edu.cn
 * updates: mirrors.zju.edu.cn
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package libselinux-python.x86_64 0:2.0.94-7.el6 will be installed
--> Processing Dependency: libselinux = 2.0.94-7.el6 for package: libselinux-python-2.0.94-7.el6.x86_64
--> Running transaction check
---> Package libselinux.x86_64 0:2.0.94-5.3.el6_4.1 will be updated
--> Processing Dependency: libselinux = 2.0.94-5.3.el6_4.1 for package: libselinux-utils-2.0.94-5.3.el6_4.1.x86_64
---> Package libselinux.x86_64 0:2.0.94-7.el6 will be an update
--> Running transaction check
---> Package libselinux-utils.x86_64 0:2.0.94-5.3.el6_4.1 will be updated
---> Package libselinux-utils.x86_64 0:2.0.94-7.el6 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package    Arch          Version               Repository   Size
================================================================================
Installing:
 libselinux-python        x86_64        2.0.94-7.el6          base        203 k
Updating for dependencies:
 libselinux               x86_64        2.0.94-7.el6          base        109 k
 libselinux-utils         x86_64        2.0.94-7.el6          base         82 k

Transaction Summary
================================================================================
Install       1 Package(s)
Upgrade       2 Package(s)

Total download size: 394 k
Downloading Packages:
--------------------------------------------------------------------------------
Total                                           210 kB/s | 394 kB     00:01     
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction

  Updating   : libselinux-2.0.94-7.el6.x86_64                               1/5 

  Installing : libselinux-python-2.0.94-7.el6.x86_64                        2/5 

  Updating   : libselinux-utils-2.0.94-7.el6.x86_64                         3/5 

  Cleanup    : libselinux-utils-2.0.94-5.3.el6_4.1.x86_64                   4/5 

Cleanup    : libselinux-2.0.94-5.3.el6_4.1.x86_64                         5/5 

  Verifying  : libselinux-python-2.0.94-7.el6.x86_64                        1/5 

  Verifying  : libselinux-utils-2.0.94-7.el6.x86_64    2/5 

  Verifying  : libselinux-2.0.94-7.el6.x86_64                               3/5 

  Verifying  : libselinux-2.0.94-5.3.el6_4.1.x86_64                         4/5 

  Verifying  : libselinux-utils-2.0.94-5.3.el6_4.1.x86_64                  5/5 

Installed:
  libselinux-python.x86_64 0:2.0.94-7.el6                                       

Dependency Updated:
  libselinux.x86_64 0:2.0.94-7.el6    libselinux-utils.x86_64 0:2.0.94-7.el6   

Complete!
"
    ]
}
192.168.3.60 | SUCCESS => {
    "changed": true,
    "msg": "warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Importing GPG key 0xC105B9DE:
 Userid : CentOS-6 Key (CentOS 6 Official Signing Key) <centos-6-key@centos.org>
 Package: centos-release-6-5.el6.centos.11.1.x86_64 (@anaconda-CentOS-201311272149.x86_64/6.5)
 From   : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
",
    "rc": 0,
    "results": [
        "Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
 * base: mirrors.cn99.com
 * extras: mirrors.cn99.com
 * updates: mirrors.cn99.com
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package libselinux-python.x86_64 0:2.0.94-7.el6 will be installed
--> Processing Dependency: libselinux = 2.0.94-7.el6 for package: libselinux-python-2.0.94-7.el6.x86_64
--> Running transaction check
--->Package libselinux.x86_64 0:2.0.94-5.3.el6_4.1 will be updated
--> Processing Dependency: libselinux = 2.0.94-5.3.el6_4.1 for package: libselinux-utils-2.0.94-5.3.el6_4.1.x86_64
---> Package libselinux.x86_64 0:2.0.94-7.el6 will be an update
--> Running transaction check
---> Package libselinux-utils.x86_64 0:2.0.94-5.3.el6_4.1 will be updated
---> Package libselinux-utils.x86_64 0:2.0.94-7.el6 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package                  Arch          Version               Repository   Size
================================================================================
Installing:
 libselinux-python        x86_64        2.0.94-7.el6          base        203 k
Updatingfor dependencies:
 libselinux               x86_64        2.0.94-7.el6          base        109 k
 libselinux-utils       x86_64        2.0.94-7.el6          base         82 k

Transaction Summary
================================================================================
Install       1 Package(s)
Upgrade       2 Package(s)

Total download size: 394 k
Downloading Packages:
--------------------------------------------------------------------------------
Total                                            70 kB/s | 394 kB     00:05     
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction

  Updating   : libselinux-2.0.94-7.el6.x86_64                               1/5 

  Installing : libselinux-python-2.0.94-7.el6.x86_64                        2/5 

  Updating   : libselinux-utils-2.0.94-7.el6.x86_64                   3/5 

  Cleanup    : libselinux-utils-2.0.94-5.3.el6_4.1.x86_64                   4/5 

  Cleanup    : libselinux-2.0.94-5.3.el6_4.1.x86_64                         5/5 

  Verifying  : libselinux-python-2.0.94-7.el6.x86_64                        1/5 

  Verifying  : libselinux-utils-2.0.94-7.el6.x86_64                         2/5 

  Verifying  : libselinux-2.0.94-7.el6.x86_64                               3/5 

  Verifying  : libselinux-2.0.94-5.3.el6_4.1.x86_64                         4/5 

  Verifying  : libselinux-utils-2.0.94-5.3.el6_4.1.x86_64            5/5 

Installed:
  libselinux-python.x86_64 0:2.0.94-7.el6                                       

Dependency Updated:
  libselinux.x86_64 0:2.0.94-7.el6    libselinux-utils.x86_64 0:2.0.94-7.el6   

Complete!
"
    ]
}

6. service 模块

[root@temp01 ~]# ansible all -m service -a 'name=sshd state=restarted'  #state属性有running,started,stopped,restarted,reloaded
192.168.3.60 | SUCCESS => {
    "changed": true,
    "name": "sshd",
    "state": "started"
}
192.168.3.70 | SUCCESS => {
    "changed": true,
    "name": "sshd",
    "state": "started"
}

7. yum模块还是介绍下

[root@temp01 ~]# ansible all -m yum -a 'name=ntp state=present'    #state属性有absent,present,installed,removed,latest
192.168.3.70 | SUCCESS => {
    "changed": false,
    "msg": "",
    "rc": 0,
    "results": [
        "ntp-4.2.6p5-1.el6.centos.x86_64 providing ntp is already installed"
    ]
}
192.168.3.60 | SUCCESS => {
    "changed": false,
    "msg": "",
    "rc": 0,
    "results": [
        "ntp-4.2.6p5-1.el6.centos.x86_64 providing ntp is already installed"
    ]
}

8. script模块 远程执行脚本

[root@temp01 ~]# cat ansible.sh              #脚本内容
#!/bin/bash
echo "Hello world" >>/root/ansible.log
[root@temp01 ~]# ansible all -m script -a 'ansible.sh'
192.168.3.70 | SUCCESS => {
    "changed": true,
    "rc": 0,
    "stderr": "",
    "stdout": "",
    "stdout_lines": []
}
192.168.3.60 | SUCCESS => {
    "changed": true,
    "rc": 0,
    "stderr": "",
    "stdout": "",
    "stdout_lines": []
}

[root@example_02 ~]# pwd          #跳转到客户端验证
/root
[root@example_02 ~]# cat ansible.log
Hello world

9. 忘了一个重要的模块shell模块

shell 模块与command模块区别 ,shell支持管道符和变更,下面这个例子说明问题

[root@temp01 ~]# ansible all -m mommand -a 'cat /etc/passwd | grep root'
ERROR! this task 'mommand' has extra params, which is only allowed in the following modules: command, win_command, shell, win_shell, script, include, include_vars, add_host, group_by, set_fact, raw, meta
[root@temp01 ~]# ansible all -m shell -a 'cat /etc/passwd | grep root'
192.168.3.70 | SUCCESS | rc=0 >>
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin

192.168.3.60 | SUCCESS | rc=0 >>
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin

10. file模块  

(1)修改文件属性

[root@temp01 ~]# ansible all -m file -a 'path=/root/ansible.log owner=root mode=777 group=root'      #修改文件属性
192.168.3.60 | SUCCESS => {
    "changed": true,
    "gid": 0,
    "group": "root",
    "mode": "0777",
    "owner": "root",
    "path": "/root/ansible.log",
    "secontext": "unconfined_u:object_r:admin_home_t:s0",
    "size": 12,
    "state": "file",
    "uid": 0
}
192.168.3.70 | SUCCESS => {
    "changed": true,
    "gid": 0,
    "group": "root",
    "mode": "0777",
    "owner": "root",
    "path": "/root/ansible.log",
    "secontext": "unconfined_u:object_r:admin_home_t:s0",
    "size": 12,
    "state": "file",
    "uid": 0
}

(2)新建目录:类 mkdir -p

[root@temp01 ~]# ansible all -m file -a 'dest=/root/1/2/3/4/ mode=755 owner=root group=root state=directory'
192.168.3.60 | SUCCESS => {
    "changed": true,
    "gid": 0,
    "group": "root",
    "mode": "0755",
    "owner": "root",
    "path": "/root/1/2/3/4/",
    "secontext": "unconfined_u:object_r:admin_home_t:s0",
    "size": 4096,
    "state": "directory",
    "uid": 0
}
192.168.3.70 | SUCCESS => {
    "changed": true,
    "gid": 0,
    "group": "root",
    "mode": "0755",
    "owner": "root",
    "path": "/root/1/2/3/4/",
    "secontext": "unconfined_u:object_r:admin_home_t:s0",
    "size": 4096,
    "state": "directory",
    "uid": 0
}


[root@example_02 ~]# ll
total 48
-rw-------. 1 root root  1106 Jul 11 05:26 anaconda-ks.cfg
-rwxrwxrwx. 1 root root    12 Dec 30 02:53 ansible.log
-rw-------. 1 root root  1052 Dec 30 01:09 hosts
-rw-r--r--. 1 root root 23089 Jul 11 05:26 install.log
-rw-r--r--. 1 root root  6240 Jul 11 05:24 install.log.syslog
[root@example_02 ~]# cd 1/2/3/4/                        #转到客户端验证
You have new mail in /var/spool/mail/root
[root@example_02 4]# pwd
/root/1/2/3/4

(3)删除目录文件

[root@temp01 ~]# ansible all -m file -a 'dest=/root/1/2/3/4/  state=absent'
192.168.3.60 | SUCCESS => {
    "changed": true,
    "path": "/root/1/2/3/4/",
    "state": "absent"
}
192.168.3.70 | SUCCESS => {
    "changed": true,
    "path": "/root/1/2/3/4/",
    "state": "absent"
}

[root@example_02 ~]# cd 1/2/3/4            #跳转验证
-bash: cd: 1/2/3/4: No such file or directory
[root@example_02 ~]#

标签:#ansible#root权限#命令模式#centos | 浏览:155 | 发布日期:

免责声明:文章转载自《ansible 基本命令学习与踩坑》仅用于学习参考。如对内容有疑问,请及时联系本站处理。

上篇Unity3D之使用ITween制作自动漫游超简单浅析Uint8Array语法及常见使用、Uint8Array.slice与Uint8Array.subarray区别(是否指向同一个内存空间)、new Uint8Array(typedArray)构造函数对typedArray的引用问题(保持同一个引用)、Uint8Array与String互相转换下篇

宿迁高防,2C2G15M,22元/月;香港BGP,2C5G5M,25元/月 雨云优惠码:MjYwNzM=

相关文章

Centos 开启telnet-service服务

Centos 开启telnet-service服务 1. 查看linux版本信息: [loong@localhost ~]$ cat /etc/issue CentOS release 5.8 (Final) Kernel on an m 2. 查看系统是否已安装telnet-server,linux系统上默认已经安装telnet-client(或t...

KVM虚拟化环境准备

1. 概述2. 环境准备2.1 硬件环境2.2 软件环境2.2.1 YUM安装软件包2.2.2 环境检查2.2.3 启动libvirtd服务2.3 网络环境2.3.1 复制网卡配置文件2.3.2 修改网卡配置文件2.3.4 重启网络服务2.3.5 查看验证 1. 概述 本系列博客是想在VMware workstation创建的虚拟机console中...

Docker安装及基本使用方法

Docker安装 CentOS6上安装Docker # yum -y install epel-release # yum -y install docker-io CentOS7上安装Docker # yum -y install docker 启动Docker # /etc/init.d/docker start 如果启动后无进程,日志中出现: /us...

Linux常用性能检测命令

Linux常用性能检测命令、uptime、top、iostat、Vmstat、pstree、Numastat、sar、free、Pmap、Strace、ulimit 一、uptimeUptime命令的显示结果包括服务器已经运行了多长时间,有多少登陆用户和对服务器性能的总体评估(load average)。load average值分别记录了上个1分钟,5分...

CentOS ISO版本区别

  CentOS6CentOS7 bin-DVD.isobin-DVD.iso系统标准安装包bin DVD本身包含了软件,不需要依赖于网络经行安装。 bin-DVD2.iso (num:2)Everything-1511.iso(num:3)对完整版安装盘的软件进行补充,集成所有软件。 LiveDVD.iso(num:4)这是CentOS实时映像,旨在刻录...

GPG(pgp)加解密

一、介绍 我们都知道,互联网是不安全的,但其上所使用的大部分应用,如Web、Email等一般都只提供明文传输方式(用https、smtps等例外)。所以,当我们需要传输重要文件时,应该对当中的信息加密。非对称密码系统是其中一种常见的加密手段。而在基于PGP方式加密的中文介绍少之又少,所以萌生了写一个完整教程的想法,当然本文部分资料是我搜遍网络整理出来的,并...

最新文章

随机推荐

思享工具箱导航