8.19-ansible中模块的使用+playbook的应用
一、ansible1.scripts模块
script模块⽤于在长途机器上执⾏本地脚本。
# vim test000.sh
#!/bin/bash
mkdir /tmp/three
touch /tmp/three/test
echo 'i am echo,at mttt' > /tmp/three/test
echo 'well done'
# source test000.sh
well done
# ansible group02 -m script -a './test000.sh'
# 验证
# ls /tmp/
111 three
a.txt xxx
a.txt.4331.2024-08-16@17:23:26~ xxx2
systemd-private-18e460b4dc5b47458e28ad6b292e1a98-chronyd.service-ZPvmft 2.用ansible搭建nfs服务
# ansible group02 -m file -a 'path=/static state=directory'
# ansible group02 -m file -a 'path=/static/test state=touch'
# ansible group02 -m command -a 'yum -y install nfs-utils'
# rpm -qa | grep nfs
libnfsidmap-0.25-19.el7.x86_64
nfs-utils-1.3.0-0.68.el7.2.x86_64
# ansible group02 -m yum -a 'name=rpcbind state=latest'
# rpm -qa | grep rpcbind
rpcbind-0.2.0-49.el7.x86_64
# vim /etc/exports
/static *(ro,rsync)
# ansible group02 -m copy -a 'src=/etc/exports dest=/etc/exports'
# ansible group02 -m service -a 'name=rpcbind state=started enabled=yes'
# ansible group02 -m service -a 'name=nfs state=started enabled=yes'
# yum -y install nfs-utils
# mkdir /nfs
# mount -t nfs 192.168.2.112:/static /nfs/
# mount -t nfs 192.168.2.111:/static /nfs/
# mount -t nfs 192.168.2.110:/static /nfs/
mount.nfs: Operation not permitted
# df -h
文件系统 容量已用可用 已用% 挂载点
/dev/mapper/centos-root 17G 4.3G 13G 26% /
devtmpfs 476M 0476M 0% /dev
tmpfs 488M 0488M 0% /dev/shm
tmpfs 488M 7.7M480M 2% /run
tmpfs 488M 0488M 0% /sys/fs/cgroup
/dev/sr0 8.8G 8.8G 0 100% /mnt
/dev/sda1 1014M130M885M 13% /boot
tmpfs 98M 0 98M 0% /run/user/0
192.168.2.110:/static 17G 2.1G 15G 13% /nfs
192.168.2.112:/static 17G 2.1G 15G 13% /nfs
192.168.2.111:/static 17G 2.1G 15G 13% /nfs
# ls /static/
test
# ls /static/
test
# ls /static/
test
二、playbook
playbook剧本是生存在控制机的yml文件
1.Playbook常⻅语法
hosts: ⽤于指定要执⾏使命的主机,其可以是⼀个或多个由冒号分隔主机组。
remote_user: ⽤于指定长途主机上的执⾏使命的⽤户 。
- hosts: group1
remote_user: root tasks: 使命列表, 按顺序执⾏使命.
如果⼀个host执⾏task失败, 整个tasks都会回滚, 修正playbook中的错误, 然后重新执⾏即可
tasks:
- name: ensure apache is at the latest version
yum: name=httpd,httpd-devel state=latest
- name: write the apache config file
copy: src=/etc/httpd/conf/httpd.conf
dest=/etc/httpd/conf/httpd.conf handlers: 类似task,但必要使⽤notify关照调⽤。
不管有多少个关照者进⾏了notify,等到play中的全部task执⾏完 成之后,handlers也只会被执⾏⼀次。
handlers最佳的应⽤场景是⽤来重启服务,或者触发体系重启操纵,除此以外很少⽤到了。
notify:
- restart apache
- name: ensure apache is running (and enable it at boot)
service: name=httpd state=started enabled=yes
handlers:
- name: restart apache
service: name=httpd state=restarted
2.用剧本安装vsftpd
# vim test001.yml
---
- hosts: group02
remote_user:root
tasks:
- name: 安装vsftpd
yum: name=vsftpd state=latest
# ansible-playbook ./test001.yml
PLAY *********************************************************************
TASK *************************************************************
ok:
ok:
ok:
TASK [安装vsftpd] ********************************************************************
ok:
ok:
ok:
PLAY RECAP *************************************************************************
192.168.2.110 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.2.111 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
other : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
3.用剧本卸载和安装vsftpd,且启动服务
# vim test001.yml
---
- hosts: group02
remote_user:root
tasks:
- name: 卸载vsftpd
yum: name=vsftpd state=absent
- name: 安装vsftpd
yum: name=vsftpd state=latest
- name: 启动服务
service: name=vsftpd state=started enabled=yes
# ansible-playbook ./test001.yml
PLAY *********************************************************************
TASK *************************************************************
ok:
ok:
ok:
TASK [卸载vsftpd] ********************************************************************
changed:
changed:
changed:
TASK [安装vsftpd] ********************************************************************
changed:
changed:
changed:
TASK [启动服务] ************************************************************************
changed:
changed:
changed:
PLAY RECAP *************************************************************************
192.168.2.110 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.2.111 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
other : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
4.用剧本修改vsftpd文件,不允许匿名访问
修改配置文件后,要重新启动服务
# 可以访问到数据
# lftp 192.168.2.110
lftp 192.168.2.110:~> ls
drwxr-xr-x 2 0 0 6 Jun 09 2021 pub
lftp 192.168.2.110:/> exit
# lftp 192.168.2.111
lftp 192.168.2.111:~> ls
drwxr-xr-x 2 0 0 6 Jun 09 2021 pub
lftp 192.168.2.111:/> exit
# 修改配置文件,不允许匿名用户登录
# vim test001.yml
---
- hosts: group02
remote_user:root
tasks:
- name: 卸载vsftpd
yum: name=vsftpd state=absent
- name: 安装vsftpd
yum: name=vsftpd state=latest
- name: 启动服务
service: name=vsftpd state=started enabled=yes
- name: 修改配置文件
command: sed -i '/^anonymous_enable=YES/s/YES/NO/g' /etc/vsftpd/vsftpd.conf
notify:
- abcdefg
handlers:
- name: abcdefg
service: name=vsftpd state=restarted
# ansible-playbook ./test001.yml
PLAY *********************************************************************
TASK *************************************************************
ok:
ok:
ok:
TASK [卸载vsftpd] ********************************************************************
changed:
changed:
changed:
TASK [安装vsftpd] ********************************************************************
changed:
changed:
changed:
TASK [启动服务] ************************************************************************
changed:
changed:
changed:
TASK [修改配置文件] **********************************************************************
: Consider using the replace, lineinfile or template module rather than
running 'sed'.If you need to use command because replace, lineinfile or template
is insufficient you can add 'warn: false' to this command task or set
'command_warnings=False' in ansible.cfg to get rid of this message.
changed:
changed:
changed:
RUNNING HANDLER **********************************************************
changed:
changed:
changed:
PLAY RECAP *************************************************************************
192.168.2.110 : ok=6 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.2.111 : ok=6 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
other : ok=6 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
# 访问不到数据了
# vim test001.yml
# lftp 192.168.2.111
lftp 192.168.2.111:~> ls
5.剧本的格式:
---
-hosts: 组名/别名/ip/域名
remote_user: root
tasks:
- name: 任务说明
模块: key0=value0
service: name=vfstpd state=startedenabled=yes
- name:修改配置文件
command: sed ....
notify:
-abcdefg
handler:
- name: abcdefg
service: name=vfstpd state=restarted 6.将httpd的端标语80改为8080
# vim test002.yml
---
- hosts: group01
remote_user: root
tasks:
- name: 将控制主机的repo文件复制到被控制主机
copy: src=/etc/yum.repos.d dest=/etc/
- name: 安装httpd
yum: name=httpd state=present
- name: 修改配置文件
command: sed -i '/^Listen/s/80/8080/g' /etc/httpd/conf/httpd.conf
- name: 修改默认的资源文件
command: echo 'xxxxxxx' > /var/www/html/index.html
- name: 启动httpd服务
service: name=httpd state=started
# ansible-playbook ./test002.yml
PLAY *********************************************************************
TASK *************************************************************
ok:
ok:
TASK [将控制主机的repo文件复制到被控制主机] ********************************************************
ok:
ok:
TASK [安装httpd] *********************************************************************
changed:
changed:
TASK [修改配置文件] **********************************************************************
: Consider using the replace, lineinfile or template module rather than
running 'sed'.If you need to use command because replace, lineinfile or template
is insufficient you can add 'warn: false' to this command task or set
'command_warnings=False' in ansible.cfg to get rid of this message.
changed:
changed:
TASK [修改默认的资源文件] *******************************************************************
changed:
changed:
TASK [启动httpd服务] *******************************************************************
changed:
changed:
PLAY RECAP *************************************************************************
192.168.2.110 : ok=6 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.2.111 : ok=6 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
7.使用剧本在不同主机上同时创建不同的文件
# vim /etc/ansible/hosts
s0 ansible_ssh_host=192.168.2.110 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass=1
s1 ansible_ssh_host=192.168.2.111 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass=1
s2 ansible_ssh_host=192.168.2.112 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass=1
s0
s1
s2
---
- hosts: s1
remote_user: root
tasks:
- name: 创建一个文件
file: path=/tmp/xxxxxx.txt state=touch
- hosts: s2
remote_user: root
tasks:
- name: 也创建一个文件
file: path=/tmp/yyyyy.txt state=touch
...
# ansible-playbook ./test003.yml
PLAY **************************************************************************
TASK *************************************************************
ok:
TASK [创建一个文件] **********************************************************************
changed:
PLAY **************************************************************************
TASK *************************************************************
ok:
TASK [也创建一个文件] *********************************************************************
changed:
PLAY RECAP *************************************************************************
s1 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
s2 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 8.使用剧本搭建nfs服务
s1为nfs的服务器
s2为nfs的客户端
# vim test004.yml
---
- hosts: s1
remote_user: root
tasks:
- name: 按装nfs-utils
yum: name=nfs-utils state=present
- name: 安装rpcbind
yum: name=rpcbind state=present
- name: 创建共享目录
file: path=/static state=directory
- name: 配置文件
shell: echo '/static *(ro,sync)' > /etc/exports
- name: 启动服务nfs
service: name=nfs state=started enabled=yes
- name: 启动服务rpcbind
service: name=rpcbind state=started enabled=yes
- hosts: s2
remote_user: root
tasks:
- name: 安装nfs-utils
yum: name=nfs-utils state=latest
- name: 创建挂载目录
file: path=/nfs state=directory
- name: 挂载nfs文件
command:mount -t nfs 192.168.2.111:/static /nfs
...
# 验证
# df -h
文件系统 容量已用可用 已用% 挂载点
/dev/mapper/centos-root 17G 2.1G 15G 13% /
devtmpfs 476M 0476M 0% /dev
tmpfs 488M 0488M 0% /dev/shm
tmpfs 488M 7.7M480M 2% /run
tmpfs 488M 0488M 0% /sys/fs/cgroup
/dev/sda1 1014M130M885M 13% /boot
/dev/sr0 8.8G 8.8G 0 100% /mnt
tmpfs 98M 0 98M 0% /run/user/0
192.168.2.111:/static 17G 2.1G 15G 13% /nfs
# touch /static/haha
# ls /nfs
hahatest
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。
页:
[1]