Ansible-常用模块

1.ansible实现管理的方式
Ad-Hoc            ##利用ansible命令直接完成管理,主要用于临时命令使用场景
playbook          ##ansible脚本,主要用于大型项目场景,需要前期的规划

2.Ad-Hoc执行方式中如何获得帮助
ansible-doc      ##显示模块帮助的指令
2.1 格式
ansible-doc [参数] [模块...]
2.2 常用参数
-l            ##列出可用模块
-s           ##显示指定模块的playbook片段

[root@ansible ~]# ansible-doc -l | wc -l
3387
[root@ansible ~]# ansible-doc -s shell
- name: Execute shell commands on targets
  shell:
      chdir:                 # Change into this directory before running the command.
      cmd:                   # The command to run followed by optional arguments.
      creates:               # A filename, when it already exists, this step will *not* be run.
      executable:            # Change the shell used to execute the command. This expects an absolute path to the executable.
      free_form:             # The shell module takes a free form command to run, as a string. There is no actual parameter named 'free form'. See
                               the examples on how to use this module.
      removes:               # A filename, when it does not exist, this step will *not* be run.
      stdin:                 # Set the stdin of the command directly to the specified value.
      stdin_add_newline:     # Whether to append a newline to stdin data.
      warn:                  # Whether to enable task warnings.
[root@ansible ~]# 

3.ansible命令运行方式及常用参数
3.1 格式:
ansible 清单    -m 模块   -a 模块参数

3.2 常用参数

--version                  ##显示版本
-m module                  ##指定模块,默认为command模块
--list                     ##显示主机列表,也可以用--list-hosts
-v                         ##详细过程 -vv -vvv更详细过程
-k                         ##提示输入ssh连接密码,默认key认证
-C                         ##预执行检测
-T                         ##执行命令的超时时间,默认10s#
-u                         ##指定远程执行的用户
-b                         ##执行sudo切换身份操作
-become-user=USERNAME      ##指定sudo的用户
-K                         ##提示输入sudo密码                     

4.ansible的基本颜色代表信
绿色         ##执行成功但为对远程主机做任何改变
黄色         ##执行成功并对远程主机做改变
红色         ##执行失败

5.ansible中的常用模块

5.1 command

注意：Linux中的很多通配符在command模块中不支持

功能: 在远程主机执行命令,此模块为默认模块

常用参数:

在westos清单主机中建立用户lee
[admin@ansible .ansible]$ ansible westos -m command -a "useradd lee" -u root -k
SSH password: 
172.25.32.12 | CHANGED | rc=0 >>
 
172.25.32.11 | CHANGED | rc=0 >>
 
在westos清单主机中删除用户lee
[admin@ansible .ansible]$ ansible westos -m command -a "userdel lee" -u root -k
SSH password: 
172.25.32.12 | CHANGED | rc=0 >>
 
172.25.32.11 | CHANGED | rc=0 >>
 
查看westos清单主机中/etc/passwd/的最后一行
[admin@ansible .ansible]$ ansible westos -m command -a "chdir=/etc tail -n1 passwd" -u root -k
SSH password: 
172.25.32.12 | CHANGED | rc=0 >>
admin:x:1000:1000::/home/admin:/bin/bash
172.25.32.11 | CHANGED | rc=0 >>
admin:x:1000:1000::/home/admin:/bin/bash
 
在westos清单主机中如果/etc/passwd存在的话就不运行tail命令，如果不文件存在就运行tail
[admin@ansible .ansible]$ ansible westos -m command -a "chdir=/etc creates=/etc/passwd tail -n1 passwd" -u root -k
SSH password: 
172.25.32.12 | SUCCESS | rc=0 >>
skipped, since /etc/passwd exists
172.25.32.11 | SUCCESS | rc=0 >>
skipped, since /etc/passwd exists
 
在westos清单主机中如果/etc/passwd存在的话就运行tail命令，如果文件不存在就不运行tail
[admin@ansible .ansible]$ ansible westos -m command -a "chdir=/etc removes=/etc/passwd tail -n1 passwd" -u root -k
SSH password: 
172.25.32.12 | CHANGED | rc=0 >>
admin:x:1000:1000::/home/admin:/bin/bash
172.25.32.11 | CHANGED | rc=0 >>
admin:x:1000:1000::/home/admin:/bin/bash

5.2 shell

功能: 和command功能类似

常用参数:

指定执行环境为/bin/bash，默认为sh
[admin@ansible .ansible]$ ansible westos -m shell -a "executable=sh ps ax | grep $$ " -k
SSH password: 
172.25.32.11 | CHANGED | rc=0 >>
 4628 pts/1    S+     0:00 sh -c ps ax | grep 3496 
 4630 pts/1    S+     0:00 grep 3496
172.25.32.12 | CHANGED | rc=0 >>
 4656 pts/1    S+     0:00 sh -c ps ax | grep 3496 
 4658 pts/1    S+     0:00 grep 3496
 
查看当前目录所在的进程
[admin@ansible .ansible]$ ansible westos -m shell -a ' ps ax | grep $$'
172.25.32.12 | CHANGED | rc=0 >>
 4765 pts/1    S+     0:00 /bin/sh -c ps ax | grep $$
 4767 pts/1    S+     0:00 grep 4765
172.25.32.11 | CHANGED | rc=0 >>
 4737 pts/1    S+     0:00 /bin/sh -c ps ax | grep $$
 4739 pts/1    S+     0:00 grep 4737
 
查看当前正在运行的进程
[admin@ansible .ansible]$ ansible westos -m shell -a 'ps'
172.25.32.12 | CHANGED | rc=0 >>
  PID TTY          TIME CMD
 4864 pts/1    00:00:00 sudo
 4865 pts/1    00:00:00 sh
 4866 pts/1    00:00:00 python
 4867 pts/1    00:00:00 ps
172.25.32.11 | CHANGED | rc=0 >>
  PID TTY          TIME CMD
 4835 pts/1    00:00:00 sudo
 4836 pts/1    00:00:00 sh
 4837 pts/1    00:00:00 python
 4838 pts/1    00:00:00 ps

5.3 script

功能: 在ansible主机中写好的脚本在受控主机中执行

[admin@ansible .ansible]$ exit   ##回到超级用户中
logout
[root@ansible ~]# vim /mnt/westos.sh
[root@ansible ~]# cat /mnt/westos.sh
#!/bin/bash
echo $HOSTNAME
[root@ansible ~]# ansible westos -m script -a "/mnt/westos.sh" -k
SSH password: 
172.25.32.12 | CHANGED => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 172.25.32.12 closed.\r\n", 
    "stderr_lines": [
        "Shared connection to 172.25.32.12 closed."
    ], 
    "stdout": "node2\r\n", 
    "stdout_lines": [
        "node2"
    ]
}
172.25.32.11 | CHANGED => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 172.25.32.11 closed.\r\n", 
    "stderr_lines": [
        "Shared connection to 172.25.32.11 closed."
    ], 
    "stdout": "node1\r\n", 
    "stdout_lines": [
        "node1"
    ]
}

5.4 copy

功能：从ansible主机复制文件到受控主机

常用参数

将/mnt/westos.sh/复制到westos清单被控主机的/mnt/中，当被控主机中存在westos.sh时备份原文件,文件所有人为admin，权限为777
[admin@ansible .ansible]$ ansible westos -m copy -a "src=/mnt/westos.sh dest=/mnt/westos.sh owner=admin mode=777 backup=yes"
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "25a5e82036293f48d4a117c91855a16c2d36e0de", 
    "dest": "/mnt/westos.sh", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "2b9854338cd858ad0f86eb55423c3f03", 
    "mode": "0777", 
    "owner": "admin", 
    "size": 27, 
    "src": "/home/admin/.ansible/tmp/ansible-tmp-1659037428.57-4624-78249132552260/source", 
    "state": "file", 
    "uid": 1000
}
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "25a5e82036293f48d4a117c91855a16c2d36e0de", 
    "dest": "/mnt/westos.sh", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "2b9854338cd858ad0f86eb55423c3f03", 
    "mode": "0777", 
    "owner": "admin", 
    "size": 27, 
    "src": "/home/admin/.ansible/tmp/ansible-tmp-1659037428.58-4626-250519756246854/source", 
    "state": "file", 
    "uid": 1000
}

在westos清单被控主机的/mnt/目录下生成文件westosfile1,文件内容为hello westos/hello linux，文件所有人为admin，权限为777
[admin@ansible .ansible]$ ansible westos -m copy -a "content='hello westos\nhello linux\n' dest=/mnt/westosfile1 owner=admin mode=600"
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "7edbc023b406807d55423480b2bfd908870d5919", 
    "dest": "/mnt/westosfile1", 
    "gid": 0, 
    "group": "root", 
    "mode": "0600", 
    "owner": "admin", 
    "path": "/mnt/westosfile1", 
    "size": 25, 
    "state": "file", 
    "uid": 1000
}
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "7edbc023b406807d55423480b2bfd908870d5919", 
    "dest": "/mnt/westosfile1", 
    "gid": 0, 
    "group": "root", 
    "mode": "0600", 
    "owner": "admin", 
    "path": "/mnt/westosfile1", 
    "size": 25, 
    "state": "file", 
    "uid": 1000
}

查看westos清单被控主机的/mnt/目录
[admin@ansible .ansible]$ ansible westos -m shell -a "ls /mnt"
172.25.32.11 | CHANGED | rc=0 >>
westos.sh
westosfile1
172.25.32.12 | CHANGED | rc=0 >>
westos.sh
westosfile1
[admin@ansible .ansible]$ ansible westos -m shell -a "cat /mnt/westosfile1"
172.25.32.11 | CHANGED | rc=0 >>
hello westos
hello linux
172.25.32.12 | CHANGED | rc=0 >>
hello westos
hello linux

5.5 fetch

功能:  从受控主机把文件复制到ansible主机,但不支持目录

常用参数

将受控主机/mnt/westosfile1复制到主机的/mnt/目录下
[root@ansible mnt]#  ansible 172.25.32.11 -m fetch -a "src=/mnt/westosfile1 dest=/mnt" -k
SSH password: 
172.25.32.11 | CHANGED => {
    "changed": true, 
    "checksum": "7edbc023b406807d55423480b2bfd908870d5919", 
    "dest": "/mnt/172.25.32.11/mnt/westosfile1", 
    "md5sum": "e79f6eb05e162f95e496e8d4d8a24275", 
    "remote_checksum": "7edbc023b406807d55423480b2bfd908870d5919", 
    "remote_md5sum": null
}

将受控主机复制到主机文件名字改为file
[root@ansible mnt]#  ansible 172.25.32.11 -m fetch -a "src=/mnt/westosfile1 dest=/mnt/file flat=yes" -k
SSH password: 
172.25.32.11 | CHANGED => {
    "changed": true, 
    "checksum": "7edbc023b406807d55423480b2bfd908870d5919", 
    "dest": "/mnt/file", 
    "md5sum": "e79f6eb05e162f95e496e8d4d8a24275", 
    "remote_checksum": "7edbc023b406807d55423480b2bfd908870d5919", 
    "remote_md5sum": null
}

5.6 file

功能： 设置文件的属性

常用参数

建立文件
[admin@ansible .ansible]$ ansible westos -m file -a 'path=/mnt/test.sh state=touch'
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/mnt/test.sh", 
    "gid": 0, 
    "group": "root", 
    "mode": "0644", 
    "owner": "root", 
    "size": 0, 
    "state": "file", 
    "uid": 0
}
 
删除文件
[admin@ansible .ansible]$ ansible westos -m file -a 'path=/mnt/test.sh state=absent'
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "path": "/mnt/test.sh", 
    "state": "absent"
}
 
建立目录
[admin@ansible .ansible]$ ansible westos -m file -a 'path=/mnt/westos state=directory'
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0755", 
    "owner": "root", 
    "path": "/mnt/westos", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}
 
递归修改目录权限
[admin@ansible .ansible]$ ansible westos -m file -a 'path=/mnt/westos state=directory mode=777 recurse=yes'
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 0, 
    "group": "root", 
    "mode": "0777", 
    "owner": "root", 
    "path": "/mnt/westos", 
    "size": 6, 
    "state": "directory", 
    "uid": 0
}
 
生成软链接
[admin@ansible .ansible]$ ansible westos -m file -a 'src=/mnt/westosfile1 dest=/mnt/westos state=link'
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/mnt/westos", 
    "gid": 0, 
    "group": "root", 
    "mode": "0777", 
    "owner": "root", 
    "size": 16, 
    "src": "/mnt/westosfile1", 
    "state": "link", 
    "uid": 0
}
 
生成硬连接
[admin@ansible .ansible]$ ansible westos -m file -a 'src=/mnt/westosfile1 dest=/mnt/westos1 state=hard'
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/mnt/westos1", 
    "gid": 0, 
    "group": "root", 
    "mode": "0600", 
    "owner": "admin", 
    "size": 25, 
    "src": "/mnt/westosfile1", 
    "state": "hard", 
    "uid": 1000
}
 
建立文件时设置权限及所有人，所有组
[admin@ansible .ansible]$ ansible westos -m file -a 'path=/mnt/file state=touch owner=admin group=admin mode=777'
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/mnt/file", 
    "gid": 1000, 
    "group": "admin", 
    "mode": "0777", 
    "owner": "admin", 
    "size": 0, 
    "state": "file", 
    "uid": 1000
}

5.7 archive

作用: 压缩

常用参数

[admin@ansible .ansible]$ ansible all -m archive -a 'path=/etc dest=/opt/etc.tar.gz format=gz owner=admin mode=700' -k
SSH password: 
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "archived": [
        "/etc/fstab", 
        "/etc/crypttab", 
        "/etc/mtab", 
        "/etc/resolv.conf", 
        "/etc/my.cnf", 
        "/etc/issue", 
        "/etc/issue.net", 
        "/etc/libuser.conf", 
........

5.8 unarchive

功能：解压缩

常用参数

ansible westos -m unarchive -a 'src=/opt/etc.tar.gz dest=/mnt owner=admin'  #把主控机中/opt/etc.tar.gz解压到受控机/mnt里，解压后所有人是admin
把受控机中/opt/etc.tar.gz解压到受控机/mnt里,copy=no等同于remote_src=yes
[admin@ansible .ansible]$ ansible westos -m unarchive -a "src=/opt/etc.tar.gz dest=/mnt copy=no"
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/mnt", 
    "extract_results": {
        "cmd": [
            "/bin/gtar", 
            "--extract", 
            "-C", 
            "/mnt", 
            "-z", 
            "-f", 
            "/opt/etc.tar.gz"
        ], 
        "err": "", 
        "out": "", 
        "rc": 0
    }, 
    "gid": 0, 
    "group": "root", 
    "handler": "TgzArchive", 
    "mode": "0755", 
    "owner": "root", 
    "size": 112, 
    "src": "/opt/etc.tar.gz", 
    "state": "directory", 
    "uid": 0
}

5.9 hostname

作用: 管理主机名称

常用参数：name        ##指定主机名称

[admin@ansible .ansible]$ ansible 172.25.32.11 -m hostname -a 'name=www.westos.org'
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "ansible_domain": "westos.org", 
        "ansible_fqdn": "www.westos.org", 
        "ansible_hostname": "www", 
        "ansible_nodename": "www.westos.org", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "www.westos.org"
}

5.10 cron

作用：计划任务

常用参数

在11:11分的时候在/mnt目录建立linux文件
[admin@ansible .ansible]$ ansible westos -m cron -a 'job="touch /mnt/linux" name=test minute=11 hour=11 '  
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "test"
    ]
}
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "test"
    ]
}
 
禁止执行这个11:11分的时候在/mnt目录建立linux文件的任务
[admin@ansible .ansible]$ ansible westos -m cron -a 'job="touch /mnt/westosfile" name=test minute=11 hour=11 disabled=yes'  
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "test"
    ]
}
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
 
删除这个11:11分的时候在/mnt目录建立linux文件的任务
[admin@ansible .ansible]$ ansible westos -m cron -a 'job="touch /mnt/linux" name=test minute=11 hour=11 state=absent'  
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": []
}
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": []
}
 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "test"
    ]
}
 

5.11 yum_repository

作用：配置系统软件仓库源文件

建立软件仓库源
[admin@ansible .ansible]$ ansible westos -m yum_repository -a "name=AppStream baseurl=http://172.25.32.250/rhel7.6/AppStream description=AppStream gpgcheck=no file=westos" -k
SSH password: 
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "repo": "AppStream", 
    "state": "present"
}
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "repo": "AppStream", 
    "state": "present"
}
删除建立的软件仓库源
[admin@ansible .ansible]$ ansible westos -m yum_repository -a "name=AppStream file=westos_test state=absent" -k
SSH password: 
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "repo": "AppStream", 
    "state": "absent"
}
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "repo": "AppStream", 
    "state": "absent"
}
 

5.11 yum

作用： 管理系统中的dnf仓库及管理软件

给被控机安装httpd服务
[admin@ansible .ansible]$ ansible westos -m yum -a "name=httpd state=present"
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "changes": {
        "installed": [
            "httpd"
        ]
    }, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "Loaded plugins: product-id, search-disabled-repos, subscription-manager\nThis system is not registered with an entitlement server. You can use subscription-manager to register.\nResolving Dependencies\n--> Running transaction check\n---> Package httpd.x86_64 0:2.4.6-88.el7 will be installed\n--> Processing Dependency: httpd-tools = 2.4.6-88.el7 for package: httpd-2.4.6-88.el7.x86_64\n--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-88.el7.x86_64\n--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-88.el7.x86_64\n--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-88.el7.x86_64\n--> Running transaction check\n---> Package apr.x86_64 0:1.4.8-3.el7_4.1 will be installed\n---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed\n---> Package httpd-tools.x86_64 0:2.4.6-88.el7 will be installed\n---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package            Arch          Version                Repository        Size\n================================================================================\nInstalling:\n httpd              x86_64        2.4.6-88.el7           AppStream        1.2 M\nInstalling for dependencies:\n apr                x86_64        1.4.8-3.el7_4.1        AppStream        103 k\n apr-util           x86_64        1.5.2-6.el7            AppStream         92 k\n httpd-tools        x86_64        2.4.6-88.el7           AppStream         90 k\n mailcap            noarch        2.1.41-2.el7           AppStream         31 k\n\nTransaction Summary\n================================================================================\nInstall  1 Package (+4 Dependent packages)\n\nTotal download size: 1.5 M\nInstalled size: 4.3 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal                                               33 MB/s | 1.5 MB  00:00     \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n  Installing : apr-1.4.8-3.el7_4.1.x86_64                                   1/5 \n  Installing : apr-util-1.5.2-6.el7.x86_64                                  2/5 \n  Installing : httpd-tools-2.4.6-88.el7.x86_64                              3/5 \n  Installing : mailcap-2.1.41-2.el7.noarch                                  4/5 \n  Installing : httpd-2.4.6-88.el7.x86_64                                    5/5 \n  Verifying  : mailcap-2.1.41-2.el7.noarch                                  1/5 \n  Verifying  : httpd-2.4.6-88.el7.x86_64                                    2/5 \n  Verifying  : apr-1.4.8-3.el7_4.1.x86_64                                   3/5 \n  Verifying  : apr-util-1.5.2-6.el7.x86_64                                  4/5 \n  Verifying  : httpd-tools-2.4.6-88.el7.x86_64                              5/5 \n\nInstalled:\n  httpd.x86_64 0:2.4.6-88.el7                                                   \n\nDependency Installed:\n  apr.x86_64 0:1.4.8-3.el7_4.1             apr-util.x86_64 0:1.5.2-6.el7       \n  httpd-tools.x86_64 0:2.4.6-88.el7        mailcap.noarch 0:2.1.41-2.el7       \n\nComplete!\n"
    ]
}
 
卸载httpd服务，但不删除依赖关系
[admin@ansible .ansible]$ ansible westos -m yum -a 'name=httpd state=absent autoremove=no' 
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "changes": {
        "removed": [
            "httpd"
        ]
    }, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "Loaded plugins: product-id, search-disabled-repos, subscription-manager\nThis system is not registered with an entitlement server. You can use subscription-manager to register.\nResolving Dependencies\n--> Running transaction check\n---> Package httpd.x86_64 0:2.4.6-88.el7 will be erased\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package        Arch            Version               Repository           Size\n================================================================================\nRemoving:\n httpd          x86_64          2.4.6-88.el7          @AppStream          3.7 M\n\nTransaction Summary\n================================================================================\nRemove  1 Package\n\nInstalled size: 3.7 M\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n  Erasing    : httpd-2.4.6-88.el7.x86_64                                    1/1 \n  Verifying  : httpd-2.4.6-88.el7.x86_64                                    1/1 \n\nRemoved:\n  httpd.x86_64 0:2.4.6-88.el7                                                   \n\nComplete!\n"
    ]
}
 
卸载httpd服务，也卸载依赖关系
[admin@ansible .ansible]$ ansible westos -m yum -a 'name=httpd state=absent autoremove=yes'
172.25.32.12 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "httpd is not installed"
    ]
}
 
指定下载的源（通过AppStream来安装）
[admin@ansible .ansible]$ ansible westos -m yum -a 'name=httpd state=present enablerepo=AppStream'
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "changes": {
        "installed": [
            "httpd"
        ]
    }, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "Loaded plugins: product-id, search-disabled-repos, subscription-manager\nThis system is not registered with an entitlement server. You can use subscription-manager to register.\nResolving Dependencies\n--> Running transaction check\n---> Package httpd.x86_64 0:2.4.6-88.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package        Arch            Version                Repository          Size\n================================================================================\nInstalling:\n httpd          x86_64          2.4.6-88.el7           AppStream          1.2 M\n\nTransaction Summary\n================================================================================\nInstall  1 Package\n\nTotal download size: 1.2 M\nInstalled size: 3.7 M\nDownloading packages:\nDelta RPMs disabled because /usr/bin/applydeltarpm not installed.\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n  Installing : httpd-2.4.6-88.el7.x86_64                                    1/1 \n  Verifying  : httpd-2.4.6-88.el7.x86_64                                    1/1 \n\nInstalled:\n  httpd.x86_64 0:2.4.6-88.el7                                                   \n\nComplete!\n"
    ]
}
 
 
列出httpd的相关信息
[admin@ansible .ansible]$ ansible westos -m yum -a 'name=httpd state=absent autoremove=yes'
172.25.32.12 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "httpd is not installed"
    ]
}
 
更新httpd服务
[admin@ansible .ansible]$ ansible westos -m yum -a 'name="httpd" state=latest'  
172.25.32.11 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "changes": {
        "installed": [], 
        "updated": []
    }, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "All packages providing httpd are up to date", 
        ""
    ]
}

5.13 service

作用:  管理系统服务状态

常用参数

开启httpd服务，并指定开机启动
[admin@ansible .ansible]$ ansible westos -m service -a "name=httpd state=started enabled=yes"   
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "enabled": true, 
    "name": "httpd", 
    "state": "started", 
    "status": {
        "ActiveEnterTimestampMonotonic": "0", 
        "ActiveExitTimestampMonotonic": "0", 
        "ActiveState": "inactive", 
        "After": "-.mount network.target basic.target system.slice remote-fs.target tmp.mount systemd-journald.socket nss-lookup.target", 
        "AllowIsolate": "no", 
        "AmbientCapabilities": "0", 
........
 
重启httpd服务
[admin@ansible .ansible]$ ansible westos -m service -a "name=httpd state=restarted enabled=yes"
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "enabled": true, 
    "name": "httpd", 
    "state": "started", 
    "status": {
        "ActiveEnterTimestamp": "Fri 2022-07-29 07:34:50 UTC", 
        "ActiveEnterTimestampMonotonic": "4964679459", 
        "ActiveExitTimestampMonotonic": "0", 
        "ActiveState": "active", 
        "After": "-.mount systemd-journald.socket network.target nss-lookup.target basic.target tmp.mount remote-fs.target system.slice", 
        "AllowIsolate": "no", 
        "AmbientCapabilities": "0", 
 

5.14 firewalld

常用参数

开启火墙并永久指定火墙的域为public 且立即生效，
[admin@ansible .ansible]$ ansible westos -m firewalld -a 'zone=public service=http permanent=yes state=enabled immediate=yes'
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "msg": "Permanent and Non-Permanent(immediate) operation, Changed service http to enabled"
}
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "msg": "Permanent and Non-Permanent(immediate) operation, Changed service http to enabled"
}
 
在被控主机中：
[root@www ~]# firewall-cmd --list-all
public
  target: default
  icmp-block-inversion: no
  interfaces: 
  sources: 
  services: ssh dhcpv6-client http
  ports: 
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

5.15 user

作用: 模块可以帮助我们管理远程主机上的用户，比如创建用户、修改用户、删除用户、为用户创建密钥对等操作

建立lee用户
[admin@ansible .ansible]$ ansible westos -m user -a 'name=lee'
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 1001, 
    "home": "/home/lee", 
    "name": "lee", 
    "shell": "/bin/bash", 
    "state": "present", 
    "stderr": "useradd: warning: the home directory already exists.\nNot copying any file from skel directory into it.\nCreating mailbox file: File exists\n", 
    "stderr_lines": [
        "useradd: warning: the home directory already exists.", 
        "Not copying any file from skel directory into it.", 
        "Creating mailbox file: File exists"
    ], 
    "system": false, 
    "uid": 1001
}
 
删除lee用户
[admin@ansible .ansible]$ ansible westos -m user -a 'name=lee state=absent'
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "force": false, 
    "name": "lee", 
    "remove": false, 
    "state": "absent"
}
 
指定lee用户的uid为6666
[admin@ansible .ansible]$ ansible westos -m user -a 'name=lee uid=6666'
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 6666, 
    "home": "/home/lee", 
    "name": "lee", 
    "shell": "/bin/bash", 
    "state": "present", 
    "stderr": "useradd: warning: the home directory already exists.\nNot copying any file from skel directory into it.\nCreating mailbox file: File exists\n", 
    "stderr_lines": [
        "useradd: warning: the home directory already exists.", 
        "Not copying any file from skel directory into it.", 
        "Creating mailbox file: File exists"
    ], 
    "system": false, 
    "uid": 6666
}
 
指定lee用户所在的组为admin
[admin@ansible .ansible]$ ansible westos -m user -a 'name=lee group=admin'
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "append": false, 
    "changed": true, 
    "comment": "", 
    "group": 1000, 
    "home": "/home/lee", 
    "move_home": false, 
    "name": "lee", 
    "shell": "/bin/bash", 
    "state": "present", 
    "uid": 6666
}
 
指定用户所在的附加组为admin
[admin@ansible .ansible]$ ansible westos -m user -a 'name=lee groups=admin'
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "append": false, 
    "changed": true, 
    "comment": "", 
    "group": 1000, 
    "groups": "admin", 
    "home": "/home/lee", 
    "move_home": false, 
    "name": "lee", 
    "shell": "/bin/bash", 
    "state": "present", 
    "uid": 6666
}
 
生成加密字符【$符是特殊字符，所有要用转译字符】
[admin@ansible .ansible]$ openssl passwd -1 'westos'       #设置密码
$1$oD/nYgUs$ztibP8DFmgBBgAxM4r6i/.
[admin@ansible .ansible]$ ansible westos -m user -a 'name=lee password="$1$oD/nYgUs$ztibP8DFmgBBgAxM4r6i/."'
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 100, 
    "home": "/home/lee", 
    "name": "lee", 
    "password": "NOT_LOGGING_PASSWORD", 
    "shell": "/bin/bash", 
    "state": "present", 
    "stderr": "useradd: warning: the home directory already exists.\nNot copying any file from skel directory into it.\nCreating mailbox file: File exists\n", 
    "stderr_lines": [
        "useradd: warning: the home directory already exists.", 
        "Not copying any file from skel directory into it.", 
        "Creating mailbox file: File exists"
    ], 
    "system": false, 
    "uid": 1001
}
 
生成密钥
[admin@ansible .ansible]$ ansible westos -m user -a 'name=lee generate_ssh_key=yes'                         
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "append": false, 
    "changed": true, 
    "comment": "", 
    "group": 100, 
    "home": "/home/lee", 
    "move_home": false, 
    "name": "lee", 
    "shell": "/bin/bash", 
    "ssh_fingerprint": "2048 SHA256:5w9/Fcx+J8KIFc1HtjAyMXi/aB76xdPUewv/aGZSG6M ansible-generated on www.westos.org (RSA)", 
    "ssh_key_file": "/home/lee/.ssh/id_rsa", 
    "ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCx53ERXMA8HSsuLcqyoKcwynKuE2Iirn5zOD+6rHMHh+grpJZ/KvrxhMOOyrAMXS81Lm7+qksct2522bnsY7ARB4g6vANtkdM3GrYqffy1/tCAwO4X6HOrPrS3WuX3Fc7M++plvrxt6ze5RSxnRIcDUwRRKeeKmwsHCcpHKNdVYrM/BlBuKfj7ecwMOYZEWGCm2/yeoParqK5d5psy/58yiGclQvMUEl1/8Atguwxsh/T2Ta2pALMLWcWUDYsYaDxl8pKrwnXK0IntPF+b2eGa5Z9HoBS1H32ZBEjb/xGb9WAy0mn8ip4/xEW9qN6PE1RXvAl8ihSvTJw8zNMqcsWF ansible-generated on www.westos.org", 
    "state": "present", 
    "uid": 1001
}

5.16 group

作用: group 模块可以帮助我们管理远程主机上的组。

常用参数

添加组westoslee
[admin@ansible .ansible]$ ansible westos -m group -a 'name=westoslee'
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 6667, 
    "name": "westoslee", 
    "state": "present", 
    "system": false
}
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 6667, 
    "name": "westoslee", 
    "state": "present", 
    "system": false
}
 
指定westoslee组的gid为8888
[admin@ansible .ansible]$ ansible westos -m group -a 'name=westoslee gid=8888'
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 8888, 
    "name": "westoslee", 
    "state": "present", 
    "system": false
}
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 8888, 
    "name": "westoslee", 
    "state": "present", 
    "system": false
}
 
删除westoslee组
[admin@ansible .ansible]$ ansible westos -m group -a 'name=westoslee state=absent'
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "westoslee", 
    "state": "absent"
}
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "westoslee", 
    "state": "absent"
}
 

5.17 lineinfile

给被控机建立/mnt下的westos文件，并编写内容\n表示换行
[admin@ansible .ansible]$ ansible westos -m copy -a 'content="hello westos\nhello test\nhello linux\n" dest=/mnt/westos ' 
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum": "868d8bfc146c9de5569f3fca88677b0f35abf30e", 
    "dest": "/mnt/westos", 
    "gid": 0, 
    "group": "root", 
    "md5sum": "b035847bf1e123742bd8e58647178d0d", 
    "mode": "0644", 
    "owner": "root", 
    "size": 36, 
    "src": "/home/admin/.ansible/tmp/ansible-tmp-1659096272.79-5119-87992278885050/source", 
    "state": "file", 
    "uid": 0
}
 
在已经存在的文本（/mnt/westos）中写入nihao
 [admin@ansible .ansible]$ ansible westos -m lineinfile -a 'path=/mnt/westos line="nihao"'
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup": "", 
    "changed": true, 
    "msg": "line added"
}
 
把以hello开头的行替替换成hello westos,匹配到多行的替换只能替换最后一行，其他行不进行替换
[admin@ansible .ansible]$ ansible westos -m lineinfile -a 'path=/mnt/westos regexp="^hello" line="hello westos" '
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup": "", 
    "changed": true, 
    "msg": "line replaced"
}
 
把以hello开头的行全部删除 ,匹配到多行的删除会全部删除
[admin@ansible .ansible]$ ansible westos -m lineinfile -a 'path=/mnt/westos regexp="^hello" line="hello westos" '
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup": "", 
    "changed": true, 
    "msg": "line replaced"
}
 
将westos文件中满足条件【h后边的任意四个字符，中间任意字符，w后任意五个字符】的行替换为字符\1 {因为 backrefs=no就不向后引用regexp}
[admin@ansible .ansible]$ ansible westos -m lineinfile -a 'path=/mnt/westos regexp="(h.{4}.*(w.{5}))" line="\1" backrefs=no'
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup": "", 
    "changed": true, 
    "msg": "line added"
}
 
将westos文件中满足条件【h后边的任意四个字符，中间任意字符，w后任意五个字符】的行替换为regexp的第一部分条件
[admin@ansible .ansible]$ ansible westos -m lineinfile -a 'path=/mnt/westos regexp="(h.{4}).*(w.{5})" line="\1" backrefs=yes'
172.25.32.12 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup": "", 
    "changed": false, 
    "msg": ""
}
 
在文件中最后一行后添加#######ok##########
[admin@ansible .ansible]$ ansible westos -m lineinfile -a 'path=/mnt/westos line="#######ok##########" insertafter=EOF'
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup": "", 
    "changed": true, 
    "msg": "line added"
}
 
在hello字符前添加#######ok##########；匹配到多行，则在最后一行有hello字符前添加
[admin@ansible .ansible]$ ansible westos -m lineinfile -a 'path=/mnt/westos line="#######ok##########" insertbefore=BOF' 
172.25.32.11 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup": "", 
    "changed": false, 
    "msg": ""
}
 
在第一行前添加#######ok##########
[admin@ansible .ansible]$ ansible westos -m lineinfile -a 'path=/mnt/westos line="#######ok##########" insertbefore=BOF' 
172.25.32.11 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup": "", 
    "changed": false, 
    "msg": ""
}
 
在test字符前一行添加
[admin@ansible .ansible]$ ansible westos -m lineinfile -a 'path=/mnt/westos line="#######ok##########" insertbefore=test'   
172.25.32.12 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup": "", 
    "changed": false, 
    "msg": ""
}
 

5.18 line |+

[admin@ansible .ansible]$ cat westos.yml 
- name: test
  hosts: westos
  tasks:
    - lineinfile:
        path: /mnt/westos
        line: |+
          westos
          linux
          lee
[admin@ansible .ansible]$ ansible-playbook westos.yml 
 
PLAY [test] ***********************************************************************************************************************
 
TASK [Gathering Facts] ************************************************************************************************************
ok: [172.25.32.12]
ok: [172.25.32.11]
 
TASK [lineinfile] *****************************************************************************************************************
changed: [172.25.32.12]
changed: [172.25.32.11]
 
PLAY RECAP ************************************************************************************************************************
172.25.32.11               : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
172.25.32.12               : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
 

5.19 replace

作用 : 模块可以根据我们指定的正则表达式替换文件中的字符串,文件中所有被匹配到的字符串都会被替换

常用参数

把带有westos字符的全部替换成lee，并且备份westos原文件
[admin@ansible .ansible]$ ansible westos -m replace -a 'path=/mnt/westos regexp="westos" replace="lee" backup=yes'
172.25.32.12 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup_file": "/mnt/westos.10640.2022-07-29@12:35:34~", 
    "changed": true, 
    "msg": "1 replacements made"
}
172.25.32.11 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup_file": "/mnt/westos.10650.2022-07-29@12:35:33~", 
    "changed": true, 
    "msg": "1 replacements made"
}

5.20 setup

作用: setup模块用于收集远程主机的一些基本信息

常用参数:   filter                ##用于进行条件过滤。如果设置,仅返回匹配过滤条件的信息。

显示被控机的主机名
[admin@ansible .ansible]$ ansible westos -m setup -a "filter='ansible_fqdn'"
172.25.32.12 | SUCCESS => {
    "ansible_facts": {
        "ansible_fqdn": "lb-182-230.above.com", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
172.25.32.11 | SUCCESS => {
    "ansible_facts": {
        "ansible_fqdn": "www.westos.org", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
 
显示被控机的ip地址
[admin@ansible .ansible]$ ansible westos -m setup   -a "filter='ansible_all_ipv4_addresses'"
172.25.32.12 | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "172.25.32.12"
        ], 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}
172.25.32.11 | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "172.25.32.11"
        ], 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}

5.21 debug

作用：调试模块，用于在调试中输出信息

常用参数

输出hello
[admin@ansible .ansible]$ ansible westos -m debug -a 'msg=hello'
172.25.32.11 | SUCCESS => {
    "msg": "hello"
}
172.25.32.12 | SUCCESS => {
    "msg": "hello"
}
 
输出被控机的主机名【不能用ansible命令，因为看不到结果，但是可以在playbook中看到效果】 
 [admin@ansible .ansible]$ cat test.yml 
  - name: test
    hosts: westos
    tasks:
      - name: debug
        debug:
          var: ansible_facts['fqdn']   
[admin@ansible .ansible]$ ansible-playbook test.yml
 
PLAY [test] ***********************************************************************************************************************
 
TASK [Gathering Facts] ************************************************************************************************************
ok: [172.25.32.12]
ok: [172.25.32.11]
 
TASK [debug] **********************************************************************************************************************
ok: [172.25.32.11] => {
    "ansible_facts['fqdn']": "www.westos.org"
}
ok: [172.25.32.12] => {
    "ansible_facts['fqdn']": "lb-182-230.above.com"
}
 
PLAY RECAP ************************************************************************************************************************
172.25.32.11               : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
172.25.32.12               : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0