安装
yum install ansible ansible-lint
apt install ansible ansible-lint
配置文件
读取顺序
./ansible.cfg
~/.ansible.cfg
/etc/ansible
主机组文件
[local]
127.0.0.1
# 写法例子1
[web]
192.168.100.80
192.168.100.81
192.168.100.88
[web:vars]
ansible_ssh_user="root"
ansible_ssh_pass="root"
# 写法例子2
[group1]
192.168.100.90 ansible_ssh_user=xxz ansible_sudo_pass="xxz"
192.168.100.91 ansible_ssh_user=xxz ansible_sudo_pass="xxz"
[group2]
192.168.100.91 ansible_ssh_user=xxz ansible_sudo_pass="xxz"
192.168.100.92 ansible_ssh_user=xxz ansible_sudo_pass="xxz"
# 写法例子3
[xyh]
host.xyh.moe ansible_ssh_private_key_file='/home/user/key/keyfile' ansible_become_password=rootpass
命令接口
查看主机列表
输入
# 查看主机列表
# -i PATH --inventory=PATH 指定host文件的路径,默认是在/etc/ansible/hosts
# web 是标签名
# all 作为标签名的话,表示主机文件中定义的所有主机
ansible -i ansible_host web --list-hosts
输出
hosts (3):
192.168.100.80
192.168.100.81
192.168.100.88
ping 模块
输入
ansible -i hostsfile.txt web -m ping
输出
192.168.100.80 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
192.168.100.81 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
192.168.100.88 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: ssh: connect to host 192.168.100.88 port 22: Connection timed out",
"unreachable": true
}
command 模块
在目标主机运行指定命令
输入
ansible -i hostsfile.txt web -m command -a 'pwd'
输出
192.168.100.80 | CHANGED | rc=0 >>
/home/user
192.168.100.81 | CHANGED | rc=0 >>
/home/user
192.168.100.88 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: ssh: connect to host 192.168.100.88 port 22: Connection timed out",
"unreachable": true
}
become
ansible -i hostsfile.txt all -m web -a 'cat /etc/hosts' --become --become-method=sudo --become-user=xxz
ansible -u root -k -c ssh test -m ping -c local| --connection=local - 在本地服务器上运行命令,而不是SSH
一些常用命令: --private-key=PRIVATE_KEY_FILE_PATH 使用指定路径的秘钥建立认证连接 -m DIRECTORY --module-path=DIRECTORY 指定module的目录来加载module,默认是/usr/share/ansible -c CONNECTION --connection=CONNECTION 指定建立连接的类型,一般有ssh ,local
ansible 常用模块
copy 模块
从本地复制文件到远程节点
# 将本机文件复制到目标主机的目标目录
ansible -i ansible all -m copy -a "src=/home/username/example.txt dest=/home/username/"
# 也可以复制一台远程主机文件到目标主机
...
#with_items 匹配文件
#with_fileglob 通配符文件
file 模块
设置文件属性
user 模块
用户管理
yum 模块
yum 包管理
service 模块
管理服务
shell 模块
command 不支持 $HOME < > | &
firewalld 模块
playbook
ansible 命令主要还是执行一些简单的小命令,批量作业还是用ansible playbook。
playbook文件例子
fastfetch.yaml
---
- hosts: ceph
become: yes
become_user: root
tasks:
- name: install epel
dnf:
name: epel-release
state: installed
update_cache: true
- name: install fastfetch
dnf:
name: fastfetch
state: installed
update_cache: true
- name: install vi
dnf:
name: vi
state: installed
update_cache: true
- name: install vim
dnf:
name: vim
state: installed
update_cache: true
- name: install nano
dnf:
name: nano
state: installed
update_cache: true
- name: new user xxz
user:
name: xxz
group: xxz
createhome: yes
- name: "copy tars"
copy:
src: "{{ item }}"
dest: "/home/xyh/"
owner: root
group: root
mode: 644
with_fileglob:
- "/tmp/xyh/*.tar"
- name: "copy frontend.sh"
copy:
src: "/tmp/xyh/frontend.sh"
dest: "/home/xyh/"
owner: root
group: root
mode: 755
# - name: "run frontend.sh"
# shell: sh /home/xyh/frontend.sh
# args:
# chdir: /home/xyh/
执行
ansible-playbook fastfetch.yaml