ansible installation and module management

brief introduction

1. The process of installing and deploying ansible is very simple and the learning curve is flat.
2. There is no need to install the client separately. Knowledge can be leveraged using existing SSHD services (protocols).
3. Based on Python development, it combines the advantages of many operation and maintenance tools (puppet, chef, func, fabric), and realizes the functions of batch system configuration, batch program deployment, batch running commands, etc.

ansible features

1. The deployment is simple, only the Ansible environment needs to be deployed on the main control side, and the controlled side does not need to do anything.
2. Use SSH protocol to manage devices by default;
3. There are a large number of routine operation modules, which can achieve the vast majority of daily operations.
4. Easy to configure, powerful and extensible;
5. Support API and custom modules, which can be easily extended through Python;
6. Customize powerful configuration and state management through Playbooks;
7. Lightweight, there is no need to install agent on the client. When updating, only one update is needed on the operator.
8. Provide a powerful and operational Web management interface and REST API interface - AWX platform.

Architecture diagram

Ansible: Ansible Core Program.
HostInventory: Records host information managed by Ansible, including port, password, ip, etc.
Playbooks: Playbooks YAML format file, where multiple tasks are defined in one file, defining which modules the host needs to call to complete the function.
CoreModules: Core module, the main operation is to complete the management task by calling the core module.
CustomModules: Custom modules that support multiple languages by completing functions that core modules cannot do.
ConnectionPlugins: Connection Plugins, used for Ansible and Host communication

ansible task execution mode

Ansible systems can be divided into two types by the way the control host operates the managed nodes, adhoc and playbook:

ad-hoc mode (point-to-point mode)
Use a single module to support batch execution of a single command.The ad-hoc command is a command that can be entered quickly and does not need to be saved.Is equivalent to a shell in bash.
playbook mode (script mode)
Is Ansible's primary management and key to its powerful functionality.playbook accomplishes one type of functionality through multiple task collections, such as installation and deployment of Web services, batch backup of database servers, and so on.playbook can be simply understood as a configuration file that combines multiple ad-hoc operations.

ansible execution process

Simple understanding is that when Ansible runs, it first reads the configuration in ansible.cfg, obtains a list of management hosts in Inventory according to the rules, executes the configured tasks in these hosts in parallel, and finally waits for the results to be returned.

Practice

Environmental Science

Management: CentOS 7-2 192.168.18.147
 Managed End 1: CentOS 7-3 192.168.18.128
 Managed End 2: CentOS 7-4 192.168.18.148

Management side:

[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
[root@localhost ~]# yum install epel-release -y
[root@localhost ~]# yum install ansible -y
[root@localhost ~]# ansible --version
ansible 2.9.2
[root@localhost ~]# yum install tree -y
[root@localhost ~]# tree /etc/ansible/
/etc/ansible/
├── ansible.cfg         #configuration file
├── hosts
└── roles

1 directory, 2 files
`Configure host list`
[root@localhost ~]# vim  /etc/ansible/hosts
#Insert the following under line 24
[webserver]
192.168.18.128
[mysql]
192.168.18.148

`Generate key pair`
[root@localhost ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):        #Direct Enter
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):     #Enter password: abc123
Enter same passphrase again:                    #Re-enter password: abc123
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:5RvIVqbI9hscNK1Y4YivNnnUEgQeNfNm/WJcBXr8jWc root@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
|    oo= .   ...  |
|   . + * + o .   |
|    o o O B +    |
|     o @ @ + . o |
|      O S * . o E|
|     = = o +   o |
|    = . + .      |
|   . o   o       |
|        .        |
+----[SHA256]-----+

`Key pair location`
[root@localhost ~]# ls -la
//Total usage 56
......
drwx------.  2 root root   38 1 February 2217:34 .ssh
......Omit multiple lines here
[root@localhost ~]# cd .ssh/
[root@localhost .ssh]# ls
id_rsa(Private Key)  id_rsa.pub(Public Key)

`Push key to managed side 1`
[root@localhost .ssh]# ssh-copy-id root@192.168.18.128
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.18.128 (192.168.18.128)' can't be established.
ECDSA key fingerprint is SHA256:mTT+FEtzAu4X3D5srZlz93S3gye8MzbqVZFDzfJd4Gk.
ECDSA key fingerprint is MD5:fa:5a:88:23:49:60:9b:b8:7e:4b:14:4b:3f:cd:96:a0.
Are you sure you want to continue connecting (yes/no)? yes  #Confirm Link
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.18.128's password:     #Enter the root password for the corresponding managed end

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.18.128'"
and check to make sure that only the key(s) you wanted were added.
`Push key to managed side 2`
[root@localhost .ssh]# ssh-copy-id root@192.168.18.148
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.18.148 (192.168.18.148)' can't be established.
ECDSA key fingerprint is SHA256:mTT+FEtzAu4X3D5srZlz93S3gye8MzbqVZFDzfJd4Gk.
ECDSA key fingerprint is MD5:fa:5a:88:23:49:60:9b:b8:7e:4b:14:4b:3f:cd:96:a0.
Are you sure you want to continue connecting (yes/no)? yes  #Confirm Link
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.18.148's password:     #Enter the root password for the corresponding managed end

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.18.148'"
and check to make sure that only the key(s) you wanted were added.

Verify that the key was successfully pushed:
Managed End 1:192.168.18.128

[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
[root@localhost ~]# cd .ssh/
[root@localhost .ssh]# ls
authorized_keys
#Key push succeeded at this time

Managed End 2:

[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
[root@localhost ~]# cd .ssh/
[root@localhost .ssh]# ls
authorized_keys
#Key push succeeded at this time

Ansible module management

1. command module

`Use IP Address view time of managed side 1`
[root@localhost .ssh]# ansible 192.168.18.128 -m command -a 'date'
Enter passphrase for key '/root/.ssh/id_rsa':       #Enter key password abc123
192.168.18.128 | CHANGED | rc=0 >>
2020 Sunday, 02, 15, 2002:53:20 CST
`Use aliases to view the time of managed side 2`
[root@localhost .ssh]# ansible mysql -m command -a 'date'
Enter passphrase for key '/root/.ssh/id_rsa':       #Enter key password abc123
192.168.18.148 | CHANGED | rc=0 >>
2020 Sunday, 02, 15, 2002:55:13 CST

`To avoid the hassle of always entering a password, we can execute an interactive Proxy-Free`
[root@localhost .ssh]# ssh-agent bash
[root@localhost .ssh]# ssh-add
Enter passphrase for /root/.ssh/id_rsa:             #Enter key password abc123   
Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa)

[root@localhost .ssh]# ansible webserver -m command -a 'date'
192.168.18.128 | CHANGED | rc=0 >>
2020 Sunday, 02, 2002 16:01:40 CST
#This allows you to display time directly without interacting

`All hosts Host Execution date command`
[root@localhost .ssh]# ansible all -a 'date'
192.168.18.128 | CHANGED | rc=0 >>
2020 Sunday, 02, 2002 16:21:08 CST

192.168.18.148 | CHANGED | rc=0 >>
2020 Sunday, 02, 2002 16:21:08 CST

2. cron module [two state s: press for add (can be omitted), absent for remove]

[root@localhost .ssh]# ansible mysql -m cron -a 'minute="*/1" job="/usr/bin/echo hello"  name="test hello"'
192.168.18.148 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "envs": [],
    "jobs": [
        "test hello"
    ]
}
[root@localhost .ssh]# ansible mysql -a 'crontab -l'
192.168.18.148 | CHANGED | rc=0 >>
#Ansible: test hello
*/1 * * * * /usr/bin/echo hello

At this point we can go to managed side 2 to verify:

[root@localhost .ssh]# crontab -l
#Ansible: test hello
*/1 * * * * /usr/bin/echo hello
//You have new mail in/var/spool/mail/root

[root@localhost .ssh]# vim /var/spool/mail/root
From root@localhost.localdomain  Sun Feb  2 16:40:02 2020
Return-Path: <root@localhost.localdomain>
X-Original-To: root
Delivered-To: root@localhost.localdomain
Received: by localhost.localdomain (Postfix, from userid 0)
        id 2255A319AE4E; Sun,  2 Feb 2020 16:40:02 +0800 (CST)
From: "(Cron Daemon)" <root@localhost.localdomain>
To: root@localhost.localdomain
Subject: Cron <root@localhost> /usr/bin/echo hello
Content-Type: text/plain; charset=UTF-8
Auto-Submitted: auto-generated
Precedence: bulk
X-Cron-Env: <XDG_SESSION_ID=19>
X-Cron-Env: <XDG_RUNTIME_DIR=/run/user/0>
X-Cron-Env: <LANG=zh_CN.UTF-8>
X-Cron-Env: <SHELL=/bin/sh>
X-Cron-Env: <HOME=/root>
X-Cron-Env: <PATH=/usr/bin:/bin>
X-Cron-Env: <LOGNAME=root>
X-Cron-Env: <USER=root>
Message-Id: <20200202084002.2255A319AE4E@localhost.localdomain>
Date: Sun,  2 Feb 2020 16:40:02 +0800 (CST)

hello
#The following omits multiple lines to generate one per minute

Remove the planned tasks at this time, using absent:

[root@localhost .ssh]# ansible mysql -m cron -a 'name="test hello" state=absent'
192.168.18.148 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "envs": [],
    "jobs": []
}

`Returning to managed side 2 at this time will find that the scheduled task disappears`
[root@localhost ~]# crontab -l

3. User module [user module is requesting three directives: useradd, userdel, usermod]

`Create User test01`
[root@localhost ~]# ansible all -m user -a 'name=test01'
192.168.18.128 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "comment": "",
    "create_home": true,
    "group": 1001,
    "home": "/home/test01",
    "name": "test01",
    "shell": "/bin/bash",
    "state": "present",
    "system": false,
    "uid": 1001
}
192.168.18.148 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "comment": "",
    "create_home": true,
    "group": 1001,
    "home": "/home/test01",
    "name": "test01",
    "shell": "/bin/bash",
    "state": "present",
    "system": false,
    "uid": 1001
}
`Now go back to Managed End 1 to verify adding users`
[root@localhost ~]# id test01
uid=1001(test01) gid=1001(test01) group=1001(test01)
`Now go back to Managed End 2 to authenticate the added user`
[root@localhost ~]# id test01
uid=1001(test01) gid=1001(test01) group=1001(test01)
#Both managed test01 users were added successfully at this time

`delete webserver End of test01 user`
[root@localhost ~]# ansible webserver -m user -a 'name=test01 state=absent'
192.168.18.128 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "force": false,
    "name": "test01",
    "remove": false,
    "state": "absent"
}
`Back to managed side 1 at this time:webserver Verify user condition in`
[root@localhost ~]# id test01
id: test01: no such user
#The display cannot be found at this time, indicating that it has been deleted

Group module [groupadd, groupdel, groupmod directives requested by group module]

`Establish mysql group`
[root@localhost ~]# ansible mysql -m group -a 'name=mysql gid=306 system=yes'
192.168.18.148 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "gid": 306,
    "name": "mysql",
    "state": "present",
    "system": true
}
`Remote View Managed End 2:mysql Is there any mysql group`
[root@localhost ~]# ansible mysql -a 'tail /etc/group'
192.168.18.148 | CHANGED | rc=0 >>
postfix:x:89:
stapusr:x:156:
stapsys:x:157:
stapdev:x:158:
tcpdump:x:72:
zhou:x:1000:
dhcpd:x:177:
named:x:25:
test01:x:1001:
mysql:x:306:        #There is a mysql group with gid 306

`Create a new user test02 And add to mysql group`
[root@localhost ~]# ansible mysql -m user -a 'name=test02 uid=306 group=mysql system=yes'
192.168.18.148 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "comment": "",
    "create_home": true,
    "group": 306,
    "home": "/home/test02",
    "name": "test02",
    "shell": "/bin/bash",
    "state": "present",
    "system": true,
    "uid": 306
}
`Remote View Managed End 2:mysql Is in mysql Is there a newly created user for the group test02`
[root@localhost ~]# ansible mysql -a 'id test02'
192.168.18.148 | CHANGED | rc=0 >>
uid=306(test02) gid=306(mysql) group=306(mysql)

copy module

`Remote Managed End 2:mysql In etc Catalog fstab Automatically mount files, copy to opt Directory and named fstab.bk,The genus group is root,Permission is 644`
[root@localhost ~]# ansible mysql -m copy -a 'src=/etc/fstab dest=/opt/fstab.bk owner=root mode=644'
192.168.18.148 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "checksum": "100f3bbf6644926857bbec2a40ab2f70bf1c060b",
    "dest": "/opt/fstab.bk",
    "gid": 0,
    "group": "root",
    "md5sum": "f57167de0e8f6f2963771a72af8a2840",
    "mode": "0644",
    "owner": "root",
    "secontext": "system_u:object_r:usr_t:s0",
    "size": 595,
    "src": "/root/.ansible/tmp/ansible-tmp-1580693038.81-171191249824445/source",
    "state": "file",
    "uid": 0
}
`Remote View Managed End 2:mysql Of opt Is it in the directory mysql Is there a group fstab.bk file`
[root@localhost ~]# ansible mysql -a 'ls -l /opt'
192.168.18.148 | CHANGED | rc=0 >>
//Total usage 4
-rw-r--r--. 1 root root 595 2 Month 309:24 fstab.bk
drwxr-xr-x. 2 root root   6 3 February 26, 2015 rh

`Specify content this is test,Redirect to generate a new file test.txt stay opt Catalog`
[root@localhost ~]# ansible mysql -m copy -a 'content="this is test" dest=/opt/test.txt'
192.168.18.148 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "checksum": "b6794b2000d94d348203d0279c2e7322b922cb16",
    "dest": "/opt/test.txt",
    "gid": 0,
    "group": "root",
    "md5sum": "8c6d115258631625b625486f81b09532",
    "mode": "0644",
    "owner": "root",
    "secontext": "system_u:object_r:usr_t:s0",
    "size": 12,
    "src": "/root/.ansible/tmp/ansible-tmp-1580693472.89-123279558248268/source",
    "state": "file",
    "uid": 0
}
`Remote View Managed End 2:mysql Of opt Directory test.txt Is the content in the file this is test`
[root@localhost ~]# ansible mysql -a 'cat /opt/test.txt'
192.168.18.148 | CHANGED | rc=0 >>
this is test

file module

`Route opt Files under test.txt,User is test02,Group is specified as mysql,Permission is 666`
[root@localhost ~]# ansible mysql -m file -a 'path=/opt/test.txt owner=test02 group=mysql mode=666'
192.168.18.148 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "gid": 306,
    "group": "mysql",
    "mode": "0666",
    "owner": "test02",
    "path": "/opt/test.txt",
    "secontext": "system_u:object_r:usr_t:s0",
    "size": 12,
    "state": "file",
    "uid": 306
}
`Return to managed side 2 at this time:mysql in opt Directory test.txt Details of the file`
[root@localhost ~]# cd /opt/
[root@localhost opt]# ls -l
//Total usage 8
-rw-r--r--. 1 root   root  595 2 Month 309:24 fstab.bk
drwxr-xr-x. 2 root   root    6 3 February 26, 2015 rh
-rw-rw-rw-. 1 test02 mysql  12 2 Month 309:31 test.txt
#At this time, the test.txt file owner is test02, the owner group is mysql, and the permissions are 666

`Set up/opt/test.txt.link by/opt/test.txt Link file for`
[root@localhost ~]# ansible mysql -m file -a 'src=/opt/test.txt path=/opt/test.txt.link state=link'
192.168.18.148 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "dest": "/opt/test.txt.link",
    "gid": 0,
    "group": "root",
    "mode": "0777",
    "owner": "root",
    "secontext": "unconfined_u:object_r:usr_t:s0",
    "size": 13,
    "src": "/opt/test.txt",
    "state": "link",
    "uid": 0
}
`Return to managed side 2 at this time:mysql in opt View this link file in the directory`
[root@localhost opt]# ls -l
//Total usage 8
-rw-r--r--. 1 root   root  595 2 Month 309:24 fstab.bk
drwxr-xr-x. 2 root   root    6 3 February 26, 2015 rh
-rw-rw-rw-. 1 test02 mysql  12 2 Month 309:31 test.txt
lrwxrwxrwx. 1 root   root   13 2 Month 309:59 test.txt.link -> /opt/test.txt  #Linked Files

`Create an empty file`
[root@localhost ~]# ansible mysql -m file -a 'path=/opt/abc.txt state=touch'
192.168.18.148 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "dest": "/opt/abc.txt",
    "gid": 0,
    "group": "root",
    "mode": "0644",
    "owner": "root",
    "secontext": "unconfined_u:object_r:usr_t:s0",
    "size": 0,
    "state": "file",
    "uid": 0
}
`Return to managed side 2 at this time:mysql in opt Catalog abc.txt Details of the file`
[root@localhost opt]# ls                #There is an abc.txt file at this time
abc.txt  fstab.bk  rh  test.txt  test.txt.link
[root@localhost opt]# cat abc.txt       #There is no content because it is an empty file

`Delete created abc.txt Empty File`
[root@localhost ~]# ansible mysql -m file -a 'path=/opt/abc.txt state=absent'
192.168.18.148 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "path": "/opt/abc.txt",
    "state": "absent"
}
`Return to managed side 2 at this time:mysql in opt Is there any under the directory abc.txt file`
[root@localhost opt]# ls
fstab.bk  rh  test.txt  test.txt.link

ping module

`Test whether two managed ends are online`
[root@localhost ~]# ansible all -m ping
192.168.18.148 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": false,
    "ping": "pong"
}
192.168.18.128 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": false,
    "ping": "pong"
}

yum module

`On managed side 1:webserver Install in httpd service`
[root@localhost ~]# ansible webserver -m yum -a 'name=httpd'
192.168.18.128 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "changes": {
        "installed": [
            "httpd"
        ]
    },
    "msg": "",
    "rc": 0,
    "results": [
        "Loaded plugins: fastestmirror, langpacks\nLoading mirror speeds from cached hostfile\n * base: mirrors.huaweicloud.com\n * extras: mirror.bit.edu.cn\n * updates: mirror.bit.edu.cn\nResolving Dependencies\n--> Running transaction check\n---> Package httpd.x86_64 0:2.4.6-90.el7.centos will be installed\n--> Processing Dependency: httpd-tools = 2.4.6-90.el7.centos for package: httpd-2.4.6-90.el7.centos.x86_64\n--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-90.el7.centos.x86_64\n--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-90.el7.centos.x86_64\n--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-90.el7.centos.x86_64\n--> Running transaction check\n---> Package apr.x86_64 0:1.4.8-5.el7 will be installed\n---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed\n---> Package httpd-tools.x86_64 0:2.4.6-90.el7.centos will be installed\n---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package            Arch          Version                     Repository   Size\n================================================================================\nInstalling:\n httpd              x86_64        2.4.6-90.el7.centos         base        2.7 M\nInstalling for dependencies:\n apr                x86_64        1.4.8-5.el7                 base        103 k\n apr-util           x86_64        1.5.2-6.el7                 base         92 k\n httpd-tools        x86_64        2.4.6-90.el7.centos         base         91 k\n mailcap            noarch        2.1.41-2.el7                base         31 k\n\nTransaction Summary\n================================================================================\nInstall  1 Package (+4 Dependent packages)\n\nTotal download size: 3.0 M\nInstalled size: 10 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal                                              1.0 MB/s | 3.0 MB  00:03     \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n  Installing : apr-1.4.8-5.el7.x86_64                                       1/5 \n  Installing : apr-util-1.5.2-6.el7.x86_64                                  2/5 \n  Installing : httpd-tools-2.4.6-90.el7.centos.x86_64                       3/5 \n  Installing : mailcap-2.1.41-2.el7.noarch                                  4/5 \n  Installing : httpd-2.4.6-90.el7.centos.x86_64                             5/5 \n  Verifying  : apr-1.4.8-5.el7.x86_64                                       1/5 \n  Verifying  : mailcap-2.1.41-2.el7.noarch                                  2/5 \n  Verifying  : httpd-tools-2.4.6-90.el7.centos.x86_64                       3/5 \n  Verifying  : apr-util-1.5.2-6.el7.x86_64                                  4/5 \n  Verifying  : httpd-2.4.6-90.el7.centos.x86_64                             5/5 \n\nInstalled:\n  httpd.x86_64 0:2.4.6-90.el7.centos                                            \n\nDependency Installed:\n  apr.x86_64 0:1.4.8-5.el7                     apr-util.x86_64 0:1.5.2-6.el7    \n  httpd-tools.x86_64 0:2.4.6-90.el7.centos     mailcap.noarch 0:2.1.41-2.el7    \n\nComplete!\n"
    ]
}
#The process is displayed when the installation is complete
`At this point you can return to managed side 1:webserver View in httpd Is the service installed successfully`
[root@localhost ~]# rpm -q httpd
httpd-2.4.6-90.el7.centos.x86_64        #The service installation is now complete

`You can remove a service with the following commands`
[root@localhost ~]# ansible webserver -m yum -a 'name=httpd state=absent'

service module

`Start in managed end 2 httpd service`
[root@localhost ~]# ansible webserver -m service -a 'enabled=true name=httpd state=started'
192.168.18.128 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "enabled": true,
    "name": "httpd",
    "state": "started",
......Omit multiple lines here
`This time to managed side 1:webserver View in httpd Status of the service`
[root@localhost ~]# systemctl status httpd.service
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: active (running) since 2020-02-03 10:24:28 CST; 2min 25s ago
#At this point the status is shown as running

shell module

`Create a user to generate an interactive-free password for the user`
[root@localhost ~]# ansible webserver -m User-A'name=jarry'#Create new user Jarry
192.168.18.128 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "comment": "",
    "create_home": true,
    "group": 1001,
    "home": "/home/jarry",
    "name": "jarry",
    "shell": "/bin/bash",
    "state": "present",
    "system": false,
    "uid": 1001
}
[root@localhost ~]# ansible webserver -m shell -a 'echo abc123 | passwd --stdin jarry'
192.168.18.128 | CHANGED | rc=0 >>
Change user jarry's password.
passwd: All authentication tokens have been successfully updated.
#The login password for the generated jarry user is abc123

script module

`Start by writing scripts on the management side`
[root@localhost ~]# cd /opt/
[root@localhost opt]# vim test.sh
#!/bin/bash
echo "this is test script" > /opt/script.txt
chmod 666 /opt/script.txt
[root@localhost opt]# ls
rh  test.sh
[root@localhost opt]# chmod +x test.sh      #Give Execution Permission

`Execute on all managed ends test.sh Script`
[root@localhost opt]# ansible all -m script -a 'test.sh'
192.168.18.128 | CHANGED => {
    "changed": true,
    "rc": 0,
    "stderr": "Shared connection to 192.168.18.128 closed.\r\n",
    "stderr_lines": [
        "Shared connection to 192.168.18.128 closed."
    ],
    "stdout": "",
    "stdout_lines": []
}
192.168.18.148 | CHANGED => {
    "changed": true,
    "rc": 0,
    "stderr": "Shared connection to 192.168.18.148 closed.\r\n",
    "stderr_lines": [
        "Shared connection to 192.168.18.148 closed."
    ],
    "stdout": "",
    "stdout_lines": []
}
`Verify the two managed ends opt Is there any under the directory script.txt file`
#Managed End 1:
[root@localhost ~]# cd /opt/
[root@localhost opt]# ls
rh  script.txt
[root@localhost opt]# cat script.txt
this is test script
#Managed End 2:
[root@localhost opt]# ls
fstab.bk  rh  script.txt  test.txt  test.txt.link
[root@localhost opt]# cat script.txt
this is test script

setup module

`List managed end 2:mysql All host information`
[root@localhost opt]# ansible mysql -m setup
192.168.18.148 | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "192.168.122.1",
            "192.168.18.148"
        ],
        "ansible_all_ipv6_addresses": [
            "fe80::1cb1:b734:7f72:576f",
            "fe80::578f:4368:6a2c:80d7",
            "fe80::6a0c:e6a0:7978:3543"
        ],
        "ansible_apparmor": {
            "status": "disabled"
        },
        "ansible_architecture": "x86_64",
        "ansible_bios_date": "07/29/2019",
        "ansible_bios_version": "6.00",
        "ansible_cmdline": {
            "BOOT_IMAGE": "/vmlinuz-3.10.0-693.el7.x86_64",
            "LANG": "zh_CN.UTF-8",
            "crashkernel": "auto",
            "quiet": true,
            "rhgb": true,
            "ro": true,
            "root": "UUID=32c169ff-9bf7-4d89-a2f1-a99a7e59d4f2"
        },
        "ansible_date_time": {
            "date": "2020-02-03",
            "day": "03",
            "epoch": "1580698171",
            "hour": "10",
            "iso8601": "2020-02-03T02:49:31Z",
            "iso8601_basic": "20200203T104931948449",
            "iso8601_basic_short": "20200203T104931",
            "iso8601_micro": "2020-02-03T02:49:31.948682Z",
            "minute": "49",
            "month": "02",
            "second": "31",
            "time": "10:49:31",
            "tz": "CST",
            "tz_offset": "+0800",
            "weekday": "Monday",
            "weekday_number": "1",
            "weeknumber": "05",
            "year": "2020"
        },
        "ansible_default_ipv4": {
            "address": "192.168.18.148",
            "alias": "ens33",
            "broadcast": "192.168.18.255",
            "gateway": "192.168.18.2",
            "interface": "ens33",
            "macaddress": "00:0c:29:79:45:8e",
            "mtu": 1500,
            "netmask": "255.255.255.0",
            "network": "192.168.18.0",
            "type": "ether"
        },
......
......
......

Tags: Linux ansible MySQL ssh Python

Posted on Thu, 06 Feb 2020 23:19:08 -0500 by gca07738