1, Ansible ad hoc command set
1. Ad hoc usage scenario
Ansible provides two ways to complete tasks, one is ad-hoc command, and the other is to write Ansible playbook. After learning playbooks, you can realize where ansible is really powerful.
- Ad hoc pays more attention to solving some simple or temporary tasks in daily work, which is equivalent to the Shell command under the command line of Linux system. The latter is more suitable for solving complex or solidified tasks, which is equivalent to the Shell Scripts of Linux system.
- Usage scenario:
- Shut down all unnecessary servers
- Temporarily update Apache or Nginx configuration files
2. Ansible concurrency
Ansible and ansible playbook will fork 5 threads to execute commands concurrently by default. If the number of hosts operating at the same time is large, it can be adjusted to a larger value.
Ansible provides us with a convenient option to -f specify the number of threads. The default is 5
ansible webserver -m ping -f 3**
ansible has many modules. The default is command, that is, command module. We can specify different modules through the - m option.
3 ansible doc usage
Ansible has many modules. Ansible also provides a help description tool ansible doc similar to man function.
Before formally learning the Ansible module, it is necessary to understand the usage of Ansible doc:
- Show all available modules
- Displays the playbook fragment of the specified module
- Get yum module help
4. Operation mode and common parameters of ansible command
ansible detailed list -m modular -a Module parameters
--version Display version -m module Specify the module. The default is command modular -v Detailed process -vv -vvv More detailed process --list Displays a list of hosts, or you can use--list-hosts -k Prompt input ssh Connection password, default key authentication -C Pre execution detection -T The timeout for executing a command. The default value is 10 s -u Specify the user to execute remotely -b implement sudo Switch identity operation -become-user=USERNAME appoint sudo User -K Prompt input sudo password
5 basic color representation of ansible
Green execution succeeded, but no changes were made to the remote host Yellow execution succeeded and changes were made to the remote host Red execution failed
6 common modules in ansible
Function: execute commands on the remote host. This module is the default module
chdir Enter the specified directory before executing the command cmd Run command assignment creates If the file exists, it will not run removes If the file exists, it will run free_form This parameter does not need to be added to the command executed in the remote host
You can use the command ansible doc command - s to view its parameters and meanings
chdir means to enter the specified directory before executing the command.
Enter the / etc directory and view the passwd file
creates indicates that no action will be performed when the file exists
Remove means that no action is taken when the file does not exist
Note: many wildcards in Linux are not supported in the command module
Function: similar to command function
chdir Enter the specified directory before executing the command cmd Run command assignment creates If the file exists, it will not run removes Runs if the file exists free_form This parameter does not need to be added to the command executed in the remote host executable Specifies the execution environment. The default is sh
You can use ansible doc shell - s to view its parameters and meanings
Function: the script written in the ansible host is executed in the controlled host
Write a script, and the script written in the ansible host will be executed in the controlled host;
Function: copy files from ansible host to controlled host
src source file dest Destination file owner Specify destination file owner group Specify all destination file groups mode Specify destination file permissions backup=yes Back up the original file when the file exists in the controlled host content The specified text content generates the file directly in the controlled host
Function: copy files from controlled host to ansible host, but directory is not supported
src Source file of controlled host dest Native directory flat Basic name function
Copying the files of the controlled host to the current directory of the host will generate / controlled host / create file user / file name in the current directory
There are files in node1 host and none in node2
copy Default to yes from ansible Copy files from host to controlled host Set to no Find from controlled hosts src source file remote_src Same function copy And on the contrary Set to yes Indicates that the package is on a controlled host Set to no Indicates that the package is in ansible host src Package path, which can make ansible The host can also make the controlled host dest Controlled host directory mode File permissions after pressurization <copy=yes>
path Package directory name dest Claim package file name format Packaging format owner Specify the person to whom the document belongs mode Specify file permissions
Role: manage host name
name Specify host name
Function: schedule tasks
minute minute hour hour day day month month weekday week name Task name job Task script or command disabled yes Disable scheduled tasks no Start scheduled task state absent Delete scheduled task
Function: configure system software warehouse source file
name Specify warehouse name baseurl Specify source path description Specify warehouse description file Specify warehouse file name enabled Enable warehouse gpgcheck Is the warehouse inspected gpgkey state Default value present establish absent For deletion
ansible server3 -m yum -a "name=http://172.25.0.250/rhel7.3/x86_64/dvd/Packages/vsftpd-3.0.2-21.el7.x86_64.rpm state=present" //Online installation ansible server3 -m yum -a "name=/mnt/vsftpd-3.0.2-21.el7.x86_64.rpm state=present" //Local installation ansible server3 -m yum -a "name=httpd state=absent" //Uninstall software
Function: dnf warehouse and management software in the management system
name Specify package state Specify action present install latest to update absent delete list List the specified information, httpd, installed, all,available disable_gpg_check Disable gpgkey testing enablerepo Specify the source of the installation package disablerepo Disable package source
Function: manage system service status
name Specify the service name state Specify the action on the service, started,stoped,restarted,reloaded enabled Set whether the service is started,yes Open start,no Start not start
ansible webservers -m service -a "name=httpd state=started" //Start service ansible webservers -m service -a "name=httpd state=restarted" //Restart service ansible webservers -m service -a "name=httpd state=stopped //Out of Service
Function: some services may not be used directly after they are started. You need to set the firewall policy to access them
zone Fire wall domain service Service name permanent Permanent effect state state enbaled allow disabled refuse immediate Effective immediately
Function: the module can help us manage users on the remote host, such as creating users, modifying users, deleting users, and creating key peer-to-peer operations for users
name A required parameter that specifies the name of the user to operate on group Specify the base group where the user resides gourps Specify the additional group that the user is in append Specifies to add an additional group. The default value is no shell Specifies the default for the user shell uid Specifies the name of the user uid number comment Specifies the user's comment information state Specifies whether the user exists on the remote host present establish absent delete remove When deleting a user is to delete the user's home directory, the default value is no password This parameter is used to specify the password of the user. But the password is clear text and can be used openssl password -6 'password'Generate encrypted characters generate_ssh_key generate sshkey
Function: the group module can help us manage groups on remote hosts.
name A required parameter that specifies the name of the user to operate on state Specifies the status of the group present establish absent delete gid Used to specify the name of the group gid
path Specify the file to operate on line Specify text content regexp Use regular expressions to match the corresponding lines when replacing text,If multiple lines of text can be matched,Only the last line of text that is matched will be replaced,When deleting text, multiple lines of text can be matched,So these lines will be deleted state When you want to delete the corresponding text, you need to state The value of the parameter is set to absent，state The default value for is present backrefs No changes are made to the file when there are no matching rules for the content,The default value is no，Backward reference regexp Variable information insertafter With the help of insertafter Parameter can insert text after "specified line", insertafter The value of the parameter can be set to EOF Or regular expressions insertbefore With the help of insertbefore Parameter can insert text before the specified line, insertbefore The value of the parameter can be set to BOF Or regular expressions backup Do you want to back up the file before modifying it create If the file to be operated does not exist, do you want to create the corresponding file
Function: the replace module can replace the strings in the file according to the regular expression specified by us, and all matched strings in the file will be replaced
path Specify the file to operate on regexp Specify a regular expression, and the string matching the regular expression in the file will be replaced. replace Specifies the string to eventually replace with backup Whether to back up files before modifying them, preferably set to yes
Function: the setup module is used to collect some basic information of the remote host
filter Used for conditional filtering. If set, only the information matching the filter criteria is returned
Function: debugging module, used to output information during debugging
msg Debug output messages var: Pass the output of a task execution as a variable to debug modular, debug It will be printed out directly verbosity: debug Level of (level 0 by default, all displayed)
ansible server3 -m mysql_user -a "login_user=root name=wxh password=testpass priv='*.*:select' host='%' state=present"
MySQL Python needs to be installed on the remote host
Specify the node1 side to install MariaDB server
Specify the node1 side to start the service
Specify node1 end user authentication
You need to install MySQL Python on node1
After re authenticating the user, node1 can log in. The default mode is localhost
Function: set file properties
path Specify file name state Specify operation status touch establish absent delete directory recursion link Establish link hard mode Set permissions owner Set file user group Set file group src source file dest Target file recurse=yes Recursive change
ansible demo -m file -a 'path=/mnt/test.sh state=touch'
ansible demo -m file -a 'path=/mnt/test.sh state=absent
Recursively change file permissions and properties
ansible demo -m file -a 'path=/mnt/westos state=directory mode=777 recurse=yes'