172.16.1.41(backup服务器)是管理机:
41----61
41----31
1)在41上配置ansible
#!/bin/bash
yum install ansible -y
ssh-keygen -f ~/.ssh/id_rsa -P '' -q
for ip in 31 61
do
sshpass -p123456 ssh-copy-id -f -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 172.16.1.$ip
done
#test
ssh 172.16.1.61 "ifconfig eth0"
ssh 172.16.1.31 "ifconfig eth0"
2)使用ansible
[root@backup /etc/ansible]# cat /etc/ansible/hosts
[oldboy]
172.16.1.31
172.16.1.61
[root@backup /etc/ansible]# vim /etc/ansible/ansible.cfg
71行或者374行取消注释,防止yes/no确认信息。
3)使用ansible #<==特有的参数,即调用的模块里面的参数,使用-a调用
[root@backup ~]# ansible oldboy -m command -a "free -m"
172.16.1.61 | CHANGED | rc=0 >>
total used free shared buff/cache available
Mem: 972 142 527 7 301 678
Swap: 1023 0 1023
172.16.1.31 | CHANGED | rc=0 >>
total used free shared buff/cache available
Mem: 972 131 738 7 102 716
Swap: 1023 0 1023
4)查看使用帮助
ansible-doc -l #<==模块就Linux的所有命令了。
command Executes a command on a remote node
查模块的参数:
[root@backup ~]# ansible-doc -s command #<==Linux的命令对应的所有参数。
command Executes a command on a remote node
查模块的参数:
[root@backup ~]# ansible-doc -s command #<==Linux的命令对应的所有参数。
ansible的模块以及参数讲解。
实践:增加文本文件
[root@m01 ~]# ansible oldboy -m shell -a "echo oldboy >/tmp/tmp.txt"
172.16.1.41 | CHANGED | rc=0 >>
172.16.1.31 | CHANGED | rc=0 >>
[root@m01 ~]# ansible oldboy -m shell -a "cat /tmp/tmp.txt"
172.16.1.41 | CHANGED | rc=0 >>
oldboy
172.16.1.31 | CHANGED | rc=0 >>
oldboy
服务器越多价值越大。
copy模块功能说明:
功能说明:复制文件到远程主机
官方链接:http://docs.ansible.com/ansible/latest.copy_module.html
参数说明:
[root@m01 ~]# ansible oldboy -m shell -a "sh /server/scripts/bak.sh"
172.16.1.41 | FAILED | rc=127 >>
sh: /server/scripts/bak.sh: No such file or directorynon-zero return code
172.16.1.31 | FAILED | rc=127 >>
sh: /server/scripts/bak.sh: No such file or directorynon-zero return code
ansible oldboy -m copy -a "src=/server/scripts/bak.sh dest=/server/scripts/ mode=ugo+x"
#-m 是模块,拷贝
#-a 里面接参数
[root@m01 ~]# ansible oldboy -m copy -a "src=/server/scripts/bak.sh dest=/server/scripts/ mode=ugo+x backup=yes"
#本地服务器的脚本拷贝到远端服务器
#backup=yes的目的是在文件内添加的内容会进行更新
/etc/hosts 400 /opt root root
实践1:把/etc/hosts拷贝到/opt下,权限设置400,用户和组设置root
ansible oldboy -m copy -a "src=/etc/hosts dest=/opt mode 400 owner=root group=root backup=yes"
实践2:把/etc/passwd拷贝/tmp下改名为old'girl,用户和组为oldboy,权限600,如果有存在同名文件覆盖
ansible oldboy -m copy -a "src=/etc/passwd dest=/tmp/oldgirl.txt owner=oldboy group=oldboy mode=0600 force=yes"
ansible oldboy -m copy -a "src=/etc/hosts dest=/opt/hosts mode 400 owner=root group=root backup=yes"
file模块功能说明:
功能说明:改变文件属性
参数实践:创建数据文件(普通文件 目录 软连接文件)
ansible oldboy -m file -a "dest=/tmp/oldboy_dir state=directory"
ansible oldboy -m command -a "mkdir -p /tmp/oldboy_dir1 warn=flase"
ansible oldboy -m file -a "dest=/tmp/oldboy1 state=touch"
ansible oldboy -m command -a "touch /tmp/oldboy_dir1 warn=flase"
script模块功能说明:
功能说明:远程节点上运行本地脚本模块
官方链接:http://docs.ansible.com/latest/scripts_module.html
[root@m01 /server/scripts]# cat new.sh
echo oldboy > /tmp/oldboy.txt
本地脚本,在远端执行。
[root@m01 /server/scripts]# ansible oldboy -m script -a "/server/scripts/new.sh"
可以使用script模块,替代copy+shell模块
作业:批量创建五个用户oldboy01-05,然后设置123456密码,然后同时在所有客户端执行。
12.6yum模块功能说明:
功能说明:yum包管理模块
ansible oldboy -m command -a "yum install nginx -y"
ansible oldboy -m yum -a "name=nginx state=installed"
[root@nfs01 /tmp]# rpm -qa nginx
nginx-1.16.1-1.el7.x86_64
###不要用yum卸载,可用rpm -e卸载。
12.7 ansible系统类型模块说明
systemd模块功能说明(service模块):
参数说明:
service nfs restart
/etc/init.d/nfs restart
systemctl restart nfs
[root@m01 /server/scripts]# ansible-doc -s systemd
- name: Manage services
systemd:
daemon_reexec: # Run daemon_reexec command before doing any other
operations, the
systemd manager will
serialize the manager
state.
daemon_reload: # Run daemon-reload before doing any other operations,
to make sure systemd
has read any changes.
When set to `yes',
runs daemon-reload
even if the module
does not start or stop
anything.
enabled: # Whether the service should start on boot. *At least
one of state and
enabled are required.*
force: # Whether to override existing symlinks.
masked: # Whether the unit should be masked or not, a masked
实践:
ansible oldboy -m systemd -a "name=crond.service enable=no state=stopped"
ansible oldboy -m systemd -a "systemctl status crond"
ansible oldboy -m systemd -a "name=crond.service enable=yes state=started"
anesible systemd
https://hoxis.github.io
12.8 cron模块功能说明:
功能管理:管理定时任务条目信息模块。
cron Manage cron.d and crontab entries
定时任务格式:
* * * * * CMD
创建定时任务:
ansible oldboy -m
[root@m01 ~]# ansible-doc -s cron
- name: Manage cron.d and crontab entries
cron:
backup: # If set, create a backup of the crontab before it is
modified. The location
of the backup is
returned in the
`backup_file' variable
by this module.
cron_file: # If specified, uses this file instead of an individual
user's crontab. If
:...skipping...
- name: Manage cron.d and crontab entries
cron:
backup: # If set, create a backup of the crontab before it is
modified. The location
of the backup is
returned in the
`backup_file' variable
by this module.
cron_file: # If specified, uses this file instead of an individual
user's crontab. If
this is a relative
path, it is
interpreted with
respect to
`/etc/cron.d'. If it
is absolute, it will
typically be
`/etc/crontab'. Many
linux distros expect
(and some require) the
filename portion to
consist solely of
upper- and lower-case
letters, digits,
underscores, and
hyphens. To use the
`cron_file' parameter
you must specify the
`user' as well.
day: # Day of the month the job should run ( 1-31, *, */2,
etc )
disabled: # If the job should be disabled (commented out) in the
crontab. Only has
effect if
`state=present'.
env: # If set, manages a crontab's environment variable. New
variables are added on
top of crontab. `name'
and `value' parameters
are the name and the
value of environment
variable.
hour: # Hour when the job should run ( 0-23, *, */2, etc )
insertafter: # Used with `state=present' and `env'. If specified,
the environment
variable will be
inserted after the
declaration of
specified environment
variable.
insertbefore: # Used with `state=present' and `env'. If specified,
the environment
variable will be
inserted before the
declaration of
specified environment
variable.
job: # The command to execute or, if env is set, the value
of environment
variable. The command
should not contain
line breaks. Required
if `state=present'.
minute: # Minute when the job should run ( 0-59, *, */2, etc )
month: # Month of the year the job should run ( 1-12, *, */2,
etc )
name: # Description of a crontab entry or, if env is set, the
name of environment
variable. Required if
`state=absent'. Note
that if name is not
set and
`state=present', then
a new crontab entry
will always be
created, regardless of
existing ones. This
parameter will always
be required in future
releases.
reboot: # If the job should be run at reboot. This option is
deprecated. Users
should use
special_time.
special_time: # Special time specification nickname.
state: # Whether to ensure the job or environment variable is
present or absent.
user: # The specific user whose crontab should be modified.
When unset, this
parameter defaults to
using `root'.
weekday: # Day of the week that the job should run ( 0-6 for
Sunday-Saturday, *,
etc )
定时任务实践参数:
创建定时任务:
ansible oldboy -m cron -a "name='sync time' minute=00 hour=00 job='/usr/sbin/ntpdate time.nist.gov >/dev/null 2>&1'"
添加如下定时任务:
05 03 * * * /bin/sh /server/scripts/backup.sh >/dev/null 2>&1
命令如下:
ansible oldboy -m cron -a "name='backup data' minute=05 hour=03 job='/bin/sh /server/scripts/backup.sh>/dev/null 2>&1'"
删除定时任务:
ansible oldboy -m cron -a "name='backup data' state=absent backup=yes"
ansible oldboy -m cron -a "name='sync time' mintue=00 hour=00 job='/usr/sbin/ntpdate time.nist.gov > /dev/null 2>&1' state=absent"
名字不变的前提下,修改ansible参数内容,就是修改定时任务。
查看结果:
注释定时任务:disabled=yes
替代方案:
ansible 172.16.1.31 -m copy -a "src=/data/root dest=/var/log/cron/root"
项目实践:
1)各一键完成rsync服务端和客户端。
2)各一键完成nfs服务端和客户端。
3)各一键完成sersync服务端和客户端。
一个脚本one_key.sh或者一个ansible命令。完成
自学mount模块。
rsync服务端写成脚本 r1.sh
rsync客户端写成脚本 r2.sh
nfs服务端写成脚本 n1.sh
nfs客户端写成脚本 n2.sh
sersync服务端写成脚本 s1.sh
sersync客户端写成脚本 s2.sh
/servers/scipts/one_key_gaoding.sh
ansible r1 -m shell -a "sh /server/scripts/r1.sh"
ansible r2 -m shell -a "sh /server/scripts/r2.sh"
ansible n1 -m shell -a "sh /server/scripts/n1.sh"
ansible n2 -m shell -a "sh /server/scripts/n2.sh"
ansible s1 -m shell -a "sh /server/scripts/s1.sh"
ansible s2 -m shell -a "sh /server/scripts/s2.sh"
/bin/sh /servers/scipts/one_key_gaoding.sh
12.8 playbook
把所有ansible命令放在文件里执行
