ansible基于Python开发,集合了众多运维工具的优点,实现了批量系统配置、批量程序部署、批量运行命令等功能,通过ssh实现配置管理、应用部署、任务执行等功能,因此,需要事先配置ansible端能基于密钥认证的方式联系各被管理节点。
命令格式:ansible <host-pattern> [-m module_name] [-a args] [options]
host-pattern # 目标主机的地址,一般是配置文件中的组名
-m module # 指定应用的模块
-a args # 指定模块的参数
-f #一批并行发出多少请求
安装:
[[email protected] ~]# yum install ansible
配置文件:
[[email protected] ansible]# vim /etc/ansible/hosts [frontend] [email protected] ansible_ssh_host=marvin.com ansible_ssh_port=6789 [email protected] ansible_ssh_host=sherry.com ansible_ssh_port=6789
test ping:
[[email protected] ansible]# ansible frontend -m ping [email protected] | SUCCESS => { "changed": false, "ping": "pong" } [email protected] | SUCCESS => { "changed": false, "ping": "pong" }
注意:基于ssh认证模式的ansible只识别authorized_keys这里的公钥 所以如果想要对本机操作 把自己的公钥写到authorized_keys中
列出模块:ansible-doc -l
查看模块:ansible-doc -s moudle
以下是几个简单的命令实现:
copy:如果是目录一定要绝对路径,才能递归复制
[[email protected] ansible]# ansible frontend -m copy -a ‘src=/etc/hosts dest=/etc/hosts‘ [[email protected] ansible]# ansible frontend -m command -a ‘cat /etc/hosts‘ [email protected] | SUCCESS | rc=0 >> 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.1.220 marvin marvin.com 192.168.1.221 sherry sherry.com [email protected] | SUCCESS | rc=0 >> 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.1.220 marvin marvin.com 192.168.1.221 sherry sherry.com
crontab edit update time:
[[email protected] ansible]# ansible others -m cron -a ‘name="update time" minute=*/3 hour=* month=* weekday=* job="/usr/sbin/ntpdate marvin &> /dev/null"‘ [[email protected] ansible]# ansible others -m command -a ‘crontab -l‘ [email protected] | SUCCESS | rc=0 >> #Ansible: update time */3 * * * * /usr/sbin/ntpdate marvin &> /dev/null [email protected] | SUCCESS | rc=0 >> #Ansible: update time */3 * * * * /usr/sbin/ntpdate marvin &> /dev/null [email protected] | SUCCESS | rc=0 >> #Ansible: update time */3 * * * * /usr/sbin/ntpdate marvin &> /dev/null [[email protected] ansible]# ansible servers -m command -a ‘date‘ [email protected] | SUCCESS | rc=0 >> Thu May 19 20:19:36 CST 2016 [email protected] | SUCCESS | rc=0 >> Thu May 19 20:19:36 CST 2016 [email protected] | SUCCESS | rc=0 >> Thu May 19 20:19:36 CST 2016 [email protected] | SUCCESS | rc=0 >> Thu May 19 20:19:36 CST 2016
组添加:
[[email protected] nginx-1.6.3]# ansible frontend -m group -a ‘gid=304 system=yes name=nginx‘ [email protected] | SUCCESS => { "changed": true, "gid": 304, "name": "nginx", "state": "present", "system": true } [email protected] | SUCCESS => { "changed": true, "gid": 304, "name": "nginx", "state": "present", "system": true } [[email protected] nginx-1.6.3]# tail /etc/group nginx:x:304:
添加用户:
[[email protected] home]# ansible frontend -m user -a ‘uid=304 system=yes group=nginx createhome=no shell=/sbin/nologin name=nginx ‘
删除用户:
[[email protected] home]# ansible frontend -m user -a ‘uid=304 state=absent name=nginx remove=yes‘
yum:
[[email protected] nginx-1.6.3]# ansible frontend -m yum -a ‘name=openssl-devel state=present‘
时间: 2024-11-05 12:32:50