本文详细介绍如何使用Ansible进行自动化运维操作,包括基于密钥和口令认证的连接方式,通过各种模块如shell、copy、fetch等实现远程服务器管理,如用户管理、服务控制、文件操作及软件包管理。此外,还提供了Ansible常用命令和模块应用实例。
1基于密钥认证
ssh-keygen -t rsa -P
ssh-copy-id -i .ssh/id_rsa.pub root@192.168.113.161
基于口令认证
[root@node1 ~]# ansible -m ping 192.168.113.161 -k
SSH password:
192.168.113.161 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
/etc/ansible/ansible.cfg
log_path = /var/log/ansible.log #日志文件建议开启
command
查看帮助 ansible-doc file/x
ansible all -a 'ls /root'
模块
shell
修改远程服务器的用户密码
[root@node1 ~]# ansible all -m shell -a 'echo $hostname'
192.168.113.161 | CHANGED | rc=0 >>
ansible test1 -m shell -a 'echo test | passwd --stdin test'
192.168.113.150 | SUCCESS | rc=0 >>
script
[root@node1 ~]# ansible all -m script -a '/root/ans-echo.sh'
192.168.113.161 | CHANGED => {
copy
ansible all -m copy -a " src=/etc/fstab dest=/tmp/fstab"
192.168.113.150 | SUCCESS => {
ansible all -m copy -a 'content="hello linux" dest=/root/hello'
192.168.113.150 | SUCCESS => {
fetch
抓取远程主机的文件
ansible all -m fetch -a 'src=/var/log/messages dest=/root'
cron
ansible all -m cron -a "minute=*/5 job='/sbin/ntpdate 192.168.113.128 &> /dev/null ' name=sysnctime”
file
创建
ansible all -m file -a 'name=test-ansible state=touch'
删除
ansible all -m file -a 'name=test-ansible state=absent'
创建链接
ansible all -m file -a "src=/etc/fstab path=/tmp/fstam.link state=link"
设置文件属性
ansible all -m file -a "path=/root/hello mode=777"
yum
state: present' orinstalled’, `latest’,removed
安装/删除
ansible all -m yum -a "name=httpd" #(默认oresent)
service
state:`started'`stopped' `restarted' `reloaded'
ansible all -m service -a "name=httpd state=stopped“
user
添加
ansible all -m user -a 'name=testx shell=/sbin/nologin system=yes groups=root,bin uid=55'
192.168.113.161 | CHANGED => {
"create_home": true,
"group": 55,
"groups": "root,bin", #附加组
"home": "/home/testx",
"name": "testx",
"shell": "/sbin/nologin",
"state": "present",
"uid": 55
}
删除
ansible all -m user -a 'name=testx state=absent remove=yes'
扫一扫
592
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
