layout: post
title: Ad-Hoc应用场景和实例
date: 2018-01-13
tags: [“Ansible”,”自动化运维工具”]
一、Ansible的配置
1、ansible的主配置文件配置
我们主控机的ip:172.18.0.253
- 1、我们先修改几出配置文件
- vim /etc/ansible/ansible.cfg
- host_key_checking = False #取消这一项的注释
2、ansible的INVENTORY配置
[root@ansible /]# vim /etc/ansible/hosts
添加如下配置
[webserver]
172.18.30.[1:2]
[loadbalance]
172.18.30.2
[mysql]
172.18.30.3
[middle]
172.18.30.4
我们配置了4项主机组
二、Ad-Hoc演练
注意一点,主控机需要事先将pub-key传送到受控机,否则每次操作都会提示输入密码,相当繁琐
1)ping模块,测试检测主机的存活(改 模块虽然叫ping,但是其并不依赖icmp协议,当受控机器设置了忽略icmp时,不会影响这个操作)
2)command模块,在受控机器只想能够shell命令,但不支持远端的管道、变量引用等操作
- @172.18.30.253
- [root@ansible /]# cat /etc/ansible/hosts ' grep '^\[' #获取主机组标签
- [webserver]
- [loadbalance]
- [mysql]
- [middle]
- [root@ansible /]# ansible "webserver" -m ping
- 172.18.30.1 ' SUCCESS => {
- "changed": false,
- "ping": "pong"
- }
- 172.18.30.2 ' SUCCESS => {
- "changed": false,
- "ping": "pong"
- }
- 现在我们将172.18.30.2这台主机的网络服务关闭,再执行 ansible "webserver" -m ping
- @172.18.30.2
- [root@localhost ~]# systemctl stop network
- @172.18.30.253
- [root@ansible /]# ansible "webserver" -m ping
- 172.18.30.1 ' SUCCESS => {
- "changed": false,
- "ping": "pong"
- }
- 172.18.30.2 ' UNREACHABLE! => {
- "changed": false,
- "msg": "Failed to connect to the host via ssh: ssh: connect to host 172.18.30.2 port 22: Connection timed out\r\n",
- "unreachable": true
- }
- [root@ansible /]# ansible "*" -m command -a 'ls /app ' #查看所有机器下/app 目录的内容
- 172.18.30.4 ' SUCCESS ' rc=0 >>
- 172.18.30.2 ' SUCCESS ' rc=0 >>
- f1.sh
- 172.18.30.1 ' SUCCESS ' rc=0 >>
- f1.sh
- 172.18.30.3 ' SUCCESS ' rc=0 >>
- [root@ansible /]# ansible "~172.18.30.[12]" -a 'cat /app/f1.sh' #查看172.18.30.1和2机器上/app/f1.sh的内容 ,"~"表示使用正则表达式
- 172.18.30.2 ' SUCCESS ' rc=0 >>
- uname -r
- hostname
- 172.18.30.1 ' SUCCESS ' rc=0 >>
- uname -r
- hostname
- [root@ansible /]# ansible "~172.18.30.[12]" -a 'rm -rf /app/f1.sh' #删除172.18.30.1和2机器上的/app/f1.sh
- [WARNING]: Consider using file module with state=absent rather than running rm
- 这里有个提示,让我们使用absent来代替rm,后面我们会演示,这里虽然提示了,但是命令执行是成功的。
- 172.18.30.2 ' SUCCESS ' rc=0 >>
- 172.18.30.1 ' SUCCESS ' rc=0 >>
3)shell模块(过于复杂的命令有时也会执行失败,建议写到脚本内,然后copy到受控机,然后远程后自行脚本)
- [root@ansible /]# ansible "~172.18.30.*" -m shell -a 'echo $HOSTNAME' #查看172.18.30.段下所有机器的主机名,注意,执行的命令引用了变量,必须用单引号引起来,否则改变量引用的是本地的变量,而不是远端的。
- 172.18.30.1 ' SUCCESS ' rc=0 >>
- localhost.localdomain
- 172.18.30.2 ' SUCCESS ' rc=0 >>
- localhost.localdomain
- 172.18.30.3 ' SUCCESS ' rc=0 >>
- localhost.localdomain
- 172.18.30.4 ' SUCCESS ' rc=0 >>
- localhost.localdomain
4)script 模块(在远端执行本地脚本)
- @172.18.30.253
- [root@ansible shell]# cat scanip.sh
- > /app/ip_up.log
- > /app/ip_down.log
- #$1是netmask为255.255.255.0的网段
- net=$1
- for i in {1..254};
- do
- { if ping -c1 -W1 $net.$i &>/dev/null;then
- echo $net.$i is up >> ./ip_up.log
- else
- echo $net.$i is down >> ./ip_down.log
- fi
- } &
- done
- wait #退出
- 我们准备执行这个脚本文件
- [root@ansible shell]# ansible-doc -s script #获取script的选项
- - name: Runs a local script on a remote node after transferring it
- script:
- chdir: # cd into this directory on the remote node before
- running the
- script
- creates: # a filename, when it already exists, this step
- will *not* be
- run.
- decrypt: # This option controls the autodecryption of
- source files
- using vault.
- free_form: # (required) Path to the local script file
- followed by
- optional
- arguments. There
- is no parameter
- actually named
- 'free form'; see
- the examples!
- removes: # a filename, when it does not exist, this step
- will *not* be
- run.
- 我们需要用到 chdir选项,否则脚本的log文件会不知道存放在哪里
- [root@ansible shell]# ansible '*' -m script -a 'chdir=/app /root/zsfile/shell/scanip.sh 172.18.30'
- 172.18.30.4 ' SUCCESS => {
- "changed": true,
- "rc": 0,
- "stderr": "Shared connection to 172.18.30.4 closed.\r\n",
- "stdout": "",
- "stdout_lines": []
- }
- 172.18.30.2 ' SUCCESS => {
- "changed": true,
- "rc": 0,
- "stderr": "Shared connection to 172.18.30.2 closed.\r\n",
- "stdout": "",
- "stdout_lines": []
- }
- 172.18.30.1 ' SUCCESS => {
- "changed": true,
- "rc": 0,
- "stderr": "Shared connection to 172.18.30.1 closed.\r\n",
- "stdout": "",
- "stdout_lines": []
- }
- 172.18.30.3 ' SUCCESS => {
- "changed": true,
- "rc": 0,
- "stderr": "Shared connection to 172.18.30.3 closed.\r\n",
- "stdout": "",
- "stdout_lines": []
- }
- @172.18.30.1
- [root@localhost app]# cat /app/ip_up.log
- 172.18.30.1 is up
- 172.18.30.2 is up
- 172.18.30.3 is up
- 172.18.30.4 is up
- 172.18.30.253 is up
- 172.18.30.254 is up
- 脚本已经在目标机器成功执行了
不管什么模块的子参数都可以通过ansible-doc 模块来查看
5)Copy模块,拷贝本地的文件到受控主机
- @172.18.30.253
- [root@ansible app]# ansible-doc -s copy
- - name: Copies files to remote locations
- copy:
- attributes: # Attributes the file or directory should have. To get supported flags look at the man page for `chattr' on the
- target system. This string should contain the attributes in the same order as
- the one displayed by `lsattr'.
- backup: # Create a backup file including the timestamp information so you can get the original file back if you somehow
- clobbered it incorrectly.
- content: # When used instead of `src', sets the contents of a file directly to the specified value. For anything
- advanced or with formatting also look at the template module.
- decrypt: # This option controls the autodecryption of source files using vault.
- dest: # (required) Remote absolute path where the file should be copied to. If `src' is a directory, this must be a
- directory too. If `dest' is a nonexistent path and if either `dest' ends with
- "/" or `src' is a directory, `dest' is created. If `src' and `dest' are files,
- the parent directory of `dest' isn't created: the task fails if it doesn't
- already exist.
- directory_mode: # When doing a recursive copy set the mode for the directories. If this is not set we will use the system
- defaults. The mode is only set on directories which are newly created, and
- will not affect those that already existed.
- follow: # This flag indicates that filesystem links in the destination, if they exist, should be followed.
- force: # the default is `yes', which will replace the remote file when contents are different than the source. If
- `no', the file will only be transferred if the destination does not exist.
- group: # Name of the group that should own the file/directory, as would be fed to `chown'.
- local_follow: # This flag indicates that filesystem links in the source tree, if they exist, should be followed.
- mode: # Mode the file or directory should be. For those used to `/usr/bin/chmod' remember that modes are actually
- octal numbers (like 0644). Leaving off the leading zero will likely have
- unexpected results. As of version 1.8, the mode may be specified as a symbolic
- mode (for example, `u+rwx' or `u=rw,g=r,o=r').
- owner: # Name of the user that should own the file/directory, as would be fed to `chown'.
- remote_src: # If `no', it will search for `src' at originating/master machine. If `yes' it will go to the remote/target
- machine for the `src'. Default is `no'. Currently `remote_src' does not
- support recursive copying.
- selevel: # Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the `range'.
- `_default' feature works as for `seuser'.
- serole: # Role part of SELinux file context, `_default' feature works as for `seuser'.
- setype: # Type part of SELinux file context, `_default' feature works as for `seuser'.
- seuser: # User part of SELinux file context. Will default to system policy, if applicable. If set to `_default', it
- will use the `user' portion of the policy if available.
- src: # Local path to a file to copy to the remote server; can be absolute or relative. If path is a directory, it is
- copied recursively. In this case, if path ends with "/", only inside contents
- of that directory are copied to destination. Otherwise, if it does not end
- with "/", the directory itself with all contents is copied. This behavior is
- similar to Rsync.
- unsafe_writes: # Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target
- files, sometimes systems are configured or just broken in ways that prevent
- this. One example are docker mounted files, they cannot be updated atomically
- and can only be done in an unsafe manner. This boolean option allows ansible
- to fall back to unsafe methods of updating files for those cases in which you
- do not have any other choice. Be aware that this is subject to race conditions
- and can lead to data corruption.
- validate: # The validation command to run before copying into place. The path to the file to validate is passed in via
- '%s' which must be present as in the example below. The command is passed
- securely so shell features like expansion and pipes won't work.
- 模块的用法:主要的参数 src dest 分别代表原目录和目标目录,其中还可以使用mode指定权限,owner指定所有者,group所属组
- [root@ansible app]# ansible 'webserver' -m copy -a 'remote_src=yes src=/app/fist.des3 dest=/app/fist.des3 mode=600 owner=root group=root'
- 172.18.30.1 ' FAILED! => {
- "changed": false,
- "msg": "Source /app/fist.des3 not found"
- }
- 172.18.30.2 ' FAILED! => {
- "changed": false,
- "msg": "Source /app/fist.des3 not found"
- }
- 这次执行失败是因为"remote_src=yes "这个选项, 因为在受控机器并没有fist.des3这个文件
- [root@ansible app]# ansible 'webserver' -m copy -a 'src=/app/fist.des3 dest=/app/fist.des3 mode=600 owner=root group=root'
- 172.18.30.2 ' SUCCESS => {
- "changed": true,
- "checksum": "e5fa44f2b31c1fb553b6021e7360d07d5d91ff5e",
- "dest": "/app/fist.des3",
- "gid": 0,
- "group": "root",
- "md5sum": "b026324c6904b2a9cb4b88d6d61c81d1",
- "mode": "0600",
- "owner": "root",
- "size": 2,
- "src": "/root/.ansible/tmp/ansible-tmp-1515830878.84-276590900255815/source",
- "state": "file",
- "uid": 0
- }
- 172.18.30.1 ' SUCCESS => {
- "changed": true,
- "checksum": "e5fa44f2b31c1fb553b6021e7360d07d5d91ff5e",
- "dest": "/app/fist.des3",
- "gid": 0,
- "group": "root",
- "md5sum": "b026324c6904b2a9cb4b88d6d61c81d1",
- "mode": "0600",
- "owner": "root",
- "size": 2,
- "src": "/root/.ansible/tmp/ansible-tmp-1515830878.81-263414101661294/source",
- "state": "file",
- "uid": 0
- }
- @172.18.30.1
- [root@localhost app]# ll /app
- 总用量 16
- -rw------- 1 root root 2 1月 13 16:07 fist.des3 #权限已经改变了
- -rw-r--r-- 1 root root 5356 1月 13 15:36 ip_down.log
- -rw------- 1 root root 112 1月 13 15:36 ip_up.log
6)Cron 计划任务
支持时间:minute,hour,day,month,weekday
- @172.18.30.253
- [root@ansible app]# ansible-doc -s cron
- - name: Manage cron.d and crontab entries.
- cron:
- backup: # If set, create a backup of the crontab before it is modified. The location of the backup is returned in the
- `backup_file' variable by this module.
- cron_file: # If specified, uses this file instead of an individual user's crontab. If this is a relative path, it is
- interpreted with respect to /etc/cron.d. (If it is absolute, it will typically
- be /etc/crontab). Many linux distros expect (and some require) the filename
- portion to consist solely of upper- and lower-case letters, digits,
- underscores, and hyphens. To use the `cron_file' parameter you must specify
- the `user' as well.
- day: # Day of the month the job should run ( 1-31, *, */2, etc )
- disabled: # If the job should be disabled (commented out) in the crontab. Only has effect if state=present
- env: # If set, manages a crontab's environment variable. New variables are added on top of crontab. "name" and
- "value" parameters are the name and the value of environment variable.
- hour: # Hour when the job should run ( 0-23, *, */2, etc )
- insertafter: # Used with `state=present' and `env'. If specified, the environment variable will be inserted after the
- declaration of specified environment variable.
- insertbefore: # Used with `state=present' and `env'. If specified, the environment variable will be inserted before the
- declaration of specified environment variable.
- job: # The command to execute or, if env is set, the value of environment variable. The command should not contain
- line breaks. Required if state=present.
- minute: # Minute when the job should run ( 0-59, *, */2, etc )
- month: # Month of the year the job should run ( 1-12, *, */2, etc )
- name: # Description of a crontab entry or, if env is set, the name of environment variable. Required if state=absent.
- Note that if name is not set and state=present, then a new crontab entry will
- always be created, regardless of existing ones.
- reboot: # If the job should be run at reboot. This option is deprecated. Users should use special_time.
- special_time: # Special time specification nickname.
- state: # Whether to ensure the job or environment variable is present or absent.
- user: # The specific user whose crontab should be modified.
- weekday: # Day of the week that the job should run ( 0-6 for Sunday-Saturday, *, etc )
- }
- 添加定时任务
- [root@ansible app]# ansible '*' -m cron -a 'state=present user=root name=test minute=10 job="wall ok"'
- 172.18.30.3 ' SUCCESS => {
- "changed": true,
- "envs": [],
- "jobs": [
- "test"
- ]
- }
- 172.18.30.1 ' SUCCESS => {
- "changed": true,
- "envs": [],
- "jobs": [
- "test"
- ]
- }
- 172.18.30.4 ' SUCCESS => {
- "changed": true,
- "envs": [],
- "jobs": [
- "test"
- ]
- }
- 172.18.30.2 ' SUCCESS => {
- "changed": true,
- "envs": [],
- "jobs": [
- "test"
- ]
- }
- @172.18.30.1
- [root@localhost app]# crontab -e
- #Ansible: test
- 10 * * * * wall ok
- @172.18.30.253
- 取消刚才的定时任务
- [root@ansible app]# ansible '*' -m cron -a 'state=absent user=root name=test minute=10 job="wall ok"'
- 172.18.30.3 ' SUCCESS => {
- "changed": true,
- "envs": [],
- "jobs": []
- }
- 172.18.30.2 ' SUCCESS => {
- "changed": true,
- "envs": [],
- "jobs": []
- }
- 172.18.30.1 ' SUCCESS => {
- "changed": true,
- "envs": [],
- "jobs": []
- }
- 172.18.30.4 ' SUCCESS => {
- "changed": true,
- "envs": [],
- "jobs": []
- }
- @172.18.30.1
- [root@localhost app]# crontab -e
- 已经没有定时任务
7)Fetch模块,将远程主机的指定文件复制到管理机的指定目录,与copy模块相反
- [root@ansible app]# ansible '*' -m fetch -a 'dest=/app src=/app/ip_down.log'
- 172.18.30.4 ' SUCCESS => {
- "changed": true,
- "checksum": "761cb53a1208b1e6a7004108a597e02082f3b630",
- "dest": "/app/172.18.30.4/app/ip_down.log",
- "md5sum": "3b1576b36d72897ecaf798faa7129635",
- "remote_checksum": "761cb53a1208b1e6a7004108a597e02082f3b630",
- "remote_md5sum": null
- }
- 172.18.30.3 ' SUCCESS => {
- "changed": true,
- "checksum": "8c946be6ff9777014f992cf77417231626adaca9",
- "dest": "/app/172.18.30.3/app/ip_down.log",
- "md5sum": "784d01045ed8fdbdd4ba59e092244573",
- "remote_checksum": "8c946be6ff9777014f992cf77417231626adaca9",
- "remote_md5sum": null
- }
- 172.18.30.1 ' SUCCESS => {
- "changed": true,
- "checksum": "2302bde1cb0aa030da62961348835d2eaaaff6ff",
- "dest": "/app/172.18.30.1/app/ip_down.log",
- "md5sum": "0ed208a07074c8db42749007360b3779",
- "remote_checksum": "2302bde1cb0aa030da62961348835d2eaaaff6ff",
- "remote_md5sum": null
- }
- 172.18.30.2 ' SUCCESS => {
- "changed": true,
- "checksum": "11515e50e0ab4dbe4d6783c6da35b7a1a798a5bb",
- "dest": "/app/172.18.30.2/app/ip_down.log",
- "md5sum": "58362c368725e2f4d85d85d8fa4118e5",
- "remote_checksum": "11515e50e0ab4dbe4d6783c6da35b7a1a798a5bb",
- "remote_md5sum": null
- }
- 将远程主机的ip_down.log文件拷贝到本地的/app目录下
- [root@ansible app]# tree /app
- /app
- ├── 172.18.30.1
- │ └── app
- │ └── ip_down.log
- ├── 172.18.30.2
- │ └── app
- │ └── ip_down.log
- ├── 172.18.30.3
- │ └── app
- │ └── ip_down.log
- ├── 172.18.30.4
- │ └── app
- │ └── ip_down.log
- ├── fist.des3
- ├── fist_encrypt
- ├── ip_down.log
- ├── ip_up.log
- ├── new_file
- ├── private_key
- ├── private_key.tmp
- ├── pub_key
- └── pub_key.tmp
- 8 directories, 13 files
- 完成之后,会按照主机的IP进行命名目录
8)File设置文件属性
- @172.18.30.253
- [root@ansible app]# ansible-doc -s file
- - name: Sets attributes of files
- file:
- attributes: # Attributes the file or directory should have. To get supported flags look at the man page for `chattr' on the
- target system. This string should contain the attributes in the same order as
- the one displayed by `lsattr'.
- follow: # This flag indicates that filesystem links, if they exist, should be followed.
- force: # force the creation of the symlinks in two cases: the source file does not exist (but will appear later); the
- destination exists and is a file (so, we need to unlink the "path" file and
- create symlink to the "src" file in place of it).
- group: # Name of the group that should own the file/directory, as would be fed to `chown'.
- mode: # Mode the file or directory should be. For those used to `/usr/bin/chmod' remember that modes are actually
- octal numbers (like 0644). Leaving off the leading zero will likely have
- unexpected results. As of version 1.8, the mode may be specified as a symbolic
- mode (for example, `u+rwx' or `u=rw,g=r,o=r').
- owner: # Name of the user that should own the file/directory, as would be fed to `chown'.
- path: # (required) path to the file being managed. Aliases: `dest', `name'
- recurse: # recursively set the specified file attributes (applies only to state=directory)
- selevel: # Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the `range'.
- `_default' feature works as for `seuser'.
- serole: # Role part of SELinux file context, `_default' feature works as for `seuser'.
- setype: # Type part of SELinux file context, `_default' feature works as for `seuser'.
- seuser: # User part of SELinux file context. Will default to system policy, if applicable. If set to `_default', it
- will use the `user' portion of the policy if available.
- src: # path of the file to link to (applies only to `state=link'). Will accept absolute, relative and nonexisting
- paths. Relative paths are not expanded.
- state: # If `directory', all immediate subdirectories will be created if they do not exist, since 1.7 they will be
- created with the supplied permissions. If `file', the file will NOT be created
- if it does not exist, see the [copy] or [template] module if you want that
- behavior. If `link', the symbolic link will be created or changed. Use `hard'
- for hardlinks. If `absent', directories will be recursively deleted, and files
- or symlinks will be unlinked. Note that `absent' will not cause `file' to fail
- if the `path' does not exist as the state did not change. If `touch' (new in
- 1.4), an empty file will be created if the `path' does not exist, while an
- existing file or directory will receive updated file access and modification
- times (similar to the way `touch` works from the command line).
- unsafe_writes: # Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target
- files, sometimes systems are configured or just broken in ways that prevent
- this. One example are docker mounted files, they cannot be updated atomically
- and can only be done in an unsafe manner. This boolean option allows ansible
- to fall back to unsafe methods of updating files for those cases in which you
- do not have any other choice. Be aware that this is subject to race conditions
- and can lead to data corruption.
- 几个重要的属性
- group 设置属组
- mode 设置权限
- owner 社会资所有人
- path 设置文件路径
- recurse 设置是否使用递归,只有在目标是目录时才可以使用
- src 创建软连接时使用
- state 状态 directory file link hard absent touch path 这几种,用法参考模块文档
- [root@ansible /]# ansible '*' -m file -a 'state=file path=/app/ip_up.log mode=0600 '
- 172.18.30.4 ' SUCCESS => {
- "changed": true,
- "gid": 0,
- "group": "root",
- "mode": "0600",
- "owner": "root",
- "path": "/app/ip_up.log",
- "size": 112,
- "state": "file",
- "uid": 0
- }
- 172.18.30.1 ' SUCCESS => {
- "changed": false,
- "gid": 0,
- "group": "root",
- "mode": "0600",
- "owner": "root",
- "path": "/app/ip_up.log",
- "size": 112,
- "state": "file",
- "uid": 0
- }
- 172.18.30.2 ' SUCCESS => {
- "changed": false,
- "gid": 0,
- "group": "root",
- "mode": "0600",
- "owner": "root",
- "path": "/app/ip_up.log",
- "size": 112,
- "state": "file",
- "uid": 0
- }
- 172.18.30.3 ' SUCCESS => {
- "changed": true,
- "gid": 0,
- "group": "root",
- "mode": "0600",
- "owner": "root",
- "path": "/app/ip_up.log",
- "size": 112,
- "state": "file",
- "uid": 0
- }
- 下面设置软连接
- [root@ansible /]# ansible 'mysql' -m file -a 'state=link src=/app/ip_up.log dest=/app/log.log'
- 172.18.30.3 ' SUCCESS => {
- "changed": true,
- "dest": "/app/log.log",
- "gid": 0,
- "group": "root",
- "mode": "0777",
- "owner": "root",
- "size": 14,
- "src": "/app/ip_up.log",
- "state": "link",
- "uid": 0
- }
- @172.18.30.3
- [root@localhost ~]# cd /app
- [root@localhost app]# ll
- 总用量 12
- -rw-r--r-- 1 root root 5356 1月 13 21:10 ip_down.log
- -rw------- 1 root root 112 1月 13 21:10 ip_up.log
- lrwxrwxrwx 1 root root 14 1月 13 23:54 log.log -> /app/ip_up.log
- 下面递归设置目录权限
- [root@ansible /]# ansible 'mysql' -m file -a 'state=directory mode=440 recurse=yes path=/app'
- 172.18.30.3 ' SUCCESS => {
- "changed": true,
- "gid": 0,
- "group": "root",
- "mode": "0440",
- "owner": "root",
- "path": "/app",
- "size": 57,
- "state": "directory",
- "uid": 0
- }
- @172.18.30.3
- [root@localhost app]# ll
- 总用量 12
- -r--r----- 1 root root 5356 1月 13 21:10 ip_down.log
- -r--r----- 1 root root 112 1月 13 21:10 ip_up.log
- lrwxrwxrwx 1 root root 14 1月 13 23:54 log.log -> /app/ip_up.log
- [root@localhost app]# cd ..
- [root@localhost /]# ll ' grep app
- dr--r-----. 2 root root 57 1月 13 23:54 app
- 可以看出/app 的目录权限已经更改了,但是默认软连接的权限不会更改
9)hostname
- [root@ansible /]# ansible 'mysql' -m hostname -a 'name=mysql.joker.com'
- 172.18.30.3 ' SUCCESS => {
- "ansible_facts": {
- "ansible_domain": "joker.com",
- "ansible_fqdn": "mysql.joker.com",
- "ansible_hostname": "mysql",
- "ansible_nodename": "mysql.joker.com"
- },
- "changed": false,
- "name": "mysql.joker.com"
- }
- 修改主机名
10)Yum包管理
- 安装httpd
- [root@ansible /]# ansible 'webserver' -m yum -a 'state=present name=httpd'
- 172.18.30.2 ' SUCCESS => {
- "changed": false,
- "msg": "",
- "rc": 0,
- "results": [
- "httpd-2.4.6-67.el7.centos.6.x86_64 providing httpd is already installed"
- ]
- }
- 172.18.30.1 ' SUCCESS => {
- "changed": false,
- "msg": "",
- "rc": 0,
- "results": [
- "httpd-2.4.6-67.el7.centos.6.x86_64 providing httpd is already installed"
- ]
- }
- 卸载httpd
- [root@ansible /]# ansible 'webserver' -m yum -a 'state=absent name=httpd'
- 172.18.30.1 ' SUCCESS => {
- "changed": true,
- "msg": "",
- "rc": 0,
- "results": [
- "已加载插件:fastestmirror\n正在解决依赖关系\n--> 正在检查事务\n---> 软件包 httpd.x86_64.0.2.4.6-67.el7.centos.6 将被 删除\n--> 解决依赖关系完成\n\n依赖关系解决\n\n================================================================================\n Package 架构 版本 源 大小\n================================================================================\n正在删除:\n httpd x86_64 2.4.6-67.el7.centos.6 @updates 9.4 M\n\n事务概要\n================================================================================\n移除 1 软件包\n\n安装大小:9.4 M\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n 正在删除 : httpd-2.4.6-67.el7.centos.6.x86_64 1/1 \n 验证中 : httpd-2.4.6-67.el7.centos.6.x86_64 1/1 \n\n删除:\n httpd.x86_64 0:2.4.6-67.el7.centos.6 \n\n完毕!\n"
- ]
- }
- 172.18.30.2 ' SUCCESS => {
- "changed": true,
- "msg": "",
- "rc": 0,
- "results": [
- "已加载插件:fastestmirror\n正在解决依赖关系\n--> 正在检查事务\n---> 软件包 httpd.x86_64.0.2.4.6-67.el7.centos.6 将被 删除\n--> 解决依赖关系完成\n\n依赖关系解决\n\n================================================================================\n Package 架构 版本 源 大小\n================================================================================\n正在删除:\n httpd x86_64 2.4.6-67.el7.centos.6 @updates 9.4 M\n\n事务概要\n================================================================================\n移除 1 软件包\n\n安装大小:9.4 M\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n 正在删除 : httpd-2.4.6-67.el7.centos.6.x86_64 1/1 \n 验证中 : httpd-2.4.6-67.el7.centos.6.x86_64 1/1 \n\n删除:\n httpd.x86_64 0:2.4.6-67.el7.centos.6 \n\n完毕!\n"
- ]
- }
- 以上结果的乱码有yum导致的,可以通过sed命令来做操作
11)Service管理服务
- 停止服务
- [root@ansible /]# ansible 'webserver' -m service -a 'state=stopped name=crond'
- 172.18.30.2 ' SUCCESS => {
- "changed": true,
- "name": "crond",
- "state": "stopped",
- "status": {
- "ActiveEnterTimestamp": "六 2018-01-13 20:36:07 CST",
- "ActiveEnterTimestampMonotonic": "4116254",
- "ActiveExitTimestampMonotonic": "0",
- "ActiveState": "active",
- "After": "system.slice systemd-journald.socket basic.target auditd.service systemd-user-sessions.service time-sync.target",
- "AllowIsolate": "no",
- "AmbientCapabilities": "0",
- "AssertResult": "yes",
- "AssertTimestamp": "六 2018-01-13 20:36:07 CST",
- "AssertTimestampMonotonic": "4109479",
- "Before": "multi-user.target shutdown.target",
- "BlockIOAccounting": "no",
- "BlockIOWeight": "18446744073709551615",
- "CPUAccounting": "no",
- "CPUQuotaPerSecUSec": "infinity",
- "CPUSchedulingPolicy": "0",
- "CPUSchedulingPriority": "0",
- "CPUSchedulingResetOnFork": "no",
- "CPUShares": "18446744073709551615",
- "CanIsolate": "no",
- "CanReload": "yes",
- "CanStart": "yes",
- "CanStop": "yes",
- "CapabilityBoundingSet": "18446744073709551615",
- "ConditionResult": "yes",
- "ConditionTimestamp": "六 2018-01-13 20:36:07 CST",
- "ConditionTimestampMonotonic": "4109479",
- "Conflicts": "shutdown.target",
- "ControlGroup": "/system.slice/crond.service",
- "ControlPID": "0",
- "DefaultDependencies": "yes",
- "Delegate": "no",
- "Description": "Command Scheduler",
- "DevicePolicy": "auto",
- "EnvironmentFile": "/etc/sysconfig/crond (ignore_errors=no)",
- "ExecMainCode": "0",
- "ExecMainExitTimestampMonotonic": "0",
- "ExecMainPID": "698",
- "ExecMainStartTimestamp": "六 2018-01-13 20:36:07 CST",
- "ExecMainStartTimestampMonotonic": "4116176",
- "ExecMainStatus": "0",
- "ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
- "ExecStart": "{ path=/usr/sbin/crond ; argv[]=/usr/sbin/crond -n $CRONDARGS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
- "FailureAction": "none",
- "FileDescriptorStoreMax": "0",
- "FragmentPath": "/usr/lib/systemd/system/crond.service",
- "GuessMainPID": "yes",
- "IOScheduling": "0",
- "Id": "crond.service",
- "IgnoreOnIsolate": "no",
- "IgnoreOnSnapshot": "no",
- "IgnoreSIGPIPE": "yes",
- "InactiveEnterTimestampMonotonic": "0",
- "InactiveExitTimestamp": "六 2018-01-13 20:36:07 CST",
- "InactiveExitTimestampMonotonic": "4116254",
- "JobTimeoutAction": "none",
- "JobTimeoutUSec": "0",
- "KillMode": "process",
- "KillSignal": "15",
- "LimitAS": "18446744073709551615",
- "LimitCORE": "18446744073709551615",
- "LimitCPU": "18446744073709551615",
- "LimitDATA": "18446744073709551615",
- "LimitFSIZE": "18446744073709551615",
- "LimitLOCKS": "18446744073709551615",
- "LimitMEMLOCK": "65536",
- "LimitMSGQUEUE": "819200",
- "LimitNICE": "0",
- "LimitNOFILE": "4096",
- "LimitNPROC": "1802",
- "LimitRSS": "18446744073709551615",
- "LimitRTPRIO": "0",
- "LimitRTTIME": "18446744073709551615",
- "LimitSIGPENDING": "1802",
- "LimitSTACK": "18446744073709551615",
- "LoadState": "loaded",
- "MainPID": "698",
- "MemoryAccounting": "no",
- "MemoryCurrent": "18446744073709551615",
- "MemoryLimit": "18446744073709551615",
- "MountFlags": "0",
- "Names": "crond.service",
- "NeedDaemonReload": "no",
- "Nice": "0",
- "NoNewPrivileges": "no",
- "NonBlocking": "no",
- "NotifyAccess": "none",
- "OOMScoreAdjust": "0",
- "OnFailureJobMode": "replace",
- "PermissionsStartOnly": "no",
- "PrivateDevices": "no",
- "PrivateNetwork": "no",
- "PrivateTmp": "no",
- "ProtectHome": "no",
- "ProtectSystem": "no",
- "RefuseManualStart": "no",
- "RefuseManualStop": "no",
- "RemainAfterExit": "no",
- "Requires": "basic.target",
- "Restart": "no",
- "RestartUSec": "100ms",
- "Result": "success",
- "RootDirectoryStartOnly": "no",
- "RuntimeDirectoryMode": "0755",
- "SameProcessGroup": "no",
- "SecureBits": "0",
- "SendSIGHUP": "no",
- "SendSIGKILL": "yes",
- "Slice": "system.slice",
- "StandardError": "inherit",
- "StandardInput": "null",
- "StandardOutput": "journal",
- "StartLimitAction": "none",
- "StartLimitBurst": "5",
- "StartLimitInterval": "10000000",
- "StartupBlockIOWeight": "18446744073709551615",
- "StartupCPUShares": "18446744073709551615",
- "StatusErrno": "0",
- "StopWhenUnneeded": "no",
- "SubState": "running",
- "SyslogLevelPrefix": "yes",
- "SyslogPriority": "30",
- "SystemCallErrorNumber": "0",
- "TTYReset": "no",
- "TTYVHangup": "no",
- "TTYVTDisallocate": "no",
- "TasksAccounting": "no",
- "TasksCurrent": "18446744073709551615",
- "TasksMax": "18446744073709551615",
- "TimeoutStartUSec": "1min 30s",
- "TimeoutStopUSec": "1min 30s",
- "TimerSlackNSec": "50000",
- "Transient": "no",
- "Type": "simple",
- "UMask": "0022",
- "UnitFilePreset": "enabled",
- "UnitFileState": "enabled",
- "WantedBy": "multi-user.target",
- "Wants": "system.slice",
- "WatchdogTimestamp": "六 2018-01-13 20:36:07 CST",
- "WatchdogTimestampMonotonic": "4116237",
- "WatchdogUSec": "0"
- }
- }
- 172.18.30.1 ' SUCCESS => {
- "changed": true,
- "name": "crond",
- "state": "stopped",
- "status": {
- "ActiveEnterTimestamp": "五 2018-01-12 09:18:48 CST",
- "ActiveEnterTimestampMonotonic": "3696327",
- "ActiveExitTimestampMonotonic": "0",
- "ActiveState": "active",
- "After": "auditd.service systemd-user-sessions.service system.slice time-sync.target systemd-journald.socket basic.target",
- "AllowIsolate": "no",
- "AmbientCapabilities": "0",
- "AssertResult": "yes",
- "AssertTimestamp": "五 2018-01-12 09:18:48 CST",
- "AssertTimestampMonotonic": "3696000",
- "Before": "shutdown.target multi-user.target",
- "BlockIOAccounting": "no",
- "BlockIOWeight": "18446744073709551615",
- "CPUAccounting": "no",
- "CPUQuotaPerSecUSec": "infinity",
- "CPUSchedulingPolicy": "0",
- "CPUSchedulingPriority": "0",
- "CPUSchedulingResetOnFork": "no",
- "CPUShares": "18446744073709551615",
- "CanIsolate": "no",
- "CanReload": "yes",
- "CanStart": "yes",
- "CanStop": "yes",
- "CapabilityBoundingSet": "18446744073709551615",
- "ConditionResult": "yes",
- "ConditionTimestamp": "五 2018-01-12 09:18:48 CST",
- "ConditionTimestampMonotonic": "3696000",
- "Conflicts": "shutdown.target",
- "ControlGroup": "/system.slice/crond.service",
- "ControlPID": "0",
- "DefaultDependencies": "yes",
- "Delegate": "no",
- "Description": "Command Scheduler",
- "DevicePolicy": "auto",
- "EnvironmentFile": "/etc/sysconfig/crond (ignore_errors=no)",
- "ExecMainCode": "0",
- "ExecMainExitTimestampMonotonic": "0",
- "ExecMainPID": "700",
- "ExecMainStartTimestamp": "五 2018-01-12 09:18:48 CST",
- "ExecMainStartTimestampMonotonic": "3696282",
- "ExecMainStatus": "0",
- "ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
- "ExecStart": "{ path=/usr/sbin/crond ; argv[]=/usr/sbin/crond -n $CRONDARGS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
- "FailureAction": "none",
- "FileDescriptorStoreMax": "0",
- "FragmentPath": "/usr/lib/systemd/system/crond.service",
- "GuessMainPID": "yes",
- "IOScheduling": "0",
- "Id": "crond.service",
- "IgnoreOnIsolate": "no",
- "IgnoreOnSnapshot": "no",
- "IgnoreSIGPIPE": "yes",
- "InactiveEnterTimestampMonotonic": "0",
- "InactiveExitTimestamp": "五 2018-01-12 09:18:48 CST",
- "InactiveExitTimestampMonotonic": "3696327",
- "JobTimeoutAction": "none",
- "JobTimeoutUSec": "0",
- "KillMode": "process",
- "KillSignal": "15",
- "LimitAS": "18446744073709551615",
- "LimitCORE": "18446744073709551615",
- "LimitCPU": "18446744073709551615",
- "LimitDATA": "18446744073709551615",
- "LimitFSIZE": "18446744073709551615",
- "LimitLOCKS": "18446744073709551615",
- "LimitMEMLOCK": "65536",
- "LimitMSGQUEUE": "819200",
- "LimitNICE": "0",
- "LimitNOFILE": "4096",
- "LimitNPROC": "1802",
- "LimitRSS": "18446744073709551615",
- "LimitRTPRIO": "0",
- "LimitRTTIME": "18446744073709551615",
- "LimitSIGPENDING": "1802",
- "LimitSTACK": "18446744073709551615",
- "LoadState": "loaded",
- "MainPID": "700",
- "MemoryAccounting": "no",
- "MemoryCurrent": "18446744073709551615",
- "MemoryLimit": "18446744073709551615",
- "MountFlags": "0",
- "Names": "crond.service",
- "NeedDaemonReload": "no",
- "Nice": "0",
- "NoNewPrivileges": "no",
- "NonBlocking": "no",
- "NotifyAccess": "none",
- "OOMScoreAdjust": "0",
- "OnFailureJobMode": "replace",
- "PermissionsStartOnly": "no",
- "PrivateDevices": "no",
- "PrivateNetwork": "no",
- "PrivateTmp": "no",
- "ProtectHome": "no",
- "ProtectSystem": "no",
- "RefuseManualStart": "no",
- "RefuseManualStop": "no",
- "RemainAfterExit": "no",
- "Requires": "basic.target",
- "Restart": "no",
- "RestartUSec": "100ms",
- "Result": "success",
- "RootDirectoryStartOnly": "no",
- "RuntimeDirectoryMode": "0755",
- "SameProcessGroup": "no",
- "SecureBits": "0",
- "SendSIGHUP": "no",
- "SendSIGKILL": "yes",
- "Slice": "system.slice",
- "StandardError": "inherit",
- "StandardInput": "null",
- "StandardOutput": "journal",
- "StartLimitAction": "none",
- "StartLimitBurst": "5",
- "StartLimitInterval": "10000000",
- "StartupBlockIOWeight": "18446744073709551615",
- "StartupCPUShares": "18446744073709551615",
- "StatusErrno": "0",
- "StopWhenUnneeded": "no",
- "SubState": "running",
- "SyslogLevelPrefix": "yes",
- "SyslogPriority": "30",
- "SystemCallErrorNumber": "0",
- "TTYReset": "no",
- "TTYVHangup": "no",
- "TTYVTDisallocate": "no",
- "TasksAccounting": "no",
- "TasksCurrent": "18446744073709551615",
- "TasksMax": "18446744073709551615",
- "TimeoutStartUSec": "1min 30s",
- "TimeoutStopUSec": "1min 30s",
- "TimerSlackNSec": "50000",
- "Transient": "no",
- "Type": "simple",
- "UMask": "0022",
- "UnitFilePreset": "enabled",
- "UnitFileState": "enabled",
- "WantedBy": "multi-user.target",
- "Wants": "system.slice",
- "WatchdogTimestamp": "五 2018-01-12 09:18:48 CST",
- "WatchdogTimestampMonotonic": "3696305",
- "WatchdogUSec": "0"
- }
- }
- 启动服务
- [root@ansible /]# ansible 'webserver' -m service -a 'state=started name=crond'
- 172.18.30.2 ' SUCCESS => {
- "changed": true,
- "name": "crond",
- "state": "started",
- "status": {
- "ActiveEnterTimestamp": "六 2018-01-13 20:36:07 CST",
- "ActiveEnterTimestampMonotonic": "4116254",
- "ActiveExitTimestamp": "日 2018-01-14 03:00:17 CST",
- "ActiveExitTimestampMonotonic": "23054283113",
- "ActiveState": "inactive",
- "After": "system.slice systemd-journald.socket basic.target auditd.service systemd-user-sessions.service time-sync.target",
- "AllowIsolate": "no",
- "AmbientCapabilities": "0",
- "AssertResult": "yes",
- "AssertTimestamp": "六 2018-01-13 20:36:07 CST",
- "AssertTimestampMonotonic": "4109479",
- "Before": "multi-user.target shutdown.target",
- "BlockIOAccounting": "no",
- "BlockIOWeight": "18446744073709551615",
- "CPUAccounting": "no",
- "CPUQuotaPerSecUSec": "infinity",
- "CPUSchedulingPolicy": "0",
- "CPUSchedulingPriority": "0",
- "CPUSchedulingResetOnFork": "no",
- "CPUShares": "18446744073709551615",
- "CanIsolate": "no",
- "CanReload": "yes",
- "CanStart": "yes",
- "CanStop": "yes",
- "CapabilityBoundingSet": "18446744073709551615",
- "ConditionResult": "yes",
- "ConditionTimestamp": "六 2018-01-13 20:36:07 CST",
- "ConditionTimestampMonotonic": "4109479",
- "Conflicts": "shutdown.target",
- "ControlPID": "0",
- "DefaultDependencies": "yes",
- "Delegate": "no",
- "Description": "Command Scheduler",
- "DevicePolicy": "auto",
- "EnvironmentFile": "/etc/sysconfig/crond (ignore_errors=no)",
- "ExecMainCode": "1",
- "ExecMainExitTimestamp": "日 2018-01-14 03:00:17 CST",
- "ExecMainExitTimestampMonotonic": "23054285827",
- "ExecMainPID": "698",
- "ExecMainStartTimestamp": "六 2018-01-13 20:36:07 CST",
- "ExecMainStartTimestampMonotonic": "4116176",
- "ExecMainStatus": "0",
- "ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
- "ExecStart": "{ path=/usr/sbin/crond ; argv[]=/usr/sbin/crond -n $CRONDARGS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
- "FailureAction": "none",
- "FileDescriptorStoreMax": "0",
- "FragmentPath": "/usr/lib/systemd/system/crond.service",
- "GuessMainPID": "yes",
- "IOScheduling": "0",
- "Id": "crond.service",
- "IgnoreOnIsolate": "no",
- "IgnoreOnSnapshot": "no",
- "IgnoreSIGPIPE": "yes",
- "InactiveEnterTimestamp": "日 2018-01-14 03:00:17 CST",
- "InactiveEnterTimestampMonotonic": "23054285887",
- "InactiveExitTimestamp": "六 2018-01-13 20:36:07 CST",
- "InactiveExitTimestampMonotonic": "4116254",
- "JobTimeoutAction": "none",
- "JobTimeoutUSec": "0",
- "KillMode": "process",
- "KillSignal": "15",
- "LimitAS": "18446744073709551615",
- "LimitCORE": "18446744073709551615",
- "LimitCPU": "18446744073709551615",
- "LimitDATA": "18446744073709551615",
- "LimitFSIZE": "18446744073709551615",
- "LimitLOCKS": "18446744073709551615",
- "LimitMEMLOCK": "65536",
- "LimitMSGQUEUE": "819200",
- "LimitNICE": "0",
- "LimitNOFILE": "4096",
- "LimitNPROC": "1802",
- "LimitRSS": "18446744073709551615",
- "LimitRTPRIO": "0",
- "LimitRTTIME": "18446744073709551615",
- "LimitSIGPENDING": "1802",
- "LimitSTACK": "18446744073709551615",
- "LoadState": "loaded",
- "MainPID": "0",
- "MemoryAccounting": "no",
- "MemoryCurrent": "18446744073709551615",
- "MemoryLimit": "18446744073709551615",
- "MountFlags": "0",
- "Names": "crond.service",
- "NeedDaemonReload": "no",
- "Nice": "0",
- "NoNewPrivileges": "no",
- "NonBlocking": "no",
- "NotifyAccess": "none",
- "OOMScoreAdjust": "0",
- "OnFailureJobMode": "replace",
- "PermissionsStartOnly": "no",
- "PrivateDevices": "no",
- "PrivateNetwork": "no",
- "PrivateTmp": "no",
- "ProtectHome": "no",
- "ProtectSystem": "no",
- "RefuseManualStart": "no",
- "RefuseManualStop": "no",
- "RemainAfterExit": "no",
- "Requires": "basic.target",
- "Restart": "no",
- "RestartUSec": "100ms",
- "Result": "success",
- "RootDirectoryStartOnly": "no",
- "RuntimeDirectoryMode": "0755",
- "SameProcessGroup": "no",
- "SecureBits": "0",
- "SendSIGHUP": "no",
- "SendSIGKILL": "yes",
- "Slice": "system.slice",
- "StandardError": "inherit",
- "StandardInput": "null",
- "StandardOutput": "journal",
- "StartLimitAction": "none",
- "StartLimitBurst": "5",
- "StartLimitInterval": "10000000",
- "StartupBlockIOWeight": "18446744073709551615",
- "StartupCPUShares": "18446744073709551615",
- "StatusErrno": "0",
- "StopWhenUnneeded": "no",
- "SubState": "dead",
- "SyslogLevelPrefix": "yes",
- "SyslogPriority": "30",
- "SystemCallErrorNumber": "0",
- "TTYReset": "no",
- "TTYVHangup": "no",
- "TTYVTDisallocate": "no",
- "TasksAccounting": "no",
- "TasksCurrent": "18446744073709551615",
- "TasksMax": "18446744073709551615",
- "TimeoutStartUSec": "1min 30s",
- "TimeoutStopUSec": "1min 30s",
- "TimerSlackNSec": "50000",
- "Transient": "no",
- "Type": "simple",
- "UMask": "0022",
- "UnitFilePreset": "enabled",
- "UnitFileState": "enabled",
- "WantedBy": "multi-user.target",
- "Wants": "system.slice",
- "WatchdogTimestampMonotonic": "0",
- "WatchdogUSec": "0"
- }
- }
- 172.18.30.1 ' SUCCESS => {
- "changed": true,
- "name": "crond",
- "state": "started",
- "status": {
- "ActiveEnterTimestamp": "五 2018-01-12 09:18:48 CST",
- "ActiveEnterTimestampMonotonic": "3696327",
- "ActiveExitTimestamp": "六 2018-01-13 20:53:29 CST",
- "ActiveExitTimestampMonotonic": "126112891498",
- "ActiveState": "inactive",
- "After": "auditd.service systemd-user-sessions.service system.slice time-sync.target systemd-journald.socket basic.target",
- "AllowIsolate": "no",
- "AmbientCapabilities": "0",
- "AssertResult": "yes",
- "AssertTimestamp": "五 2018-01-12 09:18:48 CST",
- "AssertTimestampMonotonic": "3696000",
- "Before": "shutdown.target multi-user.target",
- "BlockIOAccounting": "no",
- "BlockIOWeight": "18446744073709551615",
- "CPUAccounting": "no",
- "CPUQuotaPerSecUSec": "infinity",
- "CPUSchedulingPolicy": "0",
- "CPUSchedulingPriority": "0",
- "CPUSchedulingResetOnFork": "no",
- "CPUShares": "18446744073709551615",
- "CanIsolate": "no",
- "CanReload": "yes",
- "CanStart": "yes",
- "CanStop": "yes",
- "CapabilityBoundingSet": "18446744073709551615",
- "ConditionResult": "yes",
- "ConditionTimestamp": "五 2018-01-12 09:18:48 CST",
- "ConditionTimestampMonotonic": "3696000",
- "Conflicts": "shutdown.target",
- "ControlPID": "0",
- "DefaultDependencies": "yes",
- "Delegate": "no",
- "Description": "Command Scheduler",
- "DevicePolicy": "auto",
- "EnvironmentFile": "/etc/sysconfig/crond (ignore_errors=no)",
- "ExecMainCode": "1",
- "ExecMainExitTimestamp": "六 2018-01-13 20:53:29 CST",
- "ExecMainExitTimestampMonotonic": "126112902263",
- "ExecMainPID": "700",
- "ExecMainStartTimestamp": "五 2018-01-12 09:18:48 CST",
- "ExecMainStartTimestampMonotonic": "3696282",
- "ExecMainStatus": "0",
- "ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
- "ExecStart": "{ path=/usr/sbin/crond ; argv[]=/usr/sbin/crond -n $CRONDARGS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
- "FailureAction": "none",
- "FileDescriptorStoreMax": "0",
- "FragmentPath": "/usr/lib/systemd/system/crond.service",
- "GuessMainPID": "yes",
- "IOScheduling": "0",
- "Id": "crond.service",
- "IgnoreOnIsolate": "no",
- "IgnoreOnSnapshot": "no",
- "IgnoreSIGPIPE": "yes",
- "InactiveEnterTimestamp": "六 2018-01-13 20:53:29 CST",
- "InactiveEnterTimestampMonotonic": "126112902377",
- "InactiveExitTimestamp": "五 2018-01-12 09:18:48 CST",
- "InactiveExitTimestampMonotonic": "3696327",
- "JobTimeoutAction": "none",
- "JobTimeoutUSec": "0",
- "KillMode": "process",
- "KillSignal": "15",
- "LimitAS": "18446744073709551615",
- "LimitCORE": "18446744073709551615",
- "LimitCPU": "18446744073709551615",
- "LimitDATA": "18446744073709551615",
- "LimitFSIZE": "18446744073709551615",
- "LimitLOCKS": "18446744073709551615",
- "LimitMEMLOCK": "65536",
- "LimitMSGQUEUE": "819200",
- "LimitNICE": "0",
- "LimitNOFILE": "4096",
- "LimitNPROC": "1802",
- "LimitRSS": "18446744073709551615",
- "LimitRTPRIO": "0",
- "LimitRTTIME": "18446744073709551615",
- "LimitSIGPENDING": "1802",
- "LimitSTACK": "18446744073709551615",
- "LoadState": "loaded",
- "MainPID": "0",
- "MemoryAccounting": "no",
- "MemoryCurrent": "18446744073709551615",
- "MemoryLimit": "18446744073709551615",
- "MountFlags": "0",
- "Names": "crond.service",
- "NeedDaemonReload": "no",
- "Nice": "0",
- "NoNewPrivileges": "no",
- "NonBlocking": "no",
- "NotifyAccess": "none",
- "OOMScoreAdjust": "0",
- "OnFailureJobMode": "replace",
- "PermissionsStartOnly": "no",
- "PrivateDevices": "no",
- "PrivateNetwork": "no",
- "PrivateTmp": "no",
- "ProtectHome": "no",
- "ProtectSystem": "no",
- "RefuseManualStart": "no",
- "RefuseManualStop": "no",
- "RemainAfterExit": "no",
- "Requires": "basic.target",
- "Restart": "no",
- "RestartUSec": "100ms",
- "Result": "success",
- "RootDirectoryStartOnly": "no",
- "RuntimeDirectoryMode": "0755",
- "SameProcessGroup": "no",
- "SecureBits": "0",
- "SendSIGHUP": "no",
- "SendSIGKILL": "yes",
- "Slice": "system.slice",
- "StandardError": "inherit",
- "StandardInput": "null",
- "StandardOutput": "journal",
- "StartLimitAction": "none",
- "StartLimitBurst": "5",
- "StartLimitInterval": "10000000",
- "StartupBlockIOWeight": "18446744073709551615",
- "StartupCPUShares": "18446744073709551615",
- "StatusErrno": "0",
- "StopWhenUnneeded": "no",
- "SubState": "dead",
- "SyslogLevelPrefix": "yes",
- "SyslogPriority": "30",
- "SystemCallErrorNumber": "0",
- "TTYReset": "no",
- "TTYVHangup": "no",
- "TTYVTDisallocate": "no",
- "TasksAccounting": "no",
- "TasksCurrent": "18446744073709551615",
- "TasksMax": "18446744073709551615",
- "TimeoutStartUSec": "1min 30s",
- "TimeoutStopUSec": "1min 30s",
- "TimerSlackNSec": "50000",
- "Transient": "no",
- "Type": "simple",
- "UMask": "0022",
- "UnitFilePreset": "enabled",
- "UnitFileState": "enabled",
- "WantedBy": "multi-user.target",
- "Wants": "system.slice",
- "WatchdogTimestampMonotonic": "0",
- "WatchdogUSec": "0"
- }
- }
12)user管理用户
创建用户
[root@ansible /]# ansible 'webserver' -m user -a 'name=nfs system=yes state=present'
172.18.30.2 ' SUCCESS => {
"changed": true,
"comment": "",
"createhome": true,
"group": 996,
"home": "/home/nfs",
"name": "nfs",
"shell": "/bin/bash",
"state": "present",
"stderr": "useradd:警告:此主目录已经存在。\n不从 skel 目录里向其中复制任何文件。\n",
"stderr_lines": [
"useradd:警告:此主目录已经存在。",
"不从 skel 目录里向其中复制任何文件。"
],
"system": true,
"uid": 998
}
172.18.30.1 ' SUCCESS => {
"changed": true,
"comment": "",
"createhome": true,
"group": 996,
"home": "/home/nfs",
"name": "nfs",
"shell": "/bin/bash",
"state": "present",
"stderr": "useradd:警告:此主目录已经存在。\n不从 skel 目录里向其中复制任何文件。\n",
"stderr_lines": [
"useradd:警告:此主目录已经存在。",
"不从 skel 目录里向其中复制任何文件。"
],
"system": true,
"uid": 998
}
删除用户
[root@ansible /]# ansible 'webserver' -m user -a 'name=nfs system=yes state=absent'
172.18.30.1 ' SUCCESS => {
"changed": true,
"force": false,
"name": "nfs",
"remove": false,
"state": "absent"
}
172.18.30.2 ' SUCCESS => {
"changed": true,
"force": false,
"name": "nfs",
"remove": false,
"state": "absent"
}
注意,不会移除家目录
更多的参数请参考ansible-doc -s user
13)group管理组
添加组
[root@ansible /]# ansible 'webserver' -m group -a 'name=nfs system=yes'
172.18.30.2 ' SUCCESS => {
"changed": true,
"gid": 996,
"name": "nfs",
"state": "present",
"system": true
}
172.18.30.1 ' SUCCESS => {
"changed": true,
"gid": 996,
"name": "nfs",
"state": "present",
"system": true
}
删除组
[root@ansible /]# ansible 'webserver' -m group -a 'name=nfs state=absent'
172.18.30.2 ' SUCCESS => {
"changed": true,
"name": "nfs",
"state": "absent"
}
172.18.30.1 ' SUCCESS => {
"changed": true,
"name": "nfs",
"state": "absent"
}
文档更新时间: 2018-12-20 15:38 作者:张尚