Introduction To Ad-Hoc Commands:
在下面的例子中,我们将演示如何使用 /usr/bin/ansible 运行 ad hoc 任务.
所谓ad-hoc 命令是什么呢?
(这其实是一个概念性的名字,是相对于写Ansible playbook 来说的.类似于在命令行敲入shell命令和
写shell scripts两者之间的关系)
如果我们敲入一些命令比较快的完成一些事情,而不需要将这些执行的命令特别保存下来,这样的命令就叫做ad-hoc命令:
Ansible提供两种方式去完成任务,一是ad-hoc命令,一是写Andisble playbook前者可以解决一些简单的任务,
后者解决较复杂的任务。
Parallelism and Shell Commands
并行和shell命令:
这里我们要使用Ansible的命令行工具来重启Atlanta组中所有的web服务器,每次重启10个:
-u REMOTE_USER, --user=REMOTE_USER
connect as this user (default=root)
[root@node01 ~]# ansible webservers -a hostname
192.168.137.3 | SUCCESS | rc=0 >>
node2
[root@node01 ~]# ansible webservers -a hostname -u root
192.168.137.3 | SUCCESS | rc=0 >>
node2
[root@node01 ~]# ansible webservers -a hostname -u mqm
192.168.137.3 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
",
"unreachable": true
}
在前面写出的命令中, -f 10 选项表示使用10个并行的进程。这个选项可以在 Ansible的配置文件 中
设置,在配置文件中指定的话,就不用在命令行中写出了。
ansible 有许多模块默认是'command',也就是命令模块,我们可以通过-m选项来指定不同的模块。
在前面所示的例子中,因为我们是要在Atlanta组下的服务器中执行reboot命令
command 模块不支持shell变量,也不支持管道等shell相关的东西。如果你想使用shell相关的这些东西,
请使用'shell'模块,两个模块之前的差别请参考
Fiel Transfer:
这是/usr/bin/ansible的另一种用法,Ansible能够以并行的方式同时SCP大量的文件到多台机器
$ ansible atlanta -m copy -a "src=/etc/hosts dest=/tmp/hosts"
[root@node01 ~]# ansible webservers -m copy -a "src=/etc/hosts dest=/tmp/hosts"
192.168.137.3 | SUCCESS => {
"changed": true,
"checksum": "a3d4bc64e2b269bffe14ec2e19308541b1d8d183",
"dest": "/tmp/hosts",
"failed": false,
"gid": 0,
"group": "root",
"md5sum": "b269d2b01e6746e5310b7f7d5e699735",
"mode": "0644",
"owner": "root",
"size": 181,
"src": "/root/.ansible/tmp/ansible-tmp-1510552624.24-224464626846698/source",
"state": "file",
"uid": 0
}
此时的权限为root:root:
node2:/root#ls -ltr /tmp/
total 16
drwx------ 3 root root 4096 Oct 9 01:15 par-726f6f74
lrwxrwxrwx 1 root root 24 Nov 13 00:39 mysql.sock -> /data01/mysql/mysql.sock
-rw-r--r-- 1 root root 11 Dec 4 00:18 hello.world
drwx------ 2 root root 4096 Dec 6 05:51 pip-EHe6bt-unpack
-rw-r--r-- 1 root root 181 Dec 9 18:35 hosts
使用file 模块可以做到修改文件的属主和权限(在这里是可替换为copy模块,是等效的):
[root@node01 ~]# ansible webservers -m file -a "src=/etc/hosts dest=/tmp/hosts mode=600"
192.168.137.3 | SUCCESS => {
"changed": true,
"failed": false,
"gid": 0,
"group": "root",
"mode": "0600",
"owner": "root",
"path": "/tmp/hosts",
"size": 181,
"state": "file",
"uid": 0
}
node2:/root#ls -ltr /tmp/
total 16
drwx------ 3 root root 4096 Oct 9 01:15 par-726f6f74
lrwxrwxrwx 1 root root 24 Nov 13 00:39 mysql.sock -> /data01/mysql/mysql.sock
-rw-r--r-- 1 root root 11 Dec 4 00:18 hello.world
drwx------ 2 root root 4096 Dec 6 05:51 pip-EHe6bt-unpack
-rw------- 1 root root 181 Dec 9 18:35 hosts
You have mail in /var/spool/mail/root
[root@node01 ~]# ansible webservers -m file -a "src=/etc/hosts dest=/tmp/hosts mode=700 owner=mqm group=mqm"
192.168.137.3 | SUCCESS => {
"changed": true,
"failed": false,
"gid": 500,
"group": "mqm",
"mode": "0700",
"owner": "mqm",
"path": "/tmp/hosts",
"size": 181,
"state": "file",
"uid": 500
}
使用file模块也可以创建目录,于执行mkdir -p 效果类似:
$ ansible webservers -m file -a "dest=/tmp/tlcb mode=755 owner=mqm group=mqm state=directory"
[root@node01 ~]# ansible webservers -m file -a "dest=/tmp/tlcb mode=755 owner=mqm group=mqm state=directory"
192.168.137.3 | SUCCESS => {
"changed": true,
"failed": false,
"gid": 500,
"group": "mqm",
"mode": "0755",
"owner": "mqm",
"path": "/tmp/tlcb",
"size": 4096,
"state": "directory",
"uid": 500
}
管理包:
确认一个软件包已经安装,但不去升级它:
[root@node01 ~]# ansible webservers -m yum -a "name=acme state=present"
192.168.137.3 | FAILED! => {
"changed": false,
"failed": true,
"msg": "python2 bindings for rpm are needed for this module. python2 yum module is needed for this module"
}
[root@node01 ~]# ansible webservers -m yum -a "name=acme state=absent"
192.168.137.3 | FAILED! => {
"changed": false,
"failed": true,
"msg": "python2 bindings for rpm are needed for this module. python2 yum module is needed for this module"
}
115.236.19.4 | SUCCESS => {
"changed": false,
"failed": false,
"msg": "",
"rc": 0,
"results": [
"acme is not installed"
]
}