Ansible基本介绍

一、基础知识:

1. 简介

        ansible基于python开发,集合了众多运维工具的优点,实现了批量系统配置、批量程序部署、批量运行命令等功能。ansible是基于模块工作的,本身没有批量部署的能力。
        真正具有批量部署的是ansible运行的模块,ansible只是一个框架

        (1) 连接插件connection plugins: 负责和被监控端实现通信;
        (2) host inventory: 指定操作的主机,是一个配置文件里面定义监控的主机
        (3) 各种模块核心模块、command模块、自定义模块;
        (4) 借助于插件完成记录日志邮件等功能;
        (5) playbook: 剧本执行多个任务时,非必须可以让节点一次性运行多个任务。

2、特性:
        (1) no agents: 不需要在被管理主机上安装任务agent
        (2) no server: 无服务器端,使用时,直接运行命令即可
        (3) modules in any languages: 基于模块工作,可使用任意语言开发模块
        (4) yaml not code:使用yaml语言定制剧本playbook
        (5) ssh by default:基于SSH工作
        (6) strong multi-tier solution: 可实现多级指挥

 3、优点:
        (1) 轻量级,无需在客户端安装agent,更新时,只需要在操作机上进行一次更新即可;
        (2) 批量任务可以写成脚本,而且不用分发到远程就可以执行
        (3) 使用python编写,维护简单
        (4) 支持sudo

二、ansible安装

    1.1 rpm包安装
        epel源:

[epel]
            name=Extra Packages for Enterprise Linux 6 - $basearch
            baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch
            #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch
            failovermethod=priority
            enabled=1
            gpgcheck=0
            gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6

            [epel-debuginfo]
            name=Extra Packages for Enterprise Linux 6 - $basearch - Debug
            baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch/debug
            #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-6&arch=$basearch
            failovermethod=priority
            enabled=0
            gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
            gpgcheck=0

            [epel-source]
            name=Extra Packages for Enterprise Linux 6 - $basearch - Source
            baseurl=http://download.fedoraproject.org/pub/epel/6/SRPMS
            #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-source-6&arch=$basearch
            failovermethod=priority
            enabled=0
            gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
            gpgcheck=0

        [root@localhost ~]# yum install ansible -y

三、常用模块介绍

    copy模块
        目的:把主控本地文件拷贝到远程节点上

[root@localhost ~]# ansible 192.168.118.14 -m copy -a "src=/root/bigfile dest=/tmp"
        192.168.118.14 | SUCCESS => {
            "changed": true, 
            "checksum": "8c206a1a87599f532ce68675536f0b1546900d7a", 
            "dest": "/tmp/bigfile", 
            "gid": 0, 
            "group": "root", 
            "md5sum": "f1c9645dbc14efddc7d8a322685f26eb", 
            "mode": "0644", 
            "owner": "root", 
            "size": 10485760, 
            "src": "/root/.ansible/tmp/ansible-tmp-1467946691.02-193284383894106/source", 
            "state": "file", 
            "uid": 0
        }

 file模块
        目的:更改指定节点上文件的权限、属主和属组

 [root@localhost ~]# ansible 192.168.118.14 -m file -a "dest=/tmp/bigfile mode=777 owner=root group=root"
            192.168.118.14 | SUCCESS => {
                "changed": true, 
                "gid": 0, 
                "group": "root", 
                "mode": "0777", 
                "owner": "root", 
                "path": "/tmp/bigfile", 
                "size": 10485760, 
                "state": "file", 
                "uid": 0
            }

    cron模块
        目的:在指定节点上定义一个计划任务,每三分钟执行一次。

 [root@localhost ~]# ansible all -m cron -a 'name="Cron job" minute=*/3 hour=* day=* month=* weekday=* job="/usr/bin/ntpdate tiger.sina.com.cn"'
            192.168.118.14 | SUCCESS => {
                "changed": true, 
                "envs": [], 
                "jobs": [
                    "Cron job"
                ]
            }
            192.168.118.13 | SUCCESS => {
                "changed": true, 
                "envs": [], 
                "jobs": [
                    "Cron job"
                ]
            }

    group模块
        目的:在远程节点上创建一个组名为ansible,gid为2016的组

 [root@localhost ~]# ansible 192.168.118.14 -m group -a "name=ansible gid=2016"
            192.168.118.14 | SUCCESS => {
                "changed": true, 
                "gid": 2016, 
                "name": "ansible", 
                "state": "present", 
                "system": false
            }

    user模块
        目的:在指定节点上创建一个用户名为ansible,组为ansible的用户

[root@localhost ~]# ansible 192.168.118.14 -m user -a "name=ansible uid=2016 group=ansible state=present"
            192.168.118.14 | SUCCESS => {
                "changed": true, 
                "comment": "", 
                "createhome": true, 
                "group": 2016, 
                "home": "/home/ansible", 
                "name": "ansible", 
                "shell": "/bin/bash", 
                "state": "present", 
                "system": false, 
                "uid": 2016
            }

        删除远端节点用户,注意:删除远程用户,但是不会删除该用户的家目录

 [root@localhost ~]# ansible 192.168.118.14 -m user -a "name=ansible state=absent"
            192.168.118.14 | SUCCESS => {
                "changed": true, 
                "force": false, 
                "name": "ansible", 
                "remove": false, 
                "state": "absent"
            }

    yum 模块
        目的:在远程节点安装vsftpd

  [root@localhost ~]# ansible 192.168.118.14 -m yum -a 'name=vsftpd state=present'
            192.168.118.14 | SUCCESS => {
                "changed": true, 
                "msg": "", 
                "rc": 0, 
                "results": [
                    "Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package vsftpd.x86_64 0:2.2.2-14.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package          Arch             Version                  Repository     Size
================================================================================
Installing:
 vsftpd           x86_64           2.2.2-14.el6             yum           152 k

Transaction Summary
================================================================================
Install       1 Package(s)

Total download size: 152 k
Installed size: 332 k
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction

  Installing : vsftpd-2.2.2-14.el6.x86_64                                   1/1 

  Verifying  : vsftpd-2.2.2-14.el6.x86_64                                   1/1 

Installed:
  vsftpd.x86_64 0:2.2.2-14.el6                                                  

Complete!
"
                ]
            }

        卸载写法:

  [root@localhost ~]# ansible 192.168.118.14 -m yum -a 'name=vsftpd state=removed'
            192.168.118.14 | SUCCESS => {
                "changed": true, 
                "msg": "", 
                "rc": 0, 
                "results": [
                    "Loaded plugins: fastestmirror
Setting up Remove Process
Resolving Dependencies
--> Running transaction check
---> Package vsftpd.x86_64 0:2.2.2-14.el6 will be erased
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package          Arch             Version                 Repository      Size
================================================================================
Removing:
 vsftpd           x86_64           2.2.2-14.el6            @yum           332 k

Transaction Summary
================================================================================
Remove        1 Package(s)

Installed size: 332 k
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction

  Erasing    : vsftpd-2.2.2-14.el6.x86_64                                   1/1 

  Verifying  : vsftpd-2.2.2-14.el6.x86_64                                   1/1 

Removed:
  vsftpd.x86_64 0:2.2.2-14.el6                                                  

Complete!
"
                ]
            }

    service模块

    启动
            [root@localhost ~]# ansible 192.168.118.14 -m service -a 'name=vsftpd state=started enabled=yes'
            192.168.118.14 | SUCCESS => {
                "changed": true, 
                "enabled": true, 
                "name": "vsftpd", 
                "state": "started"
            }                
        停止
            [root@localhost ~]# ansible 192.168.118.14 -m service -a 'name=vsftpd state=stopped enabled=yes'
            192.168.118.14 | SUCCESS => {
                "changed": true, 
                "enabled": true, 
                "name": "vsftpd", 
                "state": "stopped"
            }

    ping模块

            [root@localhost ~]# ansible 192.168.118.14 -m ping
            192.168.118.14 | SUCCESS => {
                "changed": false, 
                "ping": "pong"
            }

    command模块

            [root@localhost ~]# ansible 192.168.118.14 [-m command] -a 'w'    # -m command可以省略就表示使用命名模块
            192.168.118.14 | SUCCESS | rc=0 >>
             14:00:32 up  3:51,  2 users,  load average: 0.00, 0.00, 0.00
            USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
            root     pts/0    192.168.118.69   18:09    3:29   0.12s  0.12s -bash
            root     pts/1    192.168.118.13   14:00    0.00s  0.04s  0.00s /bin/sh -c LANG

    raw模块

        主要的用途是在command中添加管道符号

            [root@localhost ~]# ansible 192.168.118.14 -m raw -a 'hostname | tee'
            192.168.118.14 | SUCCESS | rc=0 >>
            localhost.localdomain

    get_url模块

        目的:将http://192.168.118.14/1.png 下载到本地

[root@localhost ~]# ansible 192.168.118.14 -m get_url -a 'url=http://192.168.118.14/1.png dest=/tmp'
            192.168.118.14 | SUCCESS => {
                "changed": true, 
                "checksum_dest": null, 
                "checksum_src": "ba5cb18463ecfa13cdc0b611c9c10875275d883e", 
                "dest": "/tmp/1.png", 
                "gid": 0, 
                "group": "root", 
                "md5sum": "8c0df0b008eb5735dc955171d6d9dd73", 
                "mode": "0644", 
                "msg": "OK (14987 bytes)", 
                "owner": "root", 
                "size": 14987, 
                "src": "/tmp/tmpY2lqHF", 
                "state": "file", 
                "uid": 0, 
                "url": "http://192.168.118.14/1.png"
            }

    synchronize模块

        目的:将主空方目录推送到指定节点/tmp目录下

[root@localhost ~]# ansible 192.168.118.14 -m synchronize -a 'src=/root/test dest=/tmp/ compress=yes'
            192.168.118.14 | SUCCESS => {
                "changed": true, 
                "cmd": "/usr/bin/rsync --delay-updates -F --compress --archive --rsh 'ssh  -S none -o StrictHostKeyChecking=no' --out-format='<<CHANGED>>%i %n%L' "/root/test" "192.168.118.14:/tmp/"", 
                "msg": ".d..t...... test/
<f+++++++++ test/abc
", 
                "rc": 0, 
                "stdout_lines": [
                    ".d..t...... test/", 
                    "<f+++++++++ test/abc"
                ]
            }

转载来源:https://www.cnblogs.com/hukey/p/5660538.html

【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/taich-flute/p/ansible.html