一、setup模块

    主要用于获取主机信息,在playbooks里面经常给会用到的一个参数gether_facts就与该模块相关。setup模块下经常使用的一个参数是filter参数。
每个被管理节点在接收并运行管理命令之前,会将自己主机相关信息(如系统版本,主机ip地址)告知ansible管理主机

--tree:将所有主机的输出信息保存到指定目录下,以/etc/ansible/hosts里的主机名为文件名
ansible all -m setup -a ‘filter=ansible_default_ipv4’ --tree /tmp/

filter:过滤关键字:
[root@localhost ansible]# ansible 127.0.0.1 -m setup -a 'filter=ansible_default_ipv4'
gather_subset:按子集收集信息,值有all,main,bardware,network,virtual,ohai,facter,不包含使用!号,如,!network
filter参数:

ansible_nodename    #节点名字
[root@ansible ~]# ansible test -m setup -a 'filter=ansible_nodename'
192.168.100.120 | SUCCESS => {
    "ansible_facts": {
        "ansible_nodename": "ansible"
    },
    "changed": false
}

ansible_fqdb  #fqdn名

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_fqdn'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_fqdn": "ansible"
},
"changed": false
}


ansible_hostname  #主机短名称

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_hostname'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_hostname": "ansible"
},
"changed": false
}



ansible_domain  #主机域名后缀

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_domain'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_domain": ""
},
"changed": false
}



ansible_memtotal_mb  #总物理内存

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_memtotal_mb'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_memtotal_mb": 976
},
"changed": false
}


ansible_swaptotal_mb  #swap总大小

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_swaptotal_mb'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_swaptotal_mb": 2047
},
"changed": false
}



ansible_processor  #cpu信息

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_processor'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_processor": [
"0",
"GenuineIntel",
"Intel(R) Core(TM) i7-3612QM CPU @ 2.10GHz"
]
},
"changed": false
}


ansible_process_cores  #cpu核心数量

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_processor_cores'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_processor_cores": 1
},
"changed": false
}



ansible_processor_vcpus  #cpu逻辑核心数量

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_processor_vcpus'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_processor_vcpus": 1
},
"changed": false
}


ansible_all_ipv4_addresses  #所有ipv4地址

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_all_ipv4_addresses'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.100.120"
]
},
"changed": false
}


ansible_all_ipv6_addresses  #所有ipv6地址

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_all_ipv6_addresses'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv6_addresses": [
"fe80::e010:cb1a:204a:861d"
]
},
"changed": false
}



ansible_default_ipv4  #默认网关的网卡配置信息

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_default_ipv4'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_default_ipv4": {
"address": "192.168.100.120",
"alias": "ens33",
"broadcast": "192.168.100.255",
"gateway": "192.168.100.2",
"interface": "ens33",
"macaddress": "00:0c:29:73:fd:2e",
"mtu": 1500,
"netmask": "255.255.255.0",
"network": "192.168.100.0",
"type": "ether"
}
},
"changed": false
}



ansible_ens33  #具体某张网卡信息

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_ens33'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_ens33": {
"active": true,
"device": "ens33",
"features": {
"busy_poll": "off [fixed]",
"fcoe_mtu": "off [fixed]",
"generic_receive_offload": "on",
"generic_segmentation_offload": "on",
"highdma": "off [fixed]",
"hw_tc_offload": "off [fixed]",
"l2_fwd_offload": "off [fixed]",
"large_receive_offload": "off [fixed]",
"loopback": "off [fixed]",
"netns_local": "off [fixed]",
"ntuple_filters": "off [fixed]",
"receive_hashing": "off [fixed]",
"rx_all": "off",
"rx_checksumming": "off",
"rx_fcs": "off",
"rx_vlan_filter": "on [fixed]",
"rx_vlan_offload": "on",
"rx_vlan_stag_filter": "off [fixed]",
"rx_vlan_stag_hw_parse": "off [fixed]",
"scatter_gather": "on",
"tcp_segmentation_offload": "on",
"tx_checksum_fcoe_crc": "off [fixed]",
"tx_checksum_ip_generic": "on",
"tx_checksum_ipv4": "off [fixed]",
"tx_checksum_ipv6": "off [fixed]",
"tx_checksum_sctp": "off [fixed]",
"tx_checksumming": "on",
"tx_fcoe_segmentation": "off [fixed]",
"tx_gre_csum_segmentation": "off [fixed]",
"tx_gre_segmentation": "off [fixed]",
"tx_gso_partial": "off [fixed]",
"tx_gso_robust": "off [fixed]",
"tx_ipip_segmentation": "off [fixed]",
"tx_lockless": "off [fixed]",
"tx_mpls_segmentation": "off [fixed]",
"tx_nocache_copy": "off",
"tx_scatter_gather": "on",
"tx_scatter_gather_fraglist": "off [fixed]",
"tx_sctp_segmentation": "off [fixed]",
"tx_sit_segmentation": "off [fixed]",
"tx_tcp6_segmentation": "off [fixed]",
"tx_tcp_ecn_segmentation": "off [fixed]",
"tx_tcp_mangleid_segmentation": "off",
"tx_tcp_segmentation": "on",
"tx_udp_tnl_csum_segmentation": "off [fixed]",
"tx_udp_tnl_segmentation": "off [fixed]",
"tx_vlan_offload": "on [fixed]",
"tx_vlan_stag_hw_insert": "off [fixed]",
"udp_fragmentation_offload": "off [fixed]",
"vlan_challenged": "off [fixed]"
},
"hw_timestamp_filters": [],
"ipv4": {
"address": "192.168.100.120",
"broadcast": "192.168.100.255",
"netmask": "255.255.255.0",
"network": "192.168.100.0"
},
"ipv6": [
{
"address": "fe80::e010:cb1a:204a:861d",
"prefix": "64",
"scope": "link"
}
],
"macaddress": "00:0c:29:73:fd:2e",
"module": "e1000",
"mtu": 1500,
"pciid": "0000:02:01.0",
"promisc": false,
"speed": 1000,
"timestamping": [
"tx_software",
"rx_software",
"software"
],
"type": "ether"
}
},
"changed": false
}


ansible_dns  #网卡dns信息

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_dns'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_dns": {
"nameservers": [
"192.168.100.2",
"114.114.114.114"
]
}
},
"changed": false
}


ansible_architecture  #系统架构

  x86_64


ansible_machine  #主机类型

  x86_64



ansible_kernel  #内核版本

  2.6.32-696.el6.x86_64



ansible_distribution  #发行版本

  centos



ansible_distribution_release  #发行版名称

  final



ansible_distribution_major_version  #操作系统主版本号

  6



ansible_distribution_release  #发行版本名称

  Final



ansible_distribution_version  #完整版本号

  7.4.1708



ansible_pkg_mgr  #软件包管理方式

  yum


ansible_service-mgr  #进行服务方式

  systemd



ansible_os_family  #家族系列

  RedHat



ansible_cmdline  #内核启动参数

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_cmdline'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_cmdline": {
"BOOT_IMAGE": "/vmlinuz-3.10.0-693.el7.x86_64",
"LANG": "zh_CN.UTF-8",
"crashkernel": "auto",
"quiet": true,
"rd.lvm.lv": "centos/swap",
"rhgb": true,
"ro": true,
"root": "/dev/mapper/centos-root"
}
},
"changed": false
}


ansible_selinux  #SElinux状态

  disbled



ansible_env  #当前环境变量参数



ansible_data_time  #时间相关


ansible_python_version  #python版本

  2.7.5

ansible_lvm  #lvm卷相关信息


ansible_mounts  #所有挂载点

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_mounts'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_mounts": [
{
"block_available": 4130338,
"block_size": 4096,
"block_total": 4452864,
"block_used": 322526,
"device": "/dev/mapper/centos-root",
"fstype": "xfs",
"inode_available": 8863332,
"inode_total": 8910848,
"inode_used": 47516,
"mount": "/",
"options": "rw,relatime,attr2,inode64,noquota",
"size_available": 16917864448,
"size_total": 18238930944,
"uuid": "282c72d5-8cf6-4ac2-9e6a-64d19ebe2998"
},
{
"block_available": 227195,
"block_size": 4096,
"block_total": 259584,
"block_used": 32389,
"device": "/dev/sda1",
"fstype": "xfs",
"inode_available": 523961,
"inode_total": 524288,
"inode_used": 327,
"mount": "/boot",
"options": "rw,relatime,attr2,inode64,noquota",
"size_available": 930590720,
"size_total": 1063256064,
"uuid": "700f5755-18e9-45b5-ab39-9c699eb0f636"
}
]
},
"changed": false
}



ansible_device_links  #所有挂在的设备uuid和卷标名

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_device_links'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_device_links": {
"ids": {
"dm-0": [
"dm-name-centos-root",
"dm-uuid-LVM-rdlock3VAHcB3dNwwyYLym2uGO9gVYLylUjawiCM9Ei01XfqxeDCwuFZGm5GKTN4"
],
"dm-1": [
"dm-name-centos-swap",
"dm-uuid-LVM-rdlock3VAHcB3dNwwyYLym2uGO9gVYLye5ByMZPoe3dex42T2VCoRo0C2Rd4riqf"
],
"sda2": [
"lvm-pv-uuid-f3IVfS-XHtK-6UjN-ZyOj-s1GO-1NdX-ZIh8UN"
]
},
"labels": {},
"masters": {
"sda2": [
"dm-0",
"dm-1"
]
},
"uuids": {
"dm-0": [
"282c72d5-8cf6-4ac2-9e6a-64d19ebe2998"
],
"dm-1": [
"c351d02a-6ffa-41b1-b108-9129dbcac1a2"
],
"sda1": [
"700f5755-18e9-45b5-ab39-9c699eb0f636"
]
}
}
},
"changed": false
}



ansible_devices  #所有/dev/下的正在使用的设备信息

[root@ansible ~]# ansible test -m setup -a 'filter=ansible_devices'
192.168.100.120 | SUCCESS => {
"ansible_facts": {
"ansible_devices": {
"dm-0": {
"holders": [],
"host": "",
"links": {
"ids": [
"dm-name-centos-root",
"dm-uuid-LVM-rdlock3VAHcB3dNwwyYLym2uGO9gVYLylUjawiCM9Ei01XfqxeDCwuFZGm5GKTN4"
],
"labels": [],
"masters": [],
"uuids": [
"282c72d5-8cf6-4ac2-9e6a-64d19ebe2998"
]
},
"model": null,
"partitions": {},
"removable": "0",
"rotational": "1",
"sas_address": null,
"sas_device_handle": null,
"scheduler_mode": "",
"sectors": "35643392",
"sectorsize": "512",
"size": "17.00 GB",
"support_discard": "0",
"vendor": null,
"virtual": 1
},
"dm-1": {
"holders": [],
"host": "",
"links": {
"ids": [
"dm-name-centos-swap",
"dm-uuid-LVM-rdlock3VAHcB3dNwwyYLym2uGO9gVYLye5ByMZPoe3dex42T2VCoRo0C2Rd4riqf"
],
"labels": [],
"masters": [],
"uuids": [
"c351d02a-6ffa-41b1-b108-9129dbcac1a2"
]
},
"model": null,
"partitions": {},
"removable": "0",
"rotational": "1",
"sas_address": null,
"sas_device_handle": null,
"scheduler_mode": "",
"sectors": "4194304",
"sectorsize": "512",
"size": "2.00 GB",
"support_discard": "0",
"vendor": null,
"virtual": 1
},
"sda": {
"holders": [],
"host": "SCSI storage controller: LSI Logic / Symbios Logic 53c1030 PCI-X Fusion-MPT Dual Ultra320 SCSI (rev 01)",
"links": {
"ids": [],
"labels": [],
"masters": [],
"uuids": []
},
"model": "VMware Virtual S",
"partitions": {
"sda1": {
"holders": [],
"links": {
"ids": [],
"labels": [],
"masters": [],
"uuids": [
"700f5755-18e9-45b5-ab39-9c699eb0f636"
]
},
"sectors": "2097152",
"sectorsize": 512,
"size": "1.00 GB",
"start": "2048",
"uuid": "700f5755-18e9-45b5-ab39-9c699eb0f636"
},
"sda2": {
"holders": [
"centos-root",
"centos-swap"
],
"links": {
"ids": [
"lvm-pv-uuid-f3IVfS-XHtK-6UjN-ZyOj-s1GO-1NdX-ZIh8UN"
],
"labels": [],
"masters": [
"dm-0",
"dm-1"
],
"uuids": []
},
"sectors": "39843840",
"sectorsize": 512,
"size": "19.00 GB",
"start": "2099200",
"uuid": null
}
},
"removable": "0",
"rotational": "1",
"sas_address": null,
"sas_device_handle": null,
"scheduler_mode": "deadline",
"sectors": "41943040",
"sectorsize": "512",
"size": "20.00 GB",
"support_discard": "0",
"vendor": "VMware,",
"virtual": 1
}
}
},
"changed": false
}



ansible_user_dir  #执行用户的家目录

  root


ansible_user_gecos  #执行用户的描述信息

  the root



ansible_user_gid  #执行用户的gid

  0  



ansible_user_id  #执行用户的用户名

  root



ansible_user_shell  #执行用户的shell类型

  /bin/bash


ansible_user_uid  #执行用户的uid

  0

二、command模块

介绍
command命令模块,默认模块,用于在远程执行命令(不能使用变量)

参数:
    creates:一个文件名,该文件存在,则该命令不执行
    free_from:要执行的linux指令
    chdir:在执行指令之前,先切换到该指定的目录
    removes:一个文件名,当该文件不存在,则该选项不执行
    executable:切换shell来执行指令,该执行路径必须是一个绝对路径

三、cron定时任务模块

1、backup:对远程主机上的原计划任务内容修改之前做备份

2、cron_file:如果指定该选项。则用该文件替换远程主机上的cron.d目录下的用户的任务计划

3、day:日(1-31,*,*、2,....)

4、hours:小时(0-23,*,*、2,....)

5、minute:分钟

6、month:月

7、weekday:周

8、job:要执行的任务,依赖state=present

9、name:该任务的描述

10、special_time:指定什么时候执行,参数:reboot,yearly,annually,monthly,weekly

11、state:确认该任务计划是创建还是删除

12、user:以哪个用户的身份执行
[root@ansible tmp]# ansible test -m cron -a 'minute="*/10" job="/bin/date" name="test cron job" state="present"'
192.168.100.120 | SUCCESS => {
    "changed": true,
    "envs": [],
    "jobs": [
        "test cron job"
    ]
}

注意:
  1、定时设置指定值的写入即可,没有设置的可以不写(默认是*)
  2、name必须写
  3、state有两个状态:present(添加(默认值))或 absent(移除)


[root@ansible tmp]# ansible test -a 'crontab -l'
192.168.100.120 | SUCCESS | rc=0 >>
#Ansible: test cron job
*/10 * * * * /bin/date

#######删除计划任务

[root@ansible tmp]# ansible test -m cron -a 'minute="*/10" job="/bin/date" name="test cron job" state="absent"'
192.168.100.120 | SUCCESS => {
"changed": true,
"envs": [],
"jobs": []
}

#####查询计划任务

[root@ansible tmp]# ansible test -a "crontab -l"
192.168.100.120 | SUCCESS | rc=0 >>

四、user/group模块

user模块是请求的是useradd、userdel、usermod,group请求的是groupadd、groupdel、groupdel

参数介绍:

  

groups:指定用户的属组
uid:指定用的uid
password:为用户设置密码登录,此密码是铭文密码,输入的是加密后的密码
update_password:always/on_create
        always:只有当密码不相同时才会更新密码(默认)
        on_create:只为新用户设置密码
name:指定用户名
createhome:是否创建家目录 yes|no(默认是yes)
system:是否为系统用户
remove:当state=absent时,remove=yes则表示连同家目录一起删除,等价于userdel -r(默认是no)
state:是创建还是删除present(添加 默认值)or absent(移除)
shell:指定用户的shell环境
append:yes/no
        yes:增量添加group
        no:全量变更group,只设置groups指定group组(默认)
expires:设置用户的过期时间,值是一个时间戳

注意事项:指定password参数时,不能使用后面这遗传密码会被直接传送到被管理主机的/etc/shadow文件中,所以需要先将密码字符串进行加密处理。然后将得到的字符串放到password中即可

范例:

- user: name=johnd comment="John Doe" uid=1040 group=admin
- user: name=james shell=/bin/bash groups=admins,developers append=yes
- user: name=johnd state=absent remove=yes
- user: name=james18 shell=/bin/zsh groups=developers expires=1422403387
#生成密钥时,只会生成公钥文件和私钥文件,和直接使用ssh-keygen指令效果相同,不会生成authorized_keys文件。
- user: name=test generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa

生成加密的密码:

  1、安装python-pip,安装加密函数库-passlib

yum -y install python-pip
pip install --upgrade pip
pip install passlib

  2、使用加密函数库,获取密文密码

#  python -c "from passlib.hash import sha512_crypt; import getpass; print(sha512_crypt.using(rounds=5000).hash(getpass.getpass()))"
Password:
$6$0lwTSmqKOkL.ktgl$OnBexXC7haBf0FRHVMIZM2edDeFWBbpKJ2r9cxVwNvY.vh3IIUzwFz8n7jFglc0CrtQSY12ziDonVL6e71Og2.

  3、创建用户,指定用户密码

ansible test -m user -a 'name="testops" password="$6$0lwTSmqKOkL.ktgl$OnBexXC7haBf0FRHVMIZM2edDeFWBbpKJ2r9cxVwNvY.vh3IIUzwFz8n7jFglc0CrtQSY12ziDonVL6e71Og2."'

  4、用户删除:

[root@ansible ~]# ansible test -m user -a 'name="test" state="absent" remove="yes"'
192.168.100.120 | SUCCESS => {
    "changed": true,
    "force": false,
    "name": "test",
    "remove": true,
    "state": "absent"
}

五、copy模块

   复制文件

参数介绍:
1、backup:在覆盖之前的源文件备份,备份文件包含时间信息,有两个选项:yes|no
2、content:用于代替“src”,可以直接设定指定文件的值
3、desc:必选项,要将源文件复制到远程主机的绝对路径,如果源文件是一个目录,那么该路径也必须是一个目录
4、directory_mode:递归的设定目录的权限,默认为系统默认权限
5、force:如果目标主机包含该文件,但内容不同,如果设置为yes,则强制覆盖,如果为no,则只有当目标位置不存在该文件时,才复制,默认为yes
6、others:所有的file模块里选项都可以在这里使用
7、src:要复制到远程主机的文件在本地的地址,可以是绝对路径,也可以是相对路径。如果路径是一个目录,它将递归复制,在这种情况下,如果路径使用“/”来结尾,则只复制目录里的内容,如果没有使用“/”来结尾,则包含目录在内的整个内容全部复制,雷士rsync

01-20 23:20