部署ansible：ansible（1）-- 部署ansible连接被控端_luo_guibin的博客-CSDN博客

目录

 一、ansible常用模块

1.1 ping

1.2 command

1.3 raw

1.4 shell

1.5 script

1.6 copy

1.7 template

1.8 yum

---

11.0.1.13	主控端(ansible)
11.0.1.12	被控端(k8s-master)

 

一、ansible常用模块

查看主控端被控端IP，主控端（10.1.1.13）查看ansible配置文件的被控端，已经做好ssh连接。

[root@ansible ~]# ip a | grep 11.0.1            #主控端inet 11.0.1.13/24 brd 11.0.1.255 scope global noprefixroute ens33
[root@k8s-master ~]# ip a| grep 11.0.1.         #被控端inet 11.0.1.12/24 brd 11.0.1.255 scope global noprefixroute ens33[root@ansible ~]# cat /etc/ansible/hosts | grep -Ev '^$|#'
[test]
11.0.1.12[root@k8s-master ~]# cat /root/.ssh/authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDecpeG4vJSLMos4kyPRLKB6jRQPQZxxCj/UGUlub0nEoa7dExT5l/Jwe9ePCDmcDmD49EiUsefeixDOz/XSZIfn1+Iq/FZBS7sF21utdzX7zLU45qDurLMys44SZyckfs45PvXpjzaBqZc+WincHwKGu4EJo9eVbr9xUJUjUWre/AdLHn00XMncPHr1rFp/G6i7o6iavabFgdxCtzrqNz4xa7gOnRJpsTCHTdlCjUiPVBRMt1wEklQPMOUuJn0BIiaq8O3EI7sG/9pXgiI/l49tH77piBcZqND20uFsxHUT+55yt81cT3G6Mu+Q6BIW7RkWyFvERwrcDVWjZQ8obBD root@ansible

ansible -m module_name 没有选定则默认使用command模块

ansible -a ‘module_args’ 理解为当前指定模块所需的参数，默认模块为command，command默认参数就是一条linux命令。

1.1 ping

ping模块用于检查指定节点机器是否连通，用法很简单，不涉及参数，主机如果在线，则回复pong

[root@ansible ~]# ansible test -m ping
11.0.1.12 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "ping": "pong"
}

1.2 command

command模块用于在上执行命令，ansible默认就是使用command模块。command模块有一个缺陷就是不能使用管道符和重定向功能。

[root@ansible ~]# ansible 11.0.1.12 -a 'ls /root/.ssh'
11.0.1.12 | CHANGED | rc=0 >>
authorized_keys#ls当前目录为空
[root@ansible ~]# ansible 11.0.1.12 -a 'ls /tmp'
11.0.1.12 | CHANGED | rc=0 >>
ansible_command_payload_jXbMsq#创建test文件
[root@ansible ~]# ansible 11.0.1.12 -a 'touch /tmp/test'
[WARNING]: Consider using the file module with state=touch rather than running 'touch'.  If you need to use command
because file is insufficient you can add 'warn: false' to this command task or set 'command_warnings=False' in
ansible.cfg to get rid of this message.
11.0.1.12 | CHANGED | rc=0 >>#查看是否创建成功
[root@ansible ~]# ansible 11.0.1.12 -a 'ls /tmp'
11.0.1.12 | CHANGED | rc=0 >>
ansible_command_payload_G9vt0o
test

#重定向虽然显示成功，但实际并没有写入
[root@ansible ~]# ansible 11.0.1.12 -a "echo 'hello world' > /tmp/test"
11.0.1.12 | CHANGED | rc=0 >>
hello world > /tmp/test
[root@ansible ~]# ansible 11.0.1.12 -a 'cat /tmp/test'
11.0.1.12 | CHANGED | rc=0 >>#管道命令无法使用
[root@ansible ~]# ansible 11.0.1.12 -a 'ps -ef | grep network'
11.0.1.12 | FAILED | rc=1 >>
error: garbage optionUsage:ps [options]Try 'ps --help <simple|list|output|threads|misc|all>'or 'ps --help <s|l|o|t|m|a>'for additional help text.For more details see ps(1).non-zero return code

1.3 raw

raw模块用于在远程主机上执行命令，其支持管道符与重定向。

[root@ansible ~]# ansible 11.0.1.12 -m raw -a "echo 'hello world' > /tmp/test"
11.0.1.12 | CHANGED | rc=0 >>
Shared connection to 11.0.1.12 closed.[root@ansible ~]# ansible 11.0.1.12 -a 'cat /tmp/test'
11.0.1.12 | CHANGED | rc=0 >>
hello world#支持管道和重定向命令
[root@ansible ~]# ansible 11.0.1.12 -m raw -a 'ps -ef | grep network'
11.0.1.12 | CHANGED | rc=0 >>
root       1730      1  4 10:17 ?        00:03:01 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/config.yaml --cgroup-driver=systemd --network-plugin=cni --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.2 --cgroup-driver=systemd
root      31023  31021  0 11:26 pts/1    00:00:00 bash -c ps -ef | grep network
root      31035  31023  0 11:26 pts/1    00:00:00 grep network
Shared connection to 11.0.1.12 closed.

1.4 shell

shell模块用于在被控端上执行被控端上的脚本，亦可直接在被控端端上执行命令。shell模块亦支持管道与重定向。

使用raw写入被控端/tmp/shell.sh

[root@ansible ~]# ansible 11.0.1.12 -m raw -a "echo 'echo shell_module' > /tmp/shell.sh"
11.0.1.12 | CHANGED | rc=0 >>
Shared connection to 11.0.1.12 closed.[root@ansible ~]# ansible 11.0.1.12 -m raw -a 'cat /tmp/shell.sh'
11.0.1.12 | CHANGED | rc=0 >>
echo shell_module
Shared connection to 11.0.1.12 closed.#成功执行sh文件
[root@ansible ~]# ansible 11.0.1.12 -m shell -a 'sh /tmp/shell.sh'
11.0.1.12 | CHANGED | rc=0 >>
shell_module

1.5 script

script模块用于在被控端

上执行主控机上的脚本

[root@ansible ~]# echo "echo master-node" > /tmp/script.sh
[root@ansible ~]# cat /tmp/script.sh 
echo master-node

执行主控机脚本script.sh，成功打印“master-node”。

[root@ansible ~]# ansible 11.0.1.12 -m script -a "/tmp/script.sh"
11.0.1.12 | CHANGED => {"changed": true, "rc": 0, "stderr": "Shared connection to 11.0.1.12 closed.\r\n", "stderr_lines": ["Shared connection to 11.0.1.12 closed."], "stdout": "master-node\r\n", "stdout_lines": ["master-node"]
}

执行主控机脚本并将执行结果写入被控端/tmp/script-tmp文件

[root@ansible ~]# ansible 11.0.1.12 -m script -a "/tmp/script.sh &> /tmp/script-tmp"
11.0.1.12 | CHANGED => {"changed": true, "rc": 0, "stderr": "Shared connection to 11.0.1.12 closed.\r\n", "stderr_lines": ["Shared connection to 11.0.1.12 closed."], "stdout": "", "stdout_lines": []
}#查看输出是否成功
[root@ansible ~]# ansible 11.0.1.12 -m shell -a "cat /tmp/script-tmp"
11.0.1.12 | CHANGED | rc=0 >>
master-node
[root@ansible ~]# 

1.6 copy

copy模块用于复制文件至远程被控端，dest是被控端路径，必须是绝对路径。

[root@ansible ~]# touch /tmp/copy
[root@ansible ~]# ansible 11.0.1.12 -m copy -a 'src=/tmp/copy dest=/tmp/copy-bak' 
11.0.1.12 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": true, "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "dest": "/tmp/copy-bak", "gid": 0, "group": "root", "md5sum": "d41d8cd98f00b204e9800998ecf8427e", "mode": "0644", "owner": "root", "size": 0, "src": "/root/.ansible/tmp/ansible-tmp-1692430003.5-3588-37280436501987/source", "state": "file", "uid": 0
}[root@ansible ~]# ansible 11.0.1.12 -m shell -a 'ls /tmp/ | grep copy' 
11.0.1.12 | CHANGED | rc=0 >>
copy-bak

1.7 template

template其实和copy类似复制文件。

src是控制端目录，可以是相对路径也可以是绝对路径，dest是被控端路径，必须是绝对路径。

template模块与copy模块作用相同都是用于copy文件的，区别在于copy模块copy的src源文件都是静态文件，不存在变量；当年我们需要copy的文件中出现变量，我们就要用到template模块；并且src文件是以".j2"结尾的模板文件，当然普通文件也可以通过template实现复制，简单来说，template会比copy跟高级。

[root@ansible ~]# touch /tmp/template[root@ansible ~]# ansible 11.0.1.12 -m template -a 'src=/tmp/template dest=/tmp/template-bak' 
11.0.1.12 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": true, "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "dest": "/tmp/template-bak", "gid": 0, "group": "root", "md5sum": "d41d8cd98f00b204e9800998ecf8427e", "mode": "0644", "owner": "root", "size": 0, "src": "/root/.ansible/tmp/ansible-tmp-1692430426.38-3724-205690846918337/source", "state": "file", "uid": 0
}[root@ansible ~]# ansible 11.0.1.12 -m shell -a 'ls /tmp/ | grep template' 
11.0.1.12 | CHANGED | rc=0 >>
template-bak

1.8 yum

使用yum模块需要保证被控端有合适的yum源，yum模块用于在指定节点机器上通过yum管理软件，其支持的参数主要有两个。

• name：要管理的包名
• state：要进行的操作

state常用的值：

• latest：安装软件
• installed：安装软件
• present：安装软件
• removed：卸载软件
• absent：卸载软件

被控端安装ftp服务

[root@k8s-master ~]# rpm -qa | grep ftp
[root@k8s-master ~]# [root@ansible ~]# ansible 11.0.1.12 -m yum -a 'name=ftp state=present' 
11.0.1.12 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": true, "changes": {"installed": ["ftp"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirrors.aliyun.com\n * extras: mirrors.aliyun.com\n * updates: mirrors.ustc.edu.cn\nResolving Dependencies\n--> Running transaction check\n---> Package ftp.x86_64 0:0.17-67.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package        Arch              Version                 Repository       Size\n================================================================================\nInstalling:\n ftp            x86_64            0.17-67.el7             base             61 k\n\nTransaction Summary\n================================================================================\nInstall  1 Package\n\nTotal download size: 61 k\nInstalled size: 96 k\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n  Installing : ftp-0.17-67.el7.x86_64                                       1/1 \n  Verifying  : ftp-0.17-67.el7.x86_64                                       1/1 \n\nInstalled:\n  ftp.x86_64 0:0.17-67.el7                                                      \n\nComplete!\n"]
}[root@k8s-master ~]# rpm -qa | grep ftp
ftp-0.17-67.el7.x86_64

被控端卸载ftp服务

[root@ansible ~]# ansible 11.0.1.12 -m yum -a 'name=ftp state=removed' 
11.0.1.12 | CHANGED => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": true, "changes": {"removed": ["ftp"]}, "msg": "", "rc": 0, "results": ["Loaded plugins: fastestmirror\nResolving Dependencies\n--> Running transaction check\n---> Package ftp.x86_64 0:0.17-67.el7 will be erased\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package        Arch              Version                Repository        Size\n================================================================================\nRemoving:\n ftp            x86_64            0.17-67.el7            @base             96 k\n\nTransaction Summary\n================================================================================\nRemove  1 Package\n\nInstalled size: 96 k\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n  Erasing    : ftp-0.17-67.el7.x86_64                                       1/1 \n  Verifying  : ftp-0.17-67.el7.x86_64                                       1/1 \n\nRemoved:\n  ftp.x86_64 0:0.17-67.el7                                                      \n\nComplete!\n"]
}[root@k8s-master ~]# rpm -qa | grep ftp
[root@k8s-master ~]#

参考文档：

https://www.cnblogs.com/Their-own/archive/2022/10/24/16820142.html

ansible的copy模块四种拷贝情况_如何查看ansible copy失效原因_-光光-的博客-CSDN博客