Ansible execution result information - color description; ansible ad hoc description; how to view help documents and common module details
Host planning
Add user account
Explain:
1. Login account used by operation and maintenance personnel;
2. All businesses are placed in the "home directory of yun users" under / app / to avoid misplacement of business data;
3. This user is also used by ansible, because almost all production environments prohibit root remote login (so the yun user also performs sudo authorization).
1 # Use a dedicated user and avoid using root directly 2 # Add user, specify home directory and specify user password 3 # sudo raise power 4 # Allow other ordinary users to enter the directory to view information 5 useradd -u 1050 -d /app yun && echo '123456' | /usr/bin/passwd --stdin yun 6 echo "yun ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers 7 chmod 755 /app/
Ansible configuration list Inventory
After that, the article is the following host configuration list
1 [yun@ansi-manager ansible_info]$ pwd 2 /app/ansible_info 3 [yun@ansi-manager ansible_info]$ cat hosts_key 4 # Mode 1. Host + port + secret key 5 [manageservers] 6 172.16.1.180:22 7 8 [proxyservers] 9 172.16.1.18[1:2]:22 10 11 # Mode 2: alias + Host + port + Password 12 [webservers] 13 web01 ansible_ssh_host=172.16.1.183 ansible_ssh_port=22 14 web02 ansible_ssh_host=172.16.1.184 ansible_ssh_port=22 15 web03 ansible_ssh_host=172.16.1.185 ansible_ssh_port=22
Ansible execution return = > color information description
Yellow: successful execution with status changes
ansible proxyservers -m command -a 'cat /etc/hosts' -i hosts_key
Green: it is executed successfully and no status change occurs, or it is only to view the status information of the remote node
ansible proxyservers -m ping -i hosts_key
Red: abnormal operation execution command
ansible proxyservers -m command -a 'll /tmp' -i hosts_key
Purple: indicates a warning message for command execution (possible problems, give you some suggestions)
1 # Where the hosts'kkk file does not exist 2 ansible proxyservers -m command -a 'll /tmp' -i hosts_kkk
Ad hoc of Ansible
There are two modes in Ansible, ad hoc mode and Playbooks mode.
In short, ad-hoc is a "temporary command", which will not be saved.
Use scenarios of ad-hoc mode
Scenario 1: on multiple machines, check whether a process is started
Scenario 2: on multiple machines, copy the specified log file to local, etc
Command usage in ad-hoc mode
Ansible view help method
1 [yun@ansi-manager ~]$ ansible-doc -l # View all modules and brief descriptions 2 [yun@ansi-manager ~]$ ansible-doc copy # View the specified module method "can view expuls information first" 3 [yun@ansi-manager ~]$ ansible-doc -s copy # View the Playbooks snippet for the specified module
Ansible common modules
Working directory and host list
Current working directory and host list
1 [yun@ansi-manager ansible_info]$ pwd 2 /app/ansible_info 3 [yun@ansi-manager ansible_info]$ ll 4 total 4 5 -rw-rw-r-- 1 yun yun 226 Oct 8 16:07 hosts_key 6 [yun@ansi-manager ansible_info]$ cat hosts_key 7 # Mode 1. Host + port + secret key 8 [manageservers] 9 172.16.1.180:22 10 11 [proxyservers] 12 172.16.1.18[1:2]:22 13 14 # Mode 2: alias + Host + port + Password 15 [webservers] 16 web01 ansible_ssh_host=172.16.1.183 ansible_ssh_port=22 17 web02 ansible_ssh_host=172.16.1.184 ansible_ssh_port=22 18 web03 ansible_ssh_host=172.16.1.185 ansible_ssh_port=22
Command command module
Default module for executing commands. Pipeline or redirection is not supported.
Normal example
1 [yun@ansi-manager ansible_info]$ ansible proxyservers -a 'df -h' -i hosts_key 2 # perhaps 3 [yun@ansi-manager ansible_info]$ ansible proxyservers -m command -a 'df -h' -i hosts_key
Exception example
1 # Redirection not supported 2 ansible proxyservers -m command -a 'df -h > /tmp/df.info' -i hosts_key 3 # Pipeline not supported 4 ansible proxyservers -m command -a "df -h | grep 'boot'" -i hosts_key
shell command module
The function is the same as command, and supports pipeline and redirection. This module takes precedence over command.
Example
1 ansible proxyservers -m shell -a "df -h | grep 'boot'" -i hosts_key 2 ansible proxyservers -m shell -a "df -h > /tmp/df.info" -i hosts_key
Script script module
Running the module locally is the same as executing it remotely. The script file does not need to be pushed to the target host for execution.
Example
sudo in the script
1 # Operating on ansible Manager 2 [yun@ansi-manager ansible_info]$ cat /app/yunwei/yum_test.sh 3 #!/bin/sh 4 # Because of the yun Users, not root Users, therefore sudo Power raising 5 sudo yum install -y iftop 6 [yun@ansi-manager ansible_info]$ ansible proxyservers -m script -a "/app/yunwei/yum_test.sh" -i hosts_key
No sudo rights in the script
1 # Operating on ansible Manager 2 [yun@ansi-manager ansible_info]$ cat /app/yunwei/yum_test.sh 3 #!/bin/sh 4 yum install -y iftop 5 ####################################### 6 # Because we are using ordinary users of yun 7 # So we need to use -b Select to withdraw the right, so that the remote root User execution 8 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m script -a "/app/yunwei/yum_test.sh" -i hosts_key
Check whether iftop is installed in yum on the target machine
1 [root@ansi-haproxy01 ~]# ps -ef | grep 'iftop' 2 root 3867 3866 0 23:25 pts/1 00:00:00 sudo yum install -y iftop 3 root 3868 3867 48 23:25 pts/1 00:00:12 /usr/bin/python /bin/yum install -y iftop 4 root 4144 3155 0 23:25 pts/0 00:00:00 grep --color=auto iftop
yum install software module
Install the software in the target machine, yum
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc yum 3 # Because we are using ordinary users of yun 4 # Therefore, it is necessary to use -b Choose to withdraw right 5 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m yum -a 'name=httpd state=present' -i ./hosts_key
Description of relevant options:
Name: the name of the package to install
State: state description
'present' and 'installed' simply ensure that the required packages are installed. "Use present first"
'latest' will update the specified package if it is not the latest available version.
'absent' and 'removed' will delete the specified package [use with caution!!! ] "If you want to use absent first"
Download only: download package only, do not install
Copy file copy module "local to remote"
Copy the file or directory of the control machine to the controlled machine, and specify the attribute information of the target file / directory.
Control machine operation
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc copy 3 # Because we are using ordinary users of yun 4 # So sometimes you need to use -b Choose to withdraw right 5 # Write content in content directly to the target file 6 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m copy -a "content='123\n' dest=/tmp/copy_test2 owner=root group=root mode=0644 backup=yes" -i ./hosts_key 7 ## Copy file 8 [yun@ansi-manager ansible_info]$ cat /tmp/copy_test 9 111111 10 222222 11 333333 12 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m copy -a "src=/tmp/copy_test dest=/tmp/ owner=root group=root mode=0644 backup=yes" -i ./hosts_key 13 ## replica catalog 14 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m copy -a "src=/app/yunwei dest=/tmp/ owner=root group=root mode=0644 backup=yes" -i ./hosts_key
Check the controlled end
1 [yun@ansi-haproxy01 tmp]$ cat copy_test2 2 123 3 [yun@ansi-haproxy01 tmp]$ cat /tmp/copy_test 4 111111 5 222222 6 333333
Description of relevant options:
src: source file "can be absolute path or relative path"
remote_src: if it is False, the source file is local; if it is True, the source file is remote
dest: the target path or file of the pushed data
Owner: Specifies the owner of the remote file
Group: Specifies the group of the remote file
mode: specify permissions for remote files
backup: if the pushed target file exists and is different from the source file, the target file will be backed up "through checksum verification"
Content: write content in content directly to the target file
matters needing attention:
1. For the same source file, if the content of the source file has not been modified, the file to be copied will not be copied if it is detected that the content of the file to be copied is the same as that of the target file during the second same operation, and the property of the target file has not changed before and after. Since the properties of the target file have not changed, the returned data color is green. As shown in the figure below.
2. For the same source file, if the content of the source file has not been modified, the second time the same operation is performed, if the content of the source file and the target file are the same, "pass the check", but before and after the property of the target file, it is required to change the "owner, group and permission", then the copy will not be performed. However, because the properties of the target file have changed, the returned data color is yellow.
fetch file copy module "remote to local"
The function of this module is similar to copy module, but it is reverse. Copy remote files to local. Note: currently only files are supported, recursive copy is not supported.
Because ansible uses the yun user, the files copied from the remote end belong to the yun user.
Control machine operation
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc fetch 3 # Because we are using ordinary users of yun 4 # Therefore, it is sometimes necessary to use the - b option to claim rights
Document preparation at controlled end 1
1 [test1@ansi-haproxy01 tmp]$ ll /tmp/test1 2 -rw-rw-r-- 1 test1 test1 20 Nov 2 11:04 /tmp/test1 3 [test1@ansi-haproxy01 tmp]$ cat /tmp/test1 4 111 5 222 6 333 7 aaa 8 bbb
Document preparation of controlled end 2
1 [test1@ansi-haproxy02 tmp]$ ll /tmp/test1 2 -rw-rw-r-- 1 test1 test1 20 Nov 2 11:04 /tmp/test1 3 [test1@ansi-haproxy02 tmp]$ cat /tmp/test1 4 1111
Copy mode 1
1 [yun@ansi-manager ansible_info]$ ansible 172.16.1.181 -b -m fetch -a "src=/tmp/test1 dest=/tmp/" -i ./hosts_key # Copy 172.16.1.181 Mainframe 2 perhaps 3 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m fetch -a "src=/tmp/test1 dest=/tmp/" -i ./hosts_key # Copy the 4 ## View the copy result "note directory hierarchy" 5 [yun@ansi-manager ansible_info]$ ll /tmp/ 6 total 4 7 drwxrwxr-x 3 yun yun 17 Nov 2 11:21 172.16.1.181 8 drwxrwxr-x 3 yun yun 17 Nov 2 11:23 172.16.1.182 9 [yun@ansi-manager ansible_info]$ tree /tmp/172.16.1.18* 10 /tmp/172.16.1.181 11 └── tmp 12 └── test1 13 /tmp/172.16.1.182 14 └── tmp 15 └── test1 16 17 2 directories, 2 files
Copy mode 2
1 # If used flat=yes,It's better to copy only the files of one remote host. If it's multiple, the results of later execution will overwrite the previous ones. 2 # dest Path has / Ending 3 [yun@ansi-manager ansible_info]$ ansible 172.16.1.181 -b -m fetch -a "src=/tmp/test1 dest=/tmp/kkk2/ flat=yes" -i ./hosts_key # Recommended, only one copy 4 # dest No path / Ending 5 [yun@ansi-manager ansible_info]$ ansible 172.16.1.181 -b -m fetch -a "src=/tmp/test1 dest=/tmp/kkk flat=yes" -i ./hosts_key # Recommended, only one copy 6 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m fetch -a "src=/tmp/test1 dest=/tmp/kkk flat=yes" -i ./hosts_key # Not recommended, it will produce coverage 7 ## View copy results 8 [yun@ansi-manager ansible_info]$ cat /tmp/kkk2/test1 9 111 10 222 11 333 12 aaa 13 bbb 14 [yun@ansi-manager ansible_info]$ ll /tmp/kkk 15 -rw-rw-r-- 1 yun yun 20 Nov 2 11:25 /tmp/kkk 16 [yun@ansi-manager ansible_info]$ cat /tmp/kkk # The file does not "11111"Information; has a coverage effect 17 111 18 222 19 333 20 aaa 21 bbb
Description of relevant options:
src: source file, currently only files are supported, directory is not supported
Dest: the target path of the push data. The default is: dest[path]/hostname/src[path]. See example above
flat: the default is False. When yes/True, the copy effect is similar to the local copy.
Template template use
The function of this module is similar to the copy module, but the copy module does not support variables and templates.
The template module supports variables and Jinja templates. So if the configuration file in the build involves variables, use the template module.
The playbook, variables, and Jinja are covered in detail in a later article.
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc template 3 # Because we are using ordinary users of yun 4 # So sometimes you need to use -b Choose to withdraw right 5 # palybook 6 [yun@ansi-manager ansible_info]$ pwd 7 /app/ansible_info 8 [yun@ansi-manager ansible_info]$ ll 9 total 16 10 drwxrwxr-x 2 yun yun 35 Oct 11 11:23 file 11 -rw-rw-r-- 1 yun yun 226 Oct 8 16:07 hosts_key 12 -rw-rw-r-- 1 yun yun 304 Oct 11 11:40 test_template.yml 13 [yun@ansi-manager ansible_info]$ ll file/ # Documents involved 14 total 4 15 -rw-rw-r-- 1 yun yun 175 Oct 11 11:23 test_template.conf.j2 16 [yun@ansi-manager ansible_info]$ cat file/test_template.conf.j2 17 # facts variable 18 dns_info={{ ansible_dns['nameservers'][0] }} 19 mem_total={{ ansible_memtotal_mb }} 20 # Custom variable 21 listen_port={{ listen_port }} 22 access_addr={{ access_addr }} 23 24 [yun@ansi-manager ansible_info]$ 25 [yun@ansi-manager ansible_info]$ cat test_template.yml # playbook involved 26 --- 27 # template example 28 - hosts: proxyservers 29 vars: 30 - listen_port: 8080 31 - access_addr: zhangblog.com 32 33 tasks: 34 - name: "template conf" 35 template: 36 src: ./file/test_template.conf.j2 37 dest: /tmp/test_template.conf 38 owner: root 39 group: yun 40 mode: '0600' 41 [yun@ansi-manager ansible_info]$ ansible-playbook -b -i ./hosts_key test_template.yml # implement
Target machine view
1 [root@ansi-haproxy01 tmp]# pwd 2 /tmp 3 [root@ansi-haproxy01 tmp]# cat test_template.conf 4 # facts variable 5 dns_info=223.5.5.5 6 mem_total=1821 7 # Custom variable 8 listen_port=8080 9 access_addr=zhangblog.com
Description of relevant options:
src: source file "can be absolute path or relative path"
dest: the target path or file of the pushed data
Owner: Specifies the owner of the remote file
Group: Specifies the group of the remote file
mode: specify permissions for remote files
backup: if the pushed target file exists and is different from the source file, the target file will be backed up
file configuration module
Create a file or directory on the controlled machine, or modify the attribute information such as owner, group and permission
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc file 3 # Because we are using ordinary users of yun 4 # So sometimes you need to use -b Choose to withdraw right 5 ## Change the attribute of the target file on the controlled machine [the file already exists] 6 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m file -a "path=/tmp/yum_test.sh owner=yun group=yun mode=0600" -i ./hosts_key 7 ## Create a soft connection on the controlled machine 8 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m file -a "src=/tmp/yum_test.sh dest=/tmp/yum_link.sh owner=yun group=yun state=link" -i ./hosts_key 9 ## Create a hard link on the controlled machine 10 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m file -a "src=/tmp/yum_test.sh dest=/tmp/yum_hard.sh owner=yun group=root state=hard" -i ./hosts_key 11 ## On the controlled machine, create if the target file does not exist 12 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m file -a "path=/tmp/dest_file owner=yun group=yun state=touch" -i ./hosts_key 13 ## In the controller, if the target directory does not exist, create "multi level directory can be created" 14 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m file -a "path=/tmp/desc_dir/aaa/bbb owner=yun group=root mode=700 state=directory" -i ./hosts_key 15 ## In the controller, change the attribute information of the target directory and all directories or files under the directory to "recursively modify" 16 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m file -a "path=/tmp/desc_dir owner=yun group=zhang mode=766 state=directory recurse=yes" -i ./hosts_key 17 ## In the controlled machine, if the target file or directory exists, delete "use with caution"!!! " 18 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m file -a "path=/tmp/desc_dir state=absent " -i ./hosts_key
Description of relevant options:
path: Specifies the target file or directory
Owner: Specifies the owner of the target file
Group: Specifies the group of the target file
mode: specify the permissions of the target file
State: state description
File: default, specify file
link: create a soft connection
Hard: create a hard link
touch: create if file does not exist
Directory: create if directory does not exist
absent: if the target file or directory exists, delete "use with caution"!!! "
recurse: recursive authorization
Line edit module
This module ensures that there are specific lines in the file, or replaces the existing lines with a regular expression that references back. This is useful when you want to change only one line in the file.
If you want to change more than one similar row, look at the [replace] module. If you want to insert / update / delete a line block in a file, check the [blockinfile] module. For other cases, see the [copy] or [template] module.
Data file preparation
1 [yun@ansi-manager tmp]$ cat /tmp/lineinfile_test 2 # disabled - No SELinux policy is loaded. 3 SELINUX=disabled1 4 # disabled - No SELinux policy is loaded. 5 SELINUX=disabled2 6 # disabled - No SELinux policy is loaded. 7 SELINUX=disabled3 8 # SELINUXTYPE= can take one of three two values: 9 10 # httpd listen port 11 Listen 80
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc lineinfile 3 # Because we are using ordinary users of yun 4 # Therefore, it is sometimes necessary to use the - b option to claim rights
Row insertion
1 # If there is no string in line in the file, it will be appended at the end of the file; if there is, no operation will be performed. 2 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m lineinfile -a "path=/tmp/lineinfile_test line='# who are you?'" -i ./hosts_key 3 # First, make sure that the string in line does not exist in the file. If there is, it will not be added 4 # Secondly, the regular rules in insertafter will be used for regular matching. If the matching is successful, the line will be inserted after the last matching line. If the matching is not successful, the line will be inserted at the end of the file 5 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m lineinfile -a "path=/tmp/lineinfile_test insertafter='SELINUX' line='insertafter test1'" -i ./hosts_key 6 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m lineinfile -a "path=/tmp/lineinfile_test insertafter='SELINUXXX' line='insertafter test2'" -i ./hosts_key 7 # First, make sure that the string in line does not exist in the file. If there is, it will not be added 8 # Secondly, the regular rules in insertbefore will be used for regular matching. If the matching is successful, the line will be inserted before the last matching line. If the matching is not successful, the line will be inserted at the end of the file 9 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m lineinfile -a "path=/tmp/lineinfile_test insertbefore='SELINUX' line='insertbefore test1'" -i ./hosts_key 10 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m lineinfile -a "path=/tmp/lineinfile_test insertbefore='SELINUXXX' line='insertbefore test2'" -i ./hosts_key
Row replacement
1 # state=present If there are multiple matches, the last match will be modified; if there is no match, the last match will be appended at the end of the file, regardless of line Whether it exists. 2 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m lineinfile -a "path=/tmp/lineinfile_test regexp='^SELINUX=' line='SELINUX=enforcing'" -i ./hosts_key 3 # state=present If there are more than one match, the last match will be modified; if there is no match, the file will remain unchanged backrefs=yes. 4 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m lineinfile -a "path=/tmp/lineinfile_test regexp='^ELINUX=' line='SELINUX=enforcing' backrefs=yes" -i ./hosts_key
Row deletion
1 # state=absent If there are multiple matches, each match will delete the matching row 2 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m lineinfile -a "path=/tmp/lineinfile_test regexp='^SELINUX=' state=absent" -i ./hosts_key 3 # According to line matching, delete matching line if matching 4 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m lineinfile -a "path=/tmp/lineinfile_test line='# httpd listen port' state=absent" -i ./hosts_key
Description of relevant options:
path: the file to modify.
Line: used with state=present; the line to insert or replace in the file.
State: state description
present: add or modify, default
absent: delete
backrefs: used with state=present; if line is set to include reverse references (location and naming), when 'regexp' matches, reverse references will be filled.
This parameter slightly changes the operation of the module; 'insertbefore' and 'insertafter' will be ignored, and if 'regexp' does not match anywhere in the file, the file will remain unchanged.
regexp: perform regular matching on each line of the file; for state=present, only the last line matching will be replaced; for state=absent, the line will be deleted as long as it is matched.
backup: back up the source file. Default: False
Create: use with state=present; if not, create the file. Default: False
insertafter: used with state=present; inserted after matching rows. Using a regular expression, insert the row after the last match of the specified regular expression. If the first match is required, use (firstmatch=yes).
If no match is successful, it is inserted at the end of the file. Priority is lower than regexp.
Insert before: use with state=present; insert before matching lines. Using a regular expression, insert the row before the last match of the specified regular expression. If the first match is required, use (firstmatch=yes).
If no match is successful, it is inserted at the end of the file. Priority is lower than regexp.
First match: used with insertafter or insertbefore; first regular match in insertafter or insertbefore. Default: False
Owner: Specifies the owner of the remote file
Group: Specifies the group of the remote file
mode: specify permissions for remote files
blockinfile multiline editing module
This module can help us insert "a piece of text" in the specified file, which is marked.
In other words, we mark the text so that we can find the text through "mark" in later operations, and then modify or delete it
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc blockinfile 3 # Because we are using ordinary users of yun 4 # Therefore, it is sometimes necessary to use the - b option to claim rights
On the nonexistent files -- multi line insertion and modification
1 # /tmp/blockinfile_test The file does not exist, so the create option 2 # insert/Modify insert if not, modify if there is previous information 3 ##### If not, create a file and [insert] information 4 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m blockinfile -a 'path=/tmp/blockinfile_test block="Match User ansible-agent\nPasswordAuthentication no" create=yes' -i ./hosts_key 5 [root@ansi-manager ansible_info]# cat /tmp/blockinfile_test # View file information 6 # BEGIN ANSIBLE MANAGED BLOCK 7 Match User ansible-agent 8 PasswordAuthentication no 9 # END ANSIBLE MANAGED BLOCK 10 ##### File already exists, mark already exists, here is modify 11 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m blockinfile -a 'path=/tmp/blockinfile_test block="iface eth0 inet static\n address 192.0.2.23\n netmask 255.255.255.0" create=yes' -i ./hosts_key 12 [root@ansi-manager ansible_info]# cat /tmp/blockinfile_test # View file information 13 # BEGIN ANSIBLE MANAGED BLOCK 14 iface eth0 inet static 15 address 192.0.2.23 16 netmask 255.255.255.0 17 # END ANSIBLE MANAGED BLOCK
To insert and modify existing files
1 [root@ansi-manager ansible_info]# cat /tmp/blockinfile_test2 # View file information 2 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> 3 <html> 4 <head> 5 <title>blockinfile info</title> 6 </head> 7 <body> 8 <h1>welcome to here.</h1> 9 </body></html> 10 ##### Insert multiline marker block information also uses the insert after option 11 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m blockinfile -a 'path=/tmp/blockinfile_test2 marker="<!-- {mark} ANSIBLE MANAGED BLOCK -->" insertafter="<body>" block="<h1>Welcome to blockinfile</h1>\n<p>Last Login By you!</p>"' -i ./hosts_key 12 [root@ansi-manager ansible_info]# cat /tmp/blockinfile_test2 # View file information 13 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> 14 <html> 15 <head> 16 <title>blockinfile info</title> 17 </head> 18 <body> 19 <!-- BEGIN ANSIBLE MANAGED BLOCK --> 20 <h1>Welcome to blockinfile</h1> 21 <p>Last Login By you!</p> 22 <!-- END ANSIBLE MANAGED BLOCK --> 23 <h1>welcome to here.</h1> 24 </body></html> 25 ##### Delete marker block information 26 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m blockinfile -a 'path=/tmp/blockinfile_test2 marker="<!-- {mark} ANSIBLE MANAGED BLOCK -->" block=""' -i ./hosts_key 27 [root@ansi-manager ansible_info]# cat /tmp/blockinfile_test2 # View file information 28 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> 29 <html> 30 <head> 31 <title>blockinfile info</title> 32 </head> 33 <body> 34 <h1>welcome to here.</h1> 35 </body></html>
Description of relevant options:
path: the file to modify.
Block: to insert text within a marked line. If the option is missing or an empty string, the block is removed, just as "state" is specified as "absent.". (alias: content)
State: state description
present: add or modify, default
absent: delete
Create: create if the file does not exist. Default: False
backup: back up the source file. Default: False
insertafter: insert after matching rows. Using a regular expression, insert the block after the last match of the specified regular expression.
If no match is successful, it is inserted at the end of the file.
Insert before: insert before matching line. Using a regular expression, insert the block before the last match of the specified regular expression.
If no match is successful, it is inserted at the end of the file.
Marker: marker line template. " {mark} 'will be replaced by the values of' in marker 'BEGIN' [default: BEGIN] and 'marker' END '[default: END]
marker_begin: information about the starting marker variable. Default: BEGIN
Marker end: information about the marker variable at the end. Default: END
Owner: Specifies the owner of the remote file / directory
Group: Specifies the group of remote files / directories
mode: specify permissions for remote files / directories
INI file ini format configuration module
Manage (add, delete, change) individual configurations in an ini file without having to use [template] or [assemble] to manage the entire file. Add a section that does not exist.
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc ini_file 3 # Because we are using ordinary users of yun 4 # Therefore, it is sometimes necessary to use the - b option to claim rights
Add and modify
1 # For the first execution, if the file does not exist, the added section and option information will be created by default 2 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m ini_file -a "path=/tmp/test.ini section=drinks option=username value=bobe mode='0644'" -i ./hosts_key 3 # Modify option information 4 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m ini_file -a "path=/tmp/test.ini section=drinks option=username value=alice" -i ./hosts_key 5 # Add another section information 6 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m ini_file -a "path=/tmp/test.ini section=base_info option=address value='BeiJing'" -i ./hosts_key 7 # Add an option information, or put it under the drivers section 8 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m ini_file -a "path=/tmp/test.ini section=drinks option=password value=123456" -i ./hosts_key
delete
1 # Delete the whole section, delete the drivers section 2 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m ini_file -a "path=/tmp/test.ini section=drinks state=absent" -i ./hosts_key 3 # Delete the option under the specified section 4 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m ini_file -a "path=/tmp/test.ini section=base_info option=address state=absent" -i ./hosts_key
Description of relevant options:
Path: INI format file path. If not, it is created by default.
Section: section name in the INI file. When setting a single value, 'state=present' will automatically add this value. If left blank or set to 'null', the 'option' will be placed before the first 'section'.
If the configuration format does not support section, "null" is also required.
Option: if set (value to change), this is the name of the option. If the entire "section" is added / deleted, it can be omitted. Default: null
Value: the value of option. You can omit "option" when deleting it.
State: state description
present: add or modify, default
absent: delete
backup: back up the source file. Default: False
create: creates a file if it does not exist. Default: True
Owner: Specifies the owner of the remote file
Group: Specifies the group of the remote file
mode: specify permissions for remote files
No? Extra? Spaces: no spaces are inserted before and after the = symbol. Default: False
replace multiline replacement module
Replace / delete the matching content of the file.
Data file preparation
1 [yun@ansi-manager ~]$ cat /tmp/replace_test 2 172.16.1.181 test1.zhangblog.com 3 172.16.1.182 test2.zhangblog.org 4 172.16.1.183 test3.zhangblog.net 5 6 # httpd listen port 7 Listen 80 8 ServerRoot "/etc/httpd" 9 User apache 10 Group apache
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc replace 3 # Because we are using ordinary users of yun 4 # So sometimes you need to use -b Choose to withdraw right 5 # Replace the row to which regexp regular matches with the content of replace; and reverse reference is used here. 6 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m replace -a "path=/tmp/replace_test regexp='(\s+)test\d+\.zhangblog\.(\w+)?$' replace='\1new.host.name.\2'" -i ./hosts_key 7 # Replace each line after after after with the content in replace 8 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m replace -a "path=/tmp/replace_test after='# httpd listen port' regexp='^(.+)$' replace='after replace'" -i ./hosts_key 9 # If the after does not match a row, the content of the row that does not match after the after matches will also be replaced by the content in replace 10 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m replace -a "path=/tmp/replace_test after='# httpd listen' regexp='^(.+)$' replace='# after replace'" -i ./hosts_key 11 # Replace each line before before with the content in replace 12 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m replace -a "path=/tmp/replace_test before='listen port' regexp='^(.+)$' replace='before replace'" -i ./hosts_key 13 # If before doesn't match a row, the content of the row that didn't match before before before will be replaced by the content in replace 14 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m replace -a "path=/tmp/replace_test before='listen port' regexp='^(.+)$' replace='before replace'" -i ./hosts_key 15 # Delete the matching content, the number of lines will not change. If the entire row matches, it will be empty. 16 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m replace -a "path=/tmp/replace_test regexp='zhangblog'" -i ./hosts_key 17 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m replace -a "path=/tmp/replace_test regexp='.*test.*'" -i ./hosts_key
Description of relevant options:
Path: the file path to operate on.
After: if specified, only after matching content will be replaced / deleted. It can be combined with before. After may match a row or part of a row; regular matching is not supported.
Before: if specified, only before matching will be replaced / deleted. It can be used in combination with after. Before may match a row or part of a row; regular matching is not supported.
regexp: the regular expression to look up in the contents of the file.
replace: the string that replaces the regexp match. It may contain reverse references, which will be expanded using the regexp capture group if they match. If it is not set, the match is completely removed.
Reverse references can be used vaguely as' \ 1 ', or explicitly as' \ g < 1 >'.
backup: back up the source file. Default: False
Encoding: character encoding used to read and write files. Default: utf-8
Owner: Specifies the owner of the remote file
Group: Specifies the group of the remote file
mode: specify permissions for remote files
sysctl modifying kernel parameter module
This module operates on sysctl entries and optionally / sbin/sysctl -p after changing them.
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc sysctl 3 # Because we are using ordinary users of yun 4 # So sometimes you need to use -b Choose to withdraw right 5 # Will modify /etc/sysctl.conf Document and execute /sbin/sysctl -p Make it effective 6 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m sysctl -a 'name=net.ipv4.ip_forward value=1' -i ./hosts_key 7 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m sysctl -a 'name=vm.swappiness value=5' -i ./hosts_key
Description of relevant options:
Name: kernel parameter variable name. (alias: key)
Value: the expected value of the sysctl key. (alias: val)
reload: when yes is selected, if the sysctl file is modified, then / sbin/sysctl -p will be executed to make the modified parameters effective. When it is no, sysctl is not overloaded, although sysctl ﹣ file has been modified.
State: state description
present: add or modify, default
absent: delete
Sysctl? File: Specifies the absolute path to the sysctl.conf file. Default: / etc/sysctl.conf
Sysctl? Set: use the sysctl command to verify the token value and - w if necessary. Default: no
Ignore errors: use this option to ignore errors about unknown keys. Default: no
Get URL file download module
Download a file over HTTP, HTTPS, or FTP.
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc get_url 3 ## Download a file 4 [yun@ansi-manager ansible_info]$ ansible proxyservers -m get_url -a "url='http://www.zhangblog.com/uploads/jvm/jvm-01-01.png' dest=/tmp/ mode=0640" -i ./hosts_key 5 ## Before downloading, the checksums will be compared. If not, the checksums will not be downloaded 6 [yun@ansi-manager ansible_info]$ ansible proxyservers -m get_url -a "url='http://www.zhangblog.com/uploads/jvm/jvm-01-01.png' dest=/tmp/jvm-001.png checksum='md5:9af3f6066ea46ea81c0b3c9d719dbce0'" -i ./hosts_key
Description of relevant options:
mode: specify the permissions of the target file
url: Specifies the file source "supports HTTP, HTTPS and FTP"
dest: Specifies the directory or file to store
Checksum: checksum "supports sha256 and md5"
Timeout: request timeout, 10 seconds by default.
Owner: Specifies the owner of the remote file
Group: Specifies the group of the remote file
mode: specify permissions for remote files
Backup: source file backup
Service, systemd service management module
If you are in CentOS 6 or below, service is preferred.
If you are in CentOS 7 or above, system D is preferred.
Considering the CentOS 7 we use here, we use systemd. For service, please check the document by yourself.
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc service 3 [yun@ansi-manager ansible_info]$ ansible-doc systemd 4 # Because we are using ordinary users of yun 5 # So sometimes you need to use -b Choose to withdraw right 6 ## Start the httpd service, and join the startup 7 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m systemd -a "name=httpd state=started enabled=yes" -i ./hosts_key 8 ## restart httpd Service and reload /usr/lib/systemd/system/httpd.service Service profile, and add boot 9 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m systemd -a "name=httpd state=restarted daemon_reload=yes enabled=yes" -i ./hosts_key 10 ## Stop the httpd service and do not participate in the startup 11 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m systemd -a "name=httpd state=stopped enabled=no" -i ./hosts_key
Description of relevant options:
Name: service name
State: service state
started: start service
stopped: stop service
reloaded: reloading services
restarted: restart the service
enabled: whether to join the boot self starting "yes to join, no to join, default to null"
Day_reload: when we modify the service management profile, whether to reload its configuration or not 「 yes reload the service profile, no do not load, default value 」
Group group module
Create or delete user groups
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc group 3 # Because we are using ordinary users of yun 4 # So sometimes you need to use -b Choose to withdraw right 5 ## Create a test group and specify the group ID 6 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m group -a " name=test gid=9001" -i ./hosts_key 7 ## Create a testsystem group and specify it as a system group 8 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m group -a "name=testsystem system=true" -i ./hosts_key 9 ## Delete testsystem group 10 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m group -a "name=testsystem state=absent" -i ./hosts_key
Description of relevant options:
gid: specify group ID, default null
Name: specify group name
State: group state
present: create group, default
absent: delete group
System: system group or not
true: System Group
false: not a system group
user module
Create or delete users
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc user 3 # Because we are using ordinary users of yun 4 # Therefore, it is sometimes necessary to use the - b option to claim rights
1. Create user, specify UID, specify additional group, do not create home directory, do not log in
[yun@ansi-manager ansible_info]$ ansible proxyservers -b -m user -a "name=zhangtest uid=1005 groups=zhang,yun create_home=no shell=/sbin/nologin" -i ./hosts_key
Controlled machine viewing information
1 [yun@ansi-haproxy02 ~]$ id zhangtest 2 uid=1005(zhangtest) gid=1005(zhangtest) groups=1005(zhangtest),1000(zhang),1050(yun) 3 [yun@ansi-haproxy02 ~]$ tail -n1 /etc/passwd 4 zhangtest:x:1005:1005::/home/zhangtest:/sbin/nologin # /home/zhangtest the directory does not exist
2. Delete the user without deleting the user's home directory
[yun@ansi-manager ansible_info]$ ansible proxyservers -b -m user -a "name=zhangtest state=absent" -i ./hosts_key
3. Create a password or SSH key for the user
[yun@ansi-manager ansible_info]$ ansible proxyservers -b -m user -a "name=zhangtest2 generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa" -i ./hosts_key
4. Create password for user
1 # Get password string 2 [yun@ansi-manager ansible_info]$ ansible localhost -m debug -a "msg={{ '123456' | password_hash('sha512', 'salt') }}" 3 localhost | SUCCESS => { 4 "msg": "$6$salt$MktMKPZJ6t59GfxcJU20DwcwQzfMvOlHFVZiOVD71w.igcOo1R7vBYR65JquIQ/7siC7VRpmteKvZmfSkNc69." 5 } 6 ## Be careful -a '' It's single quotes, not double quotes. If double quotes are used, special characters are parsed 7 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m user -a 'name=zhangtest2 password=$6$salt$MktMKPZJ6t59GfxcJU20DwcwQzfMvOlHFVZiOVD71w.igcOo1R7vBYR65JquIQ/7siC7VRpmteKvZmfSkNc69.' -i ./hosts_key
Description of relevant options:
Name: user name
State: user state
present: default, create user
absent: delete user
Password: user password, default: null
Shell: set the user's shell
UID: specify user UID
Group: set user main group, default: null
groups: set user additional group, default: null
System: If yes, create system user, default: false
Home: set user home directory
Create home: whether to create a home directory, default: true, if not: no
comment: user description, default: null
expires: expiration date of user account, default: null
Update "password: update password
always: update if passwords are different, default
On create: only used when creating a new user
remove: only valid when state=absent. Function: delete user's home directory
generate_ssh_key: generate SSH key pair or not, default: false
ssh_key_bits: set SSH key byte length. Default: set SSH keygen
ssh_key_comment: set the description of SSH key. The default is: $HOSTNAME
ssh_key_file: Specifies the file name of SSH key, default: null [that is,. ssh/id_rsa]
ssh_key_passphrase: Specifies the SSH key password. If not provided, there is no password. Default: null
ssh_key_type: set SSH key type, default: rsa
cron timing task module
Create, comment, or delete scheduled tasks
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc cron 3 # Because we are using ordinary users of yun 4 # Therefore, it is sometimes necessary to use the - b option to claim rights
1 ## Create a scheduled task. name is the description of the scheduled task 2 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m cron -a 'name="crond test" minute=0 hour="2,5" job="ls /tmp >/dev/null 2>&1"' -i ./hosts_key 3 ## Note specifies the scheduled task, where name, time parameter, and job are required. 4 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m cron -a 'name="crond test" minute=0 hour="2,5" job="ls /tmp >/dev/null 2>&1" disabled=true' -i ./hosts_key 5 ## Delete scheduled task 6 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m cron -a 'name="crond test" state=absent' -i ./hosts_key
Description of relevant options:
name: timing task description
State: state
present: add, default
absent: delete
User: specifies which user's scheduled task will be modified. The default is root, and the default is null
Minute: which minute to execute (0-59, *, */2, etc.). Default:*
Hour: which hour to execute (0-23, *, */2, etc.). Default*
Day: the day of each month (1-31, *, * / 2, etc.). Default:*
Month: which month to execute (1-12, *, */2, etc.). Default:*
weekday: the day of the week (0-6 is Sunday Saturday, *, etc). Default:*
disabled: whether to comment the specified timing task, default: false
job: specific information of scheduled tasks
Mount file system mount module
Mount and cancel the file system.
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc mount 3 # Because we are using ordinary users of yun 4 # Therefore, it is sometimes necessary to use the - b option to claim rights
Case example:
As the server of NFS, ansi-haproxy01 and ansi-haproxy02 are the clients of NFS.
1. Install necessary packages for NFS on all machines
[yun@ansi-manager ansible_info]$ ansible manageservers,proxyservers -b -m yum -a "name=nfs-utils,rpcbind state=present" -i ./hosts_key
2. NFS server configuration and startup
1 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m copy -a 'content="/data 172.16.1.0/24(rw,sync,root_squash,all_squash)\n" dest=/etc/exports' -i ./hosts_key 2 # Establish /data Contents, main and group nfsnobody 3 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m file -a "path=/data owner=nfsnobody group=nfsnobody state=directory" -i ./hosts_key 4 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m systemd -a "name=rpcbind state=started enabled=yes" -i ./hosts_key 5 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m systemd -a "name=nfs state=started enabled=yes" -i ./hosts_key 6 ## View Export list information 7 [yun@ansi-manager ansible_info]$ ansible manageservers -b -m shell -a "showmount -e" -i ./hosts_key
3. NFS client operations
1 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m systemd -a "name=rpcbind state=started enabled=yes" -i ./hosts_key 2 ## Check shared information 3 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m shell -a "showmount -e 172.16.1.180" -i ./hosts_key
4. NFS client mount
1 ## Do not mount device, only in /etc/fstab Write mount configuration information in 2 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m mount -a "src=172.16.1.180:/data path=/mnt fstype=nfs state=present backup=yes" -i ./hosts_key 3 ## Mount the device and /etc/fstab Write mount configuration information in 4 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m mount -a "src=172.16.1.180:/data path=/mnt fstype=nfs state=mounted" -i ./hosts_key 5 ## Do not uninstall the device, only in /etc/fstab Delete mount configuration information in 6 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m mount -a "src=172.16.1.180:/data path=/mnt fstype=nfs state=unmounted" -i ./hosts_key 7 ## Uninstall the device and /etc/fstab Delete mount configuration information in 8 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m mount -a "src=172.16.1.180:/data path=/mnt fstype=nfs state=absent" -i ./hosts_key
Description of relevant options:
src: device / disk to hang
path: mount point
opts: Mount parameter options, such as: ro,noauto; default: null
fstype: file system type
State: state
present: do not mount the device, only write the mount configuration information in / etc/fstab
mounted: mount the device and write the mount configuration information in / etc/fstab
unmounted: do not unmount the device, only delete the mount configuration information in / etc/fstab
absent: uninstall the device and delete the mount configuration information in / etc/fstab
Backup: backup of previous files
Debug debug module and register variable
This will be written using playbook. For a detailed explanation of playbook, see the following article.
The playbook, variables, and Jinja are covered in detail in a later article.
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc debug 3 # Because we are using ordinary users of yun 4 # So sometimes you need to use -b Choose to withdraw right 5 # Ad-Hoc mode 6 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m debug -i ./hosts_key 7 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m debug -a 'msg="print customized message"' -i ./hosts_key 8 ################################################## 9 # Playbooks mode 10 [yun@ansi-manager ansible_info]$ pwd 11 /app/ansible_info 12 [yun@ansi-manager ansible_info]$ ll 13 total 24 14 -rw-rw-r-- 1 yun yun 483 Aug 18 09:12 hosts_key 15 -rw-rw-r-- 1 yun yun 245 Aug 18 21:55 test_debug_register.yml 16 [yun@ansi-manager ansible_info]$ cat test_debug_register.yml 17 --- 18 # How to use debug module and register variable 19 - hosts: proxyservers 20 21 tasks: 22 - name: "get host port info" 23 shell: netstat -lntp 24 register: host_port 25 26 - name: "print host port" 27 debug: 28 #msg: "{{ host_port }}" # Output all information 29 #msg: "{{ host_port.cmd }}" # Reference method 1 30 msg: "{{ host_port['stdout_lines'] }}" # Reference mode 2 31 32 [yun@ansi-manager ansible_info]$ ansible-playbook -b -i ./hosts_key test_debug_register.yml
In the first task, register is used to register the variable named host_port; when the shell module finishes executing, the data will be put into the variable.
In the second task, the debug module is used and the data is obtained from the host port.
assert assertion module [learn]
Assert on custom message.
The playbook, variables, and Jinja are covered in detail in a later article.
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc assert 3 # Because we are using ordinary users of yun 4 # So sometimes you need to use -b Choose to withdraw right 5 # Ad-Hoc mode 6 [yun@ansi-manager ansible_info]$ ansible proxyservers -m assert -a "that='2 == 3' success_msg=ok fail_msg=fail" -i ./hosts_key # assertion failure 7 [yun@ansi-manager ansible_info]$ ansible proxyservers -m assert -a "that='2 <= 3' success_msg=ok fail_msg=fail" -i ./hosts_key # Assertion success 8 [yun@ansi-manager ansible_info]$ ansible proxyservers -m assert -a "that='2 < 3' success_msg=ok fail_msg=fail" -i ./hosts_key # Assertion success 9 [yun@ansi-manager ansible_info]$ ansible proxyservers -m assert -a "that='2 < 3 and 4 == 4' success_msg=ok fail_msg=fail quiet=yes" -i ./hosts_key # Assertion success 10 [yun@ansi-manager ansible_info]$ ansible proxyservers -m assert -a "that='2 < 3 and 4 > 4' success_msg=ok fail_msg=fail quiet=yes" -i ./hosts_key # assertion failure 11 [yun@ansi-manager ansible_info]$ ansible proxyservers -m assert -a "that='3 < 3 or 4 == 4' success_msg=ok fail_msg=fail quiet=yes" -i ./hosts_key # Assertion success 12 ################################################## 13 # Playbooks mode 14 [yun@ansi-manager ansible_info]$ pwd 15 /app/ansible_info 16 [yun@ansi-manager ansible_info]$ ll 17 total 12 18 -rw-rw-r-- 1 yun yun 226 Oct 8 16:07 hosts_key 19 -rw-rw-r-- 1 yun yun 902 Oct 11 10:57 test_assert.yml 20 [yun@ansi-manager ansible_info]$ cat test_assert.yml # playbook information 21 --- 22 # assert example 23 - hosts: proxyservers 24 # Use the following variables to test 25 vars: 26 #- my_param: 20 27 #- my_param: -2 28 - my_param: 200 29 30 tasks: 31 - name: "assert example 1" 32 assert: 33 # Ansible? OS? Family is the variable information in facts 34 that: 35 - ansible_os_family == "RedHat" 36 success_msg: "success info" 37 fail_msg: "fail info" 38 39 - name: "assert example 2" 40 assert: 41 # that The following list is && relationship 42 that: 43 - my_param >= 0 44 - my_param <= 100 45 fail_msg: "'my_param' must be between 0 and 100" 46 success_msg: "success info" 47 # Whether to ignore the error of the task 48 ignore_errors: True 49 50 - name: "assert example 3" 51 assert: 52 that: 53 - my_param <= 10 or my_param >= 100 54 fail_msg: "'my_param' must be <= 10 or >= 100" 55 success_msg: "success info" 56 57 [yun@ansi-manager ansible_info]$ ansible-playbook -b -i ./hosts_key test_assert.yml # implement
Description of relevant options:
that: list string expression
Success? MSG: the information output when the assertion is successful
fail_msg: alias MSG, information output when assertion fails
quiet: default False, set to yes to avoid verbose output
selinux security module
Configure SELinux.
1 # See yum Module method「Priority view EXAMPLES Use case of information, know how to use it」 2 [yun@ansi-manager ansible_info]$ ansible-doc selinux 3 # Because we are using ordinary users of yun 4 # So sometimes you need to use -b Choose to withdraw right 5 ## Turn off selinux 6 [yun@ansi-manager ansible_info]$ ansible proxyservers -b -m selinux -a "state=disabled" -i ./hosts_key
Description of relevant options:
State: state
disabled: not available
Enforcing: enforcing
Permission: will remind
-—END-—
If you think it's good, pay attention to it!
