Ansible功能介绍

主设备：192.168.25.31
python 2.7.4
python-paramiko-1.7.5-2.1.el6.noarch
python-jinja2-2.2.1-1.el6.x86_64
PyYAML

路径：/sxjteam/ansible/ansible-1.1
          /etc/ansible

rpm -Uvh ansible-1.1-1.el6.noarch.rpm

安装方法2:
sudo easy_install pip
sudo pip install ansible

免密匙登录
$ssh-keygen -t rsa  回车
$ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.25.26  //为root用户

为某与用户生成免密钥登录
ssh-copy-id -i ~/.ssh/id_rsa.pub luominserver@192.168.25.26 //为普通用户

/****************************************************************************** 
从设备：192.168.25.26 
python 2.6.6
ansible 环境

/***********************************************************************************
功能0：询问所有连接
ansible all -m ping

功能1：检查从机连通情况
ansible slave -i /etc/ansible/hosts -m ping

功能2：检查本机连通情况
ansible localhost -i /etc/ansible/hosts -m ping

功能3：以普通用户询问所有节点
ansible all -m ping -u luomin

功能4：引用sudo询问所有节点
sudo ansible all -m ping -u luomin     //luomin指的是从机的用户名
ansible all -m ping -u bruce --sudo --sudo-user batman

比如：
(venv)[root@sxjteam bin]# ansible all -m ping -u luominmini
127.0.0.1 | FAILED => FAILED: Authentication failed.
192.168.25.12 | FAILED => FAILED: Authentication failed.
192.168.25.13 | FAILED => FAILED: Authentication failed.
192.168.25.11 | success >> {
    "changed": false, 
    "ping": "pong"
}

功能5：引用模块批量执行
ansible all -a "/bin/echo hello"
ansible all -a "/bin/mkdir hellodb"

功能6：查看功能copy模块帮助
ansible-doc copy

功能7：将服务器端的start.sh 传送到从机的/目录下
(venv)[root@sxjteam /]# ansible all -m copy -a "src=/start.sh dest=/"
127.0.0.1 | FAILED => FAILED: Authentication failed.
192.168.25.26 | success >> {
    "changed": true, 
    "dest": "/start.sh", 
    "group": "root", 
    "md5sum": "2099b00a10b5c4088d77954dc06308a2", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:etc_runtime_t:s0", 
    "size": 135, 
    "src": "/root/.ansible/tmp/ansible-1369318138.89-203647529912388/source", 
    "state": "file"
}

功能8：将从机根目录下的start.sh 权限改为777
(venv)[root@sxjteam /]# ansible slave -m file -a "dest=/start.sh mode=777 owner=root group=root" -s
192.168.25.26 | success >> {
    "changed": true, 
    "group": "root", 
    "mode": "0777", 
    "owner": "root", 
    "path": "/start.sh", 
    "secontext": "system_u:object_r:etc_runtime_t:s0", 
    "size": 135, 
    "state": "file" 
}

功能9：在主机上远程执行从机的start.sh脚本
(venv)[root@sxjteam /]# ansible slave -m script -a "/start.sh"
192.168.25.26 | success >> {
    "rc": 0, 
    "stderr": "", 
    "stdout": "close system firwall\nclose system selinux\n"
}

或：
ansible webservers -m command -a "/sbin/reboot -t now"

功能10：在主机上操作从机上的shell指令
(venv)[root@sxjteam /]# ansible slave -m shell -a "touch /tmp/test.sh"   
192.168.25.26 | success | rc=0 >>

功能11：在从机上创建webgame组
(venv)[root@sxjteam /]# ansible all -m group -a "name=webgame state=present" -s
127.0.0.1 | FAILED => FAILED: Authentication failed.
192.168.25.26 | success >> {
    "changed": true, 
    "gid": 501, 
    "name": "webgame", 
    "state": "present", 
    "system": false
}

功能12：在从机上创建用户，并加入相关组以及创建用户文件路径
(venv)[root@sxjteam /]# ansible all -m user -a "name=luomin group=webgame home=/root/luomin state=present" -s
127.0.0.1 | FAILED => FAILED: Authentication failed.
192.168.25.26 | success >> {
    "changed": true, 
    "comment": "", 
    "createhome": true, 
    "group": 501, 
    "home": "/root/luomin", 
    "name": "luomin", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 500
}

功能13：yum远程安装linuxqq
(venv)[root@sxjteam /]# ansible slave -m yum -a "name=linuxqq state=latest" -s
192.168.25.26 | FAILED >> {
    "changed": false, 
    "failed": true, 
    "msg": "No Package matching 'linuxqq' found available, installed or updated", 
    "rc": 0, 
    "results": []
}

或：
[luomin@sxjteam /]$ sudo ansible slave -m yum -a "name=httpd state=latest" -s

192.168.25.11 | success >> {
    "changed": false, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "All packages providing httpd are up to date"
    ]
}

192.168.25.12 | success >> {
    "changed": true, 
    "msg": "Warning: RPMDB altered outside of yum.\n", 
    "rc": 0, 
    "results": [
        "\n================================================================================\n Package           Arch       Version                       Repository     Size\n================================================================================\nInstalling:\n httpd             i686       2.2.15-28.el6.centos          updates       828 k\nInstalling for dependencies:\n httpd-tools       i686       2.2.15-28.el6.centos          updates        73 k\n\nTransaction Summary\n================================================================================\nInstall       2 Package(s)\n\nTotal download size: 901 k\nInstalled size: 2.9 M\n\nInstalled:\n  httpd.i686 0:2.2.15-28.el6.centos                                             \n\nDependency Installed:\n  httpd-tools.i686 0:2.2.15-28.el6.centos                                       \n\n"
    ]
}
.......

功能14：远程开启从机的httpd服务
(venv)[root@sxjteam /]# ansible slave -m service -a "name=httpd state=running" -s
192.168.25.26 | success >> {
    "changed": true, 
    "name": "httpd", 
    "state": "started"
}

功能15：并行5个线程来重启从机
ansible slave -a "/usr/bin/reboot" -f 5

功能16：文件的复制
(venv)[root@sxjteam /]# ansible slave -m copy -a "src=/YUM dest=/"
192.168.25.26 | success >> {
    "changed": true, 
    "dest": "/YUM", 
    "group": "root", 
    "md5sum": "d41d8cd98f00b204e9800998ecf8427e", 
    "mode": "0644", 
    "owner": "root", 
    "secontext": "system_u:object_r:etc_runtime_t:s0", 
    "size": 0, 
    "src": "/root/.ansible/tmp/ansible-1369328312.29-168067270856148/source", 
    "state": "file"
}

功能17：创建目录
(venv)[root@sxjteam /]# ansible slave -m file -a "dest=/newdir mode=600 owner=root group=root state=directory"
192.168.25.26 | success >> {
    "changed": true, 
    "group": "root", 
    "mode": "0600", 
    "owner": "root", 
    "path": "/newdir", 
    "secontext": "unconfined_u:object_r:default_t:s0", 
    "size": 4096, 
    "state": "directory"
}

功能18：删除从机下的newdir目录
(venv)[root@sxjteam /]# ansible slave -m file -a "dest=/newdir state=absent"
192.168.25.26 | success >> {
    "changed": true, 
    "path": "/newdir", 
    "state": "absent"
}

功能19：创建用户ans，密码123456
(venv)[root@sxjteam /]# ansible slave -m user -a "name=ans password=123456"
192.168.25.26 | success >> {
    "changed": true, 
    "comment": "", 
    "createhome": true, 
    "group": 502, 
    "home": "/home/ans", 
    "name": "ans", 
    "password": "NOT_LOGGING_PASSWORD", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 501
}

功能20：服务状态查看
A:查看是否已经开启
ansible slave -m service -a "name=httpd state=started"

比如：
[luomin@sxjteam /]$ sudo ansible slave -m service -a "name=httpd state=started"

192.168.25.11 | success >> {
    "changed": false, 
    "name": "httpd", 
    "state": "started"
}//表示已经开启

192.168.25.11 | success >> {
    "changed": true, 
    "name": "httpd", 
    "state": "started"
}//表示未开启

 

B:查看是否已经关闭
ansible slave -m service -a "name=httpd state=stopped"

192.168.25.11 | success >> {
    "changed": false, 
    "name": "httpd", 
    "state": "stopped"
}//已经关闭

192.168.25.11 | success >> {
    "changed": true, 
    "name": "httpd", 
    "state": "stopped"
}//已经开启

 

C:远程重启服务
ansible slave -m service -a "name=httpd state=restarted"

功能21：在同一组（webgame）的所有从机用10个线程来进行重启
ansible webgame -a "/sbin/reboot" -f 10

功能22：以luomin账户执行
ansible webgame -a "/usr/bin/ls" -u luomin

功能23：以luomin账户sudo运行
ansible webgame -a "/usr/bin/foo" -u luomin --sudo [--ask-sudo-pass]

功能24：查看脚本帮助
ansible-playbook --help