15.Ansible模块
所有支持的模块列表参考:
https://docs.ansible.com/ansible/latest/modules/list_of_all_modules.html
1.user_module
https://docs.ansible.com/ansible/2.5/modules/user_module.html
system指定用户是否是系统用户,系统用户和普通用户的区别,参考https://serversforhackers.com/c/create-user-in-ansible
System vs Regular Users By convention, users can be "system" users or "normal" users. System users often have a user id (UID) below 1000 and cannot be used to login. They are usually used to run programs. For example, users www-data or apache are often used to run web servers. Conversely, "regular" users typically have UID's at 1000 or higher and are allowed to log into the server. If you're curious about how UID's are assigned, you can see the file /etc/login.defs to find variables like UID_MIN and UID_MAX set for system vs regular users:
2.synchronize-module
https://docs.ansible.com/ansible/latest/modules/synchronize_module.html#synchronize-module
3.blockinfile-module
https://docs.ansible.com/ansible/latest/modules/blockinfile_module.html#blockinfile-module
block: | 这个竖线是yaml的语法语义,代表的意思是:所有的换行符会被保留,参考 YAML格式官网示例 - : # [ ] { } --- ... & * ? > | " " ' ' !! ! 或者 YAML语言教程
4.lineinfile-module
https://docs.ansible.com/ansible/latest/modules/lineinfile_module.html#lineinfile-module
5.stat-module
https://docs.ansible.com/ansible/latest/modules/stat_module.html#stat-module
可以将返回的结果 register:st 然后在从st中根据返回的数据结构进行属性判断。
6.command
https://docs.ansible.com/ansible/latest/modules/command_module.html#command-module
可以将command的执行结果register到一个变量,然后根据变量的返回值(变量.rc ===等价于shell执行的echo $?)来确定命令是否执行成功
为什么可以使用 变量.rc 参考 https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#rc
补充参考grep的返回值 9-Linux grep return code
7.template-module
https://docs.ansible.com/ansible/latest/modules/template_module.html#template-module
8.debug-module
https://docs.ansible.com/ansible/latest/modules/debug_module.html#debug-module
示例1
--- - hosts: "{{ hostGroup }}" tasks: - name: check wildcat process shell: ps -ef | grep '/usr/local/aaa/aaa' | grep -v grep | wc -l register: ps_result failed_when: False changed_when: False - debug: var: ps_result - name: wildcat process not exists shell: echo 111 >> /tmp/111.log when: ps_result.stdout == "0"
执行ansible-playbook -i ../inventory -e hostGroup=test -e roleName=opsTest -u wuxiaoyu -b --ssh-extra-args="-o 'IdentityFile="/Users/wuxiaoyu/.ssh/id_rsa"'" install-hids.yml
返回(只显示debug部分)
.....
ok: [10.92.128.231] => { "ps_result": { "changed": false, "cmd": "ps -ef | grep '/usr/local/aaa/aaa' | grep -v grep | wc -l", "delta": "0:00:00.066833", "end": "2020-07-06 15:08:47.842094", "failed": false, "failed_when_result": false, "rc": 0, ## 这个是整数 "start": "2020-07-06 15:08:47.775261", "stderr": "", "stderr_lines": [], "stdout": "0", ## 这个是字符串 "stdout_lines": [ "0" ] } }
.....
示例2
--- - hosts: "{{ hostGroup }}" tasks: - name: check wildcat process shell: ps -ef | grep '/usr/local/wildcat/wildcat' | grep -v grep | wc -l register: ps_result failed_when: False changed_when: False - debug: msg: "{{ ansible_default_ipv4 }}" - name: wildcat process not exists shell: echo 111 >> /tmp/111.log when: ps_result.stdout == "0
返回
TASK [debug] **************************************************************************************************************************************************************************** ok: [10.92.128.231] => { "msg": { "address": "10.92.128.231", "alias": "eth0", "broadcast": "10.92.128.255", "gateway": "10.92.128.253", "interface": "eth0", "macaddress": "00:16:3e:32:a6:8d", "mtu": 1500, "netmask": "255.255.255.0", "network": "10.92.128.0", "type": "ether" } }
示例3,显示多个变量
vars: os_type: "{{ ansible_distribution }}" os_major_version: "{{ ansible_distribution_major_version }}" tasks: - debug: var: os_type,os_major_version
输出
TASK [debug] **************************************************************************************************************************************************************************** ok: [10.92.128.231] => { "os_type,os_major_version": "('CentOS', '7')" }
9.
10.