Ansible核心模块(上)
command 模块
在远程主机执行命令,此为默认模块,可忽略-m选项
注意:此命令不支持 $VARNAME < > | ; & 等符号,可以用shell模块实现。
参数
| Parameter | Comments |
|---|---|
| chdir path | Change into this directory before running the command. |
| removes path | A filename or (since 2.0) glob pattern. If a matching file exists, this step will be run. |
| creates path | A filename or glob pattern. If a matching file already exists, this step will not be run.This is checked before [removes] |
| cmd string | The command to run. |
ad-hoc
格式:ansible 主机名 -m command -a "cmd",-m command 默认可以不加。
1 | # 直接运行命令 |
shell 模块
和command相似,用shell执行命令
参数
| Parameter | Comments |
|---|---|
| executable path | Change the shell used to execute the command.This expects an absolute path to the executable. |
| chdir path | Change into this directory before running the command. |
| creates path | A filename, when it already exists, this step will not be run. |
| removes path | A filename, when it does not exist, this step will not be run. |
| cmd string | The command to run followed by optional arguments. |
ad-hoc
格式:ansible 主机名 -m shell -a "cmd"
1 | # 直接运行命令,支持 $VARNAME < > | ; & 等符号 |
script 模块
在远程主机上运行ansible服务器上的shell脚本或python脚本(无需执行权限)
参数
| Parameter | Comments |
|---|---|
| executable string | Name or path of an executable to invoke the script with. |
| chdir string | Change into this directory on the remote node before running the script. |
| creates string | A filename on the remote node, when it already exists, this step will not be run. |
| removes string | A filename on the remote node, when it does not exist, this step will not be run. |
| cmd string | Path to the local script to run followed by optional arguments. |
ad-hoc
格式:ansible 主机名 -m script -a "cmd"
1 | ll /data/test.sh # 查看本机脚本信息,无执行权限 |
hostname模块
管理远程主机的主机名
参数
| Parameter | Comments |
|---|---|
| name string / (required) | Name of the host.If the value is a fully qualified domain name that does not resolve from the given host, this will cause the module to hang for a few seconds while waiting for the name resolution attempt to timeout. |
ad-hoc
格式:ansible 主机名 -m hostname -a "cmd"
1 | # 更改192.168.20.22的主机名为nginx01,/etc/hostname文件内容也被修改 |
copy 模块
从ansible服务器主控端复制文件到远程主机
参数
| Parameter | Comments |
|---|---|
| backup boolean | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Default choice is false |
| src path | Local path to a file to copy to the remote server.This can be absolute or relative. If path is a directory, it is copied recursively. In this case, if path ends with “/”, only inside contents of that directory are copied to destination. Otherwise, if it does not end with “/”, the directory itself with all contents is copied. This behavior is similar to the rsync command line tool. |
| remote_src boolean | Influence whether [src] needs to be transferred or already is present remotely. Default choice is falseIf false, it will search for [src] on the controller node.If true it will search for [src] on the managed (remote) node.[remote_src] supports recursive copying as of version 2.8.[remote_src] only works with mode=preserve as of version 2.6. Autodecryption of files does not work when remote_src=yes. |
| dest path / (required) | Remote absolute path where the file should be copied to. If [src] is a directory, this must be a directory too.If [dest] is not exist and if either [dest] ends with / or [src] is a directory, [dest] is created.If [dest] is a relative path, the starting directory is determined by the remote host.If [src] and [dest] are files, the parent directory of [dest] is not created and the task fails if it does not already exist. |
| mode any | The permissions of the destination file or directory. You must either add a leading zero so that Ansible’s YAML parser knows it is an octal number (like 0644 or 01777) or quote it (like '644' or '1777') so Ansible receives a string and can do its own conversion from string into number. |
| owner string | Name of the user that should own the filesystem object, as would be fed to chown.When left unspecified, it uses the current user unless you are root, in which case it can preserve the previous ownership.Specifying a numeric username will be assumed to be a user ID and not a username. Avoid numeric usernames to avoid this confusion. |
| group string | Name of the group that should own the filesystem object, as would be fed to chown.When left unspecified, it uses the current group of the current user unless you are root, in which case it can preserve the previous ownership. |
| directory_mode any | Set the access permissions of newly created directories to the given mode. Permissions on existing directories do not change.See [mode] for the syntax of accepted values.The target system’s defaults determine permissions when this parameter is not set. |
| content string | When used instead of [src], sets the contents of a file directly to the specified value.Works only when [dest] is a file.Creates the file if it does not exist. For advanced formatting or if [content] contains a variable, use the ansible.builtin.template module. |
| follow boolean | This flag indicates that filesystem links in the destination, if they exist, should be followed. Default choice is false |
| local_follow boolean | This flag indicates that filesystem links in the source tree, if they exist, should be followed. Default choice is true |
| force boolean | Influence whether the remote file must always be replaced. Default choice is trueIf true, the remote file will be replaced when contents are different than the source.If false, the file will only be transferred if the destination does not exist. |
ad-hoc
格式:ansible 主机名 -m copy -a "cmd"
1 | # 如目标存在,默认覆盖,此处指定先备份,要有owner用户,否则报错, |
template模块
template模块使用了Jinjia2模板语言,可以按需求修改配置文件内容来复制模板到被控主机上。
template模块用法和copy模块用法基本一致,它主要用于复制配置文件,不同的是,template模块需要先建立一个使用*.j2为文件后缀的模板文件。
模版中可以使用如下6个变量以及其他自定义的变量:
ansible_managed- 包含一个字符串,可用于描述模板名称,主机,模板文件的修改时间和所有者的uidtemplate_host- 包含模板机器的节点名称template_uid- 所有者的uidtemplate_path- 模版路径template_fullpath- 模版的绝对路径template_run_date- 模版呈现的时间
参数
| Parameter | Comments |
|---|---|
| backup boolean | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Default choice is false |
| block_start_string string | The string marking the beginning of a block.Default: "{%"` |
| **block_end_string** string | The string marking the end of a block.**Default:** `"%}" |
| variable_start_string string | The string marking the beginning of a print statement.Default: "{{"` |
| **variable_end_string** string | The string marking the end of a print statement.**Default:** `"}}" |
| comment_end_string string | The string marking the end of a comment statement. added in ansible-core 2.12 |
| comment_start_string string | The string marking the beginning of a comment statement. added in ansible-core 2.12 |
| lstrip_blocks boolean | Determine when leading spaces and tabs should be stripped.When set to yes leading spaces and tabs are stripped from the start of a line to a block. Default choice is false |
| trim_blocks boolean | Determine when newlines should be removed from blocks.When set to yes the first newline after a block is removed (block, not variable tag!). Default choice is true |
| newline_sequence string | Specify the newline sequence to use for templating files.Choices:"\n" ← (default) or "\r","\r\n" |
| output_encoding stringadded in Ansible 2.7 | Overrides the encoding used to write the template file defined by [dest]. It defaults to utf-8, but any encoding supported by python can be used.The source template file must always be encoded using utf-8. |
| dest path / (required) | Location to render the template to on the remote machine. |
| src path / required | Path of a Jinja2 formatted template on the Ansible controller.This can be a relative or an absolute path.The file must be encoded with utf-8 but [output_encoding] can be used to control the encoding of the output template. |
| mode any | The permissions of the destination file or directory. You must either add a leading zero so that Ansible’s YAML parser knows it is an octal number (like 0644 or 01777) or quote it (like '644' or '1777') so Ansible receives a string and can do its own conversion from string into number. |
| owner string | Name of the user that should own the filesystem object, as would be fed to chown.When left unspecified, it uses the current user unless you are root, in which case it can preserve the previous ownership.Specifying a numeric username will be assumed to be a user ID and not a username. Avoid numeric usernames to avoid this confusion. |
| group string | Name of the group that should own the filesystem object, as would be fed to chown.When left unspecified, it uses the current group of the current user unless you are root, in which case it can preserve the previous ownership. |
| follow boolean | This flag indicates that filesystem links in the destination, if they exist, should be followed. Default choice is false |
| force boolean | Influence whether the remote file must always be replaced. Default choice is trueIf true, the remote file will be replaced when contents are different than the source.If false, the file will only be transferred if the destination does not exist. |
ad-hoc
格式:ansible 主机名 -m template -a "cmd"
1 | # 与copy模块大致相同 |
fetch 模块
从远程主机提取文件至ansible的主控端,与copy相反。Fetch目前不支持目录。
参数
| Parameter | Comments |
|---|---|
| dest string / (required) | A directory to save the file into.For example, if the [dest] directory is /backup. a [src] file named /etc/profile on host host.example.com, would be saved into /backup/host.example.com/etc/profile. The host name is based on the inventory name. |
| src string / (required) | The file on the remote system to fetch.This must be a file, not a directory.Recursive fetching may be supported in a later release. |
| fail_on_missing boolean | When set to true, the task will fail if the remote file cannot be read for any reason.Prior to Ansible 2.5, setting this would only fail if the source file was missing.The default was changed to true in Ansible 2.5.Default choice is true |
| flat boolean | Allows you to override the default behavior of appending hostname/path/to/file to the destination. If [dest] ends with ‘/’, it will use the basename of the source file, similar to the copy module.This can be useful if working with a single host, or if retrieving files that are uniquely named per host.If using multiple hosts with the same filename, the file will be overwritten for each host. Default choice is false |
ad-hoc
格式:ansible 主机名 -m fetch -a "cmd"
1 | # 提取所有远程主机的文件到当前主控端的/data/os目录下,并按远程主机的ip地址创建各自的目录存放 |
file 模块
文件或目录相关
参数
| Parameter | Comments |
|---|---|
| follow boolean | This flag indicates that filesystem links, if they exist, should be followed.follow=yes and state=link can modify [src] when combined with parameters such as [mode].Previous to Ansible 2.5, this was false by default. Default choice is true |
| force boolean | Force the creation of the symlinks in two cases: the source file does not exist (but will appear later); the destination exists and is a file (so, we need to unlink the [path] file and create symlink to the [src] file in place of it). Default choice is false |
| owner string | Name of the user that should own the filesystem object, as would be fed to chown.When left unspecified, it uses the current user unless you are root, in which case it can preserve the previous ownership.Specifying a numeric username will be assumed to be a user ID and not a username. Avoid numeric usernames to avoid this confusion. |
| group string | Name of the group that should own the filesystem object, as would be fed to chown.When left unspecified, it uses the current group of the current user unless you are root, in which case it can preserve the previous ownership. |
| mode any | The permissions of the destination file or directory. You must either add a leading zero so that Ansible’s YAML parser knows it is an octal number (like 0644 or 01777) or quote it (like '644' or '1777') so Ansible receives a string and can do its own conversion from string into number. |
| src path | Path of the file to link to.This applies only to state=link and state=hard.For state=link, this will also accept a non-existing path.Relative paths are relative to the file being created ( [path]) which is how the Unix command ln -s SRC DEST treats relative paths. |
| path aliases: dest, namepath / required | Path to the file being managed. |
| recurse boolean | Recursively set the specified file attributes on directory contents.This applies only when [state] is set to directory.Default choice is false |
| state string | If absent, directories will be recursively deleted, and files or symlinks will be unlinked. If directory, all intermediate subdirectories will be created if they do not exist. Since Ansible 1.7 they will be created with the supplied permissions.If file, with no other options, returns the current state of path.If file, even with other options (such as [mode]), the file will be modified if it exists but will NOT be created if it does not exist. Set to touch or use the ansible.builtin.copy or ansible.builtin.template module if you want to create the file if it does not exist.If hard, the hard link will be created or changed.If link, the symbolic link will be created or changed.If touch (new in 1.4), an empty file will be created if the file does not exist, while an existing file or directory will receive updated file access and modification times (similar to the way touch works from the command line).Default is the current state of the file if it exists, directory if recurse=yes, or file otherwise.Choices: "absent"``"directory"``"file"``"hard"``"link"``"touch" |
ad-hoc
格式:ansible 主机名 -m file -a "cmd"
1 | # 创建空白文件 |
archive 模块
将远程主机的目标文件或目录打包压缩
参数
| 参数 | 说明 |
|---|---|
| path | 要压缩的文件或目录 |
| dest | 压缩后的文件 |
| format | 指定打包压缩的类型:bz2、gz、tar、xz、zip |
ad-hoc
格式:ansible 主机名 -m unarchive -a "cmd"
1 | # 将目标主机的/etc/sysconfig文件打包压缩,保存为/opt/sys.tar.bz2 |
unarchive 模块
解包解压缩
参数
| Parameter | Comments |
|---|---|
| copy boolean | If true, the file is copied from local controller to the managed (remote) node, otherwise, the plugin will look for src archive on the managed machine. 当copy=yes,拷贝的文件是从ansible主机复制到远程主机上,如果设置为no,会在远程主机上寻找src源文件 This option has been deprecated in favor of [remote_src]. Exclusive with [remote_src].Default choice is true |
| remote_src boolean | Set to true to indicate the archived file is already on the remote system and not local to the Ansible controller.设置为 true 表示存档文件已经在远程系统上,而不是在 Ansible 控制器本地Default choice is false |
| src path / required | If remote_src=no (default), local path to archive file to copy to the target server; can be absolute or relative.If remote_src=yes, path on the target server to existing archive file to unpack.If remote_src=yes and [src] contains ://, the remote machine will download the file from the URL first. (version_added 2.0). |
| dest path / (required) | Remote absolute path where the archive should be unpacked. The given path must exist. Base directory is not created by this module. |
| creates path | If the specified absolute path (file or directory) already exists, this step will not be run. The specified absolute path (file or directory) must be below the base path given with [dest]. |
| exclude list / elements=string | List the directory and file entries that you would like to exclude from the unarchive action. Mutually exclusive with [include].Default: [] |
| include list / elements=stringadded in ansible-core 2.11 | List of directory and file entries that you would like to extract from the archive. If [include] is not empty, only files listed here will be extracted. Default: [] |
| owner string | Name of the user that should own the filesystem object, as would be fed to chown.When left unspecified, it uses the current user unless you are root, in which case it can preserve the previous ownership.Specifying a numeric username will be assumed to be a user ID and not a username. Avoid numeric usernames to avoid this confusion. |
| group string | Name of the group that should own the filesystem object, as would be fed to chown.When left unspecified, it uses the current group of the current user unless you are root, in which case it can preserve the previous ownership. |
| mode any | The permissions of the destination file or directory. You must either add a leading zero so that Ansible’s YAML parser knows it is an octal number (like 0644 or 01777) or quote it (like '644' or '1777') so Ansible receives a string and can do its own conversion from string into number. |
ad-hoc
格式:ansible 主机名 -m unarchive -a "cmd"
1 | # 默认copy=yes,将管理端的压缩包复制到远程主机上后,解压到指定目录,并设置属主和属组。 |