Special exercises of ansible module

file module

  • The keywords of this module include path, path of the controlled host, state status, touch to create file, directory to create directory, recursion, owner's master, group, and mode permission.

1. Create a file and set the owner, group and permission

[root@localhost opt]# ansible dbserver -m file -a "path=/var/www/html/xjm.html state=touch owner=root group=root mode=644" -i hosts

2. Create a directory and set the owner, group and permission

[root@localhost opt]# ansible dbserver -m file -a "path=/var/www/html/dd state=directory owner=root group=root mode=755" -i hosts

3. Recursive authorization directory

[root@localhost opt]# ansible dbserver -m file -a "path=/var/www/html/ owner=apache group=apache recurse=yes" -i hosts

Change the primary and group of all directories and files in / var/www/html directory to apache

yum module

  • The main parameters of this module are: Name: the name of the software package to be installed. Multiple software packages are separated by English commas. state supports the following parameters for the currently specified software installation and removal operations:
    present: confirm that it has been installed, but do not upgrade
    inistalled: confirm that it is installed
    Latest: ensure that the is installed and upgraded to the latest version
    absent and removed: confirm removal
    Exclude: exclude

1. Install the latest apache Software and update it if it exists

[root@localhost opt]# ansible dbserver -m yum -a "name=httpd state=latest" -i hosts

2. Install the latest apache through the epel warehouse

[root@localhost opt]# ansible dbserver -m yum -a "name=httpd state=latest enablerepo=epel" -i hosts

3. Install rpm software through public url

[root@localhost opt]# ansible dbserver -m yum -a "name=http://nginx.org/packages/rhel/7/x86_64/RPMS/nginx-1.10.0-1.el7.ngx.x86_64.rpm state=latest" -i hosts

4. Update all software packages, but exclude kernel related software packages

[root@localhost opt]# ansible dbserver -m yum -a "name=* state=latest exclude=kernel*" -i hosts

To exclude multiple, separate them with commas

5. Delete apache Software

[root@localhost opt]# ansbile dbserver -m yum -a "name=httpd state=absent" -i hosts

copy module

  • The parameters of the copy module are:
  • src: Specifies the source address of the copied file
    dest: Specifies the destination address of the copied file
    backup: before copying a file, if the original file changes, back up the target file
    Owner: Specifies the owner of the new copy file
    group: specifies all groups for the new copy file
    mode: Specifies the permissions for the new copy file

1. Set the local httpd The listen port of the conf file is changed to 8080, and then pushed to the remote service

[root@localhost opt]# ansible dbserver -m copy -a "src=/opt/xjm/http.conf dest=/opt/xjm/httpd.conf owner=root group=root mode=644" -i hosts

2. Set the local httpd The listen port of the conf file is modified to 9090. Then push it to the remote end to check whether the remote end has the last backup

[root@localhost opt]# ansible dbserver -m copy -a "src=/opt/xjm/http.conf dest=/opt/xjm/httpd.conf owner=root group=root mode=644 backup=yes" -i hosts

3. Write content to the remote host file

[root@localhost opt]# ansible dbserver -m copy -a "content=xjmgoodgreil.... dest=/var/www/html/xjm.html" -i hosts

get_url module

1. Download Internet software to local

[root@localhost opt]# ansible -m get_url -a "url=http://xxxxxxxx dest=xxxxxxxx" -i hosts

2. Download Internet files and perform md5 verification

First, get the md5 check value of the text

[root@localhost opt]# ll
total 4
drwxr-xr-x 2 root root 68 Dec 28 14:46 xjm
-rw-r--r-- 1 root root 33 Dec 28 15:57 xjm.txt
[root@localhost opt]# md5sum xjm.txt
0bc6d086bb6aac08bdd24e17e34c5d80  xjm.txt

When downloading, add a condition

[root@localhost opt]# ansible dbserver -m get_url -a "url=http://xxxxxx dest=xxxxxx checksum=md5:0bc6d086bb6aac08bdd24e17e34c5d80" -i hosts

service module

Several keywords: started
stopped
restarted
reloaded

1. Start httpd service

[root@localhost opt]# ansible dbserver -m service -a "name=httpd state=started" -i hosts

2. Overload httpd service

[root@localhost opt]# ansible dbserver -m service -a "name=httpd state=reload" -i hosts

3. Restart the httpd service

[root@localhost opt]# ansible dbserver -m service -a "name=httpd state=restarted" -i hosts

4. Stop httpd service

[root@localhost opt]# ansible dbserver -m service -a "name=httpd state=stopped" -i hosts

5. Start the httpd service and add the startup self startup

[root@localhost opt]# ansible dbserver -m service -a "name=httpd state=started enabled=yes" -i hosts

group module

  • The keywords of this group are
  • Name group name
    Whether system is the system group yes, no (no by default)
    state delete or create present and absent
    1. Create the news basic group and specify the uid as 9999
    Management node
[root@localhost opt]# ansible dbserver -m group -a "name=news state=present gid=9999" -i hosts

Managed node

[root@localhost ~]# tail -1 /etc/group
news:x:9999:

2. Create http system group and specify uid as 8888

[root@localhost opt]# ansible dbserver -m group -a "name=http gid=8888 state=present system=yes" -i hosts

3. Delete test basic group

[root@localhost opt]# ansible dbserver -m group -a "name=news state=absent" -i hosts

user module

1 create a joh user, uid is 1040, and the main group is adm

First, check whether there is an admin Group on the controlled end. If not, create it

[root@localhost ~]# grep "adm" /etc/group
adm:x:4:
db_admin:x:1000:tom

On the management node

[root@localhost opt]# ansible dbserver -m user -a "name=joh uid=1040 group=adm" -i hosts

Verify on the controlled node

 [root@localhost ~]# id joh
uid=1040(joh) gid=4(adm) groups=4(adm)

2. Create a joh user. The login shell is / sbin/nologin, and the bin and sys groups are added
First, check whether there are bin and sys groups at the controlled end. If not, create them

[root@localhost ~]# grep "bin" /etc/group
bin:x:1:
[root@localhost ~]# grep "sys" /etc/group
sys:x:3:

Management node:

[root@localhost opt]# ansible dbserver -m user -a "name=joh groups=bin,sys shell=/sbin/nologin" -i hosts

Managed node authentication

[root@localhost ~]# id joh
uid=1040(joh) gid=4(adm) groups=4(adm),1(bin),3(sys)

3. Create an lll user, add 123 as the login password, and log in to the home directory

[root@localhost opt]# pass=$(echo "123" | openssl passwd -1 -stdin) [root@localhost opt]# echo $pass
$1$HXl9zMjT$2lvPxEy3R.siF.dfpsbBb1
[root@localhost opt]# ansible dbserver -m user -a "name=lll password=${pass}" -i hosts

Managed node authentication

[root@localhost ~]# tail -1 /etc/shadow
lll:$1$HXl9zMjT$2lvPxEy3R.siF.dfpsbBb1:18989:0:99999:7:::

Then log in with username lll password: 123

4. Remove the joh user

[root@localhost opt]# ansible dbserver -m user -a "name=joh state=absent" -i hosts

5. Create an http user and create a 2048 byte secret key for the user, which is stored in / http / ssh/id_ rsa
Create a secret key on the control side

[root@localhost opt]# ansible dbserver -m user -a "name=httpd generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa" -i hosts

Query at controlled node

[root@localhost httpd]# ll /home/httpd/.ssh
total 8
-rw------- 1 httpd httpd 1675 Dec 28 21:45 id_rsa
-rw-r--r-- 1 httpd httpd  424 Dec 28 21:45 id_rsa.pub

cron module

1. Add a scheduled task and execute LS * * ls > / dev / null every minute

[root@localhost opt]# ansible dbserver -m cron -a "name=job1 job='ls >/dev/null'" -i hosts

Managed node authentication

[root@localhost httpd]# crontab -l
#Ansible: create new job
0 * * * * ls -alh > /dev/null
#Ansible: job1
* * * * * ls >/dev/null

2. Add a scheduled task and execute LS > / dev / null every day from 2 a.m. to 5 a.m

[root@localhost opt]# ansible dbserver -m cron -a "name=job2 minute=0 hour=5,2 job='ls >/dev/null'" -i hosts

Verify on managed node

[root@localhost httpd]# crontab -l
#Ansible: create new job
0 * * * * ls -alh > /dev/null
#Ansible: job1
* * * * * ls >/dev/null
#Ansible: job2
0 5,2 * * * ls >/dev/null

3. Close the scheduled task to invalidate the scheduled task

[root@localhost opt]# ansible dbserver -m cron -a "name=job2 minute=0 hour=5,2 job='ls >/dev/null' disabled=yes" -i hosts

To be verified by the managed node

[root@localhost httpd]# crontab -l
#Ansible: create new job
0 * * * * ls -alh > /dev/null
#Ansible: job2
#0 5,2 * * * ls >/dev/null

Annotated

mount module

src source file path destination file

Permanent: mounted uninstall absent

Temporary: Mount present unmounted

firewalld module

Keywords: Linux Operation & Maintenance CentOS

Added by corruption on Thu, 30 Dec 2021 20:09:13 +0200

Popular Keywords

©2024 Programming VIP