day 42 ansible进阶(1)

一、ansible模块补充
例题：每5分钟同步系统时间

[root@m01 ~]# crontab -e
#sync time
 */5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >>/dev/null 2>&1

定时任务中识别PATH环境变量默认 /usr/bin和/bin 故应该用命令的绝对路径

1.cron 定时任务模块

minute= 分钟
hour= 小时
day= 天
month= 几月
weekday= 周几

1）添加一条定时任务

[root@m01 ~]# ansible web -m cron -a 'name="sync time" minute="*/5" hour=* day=* month=* weekday=* job="/usr/sbin/ntpdate ntp1.aliyun.com >>/dev/null 2>&1"'
172.16.1.7 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "sync time"
    ]
}
172.16.1.8 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "sync time"
    ]
}
[root@m01 ~]# ansible web -a 'crontab -l'
172.16.1.7 | CHANGED | rc=0 >>
#Ansible: sync time
*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >>/dev/null 2>&1

172.16.1.8 | CHANGED | rc=0 >>
#Ansible: sync time
*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >>/dev/null 2>&1

2）删除一条定时任务

[root@m01 ~]# ansible 172.16.1.7 -m cron -a 'name="sync time" minute="*/5" hour=0 day=0 month=0 weekday=0 job="/usr/sbin/ntpdate ntp1.aliyun.com >>/dev/null 2>&1" state=absent'
172.16.1.7 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": []
}

[root@m01 ~]# ansible web -a 'crontab -l'
172.16.1.7 | CHANGED | rc=0 >>

172.16.1.8 | CHANGED | rc=0 >>
#Ansible: sync time
*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >>/dev/null 2>&1

3）注释掉定时任务

[root@m01 ~]# ansible 172.16.1.8 -m cron -a 'name="sync time" minute="*/5" hour=0  job="/usr/sbin/ntpdate ntp1.aliyun.com >>/dev/null 2>&1" disabled=yes'
172.16.1.8 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "envs": [], 
    "jobs": [
        "sync time"
    ]
}
[root@m01 ~]# ansible 172.16.1.8 -a 'crontab -l'
172.16.1.8 | CHANGED | rc=0 >>
#Ansible: sync time
#*/5 0 * * * /usr/sbin/ntpdate ntp1.aliyun.com >>/dev/null 2>&1

2.mount 挂载模块

mount 挂载
src 设备名称
path 挂载点
fstype 文件系统类型
opts 挂载参数
state 状态

present 开机挂载，仅将挂在配置写入/etc/fstab
mounted 挂载设备，并将配置写入/etc/fstab
unmounted 卸载设备，不会清除/etc/fstab写入的配置
absent 卸载设备，会清除/etc/fstab 写入的配置

1）present 开机挂载，仅将挂在配置写入/etc/fstab

[root@m01 ~]# ansible web -m mount -a 'src=172.16.1.31:/upload path=/nfs fstype=nfs opts=defaults state=present'
172.16.1.8 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dump": "0", 
    "fstab": "/etc/fstab", 
    "fstype": "nfs", 
    "name": "/nfs", 
    "opts": "defaults", 
    "passno": "0", 
    "src": "172.16.1.31:/upload"
}
172.16.1.7 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dump": "0", 
    "fstab": "/etc/fstab", 
    "fstype": "nfs", 
    "name": "/nfs", 
    "opts": "defaults", 
    "passno": "0", 
    "src": "172.16.1.31:/upload"
}
[root@m01 ~]# ansible web -a 'df -h'
172.16.1.7 | CHANGED | rc=0 >>
Filesystem        Size  Used Avail Use% Mounted on
/dev/sda3          20G  1.8G   18G  10% /
devtmpfs          476M     0  476M   0% /dev
tmpfs             487M     0  487M   0% /dev/shm
tmpfs             487M  7.7M  479M   2% /run
tmpfs             487M     0  487M   0% /sys/fs/cgroup
/dev/sda1         197M  105M   93M  54% /boot
tmpfs              98M     0   98M   0% /run/user/0
172.16.1.31:/nfs   20G  1.8G   18G  10% /backup

172.16.1.8 | CHANGED | rc=0 >>
Filesystem      Size  Used Avail Use% Mounted on
/dev/sda3        20G  1.8G   18G  10% /
devtmpfs        476M     0  476M   0% /dev
tmpfs           487M     0  487M   0% /dev/shm
tmpfs           487M  7.7M  479M   2% /run
tmpfs           487M     0  487M   0% /sys/fs/cgroup
/dev/sda1       197M  105M   93M  54% /boot
tmpfs            98M     0   98M   0% /run/user/0

[root@m01 ~]# ansible web -a 'grep /upload /etc/fstab'
172.16.1.7 | CHANGED | rc=0 >>
172.16.1.31:/upload /nfs nfs defaults 0 0

172.16.1.8 | CHANGED | rc=0 >>
172.16.1.31:/upload /nfs nfs defaults 0 0

2）mounted 挂载设备，并将配置写入/etc/fstab

[root@m01 ~]# ansible web -m mount -a 'src=172.16.1.31:/upload path=/nfs fstype=nfs opts=defaults state=mounted'
172.16.1.7 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dump": "0", 
    "fstab": "/etc/fstab", 
    "fstype": "nfs", 
    "name": "/nfs", 
    "opts": "defaults", 
    "passno": "0", 
    "src": "172.16.1.31:/upload"
}
172.16.1.8 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dump": "0", 
    "fstab": "/etc/fstab", 
    "fstype": "nfs", 
    "name": "/nfs", 
    "opts": "defaults", 
    "passno": "0", 
    "src": "172.16.1.31:/upload"
}
[root@m01 ~]# ansible web -a 'grep /upload /etc/fstab'
172.16.1.8 | CHANGED | rc=0 >>
172.16.1.31:/upload /nfs nfs defaults 0 0

172.16.1.7 | CHANGED | rc=0 >>
172.16.1.31:/upload /nfs nfs defaults 0 0

[root@m01 ~]# ansible web -m shell -a 'df -h |tail -2'
172.16.1.7 | CHANGED | rc=0 >>
172.16.1.31:/nfs      20G  1.8G   18G  10% /backup
172.16.1.31:/upload   20G  1.8G   18G  10% /nfs

172.16.1.8 | CHANGED | rc=0 >>
tmpfs                 98M     0   98M   0% /run/user/0
172.16.1.31:/upload   20G  1.8G   18G  10% /nfs

3）absent 卸载设备，会清除/etc/fstab 写入的配置

[root@m01 ~]# ansible web -m mount -a 'src=172.16.1.31:/upload path=/nfs fstype=nfs opts=defaults state=absent'
172.16.1.7 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dump": "0", 
    "fstab": "/etc/fstab", 
    "fstype": "nfs", 
    "name": "/nfs", 
    "opts": "defaults", 
    "passno": "0", 
    "src": "172.16.1.31:/upload"
}
172.16.1.8 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dump": "0", 
    "fstab": "/etc/fstab", 
    "fstype": "nfs", 
    "name": "/nfs", 
    "opts": "defaults", 
    "passno": "0", 
    "src": "172.16.1.31:/upload"
}
[root@m01 ~]# ansible web -m shell -a 'df -h |tail -2'
172.16.1.7 | CHANGED | rc=0 >>
tmpfs              98M     0   98M   0% /run/user/0
172.16.1.31:/nfs   20G  1.8G   18G  10% /backup

172.16.1.8 | CHANGED | rc=0 >>
/dev/sda1       197M  105M   93M  54% /boot
tmpfs            98M     0   98M   0% /run/user/0

[root@m01 ~]# ansible web -a 'grep /upload /etc/fstab'
172.16.1.8 | FAILED | rc=1 >>
non-zero return code

172.16.1.7 | FAILED | rc=1 >>
non-zero return code

二、ansible 自动化配置进阶
1.playbook 剧本初识

play :定义的是主机的角色
tasks：定义的是具体执行的任务
playbook：由一个或多个模块组成，一个play可以包含多个tasks任务

（1）编写一个没5分钟更新系统时间的定时任务剧本

---
  - hosts: web
    tasks:
    - name: sync time
      cron:
       name: sync time
       minute: "*/5"
       job: /usr/sbin/ntpdate ntp1.aliyun.com >>/dev/null 2>&1
       state: absent

（2）测试剧本

[root@m01 ansible]# ansible-playbook -C touch.yaml 

PLAY [web] ***********************************************************************************************

TASK [Gathering Facts] ***********************************************************************************
ok: [172.16.1.7]
ok: [172.16.1.8]

TASK [sync time] *****************************************************************************************
changed: [172.16.1.8]
ok: [172.16.1.7]

PLAY RECAP ***********************************************************************************************
172.16.1.7                 : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
172.16.1.8                 : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

（3）执行剧本

[root@m01 ansible]# ansible-playbook touch.yaml 

PLAY [web] ***********************************************************************************************

TASK [Gathering Facts] ***********************************************************************************
ok: [172.16.1.7]
ok: [172.16.1.8]

TASK [sync time] *****************************************************************************************
ok: [172.16.1.7]
changed: [172.16.1.8]

PLAY RECAP ***********************************************************************************************
172.16.1.7                 : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
172.16.1.8                 : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0