Last active
January 21, 2017 15:15
-
-
Save payshangjj/865dd255b761f497f8160025ef7652ad to your computer and use it in GitHub Desktop.
Ansible
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 批量推送ssh密钥,设置免密登录 | |
| ansible test -m authorized_key -a "user=pe key='{{ lookup('file', '/home/pe/.ssh/id_rsa.pub') }}' path=/home/pe/.ssh/authorized_keys manage_dir=no" | |
| ansible test -m authorized_key -a "user=root key='{{ lookup('file', '/root/.ssh/id_rsa.pub') }}' path=/home/pe/.ssh/authorized_keys manage_dir=no" | |
| 生成CMDB页面 | |
| ansible -i ip_list_file "172.*" -m setup --tree out/ -k -a ""filter=ansible_local"" | |
| ansible-cmdb -i ip_list_file "*" out/ >/export/yulei/software/redis-monitor/src/www/cmdb.html | |
| lineinfile 模块: | |
| vars: | |
| xms: 1024 | |
| cat test | |
| lineinfile: dest=/home/pe/test regexp='^(.*)Xms (\d+)m(.*)$' line='\1www {{ xms }}m\3' backrefs=yes | |
| backrefs为no时,如果没有匹配,则添加一行line。如果匹配了,则把匹配内容替被换为line内容。 | |
| backrefs为yes时,如果没有匹配,则文件保持不变。如果匹配了,把匹配内容替被换为line内容。 | |
| http://blog.csdn.net/iloveyin/article/details/46982023 | |
| cron模块: | |
| 目的:在指定节点上定义一个计划任务,每隔3分钟到主控端更新一次时间 | |
| 命令:ansible all -m cron -a 'name="custom job" minute=*/3 hour=* day=* month=* weekday=* job="/usr/sbin/ntpdate 172.16.254.139"' | |
| file模块: | |
| 目的:更改指定节点上/tmp/t.sh的权限为755,属主和属组为root | |
| 命令:ansible all -m file -a "dest=/tmp/t.sh mode=755 owner=root group=root" | |
| copy模块: | |
| 目的:把主控端/root目录下的a.sh文件拷贝到到指定节点上 | |
| 命令:ansible 10.1.1.113 -m copy -a 'src=/root/a.sh dest=/tmp/' | |
| #由于模块,默认都是推送push。因此,如果你在使用拉取pull功能的时候,可以参考如下来实现 | |
| #mode=pull 更改推送模式为拉取模式 | |
| #目的:将10.1.1.113节点的/tmp/a目录拉取到主控节点的/root目录下 | |
| #命令:ansible 10.1.1.113 -m synchronize -a 'mode=pull src=/tmp/a dest=/root/' | |
| fetch模块: | |
| 目的:拉取远程服务器文件到主控端 | |
| 命令:ansible -k -m fetch -i /etc/ansible/inventory/jen all -a "src=/export/conf/r.cfg dest=/export/yulei/r2m/" | |
| group模块: | |
| 目的:在所有节点上创建一个组名为nolinux,gid为2014的组 | |
| 命令:ansible all -m group -a 'gid=2014 name=nolinux' | |
| user模块: | |
| 目的:在指定节点上创建一个用户名为nolinux,组为nolinux的用户 | |
| 命令:ansible 10.1.1.113 -m user -a 'name=nolinux groups=nolinux state=present' | |
| yum模块: | |
| 目的:在指定节点上安装 lrzsz 服务 | |
| 命令:ansible all -m yum -a "state=present name=httpd" | |
| service模块: | |
| 目的:启动指定节点上的 puppet 服务,并让其开机自启动 | |
| 命令:ansible 10.1.1.113 -m service -a 'name=puppet state=restarted enabled=yes' | |
| script模块: | |
| 目的:在指定节点上执行/root/a.sh脚本(该脚本是在ansible控制节点上的) | |
| 命令:ansible 10.1.1.113 -m script -a '/root/a.sh' | |
| ping模块: | |
| 目的:检查指定节点机器是否还能连通 | |
| 命令:ansible 10.1.1.113 -m ping | |
| command模块: | |
| 目的:在指定节点上运行hostname命令 | |
| 命令:ansible 10.1.1.113 -m command -a 'hostname' | |
| raw模块: | |
| 目的:在10.1.1.113节点上运行hostname命令 | |
| 命令:ansible 10.1.1.113 -m raw-a 'hostname|tee' | |
| get_url模块: | |
| 目的:将http://10.1.1.116/favicon.ico文件下载到指定节点的/tmp目录下 | |
| 命令:ansible 10.1.1.113 -m get_url -a 'url=http://10.1.1.116/favicon.ico dest=/tmp' | |
| synchronize模块: | |
| 目的:将主控方/root/a目录推送到指定节点的/tmp目录下 | |
| 命令:ansible 10.1.1.113 -m synchronize -a 'src=/root/a dest=/tmp/ compress=yes' | |
| 执行效果: | |
| delete=yes 使两边的内容一样(即以推送方为主) | |
| compress=yes 开启压缩,默认为开启 | |
| --exclude=.Git 忽略同步.git结尾的文件 | |
| 由于模块,默认都是推送push。因此,如果你在使用拉取pull功能的时候,可以参考如下来实现 | |
| mode=pull 更改推送模式为拉取模式 | |
| 目的:将10.1.1.113节点的/tmp/a目录拉取到主控节点的/root目录下 | |
| 命令:ansible 10.1.1.113 -m synchronize -a 'mode=pull src=/tmp/a dest=/root/' | |
| 开通22端口 | |
| ansible -i /root/yulei/onduty/ip_chengdu_yace all -m raw -a " sed -i 's@Port 51899@Port 51899\nPort 22@g' /etc/ssh/sshd_config " -k -b | |
| ansible -i /root/yulei/onduty/ip_chengdu_yace all -m raw -a " service sshd restart " -k -b | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment