Ansible常用命令及操作
一、安装
yum install -y ansible
二、命令补全 ansible 2.9版本以上
activate-global-python-argcomplete
三、ansible配置文件优先级
Ansible支持4种方式指定配置文件,它们的读取顺序从高到低:
Ansible配置文件采用 ini 风格进行配置,每一项配置都使用key=value的方式进行配置。
四、ansible配置ssh免密登录
ssh-keygen -t rsa -b 4096
ssh-copy-id -p 22 root@192.168.9.20
在 /root/.ssh中添加ssh config
cat > /root/.ssh/config << EOF
Host k8s02
HostName 192.168.9.21
Port 22
User root
ServerAliveInterval 60
IdentityFile ~/.ssh/id_rsa
Host k8s03
HostName 192.168.9.22
Port 22
User root
ServerAliveInterval 60
IdentityFile ~/.ssh/id_rsa
Host node01
HostName 192.168.9.23
Port 22
User root
ServerAliveInterval 60
IdentityFile ~/.ssh/id_rsa
EOF
for host in 192.168.9.{20..22} node0{1..3};
do
ssh-keyscan $host >>~/.ssh/known_hosts 2>/dev/null
done
yum -y install sshpass
for host in 192.168.9.{20..22} node0{1..3};
do
sshpass -p'xxxxxx' ssh-copy-id root@$host &>/dev/null
done
五、ansible 帮助模块
ansible-doc -l | grep 'copy'
ansible-doc copy
ansible-doc -s copy
六、ansible性能优化
1. ## 关闭gathering facts功能
- hosts: k8s01
remote_user: root
gather_facts: False
tasks:
- name: a test
shell: echo "test"
ansible-playbook -v test.yml
2. ## 开启 SSH pipelining 不使用sudo命令建议开启,在一个ssh会话中执行所有操作,速度较快。
vim /etc/ansible/ansible.cfg
........
pipelining = True
3. ## 开启SSH长连接 (ControlPersist特性)ConrolPersist=5d, 这个参数是设置整个长连接保持时间为5天。
..........
ssh_args = -C -o ControlMaster=auto -o ControlPersist=5d
4. ## 设置facts缓存
.........
gathering = smart
fact_caching_timeout = 86400
fact_caching = jsonfile
fact_caching_connection = /dev/shm/ansible_fact_cache
........
gathering = smart
facts_caching_timeout = 86400 #设置缓存过期时间86400秒
facts_caching = redis # 使用redis或者 (或者使用memcached,即"facts_caching = memcached")
fact_caching_connection = 127.0.0.1:6379
在使用redis缓存后,如果出现异常(若未出现,请忽略):TypeError: the JSON object must be str, not 'bytes'。
解决办法:
..........
self._cache[key] = json.loads(value.decode('utf-8')) #修改为这个
5. ## Ansible取消交互
........
host_key_checking = False #打开注释即可
取消ssh的yes和no的交互:
UserKnownHostsFile /dev/null
ConnectTimeout 15
StrictHostKeyChecking no
或者直接ssh时增加一个参数
6.ansible的-t选项,提高ansible执行效率
time ansible k8s02 -m command -a "hostname"
time ansible k8s02 -m command -a "hostname" -t /tmp/test
七、配置inventory
在默认的inventory文件/etc/ansible/hosts添加几个目标主机的各种格式:
[k8s]
k8s02
k8s03 ansible_host=192.168.9.22
192.168.9.23
192.168.9.24:22
192.168.9.2[5:7] ansible_port=222
八、ansible的playbook剧本元素
tasks:包含角色要执行的主要任务列表
handlers:包含处理程序,可以由此角色使用,甚至可以在此角色之外的任何位置使用
defaults:角色默认的变量
vars:角色其他的变量
files:包含可以通过此角色部署的文件
templates:包含可以通过此角色部署的模板
meta:角色定义的一些元数据
试例:
- hosts: webservers
remote_user: root
roles:
- nginx
[root@ansible opt]# tree roles/
roles/
├── nginx
│ ├── files
│ ├── handlers
│ │ └── main.yml
│ ├── tasks
│ │ └── main.yml
│ ├── templates
│ │ ├── nginx.conf.j2
│ │ └── nginx.service.j2
│ └── vars
九、ansible常用命令
ansible-doc -l 列出ansible所支持的模块
ansible-doc -s fetch 查看fetch模块的帮助信息
ansible all -m ping 调用ping模块 ping所有主机
ansible k8s02 -m fetch -a "src=/etc/fstab dest=/mnt/ansible/" 调用fetch模块拉取目标主机上的文件
copy模块
ansible k8s02 -m copy -a "src=/mnt/copytest dest=/opt/"
ansible k8s02 -m copy -a 'content="aaa\nbbb\n" dest=/opt/test'
ansible k8s02 -m copy -a "src=/mnt/copytest dest=/opt/ force=no"
ansible k8s02 -m copy -a "src=/mnt/copytest dest=/opt/ backup=yes"
ansible k8s02 -m copy -a "src=/mnt/copytest dest=/opt/ owner=zsy"
ansible k8s02 -m copy -a "src=/mnt/copytest dest=/opt/ group=zsy"
ansible k8s02 -m copy -a "src=/mnt/copytest dest=/opt/ mode=0640"
file模块
ansible k8s02 -m file -a "path=/mnt/testfile state=touch"
ansible k8s02 -m file -a "path=/mnt/mnt state=directory"
ansible k8s02 -m file -a "path=/mnt/linkfile state=link src=/mnt/testfile"
ansible k8s02 -m file -a "path=/mnt/hardfile state=hard src=/mnt/testfile"
ansible k8s02 -m file -a "path=/mnt/linkfile state=link src=sourcefile force=yes"
ansible k8s02 -m file -a "path=/mnt/mnt state=absent"
ansible k8s02 -m file -a "path=/mnt/abc state=touch owner=zsy"
ansible k8s02 -m file -a "path=/mnt/abc owner=zsy"
ansible k8s02 -m file -a "path=/mnt/abc state=directory owner=zsy"
ansible k8s02 -m file -a "path=/mnt/abb state=touch group=zsy"
ansible k8s02 -m file -a "path=/mnt/abb group=zsy"
ansible k8s02 -m file -a "path=/mnt/abb state=directory group=zsy"
ansible k8s02 -m file -a "path=/mnt/abb state=touch mode=0644"
ansible k8s02 -m file -a "path=/mnt/abb mode=0644"
ansible k8s02 -m file -a "path=/mnt/binfile mode=4700"
ansible k8s02 -m file -a "path=/mnt/abb state=directory mode=0644"
ansible k8s02 -m file -a "path=/mnt/abd state=directory owner=zsy group=zsy recurse=yes"
blockinfile模块
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local block="systemctl start mariadb\nsystemctl start httpd" '
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local block="systemctl start mariadb\nsystemctl start httpd" marker="#{mark} serivce to start" '
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local block="systemctl start mariadb" marker="#{mark} serivce to start" '
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local block="" marker="#{mark} serivce to start" '
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local marker="#{mark} serivce to start" state=absent'
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local block="####blockinfile test####" marker="#{mark} test" insertbefore=BOF'
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local block="####blockinfile test####" marker="#{mark} test" insertafter=EOF'
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local block="####blockinfile test####" marker="#{mark} test reg" insertafter="^#!/bin/bash" '
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local marker="#{mark} test" state=absent backup=yes'
ansible k8s02 -m blockinfile -a 'path=/mnt/test block="test" marker="#{mark} test" create=yes'
lineinfile模块
ansible k8s02 -m lineinfile -a 'path=/mnt/test line="test text"'
ansible k8s02 -m lineinfile -a 'path=/mnt/test regexp="^line" line="test text" '
ansible k8s02 -m lineinfile -a 'path=/mnt/test regexp="^line" line="test text" backrefs=yes '
ansible k8s02 -m lineinfile -a 'path=/mnt/test line="lineinfile -" state=absent'
ansible k8s02 -m lineinfile -a 'path=/mnt/test regexp="^lineinfile" state=absent'
ansible k8s02 -m lineinfile -a 'path=/mnt/test regexp="(H.{4}).*(H.{4})" line="\2" backrefs=yes'
find模块
ansible k8s02 -m find -a 'paths=/mnt contains=".*abc.*" '
ansible k8s02 -m find -a 'paths=/mnt contains=".*abc.*" recurse=yes '
ansible k8s02 -m find -a 'paths=/mnt patterns="*.sh" hidden=yes'
ansible k8s02 -m find -a 'paths=/mnt patterns="*.sh" file_type=any hidden=yes'
ansible k8s02 -m find -a 'paths=/mnt patterns="*.sh" file_type=any hidden=yes'
ansible k8s02 -m find -a 'paths=/mnt patterns=".*\.sh" use_regex=yes file_type=any hidden=yes'
ansible k8s02 -m find -a "path=/mnt age=-4d recurse=yes"
ansible k8s02 -m find -a "path=/mnt age=-2w age_stamp=atime recurse=yes"
ansible k8s02 -m find -a "paths=/mnt size=2g recurse=yes"
ansible k8s02 -m find -a "paths=/mnt patterns=*.sh get_checksum=yes hidden=yes recurse=yes"
replace模块
ansible k8s02 -m replace -a 'path=/mnt/test regexp="ASM" replace=asm'
ansible k8s02 -m replace -a 'path=/mnt/test regexp="ASM" replace=asm backup=yes'
command模块
ansible k8s02 -m command -a "ls"
ansible k8s02 -m command -a "chdir=/mnt ls"
ansible k8s02 -m command -a "creates=/mnt/test echo test"
ansible k8s02 -m command -a "removes=/mnt/test echo test"
shell模块
ansible k8s02 -m shell -a "chdir=/mnt echo test > test"
ansible k8s02 -m shell -a 'executable=/bin/csh @ TestNum=666 ; echo $TestNum > /mnt/TestNumFile'
script模块
ansible k8s02 -m script -a "chdir=/opt /mnt/atest.sh"
ansible k8s02 -m script -a "creates=/opt/testfile /mnt/atest.sh"
ansible k8s02 -m script -a "removes=/opt/testfile /mnt/atest.sh"
cron模块
ansible k8s02 -m cron -a " name='test crontab' minute=5 hour=1 job='echo test' "
ansible k8s02 -m cron -a " name='crontab day test' minute=1 hour=1 day=*/3 job='echo test' "
ansible k8s02 -m cron -a " name='test special time' special_time=reboot job='echo test' "
ansible k8s02 -m cron -a " name='test special time' special_time=hourly job='echo test' backup=yes "
ansible k8s02 -m cron -a " name='test special time' state=absent backup=yes "
ansible k8s02 -m cron -a "user=zsy name='test special time' special_time=hourly job='echo test'"
ansible k8s02 -m cron -a " name='crontab day test' minute=1 hour=1 day=*/3 job='echo test' disabled=yes backup=yes"
ansible k8s02 -m cron -a " name='crontab day test' minute=55 job='echo test' disabled=yes backup=yes"
service模块
ansible k8s02 -m service -a "name=nginx state=started"
ansible k8s02 -m service -a "name=nginx state=stopped"
ansible k8s02 -m service -a " name='nginx' enabled=yes"
user模块
ansible k8s02 -m user -a 'name=zsy'
ansible k8s02 -m user -a 'name=zsy state=absent'
ansible k8s02 -m user -a 'name=abc state=absent remove=yes'
ansible k8s02 -m user -a "name=zsy group=zsythink"
ansible k8s02 -m user -a "name=zsy groups=zsythink append=yes"
ansible k8s02 -m user -a "name=zsy shell=/bin/csh"
ansible k8s02 -m user -a "name=zsy uid=2002"
ansible k8s02 -m user -a 'name=zsy expires=1546185600' 使用date -d 2018-12-31 +%s 获取对应日期unix时间戳
ansible k8s02 -m user -a 'name=zsy comment="www.zsythink.net"'
[root@test71 ~]# python;
Python 2.7.5 (default, Aug 4 2017, 00:39:18)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-16)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import crypt; crypt.crypt('666666')
'$6$ygRbo7Fj.mMU2KY0$OEqihCCn5UfOsvMyzPNPBgx3bzAtwrOFyFvacgUmA374XOAEtUCrdjbW5Ip.Zqo491o3kD5I.HaC9nLhh6x741'
ansible k8s02 -m user -a ' name=zsy password="$6$ygRbo7Fj.mMU2KY0$OEqihCCn5UfOsvMyzPNPBgx3bzAtwrOFyFvacgUmA374XOAEtUCrdjbW5Ip.Zqo491o3kD5I.HaC9nLhh6x741" '
ansible k8s02 -m user -a 'name=zsy password="$6$a.ofrhIWn4gJGbi0$i6Xhr.F/YyhMe2UCodydwyF952bP4DOf0qYcGE8aK.EsgOR/GKU0Oy9Ov6oIH3RIJ9BnhvoVR9ozflmUJgxhL0" update_password=on_create'
ansible k8s02 -m user -a 'name=zsy generate_ssh_key=yes'
ansible k8s02 -m user -a 'name=zsy generate_ssh_key=yes ssh_key_file=/opt/id_rsa_zsy'
ansible k8s02 -m user -a 'name=zsy generate_ssh_key=yes ssh_key_comment="www.zsythink.net"'
ansible k8s02 -m user -a 'name=zsy generate_ssh_key=yes ssh_key_type=dsa'
group模块
ansible k8s02 -m group -a ' name=zsythink'
ansible k8s02 -m group -a ' name=zsythink state=absent'
ansible k8s02 -m group -a 'name=zsythink gid=1008'
yum_repository模块
ansible k8s02 -m yum_repository -a 'name=aliEpel description="alibaba EPEL" baseurl=https://mirrors.aliyun.com/epel/$releasever\Server/$basearch/'
ansible k8s02 -m yum_repository -a 'name=aliEpel description="alibaba EPEL" baseurl=https://mirrors.aliyun.com/epel/$releasever\Server/$basearch/ file=alibaba'
ansible k8s02 -m yum_repository -a 'name=local baseurl=file:///media description="local cd yum" enabled=no'
ansible k8s02 -m yum_repository -a 'name=local baseurl=file:///media description="local cd yum" gpgcheck=yes gpgcakey=file:///media/RPM-GPG-KEY-CentOS-7'
ansible k8s02 -m yum_repository -a 'file=alibaba name=aliEpel state=absent'
yum模块
ansible k8s02 -m yum -a 'name=nginx disable_gpg_check=yes'
ansible k8s02 -m yum -a 'name=nginx state=present disable_gpg_check=yes'
ansible k8s02 -m yum -a 'name=nginx state=installed disable_gpg_check=yes'
ansible k8s02 -m yum -a 'name=nginx state=latest disable_gpg_check=yes'
ansible k8s02 -m yum -a 'name=nginx state=absent'
ansible k8s02 -m yum -a 'name=nginx state=removed'
ansible k8s02 -m yum -a 'name=telnet disable_gpg_check=yes enablerepo=local'
ansible k8s02 -m yum -a 'name=telnet disable_gpg_check=yes disablerepo=local'
ansible-doc -l 列出ansible所支持的模块
ansible-doc -s fetch 查看fetch模块的帮助信息
ansible all -m ping 调用ping模块 ping所有主机
ansible k8s02 -m fetch -a "src=/etc/fstab dest=/mnt/ansible/" 调用fetch模块拉取目标主机上的文件
copy模块
ansible k8s02 -m copy -a "src=/mnt/copytest dest=/opt/"
ansible k8s02 -m copy -a 'content="aaa\nbbb\n" dest=/opt/test'
ansible k8s02 -m copy -a "src=/mnt/copytest dest=/opt/ force=no"
ansible k8s02 -m copy -a "src=/mnt/copytest dest=/opt/ backup=yes"
ansible k8s02 -m copy -a "src=/mnt/copytest dest=/opt/ owner=zsy"
ansible k8s02 -m copy -a "src=/mnt/copytest dest=/opt/ group=zsy"
ansible k8s02 -m copy -a "src=/mnt/copytest dest=/opt/ mode=0640"
file模块
ansible k8s02 -m file -a "path=/mnt/testfile state=touch"
ansible k8s02 -m file -a "path=/mnt/mnt state=directory"
ansible k8s02 -m file -a "path=/mnt/linkfile state=link src=/mnt/testfile"
ansible k8s02 -m file -a "path=/mnt/hardfile state=hard src=/mnt/testfile"
ansible k8s02 -m file -a "path=/mnt/linkfile state=link src=sourcefile force=yes"
ansible k8s02 -m file -a "path=/mnt/mnt state=absent"
ansible k8s02 -m file -a "path=/mnt/abc state=touch owner=zsy"
ansible k8s02 -m file -a "path=/mnt/abc owner=zsy"
ansible k8s02 -m file -a "path=/mnt/abc state=directory owner=zsy"
ansible k8s02 -m file -a "path=/mnt/abb state=touch group=zsy"
ansible k8s02 -m file -a "path=/mnt/abb group=zsy"
ansible k8s02 -m file -a "path=/mnt/abb state=directory group=zsy"
ansible k8s02 -m file -a "path=/mnt/abb state=touch mode=0644"
ansible k8s02 -m file -a "path=/mnt/abb mode=0644"
ansible k8s02 -m file -a "path=/mnt/binfile mode=4700"
ansible k8s02 -m file -a "path=/mnt/abb state=directory mode=0644"
ansible k8s02 -m file -a "path=/mnt/abd state=directory owner=zsy group=zsy recurse=yes"
blockinfile模块
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local block="systemctl start mariadb\nsystemctl start httpd" '
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local block="systemctl start mariadb\nsystemctl start httpd" marker="#{mark} serivce to start" '
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local block="systemctl start mariadb" marker="#{mark} serivce to start" '
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local block="" marker="#{mark} serivce to start" '
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local marker="#{mark} serivce to start" state=absent'
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local block="####blockinfile test####" marker="#{mark} test" insertbefore=BOF'
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local block="####blockinfile test####" marker="#{mark} test" insertafter=EOF'
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local block="####blockinfile test####" marker="#{mark} test reg" insertafter="^#!/bin/bash" '
ansible k8s02 -m blockinfile -a 'path=/mnt/rc.local marker="#{mark} test" state=absent backup=yes'
ansible k8s02 -m blockinfile -a 'path=/mnt/test block="test" marker="#{mark} test" create=yes'
lineinfile模块
ansible k8s02 -m lineinfile -a 'path=/mnt/test line="test text"'
ansible k8s02 -m lineinfile -a 'path=/mnt/test regexp="^line" line="test text" '
ansible k8s02 -m lineinfile -a 'path=/mnt/test regexp="^line" line="test text" backrefs=yes '
ansible k8s02 -m lineinfile -a 'path=/mnt/test line="lineinfile -" state=absent'
ansible k8s02 -m lineinfile -a 'path=/mnt/test regexp="^lineinfile" state=absent'
ansible k8s02 -m lineinfile -a 'path=/mnt/test regexp="(H.{4}).*(H.{4})" line="\2" backrefs=yes'
find模块
ansible k8s02 -m find -a 'paths=/mnt contains=".*abc.*" '
ansible k8s02 -m find -a 'paths=/mnt contains=".*abc.*" recurse=yes '
ansible k8s02 -m find -a 'paths=/mnt patterns="*.sh" hidden=yes'
ansible k8s02 -m find -a 'paths=/mnt patterns="*.sh" file_type=any hidden=yes'
ansible k8s02 -m find -a 'paths=/mnt patterns="*.sh" file_type=any hidden=yes'
ansible k8s02 -m find -a 'paths=/mnt patterns=".*\.sh" use_regex=yes file_type=any hidden=yes'
ansible k8s02 -m find -a "path=/mnt age=-4d recurse=yes"
ansible k8s02 -m find -a "path=/mnt age=-2w age_stamp=atime recurse=yes"
ansible k8s02 -m find -a "paths=/mnt size=2g recurse=yes"
ansible k8s02 -m find -a "paths=/mnt patterns=*.sh get_checksum=yes hidden=yes recurse=yes"
replace模块
ansible k8s02 -m replace -a 'path=/mnt/test regexp="ASM" replace=asm'
ansible k8s02 -m replace -a 'path=/mnt/test regexp="ASM" replace=asm backup=yes'
command模块
ansible k8s02 -m command -a "ls"
ansible k8s02 -m command -a "chdir=/mnt ls"
ansible k8s02 -m command -a "creates=/mnt/test echo test"
ansible k8s02 -m command -a "removes=/mnt/test echo test"
shell模块
ansible k8s02 -m shell -a "chdir=/mnt echo test > test"
ansible k8s02 -m shell -a 'executable=/bin/csh @ TestNum=666 ; echo $TestNum > /mnt/TestNumFile'
script模块
ansible k8s02 -m script -a "chdir=/opt /mnt/atest.sh"
ansible k8s02 -m script -a "creates=/opt/testfile /mnt/atest.sh"
ansible k8s02 -m script -a "removes=/opt/testfile /mnt/atest.sh"
cron模块
ansible k8s02 -m cron -a " name='test crontab' minute=5 hour=1 job='echo test' "
ansible k8s02 -m cron -a " name='crontab day test' minute=1 hour=1 day=*/3 job='echo test' "
ansible k8s02 -m cron -a " name='test special time' special_time=reboot job='echo test' "
ansible k8s02 -m cron -a " name='test special time' special_time=hourly job='echo test' backup=yes "
ansible k8s02 -m cron -a " name='test special time' state=absent backup=yes "
ansible k8s02 -m cron -a "user=zsy name='test special time' special_time=hourly job='echo test'"
ansible k8s02 -m cron -a " name='crontab day test' minute=1 hour=1 day=*/3 job='echo test' disabled=yes backup=yes"
ansible k8s02 -m cron -a " name='crontab day test' minute=55 job='echo test' disabled=yes backup=yes"
service模块
ansible k8s02 -m service -a "name=nginx state=started"
ansible k8s02 -m service -a "name=nginx state=stopped"
ansible k8s02 -m service -a " name='nginx' enabled=yes"
user模块
ansible k8s02 -m user -a 'name=zsy'
ansible k8s02 -m user -a 'name=zsy state=absent'
ansible k8s02 -m user -a 'name=abc state=absent remove=yes'
ansible k8s02 -m user -a "name=zsy group=zsythink"
ansible k8s02 -m user -a "name=zsy groups=zsythink append=yes"
ansible k8s02 -m user -a "name=zsy shell=/bin/csh"
ansible k8s02 -m user -a "name=zsy uid=2002"
ansible k8s02 -m user -a 'name=zsy expires=1546185600' 使用date -d 2018-12-31 +%s 获取对应日期unix时间戳
ansible k8s02 -m user -a 'name=zsy comment="www.zsythink.net"'
Python 2.7.5 (default, Aug 4 2017, 00:39:18)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-16)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import crypt; crypt.crypt('666666')
'$6$ygRbo7Fj.mMU2KY0$OEqihCCn5UfOsvMyzPNPBgx3bzAtwrOFyFvacgUmA374XOAEtUCrdjbW5Ip.Zqo491o3kD5I.HaC9nLhh6x741'
ansible k8s02 -m user -a ' name=zsy password="$6$ygRbo7Fj.mMU2KY0$OEqihCCn5UfOsvMyzPNPBgx3bzAtwrOFyFvacgUmA374XOAEtUCrdjbW5Ip.Zqo491o3kD5I.HaC9nLhh6x741" '
ansible k8s02 -m user -a 'name=zsy password="$6$a.ofrhIWn4gJGbi0$i6Xhr.F/YyhMe2UCodydwyF952bP4DOf0qYcGE8aK.EsgOR/GKU0Oy9Ov6oIH3RIJ9BnhvoVR9ozflmUJgxhL0" update_password=on_create'
ansible k8s02 -m user -a 'name=zsy generate_ssh_key=yes'
ansible k8s02 -m user -a 'name=zsy generate_ssh_key=yes ssh_key_file=/opt/id_rsa_zsy'
ansible k8s02 -m user -a 'name=zsy generate_ssh_key=yes ssh_key_comment="www.zsythink.net"'
ansible k8s02 -m user -a 'name=zsy generate_ssh_key=yes ssh_key_type=dsa'
group模块
ansible k8s02 -m group -a ' name=zsythink'
ansible k8s02 -m group -a ' name=zsythink state=absent'
ansible k8s02 -m group -a 'name=zsythink gid=1008'
yum_repository模块
ansible k8s02 -m yum_repository -a 'name=aliEpel description="alibaba EPEL" baseurl=https://mirrors.aliyun.com/epel/$releasever\Server/$basearch/'
ansible k8s02 -m yum_repository -a 'name=aliEpel description="alibaba EPEL" baseurl=https://mirrors.aliyun.com/epel/$releasever\Server/$basearch/ file=alibaba'
ansible k8s02 -m yum_repository -a 'name=local baseurl=file:///media description="local cd yum" enabled=no'
ansible k8s02 -m yum_repository -a 'name=local baseurl=file:///media description="local cd yum" gpgcheck=yes gpgcakey=file:///media/RPM-GPG-KEY-CentOS-7'
ansible k8s02 -m yum_repository -a 'file=alibaba name=aliEpel state=absent'
yum模块
ansible k8s02 -m yum -a 'name=nginx disable_gpg_check=yes'
ansible k8s02 -m yum -a 'name=nginx state=present disable_gpg_check=yes'
ansible k8s02 -m yum -a 'name=nginx state=installed disable_gpg_check=yes'
ansible k8s02 -m yum -a 'name=nginx state=latest disable_gpg_check=yes'
ansible k8s02 -m yum -a 'name=nginx state=absent'
ansible k8s02 -m yum -a 'name=nginx state=removed'
ansible k8s02 -m yum -a 'name=telnet disable_gpg_check=yes enablerepo=local'
ansible k8s02 -m yum -a 'name=telnet disable_gpg_check=yes disablerepo=local'