ansible初尝试

发表于 更新于 分类于
ansible 安装,编写hosts,执行命令,sudo 提升权限

安装

1
apt install ansible -y
1
2
3
4
5
6
7
$ ansible --version
ansible 2.9.6
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/v_connliu/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.8.10 (default, Jun 22 2022, 20:18:18) [GCC 9.4.0]

添加节点

分组节点

/etc/ansible/hosts
1
2
3
[shudao_online]
192.168.1.10
192.168.1.11

嵌套分组

/etc/ansible/hosts
1
2
3
4
5
6
7
8
9
10
11
[shudao:children]
shudao_online
shudao_proxy

[shudao_online]
192.168.1.10
192.168.1.11

[shudao_proxy]
192.168.2.10
192.168.2.11

使用密码登录

/etc/ansible/hosts
1
2
3
[shudao:vars]
ansible_ssh_user='root'
ansible_ssh_pass='root'

使用密码登录还需要安装 sshpass

1
apt install sshpass

单独操作子分组时, 例如ansible shudao_onlie -m shell -a 'hostnsme' 还需要增加

/etc/ansible/hosts
1
2
3
[shudao_onlie:vars]
ansible_ssh_user='root'
ansible_ssh_pass='root'

更新
操作子分组时 使用--limit参数,缩写-l即可不在子分组写相同的环境变量
例如 ansible shudao -limit shudao_onlie -m shell -a 'hostnsme'

操作节点

使用command 模块来执行查看ip命令

1
ansible shudao -a "ip -4 addr show eth0"

使用shell 模块来清空history

1
ansible shudao -m shell -a 'cat /dev/null > ~/.bash_history'

proxy

增加proxy

1
2
cmd="echo 'export http_proxy=http://10.149.9.97:3128\nexport https_proxy=http://10.149.9.97:3128' >> /etc/profile"
ansible shudao_proxy -m shell -a "$cmd"

删除proxy

1
ansible shudao_proxy -a "sed -i -e '/proxy/d' /etc/profile"

apt 增加proxy

1
ansible shudao_proxy -m shell -a "echo 'Acquire::http::proxy \"http://10.149.9.97:3128\";\nAcquire::https::proxy \"http://10.149.9.97:3128\";' >> /etc/apt/apt.conf.d/01proxy"

修改镜像源

1
ansible shudao_proxy -a 'sed -i "s@/cn.archive.ubuntu.com/@/mirrors.aliyun.com/@g" /etc/apt/sources.list'

执行aptu pdate

1
ansible shudao_proxy  -m apt  -a "update_cache=yes"

使用sudo

全局开启

/etc/ansible/ansible.cfg
1
2
3
4
5
[privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=True
1
ansible shudao_proxy -m shell -a "sudo mkdir /data/prometheus"

临时开启

1
2
3
4
ansible --help
特权升级选项:
  -K, --ask-become-pass 开启提示输入密码
  -b, --become          使用become 提升权限
1
ansible shudao_proxy -m shell -a "sudo mkdir /data/prometheus" -b -K