003. basic use of ansible

1. ansible command usage

The ansible command line can be executed in two ways: ad-hoc and ansible-playbook. The official web method provides paid product tower. Ad-hoc is mainly used to execute temporary commands. ansible-playbook is equivalent to a set of ad-hoc commands and is executed together with certain rules.

1.1 key-free

  1 [[email protected] ~]# ssh-keygen -t rsa -P ‘‘

  1 [[email protected] ~]# mkdir .ssh  2 [[email protected] ~]# scp -p /root/.ssh/id_rsa.pub [email protected]:/root/.ssh/authorized_keys  3 [[email protected] ~]# scp -p /root/.ssh/id_rsa.pub [email protected]:/root/.ssh/authorized_keys  4 [[email protected] ~]# scp -p /root/.ssh/id_rsa.pub [email protected]:/root/.ssh/authorized_keys

Tip: You can also use the following command to copy to the corresponding host:

  1 [[email protected] ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected]

1.2 Basic ad-hoc commands

Basic Syntax:

  1 ansible 
<Host-pattern>: indicates the host or host group defined in inventory. It can be an IP address, hostname, or group name in inventory. It also supports matching strings with special characters such as ".", "*", or.
Tip: <> this option is required. [] indicates either of the parameters in this option.
1 [Options]: 2-V, -- verbose: output more detailed execution process information.-vvv can obtain all information about the execution process. 3-I path, -- inventory = path: specify inventory information. Default Value:/etc/ansible/hosts; 4-F num, -- forks = num: number of concurrent threads; default value: 5; 5 -- private-Key = private_key_file: specify the key file; 6-M name, -- module-name = Name: Specify the module used for execution;
Tip:-M specifies the module name. By default, it refers to the command module, which can be omitted without writing.
1-M directory, -- module-Path = Directory: Specifies the module storage path. Default Value:/usr/share/ansible; 2-A 'arguments ', -- ARGs = 'arguments' "module parameter; 3-K, -- ask-pass SSH: authentication password; 4-K, ask-sudo = pass sudo: user Password (used in SUDO); 5-o, -- one-line: standard output to a line; 6-S, -- sudo: equivalent to the sudo command in Linux; 7-T directory, -- tree = Directory: output information to the directory, the result file is named by the remote host; 8-T seconds, -- timeout = seconds: specifies the maximum timeout value for connecting to the remote host. The unit is seconds. 9-B num, -- background = num: run the command in the background. The running task is aborted after the number of seconds exceeds num; 10-P num, -- poll = num: regularly returns the background task progress; 11-u username, -- user = Username: Specify the remote host to run the command with username; 12-u sudo_username, -- Sudo-user = sudo_username: Use sudo, which is equivalent to the sudo command in Linux; 13-C connection, -- connection = connection: Specifies the connection method, which can be set to paramiko (SSH) ssh, local, and local are commonly used in crontab and kickstarts; 14-l subset, -- Limit = subset: Specifies the running host; 15-L ~ RegEx, -- Limit = ~ RegEx: Specifies the running host (Regular Expression); 16 -- list-hosts: lists the qualified hosts without executing any commands.
1.3 Basic playbook commands
Basic Syntax:
  1 ansible-playbook <PLAYBOOKNAME>
1 -- ask-vault-Pass: enter the password when the playbook file is encrypted; 2-D, -- DIFF: display different file updates; 3-e extra_vars, -- extra-vars = extra_vars: introduce external variables to playbook; 4 -- flush-Cache: remote host cache to which fact is cleared; 5 -- force-handlers: Force handlers to run the handlers task, 6-I inventory: Specifies the inventory file to be read, 7 -- list-tags: lists all available tags, 8 -- list-tasks: list all tasks to be executed; 9 -- skip-tags = skip_tags: Skip the specified tags task; 10 -- start-at-task = start_at_task: Start from the number of tasks; 11 -- step: gradually execute the definition of playbook After manual confirmation, run the next task. 12 -- syntax-check: Check the syntax in the playbook. 13-T tags, -- tags = tags: Specify the task for executing tags.
Introduction to two ansible series commands 2.1 ansible
Ansible is one of the basic commands of ansible. It is mainly used in the following scenarios:

 

 
  
Non-curing requirements;
 
  
Temporary operations;

 
Call the secondary development interface.
2.2 ansible-Galaxy
Ansible-galaxy is similar to GitHub or Pip. You can use the ansible-Galaxy command to find and install excellent roles.
Basic Syntax:
1 ansible-Galaxy [Delete | import | info | init | install | list | login | remove | search | setup] [-- help] 2 [Options] 3 info: list specific role details; 4 install: download and install the roles specified by galaxy to the local device; 5 List: List locally downloaded roles; 6 remove: delete locally downloaded roles.
2.3 ansible-pull
Ansible uses the push mode by default. The ansible-pull command can be used in another work mode, namely the PULL mode. It is usually applicable to the following scenarios:
A large number of machines need to be configured, even if high-concurrency threads are used, it will take a long time;
Run ansible on a machine without a network.
Basic Syntax:
  1 ansible-pull -U <repository> [options] [<playbook.yml>]
Tip: Through ansible-pull combined with GIT and crontab, you can use crontab to regularly pull the specified git version to the local device and automatically run the pre-defined commands in the specified mode.
2.4 ansible-Doc
Ansible-Doc is a description of the ansible module documentation. It provides detailed usage and application cases for each module, similar to Linux man.
Basic Syntax:
  1 ansible-doc [-l|-F|-s] [options] [-t <plugin type> ] [plugin]
Example:
1 [[email protected] ~] # Ansible-doc-L # list supported Modules 2 [[email protected] ~] # Ansible-Doc Ping # View module function description
2.5 ansible-playbook
Ansible-playbook is the most frequently used command in daily use. It implements batch management by reading the prepared playbook file. Playbook is easy to write, customizable, flexible and convenient, and can cure all daily operations.
Basic Syntax:
  1 ansible-playbook [options] playbook.yml [playbook2 ...]
2.6 ansible-vault
Ansible-vault is mainly used to encrypt configuration files. For example, a playbook configuration file contains sensitive information. You can use ansible-vault to encrypt/decrypt this configuration file.
Basic Syntax:
  1 ansible-vault [create|decrypt|edit|encrypt|encrypt_string|rekey|view] [options] [vaultfile.yml]
Encryption example:
  1 ansible-vault encrypt test.yml
Decryption example:
  1 ansible-vault decrypt test.yml
2.7 ansible-Console
Ansible-console is an interactive tool provided by ansible. You can use the ansible built-in commands on a terminal virtualized by ansible-console, similar to a shell.
3. Configuration and explanation of inventory
Inventory is the configuration file for ansible to manage host information. It is stored in:/etc/ansible/hosts by default. The command uses the inventory grouping format as follows: ansible-I/etc/ansible/hosts myhost-M Ping
3.1 define hosts and Groups
1 [[email protected] ~] # Vi/etc/ansible/hosts 2 172.24.8.31 # IP address 3 client02 # host name 4 client03: 2345 # You can specify non-standard 22 Port 5 [myhost] # define a group named myhost 6 172.24.8.31 7 172.24.8.3 [] # representative of 172.24.8.32/172.24.8.33/172.24.8.34 also belongs to this group
Tip: the same host can belong to multiple groups.
3.2 define host Variables
  1 172.24.8.31 ntp_server=ntp1.aliyun.com
3.3 define group variables
1 [myhost: vars] 2 ntp_server = ntp1.aliyun.com # define the ntp_server value of all hosts in the myhost Group
3.4 define group nesting and group variables
  1 [myhost1]  2 172.24.8.31  3 [myhost2]  4 172.24.8.32  5 172.24.8.33:2345  6 [myhost:children]  7 myhost1  8 myhost2  9 [myhost:vars] 10 ntp_server=ntp1.aliyun.com
3.5 multi-variable definition
Variables can be defined in inventory or independent from the inventory file. Generally, they are suffixed with. yml,. yaml, And. JSON or have no suffix. The reading sequence of the reader is as follows:

 

 
  
Inventory configuration file (default/etc/ansible/hosts)
 
  
Vars defined area in Playbook
 
  
Files in The vars directory in roles
 
  
Files in the group_vars and hosts_vars directories of the same level in roles

 
Full matching of four ansible and regular expression 4.1
  1 [[email protected] ~]# ansible "*" -m ping  2 [[email protected] ~]# ansible all -m ping  3 [[email protected] ~]# ansible 172.24.8.* -m ping
4.2 logical or (OR) Matching
  1 [[email protected] ~]# ansible myhost1:myhost2 -m ping
4.3 logical non (!) Match
  1 [[email protected] ~]# ansible myhost:\!myhost2 -m ping
Tip: all hosts in the myhost group but not in the myhost2.
Remove! Special significance. \ can be used \.
4.4 logical and (&) Matching
1 [[email protected] ~] # Ansible myhost: \ & myhost2-M Ping # host in both the myhost group and myhost2 Group
4.5 multi-condition combination
1 [[email protected] ~] # Ansible myhost1: myhost2 :\& myhost3 :\! Myhost4-M Ping 2 # All Hosts in myhost1 and myhost2 exist in myhost3 and do not belong to myhost4.
4.6 fuzzy match
1 [[email protected] ~] # Ansible 172 *-M Ping # All Hosts starting with 172
4.7 domain Cutting
  1 [[email protected] ~]# ansible myhost2[0] -m ping  2 [[email protected] ~]# ansible myhost2[0:1] -m ping
Tip: ansible is based on python at the underlying layer, and ansible also supports obtaining corresponding array values. For example:
1 [myhost2] 2 172.24.8.32 3 172.24.8.33: 2345 4 myhost2 [0]: First value, 172.24.8.32; 5 myhost2 [-1]: Last value, 172.24.8.33; 6 myhost2 []: the first value and the second value; 7 myhost2 [1:]: the first value exports the last value.
003. basic use of ansible