ansible操作实践
环境
系统:CentOS_7
ip:192.168.121.20~22
管理机:192.168.。121.22
一、安装配置ansible
1、安装ansible
指令
1.yum install -y ansible
实践
1.[root@centos-2 lcr]# yum install ansible
2.已加载插件:fastestmirror, langpacks
3.base | 3.6 kB 00:00
4.epel/x86_64/metalink | 4.7 kB 00:00
5.epel | 4.3 kB 00:00
6.extras | 3.4 kB 00:00
7.mysql-connectors-community | 2.5 kB 00:00
8.mysql-tools-community | 2.5 kB 00:00
9.mysql57-community | 2.5 kB 00:00
10.updates | 3.4 kB 00:00
11.webtatic | 3.6 kB 00:00
12.
13.依赖关系解决
14.
15.================================================================================
16. Package 架构 版本 源 大小
17.================================================================================
18.正在安装:
19. ansible noarch 2.3.1.0-1.el7 epel 5.7 M
20.为依赖而安装:
21. libtomcrypt x86_64 1.17-25.el7 epel 225 k
22. libtommath x86_64 0.42.0-5.el7 epel 35 k
23. python-babel noarch 0.9.6-8.el7 base 1.4 M
24. python-httplib2 noarch 0.9.1-0.3.el7 epel 115 k
25. python-jinja2 noarch 2.7.2-2.el7 base 515 k
26. python-keyczar noarch 0.71c-2.el7 epel 218 k
27. python2-crypto x86_64 2.6.1-13.el7 epel 476 k
28. python2-ecdsa noarch 0.13-4.el7 epel 83 k
29. python2-paramiko noarch 1.16.1-2.el7 epel 258 k
30. sshpass x86_64 1.06-1.el7 epel 21 k
31.
32.事务概要
33.================================================================================
34.安装 1 软件包 (+10 依赖软件包)
35.
36.总下载量:9.0 M
37.安装大小:41 M
38.Is this ok [y/d/N]:
使用yum指令安装,可以叫简单的解决依赖关系
1.[root@centos-2 lcr]# ansible --version
2.ansible 2.3.1.0
3. config file = /etc/ansible/ansible.cfg
4. configured module search path = Default w/o overrides
5. python version = 2.7.5 (default, Nov 6 2016, 00:28:07) [GCC 4.8.5 20150623 (Red Hat 4.8.5-11)]
2、编辑配置文件
1、编辑参数
1.mkdir -p /etc/ansible
1.vim /etc/ansible/ansible.cfg
1.[root@centos-2 ~]# cat /etc/ansible/ansible.cfg
2.# config file for ansible -- https://ansible.com/
3.# ===============================================
4.
5.# nearly all parameters can be overridden in ansible-playbook
6.# or with command line flags. ansible will read ANSIBLE_CONFIG,
7.# ansible.cfg in the current working directory, .ansible.cfg in
8.# the home directory or /etc/ansible/ansible.cfg, whichever it
9.# finds first
10.
11.[defaults]
12.
13.# some basic default values...
14.
15.#inventory = /etc/ansible/hosts
16.#library = /usr/share/my_modules/
17.#module_utils = /usr/share/my_module_utils/
18.#remote_tmp = ~/.ansible/tmp
19.#local_tmp = ~/.ansible/tmp
20.#forks = 5
21.#poll_interval = 15
22.#sudo_user = root
23.#ask_sudo_pass = True
24.#ask_pass = True
25.#transport = smart
26.#remote_port = 22
27.#module_lang = C
28.#module_set_locale = False
29.
30.# plays will gather facts by default, which contain information about
31.# the remote system.
32.#
33.# smart - gather by default, but don't regather if already gathered
34.# implicit - gather by default, turn off with gather_facts: False
35.# explicit - do not gather by default, must say gather_facts: True
36.#gathering = implicit
37.
38.# This only affects the gathering done by a play's gather_facts directive,
39.# by default gathering retrieves all facts subsets
40.# all - gather all subsets
41.# network - gather min and network facts
42.# hardware - gather hardware facts (longest facts to retrieve)
43.# virtual - gather min and virtual facts
44.# facter - import facts from facter
45.# ohai - import facts from ohai
46.# You can combine them using comma (ex: network,virtual)
47.# You can negate them using ! (ex: !hardware,!facter,!ohai)
48.# A minimal set of facts is always gathered.
49.#gather_subset = all
50.
51.# some hardware related facts are collected
52.# with a maximum timeout of 10 seconds. This
53.# option lets you increase or decrease that
54.# timeout to something more suitable for the
55.# environment.
56.# gather_timeout = 10
57.
58.# additional paths to search for roles in, colon separated
59.#roles_path = /etc/ansible/roles
60.
61.# uncomment this to disable SSH key host checking
62.#host_key_checking = False
63.
64.# change the default callback
65.#stdout_callback = skippy
66.# enable additional callbacks
67.#callback_whitelist = timer, mail
68.
69.# Determine whether includes in tasks and handlers are "static" by
70.# default. As of 2.0, includes are dynamic by default. Setting these
71.# values to True will make includes behave more like they did in the
72.# 1.x versions.
73.#task_includes_static = True
74.#handler_includes_static = True
75.
76.# Controls if a missing handler for a notification event is an error or a warning
77.#error_on_missing_handler = True
78.
79.# change this for alternative sudo implementations
80.#sudo_exe = sudo
81.
82.# What flags to pass to sudo
83.# WARNING: leaving out the defaults might create unexpected behaviours
84.#sudo_flags = -H -S -n
85.
86.# SSH timeout
87.#timeout = 10
88.
89.# default user to use for playbooks if user is not specified
90.# (/usr/bin/ansible will use current user as default)
91.#remote_user = root
92.
93.# logging is off by default unless this path is defined
94.# if so defined, consider logrotate
95.#log_path = /var/log/ansible.log
96.
97.# default module name for /usr/bin/ansible
98.#module_name = command
99.
100.# use this shell for commands executed under sudo
101.# you may need to change this to bin/bash in rare instances
102.# if sudo is constrained
103.#executable = /bin/sh
104.
105.# if inventory variables overlap, does the higher precedence one win
106.# or are hash values merged together? The default is 'replace' but
107.# this can also be set to 'merge'.
108.#hash_behaviour = replace
109.
110.# by default, variables from roles will be visible in the global variable
111.# scope. To prevent this, the following option can be enabled, and only
112.# tasks and handlers within the role will see the variables there
113.#private_role_vars = yes
114.
115.# list any Jinja2 extensions to enable here:
116.#jinja2_extensions = jinja2.ext.do,jinja2.ext.i18n
117.
118.# if set, always use this private key file for authentication, same as
119.# if passing --private-key to ansible or ansible-playbook
120.#private_key_file = /path/to/file
121.
122.# If set, configures the path to the Vault password file as an alternative to
123.# specifying --vault-password-file on the command line.
124.#vault_password_file = /path/to/vault_password_file
125.
126.# format of string {{ ansible_managed }} available within Jinja2
127.# templates indicates to users editing templates files will be replaced.
128.# replacing {file}, {host} and {uid} and strftime codes with proper values.
129.#ansible_managed = Ansible managed: {file} modified on %Y-%m-%d %H:%M:%S by {uid} on {host}
130.# {file}, {host}, {uid}, and the timestamp can all interfere with idempotence
131.# in some situations so the default is a static string:
132.#ansible_managed = Ansible managed
133.
134.# by default, ansible-playbook will display "Skipping [host]" if it determines a task
135.# should not be run on a host. Set this to "False" if you don't want to see these "Skipping"
136.# messages. NOTE: the task header will still be shown regardless of whether or not the
137.# task is skipped.
138.#display_skipped_hosts = True
139.
140.# by default, if a task in a playbook does not include a name: field then
141.# ansible-playbook will construct a header that includes the task's action but
142.# not the task's args. This is a security feature because ansible cannot know
143.# if the *module* considers an argument to be no_log at the time that the
144.# header is printed. If your environment doesn't have a problem securing
145.# stdout from ansible-playbook (or you have manually specified no_log in your
146.# playbook on all of the tasks where you have secret information) then you can
147.# safely set this to True to get more informative messages.
148.#display_args_to_stdout = False
149.
150.# by default (as of 1.3), Ansible will raise errors when attempting to dereference
151.# Jinja2 variables that are not set in templates or action lines. Uncomment this line
152.# to revert the behavior to pre-1.3.
153.#error_on_undefined_vars = False
154.
155.# by default (as of 1.6), Ansible may display warnings based on the configuration of the
156.# system running ansible itself. This may include warnings about 3rd party packages or
157.# other conditions that should be resolved if possible.
158.# to disable these warnings, set the following value to False:
159.#system_warnings = True
160.
161.# by default (as of 1.4), Ansible may display deprecation warnings for language
162.# features that should no longer be used and will be removed in future versions.
163.# to disable these warnings, set the following value to False:
164.#deprecation_warnings = True
165.
166.# (as of 1.8), Ansible can optionally warn when usage of the shell and
167.# command module appear to be simplified by using a default Ansible module
168.# instead. These warnings can be silenced by adjusting the following
169.# setting or adding warn=yes or warn=no to the end of the command line
170.# parameter string. This will for example suggest using the git module
171.# instead of shelling out to the git command.
172.# command_warnings = False
173.
174.
175.# set plugin path directories here, separate with colons
176.#action_plugins = /usr/share/ansible/plugins/action
177.#cache_plugins = /usr/share/ansible/plugins/cache
178.#callback_plugins = /usr/share/ansible/plugins/callback
179.#connection_plugins = /usr/share/ansible/plugins/connection
180.#lookup_plugins = /usr/share/ansible/plugins/lookup
181.#inventory_plugins = /usr/share/ansible/plugins/inventory
182.#vars_plugins = /usr/share/ansible/plugins/vars
183.#filter_plugins = /usr/share/ansible/plugins/filter
184.#test_plugins = /usr/share/ansible/plugins/test
185.#terminal_plugins = /usr/share/ansible/plugins/terminal
186.#strategy_plugins = /usr/share/ansible/plugins/strategy
187.
188.
189.# by default, ansible will use the 'linear' strategy but you may want to try
190.# another one
191.#strategy = free
192.
193.# by default callbacks are not loaded for /bin/ansible, enable this if you
194.# want, for example, a notification or logging callback to also apply to
195.# /bin/ansible runs
196.#bin_ansible_callbacks = False
197.
198.
199.# don't like cows? that's unfortunate.
200.# set to 1 if you don't want cowsay support or export ANSIBLE_NOCOWS=1
201.#nocows = 1
202.
203.# set which cowsay stencil you'd like to use by default. When set to 'random',
204.# a random stencil will be selected for each task. The selection will be filtered
205.# against the `cow_whitelist` option below.
206.#cow_selection = default
207.#cow_selection = random
208.
209.# when using the 'random' option for cowsay, stencils will be restricted to this list.
210.# it should be formatted as a comma-separated list with no spaces between names.
211.# NOTE: line continuations here are for formatting purposes only, as the INI parser
212.# in python does not support them.
213.#cow_whitelist=bud-frogs,bunny,cheese,daemon,default,dragon,elephant-in-snake,elephant,eyes,\
214.# hellokitty,kitty,luke-koala,meow,milk,moofasa,moose,ren,sheep,small,stegosaurus,\
215.# stimpy,supermilker,three-eyes,turkey,turtle,tux,udder,vader-koala,vader,www
216.
217.# don't like colors either?
218.# set to 1 if you don't want colors, or export ANSIBLE_NOCOLOR=1
219.#nocolor = 1
220.
221.# if set to a persistent type (not 'memory', for example 'redis') fact values
222.# from previous runs in Ansible will be stored. This may be useful when
223.# wanting to use, for example, IP information from one group of servers
224.# without having to talk to them in the same playbook run to get their
225.# current IP information.
226.#fact_caching = memory
227.
228.
229.# retry files
230.# When a playbook fails by default a .retry file will be created in ~/
231.# You can disable this feature by setting retry_files_enabled to False
232.# and you can change the location of the files by setting retry_files_save_path
233.
234.#retry_files_enabled = False
235.#retry_files_save_path = ~/.ansible-retry
236.
237.# squash actions
238.# Ansible can optimise actions that call modules with list parameters
239.# when looping. Instead of calling the module once per with_ item, the
240.# module is called once with all items at once. Currently this only works
241.# under limited circumstances, and only with parameters named 'name'.
242.#squash_actions = apk,apt,dnf,homebrew,pacman,pkgng,yum,zypper
243.
244.# prevents logging of task data, off by default
245.#no_log = False
246.
247.# prevents logging of tasks, but only on the targets, data is still logged on the master/controller
248.#no_target_syslog = False
249.
250.# controls whether Ansible will raise an error or warning if a task has no
251.# choice but to create world readable temporary files to execute a module on
252.# the remote machine. This option is False by default for security. Users may
253.# turn this on to have behaviour more like Ansible prior to 2.1.x. See
254.# https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user
255.# for more secure ways to fix this than enabling this option.
256.#allow_world_readable_tmpfiles = False
257.
258.# controls the compression level of variables sent to
259.# worker processes. At the default of 0, no compression
260.# is used. This value must be an integer from 0 to 9.
261.#var_compression_level = 9
262.
263.# controls what compression method is used for new-style ansible modules when
264.# they are sent to the remote system. The compression types depend on having
265.# support compiled into both the controller's python and the client's python.
266.# The names should match with the python Zipfile compression types:
267.# * ZIP_STORED (no compression. available everywhere)
268.# * ZIP_DEFLATED (uses zlib, the default)
269.# These values may be set per host via the ansible_module_compression inventory
270.# variable
271.#module_compression = 'ZIP_DEFLATED'
272.
273.# This controls the cutoff point (in bytes) on --diff for files
274.# set to 0 for unlimited (RAM may suffer!).
275.#max_diff_size = 1048576
276.
277.# This controls how ansible handles multiple --tags and --skip-tags arguments
278.# on the CLI. If this is True then multiple arguments are merged together. If
279.# it is False, then the last specified argument is used and the others are ignored.
280.#merge_multiple_cli_flags = False
281.
282.# Controls showing custom stats at the end, off by default
283.#show_custom_stats = True
284.
285.# Controls which files to ignore when using a directory as inventory with
286.# possibly multiple sources (both static and dynamic)
287.#inventory_ignore_extensions = ~, .orig, .bak, .ini, .cfg, .retry, .pyc, .pyo
288.
289.# This family of modules use an alternative execution path optimized for network appliances
290.# only update this setting if you know how this works, otherwise it can break module execution
291.#network_group_modules=['eos', 'nxos', 'ios', 'iosxr', 'junos', 'vyos']
292.
293.# When enabled, this option allows lookups (via variables like {{lookup('foo')}} or when used as
294.# a loop with `with_foo`) to return data that is not marked "unsafe". This means the data may contain
295.# jinja2 templating language which will be run through the templating engine.
296.# ENABLING THIS COULD BE A SECURITY RISK
297.#allow_unsafe_lookups = False
298.
299.[privilege_escalation]
300.#become=True
301.#become_method=sudo
302.#become_user=root
303.#become_ask_pass=False
304.
305.[paramiko_connection]
306.
307.# uncomment this line to cause the paramiko connection plugin to not record new host
308.# keys encountered. Increases performance on new host additions. Setting works independently of the
309.# host key checking setting above.
310.#record_host_keys=False
311.
312.# by default, Ansible requests a pseudo-terminal for commands executed under sudo. Uncomment this
313.# line to disable this behaviour.
314.#pty=False
315.
316.# paramiko will default to looking for SSH keys initially when trying to
317.# authenticate to remote devices. This is a problem for some network devices
318.# that close the connection after a key failure. Uncomment this line to
319.# disable the Paramiko look for keys function
320.#look_for_keys = False
321.
322.# When using persistent connections with Paramiko, the connection runs in a
323.# background process. If the host doesn't already have a valid SSH key, by
324.# default Ansible will prompt to add the host key. This will cause connections
325.# running in background processes to fail. Uncomment this line to have
326.# Paramiko automatically add host keys.
327.#host_key_auto_add = True
328.
329.[ssh_connection]
330.
331.# ssh arguments to use
332.# Leaving off ControlPersist will result in poor performance, so use
333.# paramiko on older platforms rather than removing it, -C controls compression use
334.#ssh_args = -C -o ControlMaster=auto -o ControlPersist=60s
335.
336.# The base directory for the ControlPath sockets.
337.# This is the "%(directory)s" in the control_path option
338.#
339.# Example:
340.# control_path_dir = /tmp/.ansible/cp
341.#control_path_dir = ~/.ansible/cp
342.
343.# The path to use for the ControlPath sockets. This defaults to a hashed string of the hostname,
344.# port and username (empty string in the config). The hash mitigates a common problem users
345.# found with long hostames and the conventional %(directory)s/ansible-ssh-%%h-%%p-%%r format.
346.# In those cases, a "too long for Unix domain socket" ssh error would occur.
347.#
348.# Example:
349.# control_path = %(directory)s/%%h-%%r
350.#control_path =
351.
352.# Enabling pipelining reduces the number of SSH operations required to
353.# execute a module on the remote server. This can result in a significant
354.# performance improvement when enabled, however when using "sudo:" you must
355.# first disable 'requiretty' in /etc/sudoers
356.#
357.# By default, this option is disabled to preserve compatibility with
358.# sudoers configurations that have requiretty (the default on many distros).
359.#
360.#pipelining = False
361.
362.# Control the mechanism for transferring files (old)
363.# * smart = try sftp and then try scp [default]
364.# * True = use scp only
365.# * False = use sftp only
366.#scp_if_ssh = smart
367.
368.# Control the mechanism for transferring files (new)
369.# If set, this will override the scp_if_ssh option
370.# * sftp = use sftp to transfer files
371.# * scp = use scp to transfer files
372.# * piped = use 'dd' over SSH to transfer files
373.# * smart = try sftp, scp, and piped, in that order [default]
374.#transfer_method = smart
375.
376.# if False, sftp will not use batch mode to transfer files. This may cause some
377.# types of file transfer failures impossible to catch however, and should
378.# only be disabled if your sftp version has problems with batch mode
379.#sftp_batch_mode = False
380.
381.[persistent_connection]
382.
383.# Configures the persistent connection timeout value in seconds. This value is
384.# how long the persistent connection will remain idle before it is destroyed.
385.# If the connection doesn't receive a request before the timeout value
386.# expires, the connection is shutdown. The default value is 30 seconds.
387.connect_timeout = 30
388.
389.# Configures the persistent connection retries. This value configures the
390.# number of attempts the ansible-connection will make when trying to connect
391.# to the local domain socket. The default value is 30.
392.connect_retries = 30
393.
394.# Configures the amount of time in seconds to wait between connection attempts
395.# to the local unix domain socket. This value works in conjunction with the
396.# connect_retries value to define how long to try to connect to the local
397.# domain socket when setting up a persistent connection. The default value is
398.# 1 second.
399.connect_interval = 1
400.
401.[accelerate]
402.#accelerate_port = 5099
403.#accelerate_timeout = 30
404.#accelerate_connect_timeout = 5.0
405.
406.# The daemon timeout is measured in minutes. This time is measured
407.# from the last activity to the accelerate daemon.
408.#accelerate_daemon_timeout = 30
409.
410.# If set to yes, accelerate_multi_key will allow multiple
411.# private keys to be uploaded to it, though each user must
412.# have access to the system via SSH to add a new key. The default
413.# is "no".
414.#accelerate_multi_key = yes
415.
416.[selinux]
417.# file systems that require special treatment when dealing with security context
418.# the default behaviour that copies the existing context or uses the user default
419.# needs to be changed to use the file system dependent context.
420.#special_context_filesystems=nfs,vboxsf,fuse,ramfs,9p
421.
422.# Set this to yes to allow libvirt_lxc connections to work without SELinux.
423.#libvirt_lxc_noseclabel = yes
424.
425.[colors]
426.#highlight = white
427.#verbose = blue
428.#warn = bright purple
429.#error = red
430.#debug = dark gray
431.#deprecate = purple
432.#skip = cyan
433.#unreachable = red
434.#ok = green
435.#changed = yellow
436.#diff_add = green
437.#diff_remove = red
438.#diff_lines = cyan
439.
440.
441.[diff]
442.# Always print diff when running ( same as always running with -D/--diff )
443.# always = no
444.
445.# Set how many context lines to show in diff
446.# context = 3
编辑如下参数
1.remote_port = 36000 <------指定远程的端口
2.private_key_file = /root/.ssh/id_rsa_storm1 <------指定私钥的路径
2、编辑主机列表
1.vim /etc/ansible/hosts
1.# It should live in /etc/ansible/hosts
2.#
3.# - Comments begin with the '#' character
4.# - Blank lines are ignored
5.# - Groups of hosts are delimited by [header] elements
6.# - You can enter hostnames or ip addresses
7.# - A hostname/ip can be a member of multiple groups
8.
9.# Ex 1: Ungrouped hosts, specify before any group headers.
10.
11.## green.example.com
12.## blue.example.com
13.## 192.168.100.1
14.## 192.168.100.10
15.
16.# Ex 2: A collection of hosts belonging to the 'webservers' group
17.
18.## [webservers] <------web服务器
19.## alpha.example.org
20.## beta.example.org
21.## 192.168.1.100
22.## 192.168.1.110
23.
24.# If you have multiple hosts following a pattern you can specify
25.# them like this:
26.
27.## www[001:006].example.com
28.
29.# Ex 3: A collection of database servers in the 'dbservers' group
30.
31.## [dbservers] <-------数据库服务器
32.##
33.## db01.intranet.mydomain.net
34.## db02.intranet.mydomain.net
35.## 10.25.1.56
36.## 10.25.1.57
37.
38.# Here's another example of host ranges, this time there are no
39.# leading 0s:
40.
41.## db-[99:101]-node.example.com
二、测试
1.[root@centos-2 .ssh]# ansible centos_lan -m command -a 'uptime'
2.192.168.121.21 | UNREACHABLE! => {
3. "changed": false,
4. "msg": "Failed to connect to the host via ssh: no such identity: /root.ssh/id_rsa: No such file or directory\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n",
5. "unreachable": true
6.}
7.192.168.121.20 | UNREACHABLE! => {
8. "changed": false,
9. "msg": "Failed to connect to the host via ssh: no such identity: /root.ssh/id_rsa: No such file or directory\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n",
10. "unreachable": true
11.}
12.
秘钥路径出错
修正之后:
1.[root@centos-2 .ssh]# ansible centos_lan -m command -a 'uptime'
2.192.168.121.21 | SUCCESS | rc=0 >>
3. 00:34:31 up 4:55, 3 users, load average: 0.00, 0.01, 0.05
4.
5.192.168.121.20 | SUCCESS | rc=0 >>
6. 00:34:32 up 4:55, 4 users, load average: 0.02, 0.03, 0.05
7.
三、常用模块
1、setup
查看远程主机的一些基本信息
1.ansible centos_lan -m setup
2、ping
测试远程主机的运行状态
1.ansible centos_lan -m ping
1.[root@centos-2 .ssh]# ansible centos_lan -m ping
2.192.168.121.21 | SUCCESS => {
3. "changed": false,
4. "ping": "pong"
5.}
6.192.168.121.20 | SUCCESS => {
7. "changed": false,
8. "ping": "pong"
9.}
配合文件查看目录信息
1.[root@localhost lcr]# ansible centos_lan -m command -a 'ls /tmp'
2.192.168.121.20 | SUCCESS | rc=0 >>
3.ansible_1.cfg
4.ansible_K4YjZU
5.rock_1.sh
6.ssh-QBoO5W16AmeK
7.systemd-private-79934d61c2e94d51ba617d18db8394eb-colord.service-6gnj3Y
8.systemd-private-79934d61c2e94d51ba617d18db8394eb-cups.service-Tw94Vz
9.systemd-private-79934d61c2e94d51ba617d18db8394eb-rtkit-daemon.service-r8qZWL
10.systemd-private-79934d61c2e94d51ba617d18db8394eb-vmtoolsd.service-7EYhR0
11.tracker-extract-files.1000
12.vmware-root
13.
14.192.168.121.21 | SUCCESS | rc=0 >>
15.ansible_1.cfg
16.ansible_dGezpj
17.firefox_lcr
18.rock_1.sh
19.ssh-SkcRuQhknCoW
20.systemd-private-b5ff0da976544d6d8ef4419a659d8666-colord.service-IEII7I
21.systemd-private-b5ff0da976544d6d8ef4419a659d8666-cups.service-lAXNLJ
22.systemd-private-b5ff0da976544d6d8ef4419a659d8666-rtkit-daemon.service-P1VN9G
23.systemd-private-b5ff0da976544d6d8ef4419a659d8666-vmtoolsd.service-zcpOKA
24.tracker-extract-files.1000
25.vmware-root
可以看到ansible_a.cfg文件已经存在目录tmp里面
3、file
设置文件属性
参数:
| 参数 | 说明 |
|---|---|
| force | 需要在两种情况下强制创建软链接,一种是源文件不存在,但之后会建立的情况下;另一种是目标软链接已存在,需要先取消之前的软链,然后创建新的软链,有两个选项:yes |
| group | 定义文件/目录的属组 |
| mode | 定义文件/目录的权限 |
| owner | 定义文件/目录的属主 |
| path | 必选项,定义文件/目录的路径 |
| recurse | 递归设置文件的属性,只对目录有效 |
| src | 被链接的源文件路径,只应用于state=link的情况 |
| dest | 被链接到的路径,只应用于state=link的情况 |
| state | |
| directory | 如果目录不存在,就创建目录 |
| file | 即使文件不存在,也不会被创建 |
| link | 创建软链接 |
| hard | 创建硬链接 |
| touch | 如果文件不存在,则会创建一个新的文件,如果文件或目录已存在,则更新其最后修改时间 |
| absent | 删除目录、文件或者取消链接文件 |
4、copy
复制文件到远程主机
相关选项如下:
| 参数 | 说明 |
|---|---|
| backup: | 在覆盖之前,将源文件备份,备份文件包含时间信息。有两个选项:yes |
| content: | 用于替代“src”,可以直接设定指定文件的值 |
| dest: | 必选项。要将源文件复制到的远程主机的绝对路径,如果源文件是一个目录,那么该路径也必须是个目录 |
| directory_mode: | 递归设定目录的权限,默认为系统默认权限 |
| force: | 如果目标主机包含该文件,但内容不同,如果设置为yes,则强制覆盖,如果为no,则只有当目标主机的目标位置不存在该文件时,才复制。默认为yes |
| others: | 所有的file模块里的选项都可以在这里使用 |
| src: | 被复制到远程主机的本地文件,可以是绝对路径,也可以是相对路径。如果路径是一个目录,它将递归复制。在这种情况下,如果路径使用“/”来结尾,则只复制目录里的内容,如果没有使用“/”来结尾,则包含目录在内的整个内容全部复制,类似于rsync。 |
实践
复制一个文件到指定目录
1.[root@localhost lcr]# ansible centos_lan -m copy -a 'src=/etc/ansible/ansible.cfg dest=/tmp/ansible_1.cfg owner=root group=root mode=0644'
2.192.168.121.20 | SUCCESS => {
3. "changed": true,
4. "checksum": "c287cd6a9b67b59b4c95d3d484f8c77a73590190",
5. "dest": "/tmp/ansible_1.cfg",
6. "gid": 0,
7. "group": "root",
8. "md5sum": "626b1385b8ffdc42078191f84a053f98",
9. "mode": "0644",
10. "owner": "root",
11. "size": 18068,
12. "src": "/root/.ansible/tmp/ansible-tmp-1505300181.84-158716954958084/source",
13. "state": "file",
14. "uid": 0
15.}
16.192.168.121.21 | SUCCESS => {
17. "changed": true,
18. "checksum": "c287cd6a9b67b59b4c95d3d484f8c77a73590190",
19. "dest": "/tmp/ansible_1.cfg",
20. "gid": 0,
21. "group": "root",
22. "md5sum": "626b1385b8ffdc42078191f84a053f98",
23. "mode": "0644",
24. "owner": "root",
25. "size": 18068,
26. "src": "/root/.ansible/tmp/ansible-tmp-1505300181.86-116004885026797/source",
27. "state": "file",
28. "uid": 0
29.}
5、command
在远程主机上执行命令
相关选项如下:
| 参数 | 说明 |
|---|---|
| creates | 一个文件名,当该文件存在,则该命令不执行 |
| free_form | 要执行的linux指令 |
| chdir | 在执行指令之前,先切换到该目录 |
| removes | 一个文件名,当该文件不存在,则该选项不执行 |
| executable | 切换shell来执行指令,该执行路径必须是一个绝对路径 |
实践
查看服务器的网卡信息
1.[root@localhost lcr]# ansible centos_lan -m command -a 'ifconfig'
2.192.168.121.20 | SUCCESS | rc=0 >>
3.ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
4. inet 192.168.121.20 netmask 255.255.255.0 broadcast 192.168.121.255
5. inet6 fe80::1d05:51e6:2640:e71d prefixlen 64 scopeid 0x20<link>
6. ether 00:0c:29:2d:25:cb txqueuelen 1000 (Ethernet)
7. RX packets 3380 bytes 1255318 (1.1 MiB)
8. RX errors 0 dropped 0 overruns 0 frame 0
9. TX packets 1877 bytes 344306 (336.2 KiB)
10. TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
11.
12.lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
13. inet 127.0.0.1 netmask 255.0.0.0
14. inet6 ::1 prefixlen 128 scopeid 0x10<host>
15. loop txqueuelen 1 (Local Loopback)
16. RX packets 112 bytes 9672 (9.4 KiB)
17. RX errors 0 dropped 0 overruns 0 frame 0
18. TX packets 112 bytes 9672 (9.4 KiB)
19. TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
20.
21.virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
22. inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
23. ether 52:54:00:aa:8d:70 txqueuelen 1000 (Ethernet)
24. RX packets 0 bytes 0 (0.0 B)
25. RX errors 0 dropped 0 overruns 0 frame 0
26. TX packets 0 bytes 0 (0.0 B)
27. TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
28.
29.192.168.121.21 | SUCCESS | rc=0 >>
30.ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
31. inet 192.168.121.21 netmask 255.255.255.0 broadcast 192.168.121.255
32. inet6 fe80::1d05:51e6:2640:e71d prefixlen 64 scopeid 0x20<link>
33. inet6 fe80::2d5f:8df1:72aa:f7a0 prefixlen 64 scopeid 0x20<link>
34. ether 00:0c:29:1e:31:d0 txqueuelen 1000 (Ethernet)
35. RX packets 15323 bytes 9497619 (9.0 MiB)
36. RX errors 0 dropped 0 overruns 0 frame 0
37. TX packets 8194 bytes 843129 (823.3 KiB)
38. TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
39.
40.lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
41. inet 127.0.0.1 netmask 255.0.0.0
42. inet6 ::1 prefixlen 128 scopeid 0x10<host>
43. loop txqueuelen 1 (Local Loopback)
44. RX packets 1138 bytes 122318 (119.4 KiB)
45. RX errors 0 dropped 0 overruns 0 frame 0
46. TX packets 1138 bytes 122318 (119.4 KiB)
47. TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
48.
49.virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
50. inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
51. ether 52:54:00:aa:8d:70 txqueuelen 1000 (Ethernet)
52. RX packets 0 bytes 0 (0.0 B)
53. RX errors 0 dropped 0 overruns 0 frame 0
54. TX packets 0 bytes 0 (0.0 B)
55. TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
6、shell
切换到某个shell执行指定的指令,参数与command相同。
与command不同的是,此模块可以支持命令管道,同时还有另一个模块也具备此功能:raw
示例:
1.## 先在本地创建一个SHELL脚本
2.# vim /tmp/rocketzhang_test.sh
3.#!/bin/sh
4.date +%F_%H:%M:%S
1.##修改脚本权限
2.#chmod +x /tmp/rocketzhang_test.sh
1.## 将创建的脚本文件分发到远程
2.# ansible storm_cluster -m copy -a "src=/tmp/rocketzhang_test.sh dest=/tmp/rocketzhang_test.sh owner=root group=root mode=0755"
1.## 远程执行
2.# ansible storm_cluster -m shell -a "/tmp/rocketzhang_test.sh"
实践
1、创建脚本
1.[root@localhost lcr]# vim /tmp/rock.sh
2、内容如下
1.#!/bin/sh
2.date +%F_%H%M%S
3、修改脚本权限
1.[root@centos-2 .ssh]# chmod +x /tmp/rock.sh
4、发送脚本
1.[root@centos-2 .ssh]# ansible centos_lan -m copy -a "src=/tmp/rock.sh dest=/tmp/rock_1.sh owner=root group=root mode=0755"
2.192.168.121.21 | SUCCESS => {
3. "changed": true,
4. "checksum": "eb4e5f9ee88460fc30341eaaa2b902290711d1cd",
5. "dest": "/tmp/rock_1.sh",
6. "gid": 0,
7. "group": "root",
8. "md5sum": "5d50a2289f64158a3f650f99a883ca8a",
9. "mode": "0755",
10. "owner": "root",
11. "size": 25,
12. "src": "/root/.ansible/tmp/ansible-tmp-1505283425.99-86395790460734/source",
13. "state": "file",
14. "uid": 0
15.}
16.192.168.121.20 | FAILED! => {
17. "changed": false,
18. "checksum": "eb4e5f9ee88460fc30341eaaa2b902290711d1cd",
19. "failed": true,
20. "msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!"
21.}
服务器192.168.121.20报错
提示:
1.Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!
被取消,缺失:libselinux-python,该机python已经升级到了3.6,初步判断为python关联关系问题
先尝试安装
1.##ssh连接到192.168.121.20
2.[root@centos-2 .ssh]# ssh root@192.168.121.20
3.Last login: Wed Sep 13 14:17:06 2017 from centos-2.lan
1.[root@centos-0 bin]# yum install libselinux-python
2.已加载插件:fastestmirror, langpacks
3.Loading mirror speeds from cached hostfile
4. * base: ftp.sjtu.edu.cn
5. * extras: mirrors.nwsuaf.edu.cn
6. * updates: mirrors.nwsuaf.edu.cn
7.软件包 libselinux-python-2.5-6.el7.x86_64 已安装并且是最新版本
8.无须任何处理
已经安装,进一步说明是关联关系问题
降级为旧版python
重新发送脚本
1.rock_1.sh owner=root group=root mode=0755'
2.192.168.121.21 | SUCCESS => {
3. "changed": true,
4. "checksum": "cd85b7ef0e27ccb3ab7e3a340e0c5548c46e3248",
5. "dest": "/tmp/rock_1.sh",
6. "gid": 0,
7. "group": "root",
8. "md5sum": "fd4082505b75d26fb4025ef972eca1d4",
9. "mode": "0755",
10. "owner": "root",
11. "size": 26,
12. "src": "/root/.ansible/tmp/ansible-tmp-1505299069.67-221258865504536/source",
13. "state": "file",
14. "uid": 0
15.}
16.192.168.121.20 | SUCCESS => {
17. "changed": true,
18. "checksum": "cd85b7ef0e27ccb3ab7e3a340e0c5548c46e3248",
19. "dest": "/tmp/rock_1.sh",
20. "gid": 0,
21. "group": "root",
22. "md5sum": "fd4082505b75d26fb4025ef972eca1d4",
23. "mode": "0755",
24. "owner": "root",
25. "size": 26,
26. "src": "/root/.ansible/tmp/ansible-tmp-1505299069.64-210400102201250/source",
27. "state": "file",
28. "uid": 0
29.}
5、执行脚本
1.[root@localhost lcr]# ansible centos_lan -m shell -a '/tmp/rock_1.sh'
2.192.168.121.20 | SUCCESS | rc=0 >>
3.2017-09-13_184307
4.
5.192.168.121.21 | SUCCESS | rc=0 >>
6.2017-09-13_184307
7、更多模块
更多模块
其他常用模块,比如:service、cron、yum、synchronize就不一一例举,可以结合自身的系统环境进行测试。
| 模块 | 功能说明 |
|---|---|
| service | 系统服务管理 |
| cron | 计划任务管理 |
| yum | yum软件包安装管理 |
| synchronize | 使用rsync同步文件 |
| user | 系统用户管理 |
| group | 系统用户组管理 |
更多模块可以参考:
1.#ansible-doc –l
四、综合实践
使用ansible部署mediawiki
环境:
系统:CentOS7
1、环境搭建
mediawiki所需环境要求:MediaWiki requires PHP 5.5.9+ and either MySQL 5.0.2+, MariaDB
检查现有环境
1.[root@localhost lcr]# ansible centos_lan -m command -a 'php -v'
2.192.168.121.21 | SUCCESS | rc=0 >>
3.PHP 5.4.16 (cli) (built: Nov 6 2016 00:29:02)
4.Copyright (c) 1997-2013 The PHP Group
5.Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologies
6.
7.192.168.121.20 | SUCCESS | rc=0 >>
8.PHP 5.4.16 (cli) (built: Nov 6 2016 00:29:02)
9.Copyright (c) 1997-2013 The PHP Group
10.Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologies
版本过低
删除现有旧版本
1.[root@localhost lcr]# ansible centos_lan -m command -a 'yum -y remove php-common'
2. [WARNING]: Consider using yum module rather than running yum
3.
4.192.168.121.21 | SUCCESS | rc=0 >>
5.已加载插件:fastestmirror, langpacks
6.正在解决依赖关系
7.--> 正在检查事务
8.---> 软件包 php-common.x86_64.0.5.4.16-42.el7 将被 删除
9.--> 正在处理依赖关系 php-bz2,它被软件包 1:php-pear-1.9.4-21.el7.noarch 需要
10.--> 正在处理依赖关系 php-ftp,它被软件包 1:php-pear-1.9.4-21.el7.noarch 需要
11.--> 正在处理依赖关系 php-pcre,它被软件包 1:php-pear-1.9.4-21.el7.noarch 需要
12.--> 正在处理依赖关系 php-tokenizer,它被软件包 1:php-pear-1.9.4-21.el7.noarch 需要
13.--> 正在处理依赖关系 php-zlib,它被软件包 1:php-pear-1.9.4-21.el7.noarch 需要
14.--> 正在处理依赖关系 php-common(x86-64) = 5.4.16-42.el7,它被软件包 php-pdo-5.4.16-42.el7.x86_64 需要
15.--> 正在处理依赖关系 php-common(x86-64) = 5.4.16-42.el7,它被软件包 php-process-5.4.16-42.el7.x86_64 需要
16.--> 正在处理依赖关系 php-common(x86-64) = 5.4.16-42.el7,它被软件包 php-cli-5.4.16-42.el7.x86_64 需要
17.--> 正在处理依赖关系 php-common(x86-64) = 5.4.16-42.el7,它被软件包 php-gd-5.4.16-42.el7.x86_64 需要
18.--> 正在处理依赖关系 php-common(x86-64) = 5.4.16-42.el7,它被软件包 php-xml-5.4.16-42.el7.x86_64 需要
19.--> 正在处理依赖关系 php-common(x86-64) = 5.4.16-42.el7,它被软件包 php-5.4.16-42.el7.x86_64 需要
20.--> 正在检查事务
21.---> 软件包 php.x86_64.0.5.4.16-42.el7 将被 删除
22.---> 软件包 php-cli.x86_64.0.5.4.16-42.el7 将被 删除
23.---> 软件包 php-gd.x86_64.0.5.4.16-42.el7 将被 删除
24.---> 软件包 php-pdo.x86_64.0.5.4.16-42.el7 将被 删除
25.---> 软件包 php-pear.noarch.1.1.9.4-21.el7 将被 删除
26.---> 软件包 php-process.x86_64.0.5.4.16-42.el7 将被 删除
27.---> 软件包 php-xml.x86_64.0.5.4.16-42.el7 将被 删除
28.--> 解决依赖关系完成
29.
30.依赖关系解决
31.
32.================================================================================
33. Package 架构 版本 源 大小
34.================================================================================
35.正在删除:
36. php-common x86_64 5.4.16-42.el7 @anaconda 3.8 M
37.为依赖而移除:
38. php x86_64 5.4.16-42.el7 @anaconda 4.4 M
39. php-cli x86_64 5.4.16-42.el7 @anaconda 8.8 M
40. php-gd x86_64 5.4.16-42.el7 @anaconda 342 k
41. php-pdo x86_64 5.4.16-42.el7 @anaconda 192 k
42. php-pear noarch 1:1.9.4-21.el7 @anaconda 2.2 M
43. php-process x86_64 5.4.16-42.el7 @anaconda 78 k
44. php-xml x86_64 5.4.16-42.el7 @anaconda 325 k
45.
46.事务概要
47.================================================================================
48.移除 1 软件包 (+7 依赖软件包)
49.
50.安装大小:20 M
51.Downloading packages:
52.Running transaction check
53.Running transaction test
54.Transaction test succeeded
55.Running transaction
56. 正在删除 : 1:php-pear-1.9.4-21.el7.noarch 1/8
57. 正在删除 : php-5.4.16-42.el7.x86_64 2/8
58. 正在删除 : php-cli-5.4.16-42.el7.x86_64 3/8
59. 正在删除 : php-process-5.4.16-42.el7.x86_64 4/8
60. 正在删除 : php-xml-5.4.16-42.el7.x86_64 5/8
61. 正在删除 : php-pdo-5.4.16-42.el7.x86_64 6/8
62. 正在删除 : php-gd-5.4.16-42.el7.x86_64 7/8
63. 正在删除 : php-common-5.4.16-42.el7.x86_64 8/8
64. 验证中 : php-cli-5.4.16-42.el7.x86_64 1/8
65. 验证中 : php-xml-5.4.16-42.el7.x86_64 2/8
66. 验证中 : php-gd-5.4.16-42.el7.x86_64 3/8
67. 验证中 : php-5.4.16-42.el7.x86_64 4/8
68. 验证中 : php-process-5.4.16-42.el7.x86_64 5/8
69. 验证中 : php-pdo-5.4.16-42.el7.x86_64 6/8
70. 验证中 : php-common-5.4.16-42.el7.x86_64 7/8
71. 验证中 : 1:php-pear-1.9.4-21.el7.noarch 8/8
72.
73.删除:
74. php-common.x86_64 0:5.4.16-42.el7
75.
76.作为依赖被删除:
77. php.x86_64 0:5.4.16-42.el7 php-cli.x86_64 0:5.4.16-42.el7
78. php-gd.x86_64 0:5.4.16-42.el7 php-pdo.x86_64 0:5.4.16-42.el7
79. php-pear.noarch 1:1.9.4-21.el7 php-process.x86_64 0:5.4.16-42.el7
80. php-xml.x86_64 0:5.4.16-42.el7
81.
82.完毕!
83.
84.192.168.121.20 | SUCCESS | rc=0 >>
85.已加载插件:fastestmirror, langpacks
86.正在解决依赖关系
87.--> 正在检查事务
88.---> 软件包 php-common.x86_64.0.5.4.16-42.el7 将被 删除
89.--> 正在处理依赖关系 php-bz2,它被软件包 1:php-pear-1.9.4-21.el7.noarch 需要
90.--> 正在处理依赖关系 php-ftp,它被软件包 1:php-pear-1.9.4-21.el7.noarch 需要
91.--> 正在处理依赖关系 php-pcre,它被软件包 1:php-pear-1.9.4-21.el7.noarch 需要
92.--> 正在处理依赖关系 php-tokenizer,它被软件包 1:php-pear-1.9.4-21.el7.noarch 需要
93.--> 正在处理依赖关系 php-zlib,它被软件包 1:php-pear-1.9.4-21.el7.noarch 需要
94.--> 正在处理依赖关系 php-common(x86-64) = 5.4.16-42.el7,它被软件包 php-pdo-5.4.16-42.el7.x86_64 需要
95.--> 正在处理依赖关系 php-common(x86-64) = 5.4.16-42.el7,它被软件包 php-process-5.4.16-42.el7.x86_64 需要
96.--> 正在处理依赖关系 php-common(x86-64) = 5.4.16-42.el7,它被软件包 php-cli-5.4.16-42.el7.x86_64 需要
97.--> 正在处理依赖关系 php-common(x86-64) = 5.4.16-42.el7,它被软件包 php-gd-5.4.16-42.el7.x86_64 需要
98.--> 正在处理依赖关系 php-common(x86-64) = 5.4.16-42.el7,它被软件包 php-xml-5.4.16-42.el7.x86_64 需要
99.--> 正在处理依赖关系 php-common(x86-64) = 5.4.16-42.el7,它被软件包 php-5.4.16-42.el7.x86_64 需要
100.--> 正在检查事务
101.---> 软件包 php.x86_64.0.5.4.16-42.el7 将被 删除
102.---> 软件包 php-cli.x86_64.0.5.4.16-42.el7 将被 删除
103.---> 软件包 php-gd.x86_64.0.5.4.16-42.el7 将被 删除
104.---> 软件包 php-pdo.x86_64.0.5.4.16-42.el7 将被 删除
105.---> 软件包 php-pear.noarch.1.1.9.4-21.el7 将被 删除
106.---> 软件包 php-process.x86_64.0.5.4.16-42.el7 将被 删除
107.---> 软件包 php-xml.x86_64.0.5.4.16-42.el7 将被 删除
108.--> 解决依赖关系完成
109.
110.依赖关系解决
111.
112.================================================================================
113. Package 架构 版本 源 大小
114.================================================================================
115.正在删除:
116. php-common x86_64 5.4.16-42.el7 @anaconda 3.8 M
117.为依赖而移除:
118. php x86_64 5.4.16-42.el7 @anaconda 4.4 M
119. php-cli x86_64 5.4.16-42.el7 @anaconda 8.8 M
120. php-gd x86_64 5.4.16-42.el7 @anaconda 342 k
121. php-pdo x86_64 5.4.16-42.el7 @anaconda 192 k
122. php-pear noarch 1:1.9.4-21.el7 @anaconda 2.2 M
123. php-process x86_64 5.4.16-42.el7 @anaconda 78 k
124. php-xml x86_64 5.4.16-42.el7 @anaconda 325 k
125.
126.事务概要
127.================================================================================
128.移除 1 软件包 (+7 依赖软件包)
129.
130.安装大小:20 M
131.Downloading packages:
132.Running transaction check
133.Running transaction test
134.Transaction test succeeded
135.Running transaction
136. 正在删除 : 1:php-pear-1.9.4-21.el7.noarch 1/8
137. 正在删除 : php-5.4.16-42.el7.x86_64 2/8
138. 正在删除 : php-cli-5.4.16-42.el7.x86_64 3/8
139. 正在删除 : php-process-5.4.16-42.el7.x86_64 4/8
140. 正在删除 : php-xml-5.4.16-42.el7.x86_64 5/8
141. 正在删除 : php-pdo-5.4.16-42.el7.x86_64 6/8
142. 正在删除 : php-gd-5.4.16-42.el7.x86_64 7/8
143. 正在删除 : php-common-5.4.16-42.el7.x86_64 8/8
144. 验证中 : php-cli-5.4.16-42.el7.x86_64 1/8
145. 验证中 : php-xml-5.4.16-42.el7.x86_64 2/8
146. 验证中 : php-gd-5.4.16-42.el7.x86_64 3/8
147. 验证中 : php-5.4.16-42.el7.x86_64 4/8
148. 验证中 : php-process-5.4.16-42.el7.x86_64 5/8
149. 验证中 : php-pdo-5.4.16-42.el7.x86_64 6/8
150. 验证中 : php-common-5.4.16-42.el7.x86_64 7/8
151. 验证中 : 1:php-pear-1.9.4-21.el7.noarch 8/8
152.
153.删除:
154. php-common.x86_64 0:5.4.16-42.el7
155.
156.作为依赖被删除:
157. php.x86_64 0:5.4.16-42.el7 php-cli.x86_64 0:5.4.16-42.el7
158. php-gd.x86_64 0:5.4.16-42.el7 php-pdo.x86_64 0:5.4.16-42.el7
159. php-pear.noarch 1:1.9.4-21.el7 php-process.x86_64 0:5.4.16-42.el7
160. php-xml.x86_64 0:5.4.16-42.el7
161.
162.完毕!
安装软件源
1.[root@localhost lcr]# ansible centos_lan -m command -a 'rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm'
2. [WARNING]: Consider using yum, dnf or zypper module rather than running rpm
3.
4.192.168.121.21 | SUCCESS | rc=0 >>
5.获取https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
6.准备中... ########################################
7.正在升级/安装...
8.epel-release-7-10 ########################################警告:/var/tmp/rpm-tmp.PU0ppm: 头V3 RSA/SHA256 Signature, 密钥 ID 352c64e5: NOKEY
9.
10.192.168.121.20 | SUCCESS | rc=0 >>
11.获取https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
12.准备中... ########################################
13.正在升级/安装...
14.epel-release-7-10 ########################################警告:/var/tmp/rpm-tmp.5Q6oQ5: 头V3 RSA/SHA256 Signature, 密钥 ID 352c64e5: NOKEY
15.
16.[root@localhost lcr]# ansible centos_lan -m command -a 'rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm'
17. [WARNING]: Consider using yum, dnf or zypper module rather than running rpm
18.
19.192.168.121.20 | SUCCESS | rc=0 >>
20.获取https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
21.准备中... ########################################
22.正在升级/安装...
23.webtatic-release-7-3 ########################################警告:/var/tmp/rpm-tmp.f9bZ47: 头V4 RSA/SHA1 Signature, 密钥 ID 62e74ca5: NOKEY
24.
25.192.168.121.21 | SUCCESS | rc=0 >>
26.获取https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
27.准备中... ########################################
28.正在升级/安装...
29.webtatic-release-7-3 ########################################警告:/var/tmp/rpm-tmp.KkNGeh: 头V4 RSA/SHA1 Signature, 密钥 ID 62e74ca5: NOKEY
1.[root@centos-0 lcr]# yum makecache
2. File "/usr/bin/yum", line 30
3. except KeyboardInterrupt, e:
4. ^
5.SyntaxError: invalid syntax
根据错误提示,修改删除,无效
查看python版本:
1.[root@centos-0 lcr]# python -V
2.Python 3.6.0
已经升级我python3.6,查看yum配置文件
1.[root@centos-0 lcr]# vim /usr/bin/yum
1.#!/usr/bin/python
2.import sys
3.try:
4. import yum
5.except ImportError:
6. print >> sys.stderr, """\
7.There was a problem importing one of the Python modules
8.required to run yum. The error leading to this problem was:
9.
10. %s
11.
12.Please install a package which provides this module, or
13.verify that the module is installed correctly.
14.
15.It's possible that the above module doesn't match the
16.current version of Python, which is:
17.%s
18.
19.If you cannot solve this problem yourself, please go to
20.the yum faq at:
21. http://yum.baseurl.org/wiki/Faq
22.
23.""" % (sys.exc_value, sys.version)
24. sys.exit(1)
25.
26.sys.path.insert(0, '/usr/share/yum-cli')
27.try:
28. import yummain
29. yummain.user_main(sys.argv[1:], exit_code=True)
30.except KeyboardInterrupt, e:
31. print >> sys.stderr, "\n\nExiting on user cancel."
32. sys.exit(1)
将来文件报头的:
1.#!/usr/bin/python
修改为:
1.#!/usr/bin/python2
另一个报错
1.[root@centos-0 lcr]# yum makecache
2.已加载插件:fastestmirror, langpacks
3.base | 3.6 kB 00:00
4.extras | 3.4 kB 00:00
5.updates | 3.4 kB 00:00
6. File "/usr/libexec/urlgrabber-ext-down", line 28
7. except OSError, e:
8. ^
9.SyntaxError: invalid syntax
10. File "/usr/libexec/urlgrabber-ext-down", line 28
11. except OSError, e:
12. ^
13.SyntaxError: invalid syntax
14. File "/usr/libexec/urlgrabber-ext-down", line 28
15. except OSError, e:
16. ^
17.SyntaxError: invalid syntax
同理:
1.[root@centos-0 lcr]# vim /usr/libexec/urlgrabber-ext-down
1.#! /usr/bin/python2
2.# A very simple external downloader
3.# Copyright 2011-2012 Zdenek Pavlas
4.
5.# This library is free software; you can redistribute it and/or
6.# modify it under the terms of the GNU Lesser General Public
7.# License as published by the Free Software Foundation; either
8.# version 2.1 of the License, or (at your option) any later version.
9.#
10.# This library is distributed in the hope that it will be useful,
11.# but WITHOUT ANY WARRANTY; without even the implied warranty of
12.# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13.# Lesser General Public License for more details.
14.#
15.# You should have received a copy of the GNU Lesser General Public
16.# License along with this library; if not, write to the
17.# Free Software Foundation, Inc.,
18.# 59 Temple Place, Suite 330,
19.# Boston, MA 02111-1307 USA
20.
21.import time, os, errno, sys
22.from urlgrabber.grabber import \
23. _readlines, URLGrabberOptions, _loads, \
24. PyCurlFileObject, URLGrabError
25.
26.def write(fmt, *arg):
27. try: os.write(1, fmt % arg)
28. except OSError, e:
29. if e.args[0] != errno.EPIPE: raise
30. sys.exit(1)
31.
32.class ProxyProgress:
33. def start(self, *d1, **d2):
34. self.next_update = 0
35. def update(self, _amount_read):
36. t = time.time()
37. if t < self.next_update: return
38. self.next_update = t + 0.31
39. write('%d %d\n', self._id, _amount_read)
40.
41.def main():
42. import signal
43. signal.signal(signal.SIGINT, lambda n, f: sys.exit(1))
44. cnt = 0
45. while True:
将来文件报头的:
1.#!/usr/bin/python
修改为:
1.#!/usr/bin/python2