jsp网站如何做seo,公网怎么做网站,排名优化哪家专业,wordpress主要标签一、ansible常用模块模块是Ansible执行的最小单位#xff0c;可以是由Python编写#xff0c;也可以是Shell编写#xff0c;也可以是由其他语言编写。一、ping模块测试连接可通性#xff0c;没有参数。通的话返回pong。1、使用示例ansible all -m ping1、可通#xff0c;返…一、ansible常用模块模块是Ansible执行的最小单位可以是由Python编写也可以是Shell编写也可以是由其他语言编写。一、ping模块测试连接可通性没有参数。通的话返回pong。1、使用示例ansible all -m ping1、可通返回pong如下图2、不通返回如下图二、setup模块主要用于获取主机信息在playbooks里经常会用到的一个参数gather_facts就与该模块相关。setup模块下经常使用的一个参数是filter参数具体使用示例如下(由于输出结果较多这里只列命令不写结果)每个被管理节点在接收并运行管理命令之前会将自己主机相关信息(如系统版本主机IP地址)告知ansible管理主机1、帮助信息ansible-doc -s setup--tree :将所有主机的输出信息保存到/tmp/目录下以/etc/ansible/hosts里的主机名为文件名ansible all-m setup -a filteransible_distribution_version --tree /tmp/filter 过滤关键字#ansible db-m setup -a filteransible_distribution_versiongather_subset按子集收集信息值有all, min, hardware, network, virtual, ohai, facter。不包含请使用号如!network2、经常获取的信息统计表格如下关键字说明返回值例子ansible_nodename节点名6-dns-1.hunk.techansible_fqdnFQDN名6-dns-1.hunk.techansible_hostname主机短名称6-dns-1ansible_domain主机域名后缀hunk.tehansible_memtotal_mb总物理内存ansible_memtotal_mb: 222ansible_swaptotal_mbSWAP总大小1023ansible_processorCPU信息Intel(R) Core(TM) i5-5200U CPU 2.20GHzansible_processor_coresCPU核心数量4ansible_processor_vcpusCPU逻辑核心数量2ansible_all_ipv4_addresses有所IPV4地址192.168.0.200ansible_all_ipv6_addresses所有IPV6地址ansible_default_ipv4默认网关的网卡配置信息ansible_eth2具体某张网卡信息不同系统名称需要变化ansible_dnsDNS设置信ansible_architecture系统架构x86_64ansible_machine主机类型x86_64ansible_kernel内核版本2.6.32-696.el6.x86_64ansible_distribution发行版本CentOSansible_distribution_major_version操作系统主版本号6ansible_distribution_release发行版名称Finalansible_distribution_version完整版本号7.4.1708ansible_pkg_mgr软件包管理方式yumansible_service_mgr进行服务方式systemdansible_os_family家族系列RedHatansible_cmdline内核启动参数ansible_selinuxSElinux状态disabledansible_env当前环境变量参数ansible_date_time时间相关ansible_python_versionpython版本2.6.6ansible_lvmLVM卷相关信息ansible_mounts所有挂载点ansible_device_links所有挂载的设备的UUID和卷标名ansible_devices所有/dev/下的正在使用的设备的信息ansible_user_dir执行用户的家目录/rootansible_user_gecos执行用户的描述信息The root ansible_user_gid执行用户的的GID0ansible_user_id执行用户的的用户名rootansible_user_shell执行用户的shell类型/bin/bashansible_user_uid执行用户的UID03、使用范例ansible web -m setup执行结果View Code三、command模块command 命令模块默认模块(可省略)用于在远程执行命令(不能使用变量)1、帮助信息1 creates一个文件名当该文件存在则该命令不执行2 free_form要执行的linux指令3 chdir在执行指令之前先切换到该指定的目录4 removes一个文件名当该文件不存在则该选项不执行5 executable切换shell来执行指令该执行路径必须是一个绝对路径2、使用范例# ansible all -a date四、cron模块cron 定时任务模块1、帮助信息# ansible-doc -s cron-name: Manage cron.d and crontab entriescron:backup: # If set, create a backup of the crontab before it is modified. The location of the backup is returnedinthe backup_filevariable by this module.cron_file: # If specified, uses this file instead of an individual users crontab. If this is a relative path, it isinterpreted with respect to /etc/cron.d. (If it is absolute, it willtypically be/etc/crontab). Many linux distros expect (and some require)the filename portion to consist solely of upper- and lower-caseletters,digits, underscores, and hyphens. To use the cron_fileparameter youmust specify the useras well.day: # Day of the month the job should run ( 1-31, *, */2, etc )disabled: # If the job should be disabled (commented out)in the crontab. Only has effect if statepresent.env: # If set, manages a crontabs environment variable. New variables are added on top of crontab. name andvalueparameters are the name and the value of environment variable.hour: # Hour when the job should run (0-23, *, */2, etc )insertafter: # Used with statepresentand env. If specified, the environment variable will be inserted after thedeclaration of specified environment variable.insertbefore: # Used with statepresentand env. If specified, the environment variable will be inserted before thedeclaration of specified environment variable.job: # The command to execute or,if envis set, the value of environment variable. The command should notcontain line breaks. Requiredif statepresent.minute: # Minute when the job should run (0-59, *, */2, etc )month: # Month of the year the job should run (1-12, *, */2, etc )name: # Description of a crontab entry or,if env is set, the name of environment variable. Required ifstateabsent. Note that if name is not set and statepresent, thena newcrontab entry will always be created, regardless of existing ones.reboot: # If the job should be run at reboot. This option is deprecated. Users should use special_time.special_time: # Specialtimespecification nickname.state: # Whether to ensure the job or environment variable is present(安装) or absent(卸载).user: # The specific user whose crontab should be modified.weekday: # Day of the week that the job should run (0-6 for Sunday-Saturday, *, etc )ansible-doc -s cron1 backup对远程主机上的原任务计划内容修改之前做备份2 cron_file如果指定该选项则用该文件替换远程主机上的cron.d目录下的用户的任务计划3 day日(1-31**/2,……)4 hour小时(0-23**/2……)5 minute分钟(0-59**/2……)6 month月(1-12**/2……)7 weekday周(0-7*……)8 job要执行的任务依赖于statepresent9 name该任务的描述10 special_time指定什么时候执行参数reboot,yearly,annually,monthly,weekly,daily,hourly11 state确认该任务计划是创建还是删除12 user以哪个用户的身份执行2、使用说明ansible db -m cron -a minute hour day month weekday job name(必须填写) state1、定时设置指定值的写入即可没有设置的可以不写(默认是*)2、name必须写3、state有两个状态present(添加(默认值))or absent(移除)3、使用范例1、添加定时任务ansible db -m cron -a minute*/10 job/bin/echo hello nametest cron job statepresentansible db-a crontab -l结果如下图2、移除定时任务ansible db -m cron -a minute*/10 job/bin/echo hello nametest cron job stateabsentansible db-a crontab -l结果如下图五、user/group模块user模块是请求的是useradd, userdel, usermod三个指令goup模块请求的是groupadd, groupdel, groupmod 三个指令。1、帮助信息1、英文# ansible-doc -s user-name: Manage user accountsuser:append: # If yes, add the user to the groups specified ingroups. If no, userwill only be added tothegroups specified ingroups, removing themfrom all other groups.comment: # Optionally sets the description (aka GECOS) of useraccount.create_home: # Unless set to no, a home directory will be made forthe user when theaccount is created orifthe home directory doesnot exist. Changed fromcreatehometocreate_homein version2.5.expires: # An expirytime for the user inepoch, it will beignored on platformsthatdonot supportthis. Currentlysupported on GNU/Linux,FreeBSD, andDragonFlyBSD. Sinceversion2.6you canremove the expirytimespecify a negativevalue. Currentlysupported on GNU/Linuxand FreeBSD.force: # This only affects stateabsent, it forces removal ofthe user and associateddirectories on supportedplatforms. The behavioris the same as userdel--force, check the manpage for userdelonyour system fordetailsand support.generate_ssh_key: # Whether to generate a SSH keyfor the user inquestion.This will*not*overwrite an existingSSH key.group: # Optionally sets the users primary group (takes a groupname).groups: # List of groupsuser will be added to. When set to anemptystring ,null, or ~, the useris removed from allgroupsexcept theprimary group. (~ means nullin YAML)Before version 2.3, theonly input formatallowed was a commaseparatedstring. Nowthis parameter accepts alist as well as a commaseparatedstring.hidden: # Darwin/OS X only, optionally hide the user from theloginwindow and systempreferences. The defaultwill beTrue ifthesystemoption is used.home: # Optionally set the users home directory.local: # Forces the use of localcommand alternatives onplatforms that implementit. This is usefulinenvironments that usecentralizedauthentification whenyou want to manipulatethe local users. I.E. ituses luseradd insteadof useradd. Thisrequires that thesecommands exist on thetargeted host, otherwiseit will be a fatalerror.login_class: # Optionally sets the users login class, a feature ofmost BSD OSs.move_home: # If set to yeswhen used with home, attempt to movethe users old homedirectory to thespecified directoryifit isnt there alreadyand the old home exists.name: # (required) Name of the user to create, remove ormodify.non_unique: # Optionally when used with the-u option, this optionallows to change theuser ID to a non-uniquevalue.password: # Optionally set the users password to this cryptedvalue. On Darwin/OS Xsystems, this value hasto be cleartext. Bewareof security issues. Seehttps://docs.ansible.com/ansible/faq.html#how-do-i-generate-crypted-passwords-for-the-user-modulefordetails onvarious ways to generatethese password values.password_lock: # Lock the password (usermod-L, pw lock, usermod -C).BUT implementationdiffers on differentplatforms, this optiondoes not always mean theuser cannotloginviaother methods. Thisoption does not disablethe user, only lock thepassword. Do not changethe passwordinthe sametask. Currentlysupported on Linux,FreeBSD, DragonFlyBSD,NetBSD.remove: # This only affects stateabsent, it attempts to removedirectories associatedwith the user. Thebehavior is the same asuserdel--remove,check the man page fordetails and support.seuser: # Optionally sets the seuser type (user_u) on selinuxenabled systems.shell: # Optionally set the users shell. On Mac OS X, beforeversion 2.5, the defaultshellfor non-systemusers was/usr/bin/false. Since2.5, the default shellfor non-system users onMac OS X is/bin/bash.skeleton: # Optionally set a home skeleton directory. Requirescreate_home option!ssh_key_bits: # Optionally specify number of bitsinSSH key to create.ssh_key_comment: # Optionally define the commentforthe SSH key.ssh_key_file: # Optionally specify the SSH key filename. If this is arelative filenamethenit will be relative tothe users homedirectory.ssh_key_passphrase: # Set a passphraseforthe SSH key. If no passphrase isprovided, the SSH keywill default to havingno passphrase.ssh_key_type: # Optionally specify the type of SSH key to generate.Available SSH key typeswill depend onimplementation presenton target host.state: # Whether the account should exist or not, taking actionifthe state isdifferent from what isstated.system: # When creating an account statepresent, setting thisto yesmakes the usera system account. Thissetting cannot bechanged on existingusers.uid: # Optionally sets the UIDof the user.update_password: # alwayswill update passwords if they differ.on_createwill onlyset the password fornewly created users.ansible-doc -s user2、中文groups指定用户的属组uid指定用的uidpassword为用户设置登陆密码此密码是明文密码加密后的密码update_password:always/on_createalways:只有当密码不相同时才会更新密码(默认)on_create:只为新用户设置密码name指定用户名createhome是否创建家目录 yes|no(默认是yes)system是否为系统用户remove当stateabsent时removeyes则表示连同家目录一起删除等价于userdel -r(默认是no)state是创建还是删除 present(添加(默认值))or absent(移除)shell指定用户的shell环境append:yes/noyes:增量添加groupno:全量变更group,只设置groups指定的group组(默认)expires:设置用户的过期时间值是一个时间戳3、注意事项注指定password参数时不能使用后面这一串密码会被直接传送到被管理主机的/etc/shadow文件中所以需要先将密码字符串进行加密处理。然后将得到的字符串放到password中即可。范例- user: namejohnd commentJohn Doe uid1040 groupadmin- user: namejames shell/bin/bash groupsadmins,developers appendyes- user: namejohnd stateabsent removeyes- user: namejames18 shell/bin/zsh groupsdevelopers expires1422403387#生成密钥时只会生成公钥文件和私钥文件和直接使用ssh-keygen指令效果相同不会生成authorized_keys文件。- user: nametest generate_ssh_keyyes ssh_key_bits2048 ssh_key_file.ssh/id_rsa2、生成加密的密码1、安装python-pip并安装加密函数库-passlibyum -y install python-pippipinstall --upgrade pippipinstall passlib2、使用加密函数库获取密文密码# python -c from passlib.hash import sha512_crypt; import getpass; print(sha512_crypt.using(rounds5000).hash(getpass.getpass()))Password:$6$0lwTSmqKOkL.ktgl$OnBexXC7haBf0FRHVMIZM2edDeFWBbpKJ2r9cxVwNvY.vh3IIUzwFz8n7jFglc0CrtQSY12ziDonVL6e71Og2.3、创建一个系统用户指定用户密码ansible db -m user -a nametestops password$6$0lwTSmqKOkL.ktgl$OnBexXC7haBf0FRHVMIZM2edDeFWBbpKJ2r9cxVwNvY.vh3IIUzwFz8n7jFglc0CrtQSY12ziDonVL6e71Og2.4、查看测试我们可以看到被管理主机已创建用户testops,并且密码为密文已写入/etc/shadow用户文件中尝试用ssh命令使用testops用户登录被管理主机登录成功ansible db -m shell -a cat /etc/shadow|grep testopsssh testops10.0.0.133、使用范例1、添加用户并设置密码(加密过程如上)ansible db -m user -a nametestops password$6$0lwTSmqKOkL.ktgl$OnBexXC7haBf0FRHVMIZM2edDeFWBbpKJ2r9cxVwNvY.vh3IIUzwFz8n7jFglc0CrtQSY12ziDonVL6e71Og2.结果如下图2、删除用户(连通家目录一并删除)ansible db -m user -a nametestops stateabsent removeyes注意该用户下不能有任何进程否则会报错如下红色部分六、copy模块复制文件1、帮助信息1 backup在覆盖之前将原文件备份备份文件包含时间信息。有两个选项yes|no2 content用于替代src,可以直接设定指定文件的值3 dest必选项。要将源文件复制到的远程主机的绝对路径如果源文件是一个目录那么该路径也必须是个目录4 directory_mode递归的设定目录的权限默认为系统默认权限5 force如果目标主机包含该文件但内容不同如果设置为yes则强制覆盖如果为no则只有当目标主机的目标位置不存在该文件时才复制。默认为yes6 others所有的file模块里的选项都可以在这里使用7 src要复制到远程主机的文件在本地的地址可以是绝对路径也可以是相对路径。如果路径是一个目录它将递归复制。在这种情况下如果路径使用/来结尾则只复制目录里的内容如果没有使用/来结尾则包含目录在内的整个内容全部复制类似于rsync。8 validate The validation command to run before copying into place. The path to the file to validate is passed in via %s which must be present as in the visudo example below.2、使用范例1、使用srcansible db -m copy -a src/etc/hosts dest/tmp/ ownerroot mode640 backupno结果如下图2、使用contentansible db -m copy -a contentHello ansible\n you are clever!\n dest/tmp/ansile.txt ownerroot mode640 backupnoansible db-m copy -a contentHello ansible\nyou are clever!\n dest/tmp/ansile.txt forceyes ownerroot mode640 backupno管理机操作结果如下图目标主机结果如下图七、file模块设定文件属性和创建文件的符号链接1、帮助信息1 force需要在两种情况下强制创建软链接一种是源文件不存在但之后会建立的情况下另一种是目标软链接已存在,需要先取消之前的软链然后创建新的软链有两个选项yes|no2 group定义文件/目录的属组3 mode定义文件/目录的权限4 owner定义文件/目录的属主5 path必选项定义文件/目录的路径6 recurse递归的设置文件的属性只对目录有效7 src要被链接的源文件的路径只应用于statelink的情况8 dest被链接到的路径只应用于statelink的情况9 state directory如果目录不存在创建目录 file即使文件不存在也不会被创建 link创建软链接 hard创建硬链接 touch如果文件不存在则会创建一个新的文件如果文件或目录已存在则更新其最后修改时间 absent删除目录、文件或者取消链接文件2、使用范例ansible db -m file -a src/etc/fstab dest/tmp/fstab statelinkansible db-m file -a path/tmp/fstab stateabsentansible db-m file -a path/tmp/test statetouch八、yum模块安装程序包1、帮助信息1 config_fileyum的配置文件2 disable_gpg_check关闭gpg_check3 disablerepo不启用某个源4 enablerepo启用某个源5 name要进行操作的软件包的名字也可以传递一个url或者一个本地的rpm包的路径6 state状态(present安装absent卸载latest最新)2、使用示例1、安装zshansible web -m yum -a namehttpd statelatestansible web-m yum -a nameDevelopment tools statepresentansible web-m yum -a namehttp://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm statepresent目标主机验证# rpm -q zshzsh-5.0.2-28.el7.x86_642、卸载ansible web -m yum -a namezsh stateabsent目标主机验证# rpm -q zshpackage zsh is not installed九、service模块1、帮助信息1 arguments给命令行提供一些选项2 enabled是否开机启动 yes|no3 name必选项服务名称4 pattern定义一个模式如果通过status指令来查看服务的状态时没有响应就会通过ps指令在进程中根据该模式进行查找如果匹配到则认为该服务依然在运行5 runlevel运行级别6 sleep如果执行了restarted在则stop和start之间沉睡几秒钟7 state对当前服务执行启动停止、重启、重新加载等操作(started,stopped,restarted,reloaded)2、使用示例1、保持服务启动并设置为开机自启ansible web -m service -a enabledyes namehttpd statestarted2、查看服务状态ansible web -a service httpd status#centOS7.x之前ansible web-a chkconfig --list httpd#centOS7.xansible web-a systemctl is-enabled httpd十、shell模块尤其是用到复杂命令时(如带管道符等等)1、帮助信息# ansible-doc -s shell- name: Execute commands innodes.shell:chdir: # cd into this directory before running the commandcreates: # a filename, when it already exists, this step will*not*be run.executable: # change the shell used to execute the command. Should be an absolute path to the executable.free_form: # (required) The shell module takes afree form command to run, as a string. Theres not an actual option named free form. See theexamples!removes: # a filename, when it does not exist, this step will*not*be run.stdin: # Set the stdin of the command directly to the specified value.warn: #if command warnings are on in ansible.cfg, do not warn about this particular line if set to no/false.ansible-doc -s shell2、使用范例使用command模块会报错无法得到想要的结果。ansible web -m shell -a ps -ef|grep httpd十一、script模块将本地脚本复制到远程主机并执行。1、帮助信息ansible-doc -s script-name: Runs a local script on a remote node after transferring itscript:chdir: # cd into this directory on the remote node before running the scriptcreates: # a filename, when it already exists, this step will*not*be run.decrypt: # This option controls the autodecryption of source files using vault.executable: # Name or path of a executable to invoke the script withfree_form: # (required) Path to the local scriptfile followed by optional arguments. There is no parameter actually named free form; see theexamples!removes: # a filename, when it does not exist, this step will*not* be run.ansible-doc -s script2、使用范例1、实验脚本#!/bin/bashecho test ansible script/tmp/scripts.ansible/tmp/script.sh2、执行ansible db -m script -a /tmp/script.sh3、验证结果十一、synchronize模块1、帮助信息1 archive: 归档相当于同时开启recursive(递归)、links、perms、times、owner、group、-D选项都为yes 默认该项为开启2 checksum: 跳过检测sum值默认关闭3 compress:是否开启压缩4 copy_links复制链接文件默认为no 注意后面还有一个links参数5 delete: 删除不存在的文件默认no6 dest目录路径7 dest_port默认目录主机上的端口 默认是22走的ssh协议8 dirs传速目录不进行递归默认为no即进行目录递归9 rsync_optsrsync参数部分10 set_remote_user主要用于/etc/ansible/hosts中定义或默认使用的用户与rsync使用的用户不同的情况11 mode: push或pull 模块push模的话一般用于从本机向远程主机上传文件pull 模式用于从远程主机上取文件2、使用范例srcsome/relative/path dest/some/absolute/path rsync_pathsudo rsyncsrcsome/relative/path dest/some/absolute/path archiveno linksyessrcsome/relative/path dest/some/absolute/path checksumyes timesnosrc/tmp/helloworld dest/var/www/helloword rsync_opts--no-motd,--exclude.git modepull十二、mount模块1、帮助信息1 dump fstype必选项挂载文件的类型2 name必选项挂载点3 opts传递给mount命令的参数4 src必选项要挂载的文件5 state必选项 present只处理fstab中的配置 absent删除挂载点 mounted自动创建挂载点并挂载之 umounted卸载2、使用范例name/mnt/dvd src/dev/sr0 fstypeiso9660 optsro statepresentname/srv/disk srcLABELSOME_LABEL statepresentname/home srcUUIDb3e48f45-f933-4c8e-a700-22a159ec9077 optsnoatime statepresentansible test-a dd if/dev/zero of/disk.img bs4k count1024ansible test-a losetup /dev/loop0 /disk.imgansible test-m filesystem fstypeext4 forceyes opts-F dev/dev/loop0ansible test-m mount name/mnt src/dev/loop0 fstypeext4 statemounted optsrw十三、get_url1、帮助信息1 sha256sum下载完成后进行sha256 check2 timeout下载超时时间默认10s3 url下载的URL4 url_password、url_username主要用于需要用户名密码进行验证的情况5 use_proxy是事使用代理代理需事先在环境变更中定义2、使用示例-name: download foo.confget_url: urlhttp://example.com/path/file.conf dest/etc/foo.conf mode0440- name: download filewith sha256 checkget_url: urlhttp://example.com/path/file.conf dest/etc/foo.conf sha256sumb5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c十四、其他模块见链接官方提供的可能用到模块有git、svn版本控制模块sysctl 、authorized_key_module系统模块apt、zypper、pip、gem包管理模块find、template文件模块mysql_db、redis数据库模块url 网络模块ansible暂停模块https://www.cnblogs.com/Csir/p/8653114.html
