Linux筆記 -- Week12 Q&A

1、主從復(fù)制及主主復(fù)制的實(shí)現(xiàn)

1-1 主從復(fù)制

1-1-1 主節(jié)點(diǎn)配置
修改配置文件,配置二進(jìn)制日志路徑

#創(chuàng)建二進(jìn)制日志保存路徑
[root@mysql1 data]# mkdir -p mysql/logbin
[root@mysql1 data]# chown -R mysql.mysql mysql

#添加server-id log-bin
[root@mysql1 data]# vim /etc/my.cnf
[mysqld]
server-id=169
log-bin=/data/mysql/logbin/mysql-bin
validate_password.policy=LOW
#參數(shù)validate_password.policy用來降低密碼復(fù)雜度要求

#配置完畢后重啟服務(wù)生效
[root@mysql1 data]# systemctl restart mysqld

備份數(shù)據(jù)庫到 all.sql

#備份數(shù)據(jù)庫 mysql8 用 --source-data 替代 --master-data,否則后續(xù)備機(jī)上恢復(fù)會報(bào)錯
#mysqldump -A -F --master-data=1 --single-transaction -p > all.sql
[root@mysql1 data]# mysqldump -A -F --source-data=1 --single-transaction -p > all.sql
Enter password:
[root@mysql1 data]# ll all.sql -h
-rw-r--r-- 1 root root 1.2M Mar 23 01:15 all.sq
[root@mysql1 data]# scp all.sql 10.0.0.163:/data

創(chuàng)建復(fù)制授權(quán)的賬戶

#創(chuàng)建備份賬戶
01:21:19(root@localhost) [hellodb]> create user repluser@'10.0.0.%' identified by '1234qwer';
01:23:02(root@localhost) [hellodb]> grant replication slave on *.* to repluser@'10.0.0.%';

1-1-2 從節(jié)點(diǎn)配置
修改配置文件,配置二進(jìn)制日志路徑

[root@mysql3 data]# vim /etc/my.cnf
[mysqld]
server-id=163
log-bin=/data/mysql/logbin/mysql-bin
read-only
#啟用read-only,避免非授權(quán)用戶修改

#創(chuàng)建二進(jìn)制日志目錄
[root@mysql3 data]# mkdir -p mysql/logbin
[root@mysql3 data]# chown -R mysql.mysql mysql

#重啟mysql服務(wù)
[root@mysql3 data]# systemctl restart mysqld

在剛才備份的文件里面添加復(fù)制線程,指定復(fù)制主節(jié)點(diǎn)信息,二進(jìn)制位置不變

CHANGE MASTER TO
  MASTER_HOST='10.0.0.169',
  MASTER_USER='repluser',
  MASTER_PASSWORD='1234qwer',
  MASTER_PORT=3306,
  MASTER_LOG_FILE='mysql-bin.000003',
  MASTER_LOG_POS=157;

登錄數(shù)據(jù)庫導(dǎo)入數(shù)據(jù)庫備份腳本 all.sql

#登錄數(shù)據(jù)庫后臨時關(guān)閉log-bin,導(dǎo)入備份后再開啟
09:48:14(root@localhost) [hellodb]> set sql_log_bin=0;
09:49:36(root@localhost) [hellodb]> source /data/all.sql;
09:50:23(root@localhost) [hellodb]> set sql_log_bin=1;

確認(rèn)主從復(fù)制狀態(tài)

#查看主從復(fù)制狀態(tài),啟動主從復(fù)制
10:31:43(root@localhost) [hellodb]> show slave status\G;
10:31:47(root@localhost) [hellodb]> start slave;
10:31:57(root@localhost) [hellodb]> show slave status\G;

#注意,mysql8主從命令有變化 'SHOW SLAVE STATUS' is deprecated 
#and will be removed in a future release. Please use SHOW REPLICA STATUS instead
1-2 主主復(fù)制實(shí)現(xiàn)關(guān)鍵步驟

1-2-1 主節(jié)點(diǎn)1配置
修改配置文件,配置二進(jìn)制日志路徑

#創(chuàng)建二進(jìn)制日志保存路徑
[root@mysql1 data]# mkdir -p mysql/logbin
[root@mysql1 data]# chown -R mysql.mysql mysql

#添加server-id log-bin
[root@mysql1 data]# vim /etc/my.cnf
[mysqld]
server-id=169
log-bin=/data/mysql/logbin/mysql-bin
#validate_password.policy=LOW #降低密碼復(fù)雜度要求,本例中不需要

#重啟服務(wù)配置生效
[root@mysql1 data]# systemctl restart mysqld

配置復(fù)制授權(quán)賬戶

#配置復(fù)制權(quán)限賬戶
17:45:04(root@localhost) [(none)]> create user repluser@'10.0.0.%' identified by 'Replication@123';
17:45:20(root@localhost) [(none)]> grant replication slave on *.* to repluser@'10.0.0.%';

記錄二進(jìn)制位置信息

#記錄數(shù)據(jù)庫二進(jìn)制位置
18:36:03(root@localhost) [(none)]> show master logs;
+------------------+-----------+-----------+
| Log_name         | File_size | Encrypted |
+------------------+-----------+-----------+
| mysql-bin.000001 |       733 | No        |
| mysql-bin.000002 |       454 | No        |
+------------------+-----------+-----------+
2 rows in set (0.00 sec)
#或者執(zhí)行命令 show master status 同樣可查看;

轉(zhuǎn)移到主節(jié)點(diǎn)2配置復(fù)制信息,完成后繼續(xù)后續(xù)配置步驟

MySQL8默認(rèn)加密傳輸,獲取公鑰信息,避免加密傳輸報(bào)錯

#方法一:獲取公鑰先,本例推薦使用該方式
mysql -u repluser -pReplication@123 -h10.0.0.161 -P3306 --get-server-public-key
#方法二:修改加密模塊
#alter user repluser@'10.0.0.%' identified with mysql_native_password by '1234qwer';

配置復(fù)制線程信息,必須要先查看主節(jié)點(diǎn)2的二進(jìn)制日志位置

CHANGE MASTER TO
  MASTER_HOST='10.0.0.161',
  MASTER_USER='repluser',
  MASTER_PASSWORD='Replication@123',
  MASTER_PORT=3306,
  MASTER_LOG_FILE='mysql-bin.000003',
  MASTER_LOG_POS=157;

啟用復(fù)制線程并查看狀態(tài)

#查看主從復(fù)制狀態(tài),啟動主從復(fù)制
18:52:44(root@localhost) [(none)]> show slave status\G;
18:53:17(root@localhost) [(none)]> start slave;
18:53:21(root@localhost) [(none)]> show slave status\G;

1-2-2 主節(jié)點(diǎn)2配置
修改配置文件,配置二進(jìn)制日志路徑

#創(chuàng)建二進(jìn)制日志保存路徑
[root@mysql2 data]# mkdir -p mysql/logbin
[root@mysql2 data]# chown -R mysql.mysql mysql

#添加server-id log-bin
[root@mysql2 data]# vim /etc/my.cnf
[mysqld]
server-id=161
log-bin=/data/mysql/logbin/mysql-bin
#validate_password.policy=LOW #降低密碼復(fù)雜度要求,本例中不需要

#重啟服務(wù)配置生效
[root@mysql2 data]# systemctl restart mysqld

MySQL8默認(rèn)加密傳輸,獲取公鑰信息,避免加密傳輸報(bào)錯

#方法一:獲取公鑰先,本例推薦使用該方式
mysql -u repluser -pReplication@123 -h10.0.0.169 -P3306 --get-server-public-key

重新登錄數(shù)據(jù)庫,配置復(fù)制授權(quán)賬戶(后續(xù)提供給主節(jié)點(diǎn)1使用)

#配置復(fù)制權(quán)限賬戶
17:45:04(root@localhost) [(none)]> create user repluser@'10.0.0.%' identified by 'Replication@123';
17:45:20(root@localhost) [(none)]> grant replication slave on *.* to repluser@'10.0.0.%';

配置復(fù)制線程信息,必須要先查看主節(jié)點(diǎn)1的二進(jìn)制日志位置

CHANGE MASTER TO
  MASTER_HOST='10.0.0.169',
  MASTER_USER='repluser',
  MASTER_PASSWORD='Replication@123',
  MASTER_PORT=3306,
  MASTER_LOG_FILE='mysql-bin.000001',
  MASTER_LOG_POS=713;

啟用復(fù)制線程并查看狀態(tài)

#查看主從復(fù)制狀態(tài),啟動主從復(fù)制
18:52:44(root@localhost) [(none)]> show slave status\G;
18:53:17(root@localhost) [hellodb]> start slave;
18:53:21(root@localhost) [(none)]> show slave status\G;

記錄二進(jìn)制位置信息,提供給主節(jié)點(diǎn)1配置使用

#記錄數(shù)據(jù)庫二進(jìn)制位置
18:55:41(root@localhost) [(none)]> show master logs;
+------------------+-----------+-----------+
| Log_name         | File_size | Encrypted |
+------------------+-----------+-----------+
| mysql-bin.000001 |       180 | No        |
| mysql-bin.000002 |       180 | No        |
| mysql-bin.000003 |       157 | No        |
+------------------+-----------+-----------+
3 rows in set (0.00 sec)
#或者執(zhí)行命令 show master status 同樣可查看;

2、xtrabackup實(shí)現(xiàn)全量+增量+binlog恢復(fù)庫

2.1 安裝percona-xtrabackup工具

#安裝percona-xtrabackup
[root@mysql1 data]# yum localinstall -y  percona-xtrabackup-80-8.0.27-19.1.el7.x86_64.rpm
[root@mysql1 data]# rpm -ql percona-xtrabackup-80-8.0.27-19.1.el7
/usr/bin/xbcloud
/usr/bin/xbcloud_osenv
/usr/bin/xbcrypt
/usr/bin/xbstream
/usr/bin/xtrabackup
/usr/include/kmip.h
/usr/include/kmippp.h
/usr/lib/libkmip.a
/usr/lib/libkmippp.a
/usr/lib/private/libprotobuf-lite.so.3.11.4
/usr/lib/private/libprotobuf.so.3.11.4
/usr/lib64/xtrabackup/plugin/component_keyring_file.so
/usr/lib64/xtrabackup/plugin/component_keyring_kmip.so
/usr/lib64/xtrabackup/plugin/keyring_file.so
/usr/lib64/xtrabackup/plugin/keyring_vault.so
/usr/share/doc/percona-xtrabackup-80-8.0.27
/usr/share/doc/percona-xtrabackup-80-8.0.27/LICENSE
/usr/share/man/man1/xbcrypt.1.gz
/usr/share/man/man1/xbstream.1.gz
/usr/share/man/man1/xtrabackup.1.gz
[root@mysql1 data]#

2.2 數(shù)據(jù)備份及恢復(fù)
2.2.1 完全備份

#完全備份
[root@mysql1 data]# xtrabackup -uroot -pPASSWORD --backup --target-dir=/data/backup/base
#查看信息
[root@mysql1 data]# cat backup/base/xtrabackup_info 
uuid = 6ca00d4a-b281-11ec-9f78-000c29e0fefc
name = 
tool_name = xtrabackup
tool_command = -uroot -pPASSWORD --backup --target-dir=/data/backup/base
tool_version = 8.0.27-19
ibbackup_version = 8.0.27-19
server_version = 8.0.23
start_time = 2022-04-02 20:35:45
end_time = 2022-04-02 20:35:48
lock_time = 1
binlog_pos = filename 'binlog.000003', position '156'
innodb_from_lsn = 0
innodb_to_lsn = 18071643
partial = N
incremental = N
format = file
compressed = N
encrypted = N

2.2.2 增量備份

#第一次修改數(shù)據(jù)

#第一次增量備份
[root@mysql1 data]# xtrabackup -uroot -pPASSWORD --backup --target-dir=/data/backup/inc1 --incremental-basedir=/data/backup/base

#查看信息
[root@mysql1 data]# cat backup/inc1/xtrabackup_info 
uuid = 73eb4b73-b2a2-11ec-9f78-000c29e0fefc
name = 
tool_name = xtrabackup
tool_command = -uroot -pPASSWORD --backup --target-dir=/data/backup/inc1 --incremental-basedir=/data/backup/base
tool_version = 8.0.27-19
ibbackup_version = 8.0.27-19
server_version = 8.0.23
start_time = 2022-04-03 00:32:11
end_time = 2022-04-03 00:32:14
lock_time = 1
binlog_pos = filename 'binlog.000004', position '156'
innodb_from_lsn = 18071643
innodb_to_lsn = 18212018
partial = N
incremental = Y
format = file
compressed = N
encrypted = N

#第二次修改

#第二次增量備份
xtrabackup -uroot -pPASSWORD --backup --target-dir=/data/backup/inc2 --incremental-basedir=/data/backup/inc1

[root@mysql1 data]# xtrabackup -uroot -pPASSWORD --backup --target-dir=/data/backup/inc2 --incremental-basedir=/data/backup/inc1

[root@mysql1 data]# cat backup/inc2/xtrabackup_info 
uuid = 25449125-b2a3-11ec-9f78-000c29e0fefc
name = 
tool_name = xtrabackup
tool_command = -uroot -pPASSWORD --backup --target-dir=/data/backup/inc2 --incremental-basedir=/data/backup/inc1
tool_version = 8.0.27-19
ibbackup_version = 8.0.27-19
server_version = 8.0.23
start_time = 2022-04-03 00:37:09
end_time = 2022-04-03 00:37:11
lock_time = 0
binlog_pos = filename 'binlog.000005', position '156'
innodb_from_lsn = 18212018
innodb_to_lsn = 18212554
partial = N
incremental = Y
format = file
compressed = N
encrypted = N

2.2.3 數(shù)據(jù)還原

#復(fù)制備份數(shù)據(jù)到目標(biāo)主機(jī)
[root@mysql1 data]# scp -r /data/backup/* 10.0.0.171:/data/backup/

#備份過程生成三個備份目錄 /data/backup/{base,inc1,inc2}
[root@mysql2 backup]# ls
base  inc1  inc2

#停止目標(biāo)主機(jī)MySQL服務(wù),清空數(shù)據(jù)目錄
[root@mysql2 backup]# systemctl stop mysqld
[root@mysql2 backup]# rm -rf /var/lib/mysql/*

#預(yù)準(zhǔn)備完成備份,此選項(xiàng)--apply-log-only 阻止回滾未完成的事務(wù)
[root@mysql2 backup]# xtrabackup --prepare --apply-log-only --target-dir=/data/backup/base

#合并第1次增量備份到完全備份
[root@mysql2 backup]# xtrabackup --prepare --apply-log-only --target-dir=/data/backup/base --incremental-dir=/data/backup/inc1

#合并第2次增量備份到完全備份:最后一次還原不需要加選項(xiàng)--apply-log-only
[root@mysql2 backup]# xtrabackup --prepare --target-dir=/data/backup/base --incremental-dir=/data/backup/inc2

#復(fù)制到數(shù)據(jù)庫目錄,注意數(shù)據(jù)庫目錄必須為空,MySQL服務(wù)不能啟動
[root@mysql2 backup]# xtrabackup --copy-back --target-dir=/data/backup/base

#還原數(shù)據(jù)目錄屬性
#chown -R mysql:mysql /var/lib/mysql
[root@mysql2 backup]# chown -R mysql.mysql /var/lib/mysql

#啟動服務(wù)
[root@mysql2 backup]# systemctl start mysqld

3、MyCAT實(shí)現(xiàn)MySQL讀寫分離

3-1 主機(jī)環(huán)境規(guī)劃

系統(tǒng):centos7
Client:10.0.0.161
mycat-agent:10.0.0.162
mysql-master:10.0.0.169
mysql-slave:10.0.0.163

3-2 主從配置
注意:此例子主從復(fù)制簡要實(shí)現(xiàn)滿足測試mycat即可,不做嚴(yán)格備份要求

#添加server-id,同時出于測試便捷需要,降低密碼策略要求
[root@mysql-m1 data]# vim /etc/my.cnf
[mysqld]
server-id=169
validate_password.policy=low
validate_password.length=6

#重啟服務(wù)配置生效
[root@mysql-m1 data]# systemctl restart mysqld

#創(chuàng)建備份賬戶
00:48:48(root@localhost) [(none)]> create user repluser@'10.0.0.%' identified by '1234qwer';
00:48:58(root@localhost) [(none)]> grant replication slave on *.* to repluser@'10.0.0.%';
00:52:34(root@localhost) [(none)]> alter user repluser@'10.0.0.%' identified with mysql_native_password by '1234qwer'
01:00:20(root@localhost) [(none)]> FLUSH PRIVILEGES;
01:00:35(root@localhost) [(none)]> show master logs;

#從服務(wù)器實(shí)現(xiàn)
[root@mysql-s1 data]# vim /etc/my.cnf
[mysqld]
server-id=163
validate_password.policy=low
validate_password.length=6

#重啟mysql服務(wù)
[root@mysql-s1 data]# systemctl restart mysqld

#登錄從數(shù)據(jù)庫開啟復(fù)制
01:04:59(root@localhost) [(none)]> CHANGE MASTER TO
    ->   MASTER_HOST='10.0.0.169',
    ->   MASTER_USER='repluser',
    ->   MASTER_PASSWORD='1234qwer',
    ->   MASTER_PORT=3306,
    ->   MASTER_LOG_FILE='mysql-bin.000003',
    ->   MASTER_LOG_POS=1337;
Query OK, 0 rows affected, 9 warnings (0.01 sec)

#查看復(fù)制狀態(tài)
01:05:40(root@localhost) [(none)]> START SLAVE;
01:05:50(root@localhost) [(none)]> SHOW SLAVE STATUS\G

3-3 Mycat代理安裝并啟動

#安裝Java
[root@mycat-agent ~]# yum install java
[root@mycat-agent ~]# java -version
openjdk version "1.8.0_322"
OpenJDK Runtime Environment (build 1.8.0_322-b06)
OpenJDK 64-Bit Server VM (build 25.322-b06, mixed mode)

#下載mycat并安裝
[root@mycat-agent ~]# wget http://dl.mycat.org.cn/1.6.7.6/20220221174943/Mycat-server-1.6.7.6-release-20220221174943-linux.tar.gz

[root@mycat-agent ~]# mkdir /apps
[root@mycat-agent ~]# tar -zxvf Mycat-server-1.6.7.6-release-20220221174943-linux.tar.gz -C /apps/
[root@mycat-agent ~]# ls /apps/
mycat

#配置環(huán)境變量
[root@mycat-agent ~]# echo 'PATH=$PATH:/apps/mycat/bin' > /etc/profile.d/mycat.sh
[root@mycat-agent ~]# source /etc/profile.d/mycat.sh
[root@mycat-agent ~]# echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin:/apps/mycat/bin

#啟動mycat
[root@mycat-agent apps]# file mycat/bin/mycat 
mycat/bin/mycat: POSIX shell script, ASCII text executable
[root@mycat-agent apps]# mycat start
Starting Mycat-server...

#能查看到8066端口即可說明mycat已正常啟動
[root@mycat-agent apps]# ss -ntlp
#查看日志
[root@mycat-agent apps]# cat /apps/mycat/logs/wrapper.log 
STATUS | wrapper  | 2022/04/05 11:38:01 | --> Wrapper Started as Daemon
STATUS | wrapper  | 2022/04/05 11:38:02 | Launching a JVM...
INFO   | jvm 1    | 2022/04/05 11:38:02 | Wrapper (Version 3.2.3) http://wrapper.tanukisoftware.org
INFO   | jvm 1    | 2022/04/05 11:38:02 |   Copyright 1999-2006 Tanuki Software, Inc.  All Rights Reserved.
INFO   | jvm 1    | 2022/04/05 11:38:02 | 
INFO   | jvm 1    | 2022/04/05 11:38:03 | MyCAT Server startup successfully. see logs in logs/mycat.log

#客戶端登錄測試,初始默認(rèn)密碼123456,默認(rèn)端口8066
[root@client-test ~]# mysql -h10.0.0.162 -P8066 -p123456
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.6.29-mycat-1.6.7.6-release-20220221174943 MyCat Server (OpenCloudDB)

Copyright (c) 2000, 2022, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show databases;
+----------+
| DATABASE |
+----------+
| TESTDB   |
+----------+

3-4 Mycat代理服務(wù)器上修改server.xml文件,配置Mycat連接信息

#修改端口
#原文
<!--
   <property name="serverPort">8066</property>
   <property name="managerPort">9066</property>
   <property name="idleTimeout">300000</property>
   <property name="authTimeout">15000</property>
   <property name="bindIp">0.0.0.0</property>
   <property name="dataNodeIdleCheckPeriod">300000</property> 5 * 60 * 1000L; //連接空閑檢查
   <property name="frontWriteQueueSize">4096</property> <property name="processors">32</property> -->
#修改后  注意去掉連接空閑檢查的文字描述
   <property name="serverPort">3306</property>
   <property name="managerPort">9066</property>
   <property name="idleTimeout">300000</property>
   <property name="authTimeout">15000</property>
   <property name="bindIp">0.0.0.0</property>
   <property name="dataNodeIdleCheckPeriod">300000</property>
   <property name="frontWriteQueueSize">4096</property> <property name="processors">32</property> 

#可以修改默認(rèn)密碼,本次測試保持不變
#原文
<user name="root" defaultAccount="true">
                <property name="password">123456</property>
                <property name="schemas">TESTDB</property>
                <property name="defaultSchema">TESTDB</property>

3-5 修改schema.xml實(shí)現(xiàn)讀寫分離配置

#將原文件備份,修改后的最終內(nèi)容如下
[root@mycat-agent conf]# cat schema.xml 
<?xml version="1.0"?>
<!DOCTYPE mycat:schema SYSTEM "schema.dtd">
<mycat:schema xmlns:mycat="http://io.mycat/">
    <schema name="TESTDB" checkSQLschema="false" sqlMaxLimit="100" randomDataNode="dn1" dataNode="dn1">
        </schema>
    <dataNode name="dn1" dataHost="localhost1" database="hellodb" />
    <dataHost name="localhost1" maxCon="1000" minCon="10" balance="1"
              writeType="0" dbType="mysql" dbDriver="native" switchType="1"  slaveThreshold="100">
        <heartbeat>select user()</heartbeat>
        <!-- can have multi write hosts -->
        <writeHost host="hostM1" url="10.0.0.169:3306" user="root"   password="123456">
        <readHost  host="hostS1" url="10.0.0.163:3306" user="root"   password="123456" />
        </writeHost>
        <!-- <writeHost host="hostM2" url="localhost:3316" user="root" password="123456"/> -->
    </dataHost>
</mycat:schema>

#修改完畢后重啟服務(wù)生效
[root@mycat-agent conf]# mycat restart
[root@mycat-agent conf]# cat /apps/mycat/logs/wrapper.log
...
INFO   | jvm 1    | 2022/04/05 12:41:54 | MyCAT Server startup successfully. see logs in logs/mycat.log

3-6 創(chuàng)建用戶用于對Mycat授權(quán)使用

12:45:09(root@localhost) [(none)]> create user root@'10.0.0.%' identified by '123456';

#補(bǔ)充步驟,必須修改認(rèn)證方式為mysql_native_password,然后重啟mysql服務(wù),否則mycat報(bào)錯
22:25:35(root@localhost) [(none)]> alter user root@'10.0.0.%' identified with mysql_native_password by '123456';

12:45:47(root@localhost) [(none)]> GRANT ALL ON *.* TO root@'10.0.0.%';
12:47:40(root@localhost) [(none)]> flush privileges;

#在從服務(wù)器上查看同步信息
#show grants for root@'10.0.0.%';
12:48:50(root@localhost) [(none)]> select user, host from mysql.user;
+------------------+-----------+
| user             | host      |
+------------------+-----------+
| repluser         | 10.0.0.%  |
| root             | 10.0.0.%  |
| mysql.infoschema | localhost |
| mysql.session    | localhost |
| mysql.sys        | localhost |
| root             | localhost |
+------------------+-----------+
6 rows in set (0.00 sec)

3-7 連接Mycat代理服務(wù)器測試

#連接Mycat服務(wù)器
[root@client-test ~]# mysql -h10.0.0.162 -p123456 TESTDB
22:56:19(root@10.0.0.162) [TESTDB]> show tables;
+-------------------+
| Tables_in_hellodb |
+-------------------+
| classes           |
| coc               |
| courses           |
| scores            |
| students          |
| teachers          |
| toc               |
+-------------------+
7 rows in set (0.00 sec)

01:39:45(root@10.0.0.162) [TESTDB]> INSERT INTO coc values(null, @@server_id, 4);
Query OK, 1 row affected (0.06 sec)

#驗(yàn)證寫功能在169
01:40:57(root@10.0.0.162) [TESTDB]> select * from coc;
+----+---------+----------+
| ID | ClassID | CourseID |
+----+---------+----------+
|  1 |       1 |        2 |
|  2 |       1 |        5 |
|  3 |       2 |        2 |
|  4 |       2 |        6 |
|  5 |       3 |        1 |
|  6 |       3 |        7 |
|  7 |       4 |        5 |
|  8 |       4 |        2 |
|  9 |       5 |        1 |
| 10 |       5 |        9 |
| 11 |       6 |        3 |
| 12 |       6 |        4 |
| 13 |       7 |        4 |
| 14 |       7 |        3 |
| 15 |     169 |        4 |
+----+---------+----------+
15 rows in set (0.00 sec)

#驗(yàn)證查詢功能在163
01:41:12(root@10.0.0.162) [TESTDB]> select @@server_id;
+-------------+
| @@server_id |
+-------------+
|         163 |
+-------------+
1 row in set (0.00 sec)

4、ansible常用模塊介紹

模塊幫助文檔查詢

ansible-doc 模塊名稱

Archive模塊
功能:打包壓縮保存在被管理節(jié)點(diǎn)
注意:壓縮的源數(shù)據(jù)和目標(biāo)壓縮包都是在遠(yuǎn)端節(jié)點(diǎn)
常用命令選項(xiàng):
path # 節(jié)點(diǎn)上被壓縮文件的絕對路徑
dest # 目標(biāo)壓縮包。
format # 壓縮包格式,選項(xiàng)包括 bz2, gz, tar, xz, zip,默認(rèn)gz
范例:

[root@ansible-160 data]# ansible 10.0.0.161 -m archive -a 'path=/usr/src/local/nginx-1.21.6 dest=/root/nginx.tar.bz2 format=bz2 owner=thomas mode=755'

#查看壓縮包內(nèi)容
[root@web-161 ~]# tar -tjvf nginx.tar.bz2

Command 模塊

功能:在遠(yuǎn)程節(jié)點(diǎn)主機(jī)執(zhí)行命令,此為默認(rèn)模塊,可省略 -m 選項(xiàng)

注意:

1、該模塊命令不通過shell來處理,所以比如$HOME和操作如"<",">","|",";","&" 不會生效,如需使用需要通過shell模塊實(shí)現(xiàn)這些功能。
2、此模塊不具有冪等性。
常用命令選項(xiàng):
chdir # 在執(zhí)行命令之前,先切換到該目錄
creates # 一個文件名,當(dāng)這個文件存在,則該命令不執(zhí)行,可以用來做判斷。
removes # 一個文件名,這個文件不存在,則該命令不執(zhí)行
范例:

#chdir效果
[root@ansible-160 ~]# ansible 10.0.0.161 -m command -a 'chdir=/root ls -l'
10.0.0.161 | CHANGED | rc=0 >>
total 4
-rw-------. 1 root root 1593 Dec 20 05:08 anaconda-ks.cfg
[root@ansible-160 ~]#

#creates 因?yàn)閏cc.txt文件存在,所以不執(zhí)行命令
[root@ansible-160 ~]# ansible 10.0.0.161 -m command -a 'creates=/data/ccc.txt ls -l /etc'
10.0.0.161 | SUCCESS | rc=0 >>
skipped, since /data/ccc.txt exists

#removes 因?yàn)閏cc.txt存在,所以執(zhí)行命令
[root@ansible-160 ~]# ansible 10.0.0.161 -m command -a 'removes=/data/ccc.txt ls -l /data'
10.0.0.161 | CHANGED | rc=0 >>
total 0
-rw-r--r--. 1 root root 0 Apr 10 00:39 ccc.txt

Copy 模塊
功能:從ansible服務(wù)器主控端復(fù)制文件到遠(yuǎn)程主機(jī)
注意:src如果文件夾后面沒有路徑的符號,則是連同文件夾本身一同復(fù)制過去到指定路徑下
常用命令選項(xiàng):
src # 本地文件路徑
dest # 目標(biāo)節(jié)點(diǎn)路徑
mode # 復(fù)制過去后文件的所屬權(quán)限
范例:

#復(fù)制/data/ccc.txt到目標(biāo)節(jié)點(diǎn)/data/ccc.txt,啟用backup選項(xiàng),修改文件屬主和組,設(shè)置權(quán)限為755
[root@ansible-160 data]# ansible 10.0.0.161 -m copy -a 'src=/data/ccc.txt dest=/data/ccc.txt backup=yes owner=thomas group=thomas mode=755' 
10.0.0.161 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "backup_file": "/data/ccc.txt.1351.2022-04-10@17:38:58~", 
    "changed": true, 
    "checksum": "a8fdc205a9f19cc1c7507a60c4f01b13d11d7fd0", 
    "dest": "/data/ccc.txt", 
    "gid": 1000, 
    "group": "thomas", 
    "md5sum": "ba1f2511fc30423bdbb183fe33f3dd0f", 
    "mode": "0755", 
    "owner": "thomas", 
    "size": 4, 
    "src": "/root/.ansible/tmp/ansible-tmp-1649583538.28-3120-75754727148612/source", 
    "state": "file", 
    "uid": 1000
}

[root@ansible-160 data]# ansible 10.0.0.161 -m shell -a 'ls -l /data/' 
10.0.0.161 | CHANGED | rc=0 >>
total 4
-rwxr-xr-x 1 thomas thomas 4 Apr 10 17:38 ccc.txt
-rw-r--r-- 1 root   root   0 Apr 10 17:38 ccc.txt.1351.2022-04-10@17:38:58~

Cron 模塊
功能::管理計(jì)劃任務(wù)
支持時間:minute,hour,day,month,weekday
范例:

#創(chuàng)建計(jì)劃任務(wù) 間隔5分鐘同步下時間
ansible websrvs -m cron -a "minute=*/5 job='/usr/sbin/ntpdate 10.10.10.10 &>/dev/null' name=Synctime"

#禁用計(jì)劃任務(wù)
ansible websrvs -m cron -a "minute=*/5 job='/usr/sbin/ntpdate 10.10.10.10 &>/dev/null' name=Synctime disabled=yes"

#啟用計(jì)劃任務(wù)
ansible websrvs -m cron -a "minute=*/5 job='/usr/sbin/ntpdate 10.10.10.10 &>/dev/null' name=Synctime disabled=no"

#刪除任務(wù)
ansible websrvs -m cron -a "name=Synctime state=absent"

Fetch 模塊
功能::從遠(yuǎn)程主機(jī)提取文件至ansible的主控端,與copy相反
注意:僅支持文件,不支持目錄
常用命令選項(xiàng):
src # 遠(yuǎn)程節(jié)點(diǎn)文件路徑
dest # 本地目標(biāo)節(jié)點(diǎn)路徑,注意,假設(shè)dest=/backup,則實(shí)際保存路徑為 /backup/遠(yuǎn)程節(jié)點(diǎn)主機(jī)名/遠(yuǎn)程節(jié)點(diǎn)文件路徑
validate_checksum # 核實(shí)提取文件到ansible主控端后與遠(yuǎn)端節(jié)點(diǎn)原始文件的摘要一致性,默認(rèn)yes
范例:

[root@ansible-160 data]# ansible appsrvs -m fetch -a 'src=/var/log/messages dest=/data/backup validate_checksum=no'
10.0.0.160 | CHANGED => {
    "changed": true, 
    "checksum": "2323b82d3ad5df8105aed7277ace5e0d3d013c24", 
    "dest": "/data/backup/10.0.0.160/var/log/messages", 
    "md5sum": "9a18d3d4d08fcc02bab10543f94a9815", 
    "remote_checksum": "5631361c72a952b76459eb7d278905f0097a8081", 
    "remote_md5sum": null
}
10.0.0.169 | CHANGED => {
    "changed": true, 
    "checksum": "b9402be94b60821b6883379ba01a4f60abc95f3f", 
    "dest": "/data/backup/10.0.0.169/var/log/messages", 
    "md5sum": "1d9d259306c25226adaba549fc1d8a20", 
    "remote_checksum": "b9402be94b60821b6883379ba01a4f60abc95f3f", 
    "remote_md5sum": null
}
10.0.0.161 | CHANGED => {
    "changed": true, 
    "checksum": "a7d26546b837d612a7c79b1b0aed3bc0937f6ea9", 
    "dest": "/data/backup/10.0.0.161/var/log/messages", 
    "md5sum": "b1f61219f0842ea448e98475e62d8d35", 
    "remote_checksum": "a7d26546b837d612a7c79b1b0aed3bc0937f6ea9", 
    "remote_md5sum": null
}

[root@ansible-160 data]# tree backup/
backup/
├── 10.0.0.160
│   └── var
│       └── log
│           └── messages
├── 10.0.0.161
│   └── var
│       └── log
│           └── messages
└── 10.0.0.169
    └── var
        └── log
            └── messages

9 directories, 3 files

File 模塊
功能:設(shè)置文件和屬性,創(chuàng)建軟鏈接等
注意:Windows節(jié)點(diǎn)使用win_file模塊管理
范例:

#創(chuàng)建目錄
[root@ansible-160 data]# ansible 10.0.0.161 -m file -a 'path=/data/dir1 state=directory'

#創(chuàng)建文件
[root@ansible-160 data]# ansible 10.0.0.161 -m file -a 'path=/data/dir1/file1 state=touch'

#創(chuàng)建軟鏈接 /data/file1-link 指向 /data/dir1/file1
[root@ansible-160 data]# ansible 10.0.0.161 -m file -a 'src=/data/dir1/file1 path=/data/file1-link state=link'

#刪除文件
[root@ansible-160 data]# ansible 10.0.0.161 -m file -a 'path=/data/file1-link state=absent'

#修改目錄屬性,目錄下面的文件屬性沒改變
[root@ansible-160 data]# ansible 10.0.0.161 -m file -a 'path=/data/dir1 state=directory owner=thomas group=thomas'

#修改目錄及其子目錄的屬性
[root@ansible-160 data]# ansible 10.0.0.161 -m file -a 'path=/data/dir1 state=directory owner=thomas group=thomas recurse=yes'

Get_url 模塊
功能:用于將文件從http、https或ftp下載到遠(yuǎn)程管理節(jié)點(diǎn)主機(jī)上
注意:遠(yuǎn)程管理節(jié)點(diǎn)必須具備訪問該資源的權(quán)限
常用命令選項(xiàng):
url # 下載文件的URL,支持HTTP,HTTPS,F(xiàn)TP
dest # 下載到目標(biāo)路徑(絕對路徑),如果目標(biāo)是一個目錄,就用服務(wù)器上面文件的名稱,如果目標(biāo)設(shè)置了名稱就用目標(biāo)設(shè)置的名稱
owner # 指定所屬主
group # 指定所屬組
checksum # 對目標(biāo)文件在下載后計(jì)算摘要,以確保其完整性
示例:checksum="sha256:D98291AC[...]B6DC7B97" 或者 checksum="sha256:http://example.com/path/sha256sum.txt"
url_username # 用于HTTP基本認(rèn)證的用戶名、
url_password # 用于HTTP基本認(rèn)證的密碼
范例:

[root@ansible-160 data]# ansible 10.0.0.161 -m get_url -a 'url=http://nginx.org/download/nginx-1.21.6.tar.gz dest=/data/' 
10.0.0.161 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "checksum_dest": null, 
    "checksum_src": "3e6d39a714f6716861286630a5f9df3044668d5a", 
    "dest": "/data/nginx-1.21.6.tar.gz", 
    "elapsed": 1, 
    "gid": 0, 
    "group": "root", 
    "md5sum": "e7a9b0388d8812ba6063de4e7e7969be", 
    "mode": "0644", 
    "msg": "OK (1073364 bytes)", 
    "owner": "root", 
    "size": 1073364, 
    "src": "/root/.ansible/tmp/ansible-tmp-1649585949.15-3430-169000840838239/tmprsvx8dr9", 
    "state": "file", 
    "status_code": 200, 
    "uid": 0, 
    "url": "http://nginx.org/download/nginx-1.21.6.tar.gz"
}
[root@ansible-160 data]# ansible 10.0.0.161 -m shell -a 'ls -l /data/nginx*' 
10.0.0.161 | CHANGED | rc=0 >>
-rw-r--r-- 1 root root 1073364 Apr 10 18:19 /data/nginx-1.21.6.tar.gz

Hostname模塊
功能:管理主機(jī)名
范例:

#修改主機(jī)10.0.0.162主機(jī)名
[root@ansible-160 data]# ansible 10.0.0.162 -m hostname -a 'name=dbs-162'
10.0.0.162 | CHANGED => {
    "ansible_facts": {
        "ansible_domain": "", 
        "ansible_fqdn": "dbs-162", 
        "ansible_hostname": "dbs-162", 
        "ansible_nodename": "dbs-162", 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "dbs-162"
}

Ping 模塊
功能:連通性測試,判斷ansible是否能通過ssh來管理遠(yuǎn)程主機(jī)節(jié)點(diǎn)
注意:這個不是常見的ICMP ping,成功結(jié)果是返回 “pong”,Windows主機(jī)使用 win_ping 模塊,網(wǎng)絡(luò)測試使用 net_ping
范例:

[root@ansible-160 ~]# ansible 10.0.0.161 -m ping 
10.0.0.161 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}

Reboot 模塊
功能:重啟服務(wù)器
范例:

#重啟web服務(wù)器組機(jī)器
ansible websrvs -m reboot

Replace 模塊
功能:類似于sed命令,基于正則進(jìn)行匹配和替換,推薦使用
范例:

[root@centos-160 ~]# ansible 10.0.0.161 -m replace -a 'path=/data/passwd regexp="^root(.*)" replace="test\1"'
10.0.0.161 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "msg": "1 replacements made"
}

Scripts 模塊
功能:在遠(yuǎn)程節(jié)點(diǎn)主機(jī)上運(yùn)行ansible本地服務(wù)器上的腳本(無需執(zhí)行權(quán)限)
注意:此模塊不具有冪等性
范例:

[root@ansible-160 data]# ansible 10.0.0.161 -m script -a '/data/hostname.sh' 
10.0.0.161 | CHANGED => {
    "changed": true, 
    "rc": 0, 
    "stderr": "Shared connection to 10.0.0.161 closed.\r\n", 
    "stderr_lines": [
        "Shared connection to 10.0.0.161 closed."
    ], 
    "stdout": "10.0.0.161 \r\n", 
    "stdout_lines": [
        "10.0.0.161 "
    ]
}

Shell 模塊
功能:在遠(yuǎn)程節(jié)點(diǎn)主機(jī)執(zhí)行命令,與command類似。
注意:該模塊等同于通過shell來執(zhí)行命令,支持管道符等操作,如"<",">","|",";","&"。
常用命令選項(xiàng):
creates # 一個文件名,當(dāng)這個文件存在,則該命令不執(zhí)行,可以用來做判斷。
removes # 一個文件名,這個文件不存在,則該命令不執(zhí)行
范例:

#支持command所不支持的管道符功能
[root@ansible-160 ~]# ansible 10.0.0.161 -m shell -a 'ls /etc | wc -l'
10.0.0.161 | CHANGED | rc=0 >>
177

#creates 因?yàn)閏cc.txt文件存在,所以不執(zhí)行命令,與command模塊里面的效果一樣
[root@ansible-160 ~]# ansible 10.0.0.161 -m shell -a 'creates=/data/ccc.txt ls /etc | wc -l'
10.0.0.161 | SUCCESS | rc=0 >>
skipped, since /data/ccc.txt exist

Service 模塊
功能:管理服務(wù)。
常用命令選項(xiàng):
name # 服務(wù)名稱
enabled # 設(shè)置yes表示服務(wù)開機(jī)啟動
state # reloaded 重載配置、restarted 重啟服務(wù)、started 啟動服務(wù)、stopped 停止服務(wù)
范例:

#開啟并設(shè)置自啟動httpd服務(wù)
ansible websrvs -m service -a 'name=httpd state=started enabled=yes'

Setup 模塊
功能:用于收集被管理節(jié)點(diǎn)的系統(tǒng)信息
范例:

#顯示全部信息
[root@centos-160 ~]# ansible 10.0.0.161 -m setup

#過濾信息 查看內(nèi)存
[root@centos-160 ~]# ansible 10.0.0.161 -m setup -a 'filter=*mem*'
10.0.0.161 | SUCCESS => {
    "ansible_facts": {
        "ansible_memfree_mb": 1707, 
        "ansible_memory_mb": {
            "nocache": {
                "free": 1788, 
                "used": 192
            }, 
            "real": {
                "free": 1707, 
                "total": 1980, 
                "used": 273
            }, 
            "swap": {
                "cached": 0, 
                "free": 2047, 
                "total": 2047, 
                "used": 0
            }
        }, 
        "ansible_memtotal_mb": 1980, 
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false
}

Stat 模塊
功能:檢查文件或文件系統(tǒng)的狀態(tài)。
注意:對于Windows目標(biāo)主機(jī),用win_stat模塊。
常用命令選項(xiàng):
path # 文件/對象的完整路徑(必須)。
范例:

[root@ansible-160 data]# ansible 10.0.0.161 -m stat -a 'path=/data/nginx-1.21.6.tar.gz'
10.0.0.161 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "stat": {
        "atime": 1649585951.668993, 
        "attr_flags": "", 
        "attributes": [], 
        "block_size": 4096, 
        "blocks": 2104, 
        "charset": "binary", 
        "checksum": "3e6d39a714f6716861286630a5f9df3044668d5a", 
        "ctime": 1649585951.6659932, 
        "dev": 2053, 
        "device_type": 0, 
        "executable": false, 
        "exists": true, 
        "gid": 0, 
        "gr_name": "root", 
        "inode": 72, 
        "isblk": false, 
        "ischr": false, 
        "isdir": false, 
        "isfifo": false, 
        "isgid": false, 
        "islnk": false, 
        "isreg": true, 
        "issock": false, 
        "isuid": false, 
        "mimetype": "application/x-gzip", 
        "mode": "0644", 
        "mtime": 1649585951.6599934, 
        "nlink": 1, 
        "path": "/data/nginx-1.21.6.tar.gz", 
        "pw_name": "root", 
        "readable": true, 
        "rgrp": true, 
        "roth": true, 
        "rusr": true, 
        "size": 1073364, 
        "uid": 0, 
        "version": "2114519207", 
        "wgrp": false, 
        "woth": false, 
        "writeable": true, 
        "wusr": true, 
        "xgrp": false, 
        "xoth": false, 
        "xusr": false
    }
}

Unarchive 模塊
功能:解壓縮包。
注意:對于Windows目標(biāo)主機(jī),用win_unzip模塊。
常用命令選項(xiàng):
copy # 默認(rèn)yes,即文件從ansible主控端復(fù)制到目標(biāo)節(jié)點(diǎn)并解壓縮。如果設(shè)置為no,則從指定的遠(yuǎn)端主機(jī)節(jié)點(diǎn)尋找解壓縮的源文件。
remote_src # 與copy選項(xiàng)互斥。默認(rèn)no,設(shè)置為yes表示文件在遠(yuǎn)端節(jié)點(diǎn)主機(jī)。
src # 源路徑,可以是ansible主機(jī)上的路徑,也可以是遠(yuǎn)程主機(jī)(被管理端或者第三方主機(jī))上的路徑,如果是遠(yuǎn)程主機(jī)上的路徑,則需要設(shè)置copy=no或remote_src=yes。
dest # 遠(yuǎn)程主機(jī)上的目標(biāo)路徑
mode #設(shè)置解壓縮后的文件權(quán)限
范例:

#將ansible本地壓縮包解壓至目標(biāo)節(jié)點(diǎn)指定路徑,并設(shè)置權(quán)限為755
[root@ansible-160 data]# ansible 10.0.0.161 -m unarchive -a 'src=/data/nginx-1.20.2.tar.gz dest=/usr/src/local mode=755'
10.0.0.161 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "dest": "/usr/src/local", 
    "extract_results": {
        "cmd": [
            "/usr/bin/gtar", 
            "--extract", 
            "-C", 
            "/usr/src/local", 
            "-z", 
            "-f", 
            "/root/.ansible/tmp/ansible-tmp-1649600578.5-4436-202199801069746/source"
        ], 
        "err": "", 
        "out": "", 
        "rc": 0
    }, 
    "gid": 0, 
    "group": "root", 
    "handler": "TgzArchive", 
    "mode": "0755", 
    "owner": "root", 
    "size": 26, 
    "src": "/root/.ansible/tmp/ansible-tmp-1649600578.5-4436-202199801069746/source", 
    "state": "directory", 
    "uid": 0
}

#從http遠(yuǎn)程下載并解壓至指定路徑,此時需要設(shè)置remote_src=yes
[root@ansible-160 data]# ansible 10.0.0.161 -m unarchive -a 'src=http://nginx.org/download/nginx-1.20.2.tar.gz dest=/usr/src/local remote_src=yes mode=755'

#指定從遠(yuǎn)程節(jié)點(diǎn)上面的壓縮包解壓至指定路徑,此時需要設(shè)置remote_src=yes 或 copy=no
[root@ansible-160 data]# ansible 10.0.0.161 -m unarchive -a 'src=/data/nginx-1.21.6.tar.gz dest=/usr/src/local copy=no mode=755'

User 模塊 和 Group 模塊
User模塊
功能:管理用戶賬號。
注意:Windows節(jié)點(diǎn)用 win_user 模塊管理。
常用命令選項(xiàng):
name # 用戶名稱。
uid # 指定用戶id號。
group # 指定用戶所屬組(primary group)。
home # 指定家目錄路徑。
shell # 指定用戶shell。
system # 默認(rèn)為no,指定yes時設(shè)置為系統(tǒng)用戶,注意無法修改已經(jīng)創(chuàng)建的用戶屬性。
state # 默認(rèn)present,設(shè)置為absent時刪除用戶,搭配 remove=yes 可同時刪除家目錄信息。
范例:

#創(chuàng)建用戶 注意,create_home=no 時指定的家目錄參數(shù)無法創(chuàng)建
[root@centos-160 ~]# ansible 10.0.0.161 -m user -a 'name=sys001 comment=sys001 system=yes uid=88 group=sys001 groups="root, daemon" shell=/sbin/nologin create_home=no home=/data/sys001 non_unique=yes'
10.0.0.161 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "sys001", 
    "create_home": false, 
    "group": 88, 
    "groups": "root, daemon", 
    "home": "/data/sys001", 
    "name": "sys001", 
    "shell": "/sbin/nologin", 
    "state": "present", 
    "system": true, 
    "uid": 88
}

#刪除用戶及家目錄等數(shù)據(jù)
[root@centos-160 ~]# ansible 10.0.0.161 -m user -a 'name=sys001 state=absent remove=yes'
10.0.0.161 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "force": false, 
    "name": "sys001", 
    "remove": true, 
    "state": "absent", 
    "stderr": "userdel: sys001 mail spool (/var/spool/mail/sys001) not found\nuserdel: sys001 home directory (/data/sys001) not found\n", 
    "stderr_lines": [
        "userdel: sys001 mail spool (/var/spool/mail/sys001) not found", 
        "userdel: sys001 home directory (/data/sys001) not found"
    ]
}

#創(chuàng)建帶有密碼的用戶
#創(chuàng)建密碼,明文=123456 
[root@centos-160 ~]# ansible localhost -m debug -a "msg={{'123456' | password_hash('sha512', 'salt')}}"
localhost | SUCCESS => {
    "msg": "$6$salt$MktMKPZJ6t59GfxcJU20DwcwQzfMvOlHFVZiOVD71w.igcOo1R7vBYR65JquIQ/7siC7VRpmteKvZmfSkNc69."
}
#創(chuàng)建用戶test001,密碼為123456
[root@centos-160 ~]# ansible 10.0.0.161 -m user -a 'name=test001 password="$6$salt$MktMKPZJ6t59GfxcJU20DwcwQzfMvOlHFVZiOVD71w.igcOo1R7vBYR65JquIQ/7siC7VRpmteKvZmfSkNc69."'
10.0.0.161 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 1001, 
    "home": "/home/test001", 
    "name": "test001", 
    "password": "NOT_LOGGING_PASSWORD", 
    "shell": "/bin/bash", 
    "state": "present", 
    "system": false, 
    "uid": 1001
}

#創(chuàng)建用戶私鑰
[root@centos-160 ~]# ansible 10.0.0.161 -m user -a 'name=test001 generate_ssh_key=yes ssh_key_bits=4096'
10.0.0.161 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "append": false, 
    "changed": true, 
    "comment": "", 
    "group": 1001, 
    "home": "/home/test001", 
    "move_home": false, 
    "name": "test001", 
    "shell": "/bin/bash", 
    "ssh_fingerprint": "4096 SHA256:9ytYEE0FS2LHHPK1WpEYe5uTDAet5GTfCZpk4ianVxM ansible-generated on centos-161 (RSA)", 
    "ssh_key_file": "/home/test001/.ssh/id_rsa", 
    "ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC3/yHc7vJxApvS8vu+iBh4mgVDSotHrJ8RlffIWtSq/thpqMDOgQ1ddQYjTjM25XQ7ebmlTK0akKVSQ47FkXfq8pYN0lmU1Z2ksGYd2ov6/NlSeNU2+8OOuM3pAcHtbFEL9M93k261NHR9UgqKwNyZ1qgJTqKIydZWwQkVfEXQ9dd1U4gejjlOJJNlRxeFN7Z0mm4/QhfhARbc3xX06dADkLvJcLmLBM9dCeArAw0OPPQsBJDniLSavURni2Hr+kzwCwMCc90SMYYFGiyeg2jOYODBrMYStmn5i7I53JCxqC1YYg8vb9kmtUqDSlBbhW5uchl74NaCN2hSgozDThD0Asugf5bGoqx3WcO1SnXvCpRKx3SAaXxaBVmI/OqnSuNq2bVRHSBHHOGr6Dd2x+B+OgUvPbDtm7SoHINBXYXD2aGQL6OlfOdVjlqhe2AC/1vykZH+6OlKj+ZbnFF6Wuf4lwFCJjE2FjKDQIouXgtPDwhPKMLA7xNt/ieNIH+tJPZn1MeBeRQX58KwhF3zdHA4w+tacKpej2c8lT5ZmgHSKknfr1cgBNQ2fN84xRhP1iUMqLUIlhfaMwOTNEWCj0HUPWHUveGDk2xlARsaay5IoiMRCy7MQJ6yFcK7WUNskefHAUTlAc8A6AR7C+zHiw83r8BSpKqeMoNwtjcw7jL3Rw== ansible-generated on centos-161", 
    "state": "present", 
    "uid": 1001
}

Goup模塊
功能:添加或刪除組
常用命令選項(xiàng):
name # 組名稱。
gid # 指定組id號。
state # 默認(rèn)present,值為absent表示刪除指定組。
system # 默認(rèn)no,值為yes表示為系統(tǒng)組。
范例:

#創(chuàng)建組
[root@centos-160 ~]# ansible 10.0.0.161 -m group -a 'name=sys001 system=yes gid=88'
10.0.0.161 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "gid": 88, 
    "name": "sys001", 
    "state": "present", 
    "system": true
}

#刪除組
[root@centos-160 ~]# ansible 10.0.0.161 -m group -a 'name=sys001 state=absent'
10.0.0.161 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "name": "sys001", 
    "state": "absent"
}

Yum 模塊 Apt模塊
Yum 模塊
功能:yum軟件包管理。
注意:只支持 RHEL,CentOS,F(xiàn)edora,不支持Ubuntu其他版本。
常用命令選項(xiàng):
name # 所安裝軟件包的名稱。
state # present/installed -- 安裝選項(xiàng),absent/removed -- 刪除選項(xiàng),latest -- 安裝最新版本。
update_cache # 強(qiáng)制更新yum緩存。
disablerepo # 臨時禁用yum倉庫,只用于安裝或更新時。
enablerepo # 臨時使用的yum倉庫,只用于安裝或更新時。
范例:

#指定節(jié)點(diǎn)安裝httpd
[root@ansible-160 ~]# ansible 10.0.0.161 -m shell -a 'command_warnings=False rpm -q httpd'
10.0.0.161 | FAILED | rc=1 >>
package httpd is not installednon-zero return code
[root@ansible-160 ~]# ansible 10.0.0.161 -m yum -a 'name=httpd state=present'
10.0.0.161 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "changes": {
        "installed": [
            "httpd"
        ]
    }
[root@ansible-160 ~]# ansible 10.0.0.161 -m shell -a 'command_warnings=False rpm -q httpd'
10.0.0.161 | CHANGED | rc=0 >>
httpd-2.4.6-97.el7.centos.5.x86_64

#刪除節(jié)點(diǎn)指定軟件
[root@ansible-160 ~]# ansible 10.0.0.161 -m yum -a 'name=httpd state=absent'
10.0.0.161 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": true, 
    "changes": {
        "removed": [
            "httpd"
        ]
    }
[root@ansible-160 ~]# ansible 10.0.0.161 -m shell -a 'command_warnings=False rpm -q httpd'
10.0.0.161 | FAILED | rc=1 >>
package httpd is not installednon-zero return code

#查看包,相當(dāng)于 yum list --show-duplicates <package>  命令
[root@ansible-160 ~]# ansible 10.0.0.161 -m yum -a 'list=tree'
10.0.0.161 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "results": [
        {
            "arch": "x86_64", 
            "envra": "0:tree-1.6.0-10.el7.x86_64", 
            "epoch": "0", 
            "name": "tree", 
            "release": "10.el7", 
            "repo": "base", 
            "version": "1.6.0", 
            "yumstate": "available"
        }, 
        {
            "arch": "x86_64", 
            "envra": "0:tree-1.6.0-10.el7.x86_64", 
            "epoch": "0", 
            "name": "tree", 
            "release": "10.el7", 
            "repo": "installed", 
            "version": "1.6.0", 
            "yumstate": "installed"
        }
    ]
}

Apt 模塊
功能:apt軟件包管理。
注意:Debian/Ubuuntu 系統(tǒng)軟件包管理。
常用命令選項(xiàng):
name # 所安裝軟件包的名稱。
state # 默認(rèn)present,值為absent是代表刪除軟件包,搭配 purge=yes 同時刪除配置文件。

最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時請結(jié)合常識與多方信息審慎甄別。
平臺聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡書系信息發(fā)布平臺,僅提供信息存儲服務(wù)。
禁止轉(zhuǎn)載,如需轉(zhuǎn)載請通過簡信或評論聯(lián)系作者。

友情鏈接更多精彩內(nèi)容