Ad-Hoc概念

Ad-Hoc,既是一些需要临时使用ansible执行的命令集合。比如,使用pip 安装模块，利用ansible 模块service 启动服务等;

Ad-Hoc使用场景

任务临时性的执行操作,比如: 当前需要针对10台机器安装artifactory模块,我们就可以使用ansible 命令进行操作;

Ad-Hoc日常使用

1.命令用法:
ansible <host-pattern> [options]
可用选项:
-v : 输出命令的执行过程信息, -vvv 可得到执行过程所有信息;
-m NAME :指定执行使用的模块;
-k, --ask-pass SSH: 认证密码;
-K --ask-sudo-pass sudo:用户密码(--sudo 时使用);
-u USERNAME: 指定远程主机以USERNAME 运行命令;
更多的选项可以使用输入ansible 进行查看:

2.案例1.查看远程主机的连通性
在本机 /etc/ansible/hosts 文件加入远程主机列表，通过定义组来管理一组具有相同功能的主机;

[auto]
172.24.239.195

执行结果:

localhost:ansible xiaolin.zhang$ ansible auto -m ping -u root
172.24.239.195 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": false, //false 表示没有对主机做变更
    "ping": "pong" //表示执行了ping 命令返回的结果
}

3. 案例2.查看auto 组的主机列表

localhost:ansible xiaolin.zhang$ ansible auto --list-hosts -u root
  hosts (1):
    172.24.239.195

4. 案例3. 远程主机安装模块artifactory

localhost:ansible xiaolin.zhang$ ansible auto -m pip -a 'name=artifactory' -u root
172.24.239.195 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "cmd": [
        "/usr/bin/python",
        "-m",
        "pip.__main__",
        "install",
        "artifactory"
    ],
    "name": [
        "artifactory"
    ],
    "requirements": null,
    "state": "present",
    "stderr": "",
    "stderr_lines": [
        ""
    ],
    "stdout": "Collecting artifactory\n  Downloading artifactory-0.1.17.tar.gz (14 kB)\nRequirement already satisfied: pathlib in /usr/lib/python2.7/site-packages (from artifactory) (1.0.1)...'", "Successfully installed artifactory-0.1.17" # 输出过程太长,以... 代替
    ],
    "version": null,
    "virtualenv": null
}

命令执行过程分析

使用-vvv 可以查看详细的执行过程, 针对ping 模块的一组机器的连通性检查:ansible auto -m ping -u root -vvv
如下是执行过程中的输出日志:

1.host_list declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
script declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
auto declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Parsed /etc/ansible/hosts inventory source with ini plugin
解析/etc/ansible/hosts文件下 auto组的主机列表

2.<172.24.239.194> ESTABLISH SSH CONNECTION FOR USER: root
使用root 用户身份和远端节点172.24.239.194 建立ssh 连接

3.<172.24.239.194> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o Port=22 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o 'ControlPath="/Users/xiaolin.zhang/.ansible/cp/b3f961b211"' 172.24.239.194 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /root/.ansible/tmp `"&& mkdir "` echo /root/.ansible/tmp/ansible-tmp-1679813226.574671-8688-54194758228758 `" && echo ansible-tmp-1679813226.574671-8688-54194758228758="` echo /root/.ansible/tmp/ansible-tmp-1679813226.574671-8688-54194758228758 `" ) && sleep 0'"'"''
远端节点上创建临时目录/root/.ansible/tmp,并为本次执行过程需要存储的文件创建临时子目录ansible-tmp-1679813226.574671-8688-54194758228758

4.<172.24.239.194> PUT /Users/xiaolin.zhang/.ansible/tmp/ansible-local-8686wugxuh3z/tmp57_5n3ff TO /root/.ansible/tmp/ansible-tmp-1679813226.574671-8688-54194758228758/AnsiballZ_ping.py
通过anbile 对应模块生成临时文件,然后上传到远端节点临时目录下/root/.ansible/tmp/ansible-tmp-1679813226.574671-8688-54194758228758/AnsiballZ_ping.py 

5.<172.24.239.194> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o Port=22 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o 'ControlPath="/Users/xiaolin.zhang/.ansible/cp/b3f961b211"' 172.24.239.194 '/bin/sh -c '"'"'chmod u+x /root/.ansible/tmp/ansible-tmp-1679813226.574671-8688-54194758228758/ /root/.ansible/tmp/ansible-tmp-1679813226.574671-8688-54194758228758/AnsiballZ_ping.py && sleep 0'"'"''
修改远端节点临时文件AnsiballZ_ping.py 为可执行权限,然后python 解释器会执行AnsiballZ_ping.py

6.<172.24.239.194> (0, b'\r\n{"invocation": {"module_args": {"data": "pong"}}, "ping": "pong"}\r\n', b'Shared connection to 172.24.239.194 closed.\r\n')
返回执行的ping 结果

7.<172.24.239.194> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o Port=22 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o 'ControlPath="/Users/xiaolin.zhang/.ansible/cp/b3f961b211"' 172.24.239.194 '/bin/sh -c '"'"'rm -f -r /root/.ansible/tmp/ansible-tmp-1679813226.574671-8688-54194758228758/ > /dev/null 2>&1 && sleep 0'"'"''
删除远程节点的存放AnsiballZ_ping.py 文件的临时目录