20210806 (금) ansible lineinfile, cron

lineinfile 모듈

 

[user@ansible-server 20210806]$ ansible all -m command -a "tail /tmp/selinux_config" --become 192.168.56.12 | CHANGED | rc=0 >> #     permissive - SELinux prints warnings instead of enforcing. #     disabled - No SELinux policy is loaded. SELINUX=enforcing # SELINUXTYPE= can take one of three values: #     targeted - Targeted processes are protected, #     minimum - Modification of targeted policy. Only selected processes are protected. #     mls - Multi Level Security protection. SELINUXTYPE=targeted [user@ansible-server 20210806]$ cat 0806_lineinfile5.yaml --- - name: lineinfile 5   hosts: all   become: true   tasks:   - name: configure selinux     lineinfile:       path: /tmp/selinux_config       regexp: "^SELINUX="  → ^ 를 사용하여 SELINUX= 로 시작하는 라인을 찾음       line: "SELINUX=permissive" → 변경할 내용 : permissive로 변경 [user@ansible-server 20210806]$ ansible all -m command -a "tail /tmp/selinux_config" --become 192.168.56.13 | CHANGED | rc=0 >> #     permissive - SELinux prints warnings instead of enforcing. #     disabled - No SELinux policy is loaded. SELINUX=permissive # SELINUXTYPE= can take one of three values: #     targeted - Targeted processes are protected, #     minimum - Modification of targeted policy. Only selected processes are protected. #     mls - Multi Level Security protection. SELINUXTYPE=targeted

 

cron 모듈

##### system cron 예제 ##### [user@ansible-server 20210806]$ cat 0806_cron2.yaml --- - name: cron example 2 - system cron     hosts: all   become: true   tasks:   - name: create system cron     cron:       name: "first system cron"       hour: 14       minute: 49       weekday: 5       user: "root"       job: "ps -ef |grep root >> /tmp/process_list_root.txt"       cron_file: first_system_cron   → systemcron 의 파일명을 지정(/etc/cron.d/ 경로에 저장) [user@ansible-server 20210806]$ ansible-playbook 0806_cron2.yaml … 결과생략 [user@ansible-server 20210806]$ ansible all -m command -a "cat /etc/cron.d/first_system_cron" → 파일 내용 확인 192.168.56.11 | CHANGED | rc=0 >> #Ansible: first system cron 49 14 * * 5 root ps -ef |grep root >> /tmp/process_list_root.txt

 

systemd 모듈

##### systemd 모듈 예제 ##### [user@ansible-server 20210806]$ cat 0806_systemd2.yaml --- - name: systemd example1   hosts: all   become: true   tasks:   - name: start service     systemd:       name: cups.service       state: started       enabled: true  → 영구설정 저장   - name: check service status     command: systemctl status cups.service     register: result_systemctl   - name: print service status     debug:       msg: "{{ result_systemctl.stdout_lines.1 }}" → 변수로 첫번째줄만 출력 [user@ansible-server 20210806]$ ansible-playbook 0806_systemd2.yaml … 중간 생략 TASK [print service status] ******************************************************************************************** ok: [192.168.56.11] => {     "msg": "   Loaded: loaded (/usr/lib/systemd/system/cups.service; enabled; vendor preset: enabled)" }  → 상태값 loaded 출력. (debug 모듈) ok: [192.168.56.12] => {     "msg": "   Loaded: loaded (/usr/lib/systemd/system/cups.service; enabled; vendor preset: enabled)" } ok: [192.168.56.13] => {     "msg": "   Loaded: loaded (/usr/lib/systemd/system/cups.service; enabled; vendor preset: enabled)" }

reboot 모듈

##### reboot 예제 ##### [user@ansible-server 20210806]$ cat 0806_reboot1.yaml --- - name: reboot module example1   hosts: 192.168.56.13   become: true  → reboot 위한 관리자 권한 획득   tasks:   - name: reboot system     reboot:       msg: "Reboot by System adminstrator remotely"       pre_reboot_delay: '5'  → 5초 후 실행 → ansible-playbook 으로 실행하면 task단계에서 노드가 reboot 후 정상적으로 켜질 때 까지 기다렸다가 다음작업을 진행한다.