반응형
ansible apt 모듈(apt module)
인벤토리(inventory) 확인
ansible-inventory -i inventory/mycluster/inventory.ini --graph
$ ansible-inventory -i inventory/mycluster/inventory.ini --graph
@all:
|--@etcd:
| |--kube-control1
|--@k8s_cluster:
| |--@calico_rr:
| |--@kube_control_plane:
| | |--kube-control1
| |--@kube_node:
| | |--kube-node1
| | |--kube-node2
| | |--kube-node3
| | |--kube-node4
| | |--kube-node5
| | |--kube-node6
|--@ungrouped:
ansible -i inventory/mycluster/inventory.ini all --list-hosts
$ ansible -i inventory/mycluster/inventory.ini all --list-hosts
hosts (7):
kube-control1
kube-node1
kube-node2
kube-node3
kube-node4
kube-node5
kube-node6
ping check
ansible -i inventory/mycluster/inventory.ini kube_node -m ping
$ ansible -i inventory/mycluster/inventory.ini kube_node -m ping
[WARNING]: Skipping callback plugin 'ara_default', unable to load
kube-node3 | SUCCESS => {
"changed": false,
"ping": "pong"
}
kube-node2 | SUCCESS => {
"changed": false,
"ping": "pong"
}
kube-node1 | SUCCESS => {
"changed": false,
"ping": "pong"
}
kube-node5 | SUCCESS => {
"changed": false,
"ping": "pong"
}
kube-node4 | SUCCESS => {
"changed": false,
"ping": "pong"
}
kube-node6 | SUCCESS => {
"changed": false,
"ping": "pong"
}
apt 모듈 사용 방법 확인
ansible-doc apt
$ ansible-doc apt
> ANSIBLE.BUILTIN.APT (/usr/local/lib/python3.10/dist-packages/ansible/modules/apt.py)
Manages `apt' packages (such as for Debian/Ubuntu).
ADDED IN: version 0.0.2 of ansible-core
OPTIONS (= is mandatory):
- allow_downgrade
Corresponds to the `--allow-downgrades' option for `apt'.
This option enables the named package and version to replace an already installed higher version of that package.
Note that setting `allow_downgrade=true' can make this module behave in a non-idempotent way.
(The task could end up with a set of packages that does not match the complete list of specified packages to install).
(Aliases: allow-downgrade, allow_downgrades, allow-downgrades)[Default: no]
type: bool
added in: version 2.12 of ansible-core
- allow_unauthenticated
Ignore if packages cannot be authenticated. This is useful for bootstrapping environments that manage their own apt-key
setup.
`allow_unauthenticated' is only supported with state: `install'/`present'
(Aliases: allow-unauthenticated)[Default: no]
type: bool
added in: version 2.1 of ansible-core
- autoclean
If `yes', cleans the local repository of retrieved package files that can no longer be downloaded.
[Default: no]
type: bool
added in: version 2.4 of ansible-core
- autoremove
If `yes', remove unused dependency packages for all module states except `build-dep'. It can also be used as the only
option.
Previous to version 2.4, autoclean was also an alias for autoremove, now it is its own separate command. See
documentation for further information.
[Default: no]
type: bool
added in: version 2.1 of ansible-core
- cache_valid_time
Update the apt cache if it is older than the `cache_valid_time'. This option is set in seconds.
As of Ansible 2.4, if explicitly set, this sets `update_cache=yes'.
[Default: 0]
type: int
- deb
Path to a .deb package on the remote machine.
If :// in the path, ansible will attempt to download deb before installing. (Version added 2.1)
Requires the `xz-utils' package to extract the control file of the deb package to install.
[Default: (null)]
type: path
added in: version 1.6 of ansible-core
- default_release
Corresponds to the `-t' option for `apt' and sets pin priorities
(Aliases: default-release)[Default: (null)]
type: str
- dpkg_options
Add dpkg options to apt command. Defaults to '-o "Dpkg::Options::=--force-confdef" -o "Dpkg::Options::=--force-confold"'
Options should be supplied as comma separated list
[Default: force-confdef,force-confold]
type: str
- fail_on_autoremove
Corresponds to the `--no-remove' option for `apt'.
If `yes', it is ensured that no packages will be removed or the task will fail.
`fail_on_autoremove' is only supported with state except `absent'
[Default: no]
type: bool
added in: version 2.11 of ansible-core
- force
Corresponds to the `--force-yes' to `apt-get' and implies `allow_unauthenticated: yes' and `allow_downgrade: yes'
This option will disable checking both the packages' signatures and the certificates of the web servers they are
downloaded from.
This option *is not* the equivalent of passing the `-f' flag to `apt-get' on the command line
**This is a destructive operation with the potential to destroy your system, and it should almost never be used.**
Please also see `man apt-get' for more information.
[Default: no]
type: bool
- force_apt_get
Force usage of apt-get instead of aptitude
[Default: no]
type: bool
added in: version 2.4 of ansible-core
- install_recommends
Corresponds to the `--no-install-recommends' option for `apt'. `yes' installs recommended packages. `no' does not
install recommended packages. By default, Ansible will use the same defaults as the operating system. Suggested packages
are never installed.
(Aliases: install-recommends)[Default: (null)]
type: bool
- lock_timeout
How many seconds will this action wait to acquire a lock on the apt db.
Sometimes there is a transitory lock and this will retry at least until timeout is hit.
[Default: 60]
type: int
added in: version 2.12 of ansible-core
- name
A list of package names, like `foo', or package specifier with version, like `foo=1.0'. Name wildcards (fnmatch) like
`apt*' and version wildcards like `foo=1.0*' are also supported.
(Aliases: package, pkg)[Default: (null)]
elements: str
type: list
- only_upgrade
Only upgrade a package if it is already installed.
[Default: no]
type: bool
added in: version 2.1 of ansible-core
- policy_rc_d
Force the exit code of /usr/sbin/policy-rc.d.
For example, if `policy_rc_d=101' the installed package will not trigger a service start.
If /usr/sbin/policy-rc.d already exists, it is backed up and restored after the package installation.
If `null', the /usr/sbin/policy-rc.d isn't created/changed.
[Default: None]
type: int
added in: version 2.8 of ansible-core
- purge
Will force purging of configuration files if the module state is set to `absent'.
[Default: no]
type: bool
- state
Indicates the desired package state. `latest' ensures that the latest version is installed. `build-dep' ensures the
package build dependencies are installed. `fixed' attempt to correct a system with broken dependencies in place.
(Choices: absent, build-dep, latest, present, fixed)[Default: present]
type: str
- update_cache
Run the equivalent of `apt-get update' before the operation. Can be run as part of the package installation or as a
separate step.
Default is not to update the cache.
(Aliases: update-cache)[Default: (null)]
type: bool
- update_cache_retries
Amount of retries if the cache update fails. Also see `update_cache_retry_max_delay'.
[Default: 5]
type: int
added in: version 2.10 of ansible-core
- update_cache_retry_max_delay
Use an exponential backoff delay for each retry (see `update_cache_retries') up to this max delay in seconds.
[Default: 12]
type: int
added in: version 2.10 of ansible-core
- upgrade
If yes or safe, performs an aptitude safe-upgrade.
If full, performs an aptitude full-upgrade.
If dist, performs an apt-get dist-upgrade.
Note: This does not upgrade a specific package, use state=latest for that.
Note: Since 2.4, apt-get is used as a fall-back if aptitude is not present.
(Choices: dist, full, no, safe, yes)[Default: no]
type: str
added in: version 1.1 of ansible-core
ATTRIBUTES:
check_mode:
description: Can run in check_mode and return changed status prediction withought
modifying target
support: full
diff_mode:
description: Will return details on what has changed (or possibly needs changing
in check_mode), when in diff mode
support: full
platform:
description: Target OS/families that can be operated against
platforms: debian
support: N/A
NOTES:
* Three of the upgrade modes (`full', `safe' and its alias `yes') required `aptitude' up to 2.3, since 2.4 `apt-get'
is used as a fall-back.
* In most cases, packages installed with apt will start newly installed services by default. Most distributions have
mechanisms to avoid this. For example when installing Postgresql-9.5 in Debian 9, creating an excutable shell
script (/usr/sbin/policy-rc.d) that throws a return code of 101 will stop Postgresql 9.5 starting up after
install. Remove the file or remove its execute permission afterwards.
* The apt-get commandline supports implicit regex matches here but we do not because it can let typos through easier
(If you typo `foo' as `fo' apt-get would install packages that have "fo" in their name with a warning and a prompt
for the user. Since we don't have warnings and prompts before installing we disallow this.Use an explicit fnmatch
pattern if you want wildcarding)
* When used with a `loop:' each package will be processed individually, it is much more efficient to pass the list
directly to the `name' option.
REQUIREMENTS: python-apt (python 2), python3-apt (python 3), aptitude (before 2.4)
AUTHOR: Matthew Williams (@mgwilliams)
EXAMPLES:
- name: Install apache httpd (state=present is optional)
apt:
name: apache2
state: present
- name: Update repositories cache and install "foo" package
apt:
name: foo
update_cache: yes
- name: Remove "foo" package
apt:
name: foo
state: absent
- name: Install the package "foo"
apt:
name: foo
- name: Install a list of packages
apt:
pkg:
- foo
- foo-tools
- name: Install the version '1.00' of package "foo"
apt:
name: foo=1.00
- name: Update the repository cache and update package "nginx" to latest version using default release squeeze-backport
apt:
name: nginx
state: latest
default_release: squeeze-backports
update_cache: yes
- name: Install the version '1.18.0' of package "nginx" and allow potential downgrades
apt:
name: nginx=1.18.0
state: present
allow_downgrade: yes
- name: Install zfsutils-linux with ensuring conflicted packages (e.g. zfs-fuse) will not be removed.
apt:
name: zfsutils-linux
state: latest
fail_on_autoremove: yes
- name: Install latest version of "openjdk-6-jdk" ignoring "install-recommends"
apt:
name: openjdk-6-jdk
state: latest
install_recommends: no
- name: Update all packages to their latest version
apt:
name: "*"
state: latest
- name: Upgrade the OS (apt-get dist-upgrade)
apt:
upgrade: dist
- name: Run the equivalent of "apt-get update" as a separate step
apt:
update_cache: yes
- name: Only run "update_cache=yes" if the last one is more than 3600 seconds ago
apt:
update_cache: yes
cache_valid_time: 3600
- name: Pass options to dpkg on run
apt:
upgrade: dist
update_cache: yes
dpkg_options: 'force-confold,force-confdef'
- name: Install a .deb package
apt:
deb: /tmp/mypackage.deb
- name: Install the build dependencies for package "foo"
apt:
pkg: foo
state: build-dep
- name: Install a .deb package from the internet
apt:
deb: https://example.com/python-ppq_0.1-1_all.deb
- name: Remove useless packages from the cache
apt:
autoclean: yes
- name: Remove dependencies that are no longer required
apt:
autoremove: yes
RETURN VALUES:
- cache_update_time
time of the last cache update (0 if unknown)
returned: success, in some cases
sample: 1425828348000
type: int
- cache_updated
if the cache was updated or not
returned: success, in some cases
sample: true
type: bool
- stderr
error output from apt
returned: success, when needed
sample: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the
'ServerName' directive globally to ...
type: str
- stdout
output from apt
returned: success, when needed
sample: Reading package lists... Building dependency tree... Reading state information... The following extra packages will be
installed: apache2-bin ...
type: str
(END)
ansible apt 모듈을 사용하여 nfs-common 패키지 설치
ansible -i inventory/mycluster/inventory.ini kube_node -m apt -a 'name=nfs-common state=present update_cache=yes' --become
ansible-playbook을 사용하여 nfs-common 패키지 설치
packageInstall.yaml 편집
vim packageInstall.yaml
$ vim packageInstall.yaml
---
- hosts: all
become: true
tasks:
- name: Update repositories cache and install nfs-common package (state=present is optional)
apt:
name: nfs-common
state: present
update_cache: yes
ansible-playbook -i ~/kubespray/inventory/mycluster/inventory.ini packageInstall.yaml --limit "kube_node"
참고URL
- Ansible Docs : https://ansible-tips-and-tricks.readthedocs.io/en/latest/ansible/commands/
728x90
반응형
'리눅스' 카테고리의 다른 글
[리눅스] ansible user 모듈(user module) (0) | 2022.10.19 |
---|---|
[리눅스] ansible copy모듈(copy module) (0) | 2022.10.19 |
우분투에서 needrestart를 설치하고 사용하는 방법 (0) | 2022.10.19 |
우분투에서 스냅을 비활성화하고 삭제하는 방법 (0) | 2022.10.19 |
우분투에서 LVM을 사용하여 ROOT 파일 시스템(vg0-lv--0)을 확장하는 방법 (0) | 2022.10.18 |