awk，ansible配置及命令

awkawk 是一个强大的文本分析工具。awk 更像一门编程语言他可以自定义变量有条件语句有循环有数组有正则有函数等。awk 按行读取数据根据给出的条件进行查找并在找出来的行中进行操作。awk 有三种形势awkgawknawk平时所说的awk其实就是gawk。awk 是其取了三位创始人 Alfred AhoPeter Weinberger, 和 Brian Kernighan 的 Family Name 的首字符。awk 命令awk 命令格式awk [options] ‘script’ file(s)awk [options] -f scriptfile file(s)script定义如何处理数据。file是 awk 处理的数据来源awk 也可以来自其它命令的输出。-f scriptfile 从脚本文件中读取awk命令每行都是一个独立的scriptawk示例示例1获取IP地址是10.1.8.10的网卡名[rootcontenOS7 ~ 10:26:19]# ip a | grep 10.1.8.10inet 10.1.8.10/24 brd 10.1.8.255 scope global noprefixroute ens33[rootcontenOS7 ~ 10:22:00]# ip a | grep 10.1.8.10 | awk {print $NF}ens33[rootcontenOS7 ~ 10:23:01]# ip a | awk /10.1.8.10/ {print $NF}ens33示例2查看使用率超过10的文件系统[rootcontenOS7 ~ 10:23:42]# df -hFilesystem Size Used Avail Use% Mounted on devtmpfs 2.0G 0 2.0G 0%/dev tmpfs 2.0G 0 2.0G 0%/dev/shm tmpfs 2.0G 12M 2.0G 1%/run tmpfs 2.0G 0 2.0G 0%/sys/fs/cgroup/dev/mapper/centos_contenos7-root 50G 1.9G 49G 4%//dev/sda1 1014M 170M 845M 17%/boot/dev/mapper/centos_contenos7-home 146G 33M 146G 1%/home tmpfs 394M 0 394M 0%/run/user/0[rootcontenOS7 ~ 10:24:31]# df -h | sed s/%//Filesystem Size Used Avail Use Mounted on devtmpfs 2.0G 0 2.0G 0/dev tmpfs 2.0G 0 2.0G 0/dev/shm tmpfs 2.0G 12M 2.0G 1/run tmpfs 2.0G 0 2.0G 0/sys/fs/cgroup/dev/mapper/centos_contenos7-root 50G 1.9G 49G 4//dev/sda1 1014M 170M 845M 17/boot/dev/mapper/centos_contenos7-home 146G 33M 146G 1/home tmpfs 394M 0 394M 0/run/user/0[rootcontenOS7 ~ 10:25:15]# df -h | sed s/%// | awk $510 {print $5}Use 17[rootcontenOS7 ~ 10:25:48]# df -h | sed s/%// | awk $510 {print $0}Filesystem Size Used Avail Use Mounted on/dev/sda1 1014M 170M 845M 17/boot示例3提前系统运行数据。包括CPU 使用率内存 使用率当前用户登录数当前系统负载系统运行进程数量##先查看数据进行理解## -b 纯文本模式 -n 1刷新一次就停止刷新[rootcontenOS7 ~ 11:27:48]# top -b -n 1 | head -n 5top-11:28:33 up 3:21,2 users,load average: 0.00,0.01,0.05 Tasks: 129 total,1 running,128 sleeping,0 stopped,0 zombie%Cpu(s): 0.0 us,0.0 sy,0.0ni,100.0 id,0.0 wa,0.0 hi,0.0si,0.0 st KiB Mem : 4025936 total,3726788 free,178328 used,120820 buff/cache KiB Swap: 4063228 total,4063228 free,0 used.3660628 avail Mem[rootcontenOS7 bin 11:23:20]# vim monitor_os.sh#!/bin/bashcpu$(top-b-n 1|awk/Cpu/ {print $2$4}|bc)echoCPU 使用率: ${cpu}mem$(top-b-n 1|awk/^KiB Mem/ {print ($4-$6)/$4})echo内存 使用率: ${mem}user$(top-b-n 1|awk/^top/ {print $6})echo当前用户登录数: ${user}load$(top-b-n 1|awk/^top/ {print $(NF-2),$(NF-1),$NF})echo当前系统负载: ${load}run$(top-b-n 1|awk/^Tasks/ {print $4})echo系统运行进程数量: ${run}验证结果[rootcontenOS7 ~ 11:25:55]# bash monitor_os.shCPU 使用率: 3.2 内存 使用率: 0.074488 当前用户登录数: 2 当前系统负载: 0.00,0.01,0.05 系统运行进程数量: 1ansible 环境准备ansible 架构控制节点下发指令或文件到受控制节点。受控制节点接受控制节点发过来的指令并执行。环境准备准备虚拟机模版准备1台干净的centos 7 虚拟机。注意模版虚拟机的CPU和内存的配置建议设置为1CPU和2G内存。开发脚本sethost不加参数执行sethost则提示命令使用方法。加参数执行sethost则第一个参数范围是10-14。超出范围也提示命令使用方法。正常执行示例sethost 10这设置正确的主机名和IP地址。vim/usr/local/bin/sethost#!/bin/bash# test root user((UID!0))echoPlease run as root.exit1 usageUsage:$010-14# test args number(($# !1 )) echo $usage exit 2# 根据实际情况修改网卡名和域名con_nameens33 domain_namelaoma.cloud host_id$1if((host_id10));then HOSTNAMEcontroller.${domain_name}elif((11host_id host_id14));then HOSTNAMEserver$[host_id-10].${domain_name}elseecho$usageexit3 fi hostnamectlset-hostname$HOSTNAMEnmcli connection modify ${con_name}ipv4.addresses 10.1.8.${host_id}/24 nmcli connection up ${con_name}hostname ip-br address##添加脚本执行权限chmodx/usr/local/bin/sethost关机打快照快照名为ansible克隆虚拟机基于模版虚拟机快照ansible克隆出其他虚拟机并使用sethost脚本设置主机名和IP地址。以server1为例##输入sethost 11五台机器全部执行一次配置 ansible 基础环境在模版虚拟机上配置/etc/hosts添加ansible主机清单##配置里面追加五台机器的ip[rootdeploy ~ 15:02:12]# vim /etc/hosts127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 10.1.8.10 www.wanho.net www 10.1.8.10 www.wanho.net www//10.1.8.10 www.wanho.net www/ ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6################# ansible ####################10.1.8.10 controller.zhu.cloud controller 10.1.8.11 server1.zhu.cloud server1 10.1.8.12 server2.zhu.cloud server2 10.1.8.13 server3.zhu.cloud server3 10.1.8.14 server4.zhu.cloud server4################# ansible ####################配置免密登录ansible节点[rootdeploy ~ 15:03:36]# ssh-keygenGenerating public/private rsa key pair.Enter file in which to save the key(/root/.ssh/id_rsa): Enter passphrase(emptyforno passphrase): Enter same passphrase again: Your identification has been saved in/root/.ssh/id_rsa.Your public key has been saved in/root/.ssh/id_rsa.pub.The key fingerprint is: SHA256:FwYHIPON2RtgVWh7v41Y/38Y0GxfMoVH7E6HYG7FLGc rootdeploy The keys randomart image is: ---[RSA 2048]---- | o oo o .| | *oo E | | ..oo O | | ... B | | S..o o *o| | . o . o| | o o | | . o .| | .| ----[SHA256]----- ##把密钥分配给其他机器 [rootdeploy ~ 15:05:05]# for host in controller server1 server2 server3 server4 do sshpass -p123 ssh-copy-id root$host done /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: /root/.ssh/id_rsa.pub /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Number of key(s) added: 1 Now try logging into the machine, with: ssh rootcontroller and check to make sure that only the key(s) you wanted were added. /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: /root/.ssh/id_rsa.pub /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Number of key(s) added: 1 Now try logging into the machine, with: ssh rootserver1 and check to make sure that only the key(s) you wanted were added. /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: /root/.ssh/id_rsa.pub /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Number of key(s) added: 1 Now try logging into the machine, with: ssh rootserver2 and check to make sure that only the key(s) you wanted were added. /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: /root/.ssh/id_rsa.pub /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Number of key(s) added: 1 Now try logging into the machine, with: ssh rootserver3 and check to make sure that only the key(s) you wanted were added. /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: /root/.ssh/id_rsa.pub /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Number of key(s) added: 1 Now try logging into the machine, with: ssh rootserver4 and check to make sure that only the key(s) you wanted were added. ##查看 [rootdeploy ~ 15:06:00]# for host in controller server1 server2 server3 server4 do ssh $host hostname;ip-br a show ens33;echo; done controller.zhu.cloud ens33 UP 10.1.8.10/24 fe80::20c:29ff:fee3:17e/64 server1.zhu.cloud ens33 UP 10.1.8.11/24 fe80::20c:29ff:fe35:cde9/64 server2.zhu.cloud ens33 UP 10.1.8.12/24 fe80::20c:29ff:fed5:e33f/64 server3.zhu.cloud ens33 UP 10.1.8.13/24 fe80::20c:29ff:fe8b:71da/64 server4.zhu.cloud ens33 UP 10.1.8.14/24 fe80::20c:29ff:fe87:e48d/64在模版虚拟机上开发脚本weihu用来集中管理其他机器。weihu cmd command将会在ansible 5台设备上执行command。weihu copy src dest将模版虚拟机上的src文件复制到ansible 5台设备dest位置。[rootdeploy ~ 15:07:54]# vim /usr/local/bin/weihu####配置脚本完成之后添加执行权限[rootdeploy ~ 15:09:21]# chmod x /usr/local/bin/weihu#!/bin/bashfunctionusage(){echoUsage: weihu cmd COMMAND, 在集群中所有的机器上执行对应COMMAND命令echoUsage: weihu copy source target将本地source文件推送到集群中所有的机器上exit}action$1HOSTLISTcontroller server1 server2 server3 server4(($#1 )) usagecase$actionincmd)# 删除参数1shift COMMAND$*forhost in$HOSTLISTdossh root$host$COMMANDdone;;copy)# 删除参数1shiftforhost in$HOSTLISTdonum$#case$numin 2)scp-r$1root$host:$2;;#[3-9]|[1-9][0-9])[3-9])last$(echo$*|awk{print $NF})args_exclude_last$(echo$*|seds#$last##)scp-r ${args_exclude_last}root$host:${last};;*)usage esac done;;*)usage;;esac测试维护脚本[rootdeploy ~ 15:09:41]# weihu cmd hostnamecontroller.zhu.cloud server1.zhu.cloud server2.zhu.cloud server3.zhu.cloud server4.zhu.cloud[rootdeploy ~ 15:09:56]# weihu copy /etc/hosts /etc/hostshosts 100% 536 855.1KB/s 00:00 hosts 100% 536 806.7KB/s 00:00 hosts 100% 536 863.7KB/s 00:00 hosts 100% 536 788.2KB/s 00:00 hosts 100% 536 871.5KB/s 00:00[rootdeploy ~ 15:28:34]# weihu cmd cat /etc/hosts127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 10.1.8.10 www.wanho.net www 10.1.8.10 www.wanho.net www//10.1.8.10 www.wanho.net www/ ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6################# ansible ####################10.1.8.10 controller.zhu.cloud controller 10.1.8.11 server1.zhu.cloud server1 10.1.8.12 server2.zhu.cloud server2 10.1.8.13 server3.zhu.cloud server3 10.1.8.14 server4.zhu.cloud server4################# ansible ####################127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 10.1.8.10 www.wanho.net www 10.1.8.10 www.wanho.net www//10.1.8.10 www.wanho.net www/ ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6################# ansible ####################10.1.8.10 controller.zhu.cloud controller 10.1.8.11 server1.zhu.cloud server1 10.1.8.12 server2.zhu.cloud server2 10.1.8.13 server3.zhu.cloud server3 10.1.8.14 server4.zhu.cloud server4################# ansible ####################127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 10.1.8.10 www.wanho.net www 10.1.8.10 www.wanho.net www//10.1.8.10 www.wanho.net www/ ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6################# ansible ####################......准备一个专用的账户devops用于控制节点远程登录其他节点##创建用户[rootdeploy ~ 15:28:49]# weihu cmd useradd devops##查看创建是否完成[rootdeploy ~ 15:52:20]# weihu cmd id devopsuid1006(devops)gid1006(devops)groups1006(devops)uid1006(devops)gid1006(devops)groups1006(devops)uid1006(devops)gid1006(devops)groups1006(devops)uid1006(devops)gid1006(devops)groups1006(devops)uid1006(devops)gid1006(devops)groups1006(devops)##设置用户密码[rootdeploy ~ 15:52:33]# weihu cmd echo 123 | passwd --stdin devopsChanging passwordforuser devops.passwd: all authentication tokens updated successfully.Changing passwordforuser devops.passwd: all authentication tokens updated successfully.Changing passwordforuser devops.passwd: all authentication tokens updated successfully.Changing passwordforuser devops.passwd: all authentication tokens updated successfully.Changing passwordforuser devops.passwd: all authentication tokens updated successfully.##配置devops账户免密提权为root[rootdeploy ~ 15:53:14]# weihu cmd echo devops ALL(ALL) NOPASSWD:ALL /etc/sudoers.d/devops配置控制节点使用devops账户免密登录所有ansible节点ansible 配置部署ansible软件控制节点[devopscontroller ~ 16:32:16]$ sudo yum install-y ansible受管理节点[devopscontroller ~ 16:33:42]$ weihu cmd yum install-y python配置主机清单ansible管理的主机信息要保存到一个文件中这个文件称之为主机清单inventory[devopscontroller ~ 16:39:05]$ mkdir ansible[devopscontroller ~ 16:40:56]$ cd ansible/[devopscontroller ansible 16:41:01]$ vim inventory[devopscontroller ansible 16:42:07]$catinventory controller server1 server2 server3 server4[devops[devopscontroller ansible 17:12:37]$ ansible-i inventory-m command-aidserver1 server1|CHANGED|rc0 uid1006(devops)gid1006(devops)groups1006(devops)##参数说明# -i inventory主机清单位置# -m command使用命令模块# -a hostname模块对应的具体参数# server1针对哪个机器操作[devopscontroller ansible 17:14:48]$ ansible-i inventory-m command-aid-b server1 server1|CHANGED|rc0 uid0(root)gid0(root)groups0(root)# -b 提权为root操作# 使用user模块添加用户[devopscontroller ansible 17:16:47]$ ansible-i inventory-m user-anamezhangsan statepresent-b server1 server1|CHANGED {ansible_facts:{discovered_interpreter_python:/usr/bin/python},changed: true,comment:,create_home: true,group: 1007,home:/home/zhangsan,name:zhangsan,shell:/bin/bash,state:present,system: false,uid: 1007}[devopscontroller ansible 17:19:01]$ ansible-i inventory-m command-aid zhangsan-b server1 server1|CHANGED|rc0 uid1007(zhangsan)gid1007(zhangsan)groups1007(zhangsan)##删除用户[devopscontroller ansible 17:20:00]$ ansible-i inventory-m user-anamezhangsan stateabsent removeyes-b server1 server1|CHANGED {ansible_facts:{discovered_interpreter_python:/usr/bin/python},changed: true,force: false,name:zhangsan,remove: true,state:absent}[devopscontroller ansible 17:22:06]$ ansible-i inventory-m command-aid zhangsan-b server1 server1|FAILED|rc1 id: zhangsan: no such usernon-zeroreturncode分组主机清单[devopscontroller ansible 17:22:31]$ vim inventory[devopscontroller ansible 17:25:38]$catinventory[controller]controller[webs]server1 server2[dbs]server3 server4测试## 针对webs主机组操作 -o 是合并为一行[devopscontroller ansible 17:25:43]$ ansible-i inventory-m command-ahostname-o webs[WARNING]: Found bothgroupand host with same name: controller server2|CHANGED|rc0|(stdout)server2.zhu.cloud server1|CHANGED|rc0|(stdout)server1.zhu.cloud##all代表所有机器[devopscontroller ansible 17:27:48]$ ansible-i inventory-m command-ahostname-o all[WARNING]: Found bothgroupand host with same name: controller server1|CHANGED|rc0|(stdout)server1.zhu.cloud server4|CHANGED|rc0|(stdout)server4.zhu.cloud server3|CHANGED|rc0|(stdout)server3.zhu.cloud server2|CHANGED|rc0|(stdout)server2.zhu.cloud controller|CHANGED|rc0|(stdout)controller.zhu.cloud# web主机组安装nginx[devopscontroller ansible 17:29:42]$ ansible-i inventory-m yum-anamenginx statepresent-b webs# web主机组卸载nginx[devopscontroller ansible 17:33:31]$ ansible-i inventory-m yum-anamenginx stateabsent-b websansible最大的特点简单只要能看懂English就行。幂等性多次执行结果一致。假设第一次执行软件包未安装则执行安装。第二次执行则不需要做任何事情。playbook 编写和执行通过编写playbook完成重复、复杂的任务。ansible 命令类似于 shell 中单个命令。playbook 类似于 shell 脚本[devopscontroller ansible 17:40:43]$ vim deploy_web.yaml[devopscontroller ansible 17:43:39]$catdeploy_web.yaml ybook中第一个play# play具有属性namehostsbecometasks缩进一致# name属性用于简要描述play-name: debploy WebSite# hosts属性用于定义要在哪个受管理节点执行hosts: webs# tasks属性用于描述play中任务属性是列表格式tasks:# 第一个任务# 任务具有属性涵name和模块名等。# name属性用于简要描述任务-name: latest version of httpd and firewalld installed# 指明模块名也就是要执行的任务yum:# 指定要操作的rpm包名称name:# rpm包名称是-开头的列表格式或者逗号分隔的列表格式-httpd-firewalld# 定义软件包的状态lastet代表升级为最新版本state: latest# 第二个任务-name: prepare index.html# copy 模块用于将content属性值写入到目标文件copy: content:Welcome to {{ ansible_fqdn }} WebSite!\ndest:/var/www/html/index.html# 第三个任务-name: enable andstarthttpd# service模块用于启用并启动httpd服务service: name: httpd enabled: true state: started# 第四个任务-name: enable andstartfirewalld# service模块用于启用并启动firewalld服务service: name: firewalld enabled: true state: started# 第五个任务-name: firewalld permits access to httpd service# firewalld用于放行http服务firewalld: service: http permanent: true state: enabled immediate: yes# Playbook中第二个play-开头表示列表-name: Test WebSite hosts: localhost become: no tasks:-name: connect to intranet web server# uri模块用于测试网站是否可以访问uri: url: http://{{item}}loop:-server1-server2# yaml格式结束行一般省略...##执行[devopscontroller ansible 17:49:27]$ ansible-playbook-i inventory-b deploy_web.yaml