Ansible-with_items
语法
{{ item }}: 为读取with_items的固定写法with_items: 是一个列表,下面可以有多个不同的内容
1
2
3
4
5
6
7
8
9
10
| - hosts: test
remote_user: root
gather_facts: false
vars_files: ./public_vars.yaml
tasks:
- name: Services Http start
service: name={{ item }} state=started
with_items:
- httpd
- firewalld
|
普通写法
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
| - hosts: test
remote_user: root
gather_facts: false
vars_files: ./public_vars.yaml
tasks:
- name: Set authorized_key in dest hosts
authorized_key:
user: root
key: "{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
register: result_auth_info
tags: authorized_key_hosts
- name: Install httpd
yum: name="httpd" state=present
- name: Services Http start
service: name={{ item }} state=started
with_items:
- httpd
- firewalld
|
使用变量的循环写法
1
2
3
4
5
6
7
8
9
10
| - hosts: test
remote_user: root
gather_facts: true
tasks:
- name: Install httpd
yum: name={{ packages }} state=present
vars:
packages:
- httpd
- pcre-devel
|
使用变量字典循环方式批量创建用户
1
2
3
4
5
6
7
8
9
10
| - hosts: test
remote_user: root
gather_facts: false
vars_files: ./public_vars.yaml
tasks:
- name: Add Users
user: name={{ item.name }} groups={{ item.groups }} state=present
with_items:
- { name: "alex",groups: "test"}
- { name: "alex1",groups: "test"}
|
使用变量字典循环拷贝文件
1
2
3
4
5
6
7
8
9
10
11
12
| - hosts: test
remote_user: root
gather_facts: false
tasks:
- name: Add Users
copy:
src: '{{ item.src }}'
dest: '{{ item.dest }}'
mode: '{{ item.mode }}'
with_items:
- { src: "./1.txt", dest: "/tmp", mode: 0644}
- { src: "./2.txt", dest: "/tmp", mode: 0644}
|
Ansible-Handlers
- 通过
notify进行监控->通过handlers触发
关于Handler的一些小注意事项
无论你拥有多少个notify通知相同的handlers,handlers仅仅会在所有tasks正常执行完成后运行一次
只有tasks发生改变了才会通知handlers,没有改变则不会触发handlers
不能使用handlers替代tasks,因为handlers是一个特殊的tasks
notify的名称要与handlers`的名称一致
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
| - hosts: test
remote_user: root
gather_facts: false
tasks:
- name: Set authorized_key in dest hosts
authorized_key:
user: root
key: "{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
register: result_auth_info
tags: authorized_key_hosts
- name: Install httpd
yum: name="httpd" state=present
notify: Debug Message
register: install_info
handlers:
- name: Debug Message
debug:
msg: '{{install_info}}'
|
根据playbook中的指定标签的内容进行执行、调试等操作.
- 对一个tasks指定一个tags标签
- 对一个tasks指定多个tags标签(真没啥意义,感觉不实用。)
- 对多个tasks指定一个标签
1
2
3
4
5
6
7
8
9
10
11
| - hosts: test
remote_user: root
gather_facts: false
tasks:
- name: Set authorized_key in dest hosts
authorized_key:
user: root
key: "{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
register: result_auth_info
tags:
- authorized_key_hosts
|
1
| ansible-playbook 1.yaml -t authorized_key_hosts -i hosts
|
跳过指定标签执行其他内容
1
| ansible-playbook 1.yaml --skip-tags "authorized_key_hosts" -i hosts
|
Ansible-Include
一个可以将playbook简单的进行复用的一个功能!
简单应用
编写一个重启http服务的配置
1
2
| - name: Start HTTP
service: name=httpd state=restarted
|
PlayBook中的应用
include: 查找的文件目录为你当前所在的目录,可以通过pwd命令进行查看。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| - hosts: test
remote_user: root
gather_facts: true
tasks:
- name: Set authorized_key in dest hosts
authorized_key:
user: root
key: "{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
register: result_auth_info
tags: authorized_key_hosts
- name: Install HTTP
yum: name="httpd" state=present
- name: Restart HTTP
include: starthttp.yaml
|
多个playbook合成
如果你写的playbook存在多个文件,你只想执行一个playbook,那么可以使用import_playbook。
import_playbook: 引入你需要的playbook文件,必须是一个完整的playbook文件
1
2
| - import_playbook: ./tasks1.yaml
- import_playbook: ./tasks2.yaml
|
Ansible-ignore_errors
在Ansible中进行错误的忽略
1
2
3
4
5
6
7
8
9
10
11
12
13
| - hosts: test
remote_user: root
gather_facts: true
tasks:
- name: Set authorized_key in dest hosts
authorized_key:
user: root
key: "{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
register: result_auth_info
tags: authorized_key_hosts
- name: Ingoring
command: /bin/false
ignore_errors: yes
|
输出结果大概是这样的
1
2
3
4
5
| PLAY [test]
TASK [Ingoring] ***************************************************************************************************************************************************************************************************************************fatal: [10.1.6.5]: FAILED! => {"changed": true, "cmd": ["/bin/false"], "delta": "0:00:00.026834", "end": "2022-08-29 02:17:00.089749", "msg": "non-zero return code", "rc": 1, "start": "2022-08-29 02:17:00.062915", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []}
...ignoring
PLAY RECAP ********************************************************************************************************************************************************************************************************************************10.1.6.5 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=1
|
Ansible-changed_when
通常用于失败后所执行一些操作: 例如失败后强制调用handlers、失败后强制删除等.
通常而言,如果任务失败并且play在该主机上中止,则收到play中早前任务通知的处理程序将不会运行。如果在play中设置force_handlers: yes关键字,则即使play因为后续任务失败而中止也会调用被通知的处理程序。
force_handlers
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
| - hosts: test
remote_user: root
gather_facts: true
force_handlers: yes
tasks:
- name: Set authorized_key in dest hosts
authorized_key:
user: root
key: "{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
register: result_auth_info
tags: authorized_key_hosts
- name: Test False
command: echo "This is Force "
notify: Restart HTTP service
- name: Install available
yum: name=dbdbdb state=present
handlers:
- name: Restart HTTP service
service: name=httpd state=restarted
|
虽然任务是失败的,但是依旧调用了最后执行的handlers
1
2
3
4
| [root@localhost ansible_linux]# ansible-playbook 1.yaml -i hosts
TASK [Install available] ******************************************************************************************************************************************************************************************************************fatal: [10.1.6.57]: FAILED! => {"changed": false, "failures": ["No package dbdbdb available."], "msg": "Failed to install some of the specified packages", "rc": 1, "results": []}
RUNNING HANDLER [Restart HTTP service] ****************************************************************************************************************************************************************************************************changed: [10.1.6.57]
|
changed_when
当前命令确保不会对被控端主机进行变更的时候,可以使用changer_when来进行忽略提示中的changed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
| - hosts: test
remote_user: root
gather_facts: true
force_handlers: yes
tasks:
- name: Set authorized_key in dest hosts
authorized_key:
user: root
key: "{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
register: result_auth_info
tags: authorized_key_hosts
- name: Check HTTP
shell: ps -aux | grep httpd
changed_when: false
- name: Message
debug:
msg: "{{ ansible_distribution }}"
|
changed_when还可以检查tasks任务返回的结果
- 查找输出当中是否存在
successfuly如果没有则不执行
