ansible中的playbook详解
发布时间:2020-12-15 18:21:25 所属栏目:安全 来源:网络整理
导读:首先简单说明一下playbook,playbook是什么呢?根本上说playbook和shell脚本没有任何的区别,playbook就像shell一样,也是把一堆的命令组合起来,然后加入对应条件判断等等,在shell脚本中是一条一条的命令,而在playbook中是一个一个的task任务构成,每个ta
|
首先简单说明一下playbook,playbook是什么呢?根本上说playbook和shell脚本没有任何的区别,playbook就像shell一样,也是把一堆的命令组合起来,然后加入对应条件判断等等,在shell脚本中是一条一条的命令,而在playbook中是一个一个的task任务构成,每个task任务可以看做shell中的一条命令;shell脚本一般只是在当前服务器上执行,而playbook则是在不止一个服务器上执行,因此playbook需要在其中指定运行该playbook的服务器名。 playbook的语法结构playbook使用yml标记语言,这是一种标记语言,这种标记语言在文件的最开始需要使用三个“-”来说明文件开始,然后使用缩进来说明代码块的范围。下面通过一个简易的实例,来说明playbook的语法。【实例来自官方文档】 --- #标记文件的开始
- hosts: webservers #指定该playbook在哪个服务器上执行
vars: #表示下面是定义的变量,
http_port: 80 #变量的形式,key: value,这里http_port是变量名,80是值
max_clients: 200
remote_user: root #指定远程的用户名,这里缩进和vars保持了一致,说明变量的代码块已经结束。
tasks: #下面构成playbook的tasks,每个task都有 - name: 开始,name指定该任务的名称。
- name: ensure apache is at the latest version #指定该任务的名称。
yum: pkg=httpd state=latest #yum说明要是用的模板名称,后面指定对应的参数,这两行结合起来就相当于一个shell命令。
一个简单的实例: 检查MySQL的运行状态[[email?protected] playbook]# cat test.yml --- - hosts: all remote_user: root gather_facts: no #不收集对应主机的信息,这样运行会快点。 tasks: - name: check the mysql stauts service: name=mysqld state=running 运行结果如下: [[email?protected] playbook]# ansible-playbook test.yml PLAY [all] ******************************************************************** TASK: [check the mysql stauts] ************************************************ ok: [10.0.102.200] ok: [10.0.102.162] ok: [10.0.102.212] PLAY RECAP ******************************************************************** 10.0.102.162 : ok=1 changed=0 unreachable=0 failed=0 10.0.102.200 : ok=1 changed=0 unreachable=0 failed=0 10.0.102.212 : ok=1 changed=0 unreachable=0 failed=0 ansible-playbook的使用小技巧限定主机范围执行虽然playbook中定义了执行的主机,但是有时候我们可能仅想在定义的主机中的部分机器上执行,这时候怎么办?修改playbook中的hosts的范围,但是每次改变主机就修改一次,比较麻烦,我们可以使用--limit参数,指定该playbook在指定的主机上执行。有以下inventory文件,我们想在dbservers上执行上面测试用的playbook内容。 [all] 10.0.102.212 10.0.102.200 10.0.102.162 [dbservers] 10.0.102.162 上面测试的playbook中hosts定义all,我们想仅在dbservers上执行。 [[email?protected] playbook]# ansible-playbook test.yml --limit dbservers PLAY [all] ******************************************************************** TASK: [check the mysql stauts] ************************************************ ok: [10.0.102.162] PLAY RECAP ******************************************************************** 10.0.102.162 : ok=1 changed=0 unreachable=0 failed=0 [[email?protected] playbook]# 查看当前playbook在哪些主机上执行[[email?protected] playbook]# ansible-playbook test.yml --list-hosts playbook: test.yml play #1 (all): host count=3 10.0.102.162 10.0.102.212 10.0.102.200 ansible-playbook的一些其他技巧
ansibleplaybook中的handlers在系统中,我们修改了服务器的配置文件,这时候就需要重启操作服务,就可以使用到handlers。 handlers: #下面定义了两个handlers - name: restart memcached service: name=memcached state=restarted - name: restart apache service: name=apache state=restarted - name: template configuration file template: src=template.j2 dest=/etc/foo.conf #修改了配置文件然后依次启动memcached和apache服务。 notify: #使用notify来声明引用handlers。 - restart memcached - restart apache 在使用handlers时需要注意以下几点:
变量这个变量我们来说明ansible中变量(不包含role中的变量)用法。 playbook中的变量在运行playbook的时候使用--extra-vars来指定变量有如下playbook脚本: --- - hosts: all remote_user: root gather_facts: no tasks: - name: test playbook variables command: echo {{ test_var }} #打印出变量test_var的值。 运行上面的playbook如下: [[email?protected] playbook]# ansible-playbook test.yml --extra-vars "test_var=test" -v #加上-v选项,会显示详细的信息 PLAY [all] ******************************************************************** TASK: [test playbook variables] *********************************************** changed: [10.0.102.212] => {"changed": true,"cmd": ["echo","test"],"delta": "0:00:00.006045","end": "2019-02-15 23:04:49.789452","rc": 0,"start": "2019-02-15 23:04:49.783407","stderr": "","stdout": "test"} changed: [10.0.102.200] => {"changed": true,"delta": "0:00:00.005318","end": "2019-02-15 23:04:52.976471","start": "2019-02-15 23:04:52.971153","stdout": "test"} changed: [10.0.102.162] => {"changed": true,"delta": "0:00:00.005082","end": "2019-02-15 23:04:52.424959","start": "2019-02-15 23:04:52.419877","stdout": "test"} PLAY RECAP ******************************************************************** 10.0.102.162 : ok=1 changed=1 unreachable=0 failed=0 10.0.102.200 : ok=1 changed=1 unreachable=0 failed=0 10.0.102.212 : ok=1 changed=1 unreachable=0 failed=0 上面详细信息的标准输出为test,说明变量的值已经传递了。 在playbook中使用vars代码块定义变量[[email?protected] playbook]# cat test.yml --- - hosts: all remote_user: root gather_facts: no vars: #在这里使用了vars代码块来定义变量 test_var: Hello World tasks: - name: test playbook variables command: echo {{ test_var }} [[email?protected] playbook]# ansible-playbook test.yml -v PLAY [all] ******************************************************************** TASK: [test playbook variables] *********************************************** changed: [10.0.102.162] => {"changed": true,"Hello","World"],"delta": "0:00:00.004940","end": "2019-02-15 23:20:06.541672","start": "2019-02-15 23:20:06.536732","stdout": "Hello World"} changed: [10.0.102.212] => {"changed": true,"delta": "0:00:00.004843","end": "2019-02-15 23:20:03.957950","start": "2019-02-15 23:20:03.953107","stdout": "Hello World"} changed: [10.0.102.200] => {"changed": true,"delta": "0:00:00.004219","end": "2019-02-15 23:20:07.166900","start": "2019-02-15 23:20:07.162681","stdout": "Hello World"} PLAY RECAP ******************************************************************** 10.0.102.162 : ok=1 changed=1 unreachable=0 failed=0 10.0.102.200 : ok=1 changed=1 unreachable=0 failed=0 10.0.102.212 : ok=1 changed=1 unreachable=0 failed=0 [[email?protected] playbook]# 使用独立的文件来定义playbook变量首先来看下playbook的内容: [[email?protected] playbook]# cat test.yml --- - hosts: all remote_user: root gather_facts: no vars_files: #这里使用了vars_files来引入变量文件 - vars.yml tasks: - name: test playbook variables command: echo {{ test_var }} 变量文件的定义 [[email?protected] playbook]# cat vars.yml --- test_var: Hello World 然后,查看执行的结果: [[email?protected] playbook]# ansible-playbook test.yml -v PLAY [all] ******************************************************************** TASK: [test playbook variables] *********************************************** changed: [10.0.102.212] => {"changed": true,"delta": "0:00:00.005198","end": "2019-02-15 23:23:16.397557","start": "2019-02-15 23:23:16.392359","delta": "0:00:00.004359","end": "2019-02-15 23:23:19.629804","start": "2019-02-15 23:23:19.625445","stdout": "Hello World"} changed: [10.0.102.162] => {"changed": true,"delta": "0:00:01.006185","end": "2019-02-15 23:23:20.039320","start": "2019-02-15 23:23:19.033135","stdout": "Hello World"} PLAY RECAP ******************************************************************** 10.0.102.162 : ok=1 changed=1 unreachable=0 failed=0 10.0.102.200 : ok=1 changed=1 unreachable=0 failed=0 10.0.102.212 : ok=1 changed=1 unreachable=0 failed=0 inventory文件中的变量在ansible中,inventory文件通常是指ansible的主机和组定义文件hosts。在hosts文件中,变量会被定义在主机名后面或组名的下方。 为特定的主机定义变量,变量名跟在对应主机的后边。inventory文件如下: [[email?protected] playbook]# cat /etc/ansible/hosts [all] 10.0.102.212 test_var=212 10.0.102.200 test_var=200 10.0.102.162 test_var=162 查看playbook的内容如下: [[email?protected] playbook]# cat test.yml --- - hosts: all remote_user: root gather_facts: no tasks: - name: test playbook variables command: echo {{ test_var }} [[email?protected] playbook]# 执行一下这个playbook,结果如下:【对应的主机显示了各自对应的变量值】 [[email?protected] playbook]# ansible-playbook test.yml -v PLAY [all] ******************************************************************** TASK: [test playbook variables] *********************************************** changed: [10.0.102.212] => {"changed": true,"212"],"delta": "0:00:00.004399","end": "2019-02-15 23:31:20.648111","start": "2019-02-15 23:31:20.643712","stdout": "212"} changed: [10.0.102.200] => {"changed": true,"200"],"delta": "0:00:00.005932","end": "2019-02-15 23:31:23.873082","start": "2019-02-15 23:31:23.867150","stdout": "200"} changed: [10.0.102.162] => {"changed": true,"162"],"delta": "0:00:00.006723","end": "2019-02-15 23:31:23.287861","start": "2019-02-15 23:31:23.281138","stdout": "162"} PLAY RECAP ******************************************************************** 10.0.102.162 : ok=1 changed=1 unreachable=0 failed=0 10.0.102.200 : ok=1 changed=1 unreachable=0 failed=0 10.0.102.212 : ok=1 changed=1 unreachable=0 failed=0 [[email?protected] playbook]# 给主机组定义变量,作用范围为整个主机组。[[email?protected] playbook]# cat /etc/ansible/hosts [all] 10.0.102.212 10.0.102.200 10.0.102.162 [all:vars] #给主机组定义变量 test_var=Hello World 回想一下,这种方法定义变量虽然简单直观,但是若是变量特别多的情况下,会怎么样?特别是给对应的主机定义变量,若是变量太多,则管理起来会很不方便的,因此引入了主机变量和组变量。 主机变量和组变量【inventory文件仍然使用上面的文件】 在执行ansbile命令时,ansible默认会从/etc/ansible/host_vars/和/etc/amsible/group_vars/两个目录下读取变量定义,如果/etc/ansible下面没有这两个目录,可以直接手动创建,并且可以在这两个目录中创建与hosts(这里是指inventory文件)文件中主机名或组名同名的文件来定义变量。 先来看主机变量 [[email?protected] playbook]# cd /etc/ansible/ [[email?protected] ansible]# tree . ├── group_vars ├── hosts └── host_vars #定义与主机名同名的文件 ├── 10.0.102.162 ├── 10.0.102.200 └── 10.0.102.212 2 directories,4 files #文件中的内容如下 [[email?protected] ansible]# cat host_vars/10.0.102.162 --- test_var: 162 [[email?protected] ansible]# cat host_vars/10.0.102.200 --- test_var: 200 [[email?protected] ansible]# cat host_vars/10.0.102.212 --- test_var: 212 playbook的内容如下,执行结果如下: [[email?protected] playbook]# cat test.yml --- - hosts: all remote_user: root gather_facts: no tasks: - name: test playbook variables command: echo {{ test_var }} 再来说明一下主机组变量 创建与组名同名的文件 [[email?protected] ansible]# tree . ├── group_vars │?? └── all #创建与组名同名的文件 ├── hosts └── host_vars ├── 10.0.102.162 ├── 10.0.102.200 └── 10.0.102.212 2 directories,5 files [[email?protected] ansible]# cat group_vars/all --- test_group_var: from group 执行结果如下: [[email?protected] playbook]# cat test.yml --- - hosts: all remote_user: root gather_facts: no tasks: - name: test the host variables command: echo {{ test_var }} - name: test host group variables #写入测试组变量的task command: echo {{ test_group_var }} [[email?protected] playbook]# ansible-playbook test.yml -v PLAY [all] ******************************************************************** TASK: [test the host variables] *********************************************** changed: [10.0.102.212] => {"changed": true,"delta": "0:00:00.004613","end": "2019-02-15 23:59:23.227722","start": "2019-02-15 23:59:23.223109","delta": "0:00:00.006490","end": "2019-02-15 23:59:26.422682","start": "2019-02-15 23:59:26.416192","delta": "0:00:00.004709","end": "2019-02-15 23:59:25.812786","start": "2019-02-15 23:59:25.808077","stdout": "162"} TASK: [test host group variables] ********************************************* changed: [10.0.102.212] => {"changed": true,"from","group"],"delta": "0:00:00.003759","end": "2019-02-15 23:59:23.519180","start": "2019-02-15 23:59:23.515421","stdout": "from group"} changed: [10.0.102.162] => {"changed": true,"delta": "0:00:00.003748","end": "2019-02-15 23:59:26.109337","start": "2019-02-15 23:59:26.105589","stdout": "from group"} changed: [10.0.102.200] => {"changed": true,"delta": "0:00:00.004339","end": "2019-02-15 23:59:26.724525","start": "2019-02-15 23:59:26.720186","stdout": "from group"} PLAY RECAP ******************************************************************** 10.0.102.162 : ok=2 changed=2 unreachable=0 failed=0 10.0.102.200 : ok=2 changed=2 unreachable=0 failed=0 10.0.102.212 : ok=2 changed=2 unreachable=0 failed=0 [[email?protected] playbook]# 巧用主机变量和组变量有时候在执行ansbile任务时,可能需要从一台远程主机上获取另一台远程主机的变量信息,这时候可以使用hostvars变量,这个变量包含了指定主机上所定义的所有变量。 譬如,若是想获取host1上变量admin_user的内容,在任意主机上直接上使用下面代码即可。 {{ hostvars[‘host1‘][‘admin_user‘]}}
ansible提供了一些非常有用的内置变量,几个常用的如下:
注册变量注册变量,其实就是将操作结果,包括标准输出和标准错误输出,保存到变量中,然后再根据这个变量的内容来决定下一步的操作,在这个过程中用来保存操作结果的变量就叫注册变量。 [[email?protected] playbook]# cat test.yml --- - hosts: all remote_user: root gather_facts: no tasks: - name: test the register variables shell: uptime register: results #使用关键字register声明注册变量,上面uptime命令产生的结果,存入到results中。结果是字典形式。 - name: print the register result debug: msg="{{ results.stdout }}" #使用debug模块,打印出上面命令的输出结果。 上面的playbook执行结果如下: [[email?protected] playbook]# ansible-playbook test.yml PLAY [all] ******************************************************************** TASK: [test the register variables] ******************************************* changed: [10.0.102.212] changed: [10.0.102.200] changed: [10.0.102.162] TASK: [print the register result] ********************************************* ok: [10.0.102.212] => { "msg": " 00:18:01 up 3 days,2:56,3 users,load average: 0.02,0.03,0.05" #msg的结果就是注册变量的标准输出 } ok: [10.0.102.200] => { "msg": " 00:18:04 up 4 days,7:45,load average: 0.03,0.06,0.05" } ok: [10.0.102.162] => { "msg": " 00:18:04 up 4 days,load average: 0.01,0.02,0.05" } PLAY RECAP ******************************************************************** 10.0.102.162 : ok=2 changed=1 unreachable=0 failed=0 10.0.102.200 : ok=2 changed=1 unreachable=0 failed=0 10.0.102.212 : ok=2 changed=1 unreachable=0 failed=0 [[email?protected] playbook]# 一个注册变量通常会有以下4个属性:
高阶变量对于普通变量,在ansible命令行设定的,在hosts文件中定义的,或者在playbook中定义的等,这些都是普通变量,在引用时,可以使用使用{{ variable }}的形式。ansible是用python语言写的,因此也支持一种叫做列表的变量,形式如下: [[email?protected] playbook]# cat test.yml --- - hosts: all remote_user: root gather_facts: no vars: var_list: #注意形式,定义了var_list列表,取值方法和列表取值一样,不推荐使用jinja2的方法取值。 - one - two - three tasks: - name: test the list variables shell: echo {{ var_list[0] }} #取列表中的第一个字,也就是one register: results - name: print the register result debug: msg="{{ results.stdout }}" 执行结果如下: [[email?protected] playbook]# ansible-playbook test.yml PLAY [all] ******************************************************************** TASK: [test the list variables] *********************************************** changed: [10.0.102.212] changed: [10.0.102.200] changed: [10.0.102.162] TASK: [print the register result] ********************************************* ok: [10.0.102.212] => { "msg": "one" } ok: [10.0.102.200] => { "msg": "one" } ok: [10.0.102.162] => { "msg": "one" } PLAY RECAP ******************************************************************** 10.0.102.162 : ok=2 changed=1 unreachable=0 failed=0 10.0.102.200 : ok=2 changed=1 unreachable=0 failed=0 10.0.102.212 : ok=2 changed=1 unreachable=0 failed=0 ?facts变量信息在上面的测试中,我们的playbook都执行了一条命令叫gater_facts:no,加入了这条命令后,playbook脚本的执行速度会快很多,这是因为默认情况下,ansible是会手机远程服务器的主机信息,这些信息包含了服务器的一些基本设置。 GATHERING FACTS *************************************************************** ok: [10.0.102.200] ok: [10.0.102.212] ok: [10.0.102.162] 收集的主机信息可以使用setup模块查看,一个主机的收集信息如下:
[[email?protected] playbook]# ansible 10.0.102.162 -m setup 10.0.102.162 | success >> { "ansible_facts": { "ansible_all_ipv4_addresses": [ "10.0.102.162" ],"ansible_all_ipv6_addresses": [ "fe80::1392:ecd3:5adf:c3ae" ],"ansible_architecture": "x86_64","ansible_bios_date": "04/01/2014","ansible_bios_version": "1.9.1-5.el7.centos","ansible_cmdline": { "BOOT_IMAGE": "/vmlinuz-3.10.0-514.el7.x86_64","LANG": "en_US.UTF-8","crashkernel": "auto","quiet": true,"rd.lvm.lv": "cl/swap","rhgb": true,"ro": true,"root": "/dev/mapper/cl-root" },"ansible_date_time": { "date": "2019-02-16","day": "16","epoch": "1550248590","hour": "00","iso8601": "2019-02-15T16:36:30Z","iso8601_micro": "2019-02-15T16:36:30.311222Z","minute": "36","month": "02","second": "30","time": "00:36:30","tz": "CST","tz_offset": "+0800","weekday": "Saturday","year": "2019" },"ansible_default_ipv4": { "address": "10.0.102.162","alias": "eth0","gateway": "10.0.100.1","interface": "eth0","macaddress": "fa:0a:e3:54:a6:00","mtu": 1500,"netmask": "255.255.252.0","network": "10.0.100.0","type": "ether" },"ansible_default_ipv6": {},"ansible_devices": { "sr0": { "holders": [],"host": "IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II]","model": "QEMU DVD-ROM","partitions": {},"removable": "1","rotational": "1","scheduler_mode": "cfq","sectors": "2097151","sectorsize": "512","size": "1024.00 MB","support_discard": "0","vendor": "QEMU" },"vda": { "holders": [],"host": "SCSI storage controller: Red Hat,Inc Virtio block device","model": null,"partitions": { "vda1": { "sectors": "2097152","sectorsize": 512,"size": "1.00 GB","start": "2048" },"vda2": { "sectors": "81786880","size": "39.00 GB","start": "2099200" } },"removable": "0","scheduler_mode": "","sectors": "83886080","size": "40.00 GB","vendor": "0x1af4" } },"ansible_distribution": "CentOS","ansible_distribution_major_version": "7","ansible_distribution_release": "Core","ansible_distribution_version": "7.3.1611","ansible_domain": "","ansible_env": { "HOME": "/root","LC_CTYPE": "en_US.UTF-8","LESSOPEN": "||/usr/bin/lesspipe.sh %s","LOGNAME": "root","LS_COLORS": "rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.axa=01;36:*.oga=01;36:*.spx=01;36:*.xspf=01;36:","MAIL": "/var/mail/root","PATH": "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin","PWD": "/root","SELINUX_LEVEL_REQUESTED": "","SELINUX_ROLE_REQUESTED": "","SELINUX_USE_CURRENT_RANGE": "","SHELL": "/bin/bash","SHLVL": "2","SSH_CLIENT": "10.0.102.204 4242 22","SSH_CONNECTION": "10.0.102.204 4242 10.0.102.162 22","SSH_TTY": "/dev/pts/1","TERM": "xterm","USER": "root","XDG_RUNTIME_DIR": "/run/user/0","XDG_SESSION_ID": "168","_": "/usr/bin/python" },"ansible_eth0": { "active": true,"device": "eth0","ipv4": { "address": "10.0.102.162","network": "10.0.100.0" },"ipv6": [ { "address": "fe80::1392:ecd3:5adf:c3ae","prefix": "64","scope": "link" } ],"module": "virtio_net","promisc": false,"ansible_form_factor": "Other","ansible_fqdn": "docker4","ansible_hostname": "docker4","ansible_interfaces": [ "lo","eth0" ],"ansible_kernel": "3.10.0-514.el7.x86_64","ansible_lo": { "active": true,"device": "lo","ipv4": { "address": "127.0.0.1","netmask": "255.0.0.0","network": "127.0.0.0" },"ipv6": [ { "address": "::1","prefix": "128","scope": "host" } ],"mtu": 65536,"type": "loopback" },"ansible_machine": "x86_64","ansible_memfree_mb": 881,"ansible_memtotal_mb": 1839,"ansible_mounts": [ { "device": "/dev/mapper/cl-root","fstype": "xfs","mount": "/","options": "rw,seclabel,relatime,attr2,inode64,noquota","size_available": 34615087104,"size_total": 39700664320 },{ "device": "/dev/vda1","mount": "/boot","size_available": 918556672,"size_total": 1063256064 } ],"ansible_nodename": "docker4","ansible_os_family": "RedHat","ansible_pkg_mgr": "yum","ansible_processor": [ "QEMU Virtual CPU version 2.5+","QEMU Virtual CPU version 2.5+" ],"ansible_processor_cores": 2,"ansible_processor_count": 1,"ansible_processor_threads_per_core": 1,"ansible_processor_vcpus": 2,"ansible_product_name": "KVM","ansible_product_serial": "NA","ansible_product_uuid": "E5E1D5E6-1A4D-4E0D-98C3-B8AD422B10CC","ansible_product_version": "RHEL 7.3.0 PC (i440FX + PIIX,1996)","ansible_python_version": "2.7.5","ansible_selinux": { "config_mode": "enforcing","mode": "enforcing","policyvers": 28,"status": "enabled","type": "targeted" },"ansible_ssh_host_key_ecdsa_public": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEp5iF/lAqB9Q9FNKfnsi3mLJSVvvooVhRRcuGTBHEJs+TaM36oBaIr764IX1zdn2sWFLdYgmcuaAeiPu3fK+UU=","ansible_ssh_host_key_rsa_public": "AAAAB3NzaC1yc2EAAAADAQABAAABAQC6yHI2+V64EMW3jDISBrzKmWurP7uF4IqemJgowpqC3mVlFsPOSqerDoJN9hE34fViXcbLUj9wIi0kc3QzxxNwTefwJCdPSL17ns9eIEDKJqrHswts7OXYC1948bdyhyGnaW57BEfVUJ+Vt8OI1JSKkKsi3aCumaZDz9tNGCVYiqW4PMUQFaT/yEnPqKhSp8mDX/SL/unpVsctB0w37o38ZVApKPaNkHW25uiwroStLGqY4VgoZHTqHUdvqk4EZQOD0+JmBcYKVj2ABBl1sMiH8mmrc2W2Gi0gJx31Ky/t5SWQtXTdMRB3D7N9yRd1pPcnh0zebS/OPnX4G5UWX/aP","ansible_swapfree_mb": 0,"ansible_swaptotal_mb": 0,"ansible_system": "Linux","ansible_system_vendor": "Red Hat","ansible_user_id": "root","ansible_userspace_architecture": "x86_64","ansible_userspace_bits": "64","ansible_virtualization_role": "guest","ansible_virtualization_type": "kvm","module_setup": true },"changed": false } [[email?protected] playbook]# 在实际应用中,运用的比较多的facts变量有ansible_os_family,ansible_hostname等,这些变量通常会被拿来作为when条件语句的判断条件,来决定下一步的操作。一个简单的实例: [[email?protected] playbook]# cat test.yml --- - hosts: all remote_user: root tasks: - name: test the list variables shell: echo {{ ansible_os_family }} register: results - name: print the register result debug: msg="{{ results.stdout }}" [[email?protected] playbook]# 执行结果如下: [[email?protected] playbook]# ansible-playbook test.yml PLAY [all] ******************************************************************** GATHERING FACTS *************************************************************** ok: [10.0.102.162] ok: [10.0.102.212] ok: [10.0.102.200] TASK: [test the list variables] *********************************************** changed: [10.0.102.162] changed: [10.0.102.212] changed: [10.0.102.200] TASK: [print the register result] ********************************************* ok: [10.0.102.212] => { "msg": "RedHat" #对应变量的结果 } ok: [10.0.102.200] => { "msg": "RedHat" } ok: [10.0.102.162] => { "msg": "RedHat" } PLAY RECAP ******************************************************************** 10.0.102.162 : ok=3 changed=1 unreachable=0 failed=0 10.0.102.200 : ok=3 changed=1 unreachable=0 failed=0 10.0.102.212 : ok=3 changed=1 unreachable=0 failed=0 本地facts变量 我们可以自己定义facts变量,把这个变量写入一个以.fact结尾的文件中,这个文件可以是json文件或ini文件,或者是一个可以返回json代码的可执行文件。然后将其放在远程主机的/etc/ansible/facts.d文件夹中,ansible在执行的任务时会自动到这个文件夹中读取变量的信息。 在远程主机上做如下操作: #自定义fact信息 然后再ansible主机上获取自定义的信息。 [[email?protected] playbook]# ansible 10.0.102.162 -m setup -a "filter=ansible_local" 10.0.102.162 | success >> { "ansible_facts": { "ansible_local": { "test": { "test_fact": { "admin": "hongkong" } } } },"changed": false } if/then/while流控制语句条件判断在ansible任务中的使用频率非常高。我们可以根据一些条件的不一样执行不同的task。 when条件判断很多任务只有在特定条件下才能执行,这就是when语句发挥作用的地方。 一个简单的实例,关闭掉ip地址为10.0.102.162服务器上的mysql服务,如下: [[email?protected] playbook]# cat test.yml --- - hosts: all remote_user: root tasks: - name: shut down the db server service: name=mysqld state=stopped when: ansible_eth0.ipv4.address == "10.0.102.162" #这里使用了when条件语句 [[email?protected] playbook]# 执行的结果如下: [[email?protected] playbook]# ansible-playbook test.yml PLAY [all] ******************************************************************** GATHERING FACTS *************************************************************** ok: [10.0.102.212] ok: [10.0.102.200] ok: [10.0.102.162] TASK: [shut down the db server] *********************************************** skipping: [10.0.102.200] skipping: [10.0.102.212] changed: [10.0.102.162] #162的服务状态已经改变 PLAY RECAP ******************************************************************** 10.0.102.162 : ok=2 changed=1 unreachable=0 failed=0 10.0.102.200 : ok=1 changed=0 unreachable=0 failed=0 10.0.102.212 : ok=1 changed=0 unreachable=0 failed=0 这个就是when条件语句的用法很简单。需要注意when语句的作用于paly的作用时间,当when的条件满足时,然后才会执行play中的任务。ansible还提供了另外两个与when相关的语句changed_when和failed_when条件判断。 changed_when和failed_when条件判断暂空 任务间的流程控制任务委托默认情况下,ansible所有任务都是在我们指定的机器上面运行的,当在一个独立的集群环境配置时,这并没有什么问题。而在有些情况下,比如给某台服务器发送通知或者向监控服务器中添加被监控的主机,这个时候任务就需要在特定的主机上运行,而非一开始指定的所有主机,此时就需要ansible的委托任务。 使用delegate_to关键字可以配置任务在指定的服务器上执行,而其他任务还是在hosts关键字配置的所有机器上执行,当到了这个关键字所在的任务时,就使用委托的机器运行。 查看MySQL是否在运行状态,因此在检查之前首先关掉162上的mysql服务。【为了方便查看状态】 [[email?protected] playbook]# cat test.yml --- - hosts: all remote_user: root tasks: - name: stop the db server service: name=mysqld state=stopped delegate_to: 10.0.102.162 #这里使用了委托,仅关闭162这台服务器上,这个play仅在162这台服务器上执行。 - name: check mysql status service: name=mysqld state=running 这里委托是在指定的机器上执行,若是想在本地服务器上执行,可以把ip地址换为127.0.0.1即可。也可以使用local_action方法。 [[email?protected] playbook]# cat test.yml --- - hosts: all remote_user: root tasks: - name: create the test file local_action: shell touch test1111 #在本地创建一个测试文件 - name: check mysql status service: name=mysqld state=running 结果如下: [[email?protected] playbook]# ansible-playbook test.yml PLAY [all] ******************************************************************** GATHERING FACTS *************************************************************** ok: [10.0.102.212] ok: [10.0.102.200] ok: [10.0.102.162] TASK: [create the test file] ************************************************** changed: [10.0.102.212 -> 127.0.0.1] changed: [10.0.102.200 -> 127.0.0.1] changed: [10.0.102.162 -> 127.0.0.1] TASK: [check mysql status] **************************************************** ok: [10.0.102.200] ok: [10.0.102.212] ok: [10.0.102.162] PLAY RECAP ******************************************************************** 10.0.102.162 : ok=3 changed=1 unreachable=0 failed=0 10.0.102.200 : ok=3 changed=1 unreachable=0 failed=0 10.0.102.212 : ok=3 changed=1 unreachable=0 failed=0 [[email?protected] playbook]# ls #默认会在当前目录创建对应的文件 test1111 test.yml vars.yml 任务暂停有些情况下,一些任务的运行需要等待一些状态的恢复,比如某一台主机或者应用刚刚重启,我们需要等待它上面的某个端口开启,此时我们就不得不将正在运行的任务暂停,直到其状态满足我们的需求。下一个实例【摘抄】 - name: wait for webserver to start local_action: module: wait_for host: webserver1 port: 80 delay: 10 timeout: 300 state: startted#这个实例中,这个任务将会每10s检查一次主机webserver1上面的80端口是否开启,如果超过了300s,80端口仍未开启,将会返回失败信息。 (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
