ansible中的任务执行控制
本文共 10481 字,大约阅读时间需要 34 分钟。
ansible中的任务执行控制
一.循环
1.简单循环
loop: ##赋值列表 - value1 - value2 - ...{ {item}} ##迭代变量名称#实例#---- name: create file hosts: 172.25.0.254 tasks: - name: file module file: name: /mnt/{ {item}} state: present loop: - westos_file1 - westos_file2 2.循环散列或字典列表
---- name: create file hosts: 172.25.0.254 tasks: - name: file module service: name: "{ { item.name}}" state: "{ { item.state }}" loop: - name: httpd state: started - name: vsftpd state: stopped - 脚本练习:在系统中完成以下用户操作
- 1.建立用户组shengchan,caiwu,jishu并满足以下要
- shengchan组id为8000
- caiwu组id为8001
- jishu组id为8002
- 2.建立westosuser,linux,lee,westosadmin等用户完成以下要求
- westosuser用户的附加组为shengchan和jishu
- lee的主组为caiwu附加组为技术,lee的uid和gid必须一致
- linux为系统账号不能直接被操作者使用
- westosamdin用户不属于以上三个部门,但是可以在系统中自由的管理用户
- 3 以上用户密码均为westos,并要求用户首次登陆时强制修改密码 设定以上用户密码必须在30天内进行休改,并在过期前2天发出警告求
---- name: create file hosts: list1 tasks: - name: create group group: name: "{ {item.name}}" gid: "{ {item.gid}}" state: present loop: - name: shengchan gid: 8000 - name: caiwu gid: 8001 - name: jishu gid: 8002 - name: westosuser gid: 8003 - name: linux gid: 8004 - name: westosadmin gid: 8005 - name: create user user: name: "{ {item.name}}" groups: "{ {item.groups}}" group: "{ {item.group}}" shell: "{ {item.shell}}" uid: "{ {item.uid}}" password: '$6$4RBSjfuYIt694mEi$KetzruRtGRzZIPA4B/hDCimIWCalsOkzCH2GEoHvRTZpDXWL1xf.0.SYDg.SQ6KwtMUDKsNIcH0MAd3AHBRET0' loop: - name: westosuser groups: shengchan, jishu group: 8003 shell: /bin/bash uid: 8003 - name: lee groups: jishu group: caiwu shell: /bin/bash uid: 8001 - name: linux groups: linux group: linux shell: /sbin/nologin uid: 8004 - name: westosadmin groups: westosadmin group: westosadmin shell: /bin/bash uid: 8005 - name: westosadmin lineinfile: path: /etc/sudoers regexp: "^root" insertafter: "^root" line: "westosadmin { {ansible_facts['fqdn']}}=(root) NOPASSWD: /sbin/useradd, /sbin/userdel, /sbin/usermod" - name: configure password messages shell: chage -d 0 -M 30 -W 2 "{ {item}}" loop: - westosuser - lee - westosadmin - 受控主机上安装httpd .vsftpd. dhcp-server 并且建立两个用户 westosuser1 组id 444 家目录:/mnt/westosusr1 westosuser2 组id 6666 家目录: /mnt/westosuser2 两个用户的附加组是21
---- name: dnf and create user hosts: 172.25.11.3 tasks: - name: dnf vsftpd http dhcp-server dnf : name: "{ {item.name}}" state: present loop: - name: vsftpd - name: httpd - name: dhcp-server - name: create group group: name: "{ {item.name}}" gid: "{ {item.gid}}" state: present loop: - name: westosuser1 gid: 444 - name: westosuser2 gid: 6666 - name: westosuser gid: 21 ignore_errors: yes ###受控主机中的21组存在,忽略错误继续执行 - name: create user user: name: "{ {item.name}}" group: "{ {item.group}}" home: "{ {item.home}}" groups: 21 loop: - name: westosuser1 group: 444 home: /mnt/westosuser1 - name: westosuser2 group: 6666 home: /mnt/westosuser2 
二.条件
when: - 条件1 - 条件2
条件判断
#条件判断#= value == "字符串",value == 数字< value < 数字> value > 数字<= value <= 数字>= value >= 数字 != value != 数字is defined value value is defined 变量存在is not defined value is not defined 变量不存在bool变量 为true value value的值为truebool变量 false not value value的值为false value in value2 value的值在value2列表中
多条条件组合
when: 条件1 and 条件2 - 条件1 - 条件2when: 条件1 or 条件2when: > 条件1 or 条件2
- 练习: 检查受控主机是否安装了vsftpd,如果没有,输出没有安装, 并且安装vsftpd
---- name: check vsftpd hosts: 172.25.11.3 tasks: - name: check vsftpd shell: rpm -q vsftpd register: vsftpd_state ignore_errors: yes - name: debug debug: msg: it is not installed vsftpd" when: vsftpd_state.rc == 1 - name: dnf vsftpd dnf: name: vsftpd state: present when: vsftpd_stste.rc == 1
三.触发器
notify: 触发器当遇到更改是触发handlershandlers: 触发器触发后执行的动作#实例#---- name: create virtualhost for web server hosts: 172.25.0.254 vars_files: ./vhost_list.yml tasks: - name: create document file: path: "{ {web2.document}}" state: directory - name: create vhost.conf copy: dest: /etc/httpd/conf.d/vhost.conf content: " \n\tServerName { {web1.name}}\n\tDocumentRoot { {web1.document}}\n\tCustomLog logs/{ {web1.name}}.log combined\n \n\n \n\tServerName { {web2.name}}\n\tDocumentRoot { {web2.document}}\n\tCustomLog logs/{ {web2.name}}.log combined\n " notify: restart apache handlers: - name: restart apache service: name: httpd state: restarted - 练习:搭建一个vsftpd服务
---- name: creat vsftpd hosts: all tasks: - name: install vsftpd dnf: name: vsftpd state: present - name: config vsftpd.conf template: src: ~/ansible/vsftpd.conf.j2 dest: /etc/vsftpd/vsftpd.conf notify: restart vsftpd - name: config ftpdir file: path: /var/ftp/pub group: ftp mode: '0775' setype: "public_content_rw_t" - name: set sebool seboolean: name: ftpd_anon_write state: yes persistent: yes - firewalld: zone: public service: ftp permanent: yes state: enabled immediate: yes handlers: - name: restart vsftpd service: name: vsftpd state: restarted
- 练习:查看受控主机是否有/dev/sdb,虚拟机是vdb,如果有,进行分区,划分出来/dev/sdb,1G。并将其格式化,挂载到/westos.
- name: check sdb hosts: 172.25.11.2 tasks: - name: check debug: msg: "{ {ansible_facts.all_ipv4_addresses}} is not exist with /dev/sdb" when: ansible_facts.devices.sdb is not defined - name: parted parted: device: /dev/sdb number: 1 state: present part_end: 1GiB when: ansible_facts.devices.sdb is defined notify: - filesystem - mounted handlers: - name: filesystem filesystem: dev: /dev/sdb1 fstype: xfs - name: mounted mount: path: /westos src: /dev/sdb1 fstype: xfs state: mounted 
四.处理失败任务
1.ignore_errors
#作用:当play遇到任务失败是会终止ignore_errors: yes 将会忽略任务失败使下面的任务继续运行#实例#- name: test dnf: name: westos state: latest ignore_errors: yes - name: create file file: path: /mnt/westos state: touch
2.force_handlers
#作用:#当任务失败后play被终止也会调用触发器进程#example---- name: apache change port hosts: 172.25.0.254 force_handlers: yes vars: http_port: 80 tasks: - name: configure apache conf file lineinfile: path: /etc/httpd/conf/httpd.conf regexp: "^Listen" line: "Listen { { http_port }}" notify: restart apache - name: install error ###没有westos服务,所以这部会出现错误,后续无法执行,force_handlers 强制执行 dnf: name: westos state: latest handlers: - name: restart apache service: name: httpd state: restarted enabled: yes 
3.changed_when
#作用:#控制任务在何时报告它已进行更改---- name: apache change port hosts: 172.25.0.254 force_handlers: yes vars: http_port: 8080 tasks: - name: configure apache conf file lineinfile: path: /etc/httpd/conf/httpd.conf regexp: "^Listen" line: "Listen { { http_port }}" changed_when: true notify: restart apache handlers: - name: restart apache service: name: httpd state: restarted enabled: yes 
4.failed_when
#当符合条件时强制任务失败---- name: test hosts: 172.25.0.254 tasks: - name: shell shell: echo hello register: westos failed_when: "'hello' in westos.stdout"
5.block
block: ##定义要运行的任务rescue: ##定义当block句子中出现失败任务后运行的任务always: ##定义最终独立运行的任务
测试练习
- 建立playbook ~/westos.yml要求如下: 建立大小为1500M名为/dev/vdb1的设备 如果/dev/vdb不存在请输入: /dev/vdb is not exist 如果/dev/vdb大小不足2G请输出: /dev/vdb is less then 2G 并建立800M大小的/dev/vdb1 此设备挂载到/westos上
---- name: create /dev/vdb1 hosts: all tasks: - block: - parted: device: /dev/vdb number: 1 state: present part_end: 2000MiB - parted: device: /dev/vdb number: 1 state: absent - parted: device: /dev/vdb number: 1 state: present part_end: 1500MiB when: ansible_facts['devices']['vdb'] is defined rescue: - debug: msg: /dev/vdb is less then 2G - parted: device: /dev/vdb number: 1 state: present part_end: 800MiB always: - filesystem: fstype: xfs dev: /dev/vdb1 force: yes - mount: path: /westos src: /dev/vdb1 fstype: xfs state: mounted - name: check /dev/vdb debug: msg: "vdb is not exist" when: ansible_facts['devices']['vdb'] is not defined
- name: check sdb hosts: all tasks: - name: check debug: msg: "{ {ansible_facts.all_ipv4_addresses}} is not exist with /dev/sdb" when: ansible_facts.devices.sdb is not defined - name: create sdb1 block: - name: create 1500M sdb1 parted: device: /dev/sdb number: 1 state: present part_end: 1500 MiB when: ansible_facts.devices.sdb is defined notify: - filesystem - mounted rescue: - name: check /dev/sdb debug: msg: "{ {ansible_facts.all_ipv4_addresses}} 's /dev/sdb is less than 1500M; ## 注意:不同版本的虚拟机所列出的信息不一致,先使用 ansible ip -m setup 列出信息 when: ansible_facts.devices.sdb is defined - name: create /dev/sdb parted: device: /dev/sdb number: 1 state: present part_end: 800MiB when: ansible_facts.devices.sdb is defined notify: - filesystem - mounted handlers: - name: filesystem filesystem: dev: /dev/sdb1 fstype: xfs - name: mounted mount: path: /westos src: /dev/sdb1 fstype: xfs state: mounted 转载地址:http://lnhzi.baihongyu.com/
你可能感兴趣的文章
SSH框架总结(框架分析+环境搭建+实例源码下载)
查看>>
Struts2+Spring3+Mybatis3开发环境搭建
查看>>
mongoDB入门必读(概念与实战并重)
查看>>
通俗易懂解剖jbpm4
查看>>
rsync
查看>>
makefile
查看>>
linux 文件权限
查看>>
一些比较好的golang安全项目
查看>>
HTTP状态码
查看>>
go语言
查看>>
mysql mariaDB 以及存储引擎
查看>>
游戏行业了解介绍
查看>>
linux at 命令使用
查看>>
Go在windows下执行命令行指令
查看>>
inotify
查看>>
inode
查看>>
Shell: sh,bash,csh,tcsh等shell的区别
查看>>
golang ubuntu 配置 笔记
查看>>
vim 常用命令
查看>>
golang 开源项目
查看>>