今日内容:playbook条件语句
1.playbook条件语句
判断在Ansible任务中_吏用频率非常高。比如yum模块可以检测软件包是否已被安装,而在这个过程中我们不用做太多的人工干预。
但是也有部分任务需要进行判断,比如:web服务器角色都需要安装nginx仓库,但其他的服务器角色并不需要,此时就会用到when判断。
比如:Centos与Ubuntu系统都需要安装httpd服务,那么就需要使用when判断主机系统,然后调用不同的模块执行。
实践案例一、根据不同操作系统,安装相同的软件包
Centos:httpd
Ubuntu:httpd2
```HTML
[root@manager ansible_tasks]# cat t1.yml
- hosts: webservers
tasks:
- name: installed http server
yum:
name: httpd
state: present
when: (ansible_distribution == "CentOS")
- name: installed http server
yum:
name: httpd2
state: present
when: (ansible_distribution == "Ubuntu")
```
实践案例二、所有为web主机名的安装nginx,其余的都跳过添加
```HTML
[root@manager ansible_tasks1]# cat t2.yml
- hosts: all
tasks:
- name: installed nginx web server
yum:
name: nginx
state: present
when: (ansible_hostname is match("web*"))
```
2.playbook循环语句
有时候我们写playbook的时候发现了很多task都要重复引用某个模块,比如一次启动10个服务,或者一次拷贝10个文件,如果按照传统的写法最少要写10次,这样会显得playbook很臃肿。如果使用循环的方式来编写playbook,这样可以减少重复使用某个模块。
```HTML
案例一:一个tasks安装多个软件
[root@manager ansible_tasks1]# cat t3.yml
- hosts: webservers
tasks:
- name: installed all rpm
yum:
name: "{{item}}" #固定的变量(会在loop列表中依次提取对应的值 )
state: present
loop:
- httpd
- httpd-tools
官方建议安装多个软件
[root@manager ansible_tasks1]# cat t3.1.yml
- hosts: webservers
tasks:
- name: installed all rpm
yum:
name: "{{packages}}"
vars:
packages:
- httpd
- httpd-tools
案例二:一个tasks启动多个服务(列表)
[root@manager ansible_tasks1]# cat t4.yml
- hosts: webservers
tasks:
- name: started nginx add php-fpm server
systemd:
name: "{{item}}"
state: started
enabled: yes
loop:
- nginx
- php-fpm
案例三:一个tasks拷贝多个文件(字典)
[root@manager ansible_tasks1]# cat t5.yml
- hosts: webservers
tasks:
- name: Configure Rsync Deamon
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
loop:
- { src: rsyncd.conf.j2, dest: /opt/rsyncd.conf, mode: "0644" }
- { src: rsync.pass.j2, dest: /opt/rsync.pass, mode: "0600" }
批量创建用户,使用key values字典的方式
testuser1 基本组 bin 8989 /bin/bash
testuser2 基本组 root 7878 /bin/sh
[root@manager ansible_tasks1]# cat t6.yml
- hosts: webservers
tasks:
- name: greate user
user:
name: "{{item.name}}"
uid: "{{item.uid}}"
group: "{{item.group}}"
shell: "{{item.shell}}"
loop:
- { name: testuser1, uid: 8989, group: bin, shell: /bin/bash }
- { name: testuser2, uid: 7878, group: root, shell: /bin/sh }
```
3.handlers触发器
1.当配置发生改变时重启服务
```HTML
[root@manager ansible_tasks1]# cat handlers.yml
- hosts: webservers
tasks:
- name: Install Http Server
yum:
name: httpd
state: present
- name: configure httpd server
copy:
src: ./httpd.conf.j2
dest: /tmp/httpd.conf
notify:
- Restart Httpd Server
- name: start httpd server
systemd:
name: httpd
state: started
enabled: yes
handlers:
- name: Restart Httpd Server
systemd:
name: httpd
state: restarted
```
3.2handlers注意事项
1.无论多少个task通知了相同的handlers,handlers仅会在所有tasks结束后运行一次。
2.只有task发生改变了才会通知handlers,没有改变则不会触发handlers
3.不能使用handlers替代tasks
4.playbook tag标记(用于调试的场景下)
默认情况下,Ansible在执行一个playbook时,会执行playbook中定义的所有任务。Ansible的标签(Tags)功能可以给单独任务甚至整个playbook打上标签,然后利用这些标签来指定要运行playbook中的个别任务,或不执行指定的任务。
1.打标签的方式有几种,比如:
对一个task打一个标签、对一个task打多个标签、对多个task打一个标签
2、对task打完标签应该如何使用
-t:执行指定的tag标签任务
-skip-tags:执行-skip-tags之外的标签任务
```HTML
[root@manager ansible_tasks1]# cat t7.yml
- hosts: webservers
tasks:
- name: installed nfs server
yum:
name: nfs-utils
state: present
tags: install_nfs
- name: started nfs server
systemd:
name: nfs
state: started
enabled: yes
tags: start_nfs
指定执行 playbook中的某一个标签 ( 通常是用来快速解决问题 )
[root@manager ansible_tasks]# ansible-playbook t7.yml -t install_nfs
指定排除某个tags,其余都正常执行
[root@manager ansible_tasks]# ansible-playbook t7.yml --skip-tags install_nfs
```
5.playbook 文件复用(include)
include用来动态的包含tasks任务列表include_tasks新版/include老版
```HTML
包含include
[root@manager ansible_tasks1]# cat restart_nginx.yml
- name: restar nginx server
systemd:
name: nginx
state: restarted
[root@manager ansible_tasks1]# cat a_project.yml
- hosts: webservers
tasks:
- name: A Project command
command: echo "A"
- name: Restart Nginx
include: restart_nginx.yml
[root@manager ansible_tasks1]# cat b_project.yml
- hosts: webservers
tasks:
- name: B project command
command: echo "B"
- name: restarted nginx
include: restart_nginx.yml
```
6.playbook忽略错误(ignore_errors)
默认Playbook会将tasks执行的返囪状态,如遇到错误则会立即终止playbook的后续的tasks执行。然而有些时候palybook即使执行锗误了也要让其继续执行
加入参数:ignore_errors: yes忽略错误
```HTML
[root@manager ansible_tasks1]# cat errors.yml
- hosts: webservers
tasks:
- name: shell command
command: /bin/false
ignore_errors: yes
- name: greate file
file:
path: /tmp/oldlai_lai
state: touch
```
7.playbook异常处理
通常情况下,当某个tasks失败后,play将会终止,任何在前面已经被tasks notify的handlers都不会被执行。如果你在play中设置了force_handlers: yes参数,被通知的handlers就会被强制执行。(有些特殊场景可能会使用到)
changed_when: false 被管理主机没有发生变化,可以使用参数将change状态改为ok
changed_when: httpd_check.stdout.find('OK') #查看变量中的某个字符串
```HTML
1.控制task报告的状态,不一定必须是"changed"
[root@manager ansible_tasks1]# cat t8.yml
- hosts: webservers
tasks:
- name: get nginx port status
shell: netstat -lntp | grep nginx
register: ngx_status
changed_when: false
- name: debug nginx status
debug:
msg: "{{ngx_status.stdout_lines}}"
2.使用changed_when检查tasks任务返回的结果
[root@manager ansible_tasks1]# cat t9.yml
- hosts: webservers
tasks:
- name: install nginx server
yum:
name: nginx
state: present
tags: Install_Nginx_Server
- name: configure nginx server
copy:
src: ./nginx.conf.j2
dest: /etc/nginx/nginx.conf
notify: Restart Nginx Server
- name: Check Nginx Configure File
shell: nginx -t
register: check_ngx #将nginx -t的结果存储至check_ngx变量中
changed_when:
- false #由于没有在被控端执行任何操作,所以可以将其修改为false,这个任务每次执行就ok状态
- check_ngx.stdout.find('successful') #检查变量中是否存在successful的字符串,如果存在则继续,不存在则停止,并报错。
- name: started nginx server
systemd:
name: nginx
state: started
enabled: yes
handlers:
- name: Restart Nginx Server
systemd:
name: nginx
state: restarted
```