ansible变量应用实例
参考资料
在文件中定义变量,引用变量文件
例1:磁盘分区,并挂载
[westos@server1 ansible]$ cat playbook.yml
---
- hosts: 172.25.254.120
vars_files:
- partlist.yml ##用变量文件中的值
tasks:
- name: Create a new primary
parted:
device: /dev/sdb
number: "{
{ item.num }}"
state: present
part_start: "{
{ item.start }}"
part_end: "{
{ item.end }}"
loop: "{
{ partlist }}"
when: item.name not in ansible_devices['sdb']['partitions']
- name: create xfs filesystem
filesystem:
fstype: xfs
dev: "/dev/{
{ item.name }}"
loop: "{
{ partlist }}"
- name: create mount dir
file:
path: "/mnt/{
{ item.dir }}"
state: directory
loop: "{
{ partlist }}"
- name: mount partations
mount:
path: "/mnt/{
{ item.dir }}"
src: "/dev/{
{ item.name }}"
fstype: xfs
opts: noatime
state: mounted
loop: "{
{ partlist }}"
westos@server1 ansible]$ cat partlist.yml
---
partlist:
- name: sdb1
num: 1
start: 1GiB ###从0开始时出现报错
end: 2GiB
dir: dir1
- name: sdb2
num: 2
start: 2GiB
end: 4GiB
dir: dir2
建立用户变量建立用户
建立用户的时候密码不能是名文形式
[westos@server1 ansible]$ ll /home/westos/ansible/host_vars/172.25.4.1/valut
-rw-------. 1 westos westos 355 Jan 6 06:03 /home/westos/ansible/host_vars/172.25.4.1/valut
[westos@server1 ansible]$ ansible-vault view /home/westos/ansible/host_vars/172.25.4.1/valut
Vault password:
passwd: westos
直接将文件加密
[westos@server1 ansible]$ cat user.yml
---
- hosts: 172.25.4.1
tasks:
- name: create user
user:
name: wxh
password: "{
{ passwd | password_hash('sha512') }}"
state: present
配置apache
[westos@server1 ansible]$ cat apache.yml
---
- hosts: play
tasks:
- name: dnf apache
dnf:
name: httpd
state: present
- name: start apache
service:
name: httpd
state: started
- name: figure apache
copy:
content: "{
{ansible_hostname}}"
dest: /var/www/html/index.html
- name: accept apache
firewalld:
service: http
permanent: yes
state: enabled
immediate: yes
haproxy均衡负载,
主机列表
[westos@server1 ansible]$ cat hosts
[test]
server1
[lb]
server2
[ll]
server3
[webserver:children]
lb
ll
解析
[westos@server1 ansible]$ cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.25.4.250 westos_student4
172.25.4.1 server1
172.25.4.2 server2
172.25.4.3 server3
[westos@server1 ansible]$ cat haproxy.yml
---
- hosts: webserver test
serial: 1
pre_tasks:
- name: disable the server in haproxy
haproxy: 'state=disabled backend=app host={
{ inventory_hostname }} socket=/var/lib/haproxy/stats'
delegate_to: "{
{ item }}"
loop: "{
{ groups.test }}"
# roles:
# - role: apache
# #when: inventory_hostname in groups['webserver']
post_tasks:
- name: wait for webserver to come up
wait_for: 'host={
{ inventory_hostname }} port=80 state=started timeout=80'
- name: enable the server in haproxy
haproxy: 'state=enabled backend=app host={
{ inventory_hostname }} socket=/var/lib/haproxy/stats'
delegate_to: "{
{ item }}"
loop: "{
{ groups.test }}"
1主机去监听2,3主机web服务器的状态
vim /etc/haproxy/haproxy.cfg
事实变量
block语句:任务分块进行
有格式要求
最好写成如下标准格式
ansible_default_ipv4.address 报错
[westos@server1 ansible]$ cat kk.yml
---
- hosts: all
tasks:
- name: deploy apache
block:
- name: install httpd
dnf:
name: httpd
state: present
- name: create index.html
copy:
content: "{
{ ansible_hostname }}\n"
dest: /var/www/html/index.html
- name: start httpd
service:
name: httpd
state: started
enabled: yes
- name: accept httpd
firewalld:
service: http
permanent: yes
immediate: yes
state: enabled
- name: accept 8080
firewalld:
port: 8080/tcp
permanent: yes
immediate: yes
state: enabled
when: ansible_facts['ens160']['ipv4']['address'] in groups['webserver']
when: ansible_facts['ens160']['ipv4']['address'] in groups['webserver'] 标准格式则可以正常采集到
调用上个剧本的变量(三种情况)
事实变量
注册变量
set_fact: 设置的变量
[westos@server1 ansible]$ cat test.yml
---
- hosts: 172.25.4.2
tasks:
- set_fact: name="westos"
- debug:
msg: "{
{ ansible_hostname }}"
- command: /bin/date
register: result
- hosts: 172.25.4.1
tasks:
- debug:
msg: "{
{ hostvars['172.25.4.2']['ansible_facts']['hostname'] }}"
- debug:
msg: "{
{ hostvars['172.25.4.2']['result']['stdout']}}"
- debug:
msg: "{
{hostvars['172.25.4.2']['name']}}"