变量命名
支持数字、字母、下划线
有效:foo_port, foo5
无效:foo-port, foo port, foo.port, 12
playbook定义
- hosts: webservers
vars:
http_port: 80
jinja2模板使用变量
My amp goes to {{ max_amp_value }}
template: src=foo.cfg.j2 dest={{ remote_install_path }}/foo.cfg
Jinja2 Filters
格式化数据
{{ some_variable | to_nice_json }}
{{ some_variable | to_nice_yaml }}
使用条件表达式
tasks:
- shell: /usr/bin/foo
register: result
ignore_errors: True
- debug: msg="it failed"
when: result|failed
# in most cases you'll want a handler, but if you want to do something right now, this is nice
- debug: msg="it changed"
when: result|changed
- debug: msg="it succeeded"
when: result|success
- debug: msg="it was skipped"
when: result|skipped
强制变量定义
{{ variable | mandatory }}
变量默认值
{{ some_variable | default(5) }}
变量省略值
- name: touch files with an optional mode
file: dest={{item.path}} state=touch mode={{item.mode|default(omit)}}
with_items:
- path: /tmp/foo
- path: /tmp/bar
- path: /tmp/baz
mode: "0444"
列表
# 最小值
{{ list1 | min }}
# 最大值
{{ [3, 4, 2] | max }}
# 唯一值
{{ list1 | unique }}
# 并集
{{ list1 | union(list2) }}
# 交集
{{ list1 | intersect(list2) }}
# 补集(存在list1,不存在list2)
{{ list1 | difference(list2) }}
# 对称差集 (不同时存在每个列表)
{{ list1 | symmetric_difference(list2) }}
版本比较
{{ ansible_distribution_version | version_compare('12.04', '>=') }}
# <, lt, <=, le, >, gt, >=, ge, ==, =, eq, !=, <>, ne
# 版本分析strict=True,默认值false
随机数
{{ ['a','b','c']|random }} => 'c'
{{ 59 |random}} * * * * root /script/from/cron
{{ 100 |random(step=10) }} => 70
{{ 100 |random(1, 10) }} => 31
{{ 100 |random(start=1, step=10) }} => 51
洗牌(shuffle)
{{ ['a','b','c']|shuffle }} => ['c','a','b']
{{ ['a','b','c']|shuffle }} => ['b','c','a']
其他
# 列表转字符串
{{ list | join(" ") }}
# 文件全路径
{{ path | basename }}
# 目录全路径
{{ path | dirname }}
# 用户目录(~)全路径
{{ path | expanduser }}
# link的路径
{{ path | readlink }}
# Base64加解密
{{ encoded | b64decode }}
{{ decoded | b64encode }}
# 文件的sha1sum
{{ filename | sha1 }}
bool
- debug: msg=test
when: some_string_value | bool
正则
vars:
url: "http://example.com/users/foo/resources/bar"
tasks:
- shell: "msg='matched pattern 1'"
when: url | match("http://example.com/users/.*/resources/.*")
- debug: "msg='matched pattern 2'"
when: url | search("/users/.*/resources/.*")
# convert "ansible" to "able"
{{ 'ansible' | regex_replace('^a.*i(.*)$', 'a\1') }}
# convert "foobar" to "bar"
{{ 'foobar' | regex_replace('^f.*o(.*)$', '\1') }}
- hosts: app_servers
vars:
app_path: "{{ base_path }}/22"
Facts
'''bash
ansible hostname -m setup
{{ ansible_devices.sda.model }}
{{ ansible_hostname }}
'''
Turning Off Facts
- hosts: whatever
gather_facts: no
本地facts(自定义facts)
# /etc/ansible/facts.d/preferences.fact
[general]
asdf=1
bar=2
# 命令
ansible <hostname> -m setup -a "filter=ansible_local"
# API
"ansible_local": {
"preferences": {
"general": {
"asdf" : "1",
"bar" : "2"
}
}
}
# 引用
{{ ansible_local.preferences.general.asdf }}
# 部署
- hosts: webservers
tasks:
- name: create directory for ansible custom facts
file: state=directory recurse=yes path=/etc/ansible/facts.d
- name: install custom impi fact
copy: src=ipmi.fact dest=/etc/ansible/facts.d
- name: re-read facts after adding custom fact
setup: filter=ansible_local
Fact Caching
{{ hostvars['asdf.example.com']['ansible_os_family'] }}
# /etc/ansible/ansible.cfg
[defaults]
fact_caching = redis
fact_caching_timeout = 86400
# seconds
yum install redis
service redis start
pip install redis
Registered Variables
- hosts: web_servers
tasks:
- shell: /usr/bin/foo
register: foo_result
ignore_errors: True
- shell: /usr/bin/bar
when: foo_result.rc == 5
Accessing Complex Variable Data
{{ ansible_eth0["ipv4"]["address"] }}
{{ ansible_eth0.ipv4.address }}
{{ foo[0] }}
Magic Variables, and How To Access Information About Other Hosts
{{ hostvars['test.example.com']['ansible_distribution'] }}
{% if 'webserver' in group_names %}
# some part of a configuration file that only applies to webservers
{% endif %}
{% for host in groups['app_servers'] %}
# something that applies to all app servers.
{% endfor %}
# example
{% for host in groups['app_servers'] %}
{{ hostvars[host]['ansible_eth0']['ipv4']['address'] }}
{% endfor %}
Variable File Separation
---
- hosts: all
remote_user: root
vars:
favcolor: blue
vars_files:
- /vars/external_vars.yml
tasks:
- name: this is just a placeholder
command: /bin/echo foo
---
# in the above example, this would be vars/external_vars.yml
somevar: somevalue
password: magic
Passing Variables On The Command Line
ansible-playbook release.yml --extra-vars "version=1.23.45 other_variable=foo"
#example
---
- hosts: '{{ hosts }}'
remote_user: '{{ user }}'
tasks:
- ...
ansible-playbook release.yml --extra-vars "hosts=vipers user=starbuck"
or
--extra-vars '{"pacman":"mrs","ghosts":["inky","pinky","clyde","sue"]}'
or
--extra-vars "@some_file.json"
Variable Precedence: Where Should I Put A Variable?
#组变量默认值在group_vars/all
---
# file: /etc/ansible/group_vars/all
# this is the site wide default
ntp_server: default-time.example.com
# 组变量,覆盖组默认变量
---
# file: /etc/ansible/group_vars/boston
ntp_server: boston-time.example.com
# 主机变量,覆盖组变量
---
# file: /etc/ansible/host_vars/xyz.boston.example.com
ntp_server: override.example.com
role variable precedence
---
# file: roles/x/defaults/main.yml
# if not overridden in inventory or as a parameter, this is the value that will be used
http_port: 80
# 不能覆盖默认值
---
# file: roles/x/vars/main.yml
# this will absolutely be used in this role
http_port: 80
# 使用这种方式覆盖默认值
roles:
- { name: apache, http_port: 8080 }
roles:
- { role: app_user, name: Ian }
- { role: app_user, name: Terry }
- { role: app_user, name: Graham }
- { role: app_user, name: John }
# roles/common/vars/main.yml
roles:
- { role: common_settings }
- { role: something, foo: 12 }
- { role: something_else }