目录
ansible流程控制
playbook条件语句
- 使用场景
# 使用场景
1.我们使用不同的系统的时候,可以通过判断系统来对软件包进行安装。
2.在nfs和rsync安装过程中,客户端服务器不需要推送配置文件,之前我们都是写多个play,会影响效率。
3.我们在源码安装nginx的时候,执行第二遍就无法执行了,此时我们就可以进行判断是否安装过。
- 根据不同操作系统安装apache
# 注意:
· ansible_fqdn 为主机清单中指定主机名
# 官方实例
tasks:
- name: "shut down Debian flavored systems"
command: /sbin/shutdown -t now
when: ansible_facts['os_family'] == "Debian"
# note that all variables can be used directly in conditionals without double curly braces
# 操作演示:一
- hosts: web_group
tasks:
- name: Install CentOS Httpd
yum:
name: httpd
state: present
#官方
when: ansible_facts['os_family'] == "CentOS"
#非官方
when: ansible_distribution == "CentOS"
- name: Install Ubuntu Httpd
yum:
name: apache2
state: present
when: ansible_facts['os_family'] == "Ubuntu"
# 操作演示: 二
- hosts: all
tasks:
- name: Install Rsync Server
yum:
name: rsync
state: present
when: ansible_fqdn == 'backup' or ansible_fqdn == 'nfs' # 当主机位backup或者是nfs才安装
- name: Configure Rsync Conf
copy:
src: /root/ansible/rsync/rsyncd.conf
dest: /etc/rsyncd.conf
when: ansible_fqdn == 'backup' # 只有主机名为backup才能copy
- name: Install Nginx
yum:
name: nginx
state: present
when: ansible_fqdn is match 'web*' # 类似于通配符,这里指主机名为web开头的主机
# 操作演示: 三
注释:此处when信息最后是将信息结果变成int(整行)再来和6作比较
tasks:
- shell: echo "only on Red Hat 6, derivatives, and later"
when: ansible_facts['os_family'] == "RedHat" and ansible_facts['lsb']['major_release']|int >= 6
playbook循环语句
在之前的过程中,我们经常会有传送文件,创建目录之类的操作,创建2个目录就要写两个file模块来创建,如果要创建100个目录,我们需要写100个file模块???妈耶~~~~ 当然不是,只要有循环即可,减少重复性代码。
# 演示-- 启动多个服务
- hosts: web_group
tasks:
- name: start service
systemd:
name: "{{ item }}"
state: started
with_items:
- httpd
- php-fpm
- mariadb
# 演示--变量循环
- name: ensure a list of packages installed
yum:
name: "{{ packages }}"
vars:
packages:
- httpd
- httpd-tools
# 演示-- 字典循环
解释一波:item为固定值,点后面可随意命名,这里的意思是做循环下面有两个循环体,则循环两次对应就会创建两个用户
[root@m01 ~]# cat loop.yml
- hosts: web_group
tasks:
- name: Add Users
user:
name: "{{ item.name }}"
groups: "{{ item.groups }}"
state: present
with_items:
- { name: 'zls', groups: 'linux' }
- { name: 'egon', groups: 'python' }
# 演示---拷贝文件
解释一波:这里就是将三个目录都拷贝到web_gorup主机组中,分别对应不同目的地,同时进行授权操作
- hosts: web_group
tasks:
- name: copy conf and code
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
with_items:
- { src: "./httpd.conf", dest: "/etc/httpd/conf/", mode: "0644" }
- { src: "./upload_file.php", dest: "/var/www/html/", mode: "0600" }
playbook handlers (触发器)
# 什么是触发器呢???
handler用来执行某些条件下的任务,比如当配置文件发生变化的时候,通过notify触发handler去重启服务。
在saltstack中也有类似的触发器,写法相对Ansible简单,只需要watch,配置文件即可。
# 注意:
注意:
1.无论多少个task通知了相同的handlers,handlers仅会在所有tasks结束后运行一次。
2.Handlers只有在其所在的任务被执行时,才会被运行;如果一个任务中定义了notify调用Handlers,但是由于条件判断等原因,该任务未被执行,那么Handlers同样不会被执行。
3.Handlers只会在每一个play的末尾运行一次;如果想在一个playbook中间运行Handlers,则需要使用meta模块来实现。例如: -meta: flush_handlers。
4.如果一个play在运行到调用Handlers的语句之前失败了,那么这个Handlers将不会被执行。我们可以使用meta模块的--force-handlers选项来强制执行Handlers,即使Handlers所在的play中途运行失败也能执行。
5.不能使用handlers替代tasks
是不是发现有点难以理解???没错确实是这样!!!
我来说点通俗易懂的,首次执行脚本,触发器是不会被触发的,当第二次或者多次执行时,如果页面还出现了黄色提示,那么说明信息有变动,那么就要看你的触发信息有没有写在黄色提示这一块,如果写了,那么触发对应值,如果没有写,那么就算黄色,也只是黄色。。。。。
# 操作演示
[root@m01 ~]# cat handler.yml
- hosts: web_group
vars:
- http_port: 8080
tasks:
- name: Install Http Server
yum:
name: httpd
state: present
- name: config httpd server
template:
src: ./httpd.j2
dest: /etc/httpd/conf
notify:
- Restart Httpd Server # 若执行剧本为黄色变化,则执行触发器名
- Restart PHP Server # 若执行剧本为黄色变化,则执行触发器名
- name: start httpd server
service:
name:httpd
state: started
enabled: yes
handlers: # 触发值
- name: Restart Httpd Server # 若上面触发器名和此处对应,则执行此处信息
systemd:
name: httpd
state: restarted
- name: Restart PHP Server # 若上面触发器名和此处对应,则执行此处信息
systemd:
name: php-fpm
state: restarted
playbook任务标签
# 标签存在意义
默认情况下,Ansible在执行一个playbook时,会执行playbook中定义的所有任务,Ansible的标签(tag)功能可以给单独任务甚至整个playbook打上标签,然后利用这些标签来指定要运行playbook中的个别任务,或不执行指定的任务。
# 打标签方式
1.对一个task打一个标签
2.对一个task打多个标签
3.对多个task打一个标签
# 打完标签如何使用
-t:执行指定的tag标签任务
--skip-tags:执行--skip-tags之外的标签任务
# 操作演示--使用tag
[root@m01 m01]# cat tag.yml
- hosts: web_group
vars:
- http_port: 8080
tasks:
- name: Install Http Server
yum:
name: httpd
state: present
tags:
- install_httpd
- httpd_server
- name: configure httpd server
template:
src: ./httpd.j2
dest: /etc/httpd/conf/httpd.conf
notify: Restart Httpd Server
tags:
- config_httpd
- httpd_server
- name: start httpd server
service:
name: httpd
state: started
enabled: yes
tags: service_httpd
handlers:
- name: Restart Httpd Server
systemd:
name: httpd
state: restarted
[root@m01 m01]# ansible-playbook tag.yml --list-tags
[root@m01 m01]# ansible-playbook tag.yml -t httpd_server
[root@m01 m01]# ansible-playbook tag.yml -t install_httpd,confiure_httpd
[root@m01 m01]# ansible-playbook tag.yml --skip-tags httpd_server
playbook文件复用
# 使用好处
在之前写playbook的过程中,我们发现,写多个playbook没有办法,一键执行,这样我们还要单个playbook挨个去执行,很鸡肋。所以在playbook中有一个功能,叫做include用来动态调用task任务列表。
# 说明
只调用task:include_tasks
调用整个task文件:include (新版本:import_playbook)
在saltstack中,叫做top file入口文件。
# 示例一:
[root@m01 m01]# cat task.yml # 只需要执行这一个文件,也就执行了下面三个文件
- hosts: web_group
vars:
- http_port: 8080
tasks:
- include_tasks: task_install.yml
- include_tasks: task_configure.yml
- include_tasks: task_start.yml
handlers:
- name: Restart Httpd Server
systemd:
name: httpd
state: restarted
[root@m01 m01]# cat task_install.yml
- name: Install Http Server
yum:
name: httpd
state: present
[root@m01 m01]# cat task_configure.yml
- name: configure httpd server
template:
src: ./httpd.j2
dest: /etc/httpd/conf/httpd.conf
notify: Restart Httpd Server
[root@m01 m01]# cat task_start.yml
- name: start httpd server
service:
name: httpd
state: started
enabled: yes
# 新版本方法:
- import_playbook: httpd.yml
- import_playbook: nfs.yml
- import_playbook: rsync.yml
# 老版本方法:
- include: httpd.yml
- include: nfs.yml
- include: rsync.yml
playbook错误忽略
# 当执行剧本时,当有一个错误过不去,下面的任务也无法执行,使用错误忽略可对错误不管,继续执行
[root@m01 ~]# cat ignore.yml
---
- hosts: web_group
tasks:
- name: Ignore False
command: /bin/false
ignore_errors: yes # 加多此行信息即为对此信息忽略
- name: touch new file
file:
path: /tmp/zls.txt
state: touch
playbook错误处理
如上所述,当task执行失败时,playbook将不再继续执行,包括如果在task中设置了handler也不会被执行。
但是我们可以采取强制措施...
# 强制调用handlder
[root@m01 ~]# cat handler.yml
- hosts: web_group
vars:
- http_port: 8080
force_handlers: yes
tasks:
- name: config httpd server
template:
src: ./httpd.j2
dest: /etc/httpd/conf
notify:
- Restart Httpd Server
- Restart PHP Server
- name: Install Http Server
yum:
name: htttpd
state: present
- name: start httpd server
service:
name:httpd
state: started
enabled: yes
handlers:
- name: Restart Httpd Server
systemd:
name: httpd
state: restarted
- name: Restart PHP Server
systemd:
name: php-fpm
state: restarted
抑制changed
# 被管理主机没有发生变化,可以使用参数将change状态改为ok
[root@m01 ~]# cat handler.yml
- hosts: web_group
vars:
- http_port: 8080
force_handlers: yes
tasks:
- name: shell
shell: netstat -lntup|grep httpd
register: check_httpd
changed_when: false
- name: debug
debug: msg={{ check_httpd.stdout.lines }}
-----------------------------------
[root@m01 project2]# cat changed_when.yml
- hosts: webservers
vars:
- http_port: 8080
tasks:
- name: configure httpd server
template:
src: ./httpd.j2
dest: /etc/httpd/conf/httpd.conf
notify: Restart Httpd Server
- name: Check HTTPD
shell: /usr/sbin/httpd -t
register: httpd_check
changed_when:
- httpd_check.stdout.find('OK')
- false
- name: start httpd server
service:
name: httpd
state: started
enabled: yes
handlers:
- name: Restart Httpd Server
systemd:
name: httpd
state: restarted