参考:http://www.zsythink.net/archives/2641
tags
tags可以给剧本中的任务打标签,当任务存在标签时,可以在执行playbook时指定执行哪些任务,或者指定不执行哪些任务
[root@localhost ~]#vim test.yml
---
- hosts: B
remote_user: root
tasks:
- name: task1
file: path=/data/f1 state=touch
tags: t1
- name: task2
file: path=/data/f2 state=touch
tags: t2
- name: task3
file: path=/data/f3 state=touch
tags: t3
执行指定的tags
[root@localhost ~]#ansible-playbook --tags=t2 test.yml
执行不执行哪些tags
[root@localhost ~]#ansible-playbook --skip-tags=t2 test.yml
不同的任务可以使用相同的标签
[root@localhost ~]#vim test.yml
---
- hosts: B
remote_user: root
tasks:
- name: task1
file: path=/data/f1 state=touch
tags: t1
- name: task2
file: path=/data/f2 state=touch
tags: t1
- name: task3
file: path=/data/f3 state=touch
tags: t3
可以把tags写在paly中,此时所有tasks会继承当前play中的tags
---
- hosts: B
remote_user: root
tags: t1
tasks:
- name: task1
file: path=/data/f1 state=touch
- name: task2
file: path=/data/f2 state=touch
- name: task3
file: path=/data/f3 state=touch
可以查看一个playbook中有哪线tags
[root@localhost ~]#ansible-playbook --list-tags test.yml
特殊tags
always:
never:
tagged:只执行有标签的任务,没有任何标签的任务不执行
untagged:只执行没有标签的任务,但是always标签对应的任务会被执行
all:
当tags的值为always时,这个任务总是会被执行,除非使用--skip-tags=always指明
[root@localhost ~]#ansible-playbook --skip-tags=always test.yml
如果play中存在多个always标签,--skip-tags=always会导致所有always标签不执行。可以给一个tasks指定多个tags
[root@localhost ~]#vim test.yml
---
- hosts: B
remote_user: root
tasks:
- name: task1
file: path=/data/f1 state=touch
tags: t1
- name: task2
file: path=/data/f2 state=touch
tags: t2,always
- name: task3
file: path=/data/f3 state=touch
tags: always,t3
如果--skip-tags=always会导致task2,task3都不执行,使用以下命令会执行task1和task2
[root@localhost ~]#ansible-playbook --skip-tags=t3 test.yml
自定义变量
变量名应该以字母,数字,下划线组成。变量名需要以字母开头并且不能时ansible内置关键字
[root@localhost ~]#vim test.yml
---
- hosts: B
remote_user: root
vars: #定义变量关键字
testvar1: f1 #定义变量。testvar1为变量名,f1为值
testvar2: f2
tasks:
- name: task1
file: path=/data/{{testvar1}} state=touch #引用变量要放在{{}}中。空格可有可无
- name: task2
file: path=/data/{{ testvar2 }} state=touch
可以给变量定义属性,变量意义更直观
[root@localhost ~]#vim test.yml
---
- hosts: B
remote_user: root
vars:
nginx:
conf80: /etc/nginx/conf.d/80.conf
conf8080: /etc/nginx/conf.d/8080.conf
tasks:
- name: task1
file: path={{nginx.conf80}} state=touch
- name: task2
file: path={{ nginx.conf8080 }} state=touch
setup模块
使用setup模块查看被控主机上的变量
[root@localhost ~]#ansible B -m setup
过滤变量
[root@localhost ~]#ansible B -m setup -a "filter=*ipv4*" #支持通配符
注册变量
ansible的模块在运行后,会有一些返回值。在默认情况下,这些返回值不会显示,可以把返回值写道变量中,通过引用对应的变量显示返回值。这叫做注册变量
[root@localhost ~]#vim test1.yml
---
- hosts: B
remote_user: root
tasks:
- name: test shell
shell: echo test > /data/testfile
register: testvar #使用register关键字把shell模块的返回值赋值给testvar变量
- name: shell module return values
debug: var=testvar #输出变量的值
[root@localhost ~]#ansible-playbook test1.yml
PLAY [B] **********************************************************************************************************
TASK [Gathering Facts] ********************************************************************************************
ok: [192.168.91.132]
TASK [test shell] *************************************************************************************************
changed: [192.168.91.132]
TASK [shell module return values] *********************************************************************************
ok: [192.168.91.132] => {
"testvar": {
"changed": true,
"cmd": "echo test > /data/testfile",
"delta": "0:00:00.003023",
"end": "2019-05-30 14:57:23.295977",
"failed": false,
"rc": 0,
"start": "2019-05-30 14:57:23.292954",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
}
PLAY RECAP ********************************************************************************************************
192.168.91.132 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
如果只想获取返回值中的某一特定值
[root@localhost ~]#vim test1.yml
---
- hosts: B
remote_user: root
tasks:
- name: test shell
shell: echo test > /data/testfile
register: testvar
- name: shell module return values
debug: msg={{ testvar.cmd }}
[root@localhost ~]#ansible-playbook test1.yml
PLAY [B] **********************************************************************************************************
TASK [Gathering Facts] ********************************************************************************************
ok: [192.168.91.132]
TASK [test shell] *************************************************************************************************
changed: [192.168.91.132]
TASK [shell module return values] *********************************************************************************
ok: [192.168.91.132] => {
"msg": "echo test > /data/testfile"
}
PLAY RECAP ********************************************************************************************************
192.168.91.132 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
常见返回值
https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html
https://docs.ansible.com/ansible/2.4/shell_module.html
提示用户输入信息并写入变量
在playbook中实现交互
[root@localhost ~]#vim test1.yml
---
- hosts: B
remote_user: root
vars_prompt: #关键字
- name: your_name #变量名
prompt: what is your name #提示信息
- name: your_age #变量名
prompt: how ole are you #提示信息
tasks:
- name: output vars
debug: msg="your name is {{ your_name }},your age is {{ your_age }}" #输出信息
[root@localhost ~]#ansible-playbook test1.yml
what is your name:
how ole are you:
PLAY [B] **********************************************************************************************************
TASK [Gathering Facts] ********************************************************************************************
ok: [192.168.91.132]
TASK [output vars] ************************************************************************************************
ok: [192.168.91.132] => {
"msg": "your name is kej,your age is 20"
}
PLAY RECAP ********************************************************************************************************
192.168.91.132 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost ~]#vim test1.yml
---
- hosts: B
remote_user: root
vars_prompt:
- name: your_name
prompt: what is your name
private: no #输入信息显示,默认不显示
- name: your_age
prompt: how ole are you
private: no
tasks:
- name: output vars
debug: msg="your name is {{ your_name }},your age is {{ your_age }}"
[root@localhost ~]#ansible-playbook test1.yml
what is your name: kej
how ole are you: 20
可以给提示信息设定默认值
[root@localhost ~]#vim test1.yml
---
- hosts: B
remote_user: root
vars_prompt:
- name: solution
prompt: "Choose the solution you want \nA: solutionA\nB: solutionB\nC: solutionC\n"
private: no
default: A #设定默认值
tasks:
- name: output vars
debug: msg="The final solution is {{solution}}."
[root@localhost ~]#ansible-playbook test1.yml
Choose the solution you want
A: solutionA
B: solutionB
C: solutionC
[A]:
PLAY [B] **********************************************************************************************************
TASK [Gathering Facts] ********************************************************************************************
ok: [192.168.91.132]
TASK [output vars] ************************************************************************************************
ok: [192.168.91.132] => {
"msg": "The final solution is A."
}
PLAY RECAP ********************************************************************************************************
192.168.91.132 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
创建用户
[root@localhost ~]#vim test1.yml
---
- hosts: B
remote_user: root
vars_prompt:
- name: user_name #变量名
prompt: enter user name #提示信息。收到信息后会把信息存到上面定义的变量中
private: no
- name: password
prompt: enter password
private: no
encrypt: sha512_crypt #密码加密算法
confirm: yes #关键字,输入两次密码
tasks:
- name: create user
user: name={{ user_name }} password={{ password }}
[root@localhost ~]#ansible-playbook test1.yml
enter user name: zzc
enter password: 122333
confirm enter password: 122333
PLAY [B] **********************************************************************************************************
TASK [Gathering Facts] ********************************************************************************************
ok: [192.168.91.132]
TASK [create user] ************************************************************************************************
changed: [192.168.91.132]
PLAY RECAP ********************************************************************************************************
192.168.91.132 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
通过命令行传递变量
可以在执行playbook时在命令行传递变量
[root@localhost ~]#vim test1.yml
---
- hosts: B
remote_user: root
tasks:
- name: touch file
file: name={{ file }} state=touch
[root@localhost ~]#ansible-playbook --extra-vars|-e "file=/data/f1" test1.yml
传递多个变量,用空格分隔
[root@localhost ~]#ansible-playbook --extra-vars "file=/data/f1 file2=/data/f2" test1.yml
注意:命令行传递的变量优先级高于在playbook中定义的变量。
在主机清单中定义变量
192.168.91.132 testvar=nodeB
[root@localhost ~]#ansible 192.168.91.132 -m shell -a "echo {{ testvar }}"
192.168.91.132 | CHANGED | rc=0 >>
nodeB
配置组变量
[B]
192.168.91.132
192.168.91.137
[B:vars]
testvar1=var1
testvar2=var2
[root@localhost ~]#ansible B -m shell -a "echo {{ testvar1 }}"
192.168.91.132 | CHANGED | rc=0 >>
var1
192.168.91.137 | CHANGED | rc=0 >>
var1
通过set_fact模块定义变量
[root@localhost ~]#vim test1.yml
---
- hosts: B
remote_user: root
tasks:
- set_fact: testvar=kejkej
- name: test
debug: msg={{ testvar }}
通过set_fact定义的变量可以传递给同一个playbook中的不同的play
[root@localhost ~]#vim test1.yml
---
- hosts: B
remote_user: root
vars:
testvar1: tv1
tasks:
- set_fact: testvar2=tv2
- debug: msg={{testvar1}}-----{{testvar2}}
- hosts: B
remote_user: root
tasks:
- debug: msg={{testvar2}}
- debug: msg={{ testvar1 }}
执行playbook,发现第一个play成功执行,第二个play中第一个debug成功执行,第二个debug报错,提示说变量testvar1没有定义。
注册变量也可以传递给不同的play引用
[root@localhost ~]#vim test2.yml
---
- hosts: B
remote_user: root
vars:
testvar1: tv1
tasks:
- shell: echo tv2
register: testvar2
- hosts: B
remote_user: root
tasks:
- debug: msg={{testvar2}}
- debug: msg={{ testvar1 }}
include_vars模块
为了多个playbook可以引用相同的变量,可以定义一个变量文件,在palybook中指明变量文件引用变量
注意:变量文件要以.yml或者.yaml为后缀,不要使用vars关键字,直接定义变量。
[root@localhost ~]#vim nginx.yml
nginx:
conf80: /etc/nginx/conf.d/80.conf
conf8080: /etc/nginx/conf.d/8080.conf
[root@localhost ~]#vim test.yml
---
- hosts: B
remote_user: root
vars_files:
- /root/nginx.yml #可以引用多个变量文件,每个文件以-开头
tasks:
- name: task1
file: path={{nginx.conf80}} state=touch
- name: task2
file: path={{ nginx.conf8080 }} state=touch
当playbook执行中变量文件发生改变。ansible不会立即加载新的变量文件
[root@localhost ~]#vim test.yml
---
- hosts: 192.168.91.139
remote_user: root
vars_files:
- /root/nginx.yml
tasks:
- file: path={{nginx.conf80}} state=touch
- file: path={{nginx.conf8080}} state=touch
- lineinfile:
path: /root/nginx.yml
line: " conf9999: /etc/nginx/conf.d/9999.conf"
- file: path={{nginx.conf9999}} state=touch #执行失败,因为变量没有赋值
[root@localhost ~]#vim test.yml
---
- hosts: 192.168.91.139 #ansible本机
remote_user: root
vars_files:
- /root/nginx.yml
tasks:
- file: path={{nginx.conf80}} state=touch
- file: path={{nginx.conf8080}} state=touch
- lineinfile:
path: /root/nginx.yml
line: " conf9999: /etc/nginx/conf.d/9999.conf"
- include_vars: /root/nginx.yml #重新加载变量文件
- file: path={{nginx.conf9999}} state=touch