在ansible中支持条件判断,这使我们操作更加灵活
使用when进行条件测试
示例1:
将 testservers 组中的其中一台主机上的 httpd 服务卸载掉,另外主机不卸载
[root@node1 ansible]# ansible testservers -m shell -a 'rpm -q httpd' 192.168.100.131 | success | rc=0 >> httpd-2.2.15-29.el6.centos.x86_64 192.168.100.132 | success | rc=0 >> httpd-2.2.15-47.el6.centos.3.x86_64 [root@node1 ansible]# cat http.yml - hosts: testservers remote_user: root tasks: - name: uninstall httpd service yum: name=httpd state=absent when: ansible_nodename == "v2.lansgg.com" [root@node1 ansible]# ansible-playbook http.yml PLAY [testservers] ************************************************************ GATHERING FACTS *************************************************************** ok: [192.168.100.131] ok: [192.168.100.132] TASK: [uninstall httpd service] *********************************************** skipping: [192.168.100.132] changed: [192.168.100.131] PLAY RECAP ******************************************************************** 192.168.100.131 : ok=2 changed=1 unreachable=0 failed=0 192.168.100.132 : ok=1 changed=0 unreachable=0 failed=0 [root@node1 ansible]# ansible testservers -m shell -a 'rpm -q httpd' 192.168.100.132 | success | rc=0 >> httpd-2.2.15-47.el6.centos.3.x86_64 192.168.100.131 | FAILED | rc=1 >> package httpd is not installed [root@node1 ansible]#
示例2:
也可以使用 or 进行 或 判断,这里将组内的两台主机的 httpd 服务都卸载,
[root@node1 ansible]# ansible testservers -m shell -a 'rpm -q httpd' 192.168.100.132 | success | rc=0 >> httpd-2.2.15-47.el6.centos.3.x86_64 192.168.100.131 | success | rc=0 >> httpd-2.2.15-29.el6.centos.x86_64 [root@node1 ansible]# cat http.yml - hosts: testservers remote_user: root tasks: - name: uninstall httpd service yum: name=httpd state=absent when: (ansible_nodename == "v2.lansgg.com") or ( ansible_all_ipv4_addresses[0] == '192.168.100.132') [root@node1 ansible]# ansible-playbook http.yml PLAY [testservers] ************************************************************ GATHERING FACTS *************************************************************** ok: [192.168.100.131] ok: [192.168.100.132] TASK: [uninstall httpd service] *********************************************** changed: [192.168.100.131] changed: [192.168.100.132] PLAY RECAP ******************************************************************** 192.168.100.131 : ok=2 changed=1 unreachable=0 failed=0 192.168.100.132 : ok=2 changed=1 unreachable=0 failed=0 [root@node1 ansible]# ansible testservers -m shell -a 'rpm -q httpd' 192.168.100.131 | FAILED | rc=1 >> package httpd is not installed 192.168.100.132 | FAILED | rc=1 >> package httpd is not installed [root@node1 ansible]#
保存结果
几乎所有的模块都是会outputs一些东西,甚至debug模块也会.大多数我们会使用的结果变量是changed.这个changed变量决定 了是否要直接handlers和输出的颜色是什么.然而,结果变量还有其他的用途,譬如我需要保存我的结果变量,然后在我们的playbook的其他地方使用.
示例:
分别在一台主机上创建一个目录,另外主机不存在此目录,根据此目录的存在情况,做出不同操作
[root@node1 ansible]# ansible testservers -m shell -a 'ls -l /nono' 192.168.100.131 | success | rc=0 >> total 0 192.168.100.132 | FAILED | rc=2 >> ls: cannot access /nono: No such file or directory [root@node1 ansible]# cat re.yml - hosts: testservers remote_user: root tasks: - name: ls /nono shell: /bin/ls /nono register: result ignore_errors: True - name: test result copy: content="ok" dest=/tmp/test when: result.rc == 0 - name: test no result copy: content="no ok" dest=/tmp/test when: result.rc != 0 [root@node1 ansible]# ansible-playbook re.yml PLAY [testservers] ************************************************************ GATHERING FACTS *************************************************************** ok: [192.168.100.131] ok: [192.168.100.132] TASK: [ls /nono] ************************************************************** changed: [192.168.100.131] failed: [192.168.100.132] => {"changed": true, "cmd": "/bin/ls /nono", "delta": "0:00:00.004437", "end": "2016-03-02 12:56:55.409736", "rc": 2, "start": "2016-03-02 12:56:55.405299", "warnings": []} stderr: /bin/ls: cannot access /nono: No such file or directory ...ignoring TASK: [test result] *********************************************************** skipping: [192.168.100.132] ok: [192.168.100.131] TASK: [test no result] ******************************************************** skipping: [192.168.100.131] ok: [192.168.100.132] PLAY RECAP ******************************************************************** 192.168.100.131 : ok=3 changed=1 unreachable=0 failed=0 192.168.100.132 : ok=3 changed=1 unreachable=0 failed=0 [root@node1 ansible]# ansible testservers -m shell -a 'ls -l /tmp/test' 192.168.100.131 | success | rc=0 >> -rw-r--r-- 1 root root 2 Mar 2 12:55 /tmp/test 192.168.100.132 | success | rc=0 >> -rw-r--r-- 1 root root 5 Mar 2 12:55 /tmp/test [root@node1 ansible]# ansible testservers -m shell -a 'cat /tmp/test' 192.168.100.131 | success | rc=0 >> ok 192.168.100.132 | success | rc=0 >> no ok [root@node1 ansible]#
ansible 中的循环操作:
当有需要重复性执行的任务时,可以使用迭代机制,格式为:将需要迭代的内容定义为Item变量引用,并通过with_items 语句来指明迭代的元素列表即可
示例1、
在 testservers 组中一台主机上安装lamp
[root@node1 ansible]# cat item.yml - hosts: testservers remote_user: root tasks: - name: yum install lamp yum: name=`item` state=present with_items: - httpd - mysql-server - php when: (ansible_nodename == "v2.lansgg.com") [root@node1 ansible]#
上面的语句等同于:
- hosts: testservers remote_user: root tasks: - name: install httpd yum: name=httpd state=present when: (ansible_nodename == "v2.lansgg.com") - name: install mysql-server yum: name=mysql-server state=present when: (ansible_nodename == "v2.lansgg.com") - name: install php yum: name=php state=present when: (ansible_nodename == "v2.lansgg.com")
上面的语句 hash 方式编写也可以,等同于如下:
- hosts: testservers remote_user: root tasks: - name: install httpd yum: name=`item`.`name` state=`item`.`state` when: (ansible_nodename == "v2.lansgg.com") with_items: - {name: 'httpd', state: 'present'} - {name: 'mysql-server', state: 'present'} - {name: 'php', state: 'present'}
开始执行:
[root@node1 ansible]# ansible-playbook item.yml PLAY [testservers] ************************************************************ GATHERING FACTS *************************************************************** ok: [192.168.100.131] ok: [192.168.100.132] TASK: [yum install lamp] ****************************************************** skipping: [192.168.100.132] changed: [192.168.100.131] => (item=httpd,mysql-server,php) PLAY RECAP ******************************************************************** 192.168.100.131 : ok=2 changed=1 unreachable=0 failed=0 192.168.100.132 : ok=1 changed=0 unreachable=0 failed=0
ansible 的 tags 功能
ansible的playbool中有一个关键字,叫做tags。tags是什么?就是打标签。tags可以和一个play(就是很多个task)或者一 个task进行捆绑。然后,ansible-playbook提供了“--skip-tags”和“--tags” 来指明是跳过特定的tags还是执行特定的tags。
示例 1、
[root@node1 ansible]# cat tag.yml - hosts: testservers remote_user: root tasks: - name: echo A1 command: echo A1 tags: - A1 - name: echo A2 command: echo A2 tags: - A2 - name: echo A3 command: echo A3 tags: - A3
当执行 ansible-playbook tag.yml --tags="A1,A3 ,则只会执行A1和A3的echo命令。
如下:
[root@node1 ansible]# ansible-playbook tag.yml --tags="A1,A3" PLAY [testservers] ************************************************************ GATHERING FACTS *************************************************************** ok: [192.168.100.131] ok: [192.168.100.132] TASK: [echo A1] *************************************************************** changed: [192.168.100.131] changed: [192.168.100.132] TASK: [echo A3] *************************************************************** changed: [192.168.100.131] changed: [192.168.100.132] PLAY RECAP ******************************************************************** 192.168.100.131 : ok=3 changed=2 unreachable=0 failed=0 192.168.100.132 : ok=3 changed=2 unreachable=0 failed=0
当执行 ansible-playbook tag.yml --skip-tags="A2" ,同样只会执行 A1和A3的echo命令。
如下:
[root@node1 ansible]# ansible-playbook tag.yml --skip-tags="A2" PLAY [testservers] ************************************************************ GATHERING FACTS *************************************************************** ok: [192.168.100.131] ok: [192.168.100.132] TASK: [echo A1] *************************************************************** changed: [192.168.100.132] changed: [192.168.100.131] TASK: [echo A3] *************************************************************** changed: [192.168.100.131] changed: [192.168.100.132] PLAY RECAP ******************************************************************** 192.168.100.131 : ok=3 changed=2 unreachable=0 failed=0 192.168.100.132 : ok=3 changed=2 unreachable=0 failed=0
示例 2 、
我们安装 httpd 服务的流程为 安装服务、copy文件、启动服务、如果配置有变化就重启服务,
[root@node1 ansible]# cat http.yml - hosts: testservers remote_user: root tasks: - name: install httpd package yum: name=httpd state=present - name: start httpd service service: name=httpd enabled=true state=started - name: copy config file copy: src=httpd.conf dest=/etc/httpd/conf/httpd.conf notify: restart httpd service tags: - modify handlers: - name: restart httpd service service: name=httpd state=restarted [root@node1 ansible]#
当我们的配置文件有修改的时候,可以指定tags,这样就会只执行copy config file 任务,前面就不会再执行
结果如下:
[root@node1 ansible]# ansible-playbook http.yml --tags=modify PLAY [testservers] ************************************************************ GATHERING FACTS *************************************************************** ok: [192.168.100.131] ok: [192.168.100.132] TASK: [copy config file] ****************************************************** changed: [192.168.100.131] changed: [192.168.100.132] NOTIFIED: [restart httpd service] ********************************************* changed: [192.168.100.131] changed: [192.168.100.132] PLAY RECAP ******************************************************************** 192.168.100.131 : ok=3 changed=2 unreachable=0 failed=0 192.168.100.132 : ok=3 changed=2 unreachable=0 failed=0
特殊 tags
系统中内置的特殊tags:
always、tagged、untagged、all 是四个系统内置的tag,有自己的特殊意义
always: 指定这个tag 后,task任务将永远被执行,而不用去考虑是否使用了--skip-tags标记
tagged: 当 --tags 指定为它时,则只要有tags标记的task都将被执行,--skip-tags效果相反
untagged: 当 --tags 指定为它时,则所有没有tag标记的task 将被执行,--skip-tags效果相反
all: 这个标记无需指定,ansible-playbook 默认执行的时候就是这个标记.所有task都被执行