摘自:http://www.ansible.com.cn/docs/playbooks_intro.html


Handlers: 在发生改变时执行的操作

(当发生改动时)’notify’ actions 会在 playbook 的每一个 task 结束时被触发,而且即使有多个不同的 task 通知改动的发生, ‘notify’ actions 只会被触发一次.

举例来说,比如多个 resources 指出因为一个配置文件被改动,所以 apache 需要重新启动,但是重新启动的操作只会被执行一次.

- name: template configuration file

  template: src=template.j2 dest=/etc/foo.conf

  notify:

     - restart memcached

     - restart apache

‘notify’ 下列出的即是 handlers.

Handlers 是由通知者进行 notify, 如果没有被 notify,handlers 不会执行.不管有多少个通知者进行了 notify,等到 play 中的所有 task 执行完成之后,handlers 也只会被执行一次.

handlers:

    - name: restart memcached

      service:  name=memcached state=restarted

    - name: restart apache

      service: name=apache state=restarted

Handlers 最佳的应用场景是用来重启服务,或者触发系统重启操作.

如果你想立即执行所有的 handler 命令,在1.2及以后的版本,你可以这样做:

tasks:

   - shell: some tasks go here

   - meta: flush_handlers

   - shell: some other tasks

在以上的例子中,任何在排队等候的 handlers 会在执行到 ‘meta’ 部分时,优先执行.这个技巧在有些时候也能派上用场.


执行一个playbook

[root@localhost ~]# ansible-playbook -h

Usage: ansible-playbook playbook.yml


Options:

  --ask-vault-pass      ask for vault password

  -C, --check           don't make any changes; instead, try to predict some

                        of the changes that may occur

  -D, --diff            when changing (small) files and templates, show the

                        differences in those files; works great with --check

  -e EXTRA_VARS, --extra-vars=EXTRA_VARS

                        set additional variables as key=value or YAML/JSON

  --flush-cache         clear the fact cache

  --force-handlers      run handlers even if a task fails

  -f FORKS, --forks=FORKS

                        specify number of parallel processes to use

                        (default=5)

  -h, --help            show this help message and exit

  -i INVENTORY, --inventory-file=INVENTORY

                        specify inventory host path

                        (default=/etc/ansible/hosts) or comma separated host

                        list.

  -l SUBSET, --limit=SUBSET

                        further limit selected hosts to an additional pattern

  --list-hosts          outputs a list of matching hosts; does not execute

                        anything else

  --list-tags           list all available tags

  --list-tasks          list all tasks that would be executed

  -M MODULE_PATH, --module-path=MODULE_PATH

                        specify path(s) to module library (default=None)

  --new-vault-password-file=NEW_VAULT_PASSWORD_FILE

                        new vault password file for rekey

  --output=OUTPUT_FILE  output file name for encrypt or decrypt; use - for

                        stdout

  --skip-tags=SKIP_TAGS

                        only run plays and tasks whose tags do not match these

                        values

  --start-at-task=START_AT_TASK

                        start the playbook at the task matching this name

  --step                one-step-at-a-time: confirm each task before running

  --syntax-check        perform a syntax check on the playbook, but do not

                        execute it

  -t TAGS, --tags=TAGS  only run plays and tasks tagged with these values

  --vault-password-file=VAULT_PASSWORD_FILE

                        vault password file

  -v, --verbose         verbose mode (-vvv for more, -vvvv to enable

                        connection debugging)

  --version             show program's version number and exit


  Connection Options:

    control as whom and how to connect to hosts


    -k, --ask-pass      ask for connection password

    --private-key=PRIVATE_KEY_FILE, --key-file=PRIVATE_KEY_FILE

                        use this file to authenticate the connection

    -u REMOTE_USER, --user=REMOTE_USER

                        connect as this user (default=None)

    -c CONNECTION, --connection=CONNECTION

                        connection type to use (default=smart)

    -T TIMEOUT, --timeout=TIMEOUT

                        override the connection timeout in seconds

                        (default=30)

    --ssh-common-args=SSH_COMMON_ARGS

                        specify common arguments to pass to sftp/scp/ssh (e.g.

                        ProxyCommand)

    --sftp-extra-args=SFTP_EXTRA_ARGS

                        specify extra arguments to pass to sftp only (e.g. -f,

                        -l)

    --scp-extra-args=SCP_EXTRA_ARGS

                        specify extra arguments to pass to scp only (e.g. -l)

    --ssh-extra-args=SSH_EXTRA_ARGS

                        specify extra arguments to pass to ssh only (e.g. -R)


  Privilege Escalation Options:

    control how and which user you become as on target hosts


    -s, --sudo          run operations with sudo (nopasswd) (deprecated, use

                        become)

    -U SUDO_USER, --sudo-user=SUDO_USER

                        desired sudo user (default=root) (deprecated, use

                        become)

    -S, --su            run operations with su (deprecated, use become)

    -R SU_USER, --su-user=SU_USER

                        run operations with su as this user (default=root)

                        (deprecated, use become)

    -b, --become        run operations with become (does not imply password

                        prompting)

    --become-method=BECOME_METHOD

                        privilege escalation method to use (default=sudo),

                        valid choices: [ sudo | su | pbrun | pfexec | doas |

                        dzdo | ksu ]

    --become-user=BECOME_USER

                        run operations as this user (default=root)

    --ask-sudo-pass     ask for sudo password (deprecated, use become)

    --ask-su-pass       ask for su password (deprecated, use become)

    -K, --ask-become-pass

                        ask for privilege escalation password

示例:

ansible-playbook playbook.yml -f 10