【运维知识进阶篇】Ansible变量详解(变量定义+变量优先级+变量注册+层级定义变量+facts缓存变量)
本篇文章详细给大家介绍Ansible变量,变量适合管理剧本中每个项目的动态值,或是某些值在多个地方重复使用,如果将此值设置为变量再在其他地方调用会方便许多。会用变量,才算真正会用Ansible,话不多说,直接开始!
变量定义
在测试情况下,可以在命令行中定义变量;当变量较少,不会被其他剧本调用的情况下,可以在剧本头部进行定义;当有较多playbook调用时,可以在文件中定义变量;也可以通过主机清单中定义变量,但是一般不推荐;也可以采取官方推荐的定义方式。一共四种定义方式。
1、命令行定义变量
主机清单的变量会被剧本文件的方式覆盖,这两种方式的变量又会被命令行定义的方式覆盖,命令行可以使用--extra-vars或者-e设置变量
[root@Ansible test]# cat test.yml
- hosts: web_group
tasks:
- name: install httpd server
yum:
name: "{{ web_server }}"
[root@Ansible test]# ansible-playbook test.yml -e "web_server=vsftpd" #定义变量并运行
[root@Ansible test]# cat test.yml
- hosts: web_group
tasks:
- name: install httpd server
yum:
name:
- "{{ web_server }}"
- "{{ db_server }}"
[root@Ansible test]# ansible-play test.yml -e "web_server=vsftpd" -e "db_server=mariadb-server" #定义多个变量并运行2、剧本头部进行定义
#1、将一个列表定义在一个变量中
[root@Ansible test]# cat test.yml
- hosts: web_group
vars:
packages:
- httpd
- mariadb-server
- php
- php-mysql
- php-pdo
tasks:
- name: install httpd ....
yum:
name: "{{ packages }}"
#2、以列表的形式,一个内容定义一个变量
[root@Ansible test]# cat test.yml
- hosts: web_group
vars:
- web_server: httpd
- db_server: mariadb-server
- php_server: php,php-mysql,php-pdo
tasks:
- name: install httpd ....
yum:
name:
- "{{ web_server }}"
- "{{ db_server }}"
- "{{ php_server }}"
#3、以列表形式,多个内容由多个变量定义,最后拼接调用
[root@Ansible test]# cat test.yml
- hosts: web_group
vars:
- ngx_ver: 1.1
- ngx_dir: web
tasks:
- name: touch
file:
name: /tmp/{{ ngx_dir }}_{{ ngx_ver }}
state: touch
#获取并调用Ansible内置变量
[root@Ansible test]# cat test.yml
- hosts: web_group
vars:
- remote_ip: "{{ ansible_default_ipv4['address'] }}"
- remote_hostname: "{{ ansible_fqdn }}"
tasks:
- name: touch ip file
file:
path: /root/{{ remote_ip }}
state: touch
- name: touch hostname file
file:
path: /root/{{ remote_hostname }}
state: touch3、文件中定义变量
剧本头部定义变量的缺陷是只能当前变量使用,其他文件无法调用该变量文件,我们可以在文件中定义变量解决这个问题。
[root@Ansible test]# cat vars1.yml
web_server: httpd
[root@Ansible test]# cat vars2.yml
db_server: mariadb-server
[root@Ansible test]# cat test.yml #调用一个文件一个变量
- hosts: web_group
vars_files: vars1.yml
tasks:
- name: install httpd mariadb
yum:
name: "{{ web_server }}"
[root@Ansible test]# cat test.yml #调用多个文件多个变量
- hosts: web_group
vars_files:
- vars1.yml
- vars2.yml
tasks:
- name: install httpd mariadb
yum:
name:
- "{{ web_server }}"
- "{{ db_server }}"4、主机清单定义变量
在主机清单中定义变量,主机的变量要高于主机组的变量,所以该方法不推荐使用,容易将环境弄乱。
[root@Ansible test]# vim /etc/ansible/hosts
[web_group]
web01 ansible_ssh_host=10.0.0.7
web02 ansible_ssh_host=10.0.0.8
[web_group:vars]
web_server=httpd
index_file=index.html
- hosts: web_group
tasks:
- name: Install httpd Server
yum:
name: "{{ web_server }}"
- name: Create Index File
file:
path: /tmp/{{ index_file }}
state: touch 5、官方推荐定义变量
创建group_vars目录,在里面创建以组名命名的文件给组定义变量,想对所有主机进行定义使用组下面的all进行定义;
[root@Ansible test]# mkdir group_vars
[root@Ansible test]# cat group_vars/web_group
web_server: httpd
[root@Ansible test]# cat test.yml
- hosts: web_group
tasks:
- name: install httpd server
yum:
name: "{{ web_server }}"创建host_vars目录,在里面创建以主机别名命名的文件给主机定义变量。
[root@Ansible test]# mkdir host_vars
[root@Ansible test]# cat host_vars/web01
web_server: nginx
[root@Ansible test]# cat test.yml
- hosts: web_group
tasks:
- name: install httpd server
yum:
name: "{{ web_server }}"变量优先级
变量读取优先级命令行>playbook文件>主机列表文件
注意:尽量使用一种定义变量的方式进行定义,太乱了不容易操作
变量注册
Ansible模块运行时,都会返回一些result结果,类似于执行脚本,我们需要获取这些结果,判断上一步是否执行成功,默认情况下,Ansible的result并不会显示出来,所以,我们可以吧这些返回值储存到变量之中,通过调用对应的变量名,获取这些result。这种将模块的返回值写入到变量的方法叫做变量注册。
[root@Ansible test]# cat test.yml
- hosts: web_group
tasks:
- name: test register vars
shell: "ls -l /"
[root@Ansible test]# ansible-playbook test.yml
PLAY [web_group] ***************************************************************
TASK [Gathering Facts] *********************************************************
ok: [web01]
ok: [web02]
TASK [test register vars] ******************************************************
changed: [web02]
changed: [web01]
PLAY RECAP *********************************************************************
web01 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
web02 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 当我们执行这个命令时,并不会给我们返回结果,只会返回changed是否改变,这时我们使用变量注册
[root@Ansible test]# cat test.yml
- hosts: web_group
tasks:
- name: test register vars
shell: "ls -l /"
register: list_dir
- name: return result
debug:
msg: "{{ list_dir }}"
[root@Ansible test]# ansible-playbook test.yml
PLAY [web_group] ***************************************************************
TASK [Gathering Facts] *********************************************************
ok: [web01]
ok: [web02]
TASK [test register vars] ******************************************************
changed: [web02]
changed: [web01]
TASK [return result] ***********************************************************
ok: [web01] => {
"msg": {
"changed": true,
"cmd": "ls -l /",
"delta": "0:00:00.073085",
"end": "2023-04-19 17:30:57.892956",
"failed": false,
"rc": 0,
"start": "2023-04-19 17:30:57.819871",
"stderr": "",
"stderr_lines": [],
"stdout": "total 24\nlrwxrwxrwx. 1 root root 7 Mar 29 18:30 bin -> usr/bin\ndr-xr-xr-x. 5 root root 4096 Mar 29 18:41 boot\ndrwxr-xr-x 6 www www 71 Apr 19 08:29 code\ndrwxr-xr-x 19 root root 3200 Apr 18 22:37 dev\ndrwxr-xr-x. 90 root root 8192 Apr 19 17:20 etc\ndrwxr-xr-x. 2 root root 6 Apr 11 2018 home\nlrwxrwxrwx. 1 root root 7 Mar 29 18:30 lib -> usr/lib\nlrwxrwxrwx. 1 root root 9 Mar 29 18:30 lib64 -> usr/lib64\ndrwxr-xr-x. 2 root root 6 Apr 11 2018 media\ndrwxr-xr-x. 2 root root 6 Apr 11 2018 mnt\ndrwxr-xr-x. 2 root root 6 Apr 11 2018 opt\ndr-xr-xr-x 128 root root 0 Mar 30 20:56 proc\ndr-xr-x---. 5 root root 197 Apr 19 16:25 root\ndrwxr-xr-x 29 root root 740 Apr 19 17:20 run\nlrwxrwxrwx. 1 root root 8 Mar 29 18:30 sbin -> usr/sbin\ndrwxr-xr-x. 2 root root 6 Apr 11 2018 srv\ndr-xr-xr-x 13 root root 0 Apr 19 17:28 sys\ndrwxrwxrwt. 11 root root 4096 Apr 19 17:30 tmp\ndrwxr-xr-x. 13 root root 155 Mar 29 18:30 usr\ndrwxr-xr-x. 21 root root 4096 Apr 19 17:20 var",
"stdout_lines": [
"total 24",
"lrwxrwxrwx. 1 root root 7 Mar 29 18:30 bin -> usr/bin",
"dr-xr-xr-x. 5 root root 4096 Mar 29 18:41 boot",
"drwxr-xr-x 6 www www 71 Apr 19 08:29 code",
"drwxr-xr-x 19 root root 3200 Apr 18 22:37 dev",
"drwxr-xr-x. 90 root root 8192 Apr 19 17:20 etc",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 home",
"lrwxrwxrwx. 1 root root 7 Mar 29 18:30 lib -> usr/lib",
"lrwxrwxrwx. 1 root root 9 Mar 29 18:30 lib64 -> usr/lib64",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 media",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 mnt",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 opt",
"dr-xr-xr-x 128 root root 0 Mar 30 20:56 proc",
"dr-xr-x---. 5 root root 197 Apr 19 16:25 root",
"drwxr-xr-x 29 root root 740 Apr 19 17:20 run",
"lrwxrwxrwx. 1 root root 8 Mar 29 18:30 sbin -> usr/sbin",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 srv",
"dr-xr-xr-x 13 root root 0 Apr 19 17:28 sys",
"drwxrwxrwt. 11 root root 4096 Apr 19 17:30 tmp",
"drwxr-xr-x. 13 root root 155 Mar 29 18:30 usr",
"drwxr-xr-x. 21 root root 4096 Apr 19 17:20 var"
]
}
}
ok: [web02] => {
"msg": {
"changed": true,
"cmd": "ls -l /",
"delta": "0:00:00.072887",
"end": "2023-04-19 17:30:57.891135",
"failed": false,
"rc": 0,
"start": "2023-04-19 17:30:57.818248",
"stderr": "",
"stderr_lines": [],
"stdout": "total 28\nlrwxrwxrwx. 1 root root 7 Mar 29 18:30 bin -> usr/bin\ndr-xr-xr-x. 5 root root 4096 Mar 29 18:41 boot\ndrwxr-xr-x 6 www www 71 Apr 19 08:29 code\ndrwxr-xr-x 19 root root 3200 Apr 18 22:37 dev\ndrwxr-xr-x. 90 root root 8192 Apr 19 17:20 etc\ndrwxr-xr-x. 2 root root 6 Apr 11 2018 home\nlrwxrwxrwx. 1 root root 7 Mar 29 18:30 lib -> usr/lib\nlrwxrwxrwx. 1 root root 9 Mar 29 18:30 lib64 -> usr/lib64\ndrwxr-xr-x. 2 root root 6 Apr 11 2018 media\ndrwxr-xr-x. 2 root root 6 Apr 11 2018 mnt\ndrwxr-xr-x. 2 root root 6 Apr 11 2018 opt\ndr-xr-xr-x 127 root root 0 Mar 30 20:56 proc\ndr-xr-x---. 5 root root 4096 Apr 19 16:25 root\ndrwxr-xr-x 29 root root 740 Apr 19 17:20 run\nlrwxrwxrwx. 1 root root 8 Mar 29 18:30 sbin -> usr/sbin\ndrwxr-xr-x. 2 root root 6 Apr 11 2018 srv\ndr-xr-xr-x 13 root root 0 Apr 19 17:28 sys\ndrwxrwxrwt. 10 root root 4096 Apr 19 17:30 tmp\ndrwxr-xr-x. 13 root root 155 Mar 29 18:30 usr\ndrwxr-xr-x. 21 root root 4096 Apr 19 17:20 var",
"stdout_lines": [
"total 28",
"lrwxrwxrwx. 1 root root 7 Mar 29 18:30 bin -> usr/bin",
"dr-xr-xr-x. 5 root root 4096 Mar 29 18:41 boot",
"drwxr-xr-x 6 www www 71 Apr 19 08:29 code",
"drwxr-xr-x 19 root root 3200 Apr 18 22:37 dev",
"drwxr-xr-x. 90 root root 8192 Apr 19 17:20 etc",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 home",
"lrwxrwxrwx. 1 root root 7 Mar 29 18:30 lib -> usr/lib",
"lrwxrwxrwx. 1 root root 9 Mar 29 18:30 lib64 -> usr/lib64",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 media",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 mnt",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 opt",
"dr-xr-xr-x 127 root root 0 Mar 30 20:56 proc",
"dr-xr-x---. 5 root root 4096 Apr 19 16:25 root",
"drwxr-xr-x 29 root root 740 Apr 19 17:20 run",
"lrwxrwxrwx. 1 root root 8 Mar 29 18:30 sbin -> usr/sbin",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 srv",
"dr-xr-xr-x 13 root root 0 Apr 19 17:28 sys",
"drwxrwxrwt. 10 root root 4096 Apr 19 17:30 tmp",
"drwxr-xr-x. 13 root root 155 Mar 29 18:30 usr",
"drwxr-xr-x. 21 root root 4096 Apr 19 17:20 var"
]
}
}
PLAY RECAP *********************************************************************
web01 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
web02 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 内容很多,我们让其输入自己想要的内容
[root@Ansible test]# cat test.yml
- hosts: web_group
tasks:
- name: test register vars
shell: "ls -l /"
register: list_dir
- name: return result
debug:
msg: "{{ list_dir.stdout_lines }}"
[root@Ansible test]# ansible-playbook test.yml
PLAY [web_group] ***************************************************************
TASK [Gathering Facts] *********************************************************
ok: [web02]
ok: [web01]
TASK [test register vars] ******************************************************
changed: [web02]
changed: [web01]
TASK [return result] ***********************************************************
ok: [web01] => {
"msg": [
"total 24",
"lrwxrwxrwx. 1 root root 7 Mar 29 18:30 bin -> usr/bin",
"dr-xr-xr-x. 5 root root 4096 Mar 29 18:41 boot",
"drwxr-xr-x 6 www www 71 Apr 19 08:29 code",
"drwxr-xr-x 19 root root 3200 Apr 18 22:37 dev",
"drwxr-xr-x. 90 root root 8192 Apr 19 17:20 etc",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 home",
"lrwxrwxrwx. 1 root root 7 Mar 29 18:30 lib -> usr/lib",
"lrwxrwxrwx. 1 root root 9 Mar 29 18:30 lib64 -> usr/lib64",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 media",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 mnt",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 opt",
"dr-xr-xr-x 129 root root 0 Mar 30 20:56 proc",
"dr-xr-x---. 5 root root 197 Apr 19 16:25 root",
"drwxr-xr-x 29 root root 740 Apr 19 17:20 run",
"lrwxrwxrwx. 1 root root 8 Mar 29 18:30 sbin -> usr/sbin",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 srv",
"dr-xr-xr-x 13 root root 0 Apr 19 17:28 sys",
"drwxrwxrwt. 11 root root 4096 Apr 19 17:34 tmp",
"drwxr-xr-x. 13 root root 155 Mar 29 18:30 usr",
"drwxr-xr-x. 21 root root 4096 Apr 19 17:20 var"
]
}
ok: [web02] => {
"msg": [
"total 28",
"lrwxrwxrwx. 1 root root 7 Mar 29 18:30 bin -> usr/bin",
"dr-xr-xr-x. 5 root root 4096 Mar 29 18:41 boot",
"drwxr-xr-x 6 www www 71 Apr 19 08:29 code",
"drwxr-xr-x 19 root root 3200 Apr 18 22:37 dev",
"drwxr-xr-x. 90 root root 8192 Apr 19 17:20 etc",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 home",
"lrwxrwxrwx. 1 root root 7 Mar 29 18:30 lib -> usr/lib",
"lrwxrwxrwx. 1 root root 9 Mar 29 18:30 lib64 -> usr/lib64",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 media",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 mnt",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 opt",
"dr-xr-xr-x 127 root root 0 Mar 30 20:56 proc",
"dr-xr-x---. 5 root root 4096 Apr 19 16:25 root",
"drwxr-xr-x 29 root root 740 Apr 19 17:20 run",
"lrwxrwxrwx. 1 root root 8 Mar 29 18:30 sbin -> usr/sbin",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 srv",
"dr-xr-xr-x 13 root root 0 Apr 19 17:28 sys",
"drwxrwxrwt. 10 root root 4096 Apr 19 17:34 tmp",
"drwxr-xr-x. 13 root root 155 Mar 29 18:30 usr",
"drwxr-xr-x. 21 root root 4096 Apr 19 17:20 var"
]
}
PLAY RECAP *********************************************************************
web01 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
web02 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 debug模块常用参数
msg #调试输出的消息
var #将某个任务执行的输出作为变量传递给debug模块,debug会直接将其打印输出
verbosity #debug的级别(默认是0,全部显示)
层级定义变量
1、编辑变量文件
[root@Ansible test]# cat vars_file.yml
lamp:
framework:
web_package: httpd
db_package: mariadb-server
php_package: php
lnmp:
framework:
web_package: nginx
db_package: mysql
php_package: php
lnmt:
framework:
web_package: nginx
db_package: mysql
java_package: tomcat2、编辑剧本文件
#简单写法
[root@Ansible test]# cat test.yml
- hosts: web_group
vars_files: vars_file.yml
tasks:
- name: install lamp httpd
yum:
name: "{{ lamp.framework.web_package }}"
- name: install lamp mariadb-server
yum:
name: "{{ lamp.framework.db_package }}"
- name: install lamp php
yum:
name: "{{ lamp.framework.php_package }}"
#官方推荐写法
[root@Ansible test]# cat test.yml
- hosts: web_group
vars_files: vars_file.yml
tasks:
- name: install lamp httpd
yum:
name: "{{ lamp['framework']['web_package'] }}"
- name: install lamp mariadb-server
yum:
name: "{{ lamp['framework']['db_package'] }}"
- name: install lamp php
yum:
name: "{{ lamp['framework']['php_package'] }}"
3、执行剧本
[root@Ansible test]# ansible-playbook test.yml
PLAY [web_group] ***************************************************************
TASK [Gathering Facts] *********************************************************
ok: [web01]
ok: [web02]
TASK [install lamp httpd] ******************************************************
ok: [web01]
ok: [web02]
TASK [install lamp mariadb-server] *********************************************
ok: [web01]
ok: [web02]
TASK [install lamp php] ********************************************************
ok: [web01]
ok: [web02]
PLAY RECAP *********************************************************************
web01 : ok=4 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
web02 : ok=4 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 facts缓存变量
Ansible facts是在客户端主机通过Ansible自动采集发现的变量,facts包含每台特定的主机信息,如被控端的主机名、IP地址、系统版本、CPU数量、内存状态、磁盘状态等等。
1、fasts使用场景
1、通过facts缓存检查CPU,来生成对应的nginx配置文件
2、通过facts缓存检查主机名,生成不同的zabbix配置文件
3、通过facts缓存检索物理机的内存大小来生成不同的mysql配置文件
Ansible facts类似于saltstack中的grains,对于做自动化非常有帮助!
2、fasts用法
[root@Ansible test]# cat test.yml
- hosts: web_group
vars_files: vars_file.yml
tasks:
- name: get host info
debug:
msg: Hostname "{{ ansible_fqdn }}" and IP "{{ an
sible_default_ipv4.address }}"
[root@Ansible test]# ansible-playbook test.yml
PLAY [web_group] ***************************************************************
TASK [Gathering Facts] *********************************************************
ok: [web01]
ok: [web02]
TASK [get host info] ***********************************************************
ok: [web01] => {
"msg": "Hostname \"Web01\" and IP \"10.0.0.7\""
}
ok: [web02] => {
"msg": "Hostname \"Web02\" and IP \"10.0.0.8\""
}
PLAY RECAP *********************************************************************
web01 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
web02 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@Ansible test]# 3、关闭fasts
[root@Ansible test]# cat test.yml
- hosts: web_group
gather_facts: no #关闭信息采集
vars_files: vars_file.yml
tasks:
- name: get host info
debug:
msg: Hostname "{{ ansible_fqdn }}" and IP "{{ ansible_default_ipv4.address }}"4、fasts生成zabbix配置文件
[root@Ansible test]# cat test.yml
- hosts: web_group
vars:
- zabbix_server: 172.16.1.71
tasks:
- name: copy zabbix agent conf
template: #作用是将管理机上的变量内容覆盖到客户机的目标配置文件中
src: ./zabbix_agentd.conf
dest: /tmp/zabbix_agentd.conf5、facts生成mysqld配置文件
- hosts: db_group
tasks:
- name: Install mysql server
yum:
name: mariadb-server
state: present
- name: copy mysql conf
template: #作用是将管理机上的变量内容覆盖到客户机的目标配置文件中
src: ./my.cnf
dest: /etc/my.cnf
[root@m01 ~]# vim /etc/my.cnf
[mysqld]
basedir=/usr
datadir=/var/lib/mysql/
socket=/var/lib/mysql/mysql.sock
log_error=/var/log/mariadb/mariadb.log
innodb_buffer_pool_size={{ ansible_memtotal_mb * 0.8 }}我是koten,10年运维经验,持续分享运维干货,感谢大家的阅读和关注!