1.ansible中的迭代循环
创建目录和文件
vim createfile.yaml
- name: create file playbook
hosts: all
tasks:
- name: create file
file:
path: "/mnt/{{item['name']}}"
state: "{{item['type']}}"loop:
- name: westosfile1
type: touch
- name: westosdir1
type: directory
- name: westosfile3
type: touch
- name: westosdir2
type: directory
- name: westosfile5
type: touch
ansible-playbook createfile.yaml
2.迭代循环项目
安装vsftpd、apache、dns并且开启服务,关闭对应的火墙服务
vim setup.yaml
- name: setup vsftpd apache dns
hosts: all
vars:
services:
- name: vsftpd
service: vsftpd
firewall_name: ftp
- name: httpd
service: httpd
firewall_name: http
- name: bind
service: named
firewall_name: dns
tasks:
- name: install services
dnf:
name: "{{item['name']}}"
state: present
loop:
"{{services}}"
- name: start services
service:
name: "{{item['service']}}"
enabled: yes
state: started
loop:
"{{services}}"
- name: setup firewalld
firewalld:
service: "{{item['firewall_name']}}"
state: enabled
permanent: yes
immediate: yes
loop:
"{{services}}"
ansible-playbook setup.yaml
3.ansible中的条件语句
| = | value == " 字符串 ",value == 数字 |
| < | value < 数字 |
| > | value > 数字 |
| <= | value <= 数字 |
| >= | value >= 数字 |
| != | value != 数字 |
| is defined value | value is defined 变量存在 |
| is not defined | value is not defined 变量不存在 |
| in | value is in value 变量为 |
| not in | value is not in value 变量不为 |
| bool变量 为true | value value的值为true |
| bool变量 false | not value value的值为false |
| value in value2 | value的值在value2列表中 |
检测文件是否存在的练习
vim check_file.yaml
- name: check file playbook
hosts: all
tasks:
- name: check file
shell: test -e /mnt/westosfile
ignore_errors: yes -------------------》将会忽略任务失败使得下面的任务继续运行
register: check_state- name: file is not exist
debug:
msg: file is not exist
when: check_state.rc != "0"- name: file exist
debug:
msg: file exist
when: check_state.rc == "0"
ansible-playbook check_file.yaml
vim setup_firewalld.yaml
- name: setup vsftpd apache dns
hosts: all
vars:
services:
- name: vsftpd
service: vsftpd
firewall_name: ftp
- name: httpd
service: httpd -----------------》此firewall_naem
- name: bind
service: named
firewall_name: dns
tasks:
- name: install services
dnf:
name: "{{item['name']}}"
state: present
loop:
"{{services}}"
- name: start services
service:
name: "{{item['service']}}"
enabled: yes
state: started
loop:
"{{services}}"
- name: setup firewalld
firewalld:
service: "{{item['firewall_name']}}"
state: enabled
permanent: yes
immediate: yes
loop:
"{{services}}"
when: item['firewall_name'] is defined ---------》当firewall_name存在时才执行此任务
ansible-playbook setup_firewalld.yaml
tasks:
- name: install services
dnf:
name: "{{item['name']}}"
state: present
loop:
"{{services}}"when: inventory_hostname in groups['westos1'] -----------》只在westos1列表中的主机中执行此任务
tasks:
- name: install services
dnf:
name: "{{item['name']}}"
state: present
loop:
"{{services}}"when:
- inventory_hostname in groups['westos1'] -----------》只在westos1列表中的主机中执行此任务
- item['firewall_name'] is defined -----------》多条件时的格式
4.ansible中的触发器
[root@ansible ~]# chmod 755 /etc/vsftpd/vsftpd.conf
cp /etc/vsftpd/vsftpd.conf vsftpd.conf.j2
vim vsftpd.conf.j2
anonymous_enable={{state}}
vim vsftpd.yaml
- name: install ftp server
hosts: all
vars:
state: YES
tasks:
- name: install vsftpd
dnf:
name: vsftpd
state: present
- name: start vsftpd
service:
name: vsftpd
state: started
enabled: yes
- name: set vsftpd.conf
template:
src: ./vsftpd.conf.j2
dest: /etc/vsftpd.conf
notify: restart vsftpd ---------》触发器,当更改时才会触发handlers的内容handlers:
- name: restart vsftpd
service:
name: vsftpd
state: restarted
ansible-playbook vsftpd.yaml
5.忽略错误play
ignore_errors : yes
例如下载一个根本不存在的东西,但是后续的任务依旧可以继续
vim ignore_errors.yaml
- name: setup
hosts: all
tasks:
- name: vsftpd
dnf:
name: aaaaaaa
state: present
ignore_errors: yes- name: show message
debug:
msg: hello
ansible-playbook ignore_errors.yaml
6.强制触发器运行
vim vsftpd.yaml
- name: test
hosts: all
vars:
state: NO
force_handlers: yes ------------》强制触发触发器
tasks:
- name: config ftp
template:
src: ./vsftpd.conf.j2
dest: /etc/vsftpd.conf
notify: restart vsftpd- name: install aaaaaa
dnf:
name: aaaaaa
state: presenthandlers:
- name: restart vsftpd
service:
name: vsftpd
state: restarted
ansible-playbook vsftpd.yaml
7.控制play运行状态
强制视为执行成功状态
vim vsftpd.yaml
- name: test
hosts: all
vars:
state: NO
force_handlers: yes
tasks:
- name: config ftp
template:
src: ./vsftpd.conf.j2
dest: /etc/vsftpd.conf
changed_when: true ----------》强制视为执行成功状态
notify: restart vsftpd- name: install httpd
dnf:
name: httpd
state: presenthandlers:
- name: restart vsftpd
service:
name: vsftpd
state: restarted
ansible-playbook vsftpd.yaml
failed_when: true ----------》强制视为执行失败状态
8.根据play运行情况选择运行动作
| block: | 定义要运行的任务 |
| rescue: | 定义当block句子中出现失败任务后运行的任务 |
| always: | 定义最终独立运行的任务 |
vim test.yaml
- name: test
hosts: all
tasks:
- name: test play
block:
- name: install software
dnf:
name: aaaaaa
state: present
rescue:
- name: show message
debug:
msg: linux is not found
always:
- name: show always
debug:
msg: hello westos
ansible-playbook test.yaml
当block中运行正常时,rescue中的内容就不会运行
- name: test
hosts: all
tasks:
- name: test play
block:
- name: install software
dnf:
name: httpd
state: present
- name: show linux
debug:
msg: ansible linux
rescue:
- name: show message
debug:
msg: linux is not found
always:
- name: show always
debug:
msg: hello westos
9.运行情况判定示例
将/dev/cdrom挂载到/mnt/isodir中,如果目录不存在就创建目录。
vim mount.yaml
- name: mount /dev/cdrom play
hosts: all
tasks:
- block:
- name: check mount point
shell: test -e /mnt/isodir
rescue:
- name: show message
debug:
msg: /mnt/iso is not exist
- name: create mount point
file:
path: /mnt/isodir
state: directory
always:
- name: mount cdrom
mount:
path: /dev/isodir
src: /dev/cdrom
fstype: iso9660
state: mounted
ansible-playbook mount.yaml
