Ansible Playbook——2-小周的知识站

1 剧本文件复用

剧本中可以导入其他剧本，若有一些任务，可以单独写一个剧本，然后在其他剧本中导入调用。

剧本文件复用官方文档：https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse.html

导入方式	特点
include_*	动态导入，包括角色、任务或变量，将它们动态添加到剧本中。导入的任务可能会受到顶级剧本中较早任务结果的影响。官方说已弃用
import_*	静态导入，导入角色、任务或剧本会将它们静态添加到剧本中；在运行剧本中的任何任务之前对导入的文件和角色进行预处理，因此导入的内容永远不会受到顶级剧本中其他任务的影响。预处理导入时变量必须可用，变量需要提前定义。

#示例，Rsync服务模式剧本再次优化
[root@manager-18 ~/projects/Rsync_configure_project]# vim Firewalld_selinux_stop.yaml
- name: Firewalld_selinux_stop
  hosts: all

  tasks:
  - name: 01_stop_firewalld_service
    tags: t1
    service:
      name: firewalld
      enabled: no
      state: stopped
  - name: 02_close_the_selinux
    tags: t2
    selinux:
      state: disabled

[root@manager-18 ~/projects/Rsync_configure_project]# vim Rsync_configure_project.yaml
- import_playbook: Firewalld_selinux_stop.yaml    #引入前面的关闭防火墙和selinux剧本
- name: Rsync_configure
  hosts: backup

  tasks:
  - name: 01_install_rsync
    tags: t1
    yum:
      name: rsync
      state: latest
  - name: 02_copy_config_file
    tags: t2
    copy:
      src: ./rsyncd.conf
      dest: /etc/rsyncd.conf
    notify: restart_rsyncd
  - name: 03_rsync_groupadd
    tags: t3
    group:
      name: rsync
      system: yes
  - name: 04_rsync_useradd
    tags: t4
    user:
      name: rsync
      system: yes
      group: rsync
  - name: 05_make_backup_directory
    tags: t5
    file:
      path: /backup
      owner: rsync
      group: rsync
      state: directory
  - name: 06_copy_password_file
    tags: t6
    copy:
      src: ./rsync.passwd
      dest: /etc/rsync.passwd
      mode: 600
    notify: restart_rsyncd

  handlers:
  - name: restart_rsyncd
    service:
      name: rsyncd
      state: restarted

#示例二，如果要在剧本中多次运行导入的剧本，若导入的剧本中存在变量，则必须定义好变量
tasks:
- import_tasks: wordpress.yml
  vars:
    wp_user: timmy

- import_tasks: wordpress.yml
  vars:
    wp_user: alice

- import_tasks: wordpress.yml
  vars:
    wp_user: bob

2 剧本循环语句

循环语句用于多次执行任务，当某些任务需要多次执行时使用循环语句，例如：创建多个用户。

循环语句官方文档：https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html

#示例一：Loop循环列表内容，创建多个用户
[root@manager-18 ~]# vim useradd_test.yml
---
- name: create user
  hosts: dev

  tasks:
    - name: create user
      user:
        name: "{{ item }}"
        state: present
      loop:
      - user01
      - user02
      - user03
    - name: set password
      shell: echo '12345678' | passwd --stdin "{{ item }}"
      loop:
      - user01
      - user02
      - user03

#示例二：vars变量传递列表内容给Loop循环
[root@manager-18 ~]# vim useradd_test_v2.yml
---
- name: create user
  hosts: dev
  vars:
     users:
      - user01
      - user02
      - user03

  tasks:
    - name: create user
      user:
        name: "{{ item }}"
        state: present
      loop: "{{ users }}"

    - name: set password
      shell: echo '12345678' | passwd --stdin "{{ item }}"
      loop: "{{ users }}"

#示例三：哈希列表Loop循环
[root@manager-18 ~]# vim useradd_test_v3.yml
---
- name: create user
  hosts: dev

  tasks: 
  - name: create user and group
    user:
        name: "{{ item.name }}"
        group: "{{ item.groups }}"
    loop:
    - {name: 'user01', groups: 'wheel'}
    - {name: 'user02', groups: 'root'}

#示例四：vars变量传递哈希列表给Loop循环
[root@manager-18 ~]# vim useradd_test_v4.yml
---
- name: loop test
  hosts: dev
  vars:
    users:
    - user: 'user01'
      group: 'wheel'
    - user: 'user02'
      group: 'root'

  tasks:
    - name: debug
      user:
        name: "{{ item.user }}"
        group: "{{ item.group }}"
      loop: "{{ users }}"  

#示例五：vars变量传递字典给Loop循环，并使用dict filter（字典过滤器）
[root@manager-18 ~]# vim useradd_test_v5.yml
---
- name: loop test
  hosts: dev
  vars:
    users:
      user: 'user01'
      groups: 'root'

  tasks:
    - name: debug
      debug:
        msg: "{{ item.key }}  {{ item.value }}"
      loop: "{{ users|dict2items }}"        # |表示过滤器，|dict2items字典过滤器；users变量中的值传递给字典过滤器，字典过滤器将内容过滤为key，value的格式

#转换之前的格式
  vars:
    users:
      user: 'user01'
      groups: 'root'

#转换之后的格式
    - key: user
      value: user01
    - key: groups
      value: root

3 条件判断语句

when语句用于条件判断，当任务需要在某些特定情况下执行的话，我们就需要进行判断，当判断结果为真时执行此任务，当判断结果为假则不执行此任务。

when语句官方文档：https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html

比较符、逻辑运算符、其他符号	含义
==	比较两个对象是否相等
!=	比较两个对象是否不等
>	比较左侧对象是否大于右侧
>=	比较左侧对象是否大于等于右侧
<	比较左侧对象是否小于右侧
<=	比较左侧对象是否小于等于右侧
and	如果前后条件都为为真，则返回真
or	如果前后条件有一个为真，则返回真
not	取反
()	括号对判断条件进行分组
变量 is defined	某变量已经定义
变量 is not defined	某变量未定义
注册变量 is succeeded	注册变量结果为真
注册变量 is failed	注册变量结果为假
注册变量 is skipped	注册变量结果为跳过
变量 in 列表/字典	某变量在某字典或列表中存储

#示例一
[root@manager-18 ~]# vim test.yml
---
- name: test
  hosts: web

  tasks:
  - name: test01
    debug:
      msg: "this is centos"
    when: ansible_distribution == "CentOS"
  - name: test02
    debug:
      msg: "this is redhat"
    when: ansible_distribution == "RedHat"

#示例二，当有多个判断条件时使用()将条件进行分组，分组后使用逻辑运算符
[root@manager-18 ~]# vim test.yml
---
- name: test
  hosts: web

  tasks:
  - name: test01
    debug:
      msg: "this is centos7"
    when: (ansible_distribution == "CentOS") and
          (ansible_distribution_major_version == "7")


#示例三，当有多个判断条件并且逻辑运算符为 and 时，可写为列表格式
[root@manager-18 ~]# vim test.yml
---
- name: test
  hosts: web

  tasks:
  - name: test01
    debug:
      msg: "this is centos7"
    when:
      - ansible_distribution == "CentOS"
      - ansible_distribution_major_version == "7"

#示例四，在循环中使用条件判断语句
[root@manager-18 ~]# vim test.yml
---
- name: test
  hosts: web

tasks:
    - name: Run with items greater than 5
      command: echo {{ item }}
      loop: [ 0, 2, 4, 6, 8, 10 ]
      when: item > 5

#示例五，在循环中使用条件判断语句
[root@manager-18 ~]# vim test.yml
- name: install mariadb-server if enough space
  yum:
    name: mariadb-server
    state: latest
  loop: "{{ ansible_mounts }}"         #循环事实变量，ansible_mounts表示磁盘挂载信息
  when: item.mount == "/" and item.size_available > 300000000    #判断"/"挂载点大小大于300M

#示例六，判断变量是否定义
[root@manager-18 ~]# vim test.yml
- name: test
  hosts: backup
  vars:
    hzz: 123

  tasks:
  - name: test01
    debug:
      msg: The variable is defined
    when: hzz is defined
  - name: test02
    debug:
      msg: The variable is undefined
    when: hzz is undefined


#示例七，判断注册变量结果
[root@manager-18 ~]# vim test.yml
- name: test
  hosts: backup
  ignore_errors: true

  tasks:
  - name: test01
    shell: echo1 "123"
    register: hzz
  - name: test02
    debug:
      msg: The result is succeeded
    when: hzz is succeeded
  - name: test03
    debug:
      msg: The result is failed
    when: hzz is failed

#示例八，
[root@manager-18 ~]# vim test.yml
- name: test
  hosts: backup
  ignore_errors: True

  tasks:
  - name: Statistical process
    shell: ps -ef | grep httpd | wc -l
    register: check_value
  - name: Print information
    debug:
      msg: echo "Process already exists"
    when: check_value.stdout|int > 0        #剧本中使用|过滤器，将注册变量输出的值转换为int类型再进行判断是否大于0

4 失败任务处理

ignore_errors语句用于忽略剧本任务中错误的命令。

ignore_errors语句官方文档：https://docs.ansible.com/ansible/latest/user_guide/playbooks_error_handling.html

#示例一
#编写一个测试剧本，故意写错剧本任务
[root@manager-18 ~]# vim error.yml
---
- name: error test
  hosts: backup

  tasks:
  - name: 01 test
    service:
      name: test    #没有此服务，运行该剧本会报错，后面的任务将不会执行
      state: started
  - name: 02 test
    file:
      path: /tmp/testfile
      state: touch

#忽略剧本中某任务的报错，使剧本继续运行
[root@manager-18 ~]# vim error.yml
---
- name: error test
  hosts: backup

  tasks:
  - name: 01 test
    service:
      name: test
      state: started
    ignore_errors: true    #在此任务中加入ignore_errors，忽略该任务的错误
  - name: 02 test
    file:
      path: /tmp/testfile
      state: touch

#示例二
#忽略剧本中所有报错，使剧本继续运行
[root@manager-18 ~]# vim error.yml
---
- name: error test
  hosts: backup
  ignore_errors: true    #将ignore_errors中加入剧本全局配置，忽略剧本中所有错误

  tasks:
  - name: 01 test
    service:
      name: test
      state: started
  - name: 02 test
    file:
      path: /tmp/testfile
      state: touch

目录CONTENT

Ansible Playbook——2

2 剧本循环语句

3 条件判断语句

4 失败任务处理

评论区