Ansible中执行流控制

1.ansible中的迭代循环

创建目录和文件

vim createfile.yaml 

        - name: create file playbook
          hosts: all
          tasks:
            - name: create file
              file: 
                path: "/mnt/{{item['name']}}"
                state: "{{item['type']}}"

              loop: 
                - name: westosfile1
                  type: touch
                - name: westosdir1
                  type: directory
                - name: westosfile3
                  type: touch
                - name: westosdir2
                  type: directory
                - name: westosfile5
                  type: touch

ansible-playbook createfile.yaml

2.迭代循环项目

安装vsftpd、apache、dns并且开启服务，关闭对应的火墙服务

vim setup.yaml

- name: setup vsftpd apache dns
  hosts: all
  vars:
    services:
      - name: vsftpd
        service: vsftpd
        firewall_name: ftp
      - name: httpd
        service: httpd
        firewall_name: http
      - name: bind
        service: named
        firewall_name: dns
  tasks:
    - name: install services
      dnf: 
        name: "{{item['name']}}"
        state: present
      loop: 
        "{{services}}"
    - name: start services
      service:
        name: "{{item['service']}}"
        enabled: yes
        state: started
      loop:
        "{{services}}"
    - name: setup firewalld
      firewalld:
        service: "{{item['firewall_name']}}"
        state: enabled
        permanent: yes
        immediate: yes
      loop:
        "{{services}}"

ansible-playbook setup.yaml 

3.ansible中的条件语句

when :

- 条件 1

- 条件 2

# 条件判断 #

=	value == " 字符串 ",value == 数字
<	value < 数字
>	value > 数字
<=	value <= 数字
>=	value >= 数字
!=	value != 数字
is defined value	value is defined 变量存在
is not defined	value is not defined 变量不存在
in	value is in value 变量为
not in	value is not in value 变量不为
bool变量 为true	value                             value的值为true
bool变量 false	not value                   value的值为false
value in value2	value的值在value2列表中

# 多条条件组合 #

when ：

条件 1 and 条件 2

- 条件 1

- 条件 2

when :

条件 1 or 条件 2

when : >

条件 1

or

条件 2

检测文件是否存在的练习

vim check_file.yaml

- name: check file playbook
  hosts: all
  tasks:
    - name: check file
      shell: test -e /mnt/westosfile
      ignore_errors: yes               -------------------》将会忽略任务失败使得下面的任务继续运行
      register: check_state

    - name: file is not exist
      debug:
        msg: file is not exist
      when: check_state.rc != "0"

    - name: file exist
      debug:
        msg: file exist
      when: check_state.rc == "0"

ansible-playbook check_file.yaml 

vim setup_firewalld.yaml

- name: setup vsftpd apache dns
  hosts: all
  vars:
    services:
      - name: vsftpd
        service: vsftpd
        firewall_name: ftp
      - name: httpd
        service: httpd                     -----------------》此firewall_naem
      - name: bind
        service: named
        firewall_name: dns
  tasks:
    - name: install services
      dnf: 
        name: "{{item['name']}}"
        state: present
      loop: 
        "{{services}}"
    - name: start services
      service:
        name: "{{item['service']}}"
        enabled: yes
        state: started
      loop:
        "{{services}}"
    - name: setup firewalld
      firewalld:
        service: "{{item['firewall_name']}}"
        state: enabled
        permanent: yes
        immediate: yes
      loop:
        "{{services}}"
      when: item['firewall_name'] is defined        ---------》当firewall_name存在时才执行此任务

ansible-playbook setup_firewalld.yaml

  tasks:
    - name: install services
      dnf: 
        name: "{{item['name']}}"
        state: present
      loop: 
        "{{services}}"

      when:   inventory_hostname in groups['westos1']   -----------》只在westos1列表中的主机中执行此任务

  tasks:
    - name: install services
      dnf: 
        name: "{{item['name']}}"
        state: present
      loop: 
        "{{services}}"

      when:   

        - inventory_hostname in groups['westos1']   -----------》只在westos1列表中的主机中执行此任务

        - item['firewall_name'] is defined                 -----------》多条件时的格式

4.ansible中的触发器

notify :

触发器当遇到更改是触发 handlers

handlers ：

触发器触发后执行的动作

 [root@ansible ~]# chmod 755 /etc/vsftpd/vsftpd.conf 

 cp /etc/vsftpd/vsftpd.conf vsftpd.conf.j2

vim vsftpd.conf.j2

        anonymous_enable={{state}}

vim vsftpd.yaml

- name: install ftp server
  hosts: all
  vars:
    state: YES
  tasks:
    - name: install vsftpd
      dnf:
        name: vsftpd
        state: present
    - name: start vsftpd
      service:
        name: vsftpd
        state: started
        enabled: yes
    - name: set vsftpd.conf
      template:
        src: ./vsftpd.conf.j2
        dest: /etc/vsftpd.conf
      notify: restart vsftpd                        ---------》触发器，当更改时才会触发handlers的内容

  handlers:
    - name: restart vsftpd
      service:
        name: vsftpd
        state: restarted

ansible-playbook vsftpd.yaml

5.忽略错误play

当 play 遇到任务失败是会终止

ignore_errors : yes

将会忽略任务失败使下面的任务继续运行

例如下载一个根本不存在的东西，但是后续的任务依旧可以继续

vim ignore_errors.yaml 
 

- name: setup 
  hosts: all
  tasks:
    - name: vsftpd
      dnf: 
        name: aaaaaaa
        state: present
      ignore_errors: yes

    - name: show message
      debug:
        msg: hello

ansible-playbook ignore_errors.yaml

6.强制触发器运行

force_handlers

# 作用 ：

# 当任务失败后 play 被终止也会调用触发器进程

继续使用之前的vsftpd.conf文件实验

vim vsftpd.yaml 

- name: test
  hosts: all
  vars:
    state: NO
  force_handlers: yes                      ------------》强制触发触发器
  tasks:
    - name: config ftp
      template:
        src: ./vsftpd.conf.j2
        dest: /etc/vsftpd.conf
      notify: restart vsftpd

    - name: install aaaaaa
      dnf:
        name: aaaaaa
        state: present

  handlers:
    - name: restart vsftpd
      service:
        name: vsftpd
        state: restarted

ansible-playbook vsftpd.yaml 

7.控制play运行状态

changed_when

# 作用 ：

# 控制任务在何时报告它已进行更改

强制视为执行成功状态

vim vsftpd.yaml 

- name: test
  hosts: all
  vars:
    state: NO
  force_handlers: yes
  tasks:
    - name: config ftp
      template:
        src: ./vsftpd.conf.j2
        dest: /etc/vsftpd.conf
      changed_when: true                ----------》强制视为执行成功状态
      notify: restart vsftpd

    - name: install httpd
      dnf:
        name: httpd
        state: present

  handlers:
    - name: restart vsftpd
      service:
        name: vsftpd
        state: restarted

ansible-playbook vsftpd.yaml 

failed_when

# 当符合条件时强制任务失败

强制视为执行失败状态

failed_when: true                ----------》强制视为执行失败状态

8.根据play运行情况选择运行动作

block:	定义要运行的任务
rescue:	定义当block句子中出现失败任务后运行的任务
always：	定义最终独立运行的任务

vim test.yaml

- name: test
  hosts: all
  tasks:
    - name: test play
      block:
        - name: install software
          dnf:
            name: aaaaaa
            state: present
      rescue:
        - name: show message
          debug:
            msg: linux is not found
      always:
        - name: show always
          debug:
            msg: hello westos

ansible-playbook test.yaml

 当block中运行正常时，rescue中的内容就不会运行

- name: test
  hosts: all
  tasks:
    - name: test play
      block:
        - name: install software
          dnf:
            name: httpd
            state: present
        - name: show linux
          debug:
            msg: ansible linux
      rescue:
        - name: show message
          debug:
            msg: linux is not found
      always:
        - name: show always
          debug:
            msg: hello westos
 

9.运行情况判定示例

将/dev/cdrom挂载到/mnt/isodir中，如果目录不存在就创建目录。

vim mount.yaml

- name: mount /dev/cdrom play
  hosts: all
  tasks:
    - block:
        - name: check mount point
          shell: test -e /mnt/isodir
      rescue:
        - name: show message
          debug:
            msg: /mnt/iso is not exist
        - name: create mount point
          file:
            path: /mnt/isodir
            state: directory
      always:
        - name: mount cdrom
          mount:
            path: /dev/isodir
            src: /dev/cdrom
            fstype: iso9660
            state: mounted

ansible-playbook mount.yaml