文章目录
1. 修改文件并将其复制到被控机
1.1 文件模块
常用文件模块:
模块名称 | 模块说明 |
---|---|
blockinfile | 插入、更新或删除由可自定义标记线包围的多行文本块 |
copy | 将文件从本地或远程计算机复制到受管主机上的某个位置。类似于file模块,copy模块还可以设置文件属性,包括SELinux上下文件。 |
fetch | 此模块的作用和copy模块类似,但以相反方式工作。此模块用于从远程计算机获取文件到控制节点,并将它们存储在按主机名组织的文件树中。 |
file | 设置权限、所有权、SELinux上下文以及常规文件、符号链接、硬链接和目录的时间戳等属性。此模块还可以创建删除常规文件、符号链接、硬链接和目录。其他多个与文件相关的模块支持与file模块相同的属性设置选项,包括copy模块。 |
lineinfile | 确保特定行位于某文件中,或使用反向引用正则表达式来替换现有行。此模块主要在用户想要更改文件的某一行时使用。 |
stat | 检索文件的状态信息,类似于Linux中的stat命令。 |
synchronize | 围绕rsync命令的一个打包程序,可加快和简化常见任务。synchronize模块无法提供对rsync命令的完整功能的访问权限,但确实最常见的调用更容易实施。用户可能仍需通过run command模块直接调用rsync命令。 |
示例: blockinfile
插入:在主控机使用该模块将要添加的东西弄到受控机的/tmp/abc下面
[root@localhost ~]# cat /tmp/abc 查看受控机的/tmp/abc文件下面有什么
hehe
#
#
[root@localhost playbook]# vim myplay.yml 主控机上编写playbook
---
- hosts: all
tasks:
- name: 查看是否存在目录里
blockinfile:
path: /tmp/abc
block: | 管道符的作用是判断first line. second line.在不在/tmp/abc里面
first line.
second line.
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [查看是否存在目录里] **********************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost ~]# cat /tmp/abc 查看受控机
hehe
#
#
# BEGIN ANSIBLE MANAGED BLOCK 这两个注释表示其中的内容是怎么加进去的(这里表示是用ansible加进去的)
first line. 将其弄到受控机的文件里
second line.
# END ANSIBLE MANAGED BLOCK
更改:将原本存在的东西替换成新的东西
[root@localhost ~]# cat /tmp/abc 查看受控机原本存在的内容:first line. second line.
hehe
#
#
# BEGIN ANSIBLE MANAGED BLOCK
first line.
second line.
# END ANSIBLE MANAGED BLOCK
[root@localhost playbook]# vim myplay.yml 主控机上编写
---
- hosts: all
tasks:
- name: 查看是否存在目录里
blockinfile:
path: /tmp/abc
block: |
123456789 新添加的内容
akdhalkdaalksda
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [查看是否存在目录里] **********************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost ~]# cat /tmp/abc 查看受控机新添加的内容
hehe
#
#
# BEGIN ANSIBLE MANAGED BLOCK
123456789 原本存在的内容被更替,换成新的内容
akdhalkdaalksda
# END ANSIBLE MANAGED BLOCK
添加:在原本的内容上添加新的内容
[root@localhost ~]# cat /tmp/abc 查看受控机原本存在的内容(指以ansible方式添加进去的)
hehe
#
#
# BEGIN ANSIBLE MANAGED BLOCK
123456789
akdhalkdaalksda
# END ANSIBLE MANAGED BLOCK
[root@localhost playbook]# vim myplay.yml 在主控机上编写(这里新添加了5行)
---
- hosts: all
tasks:
- name: 查看是否存在目录里
blockinfile:
path: /tmp/abc
block: |
123456789
akdhalkdaalksda
hajka
kk
oo
psaj
sk
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [查看是否存在目录里] **********************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost ~]# cat /tmp/abc 查看受控机新添加的内容
hehe
#
#
# BEGIN ANSIBLE MANAGED BLOCK
123456789
akdhalkdaalksda
hajka
kk
oo
psaj
sk
# END ANSIBLE MANAGED BLOCK
1.2 file模块
1.2.1 给受控机创建一个文件
[root@localhost ~]# useradd foo 在受控机上创建体格用户foo
[root@localhost playbook]# vim myplay.yml
---
- hosts: all
tasks:
- name: 修改文件的属主,组和属性
file:
path: /etc/foo.conf
owner: foo
group: foo
mode: '0644' 给权限
state: touch 创建一个文件
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [修改文件的属主,组和属性] ************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost ~]# ll /etc/foo.conf 再次查看受控机上就存在一个有权限的文件
-rw-r--r--. 1 foo foo 0 Sep 8 11:04 /etc/foo.conf
1.2.2 修改文件属性
[root@localhost ~]# ll /etc/foo.conf
-rw-r--r--. 1 foo foo 0 Sep 8 11:04 /etc/foo.conf 查看受控机的属主和组都属于foo
[root@localhost playbook]# vim myplay.yml
---
- hosts: all
tasks:
- name: 修改文件的属主,组和属性
file:
path: /etc/foo.conf
owner: root 修改属主
group: root 修改属组
mode: '0644'
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [修改文件的属主,组和属性] ************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost ~]# ll /etc/foo.conf
-rw-r--r--. 1 root root 0 Sep 8 11:04 /etc/foo.conf 查看受控机的属主和组已经改为root
1.2.3 给已存在的文件一个不安全的权限
[root@localhost ~]# mkdir /work 受控机的/下创建一个目录
[root@localhost playbook]# vim myplay.yml
---
- hosts: all
tasks:
- name: 给权限
file:
path: /work
owner: root
group: root
mode: '1777'
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [给权限] *********************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost ~]# ll -d /work 查看该目录的权限
drwxrwxrwt. 2 root root 6 Sep 8 11:19 /work
1.2 4 创建目录
[root@localhost playbook]# vim myplay.yml
---
- hosts: all
tasks:
- name: 创建目录
file:
path: /etc/hehe
state: directory 创建文件用touch,创建目录用directory
mode: 0755
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [创建目录] ********************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost ~]# ll -d /etc/hehe 受控机上查看该目录
drwxr-xr-x. 2 root root 6 Sep 8 11:31 /etc/hehe
1.2.5 在受管主机上复制和编辑文件
- 用copy模块把主控机的某一文件复制到受控机里
[root@localhost playbook]# vim myplay.yml
---
- hosts: all
tasks:
- name: akadjal
copy:
src: files/abc 把主控机上的files/的abc文件复制到受控机的/opt/下
dest: /opt/
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [akadjal] *****************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost ~]# ls /opt 受控机查看opt/是否有abc
abc
- 用fetch模块从受控机上索取文件
[root@localhost ~]# ls 查看受控机上有gege
anaconda-ks.cfg gege
[root@localhost playbook]# vim myplay.yml
---
- hosts: all
tasks:
- name: akadjal
fetch:
src: /root/gege 把受控机root下面的gege传给主控机files下面
dest: files/
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [akadjal] *****************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost playbook]# ls files 主控机查看gege
192.168.50.136 abc httpd.conf
[root@localhost playbook]# cd files/
[root@localhost files]# cd 192.168.50.136/
[root@localhost 192.168.50.136]# ls
root
[root@localhost 192.168.50.136]# cd root/
[root@localhost root]# ls
gege
- 用lineinfile模块查看某一内容是否存在那个文件里
查看:那一行内容原本就存在文件里
[root@localhost ~]# cat /opt/abc 查看受控机里hehe在abc里面
hehe
#
#
[root@localhost playbook]# vim myplay.yml
---
- hosts: all
tasks:
- name: akadjal
lineinfile:
path: /opt/abc
line: hehe
state: present
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [akadjal] ***************************************************************** ok说明没有改变,hehe存在abc那一行
ok: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
添加:该内容不在文件里,则会直接添加进去(这里举例是添加jiejie)
[root@localhost ~]# cat /opt/abc 查看受控机abc下面没有jiejie
hehe
#
#
[root@localhost playbook]# vim myplay.yml
---
- hosts: all
tasks:
- name: akadjal
lineinfile:
path: /opt/abc
line: jiejie 查看姐姐是否存在文件里,如果不是则会直接添加
state: present
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [akadjal] ***************************************************************** changed指发生改变,已经把原本不存在的内容添加到文件里去
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost ~]# cat /opt/abc 受控机abc里新添加了jiejie
hehe
#
#
jiejie
1.2.6 删除受管机的文件
[root@localhost ~]# ls /opt 受管机上查看opt下面有abc文件
abc
[root@localhost playbook]# vim myplay.yml
---
- hosts: all
tasks:
- name: akadjal
file:
path: /opt/abc
state: absent
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [akadjal] *****************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost ~]# ls /opt 查看受管机opt下面的abc已被删除
[root@localhost ~]#
1.2.7 检查受管主机的文件状态
[root@localhost playbook]# vim myplay.yml
---
- hosts: all
tasks:
- name: akadjal
stat:
path: /root/anaconda-ks.cfg
checksum_algorithm: md5 用md5的方式解密,数值不一样则会报错
register: result
- debug:
var: result
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [akadjal] *****************************************************************
ok: [192.168.50.136]
TASK [debug] *******************************************************************
ok: [192.168.50.136] => {
"result": {
"changed": false,
"failed": false,
"stat": {
"atime": 1598769004.7942908,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "ad51110e83a089e5af576ac260e30c3a",
"ctime": 1598769004.8362908,
"dev": 64768,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 33575044,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0600",
"mtime": 1598769004.8362908,
"nlink": 1,
"path": "/root/anaconda-ks.cfg",
"pw_name": "root",
"readable": true,
"rgrp": false,
"roth": false,
"rusr": true,
"size": 1177,
"uid": 0,
"version": "2378059820",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
}
PLAY RECAP *********************************************************************
192.168.50.136 : ok=3 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
1.2.8 synchronize模块
- 该模块可以将主控机的目录同步到受控机上去
主控机和被控机都需要安装rsync
[root@localhost playbook]# yum -y install rsync
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat S
......
[root@localhost ~]# ls abc 查看主控机root下面的abc目录有什么内容
anaconda-ks.cfg hosts
[root@localhost playbook]# vim myplay.yml
---
- hosts: all
tasks:
- name: akadjal
synchronize:
src: /root/abc
dest: /opt/ 指定受控机存放位置
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [akadjal] *****************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost ~]# ls /opt 查看受控机opt下面有abc目录
abc
[root@localhost ~]# ls /opt/abc
anaconda-ks.cfg hosts
2. jinja2模板
- {% EXPR %}用于表达式或逻辑(如循环)
- {{ EXPR }}则用于向最终用户输出表达式或变量的结果
- {# COMMENT #}语法括起不应出现在最终文件中的注释
2.1 构建jinja2模板
- ansible system_hostname -i inventory_file -m setup : 获取与受管主机相关的事实
- 在Ansible模板中我们可以使用jinja2循环和条件(for,if),但不能在Ansible Playbook中使用(loop,when)
例子: 运用模板将当前主机的IP和主机名写到指定文件里去,因此会使用变量提取后再变成该有的东西。
生成一个模板,把当前主机的IP和当前主机的主机名取出来写到文件里面去。在不同主机上运行其结果也不同
[root@localhost files]# vim hosts.j2
{# 学习快乐 #} 一个注释,不会显示出来
{{ ansible_facts['default_ipv4']['address'] }} {{ ansible_facts['hostname'] }}
查看受控机hosts文件
[root@localhost ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
把主控机hosts.j2文件放到hosts里去,把j2文件里面的变量转换成该有的东西
[root@localhost ~]# cd /playbook/
[root@localhost playbook]# ls
files myplay.yml vars
[root@localhost playbook]# cd files/
[root@localhost files]# vim hosts.j2
---
- hosts: all,localhost 添加受控机,主控机的主机名
tasks:
- name: /etc/hosts
template: 这里只能用template模块,不能使用copy模块(像移动文件原封不动的就只用copy模块)
src: files/hosts.j2
dest: /etc/hosts
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all,localhost] ***********************************************************
TASK [Gathering Facts] *********************************************************
ok: [localhost]
ok: [192.168.50.136]
TASK [/etc/hosts] **************************************************************
changed: [localhost]
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
localhost : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
再次查看受控机hosts文件(这时显示出来的就是该主机的IP和主机名)
[root@localhost ~]# cat /etc/hosts 受控机的IP和主机名
192.168.50.136 localhost
[root@localhost ~]# cat /etc/hosts 主控机的IP和主机名
192.168.50.135 localhost
反例:使用copy模块的效果
查看受控机效果(使用template模块)
[root@localhost ~]# cat /etc/hosts
192.168.50.136 localhost
[root@localhost playbook]# vim myplay.yml
---
- hosts: all,localhost
tasks:
- name: /etc/hosts
copy: 使用copy模块
src: files/hosts.j2
dest: /etc/hosts
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all,localhost] ***********************************************************
TASK [Gathering Facts] *********************************************************
ok: [localhost]
ok: [192.168.50.136]
TASK [/etc/hosts] **************************************************************
changed: [localhost]
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
localhost : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
查看受控机效果(使用copy模块)
[root@localhost ~]# cat /etc/hosts
{# 学习快乐 #}
{{ ansible_facts['default_ipv4']['address'] }} {{ ansible_facts['hostname'] }}
2.2 管理模板文件
[root@localhost playbook]# vim /etc/ansible/ansible.cfg
......
#ansible_managed = Ansible managed
ansible_managed = 此文件由ansible控制,请不要擅长修改 进入ansible的配置文件,添加此行
......
[root@localhost playbook]# vim files/hosts.j2
# {{ ansible_managed }} 在模板中将此变量写进去
{# 学习快乐 #}
{{ ansible_facts['default_ipv4']['address'] }} {{ ansible_facts['hostname'] }}
[root@localhost playbook]# vim myplay.yml
---
- hosts: all,localhost
tasks:
- name: /etc/hosts
template:
src: files/hosts.j2
dest: /etc/hosts
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all,localhost] ***********************************************************
TASK [Gathering Facts] *********************************************************
ok: [localhost]
ok: [192.168.50.136]
TASK [/etc/hosts] **************************************************************
changed: [localhost]
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
localhost : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
查看受控机效果
[root@localhost ~]# cat /etc/hosts
# 此文件由ansible控制,请不要擅长修改 新增了此内容
192.168.50.136 localhost
2.3 控制结构
2.3.1 使用循环
1.使用for语句来提供循环功能
[root@localhost ~]# cat /tmp/user 查看被控机user下面有什么
cat: /tmp/user: No such file or directory
写一个模板文件user.j2
[root@localhost playbook]# vim files/user.j2
{% for user in users %}
{{ user }}
{% endfor %}
[root@localhost playbook]# vim myplay.yml
---
- hosts: all
vars:
users:
- tom
- kk
- uu
- ppll
tasks:
- name: 取出user
template:
src: files/user.j2 user变量替换为users变量中包含的所有值,一行一个值
dest: /tmp/user 会在user文件里一次写上以上每个用户的名字
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [取出user] ******************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
再次查看被控机user下面是否有那几个用户的名字
[root@localhost ~]# cat /tmp/user
tom
kk
uu
ppll
- loop.index表示第几次循环的缩影
先在被控机上查看有几个用户(有几个用户就会循环几次)
[root@localhost ~]# cat /tmp/user
tom
kk
uu
ppll
[root@localhost playbook]# vim files/user.j2
{% for user in users %}
{{ loop.index }} 主控机上使用loop.index变量。循环第一次为1,循环第二次为2,以此类推
{% endfor %}
[root@localhost playbook]# vim myplay.yml
---
- hosts: all
vars:
users:
- tom
- kk
- uu
- ppll
tasks:
- name: 取出user
template:
src: files/user.j2
dest: /tmp/user
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [取出user] ******************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost ~]# cat /tmp/user 被控机上查看循环了几次(因为有4个用户,所以就循环了4次)
1
2
3
4
- 使用for语句逐一运行users变量中的所有值
[root@localhost playbook]# vim files/user.j2
{% for user in users if not user == 'tom' %} 取反,排除tom。还可以写成{% for user in users if user != 'tom' %}
user number {{ loop.index }} - {{ user }} loop.index表示取出的第几个结果
{% endfor %}
[root@localhost playbook]# vim myplay.yml
---
- hosts: all
vars:
users: 依次取出users中的所有值
- tom
- kk
- uu
- ppll
tasks:
- name: 取出user
template:
src: files/user.j2
dest: /tmp/user
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [取出user] ******************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost ~]# cat /tmp/user 被控机查看没有tom,因为已经被排除在外了
user number 1 - kk
user number 2 - uu
user number 3 - ppll
- 使用for语句逐一取出组里的值
[root@localhost playbook]# vim files/inventory.j2 新写一个inventory的模板
{% for myhost in group['haha'] %}
{{ myhost }}
{% endfor %}
[root@localhost playbook]# vim myplay.yml
---
- hosts: all
vars:
group: 给组定义变量,依次取出组里的值
haha:
- host1
- host2
- host3
tasks:
- name: 取出user
template:
src: files/inventory.j2
dest: /tmp/inventory
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [取出user] ******************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost ~]# cat /tmp/inventory 查看受控机inventory内容
host1
host2
host3
- 用for语句将列出清单文件组内的所有主机IP
例一:清单文件中只有一个组一台实际存在的主机,模板中只取haha,playbook中只取一台主机,其结果就只取该台主机ip
[root@localhost playbook]# vim /etc/ansible/inventory 清单文件定义一个组,组里只有一台主机
[haha]
192.168.50.136 ansible_password=redhat
[root@localhost playbook]# vim files/inventory.j2 编写模板
{% for myhost in groups['haha'] %} 这里使用groups
{{ myhost }}
{% endfor %}
[root@localhost playbook]# vim myplay.yml
---
- hosts: all 清单文件里只写了一台主机,所以这里的all表示所有也表示那一台主机
tasks:
- name: 取出user
template:
src: files/inventory.j2
dest: /tmp/inventory
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [取出user] ******************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@localhost ~]# cat /tmp/inventory 查看受控机inventory是否有主机IP
192.168.50.136
例二:清单里有多个组(hehe组下的主机不存在),模板里取出所有的组,把所有的组里的主机放到myhost变量里去,再把变量文件inventory.j2写到被控机inventory文件去
[root@localhost playbook]# vim /etc/ansible/inventory 清单文件里有多个组,多台主机,或者不存在的主机(1.1.1.1)
[haha]
192.168.50.136 ansible_password=redhat
[hehe]
1.1.1.1
[root@localhost playbook]# vim files/inventory.j2 模板里取出所有的主机,所以用all
{% for myhost in groups['all'] %}
{{ myhost }}
{% endfor %}
[root@localhost playbook]# vim myplay.yml
---
- hosts: 192.168.50.136
tasks:
- name: 取出user
template:
src: files/inventory.j2
dest: /tmp/inventory
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [192.168.50.136] **********************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [取出user] ******************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
查看被控机inventory文件内容,会看到所有组的主机ip,不存在的主机IP(1.1.1.1)依然会被取出来
[root@localhost ~]# cat /tmp/inventory
192.168.50.136
1.1.1.1
2.3.2 条件语句if
例一:如果模板中的if条件成立,则会将变量写到受控机的文件里去
查看受控机文件内容
[root@localhost ~]# cat /tmp/inventory
192.168.50.136
1.1.1.1
主控机编写模板
[root@localhost playbook]# vim files/inventory.j2
{% if 2 < 3 %} 使用if条件语句,其中的条件自己写(2<3),若条件成立,则会把变量{{ansible_managed}}写到受控机的文件里去
{{ ansible_managed }}
{% endif %}
[root@localhost playbook]# vim myplay.yml
---
- hosts: 192.168.50.136
tasks:
- name: 取出user
template:
src: files/inventory.j2
dest: /tmp/inventory
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [192.168.50.136] **********************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [取出user] ******************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
查看受控机文件内容,这时已经将变量{{ansible_managed}}写到该文件里
[root@localhost ~]# cat /tmp/inventory
此文件由ansible控制,请不要擅长修改
例二:若模板中的if条件不成立,则不会把变量写到受控机的文件里
查看受控机文件内容
[root@localhost ~]# cat /tmp/inventory
此文件由ansible控制,请不要擅长修改
主控机编写模板
[root@localhost playbook]# vim files/inventory.j2
{% if 2 > 3 %} 此时条件(2>3)不成立,则不会把变量{{ansible_managed}}写到受控机的文件里
{{ ansible_managed }}
{% endif %}
[root@localhost playbook]# vim myplay.yml
---
- hosts: 192.168.50.136
tasks:
- name: 取出user
template:
src: files/inventory.j2
dest: /tmp/inventory
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [192.168.50.136] **********************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [取出user] ******************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
查看受控机文件内容,此时没有写入任何内容
[root@localhost ~]# cat /tmp/inventory
[root@localhost ~]#
2.3.2 变量过滤器
例子:从众多事实中过滤取出其中的一部分写到受控机文件里
查看事实
[root@localhost playbook]# ansible all -m setup 比如我要取出这部分的事实
......
"ansible_python": {
"executable": "/usr/libexec/platform-python",
"has_sslcontext": true,
"type": "cpython",
"version": {
"major": 3,
"micro": 8,
"minor": 6,
"releaselevel": "final",
"serial": 0
},
"version_info": [
3,
6,
8,
......
查看受控机是否有gl文件(没有)
[root@localhost ~]# ls /tmp/
abc
inventory
tmph976osxk
user
vmware-root_917-4022308724
vmware-root_951-4013330126
vmware-root_956-2722239132
vmware-root_959-3979643072
vmware-root_962-2990678749
vmware-root_965-4256676100
vmware-root_967-4248221830
vmware-root_969-4281777807
vmware-root_973-4290101002
vmware-root_979-4290625299
[root@localhost ~]#
主控机files下面生成一个gl.j2去写变量文件模板
[root@localhost playbook]# mv files/gl files/gl.j2
[root@localhost playbook]# tree .
.
├── files
│ ├── gl.j2
│ ├── hosts.j2
│ ├── inventory.j2
│ └── user.j2
├── myplay.yml
└── vars
└── test.yml
编写模板
[root@localhost playbook]# vim files/gl.j2
{{ ansible_facts['python'] | to_json}} 使用to_json过滤器(不同过滤器其出来的结果排版样式不同)
[root@localhost playbook]# vim myplay.yml
---
- hosts: 192.168.50.136
tasks:
- name: 取出user
template:
src: files/gl.j2
dest: /tmp/gl
[root@localhost playbook]# ansible-playbook myplay.yml
PLAY [192.168.50.136] **********************************************************
TASK [Gathering Facts] *********************************************************
ok: [192.168.50.136]
TASK [取出user] ******************************************************************
changed: [192.168.50.136]
PLAY RECAP *********************************************************************
192.168.50.136 : ok=2 changed=1 unre
查看受控机是否有gl文件,查看其文件是否有过滤出来的内容
[root@localhost ~]# ls /tmp/
abc
gl
inventory
tmph976osxk
user
vmware-root_917-4022308724
vmware-root_951-4013330126
vmware-root_956-2722239132
vmware-root_959-3979643072
vmware-root_962-2990678749
vmware-root_965-4256676100
vmware-root_967-4248221830
vmware-root_969-4281777807
vmware-root_973-4290101002
vmware-root_979-4290625299
使用to_json过滤器出来的效果
[root@localhost ~]# cat /tmp/gl
{"version": {"major": 3, "minor": 6, "micro": 8, "releaselevel": "final", "serial": 0}, "version_info": [3, 6, 8, "final", 0], "executable": "/usr/libexec/platform-python", "has_sslcontext": true, "type": "cpython"}
使用to_nice_json过滤器出来的效果
[root@localhost ~]# cat /tmp/gl
{
"executable": "/usr/libexec/platform-python",
"has_sslcontext": true,
"type": "cpython",
"version": {
"major": 3,
"micro": 8,
"minor": 6,
"releaselevel": "final",
"serial": 0
},
"version_info": [
3,
6,
8,
"final",
0
]
}
使用to_yaml过滤器出来的效果
[root@localhost ~]# cat /tmp/gl
executable: /usr/libexec/platform-python
has_sslcontext: true
type: cpython
version: {major: 3, micro: 8, minor: 6, releaselevel: final, serial: 0}
version_info: [3, 6, 8, final, 0]
使用to_nice_yaml过滤器出来的效果
[root@localhost ~]# cat /tmp/gl
executable: /usr/libexec/platform-python
has_sslcontext: true
type: cpython
version:
major: 3
micro: 8
minor: 6
releaselevel: final
serial: 0
version_info:
- 3
- 6
- 8
- final
- 0
使用from_json过滤器时(只能写字符串):
主控机bianxieplaybook
[root@localhost playbook]# vim files/gl.j2
{{ '{"name": "tom","age": 20,"gender": "male"}' | from_json}} 编写时只能写字符串
受控机查看
[root@localhost ~]# cat /tmp/gl
{'name': 'tom', 'age': 20, 'gender': 'male'}
使用from_yaml过滤再to_nice_yaml时
主控机编写
[root@localhost playbook]# vim files/gl.j2
{{ '{"name": "tom","age": 20,"gender": "male"}' | from_yaml | to_nice_yaml}}
受控机查看内容
[root@localhost ~]# cat /tmp/gl
age: 20
gender: male
name: tom
使用from_json过滤再to_nice_json时
主控机编写
[root@localhost playbook]# vim files/gl.j2
{{ '{"name": "tom","age": 20,"gender": "male"}' | from_json | to_nice_json}}
受控机查看
[root@localhost ~]# cat /tmp/gl
{
"age": 20,
"gender": "male",
"name": "tom"
}