无书面许可请勿转载

高级Playbook

Extra variables
You may have seen in our template example in the previous chapter that we used a
variable called group_names . This is one of the magic variables that are provided by
Ansible itself. At the time of writing there are seven such variables, described in the
following sections.

额外的变量

你在之前的模板样例里已经看到过我们有一个叫做group_names的变量,这是Ansible提供的一个奇妙的变量,像这样的变量眼下为止总共同拥有7个,接下来我们就将逐一介绍他们!

hostvars allows you to retrieve variables about all the hosts that the current play
has dealt with. If the setup module hasn't yet been run on that host in the current
play, only its variables will be available. You can access it like you would access
other complex variables, such as ${hostvars.hostname.fact} , so to get the Linux
distribution running on a server named ns1 , it would be ${hostvars.ns1.ansible_
distribution} . The following example sets a variable called zone master to the
server named ns1 . It then calls the template module, which would use this to set the
masters for each zone.
---
#1
- name: Setup DNS Servers
#2
hosts: allnameservers
#3
tasks:
#4
- name: Install BIND
#5
yum: name=named state=installed
#6
- name: Setup Slaves
#7
hosts: slavenamesservers
#8
tasks:
#9
- name: Get the masters IP
#10
set_fact: dns_master="{{
hostvars.ns1.ansible_default_ipv4.address }}"
- name: Configure BIND
#12
template: dest=/etc/named.conf
src/templates/named.conf.j2
#11
#13
Using hostvars, you can further abstract templates from your
environment. If you nest your variable calls, then instead of placing an
IP address in the variable section of the play, you can add the hostname.
To find the address of a machine named in the variable the_machine
you would use, {{ hostvars.[the_machine].default_ipv4.
address }}.

hostvars 变量

hostvas能够让你检索,全部当前play已经处理的主机,假设setup模块还没执行。那么仅仅有hostvar变量可用。它能够用${hostvars.hostname.fact}这样的形式来訪问复杂的变量,比方用${hostvars.ns1.ansible_distribution}来訪问ns1这台server的发行版本号。以下的样例设置一个dns masterserver叫ns1,调用模板模块来为每一个zone设置mastserver:

---

- name: Setup DNS Servers

hosts: allnameservers



tasks:

- name: Install BIND

yum: name=named state=installed

- name: Setup Slaves

hosts: slavenamesservers

tasks:

- name: Get the masters IP

set_fact: dns_master="{{

hostvars.ns1.ansible_default_ipv4.address }}"

- name: Configure BIND

template: dest=/etc/named.conf

src/templates/named.conf.j2

The groups variable
The groups variable contains a list of all hosts in the inventory grouped by the
inventory group. This lets you get access to all the hosts that you have configured.
This is potentially a very powerful tool. It allows you to iterate across a whole group
and for every host apply an action to the current machine.
---
- name: Configure the database
hosts: dbservers
user: root tasks:
- name: Install mysql
yum: name={{ item }} state=installed
with_items:
- mysql-server
- MySQL-python
- name: Start mysql
service: name=mysqld state=started enabled=true
- name: Create a user for all app servers
with_items: groups.appservers
mysql_user: name=kate password=test host={{
hostvars.[item].ansible_eth0.ipv4.address }}
state=present
You can even use this variable to create known_hosts files for all of your machines
containing the host keys of all the other machines. This would allow you to then SSH
from one machine to another without confirming the identity of the remote host. It
would also handle removing machines when they leave service or updating them when
they are replaced. The following is a template for a known_hosts file that does this:
{% for host in groups['all'] %}
{{ hostvars[host]['ansible_hostname'] }}
{{
hostvars[host]['ansible_ssh_host_key_rsa_public'] }}
{% endfor %}
The playbook that uses this template would look like this:
---
hosts: all
tasks:
- name: Setup known hosts
hosts: all
tasks:
- name: Create known_hosts
template: src=templates/known_hosts.j2
dest=/etc/ssh/ssh_known_hosts owner=root group=root
mode=0644

groups变量

group变量包括设备清单组内的全部主机,它同意我们同一时候訪问全部我们配置的主机,这是一个很强力的工具,让我们能够历遍组内的每一个主机并在上面应用操作。

---

- name: Configure the database

hosts: dbservers

user: root



tasks:

- name: Install mysql

yum: name={{ item }} state=installed

with_items:

- mysql-server

- MySQL-python

- name: Start mysql

service: name=mysqld state=started enabled=true

- name: Create a user for all app servers

with_items: groups.appservers

mysql_user: name=kate password=test host={{

hostvars.[item].ansible_eth0.ipv4.address }}

state=present

你甚至能够使用这个变量,创建一个known_hosts文件。包括全部这台主机已知的其它主机,然后应用给你的全部主机。这样当你使用ssh从一台机器登陆到另外一台的时候就不须要身份验证了。

它也能够处理在服务断开或则因更新时被替换时,用来移除主机。以下是known_hosts文件模板的代码:

{% for host in groups['all'] %}

{{ hostvars[host]['ansible_hostname'] }}

{{hostvars[host]['ansible_ssh_host_key_rsa_public'] }}

{% endfor %}

在playbook中能够这样使用这个模板:

---

hosts: all

tasks:

- name: Setup known hosts

    hosts: all

    tasks:

    - name: Create known_hosts

    template: src=templates/known_hosts.j2

    dest=/etc/ssh/ssh_known_hosts owner=root group=root mode=0644

The group_names variable
The group_names variable contains a list of strings with the names of all the
groups the current host is in. This is not only useful for debugging, but also for
conditionals detecting group membership. This was used in the last chapter to
set up a nameserver.
This variable is mostly useful for skipping a task or in a template as a condition. For
instance, if you had two configurations for the SSH daemon, one secure and one less
secure, but you only wanted the secure configuration on the machines in the secure
group, you would do it like this:
- name: Setup SSH
hosts: sshservers
tasks:
- name: For secure machines
set_fact: sshconfig=files/ssh/sshd_config_secure
when: "'secure' in group_names"
- name: For non-secure machines
set_fact: sshconfig=files/ssh/sshd_config_default
when: "'secure' not in group_names"
- name: Copy over the config
copy: src={{ sshconfig }} dest=/tmp/sshd_config
In the previous example, we used the set_fact module to set the fact
for each case, and then used the copy module. We could have used
the copy module in place of the set_facts modules and used one
fewer task. The reason this was done is that the set_fact module
runs locally and the copy module runs remotely. When you use the
set_facts module first and only call the copy module once, the copies
are made on all the machines in parallel. If you used two copy modules
with conditions, then each would execute on the relevant machines
separately. Since copy is the longer task of the two, it benefits the most
from running in parallel.

group_names变量

group_names是一个关于当前主机属于哪些组的。以及这些组名相加所得到的字符串列表的变量。

它不只用来debugging,也能够用来作为推断组成员的条件。上一章关于dns配置的样例中我们使用过。这个变量在用来跳过一些任务的运行或作为模板的条件的时候很实用。

比方你有2个ssh的配置,一个安全等级比較高、还有一个略微低一些。

以下的样例展示怎样在高安全等级的组设备来使用高安全等级的配置:

- name: Setup SSH

hosts: sshservers

tasks:

- name: For secure machines

set_fact: sshconfig=files/ssh/sshd_config_secure

when: "'secure' in group_names"

- name: For non-secure machines

set_fact: sshconfig=files/ssh/sshd_config_default

when: "'secure' not in group_names"

- name: Copy over the config

copy: src={{ sshconfig }} dest=/tmp/sshd_config

在上述样例中,我们在2个条件中分别设置fact然后再部署一个copy,这样做的原因是由于set_fact是在本地执行,而copy是在远程执行。当执行时,copy模块是并行执行的。否则当我们在2个条件中分别使用copy,那么它将单独执行。假设copy模块执行的时间较长的话,并行执行的性能将会更好一些!

The inventory_hostname variable
The inventory_hostname variable stores the hostname of the server as recorded in
the inventory. You should use this if you have chosen not to run the setup module
on the current host, or if for various reasons the value detected by the setup module
is not correct. This is useful when you are doing the initial setup of the machine and
changing the hostname. The inventory_hostname_short variable
The inventory_hostname_short variable is the same as the previous variable;
however, it only includes the characters up to the first dot. So for host.example.
com , it would return host .

inventory_hostname变量

inventory_hostname变量保存了在设备配置清单中server的主机名,当你选择不使用setup模块或则由于其它原因setup模块不能执行的时候,这非常实用。

另外,当你正在初始化一个台主机并改动它的hostname的时候也非常实用。

inventory_hostname_short变量

inventory_hostname_short变量跟inventory_hostname一样,仅仅是去掉域名。比方inventory_hostname 是host.example 那么inventory_hostname_short就是 host

The inventory_dir variable
The inventory_dir variable is the path name of the directory containing the
inventory file.
The inventory_file variable
The inventory_file variable is the same as the previous one, except it also includes
the filename.

inventory_dir

inventory_dir是设备清单文件的路径

inventory_file

inventory_file是设备清单文件的文件名称

Ansible@一个高效的配置管理工具--Ansible configure management--翻译(五)的更多相关文章

  1. Ansible@一个高效的配置管理工具--Ansible configure management--翻译(一)

    未经书面许可,请勿转载 ---      Ansible is the simplest way to automate apps and IT infrastructure 这是Ansible官方站 ...

  2. Ansible@一个高效的配置管理工具--Ansible configure management--翻译(三)

    未经书面许可.请勿转载 一张图简单概括 Simple Playbooks Ansible is useful as a command-line tool for making small chang ...

  3. Ansible@一个高效的配置管理工具--Ansible configure management--翻译(十一)

    无书面授权,请勿转载 第五章 自己定义模块 Using a module Now that we have written our very first module for Ansible, we ...

  4. Ansible@一个高效的配置管理工具--Ansible configure management--翻译(八)

    如无书面授权,请勿转载 第四章,大型项目中Ansible的使用 Roles If your playbooks start expanding beyond what includes can hel ...

  5. Ansible@一个高效的配置管理工具--Ansible configure management--翻译(七)

    如无书面授权,请勿转载 Larger Projects Until now, we have been looking at single plays in one playbook file. Th ...

  6. Ansible@一个有效的配置管理工具--Ansible configure management--翻译(四)

    不要未经书面许可转载 第三章是长,因为,我会分几个部分来翻译. Advanced Playbooks So far the playbooks that we have looked at are s ...

  7. Ansible@一个有效的配置管理工具--Ansible configure management--翻译(十二)

    如果没有书面授权,请勿转载 第五章 自己定义模块 External inventories In the first chapter we saw how Ansible needs an inven ...

  8. Ansible@一个有效的配置管理工具--Ansible configure management--翻译(十)

    未经书面许可,.请勿转载 Custom Modules Until now we have been working solely with the tools provided to us by A ...

  9. Ansible 运维自动化 ( 配置管理工具 )

    背景 出差背景,要搞项目的自动化部署.因为只直接对接生产分发,机器又非常多,这样以往使用的bat只能作为应急方案了,还是得考虑使用专业化的工具来做这个事情! 当下有许多的运维自动化工具( 配置管理 ) ...

随机推荐

  1. hdu 5063(思路题-反向操作数组)

    Operation the Sequence Time Limit: 3000/1500 MS (Java/Others)    Memory Limit: 32768/32768 K (Java/O ...

  2. 正则表达式之Regex.Matches()用法

    //提取字符串中至少连续7位的数字 string txt = "www17736123780eeeee 7377091 ddddsssss7777777"; //找到的成功匹配的集 ...

  3. Java IO 学习(六)Java的Direct Memory与IO

    ByteBuffer的源码中有这样一段注释: A byte buffer is either direct or non-direct. Given a direct byte buffer, the ...

  4. UVA10305 Ordering Tasks (拓扑序列)

    本文链接:http://www.cnblogs.com/Ash-ly/p/5398586.html 题意: 假设有N个变量,还有M个二元组(u, v),分别表示变量u 小于 v.那么.所有变量从小到大 ...

  5. UVA 10369 - Arctic NetWork (求最小生成树)

    题意: 在南极有  N  个科研站,要把这些站用卫星和无线电连接起来,是的任意两个之间都能互相通信,如果其中任意的一个地方安装了卫星,那么就可以和其他安装卫星的互相通信,和距离没有关系,但是安装无线电 ...

  6. Python的程序结构[2] -> 类/Class[5] -> 内建类 bytes 和 bytearray

    内建类 bytes 和 bytearray / Built-in Type bytes and bytearray 关于内建类 Python的内建类 bytes 主要有以下几点: class byte ...

  7. H. Fake News (medium)

    H. Fake News (medium) 题意 以前是给出 S T 串,问在 S 中有多少个子串为 T 的个数,子串可以不连续,保持位置相对一致. 现在给出 n ,要你构造 S T 串. 分析 这种 ...

  8. HashMap和Hashtable 线程安全性

    HashMap和Hashtable的比较是Java面试中的常见问题,用来考验程序员是否能够正确使用集合类以及是否可以随机应变使用多种思路解决问题.HashMap的工作原理.ArrayList与Vect ...

  9. Closest Binary Search Tree Value -- LeetCode

    Given a non-empty binary search tree and a target value, find the value in the BST that is closest t ...

  10. Array方法介绍

    Array 是抽象基类,抽象基类不能创建它的对象 定义的数组: int[,] myArr4=new int[2,3]{{1,2,3},{4,5,6}}; int[, ,] myArr3 = new i ...