需先準備好 Control Machine 與 Managed Node
- 官方範例 - ansible/ansible-examples
tasks & block
任務與區塊處理
---
- name: 初始化執行
hosts: sample
tasks:
- name: 執行 task 的名稱
block:
- name: 故意出錯
ansible.builtin.command: /bin/false
- name: 若輸出此行代表錯誤
ansible.builtin.debug:
msg: '上訴的描述失敗,此段從未執行 :('
rescue:
- name: 若錯誤執行
ansible.builtin.debug:
msg: '抓取失敗,可除錯失敗 :)'
var - 變數
有 Variable 分層級,常用的層級
- group_var/all
- group_var/*
- host_vars/all
- host_vars/*
- 執行的 yml 中寫入
var: - 終端機執行
ansible-playbook -e
group_var/all & group_var/* & host_vars/all & host_vars/*
ansible 的格式是使用 ini ,若用 yml 撰寫亦可
whoami: "myname"
於 playbook 中使用 {{ whoami }} 即可呼叫使用
執行的 yml 中寫入 var:
---
- name: 測試執行
hosts: sample
vars:
whoami: "in_yaml"
tasks:
- debug:
msg: "測試debug: {{ whoami }}"
debug - 偵錯使用
---
- name: 測試執行
hosts: sample
tasks:
- debug:
msg: "測試debug: {{ whoami }}"
when - 條件句
下方範例都會用到,可直接往下看 常用來判斷的條件
ansible_facts['distribution']- 判斷是 Alpine/Windows/Debian/Ubuntu 等…ansible_facts['distribution_major_version']- 判斷版本
---
- name: 測試 when
hosts: sample
tasks:
- name: 關閉 CentOS 6 系統
command: /sbin/shutdown -t now
when:
- ansible_facts['distribution'] == "CentOS"
- ansible_facts['distribution_major_version'] == "6"
match/search/regex - 字串驗證器
---
- name: 測試 match/search/regex
hosts: sample
vars:
url: "https://example.com/users/foo/resources/bar"
tasks:
- debug:
msg: "match 為從頭開始確認匹配,可以使用 .* 字號去替換是否匹配"
when: url is match("https://example.com/users/.*/resources")
- debug:
msg: "search 為字串中有匹配到即可"
when: url is search("users/.*/resources/.*")
- debug:
msg: "regex 為使用正則表達式匹配"
when: url is regex("example\.com/\w+/foo")
truthy/falsy - true/false
---
- name: 測試 truthy/falsy
hosts: sample
vars:
value1: "非空值"
value2: ""
tasks:
- debug:
msg: "Truthy"
when: value1 is truthy
- debug:
msg: "Falsy"
when: value2 is falsy
version - 版本比較
---
- name: 測試 version
hosts: sample
vars:
version: "2.1.0"
tasks:
- debug:
msg: "version > 1.0.0"
when: version is version('1.0.0', '>')
loop - 迴圈
範例1
---
- name: 測試 loop
hosts: sample
tasks:
- debug:
msg: "員工:{{ item.name }},職位:{{item.groups}}"
loop:
- { name: 'fred', groups: 'developer' }
- { name: 'mark', groups: 'designer' }
範例2
---
- name: 測試 loop
hosts: sample
tasks:
- name: 顯示清單中的所有主機
ansible.builtin.debug:
msg: "{{ item }}"
loop: "{{ query('inventory_hostnames', 'all') }}"
- name: 顯示清單中的所有主機,除了 www 清單以外的
ansible.builtin.debug:
msg: "{{ item }}"
loop: "{{ query('inventory_hostnames', 'all:!www') }}"
範例3
---
- name: 測試 loop
hosts: sample
tasks:
- name: 對目標機,添加多名用戶,且群組給予 root
user:
name: "{{ item.name }}"
state: present
groups: "{{ item.groups }}"
loop:
- { name: 'testuser1', groups: 'root' }
- { name: 'testuser2', groups: 'root' }
handler - 處理程序
- 通知
---
- name: 測試 handler
hosts: sample
tasks:
- name: 通知 handler
ansible.builtin.command: echo "執行中"
notify:
- 執行ㄧ
- 執行二
handlers:
- name: 執行ㄧ
debug:
msg: "執行ㄧ: 通知型執行中"
- name: 執行二
debug:
msg: "執行二: 通知型執行中"
environment - 定義目標機環境變數
環境變數要特別注意,會改變目標機的環境,所以要小心使用,使用的好可以非常彈性
---
- name: 測試 environment
hosts: sample
tasks:
- name: 測試 environment
vars:
account: 'sql_account'
ansible.builtin.command: echo $SQL_AC
environment:
SQL_AC: "{{ account }}"
register: echo_out
- debug:
msg: "{{ echo_out.stdout }}"
import_playbook&include_tasks 入門重複使用 playbook
範例一:直接暴力
---
- import_playbook: sample.yml
範例二:某 handler 使用某 yml
# restarts.yml
- name: Restart apache
ansible.builtin.service:
name: apache
state: restarted
- name: Restart mysql
ansible.builtin.service:
name: mysql
state: restarted
---
- name: 觸發包含 yml
hosts: sample
handlers:
- name: Restart services
include_tasks: restarts.yml
tasks:
- command: "true"
notify: Restart apache
- command: "true"
notify: Restart mysql
roles & tags - 進階重複使用 playbook
需使用 資料夾架構 > 進階架構 於
roles/common/tasks底下的資料為入口
# roles/common/tasks/main.yml
---
- name: 測試
debug:
msg:
- "可執行 roles/common"
# site.yml
---
- hosts: sample
roles:
- role: common
Modules
Modules 總覽 - 連結 獨立篇章談論 Modules