Ansible流程控制
变量定义位置
- 命令行
- -e '变量名=变量值'
- play中
- vars
## 变量的定义阶段
- hosts: all
vars:
变量名: 变量值
变量名:
- 变量值1
- 变量值2
tasks:
## 变量的调用阶段
tasks:
- name: 任务名{{ 变量名 }}
file:
path: /root/{{ 变量名 }}
owner: "{{ 变量名 }}"
- vars_files
- hosts: all
vars_files: ./vars_file1.yml
vars_files:
- ./vars_file2.yml
- ./vars_file3.yml
vars_file1.yml
变量名: 变量值
变量名:
- 变量值1
- 变量值2
## 层级变量定义阶段
jiagou:
- lnmp:
pkg:
- nginx
- php
- mysql
- lamp:
pkg:
- httpd
- php
- mysql
- lamt:
pkg:
- httpd
- tomcat
- mysql
## 层级变量调用阶段
- hosts: web_group
tasks:
- name: 安装lamt
yum:
name: "{{ jiagou.lamt.pkg }}"
- inventory中
- inventory文件
[主机或主机组:vars]
变量名=变量值
- host_vars
和yml文件在同一层级目录下创建host_vars目录
创建主机名文件
web01
变量名: 变量值
- group_vars
和yml文件在同一层级目录下创建group_vars目录
创建主机标签名文件
web_group
变量名: 变量值
优先级
1.命令行
2.play
vars_files
vars
3.inventory
host_vars
group_vars
hosts
变量注册
当absible的模块在运行之后,其实都会返回一些result结果,就像是执行脚本,我们有的时候需要脚本给我们一些return返回值,我们才知道,上一步是否可以执行成功,但是...默认情况下,ansible的result并不会显示出来,所以,我们可以把这些返回值'存储'到变量中,这样我们就能通过'调用'对应的变量名,从而获取到这些result,这种将模块的返回值,写入到变量中的方法被称为变量注册
- hosts: web_group
tasks:
- name: 查看nginx目录
shell: "ls -l /etc/nginx"
register: xxx
- name: 获取注册的变量值 nginx目录返回记过
debug:
msg: "{{ xxx }}"
只需要打印详细的结果
- hosts: web_group
tasks:
- name: 查看nginx目录
shell: "ls -l /etc/nginx"
register: xxx
- name: 获取注册的变量值 nginx目录返回记过
debug:
msg: "{{ xxx.stdout_lines }}"
利用变量注册做判断
- hosts: web_group
tasks:
- name: 查看nginx目录
shell: "ls -l /etc/nginx"
register: xxx
- name: 获取注册的变量值 nginx目录返回结果
debug:
msg: "{{ xxx.stdout_lines }}"
- name: 安装nginx和php
shell: cd /opt && rpm -Uvh *.rpm
when: xxx.rc != 0
facts缓存
Ansible facts是在被管理追击上通过Ansible自动采集发现的变量。facts包含每台特定的主机信息。比如:被控端的主机名、IP地址、系统版本、CPU数量、内存状态、磁盘状态等等。
facts缓存应用场景
- 根据主机CPU,设置nginx配置文件,cpu亲和
- 根据内存,配置MySQL的配置文件
- 根据IP地址,配置redis配置文件
关闭facts缓存
- hosts: rsync_nfs
gather_facts: False ## 关闭facts缓存
tasks:
- name: 安装rsync和nfs服务
yum:
name:
- rsync
- nfs-utils
state: present
- name: 创建目录
file:
path: /tmp/{{ ansible_memtotal_mb }}
state: directory
条件语句(判断)
当满足什么条件时,就执行哪些tasks
when 当....时
ansible获取主机名
## 主机名中,不包含'.' 没有区别
ansible_hostname # 包含'.' 只显示第一个'.'前面的名字
ansible_fqdn # 包含'.' 显示完整的主机名
不管是shell还是各大编程语言中,流程控制,条件判断这些都是必不可少的,在我们使用Ansible的过程中,条件判断的使用频率极其高。 例如: 1.我们使用不同的系统的时候,可以通过判断系统来对软件包进行安装。
centos安装apache: yum install -y httpd
unbuntu安装apache: apt-get install apache2
tasks:
- name: "shut down Debian flavored systems"
command: /sbin/shutdown -t now
when: ansible_facts['os_family'] == "Debian"
tasks:
- name: "shut down Debian flavored systems"
command: apt-get install apache2
when: ansible_os_family == "Ubuntu"
- hosts: rsync_nfs
tasks:
- name: 创建目录
file:
# path: /opt/{{ ansible_default_ipv4.address }} ## setup模块,看到什么名字就使用什么名字
path: /usr/local/{{ ansible_facts['default_ipv4']['address'] }} ## 官方写法
state: directory
2.在nfs和rsync安装过程中,客户端服务器不需要推送配置文件,之前我们都是写多个play,会影响效率。
- hosts: rsync_nfs
tasks:
- name: 安装rsync和nfs服务
yum:
name:
- rsync
- nfs-utils
state: present
- name: 推送rsync配置文件
template:
src: /root/wordpress_ansible/rsync/rsyncd.conf
dest: /etc
when: ansible_hostname == 'backup'
## 多条件判断
- hosts: rsync_nfs
tasks:
- name: 安装rsync和nfs服务
yum:
name:
- rsync
- nfs-utils
state: present
when: ansible_hostname == 'backup' or ansible_hostname == 'nfs'
- name: 推送rsync配置文件
template:
src: /root/wordpress_ansible/rsync/rsyncd.conf
dest: /etc
when: ansible_hostname == 'backup'
3.我们在源码安装nginx的时候,执行第二遍就无法执行了,此时我们就可以进行判断是否安装过。
- hosts: web_group
tasks:
- name: 查看nginx目录
shell: "ls -l /etc/nginx"
register: xxx
- name: 判断是否安装nginx
shell: 'cd /opt && rpm -Uvh *.rpm'
when: xxx.rc != 0
# - name: 获取注册的变量值 nginx目录返回记过
# debug:
# msg: "{{ xxx }}"
## 判断中的且或非
and
or
!
## 不使用and的多条件
tasks:
- name: "shut down CentOS 6 systems"
command: /sbin/shutdown -t now
when:
- ansible_facts['distribution'] == "CentOS"
- ansible_facts['distribution_major_version']|int == 6
## 模糊匹配
- hosts: all
tasks:
- name: 推送nginx虚拟主机配置文件
copy:
src: /root/wordpress_ansible/nginx_php/blog.zls.com.conf
dest: /etc/nginx/conf.d
# when: ansible_hostname == 'web01' or ansible_hostname == 'web02'
when: ansible_hostname is match 'web*'
- name: 推送php配置文件
copy:
src: /root/wordpress_ansible/nginx_php/www.conf
dest: /etc/php-fpm.d
playbook循环语句
在之前的学习过程中,我们经常会有传送文件,创建目录之类的操作,创建2个目录就要写两个file模块来创建,如果要创建100个目录,我们需要写100个file模块???妈耶~~~~ 当然不是,只要有循环即可,减少重复性代码。
列表循环
## 启动多个服务
数据类型:列表
for 循环列表类型
- hosts: all
tasks:
- name: 启动nginx 和 php
service:
name: "{{ item }}"
state: stopped
# when: ansible_hostname == 'web01' or ansible_hostname == 'web02'
with_items:
- nginx
- php-fpm
when: ansible_hostname is match 'web*'
字典循环
- hosts: all
tasks:
- name: 启动nginx 和 php
service:
name: "{{ item }}"
state: stopped
# when: ansible_hostname == 'web01' or ansible_hostname == 'web02'
with_items:
- nginx
- php-fpm
when: ansible_hostname is match 'web*'
- name: 推送nginx主配置文件、nginx虚拟主机配置文件和php配置文件
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- {src: "/root/wordpress_ansible/nginx_php/blog.zls.com.conf",dest: "/etc/nginx/conf.d"}
- {src: "/root/wordpress_ansible/nginx_php/nginx.conf",dest: "/etc/nginx"}
when: ansible_hostname is match 'web*'
主机名 | WanIP | LanIP | 角色 | 应用 |
m01 | 10.0.0.61 | 172.16.1.61 | ansible管理机 | ansible |
web01 | 10.0.0.7 | 172.16.1.7 | 作业网站 | httpd、php、nfs |
web02 | 10.0.0.8 | 172.16.1.8 | 作业网站 | httpd、php、nfs |
nfs | 10.0.0.31 | 172.16.1.31 | 共享存储 | nfs、rsync |
backup | 10.0.0.41 | 172.16.1.41 | 实时同步备份 | nfs、rsync |
db01 | 10.0.0.51 | 172.16.1.51 | 数据库 | MariaDB、MySQL-python |
不加循环(01)
- hosts: all
tasks:
- name: 创建{{ user_group }}组
group:
name: "{{ user_group }}"
gid: "{{ www_id }}"
- name: 创建www用户
user:
name: "{{ user_group }}"
group: "{{ www_id }}"
uid: "{{ www_id }}"
shell: /sbin/nologin
create_home: False
- name: 安装rsync和nfs
yum:
name:
- nfs-utils
- rsync
state: present
when: ansible_hostname == backup_dir or ansible_hostname == 'nfs'
- name: 推送rsync配置文件
copy:
src: /root/wordpress_ansible/rsync/rsyncd.conf
dest: /etc
when: ansible_hostname == backup_dir
- name: 创建密码文件
copy:
content: 'rsync_bacup:123'
dest: /etc/rsync.passwd
mode: 0600
when: ansible_hostname == backup_dir or ansible_hostname == 'nfs'
- name: 创建backup备份目录
file:
path: /{{ backup_dir }}
owner: "{{ user_group }}"
group: "{{ user_group }}"
mode: 0755
state: directory
when: ansible_hostname == backup_dir
- name: 启动rsync服务
service:
name: rsyncd
state: started
enabled: True
when: ansible_hostname == backup_dir
- name: 创建nfs配置文件
copy:
content: /{{ nfs_dir }} 172.16.1.0/24(rw,sync,anonuid={{ www_id }},anongid={{ www_id }},all_squash)
dest: /etc/exports
when: ansible_hostname == 'nfs'
- name: 创建data目录
file:
path: /{{ nfs_dir }}
owner: "{{ user_group }}"
group: "{{ user_group }}"
mode: 0755
state: directory
when: ansible_hostname == 'nfs'
- name: 推送用户数据
unarchive:
src: /root/wordpress_ansible/nfs/2022.tgz
dest: /{{ nfs_dir }}
owner: "{{ user_group }}"
group: "{{ user_group }}"
when: ansible_hostname == 'nfs'
- name: 启动nfs服务
service:
name: nfs
state: started
enabled: True
when: ansible_hostname == 'nfs'
- name: 解压nginx和php到web端
unarchive:
src: /root/wordpress_ansible/nginx_php/nginx_php.tgz
dest: /{{ software_dir }}
- name: 安装nginx和php
shell: cd /{{ software_dir }} && yum localinstall -y *.rpm
when: ansible_hostname is match 'web*'
- name: 推送nginx主配置文件
copy:
src: /root/wordpress_ansible/nginx_php/nginx.conf
dest: /etc/nginx
when: ansible_hostname is match 'web*'
- name: 推送nginx虚拟机配置文件
copy:
src: /root/wordpress_ansible/nginx_php/blog.wjh.com.conf
dest: /etc/nginx/conf.d
when: ansible_hostname is match 'web*'
- name: 推送PHP配置文件
copy:
src: /root/wordpress_ansible/nginx_php/www.conf
dest: /etc/php-fpm.d
when: ansible_hostname is match 'web*'
- name: 启动nginx服务
service:
name: nginx
state: started
enabled: True
when: ansible_hostname is match 'web*'
- name: 启动php服务
service:
name: php-fpm
state: started
enabled: True
when: ansible_hostname is match 'web*'
- name: 创建站点目录
file:
path: /{{ code_dir }}
owner: "{{ user_group }}"
group: "{{ user_group }}"
mode: 0755
state: directory
when: ansible_hostname is match 'web*'
- name: 部署wordpress代码
unarchive:
src: /root/wordpress_ansible/wordpress/wordpress.tgz
dest: /{{ code_dir }}
owner: "{{ user_group }}"
group: "{{ user_group }}"
when: ansible_hostname is match 'web*'
- name: 挂载nfs
mount:
src: 172.16.1.31:/{{ nfs_dir }}
path: /{{ code_dir }}/wordpress/wp-content/uploads
fstype: nfs
state: mounted
when: ansible_hostname is match 'web*'
- name: 安装数据库和连接插件
yum:
name:
- mariadb-server
- MySQL-python
state: present
when: ansible_hostname is match 'db01'
- name: 推送数据库的配置文件
copy:
src: /root/wordpress_ansible/mariadb/my.cnf
dest: /etc
when: ansible_hostname is match 'db01'
- name: 启动数据库
service:
name: mariadb
state: started
enabled: True
when: ansible_hostname is match 'db01'
- name: 创建wordpress数据库
mysql_db:
name: wordpress
state: present
when: ansible_hostname is match 'db01'
- name: 创建wordpress_user用户
mysql_user:
name: wordpress_user
password: '123'
host: '%'
priv: '*.*:ALL'
state: present
when: ansible_hostname is match 'db01'
- name: 推送sql文件
copy:
src: /root/wordpress_ansible/mariadb/wp_ansible.sql
dest: /{{ software_dir }}
when: ansible_hostname is match 'db01'
- name: 导入数据
mysql_db:
name: wordpress
state: import
target: /{{ software_dir }}/wp_ansible.sql
when: ansible_hostname is match 'db01'
加入循环(02)
- hosts: all
tasks:
- name: 创建{{ user_group }}组
group:
name: "{{ user_group }}"
gid: "{{ www_id }}"
- name: 创建www用户
user:
name: "{{ user_group }}"
group: "{{ www_id }}"
uid: "{{ www_id }}"
shell: /sbin/nologin
create_home: False
- name: 安装rsync和nfs
yum:
name:
- nfs-utils
- rsync
state: present
when: ansible_hostname == backup_dir or ansible_hostname == 'nfs'
- name: 推送rsync配置文件
copy:
src: /root/wordpress_ansible/rsync/rsyncd.conf
dest: /etc
when: ansible_hostname == backup_dir
- name: 创建密码文件
copy:
content: 'rsync_bacup:123'
dest: /etc/rsync.passwd
mode: 0600
when: ansible_hostname == backup_dir or ansible_hostname == 'nfs'
- name: 创建backup备份目录
file:
path: /{{ backup_dir }}
owner: "{{ user_group }}"
group: "{{ user_group }}"
mode: 0755
state: directory
when: ansible_hostname == backup_dir
- name: 启动rsync服务
service:
name: rsyncd
state: started
enabled: True
when: ansible_hostname == backup_dir
- name: 创建nfs配置文件
copy:
content: /{{ nfs_dir }} 172.16.1.0/24(rw,sync,anonuid={{ www_id }},anongid={{ www_id }},all_squash)
dest: /etc/exports
when: ansible_hostname == 'nfs'
- name: 创建data目录
file:
path: /{{ nfs_dir }}
owner: "{{ user_group }}"
group: "{{ user_group }}"
mode: 0755
state: directory
when: ansible_hostname == 'nfs'
- name: 推送用户数据
unarchive:
src: /root/wordpress_ansible/nfs/2022.tgz
dest: /{{ nfs_dir }}
owner: "{{ user_group }}"
group: "{{ user_group }}"
when: ansible_hostname == 'nfs'
- name: 启动nfs服务
service:
name: nfs
state: started
enabled: True
when: ansible_hostname == 'nfs'
- name: 解压nginx和php到web端
unarchive:
src: /root/wordpress_ansible/nginx_php/nginx_php.tgz
dest: /{{ software_dir }}
- name: 安装nginx和php
shell: cd /{{ software_dir }} && yum localinstall -y *.rpm
when: ansible_hostname is match 'web*'
- name: 推送nginx主配置文件,推送nginx虚拟机配置文件和PHP配置文件
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- {src: "/root/wordpress_ansible/nginx_php/blog.wjh.com.conf",dest: "/etc/nginx/conf.d"}
- {src: "/root/wordpress_ansible/nginx_php/nginx.conf",dest: "/etc/nginx"}
- {src: "/root/wordpress_ansible/nginx_php/www.conf",dest: "/etc/php-fpm.d"}
when: ansible_hostname is match 'web*'
- name: 启动 nginx 和 php
service:
name: "{{ item }}"
state: started
with_items:
- nginx
- php-fpm
when: ansible_hostname is match 'web*'
- name: 创建站点目录
file:
path: /{{ code_dir }}
owner: "{{ user_group }}"
group: "{{ user_group }}"
mode: 0755
state: directory
when: ansible_hostname is match 'web*'
- name: 部署wordpress代码
unarchive:
src: /root/wordpress_ansible/wordpress/wordpress.tgz
dest: /{{ code_dir }}
owner: "{{ user_group }}"
group: "{{ user_group }}"
when: ansible_hostname is match 'web*'
- name: 挂载nfs
mount:
src: 172.16.1.31:/{{ nfs_dir }}
path: /{{ code_dir }}/wordpress/wp-content/uploads
fstype: nfs
state: mounted
when: ansible_hostname is match 'web*'
- name: 安装数据库和连接插件
yum:
name:
- mariadb-server
- MySQL-python
state: present
when: ansible_hostname is match 'db01'
- name: 推送数据库的配置文件
copy:
src: /root/wordpress_ansible/mariadb/my.cnf
dest: /etc
when: ansible_hostname is match 'db01'
- name: 启动数据库
service:
name: mariadb
state: started
enabled: True
when: ansible_hostname is match 'db01'
- name: 创建wordpress数据库
mysql_db:
name: wordpress
state: present
when: ansible_hostname is match 'db01'
- name: 创建wordpress_user用户
mysql_user:
name: wordpress_user
password: '123'
host: '%'
priv: '*.*:ALL'
state: present
when: ansible_hostname is match 'db01'
- name: 推送sql文件
copy:
src: /root/wordpress_ansible/mariadb/wp_ansible.sql
dest: /{{ software_dir }}
when: ansible_hostname is match 'db01'
- name: 导入数据
mysql_db:
name: wordpress
state: import
target: /{{ software_dir }}/wp_ansible.sql
when: ansible_hostname is match 'db01'