当前位置：首页 > news >正文

Ansible 流程控制

news 来源：原创 2025/5/9 9:55:34

条件语句(判断)

当满足什么条件时，就执行那些tasks
when 当...时

ansible获取主机名

# 主机名中，不包含'.'没有区别
ansible_hostname  # 包含'.'只显示第一个'.'前面的名字
ansible_fqdn      # 包含'.'显示完整的主机名

不管是shell还是各大编程语言中，流程控制，条件判断这些都是必不可少的，在我们使用Ansible的过程中，条件判断的使用率极高。例如：

# 1.我们是有不同的系统的时候，可以通过判断系统来对软件包进行安装。centos安装apache：yum install iy httpd
unbuntu安装apache：apt-get install apache2- hosts: all tasks:- name: Debian command: /sbin/shutdown -t nowwhen: ansible_facts['os_family'] == "Debian"- name: ubuntucommand: apt-get install apache2when: ansible_os_family == "ubuntu" - hosts: backupstasks:- name: 创建目录file:path: /tmp/{{ ansible_facts['default_ipv4']['address'] }}state: directory
- hosts: backupstasks:- name: 创建目录file:# setup模块,看到什么名字就写什么名字# path: /opt/{{ ansible_default_ipv4.address }}# 官方写法path: /tmp/{{ ansible_facts['default_ipv4']['address'] }}state: directory- name: 下载yum:name: - rsync- nfs-utilsstate: present# 2.在nfs和rsync安装过程中，客户端服务器不需要推送配置文件，之前都是写多play，会影响效率- hosts: backupstasks:- name: 创建目录file:path: /tmp/{{ ansible_facts['default_ipv4']['address'] }}state: directory- name: 下载yum:name: - rsync- nfs-utilsstate: present- name: 推送rsync配置文件copy:src: /root/rsyncd.confdest: /etc/when: ansible_hostname == 'backup'# 多条件判断- name: 下载rsync和nfsyum:name: - rsync- nfs-utilsstate: presentwhen: ansible_hostname == 'backup' or ansible_hostname == 'nfs'- name: 推送rsync配置文件copy:src: /root/rsyncd.confdest: /etc/when: ansible_hostname == 'backup'# 3.我们在源码安装nginx得时候，执行第二遍就无法执行，此时我们就可以进行判断是否安装过。- hosts: webstasks:- name: 查看nginx目录shell: 'ls -l /etc/nginx'register: xxx- name: 判断nginx是否安装如果没有则安装yum:name: nginxwhen: xxx.rc !=0 # - name: 获取注册的变量 nginx目录返回记过
# debug:
#   msg: "{{ xxx }}"# 判断中的且或非
and
or
！# 不使用and的多条件
- name: "shut down Centos 6 systems"command: /sib/sutdown -t nowwhen:- ansible_facts['distribution'] == "centos" - ansible_facts['distribution_major_version']|int == 6  # 模糊匹配- hosts: alltasks:- name: 推送nginx虚拟主机配置文件copy:src: /etc/nginx/conf.d/wordpress.confdest: /etc/nginx/conf.d/when: ansible_hostname is match 'web*'- name: 推送php配置文件copy:src: /etc/php-fpm.d/www.confdest: /etc/php-fpm.dwhen: ansible_hostname is match 'web'

playbook循环语句

在之前的学习过程中，我们经常会用床上文件创建目录之类的操作，创建两个目录要写量个file模块，如果要创建100个目录就要写100个file模块 ，只要用循环即可，减少重复性的代码

列表循环

  - name: 启动nginx和phpservice:name: "{{ item }}"state: startedwith_items: - nginx- php-fpmwhen: ansible_hostname == 'web02'

字典循环

- name: 推送nginxz主配置文件、nginx虚拟主机配置文件和php配置文件配置文件copy:src: "{{ item.src }}"dest: "{{ item.dest }}"with_items:- {src: "/etc/nginx/nginx.conf",dest: /etc/nginx/}- {src:  "/etc/php-fpm.d/www.conf",dest: /etc/php-fpm.d}- {src: "/etc/nginx/conf.d/wordpress.conf",dest: /etc/nginx/conf.d/}when: ansible_hostname is match 'web*'

playbook handlers (触发器)

当修改完某个服务配置文件时，应该重启该服务

# handler 注意点
1.无论多少个task调用相同handler，只会在所有tasks执行完成后，触发一次handlers2.Handler只有在其所在任务被执行是，才会被运行；如果一个任务中定义了notify调用Handlers，但是由于条件判断等原因，该任务未被执行，那么Handlers同样不会被执行3.Handlers只会在每一个play的末尾行运行一次；如果想在playbook中间运行Handlers，则需要使用meta模块来实现。4.如果一个play在运行到调用Handlers的语句之前失败了，那么这个Handlers将不会被执行。我们可以使用meta模块的--force-handlers选项来强制执行Handlers，即使Handlers所在的play中途运行失败也能执行5.不能使用handlers来代替tasks- hosts: alltasks:- name: 推送nginxz主配置文件copy:src: "{{ item.src }}"dest: "{{ item.dest }}"with_items:- {src: "/etc/nginx/nginx.conf",dest: "/etc/nginx/"}notify: qqqwhen: ansible_hostname is match "web*"handlers:- name: qqqservice:name: nginxstate: restartedenabled: truewhen: ansible_hostname is match "web*"

ansible任务标签

默认情况下，Ansible在执行一个playbook时，会执行play中定义中的所有任务，Ansible的标签(tag)功能可以给单独任务甚至整个playbook打上标签，然后利用这些标签来指定要运行playbook中的个别任务，或不执行指定的任务。

打标签的方式

# 对一个task打一个tag
- hosts: alltasks:- name: 推送nginxz主配置文件copy:src: "{{ item.src }}"dest: "{{ item.dest }}"with_items:- {src: "/etc/nginx/nginx.conf",dest: "/etc/nginx/"}notify: qqqwhen: ansible_hostname is match "web*"tags: nginx_conf- name: 创建站点目录file:path: /movie/state: directoryowner: "{{ user }}"group: "{{ user }}"when: ansible_hostname is match "web*tags: mkdir_nginx_dir# 对一个task打多个tag- name: 推送nginxz主配置文件copy:src: "{{ item.src }}"dest: "{{ item.dest }}"with_items:- {src: "/etc/nginx/nginx.conf",dest: "/etc/nginx/"}notify: qqqwhen: ansible_hostname is match "web*"tags: - nginx_conf- send_nginx_conf# 对多个task打一个tag- name: 推送nginxz主配置文件copy:src: "{{ item.src }}"dest: "{{ item.dest }}"with_items:- {src: "/etc/nginx/nginx.conf",dest: "/etc/nginx/"}notify: qqqwhen: ansible_hostname is match "web*"tags: nginx_conf- name: 创建站点目录file:path: /movie/state: directoryowner: "{{ user }}"group: "{{ user }}"when: ansible_hostname is match "web*"tags: nginx_conf

打完标签如何使用

# -t:执行指定的tag标签任务
# --skip-tags： 执行--skip-tags之外的标签任务[root@m01 ansible]# ansible-playbook 1.yml -t "nginx_conf"
[root@m01 ansible]# ansible-playbook 1.yml -t "nginx_conf"

playbook的复用

在之前写playbook的过程中，我们发现，写多个playbook没有办法，一键执行，这样我们还要单个playbook挨个去执行，很鸡肋。所以在playbook中有一个功能，叫做include用来动态调用task任务列表。

只调用task：include_tasks
调用整个task文件：include （新版本：import_playbook）

优化作业

# 创建www用户
- hosts: alltasks:- name: group "{{ user }}"group:name: "{{ user }}"gid: "{{ id }}"- name: useradd "{{ user }}"user:name: "{{ user }}"uid: "{{ id }}"group: "{{ id }}"shell: /sbin/nologincreate_home: false
# 下载nfs和rsync- name: 下载nfs和rsyncyum:name: nfs-utils,rsyncwhen: ansible_hostname == 'nfs' or ansible_hostname == 'backup'
# 配置nfs服务- name: 配置nfscopy:dest: /etc/exportscontent: "/data 172.16.1.0/24(rw,sync,anonuid=666,anongid=666,all_squash)"when: ansible_hostname == 'nfs'- name: 创建共享目录file:path: /dataowner: "{{ user }}"group: "{{ user }}"state: directorywhen: ansible_hostname == 'nfs' - name: 启动服务并加入开机自启service:name: nfsstate: startedenabled: truewhen: ansible_hostname == 'nfs' # 客户端下载nfs- name: 客户端下载nfsyum:name: nfs-utilswhen: ansible_hostname is match "web*"
# 部署rsync配置- name: 部署rsynccopy:src: /root/rsyncd.confdest: /etc/when: ansible_hostname == 'backup' - name: 创建服务端的密码文件copy:dest: /etc/rsync.passmode: 0600content: "rsync_backup:123"when: ansible_hostname == 'backup' - name: 创建备份目录file:path: /backupowner: "{{ user }}"group: "{{ user }}"state: directorywhen: ansible_hostname == 'backup' - name: 启动rsync并加入到开机自启service:name: rsyncdstate: startedenabled: yeswhen: ansible_hostname == 'backup' 
# 部署wordpress- name: 将nginx和php压缩包解压至客户端unarchive:src: /root/phpnginx/nginx_php.tgzdest: /opt/when: ansible_hostname is match "web*"- name: 判断是否安装nginxshell: "ls -l /etc/nginx"register: xxxwhen: ansible_hostname is match "web*"ignore_errors: yes- name: 安装nginx和phpshell: "cd /opt/ && rpm -Uvh *.rpm"when: (ansible_hostname is match "web*") and xxx.rc != 0- name: 推送nginxz主配置文件、nginx虚拟主机配置文件和php配置文件配置文件copy:src: "{{ item.src }}"dest: "{{ item.dest }}"with_items:- {src: "/etc/nginx/nginx.conf",dest: "/etc/nginx/"}- {src:  "/etc/php-fpm.d/www.conf",dest: "/etc/php-fpm.d/"}- {src: "/etc/nginx/conf.d/wordpress.conf",dest: "/etc/nginx/conf.d"}when: ansible_hostname is match "web*"- name: 创建站点目录file:path: /movie/state: directoryowner: "{{ user }}"group: "{{ user }}"when: ansible_hostname is match "web*"- name: 将压缩包解压到站点目录unarchive:src: /root/wordpress/wordpress.tgzdest: /movie/group: "{{ user }}"owner: "{{ user }}"when: ansible_hostname is match "web*"- name: 启动nginxservice:name: "{{ item }}"state: startedenabled: truewith_items: - nginx- php-fpmwhen: ansible_hostname is match "web*"
# 部署数据库- name: 下载mysqlyum:name: mariadb-serverwhen: ansible_hostname == 'db01'- name: 启动mysql并加入开机自启service:name: mariadbstate: startedenabled: Truewhen: ansible_hostname == 'db01'- name: 修改配置文件copy: src: /etc/my.cnfdest: /etc/when: ansible_hostname == 'db01'- name: 安装数据库需要的模块yum:name: MySQL-pythonwhen: ansible_hostname == 'db01'- name: 创建wordpress用户mysql_user:name: wppassword: "123"host: "172.16.1.%"priv: "*.*:ALL"state: presentwhen: ansible_hostname == 'db01'- name: 创建wordpress库mysql_db: name: wordpressstate: presentwhen: ansible_hostname == 'db01'- name: 将数据cp到db01copy:src: /root/wordpress/wordpress.sqldest: /opt when: ansible_hostname == 'db01'- name: 将数据导入数据库mysql_db: name: wordpresstarget: /opt/wordpress.sqlstate: importwhen: ansible_hostname == 'db01'
- hosts: webstasks:- name: nfs挂载目录mount:path: /movie/wordpress/wp-content/uploadssrc: 172.16.1.31:/datafstype: nfsstate: mountedwhen: ansible_hostname is match "web*"