day050-ansible剧本与变量
文章目录
- 0. 老男孩思想-人性十大需求
- 1. ansible playbook(剧本)
- 1.1 ansible剧本基本格式
- 1.2 编写测试剧本
- 1.3 执行剧本
- 2. ansible部署rsync服务
- 2.1 更改文件行内容-lineinfile模块
- 2.2 定时任务-cron模块
- 2.3 编写rsync服务端剧本
- 2.4 添加rsync服务端配置文件
- 2.5 执行服务端剧本
- 2.6 编写rsync客户端剧本
- 2.7 添加备份脚本
- 2.8 执行客户端剧本
- 3. ansible批量创建用户
- 3.1 编写剧本
- 3.2 执行剧本
- 4. ansible变量
- 5. 分组变量
- 5.1 变量文件命名规则
- 5.2 分组变量的目录结构
- 5.3 编写全局变量文件
- 5.4 编写添加用户和创建目录剧本
- 5.5 执行剧本并测试
- 6. facts变量
- 6.1 setup模块-收集主机信息
- 6.2 常用facts变量
- 6.3 debug模块
- 6.4 编写剧本输出facts变量
- 6.5 关闭facts获取主机信息功能
- 6.5.1 彻底关闭facts
- 6.5.2 临时关闭或启用facts
- 7. template模块
- 7.1 模块参数
- 7.2 编写模版文件和测试剧本
- 7.3 执行并测试结果
- 8. register注册变量
- 8.1 编写测试剧本
- 8.2 执行
- 8.3 修改测试剧本并测试
- 9. 思维导图
0. 老男孩思想-人性十大需求
1.生理需求:生存、生活、性
2.物质需求:金钱、豪车、豪宅、艺术品……
3.健康需求:运动、饮食、心理健康……
4.情感(关系)需求:爱情、友情、亲情、朋友、兄弟、同学……
与他人交流,有了较近的关系,双方才会有较强的情感
5.尊重/认可需求:每个人都需要被他人尊重、认可,同时需要对别人有价值。因此对待长辈、领导、老板时,要有素养、礼貌,体现对方对于自己的重要性。
6.赞美和鼓励:当感受到他人的理解、支持或鼓励时,会更有动力,更有自信; 每一个成功的男人背后 ,都少不了一个默默支持他的妻子
7.成长需求:不断向上攀登、不断发展、不断提高精神境界的需求;人向高处走,向来如此。
8.形象需求:不仅仅是自身的形象,如自己的外貌、穿着打扮等;还有自己展现的形象,就是自己在别人心中的形象,如善良、勇敢、勇于承担等
9.自由需求:越努力越自由;人们不断的学习、努力工作,就是获得更多的机会、更多的物质条件,由此决定自己的选择,如去旅游、跳槽、做自己喜欢的事等。
10.好奇需求:与空心病(本质是价值观缺陷)相反,对新奇事物有着好奇心,有着活力。因为好奇,才有探索、创造的精神和自信。
1. ansible playbook(剧本)
1.1 ansible剧本基本格式
1.2 编写测试剧本
[root@m02 ~]# mkdir -p /server/ans/playbooks/
[root@m02 ~]# cd /server/ans/playbooks/
[root@m02 /server/ans/playbooks]# cat 01.test.yml
- hosts: alltasks:- name: 01.打开冰箱门shell: echo 01.open >/tmp/lidao.txt- name: 02.大象放进去shell: echo 02.put >>/tmp/lidao.txt- name: 03.关门shell: echo 03.close >>/tmp/lidao.txt
1.3 执行剧本
[root@m02 /server/ans/playbooks]# ansible-playbook -i /etc/ansible/hosts 01.test.yml
……# 明确要执行任务的客户机清单
PLAY [all] ******************************************************************************************************# 收集客户机的基本信息
TASK [Gathering Facts] ******************************************************************************************
ok: [172.16.1.9]
ok: [172.16.1.7]
ok: [172.16.1.8]
ok: [172.16.1.5]
ok: [172.16.1.6]
ok: [172.16.1.51]
ok: [172.16.1.31]
ok: [172.16.1.52]
ok: [172.16.1.41]
fatal: [172.16.1.10]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: connect to host 172.16.1.10 port 22: No route to host", "unreachable": true}# 开始执行任务
TASK [01.打开冰箱门] ********************************************************************************************
changed: [172.16.1.9]
changed: [172.16.1.7]
changed: [172.16.1.5]
changed: [172.16.1.6]
changed: [172.16.1.8]
changed: [172.16.1.51]
changed: [172.16.1.52]
changed: [172.16.1.31]
changed: [172.16.1.41]TASK [02.大象放进去] ********************************************************************************************
changed: [172.16.1.5]
changed: [172.16.1.7]
changed: [172.16.1.9]
changed: [172.16.1.6]
changed: [172.16.1.8]
changed: [172.16.1.51]
changed: [172.16.1.52]
changed: [172.16.1.31]
changed: [172.16.1.41]TASK [03.关门] **************************************************************************************************
changed: [172.16.1.6]
changed: [172.16.1.5]
changed: [172.16.1.9]
changed: [172.16.1.7]
changed: [172.16.1.8]
changed: [172.16.1.51]
changed: [172.16.1.52]
changed: [172.16.1.31]
changed: [172.16.1.41]# 剧本执行结束,总结报告
PLAY RECAP ******************************************************************************************************
172.16.1.10 : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.31 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.41 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.5 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.51 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.52 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.6 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.7 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.8 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.9 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
2. ansible部署rsync服务
2.1 更改文件行内容-lineinfile模块
- 模块参数:
- path:指定需要修改的客户机文件的路径
- line:替换指定行的内容
- create:如果文件不存在,是否创建文件(true/false(默认))
- owner:指定文件的所有者
- group:指定该文件的所属组
- mode:指定文件的权限
2.2 定时任务-cron模块
- 模块参数:
- name:定时任务描述
- job:要执行的命令或脚本
- minute:分钟(0-59,默认为*)
- hour:小时(0-23,默认为*)
- day:日(1-31,默认为*)
- month:月(1-12,默认为*)
- weekday:周(0-7,周日=0或7,默认为*)
2.3 编写rsync服务端剧本
# 移动主机清单文件
[root@m02 /server/ans/playbooks]# mv /etc/ansible/hosts ./
[root@m02 /server/ans/playbooks]# cat 02.rsync_server.yaml
#1.部署rsync服务端
- hosts: nfstasks:- name: 1.安装rsyncyum:name: rsyncstate: latest- name: 2.分发配置文件copy:src: ./files/rsyncd.confdest: /etc/rsyncd.confbackup: true- name: 3.添加用户user:name: rsyncshell: /sbin/nologincreate_home: falsestate: present- name: 4.创建备份目录,修改所有者file:path: /ans/backupmode: 0755owner: rsyncgroup: rsyncstate: directory- name: 5.创建密码文件,修改权限lineinfile:path: /etc/rsync.passwordline: "rsync_backup:1"mode: 0600owner: rootgroup: rootcreate: true- name: 6.启动服务systemd:name: rsyncdenabled: truestate: restarted- 使用vars剧本变量修改剧本
[root@m02 /server/ans/playbooks]# cat 02.rsync_server2.yaml
# 1.部署rsync服务端
- hosts: nfsvars:user: rsyncdir: /ans/backuptasks:- name: 1.安装rsyncyum:name: "{{ user }}"state: latest- name: 2.分发配置文件copy:src: ./files/rsyncd.confdest: /etc/rsyncd.confbackup: true- name: 3.添加用户user:name: "{{ user }}"shell: /sbin/nologincreate_home: falsestate: present- name: 4.创建备份目录,修改所有者file:path: "{{ dir }}"mode: 0755owner: "{{ user }}"group: "{{ user }}"state: directory- name: 5.创建密码文件,修改权限lineinfile:path: /etc/rsync.passwordline: "rsync_backup:1"mode: 0600owner: rootgroup: rootcreate: true- name: 6.启动服务systemd:name: rsyncdenabled: truestate: restarted
2.4 添加rsync服务端配置文件
[root@m02 /server/ans/playbooks]# mkdir files
[root@m02 /server/ans/playbooks]# cd files/
[root@m02 /server/ans/playbooks/files]# scp backup:/etc/rsyncd.conf ./
[root@m02 /server/ans/playbooks/files]# cat rsyncd.conf
#created by oldboy 15:01 2009-6-5
##rsyncd.conf start##
fake super = yes
uid = rsync
gid = rsync
use chroot = no
max connections = 2000
timeout = 600
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
#hosts allow = 10.0.0.0/24
#hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsync.password
#####################################
[backup]
comment = www by old0boy 14:18 2012-1-13
path = /ans/backup2.5 执行服务端剧本
[root@m02 /server/ans/playbooks]# ansible-playbook -i ./hosts 02.rsync_server.yaml
……PLAY [nfs] ******************************************************************************************************TASK [Gathering Facts] ******************************************************************************************
ok: [172.16.1.31]TASK [1.安装rsync] **********************************************************************************************
changed: [172.16.1.31]TASK [2.分发配置文件] *******************************************************************************************
changed: [172.16.1.31]TASK [3.添加用户] ***********************************************************************************************
changed: [172.16.1.31]TASK [4.创建备份目录,修改所有者] ********************************************************************************
changed: [172.16.1.31]TASK [5.创建密码文件,修改权限] **********************************************************************************
changed: [172.16.1.31]TASK [6.启动服务] ***********************************************************************************************
changed: [172.16.1.31]PLAY RECAP ******************************************************************************************************
172.16.1.31 : ok=7 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
- 测试
[root@m02 /server/ans/playbooks]# rsync -avz ./hosts rsync_backup@nfs01::backup
Password:
sending incremental file list
hostssent 174 bytes received 43 bytes 39.45 bytes/sec
total size is 142 speedup is 0.65
#############################
[root@nfs01 ~]# ll /ans/backup/
总用量 4
-rw-r--r-- 1 rsync rsync 142 7月 9 20:23 hosts
2.6 编写rsync客户端剧本
[root@m02 /server/ans/playbooks]# cat 02.rsync_client.yaml
# 2.部署rsync客户端
- hosts: alltasks:- name: 1.创建脚本存放目录file: path: /server/scriptsstate: directory- name: 2.分发脚本copy:src: ./files/rsync_backup.shdest: /server/scripts/rsync_backup.sh- name: 3.创建存放备份文件的目录file:path: /backupstate: directory- name: 4.创建用户密码文件lineinfile:path: /etc/rsync-client.passwordcreate: trueline: "1"owner: rootgroup: rootmode: 0600 - name: 5.定时任务(cron模块)cron:name: "定时备份任务"job: "/bin/bash /server/scripts/rsync_backup.sh"minute: 0hour: 23
2.7 添加备份脚本
[root@m02 /server/ans/playbooks/files]# scp nfs01:/server/scripts/rsync_backup.sh ./
……
[root@m02 /server/ans/playbooks/files]# cat rsync_backup.sh
#!/bin/bash
##############################################################
# File Name:rsync_backup.sh
# Version:V1.0
# Author:SunKexu
# Organization:www.oldboyedu.com
# Desc:定时备份
##############################################################
export LANG=en_US.UTF-8
# vars
date=`date +%F_%w`
ip=`hostname -I |awk '{print $2}'`
bak_dir=/backup/
# vars rsync 服务端变量
user=rsync_backup
rsync_server_ip=172.16.1.41
module_name=backup
pass_file=/etc/rsync-client.password# 打包
function package(){# 确定压缩包存放目录[ ! -d "${bak_dir}${ip}" ] && mkdir -p "${bak_dir}${ip}"# 打包压缩tar zcf "${bak_dir}${ip}/etc-${date}.tar.gz" /etc/[ $? -eq 0 ] || {echo "tar failed"exit 1}
}
# rsync备份数据
function rsync_backup(){# rsync传输到服务器rsync -avz "${bak_dir}" "${user}@${rsync_server_ip}::${module_name}" --password-file=${pass_file}[ $? -eq 0 ] || {echo "rsync failed"exit 2}
}
# 清理旧的压缩包
function clean_tar(){# 清理旧的备份find $bak_dir -type f -name "*.tar.gz" -mtime +7 |xargs rm -f
}
# main函数
function main(){packagersync_backupclean_tar
}# command
main
2.8 执行客户端剧本
[root@m02 /server/ans/playbooks]# ansible-playbook -i ./hosts 02.rsync_client.yaml
……PLAY [all] ******************************************************************************************************TASK [Gathering Facts] ******************************************************************************************
ok: [172.16.1.9]
ok: [172.16.1.5]
ok: [172.16.1.6]
ok: [172.16.1.7]
ok: [172.16.1.8]
ok: [172.16.1.41]
ok: [172.16.1.51]
ok: [172.16.1.52]
ok: [172.16.1.31]
fatal: [172.16.1.10]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: connect to host 172.16.1.10 port 22: No route to host", "unreachable": true}TASK [1.创建脚本存放目录] ***************************************************************************************
ok: [172.16.1.7]
ok: [172.16.1.6]
ok: [172.16.1.8]
ok: [172.16.1.9]
ok: [172.16.1.5]
ok: [172.16.1.51]
ok: [172.16.1.52]
ok: [172.16.1.41]
ok: [172.16.1.31]TASK [2.分发脚本] ***********************************************************************************************
ok: [172.16.1.6]
ok: [172.16.1.5]
ok: [172.16.1.7]
ok: [172.16.1.9]
ok: [172.16.1.8]
ok: [172.16.1.51]
ok: [172.16.1.52]
ok: [172.16.1.31]
ok: [172.16.1.41]TASK [3.创建存放备份文件的目录] *********************************************************************************
ok: [172.16.1.5]
ok: [172.16.1.6]
ok: [172.16.1.7]
ok: [172.16.1.8]
ok: [172.16.1.9]
ok: [172.16.1.51]
ok: [172.16.1.52]
ok: [172.16.1.31]
ok: [172.16.1.41]TASK [4.创建用户密码文件] ***************************************************************************************
ok: [172.16.1.8]
ok: [172.16.1.9]
ok: [172.16.1.6]
ok: [172.16.1.5]
ok: [172.16.1.7]
ok: [172.16.1.52]
ok: [172.16.1.31]
ok: [172.16.1.51]
ok: [172.16.1.41]TASK [5.定时任务(cron模块)] *************************************************************************************
changed: [172.16.1.6]
changed: [172.16.1.9]
changed: [172.16.1.5]
changed: [172.16.1.7]
changed: [172.16.1.8]
changed: [172.16.1.51]
changed: [172.16.1.31]
changed: [172.16.1.52]
changed: [172.16.1.41]PLAY RECAP ******************************************************************************************************
172.16.1.10 : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.31 : ok=6 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.41 : ok=6 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.5 : ok=6 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.51 : ok=6 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.52 : ok=6 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.6 : ok=6 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.7 : ok=6 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.8 : ok=6 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.9 : ok=6 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 - 检查
[root@m02 ~]# ansible -i /server/ans/playbooks/hosts all -m shell -a 'crontab -l'
……
172.16.1.5 | CHANGED | rc=0 >>
#1. sync time by lidao996 at 20230101
*/3 * * * * /sbin/ntpdate ntp.aliyun.com >/dev/null 2>&1
#Ansible: 定时备份任务
0 23 * * * /bin/bash /server/scripts/rsync_backup.sh
172.16.1.6 | CHANGED | rc=0 >>
#1. sync time by lidao996 at 20230101
*/3 * * * * /sbin/ntpdate ntp.aliyun.com >/dev/null 2>&1
#Ansible: 定时备份任务
0 23 * * * /bin/bash /server/scripts/rsync_backup.sh
……
3. ansible批量创建用户
3.1 编写剧本
[root@m02 /server/ans/playbooks]# cat 03.add_user.yaml
- hosts: allvars: # 定义剧本变量password: "SKX2554."tasks:- name: "1.创建用户"user:name: oldboypassword: "{{ password|password_hash('sha512','skx') }}" # 引用变量和执行函数;对密码加密并加盐state: present
3.2 执行剧本
[root@m02 /server/ans/playbooks]# ansible-playbook -i ./hosts 03.add_user.yaml
……PLAY [all] ******************************************************************************************************TASK [Gathering Facts] ******************************************************************************************
ok: [172.16.1.5]
ok: [172.16.1.6]
ok: [172.16.1.9]
ok: [172.16.1.8]
ok: [172.16.1.7]
ok: [172.16.1.41]
ok: [172.16.1.51]
ok: [172.16.1.31]
ok: [172.16.1.52]
fatal: [172.16.1.10]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: connect to host 172.16.1.10 port 22: No route to host", "unreachable": true}TASK [1.创建用户] ***********************************************************************************************
changed: [172.16.1.7]
changed: [172.16.1.9]
changed: [172.16.1.6]
changed: [172.16.1.5]
changed: [172.16.1.8]
changed: [172.16.1.31]
changed: [172.16.1.51]
changed: [172.16.1.52]
changed: [172.16.1.41]PLAY RECAP ******************************************************************************************************
172.16.1.10 : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.31 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.41 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.5 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.51 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.52 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.6 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.7 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.8 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.9 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
4. ansible变量
| 按定义区域不同分类 | 说明 |
|---|---|
| 剧本变量 | vars,仅限当前play使用 |
| 独立文件中定义(变量文件) | 把变量写入到文件中,通过vars_files调取; play中指定变量文件 |
| 分组变量 | group_vars,推荐使用,根据分组自动调用; |
| facts变量 | 剧本运行是默认收集信息,可以创建指定的变量; 如果不用,建议关闭 |
| register变量 | 捕获任务的输出结果,并将这些结果存储在变量中,供后续任务使用 |
| 主机清单变量 | 为特定主机或主机组分配变量的方式,使Playbook能针对不同环境 (如开发、测试、生产)动态调整配置 |
5. 分组变量
group_vars是一种专门用于为 主机组(Inventory Groups) 定义变量的机制,它允许你集中管理同一组主机的共享配置,从而实现配置的模块化和环境差异化部署。
5.1 变量文件命名规则
| 文件命名方式 | 作用范围 | 示例 |
|---|---|---|
| all.yaml | 作用于所有组(全局变量) | all.yaml |
| 与组同名 | 仅作用于指定组 | web.yaml、nfs.yaml |
| 按子组命名 | 仅作用于嵌套子组 | data.yaml |
5.2 分组变量的目录结构
[root@m02 /server/ans/playbooks]# tree group_vars/
group_vars/
├── all.yaml
├── data.yaml
├── lb.yaml
├── nfs.yaml
└── web.yaml0 directories, 5 files
5.3 编写全局变量文件
[root@m02 /server/ans/playbooks]# cat group_vars/all.yaml
user: skx
dir: /backup/test
5.4 编写添加用户和创建目录剧本
[root@m02 /server/ans/playbooks]# cat 03.add_user2.yaml
- hosts: alltasks:- name: "1.添加用户"user:name: "{{ user }}"shell: /sbin/nologincreate_home: falsestate: present- name: "2.创建目录"file:path: "{{ dir }}"owner: "{{ user }}"group: "{{ user }}"mode: 0755state: directory
5.5 执行剧本并测试
[root@m02 /server/ans/playbooks]# ansible-playbook -i hosts 03.add_user2.yaml
……
# 测试
[root@m02 /server/ans/playbooks]# ansible -i hosts all -m shell -a 'ls -ld /backup/test'
……
172.16.1.7 | CHANGED | rc=0 >>
drwxr-xr-x 2 skx skx 6 7月 10 21:51 /backup/test
172.16.1.9 | CHANGED | rc=0 >>
drwxr-xr-x 2 skx skx 6 7月 10 21:51 /backup/test
172.16.1.5 | CHANGED | rc=0 >>
drwxr-xr-x 2 skx skx 6 7月 10 21:51 /backup/test
……
6. facts变量
facts 是目标主机的系统信息(如 CPU、内存、IP、OS 等),由
setup模块自动收集。这些 facts 可以作为变量在 Playbook 或 Ad-Hoc 命令中使用。
6.1 setup模块-收集主机信息
[root@m02 /server/ans/playbooks]# ansible -i hosts 172.16.1.7 -m setup
……
172.16.1.7 | SUCCESS => {"ansible_facts": {"ansible_all_ipv4_addresses": ["10.0.0.7","172.16.1.7"],"ansible_all_ipv6_addresses": ["fe80::fd3c:da1b:b64b:41f0","fe80::5b66:ba41:1143:ad88","fe80::3d14:45b8:d3a3:ff00","fe80::a196:d8ba:54bd:ba15","fe80::4ee7:f22c:bfc0:d6df","fe80::4135:8926:62b8:97c5"],"ansible_apparmor": {"status": "disabled"},"ansible_architecture": "x86_64","ansible_bios_date": "11/12/2020","ansible_bios_vendor": "Phoenix Technologies LTD","ansible_bios_version": "6.00","ansible_board_asset_tag": "NA","ansible_board_name": "440BX Desktop Reference Platform","ansible_board_serial": "None","ansible_board_vendor": "Intel Corporation","ansible_board_version": "None","ansible_chassis_asset_tag": "No Asset Tag","ansible_chassis_serial": "None","ansible_chassis_vendor": "No Enclosure","ansible_chassis_version": "N/A","ansible_cmdline": {"BOOT_IMAGE": "/vmlinuz-4.19.90-52.22.v2207.ky10.x86_64","audit": "0","quiet": true,"rd.lvm.lv": "klas/root","resume": "UUID=1d3e0429-5c9c-4f52-9f5f-133ffbb0e75f","rhgb": true,"ro": true,"root": "/dev/mapper/klas-root"},"ansible_date_time": {"date": "2025-07-11","day": "11","epoch": "1752199418","hour": "10","iso8601": "2025-07-11T02:03:38Z","iso8601_basic": "20250711T100338320197","iso8601_basic_short": "20250711T100338","iso8601_micro": "2025-07-11T02:03:38.320197Z","minute": "03","month": "07","second": "38","time": "10:03:38","tz": "CST","tz_dst": "CST","tz_offset": "+0800","weekday": "星期五","weekday_number": "5","weeknumber": "27","year": "2025"},"ansible_default_ipv4": {"address": "10.0.0.7","alias": "ens33","broadcast": "10.0.0.255","gateway": "10.0.0.2","interface": "ens33","macaddress": "00:0c:29:66:56:96","mtu": 1500,"netmask": "255.255.255.0","network": "10.0.0.0","type": "ether"},
……
6.2 常用facts变量
主机名: {{ ansible_hostname }}
ip: {{ ansible_all_ipv4_addresses }}
内存总大小: {{ ansible_memtotal_mb }}
系统发行版本: {{ ansible_distribution }}
系统版本: {{ ansible_distribution_major_version }}
cpu架构: {{ ansible_architecture }}
系统版本昵称: {{ ansible_distribution_release }}
第1块网卡的ip地址: {{ ansible_default_ipv4.address }}
6.3 debug模块
debug模块 用于调试 Playbook,可以打印变量、消息或 facts,方便排查问题。
- 模块参数:
- msg:打印自定义消息(字符串),和变量(需加上{{ }})
- vars:打印变量,不用加{{ }}
6.4 编写剧本输出facts变量
[root@m02 /server/ans/playbooks]# cat 04.facts_vars.yaml
- hosts: alltasks:- name: 1.测试输出facts变量debug:msg: | # 加管道符,表示多行输出主机名: {{ ansible_hostname }}ip: {{ ansible_all_ipv4_addresses }}内存总大小: {{ ansible_memtotal_mb }}系统发行版本: {{ ansible_distribution }}系统版本: {{ ansible_distribution_major_version }}cpu架构: {{ ansible_architecture }}系统版本昵称: {{ ansible_distribution_release }}第1块网卡的ip地址: {{ ansible_default_ipv4.address }}
- 执行结果:
[root@m02 /server/ans/playbooks]# ansible-playbook -i hosts 04.facts_vars.yaml
……
TASK [1.测试输出facts变量] **************************************************************************************
ok: [172.16.1.7] => {"msg": "主机名: web01\nip: ['10.0.0.7', '172.16.1.7']\n内存总大小: 1956\n系统发行版本: Kylin Linux Advanced Server\n系统版本: V10\ncpu架构: x86_64\n系统版本昵称: Lance\n第1块网卡的ip地址: 10.0.0.7\n"
}
ok: [172.16.1.8] => {"msg": "主机名: web02\nip: ['172.16.1.8', '10.0.0.8']\n内存总大小: 1956\n系统发行版本: Kylin Linux Advanced Server\n系统版本: V10\ncpu架构: x86_64\n系统版本昵称: Lance\n第1块网卡的ip地址: 10.0.0.8\n"
}
ok: [172.16.1.9] => {"msg": "主机名: web03\nip: ['172.16.1.9', '10.0.0.9']\n内存总大小: 1956\n系统发行版本: Kylin Linux Advanced Server\n系统版本: V10\ncpu架构: x86_64\n系统版本昵称: Lance\n第1块网卡的ip地址: 10.0.0.9\n"
}
……
6.5 关闭facts获取主机信息功能
6.5.1 彻底关闭facts
- 修改ansible的配置文件:
/etc/ansible/ansible.cfg,添加关闭facts的参数:
[root@m02 /server/ans/playbooks]# cat /etc/ansible/ansible.cfg
[defaults]
host_key_checking = False
deprecation_warnings = False
interpreter_python=/usr/bin/python3
gathering = explicit # 彻底关闭facts功能
……
6.5.2 临时关闭或启用facts
- 在剧本中添加选项:
- gather_facts:针对当前剧本设置facts功能
- true:表示启动facts
- false:表示关闭facts
- gather_facts:针对当前剧本设置facts功能
7. template模块
template模块结合了 Jinja2 模板引擎的功能,可以动态生成配置文件,文件后缀名是.j2;
文件中变量只能是ansible变量
7.1 模块参数
- src:本地jinja2模本文件路径
- dest:客户机文件路径
- owner:文件所有者
- group:文件所属组
- mode:文件权限
- backup:如果客户机上有目标文件,是否要备份(true/false(默认))
7.2 编写模版文件和测试剧本
- jinja2模板文件,只能是.j2为后缀名:
[root@m02 /server/ans/playbooks/files]# cat motd.j2
主机名: {{ ansible_hostname }}
ip: {{ ansible_all_ipv4_addresses }}
内存总大小: {{ ansible_memtotal_mb }}
系统发行版本: {{ ansible_distribution }}
系统版本: {{ ansible_distribution_major_version }}
cpu架构: {{ ansible_architecture }}
系统版本昵称: {{ ansible_distribution_release }}
第1块网卡的ip地址: {{ ansible_default_ipv4.address }}
- 分发动态配置文件剧本:
[root@m02 /server/ans/playbooks]# cat 05.template_test.yaml
- hosts: alltasks:- name: 1.分发动态配置文件template:src: ./files/motd.j2dest: /etc/motdbackup: true
7.3 执行并测试结果
[root@m02 /server/ans/playbooks]# ansible-playbook -i hosts 05.template_test.yaml
……
8. register注册变量
register用于将任务(task)的输出保存到变量中,可以捕获命令结果、模块返回值或错误信息,并在 Playbook 中动态处理。
8.1 编写测试剧本
[root@m02 /server/ans/playbooks]# cat 06.register_test.yaml
- hosts: alltasks:- name: 1.查看主机ipshell: hostname -Iregister: ip- name: 2.输出变量值debug:vars: ip
8.2 执行
[root@m02 /server/ans/playbooks]# ansible-playbook -i hosts 06.register_test.yaml
……TASK [1.查看主机ip] *********************************************************************************************
changed: [172.16.1.7]
changed: [172.16.1.8]
changed: [172.16.1.9]TASK [2.输出变量值] *********************************************************************************************
ok: [172.16.1.7] => {"msg": {"changed": true,"cmd": "hostname -I","delta": "0:00:00.003911","end": "2025-07-11 14:44:49.604903","failed": false,"msg": "","rc": 0,"start": "2025-07-11 14:44:49.600992","stderr": "","stderr_lines": [],"stdout": "10.0.0.7 172.16.1.7 ","stdout_lines": ["10.0.0.7 172.16.1.7 "]}
}
……
- 根据结果可见ansible中命令的返回值并不是单一的命令结果,而包含着其他信息;返回类型为json格式
- 而命令的结果存放在stdout和stderr中
8.3 修改测试剧本并测试
[root@m02 /server/ans/playbooks]# cat 06.register_test.yaml
- hosts: alltasks:- name: 1.查看主机ipshell: hostname -Iregister: ip- name: 2.输出变量值debug:msg: |stdout: "{{ ip.stdout }}"stderr: "{{ ip.stderr }}"
- 测试:
[root@m02 /server/ans/playbooks]# ansible-playbook -i hosts 06.register_test.yaml
……TASK [1.查看主机ip] *********************************************************************************************
changed: [172.16.1.8]
changed: [172.16.1.9]
changed: [172.16.1.7]TASK [2.输出变量值] *********************************************************************************************
ok: [172.16.1.7] => {"msg": "stdout: \"10.0.0.7 172.16.1.7 \"\nstderr: \"\"\n"
}
ok: [172.16.1.8] => {"msg": "stdout: \"10.0.0.8 172.16.1.8 \"\nstderr: \"\"\n"
}
ok: [172.16.1.9] => {"msg": "stdout: \"10.0.0.9 172.16.1.9 \"\nstderr: \"\"\n"
}
……
9. 思维导图
https://kdocs.cn/join/gpuxq6r?f=101\r\n邀请你加入共享群「老男孩教育Linux运维99期-孙克旭」一起进行文档协作