当前位置：首页 > news >正文

建设微信营销网站制作河北正规网站建设比较

news 2025/11/15 13:49:38

建设微信营销网站制作,河北正规网站建设比较,做快手头像的网站,广西电网公司建设年鉴目录 ansible.cfg介绍主机清单#xff08;常见为INI格式#xff09; 一.定义主机列表 1.每行写一个 2.主机组 #xff08;1#xff09;定义简单主机组 #xff08;2#xff09;指定多台主机时可以通过书写范围来表示 #xff08;3#xff09;定义嵌套主机组 …目录 ansible.cfg介绍主机清单常见为INI格式一.定义主机列表 1.每行写一个 2.主机组 1定义简单主机组 2指定多台主机时可以通过书写范围来表示 3定义嵌套主机组二.匹配主机和组 1.匹配所有主机 1all 2特殊使用*号单独使用无效 2.匹配指定主机或组 1匹配一个或多个组 2匹配一个或多个主机 3.匹配未分配组的主机 4.通配符匹配 1以什么开头或结尾的主机或者是通过组名匹配出来的主机 2匹配非匹配范围内的主机或者非匹配范围内的组匹配出来的主机 3匹配包含某关键字的主机或包含某关键的组内的主机 4匹配同时属于两个组的主机 5.正则表达式匹配 6.通过limit来匹配主机 ansible配置文件一.优先级二.配置文件详解 1.defaults部分 2.privilege_escalation 3.paramiko_connection 4.ssh_connection 5.persistent_connection 6.accelerate(加速模块ansible1.5版本后很少用) 7.selinux 8.简单测试是否能够进行节点通信主机清单和配置文件练习 1.安装并配置ansible在控制节点上安装并配置ansible 2.创建并运行 Ansibie ad-hoc 命令魔法变量和变量采集一.debug模块的使用方法 1.帮助文档给出的示例 2.主要用到的参数 1msg主要用这个参数来指定要输出的信息 2var打印指定的变量一般是通过register注册了的变量 3verbosity调试级别默认是0表示全部显示 3.输出信息详解 4.在debug中使用when做条件判断 1通过rc的结果做判断 2通过是否failed做判断二.fact变量 1.setup简单用法演示 1命令行通过filter进行过滤 2--tree将信息输出到指定目录 2.手动设置fact 3.使用set_fact模块定义变量 4.手动采集变量三.fact缓存 1.json方式 2.redis方式 3.memcached方式基本已弃用四.魔法变量 1.hostvars 2.inventory_hostname 3.group_names 4.groups 5.play_hosts 6.inventory_dir 7.inventory_file ansible.cfg介绍主机清单常见为INI格式一.定义主机列表 1.每行写一个可以是域名、主机名、IP地址此时它们没有被分到任何一个组内属于ungroup [studentworkstation ~]$ cat myhosts servera.xxx.com serverb 172.25.xxx.xx [studentworkstation ~]$ ansible-inventory -i myhosts --graph #-i指定主机文件--graph创建库存图 all:|--ungrouped:| |--172.25.xxx.xx| |--servera.xxx.com| |--serverb 2.主机组 1定义简单主机组 [studentworkstation ~]$ cat myhosts1 [webservers] servera serverb [dbservers] serverc serverd.lab.example.com [studentworkstation ~]$ ansible-inventory -i myhosts1 --graph #默认的主机文件是/etc/ansible/hosts使用其他文件时需要指定 all:|--dbservers:| |--serverc| |--serverd.lab.example.com|--ungrouped:|--webservers:| |--servera| |--serverb 2指定多台主机时可以通过书写范围来表示 [studentworkstation ~]$ cat myhosts2 [mywebservers] server[a:d] #以“[x:y]”来表示从x到y的范围 [studentworkstation ~]$ ansible mywebservers -i myhosts2 --list-hosts #通过指定具体的主机文件中的组名来查看组下主机hosts (4):serveraserverbservercserverd 3定义嵌套主机组 [studentworkstation ~]$ cat myhosts1 [webservers] servera serverb [dbservers] serverc serverd.lab.example.com [conment:children] #以“:children表示包含若干组” webservers [studentworkstation ~]$ ansible conment -i myhosts1 --list-hostshosts (2):serveraserverb 二.匹配主机和组 1.匹配所有主机 1all [studentworkstation ~]$ ansible all -i myhosts1 --list-hostshosts (4):servercserverd.lab.example.comserveraserverb 2特殊使用*号单独使用无效 [studentworkstation ~]$ ansible * -i myhosts1 --list-hosts[WARNING]: Could not match supplied host pattern, ignoring: myhosts1 [WARNING]: No hosts matched, nothing to do hosts (0): [studentworkstation ~]$ ansible \* -i myhosts1 --list-hosts #转义hosts (4):servercserverd.lab.example.comserveraserverb[studentworkstation ~]$ ansible * -i myhosts1 --list-hosts #单引号hosts (4):servercserverd.lab.example.comserveraserverb [studentworkstation ~]$ ansible * -i myhosts1 --list-hosts #双引号hosts (4):servercserverd.lab.example.comserveraserverb [studentworkstation ~]$ ansible * -i myhosts1 --list-hosts #三引号hosts (4):servercserverd.lab.example.comserveraserverb 2.匹配指定主机或组 1匹配一个或多个组 [studentworkstation ~]$ ansible webservers -i myhosts1 --list-hostshosts (2):serveraserverb [studentworkstation ~]$ ansible webservers,dbservers -i myhosts1 --list-hosts #多个组以“,”分隔这行也可以理解为属于“webservers”或“dbservers”组的主机hosts (4):serveraserverbservercserverd.lab.example.com 2匹配一个或多个主机 [studentworkstation ~]$ ansible servera -i myhosts1 --list-hostshosts (1):servera [studentworkstation ~]$ ansible servera,serverc -i myhosts1 --list-hosts #多个主机以“,”分隔hosts (2):serveraserverc 3.匹配未分配组的主机 [studentworkstation ~]$ ansible ungrouped -i myhosts1 --list-hostshosts (1):haha 4.通配符匹配 1以什么开头或结尾的主机或者是通过组名匹配出来的主机 [studentworkstation ~]$ ansible server* -i myhosts1 --list-hostshosts (4):serveraserverbservercserverd.lab.example.com [studentworkstation ~]$ ansible *.com -i myhosts1 --list-hostshosts (1):serverd.lab.example.com [studentworkstation ~]$ ansible web* -i myhosts1 --list-hostshosts (2):serveraserverb[studentworkstation ~]$ ansible db* -i myhosts1 --list-hostshosts (2):servercserverd.lab.example.com 2匹配非匹配范围内的主机或者非匹配范围内的组匹配出来的主机 [studentworkstation ~]$ ansible !*.com -i myhosts1 --list-hosts #使用!hosts (4):hahaservercserveraserverb [studentworkstation ~]$ ansible !web* -i myhosts1 --list-hosts #匹配出来的是dbservers组内的主机hosts (3):hahaservercserverd.lab.example.com[studentworkstation ~]$ ansible server*,!*.com -i myhosts1 --list-hosts #匹配以server开头但不以.com结尾的主机hosts (3):serveraserverbserverc[studentworkstation ~]$ ansible w*,!*s -i myhosts1 --list-hosts #匹配以w开头但不以s结尾的组内的主机hosts (2):server1serverh [studentworkstation ~]$ cat myhosts1 haha [webservers] servera serverb [dbservers] serverc serverd.lab.example.com [webservers1] server1 serverh [conment:children] webservers 3匹配包含某关键字的主机或包含某关键的组内的主机 [studentworkstation ~]$ ansible *server* -i myhosts1 --list-hostshosts (6):serveraserverbservercserverd.lab.example.comserver1serverh [studentworkstation ~]$ ansible *web* -i myhosts1 --list-hostshosts (4):serveraserverbserver1serverh 4匹配同时属于两个组的主机 [studentworkstation ~]$ ansible-inventory -i myhosts1 --graph all:|--conment:| |--webservers:| | |--servera| | |--serverb|--dbservers:| |--serverc| |--serverd.lab.example.com|--ungrouped:| |--haha|--webservers1:| |--server1| |--servera| |--serverh[studentworkstation ~]$ ansible webservers,webservers1 -i myhosts1 --list-hosts #逻辑与“”逻辑或见“2(1)示例逻辑非“!”见4(2)示例hosts (1):servera 5.正则表达式匹配 [studentworkstation ~]$ ansible-inventory -i myhosts1 --graph all:|--conment:| |--webservers:| | |--servera| | |--serverb|--dbservers:| |--serverc| |--serverd.lab.example.com|--ungrouped:| |--haha|--webservers1:| |--server1| |--servera| |--serverh [studentworkstation ~]$ ansible ~^(s|c) -i myhosts1 --list-hosts #“~”表示标记这是一个正则表达式以“s”开头或以“c”开头以“s”开头的输出后没有以“c”开头的主机但有以“c”开头的组会输出其下的主机hosts (6):serveraserverbservercserverd.lab.example.comserver1serverh[studentworkstation ~]$ ansible ~^(o|c) -i myhosts1 --list-hostshosts (2):serveraserverb 6.通过limit来匹配主机 [studentworkstation ~]$ ansible server* -i myhosts1 --list-hosts --limit servera #可以在后面直接指定hosts (1):servera [studentworkstation ~]$ ansible server* -i myhosts1 --list-hosts --limit list #可以指定定义好主机的文件hosts (1):servera [studentworkstation ~]$ cat list servera ansible配置文件一.优先级一般情况下的主要就是ANSIBLE_CONFIG指定.cfg文件的绝对路径 ./ansible.cfg ~/.ansible.cfg /etc/ansible/ansible.cfg [studentworkstation ~]$ ansible --version ansible 2.8.0config file /etc/ansible/ansible.cfg #当前使用的是/etc/ansible/ansible.cfgconfigured module search path [/home/student/.ansible/plugins/modules, /usr/share/ansible/plugins/modules]ansible python module location /usr/lib/python3.6/site-packages/ansibleexecutable location /usr/bin/ansiblepython version 3.6.8 (default, Apr 3 2019, 17:26:03) [GCC 8.2.1 20180905 (Red Hat 8.2.1-3)] ANSIBLE_CONFIG用法示例 [studentworkstation ~]$ cat ansible.cfg [defaults] inventory/home/student/myhosts1 [studentworkstation ~]$ ll total 12 -rw-rw-r--. 1 student student 45 Oct 12 10:30 ansible.cfg -rw-rw-r--. 1 student student 8 Oct 12 09:34 list -rw-rw-r--. 1 student student 149 Oct 12 08:58 myhosts1 [studentworkstation ~]$ ANSIBLE_CONFIG/home/student/ansible ansible webservers --list-hostshosts (2):serveraserverb [studentworkstation ~]$ ansible --version ansible 2.8.0config file /home/student/ansible.cfg #此时默认配置文件就变了configured module search path [/home/student/.ansible/plugins/modules, /usr/share/ansible/plugins/modules]ansible python module location /usr/lib/python3.6/site-packages/ansibleexecutable location /usr/bin/ansiblepython version 3.6.8 (default, Apr 3 2019, 17:26:03) [GCC 8.2.1 20180905 (Red Hat 8.2.1-3)] [studentworkstation ~]$ export ANSIBLE_CONFIG/home/student/ansible.cfg #也可以export声明这个文件的路径可以通过unset进行取消配置 [studentworkstation ~]$ ansible --version ansible 2.8.0config file /home/student/ansible.cfgconfigured module search path [/home/student/.ansible/plugins/modules, /usr/share/ansible/plugins/modules]ansible python module location /usr/lib/python3.6/site-packages/ansibleexecutable location /usr/bin/ansiblepython version 3.6.8 (default, Apr 3 2019, 17:26:03) [GCC 8.2.1 20180905 (Red Hat 8.2.1-3)] 二.配置文件详解 1.defaults部分 [defaults] inventory #指定清单文件路径 remote_user #用来在受管节点上登录的用户名不指定则为当前用户 becomeTrue #连接后是否在受管节点上切换用户一般是切换到root become_methodsudo #以sudo方式切换也可以选择su become_userroot #在受管节点上要切换的用户默认root sudo_userroot #默认执行命令的用户 ask_sudo_passTrue #是否需要sudo密码 become_ask_passFalse #是否为切换方式提示输入密码默认false host_key_checkingFalse #首次连接时是否检查ssh主机的密钥 ask_passTrue #是否提示输入ssh连接密码使用公钥验证应为false library/usr/share/my_modules/ #指定存放ansible模块的目录 timeout10 #远程连接超时时间以秒为单位 log_path/var/log/ansible.log #指定ansible的日志存储文件位置 private_key_file/path/to/file #私钥密钥路径 roles_path/etc/ansible/roles # role存放目录 forks 5 #设置默认多少个进程同时运行进程并发数默认5个 remote_port 22 #连接受管节点的管理端口ssh22端口 poll_interval15 #轮询间隔时间默认15秒 module_name #默认执行的模块 #action_plugins /usr/share/ansible/plugins/action #become_plugins /usr/share/ansible/plugins/become #cache_plugins /usr/share/ansible/plugins/cache #callback_plugins /usr/share/ansible/plugins/callback #connection_plugins /usr/share/ansible/plugins/connection #lookup_plugins /usr/share/ansible/plugins/lookup #inventory_plugins /usr/share/ansible/plugins/inventory #vars_plugins /usr/share/ansible/plugins/vars #filter_plugins /usr/share/ansible/plugins/filter #test_plugins /usr/share/ansible/plugins/test #terminal_plugins /usr/share/ansible/plugins/terminal #strategy_plugins /usr/share/ansible/plugins/strategy #此上等等为各插件存放位置 2.privilege_escalation [privilege_escalation] becomeTrue #是否切换用户 become_methodsudo #以什么方式切换 become_userroot #切换到哪个用户 become_ask_passFalse #是否需要sudo密码 3.paramiko_connection [paramiko_connection] record_host_keysFalse #是否记录新主机的密钥类似于保存用户在此节点的密码 ptyFalse #是否禁用sudo功能 look_for_keysFalse #是否在~/.ssh中寻找密钥文件 host_key_auto_addTrue #是否自动添加主机密钥 4.ssh_connection [ssh_connection] scp_if_ssh smart #设置传输机制smart先尝试sftp后尝试scpTrue只使用scpFalse只使用sftp transfer_method smart #同scp_if_ssh两者同时设置时后者覆盖前者但在scp_if_ssh基础上新增了piped模式表示通过ssh的dd来传输并且在smart模式下尝试传输顺序为sftp-scp-piped sftp_batch_mode False # 是否批处理模式来传输文件 usetty True #是否启动管道传输 retries 3 #重试与主机重连次数 5.persistent_connection [persistent_connection] connect_timeout 30 #持久链接超时时间在这个值之前收到连接请求连接才不会被关闭默认30秒 command_timeout 30 #命令超时时间意思是设置在连接超时前分配多少时间等待命令请求或RPC调用请求需要小于等于持久连接超时时间 6.accelerate(加速模块ansible1.5版本后很少用) 7.selinux [selinux] special_context_filesystemsnfs,vboxsf,fuse,ramfs,9p #处理selinux时需要的特殊文件系统 libvirt_lxc_noseclabel yes #是否允许libvirt_lxc相关链接有或没有selinux的情况下运行 8.简单测试是否能够进行节点通信 [studentworkstation ~]$ cat ansible.cfg [defaults] inventory/home/student/myhosts1 remote_userroot become_userTrue become_methodsudo host_key_checkingFalse ask_passFalse [privilege_escalation] becomeTrue become_methodsudo become_userroot become_ask_passFalse [studentworkstation ~]$ cat myhosts1 [webservers] servera serverb [dbservers] serverc serverd.lab.example.com [conment:children] webservers [studentworkstation ~]$ ansible all -m ping serverd.lab.example.com | SUCCESS {ansible_facts: {discovered_interpreter_python: /usr/libexec/platform-python},changed: false,ping: pong } serverc | SUCCESS {ansible_facts: {discovered_interpreter_python: /usr/libexec/platform-python},changed: false,ping: pong } serverb | SUCCESS {ansible_facts: {discovered_interpreter_python: /usr/libexec/platform-python},changed: false,ping: pong } servera | SUCCESS {ansible_facts: {discovered_interpreter_python: /usr/libexec/platform-python},changed: false,ping: pong } 主机清单和配置文件练习 1.安装并配置ansible在控制节点上安装并配置ansible 1创建静态inventory文件/home/devops/ansible/inventory要求如下 servera属于dev组 serverb属于test和balancers组 serverc和serverd属于prod组 prod组属于Webserver组 2创建ansible配置文件/home/devops/ansible/ansible.cfg要求如下使用/home/devops/ansible/inventory清单文件角色role目录路径为/home/devops/ansible/roles 没有/home/devops/ansible目录需要先创建该目录 [kioskfoundation0 ~]$ rht-vmctl start all Error: bastion not started (is already running) Error: workstation not started (is already running) Error: servera not started (is already running) Error: serverb not started (is already running) Error: serverc not started (is already running) Error: serverd not started (is already running) [kioskfoundation0 ~]$ ssh devopsworkstation Activate the web console with: systemctl enable --now cockpit.socketLast login: Mon Jun 19 18:46:41 2023 from 172.25.250.250 [devopsworkstation ~]$ mkdir /home/devops/ansible 到该目录下创建inventory文件ansible.cfg文件roles文件参照/etc/ansible/ansible.cfg配置内容 [devopsworkstation ~]$ cd /home/devops/ansible/ [devopsworkstation ansible]$ ll total 12 -rw-r--r--. 1 root root 114 Jun 19 19:19 ansible.cfg -rw-r--r--. 1 root root 148 Jun 19 19:19 inventory -rw-r--r--. 1 root root 1 Jun 19 19:03 roles [devopsworkstation ~]$ cat /etc/ansible/ansible.cfg [devopsworkstation ansible]$ cat ansible.cfg [defaults] inventory/home/devops/ansible/inventory roles_path/home/devops/ansible/roles host_key_checkingFalse [devopsworkstation ansible]$ cat inventory [dev] servera [test] serverb [balancers] serverb [prod] server[c:d] [Webserver:children] prod[all:vars] ansible_userroot ansible_passwordredhat 测试连通性 [devopsworkstation ansible]$ ansible all -m ping servera | SUCCESS {ansible_facts: {discovered_interpreter_python: /usr/libexec/platform-python},changed: false,ping: pong } serverd | SUCCESS {ansible_facts: {discovered_interpreter_python: /usr/libexec/platform-python},changed: false,ping: pong } serverc | SUCCESS {ansible_facts: {discovered_interpreter_python: /usr/libexec/platform-python},changed: false,ping: pong } serverb | SUCCESS {ansible_facts: {discovered_interpreter_python: /usr/libexec/platform-python},changed: false,ping: pong }2.创建并运行 Ansibie ad-hoc 命令创建一个 shell 脚本名为 adhoc.sh 用以运行 ad-hoc 命令 . 为每个受控节点配罝 yum仓库. 要求如下仓库1 Name:RH294_Base Description:RH294 base software Baseurl:http://content.example.com/rhel8.0/x86_64/dvd/BaseOS 需要验证钦件包GPG签名 GPG key:/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release 启用此软件仓库仓库2: Name:RH294_Stream Description:RH294 stream software Base url http://content.example.com/rhel8.0/x86_64/dvd/AppStream 需要验证软件包GPG签名 GPG key:/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release 启用此软件仓库 [devopsworkstation ansible]$ sudo vim adhoc.sh #!/bin/bash ansible all -m yum_repository -a nameRH294_Base \descriptionRH294 base software \baseurlhttp://content.example.com/rhel8.0/x86_64/dvd/BaseOS \gpgcheckyes \gpgkey/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release \enabledyes ansible all -m yum_repository -a nameRH294_Stream \descriptionRH294 stream software \baseurlhttp://content.example.com/rhel8.0/x86_64/dvd/AppStream \gpgcheckyes \gpgkey/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release \enabledyes [devopsworkstation ansible]$ sudo chmod x adhoc.sh [devopsworkstation ansible]$ ./adhoc.sh serverb | CHANGED {ansible_facts: {discovered_interpreter_python: /usr/libexec/platform-python},changed: true,repo: RH294_Base,state: present } serverc | CHANGED {ansible_facts: {discovered_interpreter_python: /usr/libexec/platform-python},changed: true,repo: RH294_Base,state: present } servera | CHANGED {ansible_facts: {discovered_interpreter_python: /usr/libexec/platform-python},changed: true,repo: RH294_Base,state: present } serverd | CHANGED {ansible_facts: {discovered_interpreter_python: /usr/libexec/platform-python},changed: true,repo: RH294_Base,state: present } serverb | CHANGED {ansible_facts: {discovered_interpreter_python: /usr/libexec/platform-python},changed: true,repo: RH294_Stream,state: present } servera | CHANGED {ansible_facts: {discovered_interpreter_python: /usr/libexec/platform-python},changed: true,repo: RH294_Stream,state: present } serverd | CHANGED {ansible_facts: {discovered_interpreter_python: /usr/libexec/platform-python},changed: true,repo: RH294_Stream,state: present } serverc | CHANGED {ansible_facts: {discovered_interpreter_python: /usr/libexec/platform-python},changed: true,repo: RH294_Stream,state: present } [devopsworkstation ansible]$ ansible all -m command -a ls /etc/yum.repos.d serverd | CHANGED | rc0 redhat.repo RH294_Base.repo RH294_Stream.repo rhel_dvd.reposerverc | CHANGED | rc0 redhat.repo RH294_Base.repo RH294_Stream.repo rhel_dvd.reposervera | CHANGED | rc0 redhat.repo RH294_Base.repo RH294_Stream.repo rhel_dvd.reposerverb | CHANGED | rc0 redhat.repo RH294_Base.repo RH294_Stream.repo rhel_dvd.repo[devopsworkstation ansible]$ ansible all -m command -a cat /etc/yum.repos.d/RH294_Base.repo serverd | CHANGED | rc0 [RH294_Base] baseurl http://content.example.com/rhel8.0/x86_64/dvd/BaseOS enabled 1 gpgcheck 1 gpgkey /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release name RH294 base softwareserverc | CHANGED | rc0 [RH294_Base] baseurl http://content.example.com/rhel8.0/x86_64/dvd/BaseOS enabled 1 gpgcheck 1 gpgkey /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release name RH294 base softwareserverb | CHANGED | rc0 [RH294_Base] baseurl http://content.example.com/rhel8.0/x86_64/dvd/BaseOS enabled 1 gpgcheck 1 gpgkey /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release name RH294 base softwareservera | CHANGED | rc0 [RH294_Base] baseurl http://content.example.com/rhel8.0/x86_64/dvd/BaseOS enabled 1 gpgcheck 1 gpgkey /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release name RH294 base software[devopsworkstation ansible]$ ansible all -m command -a cat /etc/yum.repos.d/RH294_Stream.repo serverd | CHANGED | rc0 [RH294_Stream] baseurl http://content.example.com/rhel8.0/x86_64/dvd/AppStream enabled 1 gpgcheck 1 gpgkey /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release name RH294 stream softwareserverc | CHANGED | rc0 [RH294_Stream] baseurl http://content.example.com/rhel8.0/x86_64/dvd/AppStream enabled 1 gpgcheck 1 gpgkey /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release name RH294 stream softwareserverb | CHANGED | rc0 [RH294_Stream] baseurl http://content.example.com/rhel8.0/x86_64/dvd/AppStream enabled 1 gpgcheck 1 gpgkey /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release name RH294 stream softwareservera | CHANGED | rc0 [RH294_Stream] baseurl http://content.example.com/rhel8.0/x86_64/dvd/AppStream enabled 1 gpgcheck 1 gpgkey /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release name RH294 stream software目录一.debug模块的使用方法 1.帮助文档给出的示例 2.主要用到的参数 1msg主要用这个参数来指定要输出的信息 2var打印指定的变量一般是通过register注册了的变量 3verbosity调试级别默认是0表示全部显示 3.输出信息详解 4.在debug中使用when做条件判断 1通过rc的结果做判断 2通过是否failed做判断二.fact变量 1.setup简单用法演示 1命令行通过filter进行过滤 2--tree将信息输出到指定目录 2.手动设置fact 3.使用set_fact模块定义变量 4.手动采集变量三.fact缓存 1.json方式 2.redis方式 3.memcached方式基本已弃用四.魔法变量 1.hostvars 2.inventory_hostname 3.group_names 4.groups 5.play_hosts 6.inventory_dir 7.inventory_file 魔法变量和变量采集一.debug模块的使用方法 ansible上playbook的debug是一个常用的调试模块主要用于在playbook执行调试、引用变量过程输出一些关键信息并且可以对这些关键信息进行一定的格式化输出和条件判断 1.帮助文档给出的示例 EXAMPLES: # Example that prints the loopback address and gateway for each host - debug:msg: System {{ inventory_hostname }} has uuid {{ ansible_product_uuid }} - debug:msg: System {{ inventory_hostname }} has gateway {{ ansible_default_ipv4.gateway }}when: ansible_default_ipv4.gateway is defined # Example that prints return information from the previous task - shell: /usr/bin/uptimeregister: result - debug:var: resultverbosity: 2 - name: Display all variables/facts known for a hostdebug:var: hostvars[inventory_hostname]verbosity: 4 # Example that prints two lines of messages, but only if there is an environment value set - debug:msg:- Provisioning based on YOUR_KEY which is: {{ lookup(env, YOUR_KEY) }}- These servers were built using the password of {{ password_used }}. Please retain this for later use. 2.主要用到的参数 1msg主要用这个参数来指定要输出的信息演示效果 [rootmain ~]# cat iduser.yaml --- - name: is su existhosts: webserverstasks:- name: test sushell: id suregister: suignore_errors: yes- name: echo itdebug:msg: 用户存在[rootmain ~]# ansible-playbook iduser.yaml PLAY [is su exist] ****************************************************************************************************************************** TASK [Gathering Facts] ************************************************************************************************************************** ok: [servera] TASK [test su] ********************************************************************************************************************************** changed: [servera] TASK [echo it] ********************************************************************************************************************************** ok: [servera] {msg: 用户存在 } PLAY RECAP ************************************************************************************************************************************** servera : ok3 changed1 unreachable0 failed0 skipped0 rescued0 ignored0 2var打印指定的变量一般是通过register注册了的变量演示效果 [rootmain ~]# cat iduser.yaml --- - name: is su existhosts: serveratasks:- name: test sushell: id suregister: suignore_errors: yes- name: echo itdebug:var: su #打印前面已经注册了的“su”变量 [rootmain ~]# ansible-playbook iduser.yaml PLAY [is su exist] ****************************************************************************************************************************** TASK [Gathering Facts] ************************************************************************************************************************** ok: [servera] TASK [test su] ********************************************************************************************************************************** changed: [servera] TASK [echo it] ********************************************************************************************************************************** ok: [servera] {su: {changed: true, cmd: id su, delta: 0:00:00.002850, end: 2023-10-19 14:12:43.406662, failed: false, rc: 0, start: 2023-10-19 14:12:43.403812, stderr: , stderr_lines: [], stdout: uid1000(su) gid1000(su) groups1000(su), stdout_lines: [uid1000(su) gid1000(su) groups1000(su)]} } PLAY RECAP ************************************************************************************************************************************** servera : ok3 changed1 unreachable0 failed0 skipped0 rescued0 ignored0 3verbosity调试级别默认是0表示全部显示 3.输出信息详解以下面代码段为例 su表示变量在输出信息中它是一个字典类型 changed根据此值来判断是否发生了状态改变 cmd过程中调用的命令 failed是否运行失败 rc返回值为0成功非0失败或异常 stderr出现异常时会在这显示错误信息 stderr_lines以行分割的格式输出错误信息 stdout运行成功会在此处输出返回结果 stdout_lines以行分割的格式输出结果 ok: [servera] {su: {changed: true, cmd: id su, delta: 0:00:00.002850, end: 2023-10-19 14:12:43.406662, failed: false, rc: 0, start: 2023-10-19 14:12:43.403812, stderr: , stderr_lines: [], stdout: uid1000(su) gid1000(su) groups1000(su), stdout_lines: [uid1000(su) gid1000(su) groups1000(su)]} } 4.在debug中使用when做条件判断 1通过rc的结果做判断 [rootmain ~]# cat iduser.yaml --- - name: is su existhosts: serveratasks:- name: test sushell: id suregister: suignore_errors: yes- name: echo itdebug:msg: 用户存在when: su.rc0 #当返回值为0时才输出msg 2通过是否failed做判断 [rootmain ~]# cat iduser.yaml --- - name: is su existhosts: serveratasks:- name: test sushell: id suregister: suignore_errors: yes- name: echo itdebug:msg: 用户存在#when: su.rc0when: su is not failed #当su变量的结果不失败时才输出 [rootmain ~]# ansible-playbook iduser.yaml PLAY [is su exist] ****************************************************************************************************************************** TASK [Gathering Facts] ************************************************************************************************************************** ok: [servera] TASK [test su] ********************************************************************************************************************************** changed: [servera] TASK [echo it] ********************************************************************************************************************************** ok: [servera] {msg: 用户存在 } PLAY RECAP ************************************************************************************************************************************** servera : ok3 changed1 unreachable0 failed0 skipped0 rescued0 ignored0 二.fact变量 setup用于获取受管节点的详细信息硬盘、IP、cpu等信息可以将信息作为变量在playbook中引用setup依赖fact进行获取信息 EXAMPLES: # Display facts from all hosts and store them indexed by I(hostname) at C(/tmp/facts). # ansible all -m setup --tree /tmp/facts # Display only facts regarding memory found by ansible on all hosts and output them. # ansible all -m setup -a filteransible_*_mb # Display only facts returned by facter. # ansible all -m setup -a filterfacter_* # Collect only facts returned by facter. # ansible all -m setup -a gather_subset!all,!any,facter - name: Collect only facts returned by factersetup:gather_subset:- !all- !any- facter 1.setup简单用法演示 1命令行通过filter进行过滤 [rootmain ~]# ansible servera -m setup -a filteransible_*_ipv4 servera | SUCCESS {ansible_facts: {ansible_default_ipv4: {address: 192.168.2.131, alias: ens33, broadcast: 192.168.2.255, gateway: 192.168.2.1, interface: ens33, macaddress: 00:0c:29:bc:03:89, mtu: 1500, netmask: 255.255.255.0, network: 192.168.2.0, type: ether}, discovered_interpreter_python: /usr/bin/python}, changed: false } 2--tree将信息输出到指定目录 [rootmain ~]# ansible servera -m setup -a filteransible_*_mb --tree /root/facts [rootmain ~]# cat facts/servera {ansible_facts: {ansible_memfree_mb: 5327, ansible_memory_mb: {nocache: {free: 5510, used: 338}, real: {free: 5327, total: 5848, used: 521}, swap: {cached: 0, free: 2047, total: 2047, used: 0}}, ansible_memtotal_mb: 5848, ansible_swapfree_mb: 2047, ansible_swaptotal_mb: 2047, discovered_interpreter_python: /usr/bin/python}, changed: false} 2.手动设置fact 可以为某写主机手动定制fact称其为本地fact将管理节点定义好的fact文件传输给需要定制fact的节点定制的fact默认存放在受管节点的/etc/ansible/facts.d目录下示例为server节点自定义一个fact使用这个fact启动servera上的httpd服务此示例主要用到三个文件cus.fact、afact.yaml、useafact.yaml都放在同一目录下 [rootmain ~]# cat cus.fact #在管理节点定义好fact文件 [su] mypkghttpd myserhttpd statestarted [rootmain ~]# cat afact.yaml #定义yaml文件在受管节点创建/etc/ansible/facts.d目录将fact文件拷贝至这个目录 --- - hosts: serveravars:remote_dir: /etc/ansible/facts.dfacts_file: cus.facttasks:- name: create remote_dir in serverafile:state: directoryrecurse: yespath: {{ remote_dir }}- name: copy local cus.factcopy:src: {{ facts_file }}dest: {{ remote_dir }} [rootmain ~]# ansible servera -m setup -a filteransible_local #成功在servera上过滤出本地fact servera | SUCCESS {ansible_facts: {ansible_local: {cus: {su: {mypkg: httpd, myser: httpd, state: started}}}, discovered_interpreter_python: /usr/bin/python}, changed: false } [rootmain ~]# cat useafact.yaml #为servera定义yaml文件引用其下的fact进行启动httpd --- - hosts: serveratasks:- name: using servera local fact to start httpdservice:name: {{ ansible_facts.ansible_local.cus.su.myser }}#引用方式较长ansible的facts.本地的.fact文件.fact内的字段名state: {{ ansible_facts.ansible_local.cus.su.state }} [rootmain ~]# ansible-playbook useafact.yaml PLAY [servera] ********************************************************************************************************************************** TASK [Gathering Facts] ************************************************************************************************************************** ok: [servera] TASK [using servera local fact to start httpd] ************************************************************************************************** changed: [servera] PLAY RECAP ************************************************************************************************************************************** servera : ok2 changed1 unreachable0 failed0 skipped0 rescued0 ignored0 [rootmain ~]# ansible servera -m shell -a systemctl status httpd | grep Active #启动成功 servera | CHANGED | rc0 Active: active (running) since Thu 2023-10-19 15:15:09 CST; 5s ago 3.使用set_fact模块定义变量 set_fact用于自定义facts从而通过template或作为变量在playbook中被引用set_fact定义的变量只能在此playbook中使用有效 EXAMPLES: # Example setting host facts using keyvalue pairs, note that this always creates strings or booleans - set_fact: one_factsomething other_fact{{ local_var }} # Example setting host facts using complex arguments - set_fact:one_fact: somethingother_fact: {{ local_var * 2 }}another_fact: {{ some_registered_var.results | map(attributeansible_facts.some_fact) | list }} # Example setting facts so that they will be persisted in the fact cache - set_fact:one_fact: somethingother_fact: {{ local_var * 2 }}cacheable: yes # As of Ansible 1.8, Ansible will convert boolean strings (true, false, yes, no) # to proper boolean values when using the keyvalue syntax, however it is still # recommended that booleans be set using the complex argument style: - set_fact:one_fact: yesother_fact: no 示例通过set_fact计算进程使用内存的情况这个计算结果也可以在playbook中引用 [rootmain ~]# ansible servera -m setup -a filteransible_memtotal_mb servera | SUCCESS {ansible_facts: {ansible_memtotal_mb: 5848, #先过滤一下看参数是否存在discovered_interpreter_python: /usr/bin/python}, changed: false } [rootmain ~]# cat initfree.yaml --- - hosts: serveratasks:- name: cal pool sizeset_fact: #定义一个变量为这个计算结果pool_size: {{ ansible_memtotal_mb / 2 | int}}- debug:var: pool_size #输出这个变量 [rootmain ~]# ansible-playbook initfree.yaml PLAY [servera] ********************************************************************************************************************************** TASK [Gathering Facts] ************************************************************************************************************************** ok: [servera] TASK [cal pool size] **************************************************************************************************************************** ok: [servera] TASK [debug] ************************************************************************************************************************************ ok: [servera] {pool_size: 2924.0 } PLAY RECAP ************************************************************************************************************************************** servera : ok3 changed0 unreachable0 failed0 skipped0 rescued0 ignored0 4.手动采集变量运行playbook时ansible会先ssh到受管节点去采集fact如果收集信息过多过大会影响执行速度和效率可以选择关闭采集或先关闭采集完成任务再重新采集 #显式采集行为 TASK [Gathering Facts] ************************************************************************************************************************** ok: [servera] 示例上述情况下我们可以使用gather_facts显式关闭fact采集然后执行完任务再重新采集facts [rootmain ~]# cat nogather.yaml --- - hosts: serveragather_facts: falsetasks:- name: debug thisdebug: msghello- name: wait for 10wait_for:timeout: 6- name: regather factssetup:gather_subset: all #参考EXAMPLES [rootmain ~]# ansible-playbook nogather.yaml PLAY [servera] ********************************************************************************************************************************** TASK [debug this] ******************************************************************************************************************************* ok: [servera] {msg: hello } TASK [wait for 10] ****************************************************************************************************************************** ok: [servera] TASK [regather facts] *************************************************************************************************************************** ok: [servera] PLAY RECAP ************************************************************************************************************************************** servera : ok3 changed0 unreachable0 failed0 skipped0 rescued0 ignored0 三.fact缓存在playbook中引入fact时可以设置fact缓存目前以是json、redis、memcached三种方式以下是需要修改的ansible.cfg的defaults部分参数 gathering 是否开启fact支持三个选项smart默认采集factsfacts已存在时不采集即缓存implicit默认采集facts可以使用gather_facts: false来禁止采集explicit默认不采集可以使用gather_facts: true来假期采集 fact_caching_timeout 缓存时间秒为单位 fact_caching 缓存方式jsonfileredismemcached fact_caching_connection 指定fact缓存的json文件位置若没有会自动创建 1.json方式此方式下ansible会将fact写入控制主机的文件中 #在ansible.cfg配置文件的defaults模块加这些参数 gatheringsmart fact_caching_timeout86400 fact_cachingjsonfile fact_caching_connection/root/ansible_fact_cache 示例执行一个会采集fact的playbook查看是否将fact缓存到指定的位置 [rootmain ~]# cat ansible.cfg [defaults] ...... gatheringsmart fact_caching_timeout86400 fact_cachingjsonfile fact_caching_connection/root/ansible_fact_cache ...... [rootmain ~]# ansible-playbook myhttpd.yaml PLAY [stop servera httpd] *********************************************************************************************************************** TASK [Gathering Facts] ************************************************************************************************************************** ok: [servera] TASK [stop it] ********************************************************************************************************************************** ok: [servera] PLAY [install serverb mod_ssl] ****************************************************************************************************************** TASK [Gathering Facts] ************************************************************************************************************************** ok: [serverb] TASK [install it] ******************************************************************************************************************************* ok: [serverb] PLAY RECAP ************************************************************************************************************************************** servera : ok2 changed0 unreachable0 failed0 skipped0 rescued0 ignored0 serverb : ok2 changed0 unreachable0 failed0 skipped0 rescued0 ignored0 [rootmain ~]# ll /root/ansible_fact_cache/ #查看 total 56 -rw-r--r-- 1 root root 25052 Oct 19 18:00 servera -rw-r--r-- 1 root root 25071 Oct 19 18:00 serverb 2.redis方式需要安装redis服务且保持运行还需要安装python支持redis的相关包更改ansible.cfg fact_cachingredis #指定redis方式 fact_caching_connection127.0.0.1:6379:0 #指定redis服务设备的IP和端口使用0号数据库 [rootmain ~]# yum install -y redis #安装redis [rootmain ~]# systemctl start redis [rootmain ~]# ps -ef | grep redis redis 4278 1 0 17:50 ? 00:00:00 /usr/bin/redis-server 127.0.0.1:6379 root 4286 1485 0 17:51 pts/0 00:00:00 grep --colorauto redis [rootmain ~]# systemctl enable redis Created symlink from /etc/systemd/system/multi-user.target.wants/redis.service to /usr/lib/systemd/system/redis.service. [rootmain ~]# python --version Python 2.7.5 [rootmain ~]# yum list | grep python2-redis python2-redis.noarch 2.10.6-2.el7 epel [rootmain ~]# yum install -y python2-redis.noarch #安装对应python版本对应的redis支持包 [rootmain ~]# ansible-playbook myhttpd.yaml #再执行一次 [rootmain ~]# redis-cli #进入查看 127.0.0.1:6379 keys * 1) ansible_factsservera 2) ansible_factsserverb 3) ansible_cache_keys 127.0.0.1:6379 type ansible_cache_keys zset 127.0.0.1:6379 type ansible_factsservera #前两个就是采集的facts string 127.0.0.1:6379 3.memcached方式基本已弃用四.魔法变量 1.hostvars 1作用用于获取某台受管节点的相关变量通过hostvars来指定受管节点和需要获取的信息并将这整个语句作为一个变量 2基本格式 {{ hostvars[受管节点].ansible_该节点网卡名称.ipv4.address }} 示例获取servera的IPV4地址需要用到servera的网卡连接名称[rootmain ~]# cat getserveraip.yaml --- - hosts: serveratasks:- name: get serveraipdebug:var: {{ hostvars[servera].ansible_ens33.ipv4.address }} [rootmain ~]# ansible-playbook getserveraip.yaml PLAY [servera] ********************************************************************************************************************************** TASK [get serveraip] **************************************************************************************************************************** ok: [servera] {192.168.2.131: VARIABLE IS NOT DEFINED! } PLAY RECAP ************************************************************************************************************************************** servera : ok1 changed0 unreachable0 failed0 skipped0 rescued0 ignored0 2.inventory_hostname 1作用用来识别正在运行的管理节点的主机名若在inventory中定义过别名那么会识别别名若是IP就会识别IP其中若是别名较长使用inventory_hostname_short可以只获取最前一个域 2示例 [rootmain ~]# cat myhosts 192.168.2.131 serverb serverc.ex.com ansible_host192.168.2.133 [rootmain ~]# ansible all -m debug -a msg{{inventory_hostname}} 192.168.2.131 | SUCCESS {msg: 192.168.2.131 } serverb | SUCCESS {msg: serverb } serverc.ex.com | SUCCESS {msg: serverc.ex.com } [rootmain ~]# ansible all -m debug -a msg{{inventory_hostname_short}} #短获取 192.168.2.131 | SUCCESS {msg: 192 } serverb | SUCCESS {msg: serverb } serverc.ex.com | SUCCESS {msg: serverc } [rootmain ~]# cat getserveraip.yaml #识别成功 --- - hosts: alltasks:- name: get serverdebug:var: {{ hostvars[inventory_hostname].ansible_ens33.ipv4.address }} TASK [get server] ******************************************************************************************************************************* ok: [192.168.2.131] {192.168.2.131: VARIABLE IS NOT DEFINED! } ok: [serverb] {192.168.2.132: VARIABLE IS NOT DEFINED! } ok: [serverc.ex.com] {192.168.2.133: VARIABLE IS NOT DEFINED! } 3.group_names 识别正在运行的管理节点的主机组 [rootmain ~]# cat myhosts [webservers] servera serverb [dbserver] serverc [webgroup:children] webservers [rootmain ~]# ansible all -m debug -a msg{{group_names}} serverc | SUCCESS {msg: [dbserver] } servera | SUCCESS {msg: [webgroup, webservers] } serverb | SUCCESS {msg: [webgroup, webservers] } 4.groups 识别inventory文件中所有主机组并且可以枚举出其中的所有主机。 [rootmain ~]# cat myhosts [webservers] servera serverb [dbserver] serverc [webgroup:children] webservers [rootmain ~]# ansible all -m debug -a msg{{groups}} serverc | SUCCESS {msg: {all: [serverc, servera, serverb], dbserver: [serverc], ungrouped: [], webgroup: [servera, serverb], webservers: [servera, serverb]} } servera | SUCCESS {msg: {all: [serverc, servera, serverb], dbserver: [serverc], ungrouped: [], webgroup: [servera, serverb], webservers: [servera, serverb]} } serverb | SUCCESS {msg: {all: [serverc, servera, serverb], dbserver: [serverc], ungrouped: [], webgroup: [servera, serverb], webservers: [servera, serverb]} } 5.play_hosts 当前的playbook将在哪些节点上运行 6.inventory_dir 主机清单所在的目录 [rootmain ~]# ansible all -m debug -a msg{{inventory_dir}} serverc | SUCCESS {msg: /root } servera | SUCCESS {msg: /root } serverb | SUCCESS {msg: /root } 7.inventory_file 哪个是主机清单文件 [rootmain ~]# ansible all -m debug -a msg{{inventory_file}} serverc | SUCCESS {msg: /root/myhosts } servera | SUCCESS {msg: /root/myhosts } serverb | SUCCESS {msg: /root/myhosts }

查看全文

http://www.zqtcl.cn/news/942042/