Ansible7:playbook Common module "Turn"

Source: Internet
Author: User
Tags ssh config

Playbook modules are somewhat different from the modules used under the Ansible command line. This is mainly because some facts variables and some variables obtained from the remote host through the Setup module are used in playbook. Some modules are not able to run under the command line, because they require these variables. And even those modules that can work at the command line can get some more advanced functionality through the Playbook module.

1. Template

In practical applications, some places of our configuration files may vary slightly depending on the configuration of the remote host, and the template can use variables to receive the facts information collected by Setup on the remote host, customizing the configuration file for different configured hosts. The usage is roughly the same as the copy module.

Common parameters:

Backup: If the original destination file exists, back up the destination file first

Dest: Destination file path

Force: Whether override is mandatory, default is Yes

Group: Target file genus

Mode: Permissions for the target file

Owner: Destination file owner

SRC: source Template file path

Validate: Validates the target file with a command before copying, and copies if the validation passes

Official Simple example:

-Template:src=/mytemplates/foo.j2 dest=/etc/file.conf owner=bin group=wheel mode=0644-template:src=/mytemplates/ Foo.j2 dest=/etc/file.conf owner=bin group=wheel mode= "U=rw,g=r,o=r"-template:src=/mine/sudoers dest=/etc/sudoers Validate= ' visudo-cf%s '

Examples of jinja2 templates for named.conf configuration files:

Options {

Listen-on Port 53 {

127.0.0.1;

{% for IP in ansible_all_ipv4_addresses%}

{{IP}};

{% ENDFOR%}

};

Listen-on-v6 Port 53 {:: 1;};

Directory "/var/named";

Dump-file "/var/named/data/cache_dump.db";

Statistics-file "/var/named/data/named_stats.txt";

Memstatistics-file "/var/named/data/named_mem_stats.txt";

};

Zone "." in {

Type hint;

File "named.ca";

};

Include "/etc/named.rfc1912.zones";

Include "/etc/named.root.key";

{# Variables for zone config #}

{% if ' authorativenames ' in group_names%}

{% Set zone_type = ' master '%}

{% Set zone_dir = ' data '%}

{% Else%}

{% Set zone_type = ' slave '%}

{% Set zone_dir = ' Slaves '%}

{% ENDIF%}

Zone "Internal.example.com" in {

Type {{Zone_type}};

File "{{Zone_dir}}/internal.example.com";

{% if ' authorativenames ' not in group_names%}

Masters {192.168.2.2;};

{% ENDIF%}

};

Playbook example of a method that references the template configuration file:

-Name:setup BIND

Host:allnames

Tasks

-Name:configure BIND

Template:src=templates/named.conf.j2 dest=/etc/named.conf owner=root group=named mode=0640

2, Set_fact

The Set_fact module can customize the facts, and these custom facts can be used in playbook by template or variable. If you want to get the percentage of memory used by a process, you must derive its value by set_fact and reference it in playbook.

The following is an example of configuring MySQL InnoDB buffer size:

-Name:configure MySQL

Hosts:mysqlservers

Tasks

-Name:install MYSQL

Yum:name=mysql-server state=installed

-name:calculate InnoDB Buffer pool Size

Set_fact:innodb_buffer_pool_size_mb= "{{ANSIBLE_MEMTOTAL_MB/2}}"

-Name:configure MySQL

TEMPLATE:SRC=TEMPLATES/MY.CNF dest=/etc/my.cnf owner=root group=root mode=0644

Notify:restart MySQL

-Name:start MySQL

Service:name=mysqld state=started Enabled=yes

Handlers:

-Name:restart MySQL

Service:name=mysqld state=restarted


Example of MY.CNF configuration:

# {{ansible_managed}}

[Mysqld]

Datadir=/var/lib/mysql

Socket=/var/lib/mysql/mysql.sock

# Disabling Symbolic-links is recommended to prevent assorted

Security risks

Symbolic-links=0

# Configure the buffer pool

Innodb_buffer_pool_size = {{Innodb_buffer_pool_size_mb|int}}m

[Mysqld_safe]

Log-error=/var/log/mysqld.log

Pid-file=/var/run/mysqld/mysqld.pid

3. Pause

Pause a certain amount of time during playbook execution or prompt the user for some action

Common parameters:

Minutes: How many minutes to pause

Seconds: How many seconds to pause

Prompt: Print a list of messages prompting the user to operate

Example:

-Name:wait on user input

Pause:prompt= "warning! Detected slight issue. ENTER to continue ctrl-c A to quit "

-Name:timed Wait

Pause:seconds=30

4, Wait_for

During the execution of the playbook, wait for certain operations to complete before subsequent operations

Common parameters:

Connect_timeout: Waits for a connection timeout before the next task executes

Delay: When waiting for a port or file or connecting to a specified state, the default time-out is 300 seconds, and in this waiting time of 300s, the Wait_for module polls the specified object for the specified state, and the delay is how long it takes to poll the state.

Host:wait_for the address of the host to which the module waits, the default is 127.0.0.1

Port:wait_for the port of the host to which the module is waiting

Path: File path, the next task will only start when the file is present, waiting for the file to be created

State: The status of the wait, that is, when the waiting file or port or connection state reaches the specified state, the next task begins execution. When the waiting object is a port, the state has started,stoped, that is, the port is already listening or the port is closed, when the waiting object is a file, the state has present or started,absent, that is, the file has been created or deleted, and when the waiting object is a connection, The status is drained, that is, the connection is established. Default is Started

Timeout:wait_for wait time-out, default is 300 seconds

Example:

-wait_for:port=8080 state=started #等待8080端口已正常监听 to start the next task until the timeout

-wait_for:port=8000 delay=10 #等待8000端口正常监听, check every 10s until wait timeout

-wait_for:host=0.0.0.0 port=8000 delay=10 state=drained #等待8000端口直至有连接建立

-wait_for:host=0.0.0.0 port=8000 state=drained exclude_hosts=10.2.1.2,10.2.1.3 #等待8000端口有连接建立, If the connection is from 10.2.1.2 or 10.2.1.3, it is ignored.

-Wait_for:path=/tmp/foo #等待/tmp/foo file was created

-Wait_for:path=/tmp/foo search_regex=completed #等待/tmp/foo file is created, and the file needs to contain the completed string

-Wait_for:path=/var/lock/file.lock state=absent #等待/var/lock/file.lock was deleted

-Wait_for:path=/proc/3466/status state=absent #等待指定的进程被销毁

-Local_action:wait_for port=22 host= "{{ansible_ssh_host | default (Inventory_hostname)}}" Search_regex=openssh delay= #等待openssh启动, 10s check once

5, assemble

For assembling files, coming up with multiple fragmented files, merging a large file

Common parameters:

SRC: Path to the original file (that is, fragmented files)

Dest: merged large file path

Group: The genus of the merged large files

Owner: Master of the merged large file

Mode: Permissions for large files after merging

Validate: Same as template's validate, specify command validation file

Ignore_hidden: When assembling, whether to ignore hidden files, default to No, this parameter is added in version 2.0

Example:

-Hosts:all

Tasks

-Name:make a Directory in/opt

File:path=/opt/sshkeys state=directory owner=root group=root mode=0700

-Name:copy SSH keys over

copy:src=keys/{{Item}}.pub dest=/opt/sshkeys/{{item}}.pub owner=root group=root mode=0600

With_items:

-Dan

-Kate

-Mal

-Name:make The root Users SSH config directory

File:path=/root/.ssh state=directory owner=root group=root mode=0700

-Name:build The Authorized_keys file

Assemble:src=/opt/sshkeys/dest=/root/.ssh/authorized_keys owner=root group=root mode=0700 #将/opt/ All files in the Sshkeys directory are merged into a/root/.ssh/authorized_keys file

6, Add_host

Dynamically add hosts to the specified host group during playbook execution

Common parameters:

Groups: Adding a host to a specified group

Name: Host name or IP address to add

Example:

-Name:add a host to group Webservers

Hosts:webservers

Tasks

-Add_host name={{IP_FROM_EC2}} group=webservers foo=42 #添加主机到webservers组中, the value of the host variable foo is 42

7, Group_by

Dynamic creation of host groups during playbook execution

Example:

-Name:create Operating System group

Hosts:all

Tasks

-group_by:key=os_{{Ansible_distribution}} #在playbook中设置一个新的主机组

-Name:run on the CentOS hosts only

Hosts:os_centos

Tasks

-Name:install Apache

YUM:NAME=HTTPD State=latest

-Name:run on Ubuntu hosts only

Hosts:os_ubuntu

Tasks

-Name:install Apache

Apt:pkg=apache2 State=latest

8. Debug

Debug module for outputting information in debug

Common parameters:

MSG: DEBUG Output message

VAR: passes the output of a task execution as a variable to the debug module, and debug prints the output directly

Level of Verbosity:debug

Example:

# Example that prints the loopback address and gateway to each host-debug:msg= "System {{inventory_hostname}} have UUID  {{Ansible_product_uuid}} "-debug:msg=" System {{inventory_hostname}} has gateway {{Ansible_default_ipv4.gateway}} "    When:ansible_default_ipv4.gateway is Defined-shell:/usr/bin/uptime register:result-debug:var=result verbosity=2 #直接将上一条指令的结果作为变量传递给var, the value of result is printed by debug-Name:display all variables/facts known for a host Debug:var=hostvars[invento Ry_hostname] Verbosity=4

9. Fail

Used to terminate the execution of the current playbook, usually combined with a conditional statement, terminating the current play operation when the condition is met. Can be replaced directly by Failed_when.

There is only one option:

Msg: Print out information before terminating

Example:

-fail:msg= "The system may is provisioned according to the CMDB status." When:cmdb_status! = "To-be-staged"

This article is from the "Nobody" blog, please be sure to keep this source http://breezey.blog.51cto.com/2400275/1757589

Ansible7:playbook Common module "Turn"

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.