當前位置：首頁 > 编程资源 > 编程问答 >内容正文

编程问答

Anisble中的任务执行控制

發布時間：2024/9/3 编程问答 21 豆豆

生活随笔收集整理的這篇文章主要介紹了 Anisble中的任务执行控制小編覺得挺不錯的,現在分享給大家,幫大家做個參考.

一、循環

#1.簡單循環# loop: ##賦值列表- value1- value2- ...{{item}} ##迭代變量名稱#實例# --- - name: create filehosts: 172.25.0.254tasks:- name: file modulefile:name: /mnt/{{item}}state: presentloop:- westos_file1- westos_file2#2.循環散列或字典列表# --- - name: create filehosts: 172.25.0.254tasks:- name: file moduleservice:name: "{{ item.name}}"state: "{{ item.state }}"loop:- name: httpdstate: started- name: vsftpdstate: stopped

?腳本練習：

在系統中完成以下用戶操作

1.建立用戶組shengchan，caiwu，jishu并滿足以下要
* shengchan組id為8000
* caiwu組id為8001
* jishu組id為8002

2.建立westosuser,linux,lee,westosadmin等用戶完成以下要求
* westosuser用戶的附加組為shengchan和jishu
* lee的主組為caiwu附加組為技術，lee的uid和gid必須一致
* linux為系統賬號不能直接被操作者使用
* westosamdin用戶不屬于以上三個部門，但是可以在系統中自由的管理用戶

3.
* 以上用戶密碼均為westos,并要求用戶首次登陸時強制修改密碼
* 設定以上用戶密碼必須在30天內進行休改，并在過期前2天發出警告求

--- - name: create filehosts: list1tasks:- name: create groupgroup:name: "{{item.name}}"gid: "{{item.gid}}"state: presentloop:- name: shengchangid: 8000- name: caiwugid: 8001- name: jishugid: 8002- name: westosusergid: 8003- name: linuxgid: 8004- name: westosadmingid: 8005- name: create useruser:name: "{{item.name}}"groups: "{{item.groups}}"group: "{{item.group}}"shell: "{{item.shell}}"uid: "{{item.uid}}"password: '$6$4RBSjfuYIt694mEi$KetzruRtGRzZIPA4B/hDCimIWCalsOkzCH2GEoHvRTZpDXWL1xf.0.SYDg.SQ6KwtMUDKsNIcH0MAd3AHBRET0'loop:- name: westosusergroups: shengchan, jishugroup: 8003shell: /bin/bashuid: 8003- name: leegroups: jishugroup: caiwushell: /bin/bashuid: 8001- name: linuxgroups: linuxgroup: linuxshell: /sbin/nologinuid: 8004- name: westosadmingroups: westosadmingroup: westosadminshell: /bin/bashuid: 8005- name: westosadminlineinfile:path: /etc/sudoersregexp: "^root"insertafter: "^root"line: "westosadmin {{ansible_facts['fqdn']}}=(root) NOPASSWD: /sbin/useradd, /sbin/userdel, /sbin/usermod"- name: configure password messagesshell: chage -d 0 -M 30 -W 2 "{{item}}"loop:- westosuser- lee- westosadmin ...

二、條件

when:- 條件1- 條件2#條件判斷# = value == "字符串",value == 數字 < value < 數字 > value > 數字 <= value <= 數字 >= value >= 數字 != value != 數字 is defined value value is defined 變量存在 is not defined value is not defined 變量不存在 bool變量為true value value的值為true bool變量 false not value value的值為falsevalue in value2 value的值在value2列表中 #多條條件組合# when：條件1 and 條件2- 條件1- 條件2when:條件1 or 條件2when: >條件1or條件2

測試題：

*建立大小為1500M名為exam_lvm的 lvm在westos組中

*如果westos不存在請輸入：

vg westos is not exist

*如果westos大小不足1500M清輸出：

vg westos is less then 1500M

并建立800M大小的lvm

三、觸發器

notify: 觸發器當遇到更改是觸發handlershandlers：觸發器觸發后執行的動作#實例# --- - name: create virtualhost for web serverhosts: 172.25.0.254vars_files:./vhost_list.ymltasks:- name: create documentfile:path: "{{web2.document}}"state: directory- name: create vhost.confcopy:dest: /etc/httpd/conf.d/vhost.confcontent:"<VirtualHost *:{{web1.port}}>\n\tServerName {{web1.name}}\n\tDocumentRoot {{web1.document}}\n\tCustomLog logs/{{web1.name}}.log combined\n</VirtualHost>\n\n<VirtualHost *:{{web2.port}}>\n\tServerName {{web2.name}}\n\tDocumentRoot {{web2.document}}\n\tCustomLog logs/{{web2.name}}.log combined\n</VirtualHost>"notify:restart apachehandlers:- name: restart apacheservice:name: httpdstate: restarted

腳本練習：

搭建一個vsftpd服務

--- - name: creat vsftpdhosts: alltasks:- name: install vsftpddnf:name: vsftpdstate: present- name: config vsftpd.conftemplate:src: ~/ansible/vsftpd.conf.j2dest: /etc/vsftpd/vsftpd.confnotify: restart vsftpd- name: config ftpdirfile:path: /var/ftp/pubgroup: ftpmode: '0775'setype: "public_content_rw_t"- name: set seboolseboolean:name: ftpd_anon_writestate: yespersistent: yes- firewalld:zone: publicservice: ftppermanent: yesstate: enabledimmediate: yeshandlers:- name: restart vsftpdservice:name: vsftpdstate: restarted ...

四、處理失敗任務

1.ignore_errors#
#作用：
當play遇到任務失敗是會終止
ignore_errors: yes?? ?將會忽略任務失敗使下面的任務繼續運行

#實例#

--- - name: testhosts: alltasks:- name: testdnf:name: sunstate: presentignore_errors: yes- name: create filefile:path: /mnt/sunstate: touch...

測試效果：

2.force_handlers#
#作用：
#當任務失敗后play被終止也會調用觸發器進程

#示例#

--- - name: apache change porthosts: allforce_handlers: yesvars:http_port: 8080tasks:- name: configure apache conf filelineinfile:path: /etc/httpd/conf/httpd.confregexp: "^Listen"line: "Listen {{ http_port }}"notify: restart apache- name: install errordnf:name: westosstate: latesthandlers:- name: restart apacheservice:name: httpdstate: restartedenabled: yes ...

驗證：

3.changed_when#
#作用：
#控制任務在何時報告它已進行更改

--- - name: apache change porthosts: allforce_handlers: yesvars:http_port: 80tasks:- name: configure apache conf filelineinfile:path: /etc/httpd/conf/httpd.confregexp: "^Listen"line: "Listen {{ http_port }}"changed_when: yesnotify: restart apache- name: install errorignore_errors: yesdnf:name: westosstate: latesthandlers:- name: restart apacheservice:name: httpdstate: restartedenabled: yes ...

測試：

?4.failed_when#
#當符合條件時強制任務失敗

--- - name: testhosts: alltasks:- name: testdnf:name: lftpstate: presentregister: lftp_outfailed_when: "'0' in lft_out.rc"- name: create filefile:path: /mnt/sunstate: touch...

測試：

5.block

block:	定義要運行的任務
rescue:	定義當block句子中出現失敗任務后運行的任務
always：	定義最終獨立運行的任務

#測試練習#
建立playbook? ~/sun.yml要求如下:
建立大小為1500M名為/dev/vdb1的設備
如果/dev/vdb不存在請輸入:
???? /dev/vdb? is not exist
如果/dev/vdb大小不足2G請輸出：
???? /dev/vdb is less then 2G
并建立800M大小的/dev/vdb1
此設備掛載到/sun上

--- - name: create /dev/vdb1hosts: alltasks:- block:- parted:device: /dev/vdbnumber: 1state: presentpart_end: 2000MiB- parted:device: /dev/vdbnumber: 1state: absent- parted:device: /dev/vdbnumber: 1state: presentpart_end: 1500MiBwhen: ansible_facts['devices']['vdb'] is definedrescue:- debug:msg: /dev/vdb is less then 2G- parted:device: /dev/vdbnumber: 1state: presentpart_end: 800MiBalways:- filesystem:fstype: xfsdev: /dev/vdb1force: yes- mount:path: /sunsrc: /dev/vdb1fstype: xfsstate: mounted- name: check /dev/vdbdebug:msg: "vdb is not exist"when: ansible_facts['devices']['vdb'] is not defined ...

總結

以上是生活随笔為你收集整理的Anisble中的任务执行控制的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。

Anisble