一、inventory介绍
前面我们介绍过ansible的hosts文件是存放被管理主机的,被管理主机比较少的情况下,直接在hosts中定义即可,但是以后很定会管理多台主机,而ansible可管理的主机集合就叫做inventory。在ansible中,描述你主机的默认方法是将它们列在一个文本文件中,这个文件叫inventory文件。
一个简单的inventory文件可能只包含一组主机名的列表,如下:
ftp.testansible.com
samba.testansible.com
mail.testansible.com
- inventory的行为参数
有时候我们需要在ansible inventory文件中描述我们的主机,我们需要定义主机名,以及ansible的ssh客户端可以连接到的端口(22,2222,22300)等,那么ansible将这些变量命名为inventory的行为参数,如下:
ansible默认的inventory文件是/etc/ansible/hosts名称 默认值 描述 ansible_ssh_host 主机的名字 SSH目的主机名或IP ansible_ssh_port 22 SSH目的端口 ansible_ssh_user root SSH登录使用的用户名 ansible_ssh_pass none SSH认证所使用的密码 ansible_connection smart ansible使用何种连接模式连接到主机 ansible_ssh_private_key_file none SSH认证所使用的私钥 ansible_shell_type sh 命令所使用的shell ansible_python_interpreter /usr/bin/python 主机上的python解释器
可以自定义动态的inventory文件,(--inventory-file等同于-i path)如下
如果有多台服务器的话,想并发运行,可以使用-f参数,默认是并发5#ansible --inventory-file=/root/iptables/iptableshosts iptables -m script -a '/root/iptables/check_iptables.sh'
#ansible --inventory-file=/root/iptables/iptableshosts iptables -f 6 -m script -a '/root/iptables/check_iptables.sh'
- 主机和主机组定义方式:
直接定义一台或者2台server
定义一个组,可以是ip也可以是解析好的域名#vim /etc/ansible/hosts 192.168.100.10 192.168.100.11
嵌套定义组[web] 192.168.100.10 192.168.100.11 [httpd] 192.168.100.12 192.168.100.13
[apache] http1.test.com http2.test.com [nginx] nginx1.test.com nginx2.test.com [webservers:children] apache nginx
- 主机变量和组变量
主机变量:针对单主机的特性化要求,通过内置变量实现,如下:
群组变量[webservers] web1.test.com http_port=80 ansible_ssh_port=12345
语法:[<group name>:vars] 在inventory中指定群组变量,如下:[all:vars] ntp_server=ntp.centos.com [production] test1 test2 test3 [production:vars] db_primary_port=22 [groupservers] web1.test.com web2.test.com [groupservers:vars] ntp_server=ntp.test.com admin_user=tom
- 嵌套组和组变量
[apache] http1.test.com http2.test.com [nginx] nginx1.test.com nginx2.test.com [webservers:children] apache nginx [webservers:vars] ntp_server=ntp.test.com
- 变量分离
变量除了可以和inventory一起存储在INI配置文件中,也可以独立出来。
当我们要为非常多的主机和主机组分别设置不同的变量时,用如上的方式就显得比较笨拙了,就需要用到group_vars和host_vars 变量了。Ansible在运行任何yml文件之前,都会去搜索与Hosts文件同一个目录下的两个用于定义变量的目录group_vars和host_vars,所以,我们可以在这两个目录下放一些使用YAML语法编辑的定义变量的文件,并以对应的主机名和主机组名来命名这些文件,这样在运行ansible时
ansible会自动去这两个目录下读取针对不同主机和主机组的变量定义
比如对主机组group设置变量:
对主机host1设置变量File: /etc/ansible/group_vars/group admin_user: tom
除此之外,我们还可以在group_vars和host_vars两个文件夹下定义all文件来一次性地为所有的主机组和主机定义变量。如何巧妙使用主机变量和组变量有些时候,我们在运行ansible任务时,可能需要从一台远程主机上面获取另一台远程主机的变量信息,这时一个神奇的变量hostvars可以帮我们实现这一个需求。变量hostvars包含了指定主机上面所定义的所有变量。File: /etc/ansible/host_vars/host1 admin_user: john
比如我们想获取host1上面的变量admin_user的内容,在任意主机上直接使用如下代码即可:
{{ hostvars['host1']['admin_user'] }}
Ansible提供了一些非常有用的内置变量,这里我们列举几个常用的:
a、groups: 包含了所有Hosts文件里面主机组的一个列表
b、group_names: 包含了当前主机所在的所有主机组名的一个列表
c、inventory_hostname: 通过Hosts文件定义主机的主机名和ansible_home不一定相同
d、play_hosts: 将会执行当前任务的所有主机 - yml文件中使用变量的一个例子:
--- - hosts: all user: root vars: GETURL:"http://192.168.24.14/sa" TARFILE:"sa" TMPPATCH:"/tmp" SHFILE:"os.sh" tasks: - name: Download `TARFILE`.tar.gz package get_url: url="`GETURL`/`TARFILE`.tar.gz" dest=`TMPPATCH` sha256sum=b6f482b3c26422299f06524086d1f087e1d93f2748be18542945bca4c2df1569 tags: -downsa - name: tarzxvf `TARFILE`.tar.gz file shell: tar zxvf "`TMPPATCH`/`TARFILE`.tar.gz" -C `TMPPATCH` tags: -tarxsa - name: Run`SHFILE` script shell: "`TMPPATCH`/`TARFILE`/`SHFILE`" tags: -runsa
二、ansible常用模块介绍:
ansible的每个模块用法可以使用#ansible-doc MOD 来查看,如下范例:
#ansible-doc copy
less 436
Copyright (C) 1984-2009 Mark Nudelman
less comes with NO WARRANTY, to the extent permitted by law.
For information about the terms of redistribution,
see the file named README in the less distribution.
Homepage: http://www.greenwoodsoftware.com/less
> COPY
The [copy] module copies a file on the local box to remote locations. Use the [fetch] module to copy files from remote locations to the local box. If you need
variable interpolation in copied files, use the [template] module.
Options (= is mandatory):
- backup
……………………还有很多可以显示,此处省略
查看所支持的模块,可以使用ansible-doc -l 查看,如下:
#ansible-doc -l
less 436
Copyright (C) 1984-2009 Mark Nudelman
less comes with NO WARRANTY, to the extent permitted by law.
For information about the terms of redistribution,
see the file named README in the less distribution.
Homepage: http://www.greenwoodsoftware.com/less
a10_server Manage A10 Networks AX/SoftAX/Thunder/vThunder devices
a10_service_group Manage A10 Networks AX/SoftAX/Thunder/vThunder devices
a10_virtual_server Manage A10 Networks AX/SoftAX/Thunder/vThunder devices
acl Sets and retrieves file ACL information.
add_host add a host (and alternatively a group) to the ansible-playbook in-memory inventory
airbrake_deployment Notify airbrake about app deployments
alternatives Manages alternative programs for common commands
apache2_module enables/disables a module of the Apache2 webserver
apt Manages apt-packages
……………………还有很多模块可以显示,这里省略
-
远程命令模块
command、script 、shell
Examples:
# Example from Ansible Playbooks
- script: /some/local/script.sh --some-arguments 1234
例如:#ansible host1 -m command -a "free -m" #可以简写为ansible host1 -a "free -m" #ansible host1 -m script -a "/home/test.sh 12 34" #ansible host1 -m shell -a "/home/test.sh"
比如在服务端执行:
#ansible web -m shell -a "/root/test.sh 3 4 " 10.0.90.25 | success | rc=0 >> 7 20151119-171933 10.0.90.24 | success | rc=0 >> 7 20151119-171933
注:test.sh 在客户端服务器/root目录,内容是前两个位置变量相加,并打印出当前时间。
一个简单的创建目录的例子,创建/usr/local/src/data/log 目录,如下:
#cat test1.sh #!/bin/bash if [ -z $1 ] || [ -z $2 ];then echo "Wrong,Please input two args" echo "Usage `basename $0` arguments arguments" exit 6 fi mkdir -pv /usr/local/src/$1/$2 #cat createdir.yml --- - hosts: "{{ host }}" user: "{{ user }}" gather_facts: True tasks: - name: Create Dir in client server script: /etc/ansible/test1.sh data log
执行:
ansible-playbook createdir.yml -e "host=web user=root"
一个批量修改root密码的例子:
shell脚本 #cat alter.sh #!/bin/bash ##modify passwd## echo 'root:1234567890' |chpasswd if [ $? -eq 0 ] then echo "Change password for root OK!!!" else echo "Change password for root failure!!!" fi ansible的yml文件 #cat modify_all_password.yml --- - hosts: all user: root gather_facts: True tasks: - name: Modify root passwd in all client script: /etc/ansible/roles/alter.sh
然后执行:
ansible-playbook modify_all_password.yml
ansible-playbook可以跟很多参数,可以使用--help查看
#ansible-playbook --help Usage: ansible-playbook playbook.yml Options: --ask-become-pass ask for privilege escalation password -k, --ask-pass ask for connection password --ask-su-pass ask for su password (deprecated, use become) -K, --ask-sudo-pass ask for sudo password (deprecated, use become) --ask-vault-pass ask for vault password -b, --become run operations with become (nopasswd implied) --become-method=BECOME_METHOD privilege escalation method to use (default=sudo), valid choices: [ sudo | su | pbrun | pfexec | runas | doas ] …………………… 还有很多,此处省略。 这里介绍一些常用的 --inventory=PATH (-i PATH): 指定inventory文件,默认文件是/etc/ansible/hosts --verbose(-v): 显示详细输出,也可以使用-vvvv显示精确到每分钟的输出 --extra-vars=VARS(-e VARS): 定义在playbook使用的变量,格式为:"key=value,key=value" --forks=NUM ( -f NUM): 指定并发执行的任务数,默认为5,根据服务器性能,调大这个值可提高ansible执行效率 --connection=TYPE ( -c TYPE):指定连接远程主机的方式,默认为ssh,设为local时,刚只在本地执行playbook,建议不做修改 --check: 检测模式,playbook中定义的所有任务将在每台远程主机上进行检测,但并不直正执行
-
copy模快
实现服务端向目标主机拷贝文件,类似于scp功能:-m copy -a "command"
例如:#ansible host1 -m copy -a "src=/root/php-5.5.24-1.ele.el6.x86_64.rpm dest=/usr/local/src owner=root group=root mode=0755" 查看客户端文件是否存在 #ansible host1 -m shell -a "ls -l /usr/local/src" 172.16.29.193 | success | rc=0 >> total 10264 -rw-r--r--. 1 root root 10507544 May 30 02:40 php-5.5.24-1.ele.el6.x86_64.rpm
-
stat模块:
获取远程文件状态信息,包括atime,ctime,mtime,md5,uid,gid等信息# ansible 10.0.90.25 -m stat -a "path=/etc/sysctl.conf" 10.0.90.25 | SUCCESS => { "changed": false, "stat": { "atime": 1459270210.5650001, "checksum": "a27c7ce2e6002c37f3cb537ad997c6da7fd76480", "ctime": 1441217442.5749998, "dev": 2051, "exists": true, "gid": 0, "gr_name": "root", "inode": 1181554, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "md5": "c97839af771c8447b9fc23090b4e8d0f", "mode": "0644", "mtime": 1413471211.0, "nlink": 1, "path": "/etc/sysctl.conf", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 1150, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } }
ansible web -m setup ##显示所有的ansible默认变量信息
-
get_url 模块
实现在远程主机下载指定URL到本地,支持sha256sum文件校验
例如:#ansible host1 -m get_url -a "url=http://www.baidu.com dest=/tmp/index.html mode=0440 force=yes" 172.16.29.193 | success >> { "changed": true, "checksum": "8bc43056c39fbb882cf5d7b0391d70b6e84096c6", "dest": "/tmp/index.html", "gid": 0, "group": "root", "md5sum": "324aa881293b385d2c0b355cf752cff9", "mode": "0440", "msg": "OK (unknown bytes)", "owner": "root", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "sha256sum": "", "size": 93299, "src": "/tmp/tmp3WI5fE", "state": "file", "uid": 0, "url": "http://www.baidu.com" }
-
yum 模块
linux 平台软件包管理操作,常见的有yum,apt
例如:#ansible host1 -m yum -a "name=vsftpd state=latest" Ubuntu系列: #ansible host1 -m apt -a "pkg=vsftpd state=latest" yum 模块的一些用法: - name: install the latest version of Apache yum: name=httpd state=latest - name: remove the Apache package yum: name=httpd state=absent - name: install the latest version of Apache from the testing repo yum: name=httpd enablerepo=testing state=present - name: install one specific version of Apache yum: name=httpd-2.2.29-1.4.amzn1 state=present - name: upgrade all packages yum: name=* state=latest - name: install the nginx rpm from a remote repo yum: name=http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm state=present - name: install nginx rpm from a local file yum: name=/usr/local/src/nginx-release-centos-6-0.el6.ngx.noarch.rpm state=present - name: install the 'Development tools' package group yum: name="@Development tools" state=present - name: install the 'Gnome desktop' environment group yum: name="@^gnome-desktop-environment" state=present
-
cron 模块
远程主机crontab 配置,如下:#ansible host1 -m cron -a "name='crontab test' minute=0 hour=5,2 job='ls -alh > /dev/null'" 172.16.29.193 | success >> { "changed": true, "jobs": [ "crontab test" ] } 效果如下: #Ansible: crontab test 0 5,2 * * * ls -alh > /dev/null
一个简单的yml例子添加cron:
#cat add_cron.yml --- - hosts: web_crontab remote_user: root gather_facts: True tasks: - name: add ntp server cron job cron: name="local network ntpserver" minute="*/12" hour="*" job="/usr/sbin/ntpdate 10.0.18.1 > /root/ntp.log"
执行:
ansible-playbook add_cron.yml
移除一个cron任务:
#cat del_cron.yml --- - hosts: web remote_user: root gather_facts: false tasks: - name: del an old crontab job cron: name="local network ntpserver" state=absent
执行:
ansible-playbook del_cron.yml
小案例: 假如有一个db备份脚本,需要推到所有db服务器上,并加入crontab,每隔1分钟执行一次,需要定义playbook结构的yml文件#tree cronjob/ cronjob/ └── tasks ├── crontest.yml └── main.yml yml文件如下: #cat test-cron.yml --- - name: cron jobs test hosts: "{{ host }}" remote_user: "{{ user }}" gather_facts: True roles: - cronjob tasks目录中的crontest.yml #cat crontest.yml #copy cron job to client server - copy: src=/tmp/test_time.sh dest=/usr/local/src/test_time.sh owner=root group=root mode=0755 #add cron job - cron: name="test time jobs" minute="*/1" hour="*" job="/usr/local/src/test_time.sh >> /tmp/time.log" tasks目录中的main.yml #cat main.yml - include: crontest.yml
执行:
ansible-playbook test-cron.yml --extra-vars "host=172.16.29.193 user=root"
--单台执行
客户端crontab效果如下:#Ansible: test time jobs */1 * * * * /usr/local/src/test_time.sh >> /tmp/time.log
以上有点复杂,整合进一个简单的yml文件:
#cat test-cron.yml --- - hosts: host1 remote_user: root gather_facts: True tasks: - name: copy cron job file to client server copy: src=/tmp/test_time.sh dest=/usr/local/src/test_time.sh owner=root group=root mode=0755 - name: add cron job cron: name="test time jobs" minute="*/2" hour="*" job="/usr/local/src/test_time.sh >> /tmp/time.log"
执行:
ansible-playbook test-cron.yml
效果:#Ansible: test time jobs */2 * * * * /usr/local/src/test_time.sh >> /tmp/time.log
启用10个并行进程数执行playbook:
#ansible-playbook host1 nginx.yml -f 10
-
file模块
设置文件的属性,一个很常用的模块
相关选项如下:force:需要在两种情况下强制创建软链接,一种是源文件不存在,但之后会建立的情况下;另一种是目标软链接已存在,需要先取消之前的软链,然后创建新的软链,有两个选项:yes|no group:定义文件/目录的属组 mode: 定义文件/目录的权限 owner:定义文件/目录的属主 path: 必选项,定义文件/目录的路径 recurse:递归设置文件的属性,只对目录有效 src:被链接的源文件路径,只应用于state=link的情况 dest:被链接到的路径,只应用于state=link的情况 state: directory:如果目录不存在,就创建目录 file:即使文件不存在,也不会被创建 link:创建软链接 hard:创建硬链接 touch:如果文件不存在,则会创建一个新的文件,如果文件或目录已存在,则更新其最后修改时间 absent:删除目录、文件或者取消链接文件
比如:
- file: src=/tmp/test1 dest=/home/test2 state=link - file: path=/root/test.txt state=touch - file: path=/root/tomcat state=directory owner=root group=root mode=0755
-
mount 模块:远程主机分区挂载
#ansible host1 -m mount -a "name=/mnt/data src=/dev/sd0 fstype=ext3 opts=ro state=present"
-
service 模块:远程主机系统服务管理
#ansible host1 -m service -a "name=httpd stete=restarted"
-
sysctl 模块:远程linux主机sysctl配置
sysctl: name=kernel.panic value=3 sysctl_file=/etc/sysctl.conf checks=before reload=yes 以下是定义在yml格式文件中的例子: - sysctl: name=net.ipv4.tcp_rmem 'value=4096 87380 16777216' state=present - sysctl: name=net.ipv4.tcp_wmem 'value=4096 65536 16777216' state=present - sysctl: name=net.ipv6.conf.lo.disable_ipv6 value=1 state=present
-
lineinfile模块
Ensure a particular line is in a file, or replace an existing line using a back-referenced regular expression 确保特定的行在文件中,或使用反向引用正则表达式替换现有的行
用法:Examples- lineinfile: dest=/etc/selinux/config regexp=^SELINUX= line=SELINUX=enforcing - lineinfile: dest=/etc/sudoers state=absent regexp="^%wheel" - lineinfile: dest=/etc/hosts regexp='^127\.0\.0\.1' line='127.0.0.1 localhost' owner=root group=root mode=0644 - lineinfile: dest=/etc/httpd/conf/httpd.conf regexp="^Listen " insertafter="^#Listen " line="Listen 8080" - lineinfile: dest=/etc/services regexp="^# port for http" insertbefore="^www.*80/tcp" line="# port for http by default" # Add a line to a file if it does not exist, without passing regexp - lineinfile: dest=/tmp/testfile line="192.168.1.99 foo.lab.net foo" # Fully quoted because of the ': ' on the line. See the Gotchas in the YAML docs. - lineinfile: "dest=/etc/sudoers state=present regexp='^%wheel' line='%wheel ALL=(ALL) NOPASSWD: ALL'" - lineinfile: dest=/opt/jboss-as/bin/standalone.conf regexp='^(.*)Xms(\d+)m(.*)$' line='\1Xms${xms}m\3' backrefs=yes # Validate the sudoers file before saving - lineinfile: dest=/etc/sudoers state=present regexp='^%ADMIN ALL\=' line='%ADMIN ALL=(ALL) NOPASSWD:ALL' validate='visudo -cf %s'
一个例子:
#cat linetest.yml --- - hosts: web user: root gather_facts: flase tasks: - name: change /etc/hosts lineinfile: dest=/etc/hosts line='test line 1\ntest line 2\ntest line 3\ntest line 4'
上面的例子是在/etc/hosts中添加4行,如果你只需要添加一行,line='test line 1'即可!
-
blockinfile模块 Insert/update/remove a text block surrounded by marker lines
注意:dest后面的路径和文件名一定要存在,否则会报错。Examples: Insert/update/remove a text block surrounded by marker lines - name: insert/update "Match User" configuation block in /etc/ssh/sshd_config blockinfile: dest: /etc/ssh/sshd_config block: | Match User ansible-agent PasswordAuthentication no - name: insert/update eth0 configuration stanza in /etc/network/interfaces (it might be better to copy files into /etc/network/interfaces.d/) blockinfile: dest: /etc/network/interfaces block: | iface eth0 inet static address 192.168.0.1 netmask 255.255.255.0 - name: insert/update HTML surrounded by custom markers after <body> line blockinfile: dest: /var/www/html/index.html marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->" insertafter: "<body>" content: | <h1>Welcome to `ansible_hostname`</h1> <p>Last updated on `ansible_date_time`.`iso8601`</p> - name: remove HTML as well as surrounding markers ##此文件实现将上面添加的内容删除 blockinfile: dest: /var/www/html/index.html marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->" content: "" - name: insert/update "Match User" configuation block in /etc/ssh/sshd_config blockinfile: dest: /etc/hosts block: | `item`.`name` `item`.`ip` marker: "# {mark} ANSIBLE MANAGED BLOCK `item`.`name`" with_items: - { name: host1, ip: 10.10.1.10 } - { name: host2, ip: 10.10.1.11 } - { name: host3, ip: 10.10.1.12 }
第一个例子:在/etc/hosts文件中添加3行
#cat blockinfile.yml --- - hosts: web user: root tasks: - name: this is test blockinfile module blockinfile: dest: /etc/hosts block: | this is a test line 1 this is a test line 2 this is a test line 3
结果:
#cat /etc/hosts # BEGIN ANSIBLE MANAGED BLOCK this is a test line 1 this is a test line 2 this is a test line 3 # END ANSIBLE MANAGED BLOCK
第二个例子:创建一个index.html文件,并写入html格式内容
#cat blockinfile.yml --- - hosts: web user: root tasks: - name: create a test file file: path=/root/index.html state=touch - name: this is test blockinfile module blockinfile: dest: /root/index.html marker: "<!-- {mark} ansible managed block -->" insertafter: "<body>" content: | <h1>welcome to `ansible_hostname`</h1> <p>Last updated on `ansible_date_time`.`iso8601`</p>
结果:
#cat index.html <!-- BEGIN ansible managed block --> <h1>welcome to http</h1> <p>Last updated on 2016-05-19T03:17:35Z</p> <!-- END ansible managed block -->
注意:上面yml文件中ansible_hostname和ansible_date_time.iso8601变量是ansible默认的系统变量,这个变量可以通过-m setup查看到!
所以上面的ansible_date_time.iso8601可以改为iso8601_basic_short(人类可读)
结果就变成了如下:因为当前时间就是#Thu May 19 11:33:29 CST 2016
<p>Last updated on 20160519T113219</p>
第三个例子:index.html已经存在,并且内容如下:#cat index.html <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html>
创建ansible的playbook文件如下:
#cat blockinfile.yml --- - hosts: 10.0.90.25 user: root gather_facts: True tasks: - name: this is test blockinfile module blockinfile: dest: /root/index.html marker: "<!-- {mark} ansible managed block -->" insertafter: "<body>" content: | <h1>welcome to `ansible_hostname`</h1> <p>Last updated on `ansible_date_time`.`iso8601_basic_short`</p>
执行之后,再查看index.html
#cat index.html <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <!-- BEGIN ansible managed block --> ###从这里开始 <h1>welcome to http</h1> <p>Last updated on 20160519T115013</p> <!-- END ansible managed block --> ###在这里结束 <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html>
第四个例子:使用变量
#cat blockinfile.yml --- - hosts: 10.0.90.25 user: root gather_facts: True tasks: - name: this is test blockinfile module blockinfile: dest: /etc/hosts block: | `item`.`name` `item`.`ip` marker: "# {mark} ansible managed block `item`.`name`" with_items: - { name: host1, ip: 10.10.1.10} - { name: host2, ip: 10.10.1.11} - { name: host3, ip: 10.10.1.12}
执行后,结果如下:
#cat /etc/hosts # BEGIN ansible managed block host1 host1 10.10.1.10 # END ansible managed block host1 # BEGIN ansible managed block host2 host2 10.10.1.11 # END ansible managed block host2 # BEGIN ansible managed block host3 host3 10.10.1.12 # END ansible managed block host3
不足之处,请多多指出!