Ansible之inventory和常用模块介绍

一、inventory介绍

前面我们介绍过ansible的hosts文件是存放被管理主机的,被管理主机比较少的情况下,直接在hosts中定义即可,但是以后很定会管理多台主机,而ansible可管理的主机集合就叫做inventory。在ansible中,描述你主机的默认方法是将它们列在一个文本文件中,这个文件叫inventory文件。
一个简单的inventory文件可能只包含一组主机名的列表,如下:

ftp.testansible.com
samba.testansible.com
mail.testansible.com
  1. inventory的行为参数
    有时候我们需要在ansible inventory文件中描述我们的主机,我们需要定义主机名,以及ansible的ssh客户端可以连接到的端口(22,2222,22300)等,那么ansible将这些变量命名为inventory的行为参数,如下:
    名称                            默认值                                描述
    ansible_ssh_host               主机的名字                             SSH目的主机名或IP
    ansible_ssh_port               22                                   SSH目的端口
    ansible_ssh_user               root                                 SSH登录使用的用户名
    ansible_ssh_pass               none                                 SSH认证所使用的密码
    ansible_connection             smart                                ansible使用何种连接模式连接到主机
    ansible_ssh_private_key_file   none                                 SSH认证所使用的私钥
    ansible_shell_type             sh                                   命令所使用的shell
    ansible_python_interpreter     /usr/bin/python                      主机上的python解释器
    
    ansible默认的inventory文件是/etc/ansible/hosts
    可以自定义动态的inventory文件,(--inventory-file等同于-i path)如下
    #ansible --inventory-file=/root/iptables/iptableshosts iptables -m script -a '/root/iptables/check_iptables.sh'
    
    如果有多台服务器的话,想并发运行,可以使用-f参数,默认是并发5
    #ansible --inventory-file=/root/iptables/iptableshosts iptables -f 6 -m script -a '/root/iptables/check_iptables.sh'
    
  2. 主机和主机组定义方式:
    直接定义一台或者2台server
    #vim /etc/ansible/hosts 
    192.168.100.10          
    192.168.100.11
    
    定义一个组,可以是ip也可以是解析好的域名
    [web]
    192.168.100.10
    192.168.100.11
    [httpd]
    192.168.100.12
    192.168.100.13
    
    嵌套定义组
    [apache]
    http1.test.com
    http2.test.com
    [nginx]
    nginx1.test.com
    nginx2.test.com
    [webservers:children]
    apache
    nginx
    
  3. 主机变量和组变量
    主机变量:针对单主机的特性化要求,通过内置变量实现,如下:
    [webservers]
    web1.test.com http_port=80 ansible_ssh_port=12345
    
    群组变量
    语法:[<group name>:vars] 在inventory中指定群组变量,如下:
    [all:vars]
    ntp_server=ntp.centos.com
     
    [production]
    test1
    test2
    test3
    [production:vars]
    db_primary_port=22
     
    [groupservers]
    web1.test.com
    web2.test.com
    [groupservers:vars]
    ntp_server=ntp.test.com
    admin_user=tom
    
  4. 嵌套组和组变量
    [apache]
    http1.test.com
    http2.test.com
     
    [nginx]
    nginx1.test.com
    nginx2.test.com
     
    [webservers:children]
    apache
    nginx
     
    [webservers:vars]
    ntp_server=ntp.test.com
    
  5. 变量分离
    变量除了可以和inventory一起存储在INI配置文件中,也可以独立出来。
    当我们要为非常多的主机和主机组分别设置不同的变量时,用如上的方式就显得比较笨拙了,就需要用到group_vars和host_vars 变量了。Ansible在运行任何yml文件之前,都会去搜索与Hosts文件同一个目录下的两个用于定义变量的目录group_vars和host_vars,所以,我们可以在这两个目录下放一些使用YAML语法编辑的定义变量的文件,并以对应的主机名和主机组名来命名这些文件,这样在运行ansible时
    ansible会自动去这两个目录下读取针对不同主机和主机组的变量定义
    比如对主机组group设置变量:
    File: /etc/ansible/group_vars/group
    admin_user: tom
    
    对主机host1设置变量
    File: /etc/ansible/host_vars/host1
    admin_user: john
    
    除此之外,我们还可以在group_vars和host_vars两个文件夹下定义all文件来一次性地为所有的主机组和主机定义变量。如何巧妙使用主机变量和组变量有些时候,我们在运行ansible任务时,可能需要从一台远程主机上面获取另一台远程主机的变量信息,这时一个神奇的变量hostvars可以帮我们实现这一个需求。变量hostvars包含了指定主机上面所定义的所有变量。
    比如我们想获取host1上面的变量admin_user的内容,在任意主机上直接使用如下代码即可:
    {{ hostvars['host1']['admin_user'] }}
    Ansible提供了一些非常有用的内置变量,这里我们列举几个常用的:
    a、groups: 包含了所有Hosts文件里面主机组的一个列表
    b、group_names: 包含了当前主机所在的所有主机组名的一个列表
    c、inventory_hostname: 通过Hosts文件定义主机的主机名和ansible_home不一定相同
    d、play_hosts: 将会执行当前任务的所有主机
  6. yml文件中使用变量的一个例子:
    ---
    - hosts: all
      user: root
      vars:
        GETURL:"http://192.168.24.14/sa"
        TARFILE:"sa"
        TMPPATCH:"/tmp"
        SHFILE:"os.sh" 
      tasks:
        - name: Download `TARFILE`.tar.gz package
          get_url: url="`GETURL`/`TARFILE`.tar.gz" dest=`TMPPATCH` sha256sum=b6f482b3c26422299f06524086d1f087e1d93f2748be18542945bca4c2df1569
          tags:
            -downsa 
        - name: tarzxvf `TARFILE`.tar.gz file
          shell: tar zxvf "`TMPPATCH`/`TARFILE`.tar.gz" -C `TMPPATCH`
          tags:
            -tarxsa
        - name: Run`SHFILE` script
          shell: "`TMPPATCH`/`TARFILE`/`SHFILE`"
          tags:
            -runsa
    

二、ansible常用模块介绍:

ansible的每个模块用法可以使用#ansible-doc MOD 来查看,如下范例:

#ansible-doc copy
less 436
Copyright (C) 1984-2009 Mark Nudelman
less comes with NO WARRANTY, to the extent permitted by law.
For information about the terms of redistribution,
see the file named README in the less distribution.
Homepage: http://www.greenwoodsoftware.com/less
> COPY
 
  The [copy] module copies a file on the local box to remote locations. Use the [fetch] module to copy files from remote locations to the local box. If you need
  variable interpolation in copied files, use the [template] module.
 
Options (= is mandatory):
 
- backup
……………………还有很多可以显示,此处省略

查看所支持的模块,可以使用ansible-doc -l 查看,如下:

#ansible-doc -l
less 436
Copyright (C) 1984-2009 Mark Nudelman
 
less comes with NO WARRANTY, to the extent permitted by law.
For information about the terms of redistribution,
see the file named README in the less distribution.
Homepage: http://www.greenwoodsoftware.com/less
a10_server                    Manage A10 Networks AX/SoftAX/Thunder/vThunder devices                                                                                                                       
a10_service_group             Manage A10 Networks AX/SoftAX/Thunder/vThunder devices                                                                                                                       
a10_virtual_server            Manage A10 Networks AX/SoftAX/Thunder/vThunder devices                                                                                                                       
acl                           Sets and retrieves file ACL information.                                                                                                                                     
add_host                      add a host (and alternatively a group) to the ansible-playbook in-memory inventory                                                                                           
airbrake_deployment           Notify airbrake about app deployments                                                                                                                                        
alternatives                  Manages alternative programs for common commands                                                                                                                             
apache2_module                enables/disables a module of the Apache2 webserver                                                                                                                           
apt                           Manages apt-packages     
……………………还有很多模块可以显示,这里省略
  1. 远程命令模块
    command、script 、shell
    Examples:
    # Example from Ansible Playbooks
    - script: /some/local/script.sh --some-arguments 1234
    例如:

    #ansible host1 -m command -a "free -m"   #可以简写为ansible host1 -a "free -m"
    #ansible host1 -m script -a "/home/test.sh 12 34"
    #ansible host1 -m shell -a "/home/test.sh"
    

    比如在服务端执行:

    #ansible web -m shell -a "/root/test.sh 3 4 "
    10.0.90.25 | success | rc=0 >>
    7
    20151119-171933
    10.0.90.24 | success | rc=0 >>
    7
    20151119-171933
    

    注:test.sh 在客户端服务器/root目录,内容是前两个位置变量相加,并打印出当前时间。

    一个简单的创建目录的例子,创建/usr/local/src/data/log 目录,如下:

    #cat test1.sh 
    #!/bin/bash
    if [ -z $1 ] || [ -z $2 ];then
       echo "Wrong,Please input two args"
       echo "Usage `basename $0` arguments arguments"
       exit 6
    fi
    mkdir -pv /usr/local/src/$1/$2
    #cat createdir.yml 
    ---
    - hosts: "{{ host }}"
      user: "{{ user }}"
      gather_facts: True
      tasks:
        - name: Create Dir in client server
          script: /etc/ansible/test1.sh data log
    

    执行:
    ansible-playbook createdir.yml -e "host=web user=root"

    一个批量修改root密码的例子:

    shell脚本
    #cat alter.sh 
    #!/bin/bash
    ##modify passwd##
    echo 'root:1234567890' |chpasswd
    if [ $? -eq 0 ]
    then
      echo "Change password for root OK!!!"
    else
      echo "Change password for root failure!!!"
    fi
    ansible的yml文件
    #cat modify_all_password.yml 
    ---
    - hosts: all
      user: root
      gather_facts: True
      tasks:
        - name: Modify root passwd in all client
          script: /etc/ansible/roles/alter.sh
    

    然后执行:
    ansible-playbook modify_all_password.yml

    ansible-playbook可以跟很多参数,可以使用--help查看

    #ansible-playbook --help
    Usage: ansible-playbook playbook.yml
     
    Options:
      --ask-become-pass     ask for privilege escalation password
      -k, --ask-pass        ask for connection password
      --ask-su-pass         ask for su password (deprecated, use become)
      -K, --ask-sudo-pass   ask for sudo password (deprecated, use become)
      --ask-vault-pass      ask for vault password
      -b, --become          run operations with become (nopasswd implied)
      --become-method=BECOME_METHOD
                            privilege escalation method to use (default=sudo),
                            valid choices: [ sudo | su | pbrun | pfexec | runas |
                            doas ]
     ……………………    还有很多,此处省略。
     这里介绍一些常用的
    --inventory=PATH (-i PATH):  指定inventory文件,默认文件是/etc/ansible/hosts
    --verbose(-v):               显示详细输出,也可以使用-vvvv显示精确到每分钟的输出
    --extra-vars=VARS(-e VARS):  定义在playbook使用的变量,格式为:"key=value,key=value"
    --forks=NUM ( -f NUM):       指定并发执行的任务数,默认为5,根据服务器性能,调大这个值可提高ansible执行效率
    --connection=TYPE ( -c TYPE):指定连接远程主机的方式,默认为ssh,设为local时,刚只在本地执行playbook,建议不做修改
    --check:                     检测模式,playbook中定义的所有任务将在每台远程主机上进行检测,但并不直正执行
    
  2. copy模快
    实现服务端向目标主机拷贝文件,类似于scp功能:-m copy -a "command"
    例如:

    #ansible host1 -m copy -a "src=/root/php-5.5.24-1.ele.el6.x86_64.rpm dest=/usr/local/src owner=root group=root mode=0755"
    查看客户端文件是否存在
    #ansible host1 -m shell -a "ls -l /usr/local/src"
    172.16.29.193 | success | rc=0 >>
    total 10264
    -rw-r--r--. 1 root root 10507544 May 30 02:40 php-5.5.24-1.ele.el6.x86_64.rpm
    
  3. stat模块:
    获取远程文件状态信息,包括atime,ctime,mtime,md5,uid,gid等信息

    # ansible 10.0.90.25 -m stat -a "path=/etc/sysctl.conf"
    10.0.90.25 | SUCCESS => {
        "changed": false, 
        "stat": {
            "atime": 1459270210.5650001, 
            "checksum": "a27c7ce2e6002c37f3cb537ad997c6da7fd76480", 
            "ctime": 1441217442.5749998, 
            "dev": 2051, 
            "exists": true, 
            "gid": 0, 
            "gr_name": "root", 
            "inode": 1181554, 
            "isblk": false, 
            "ischr": false, 
            "isdir": false, 
            "isfifo": false, 
            "isgid": false, 
            "islnk": false, 
            "isreg": true, 
            "issock": false, 
            "isuid": false, 
            "md5": "c97839af771c8447b9fc23090b4e8d0f", 
            "mode": "0644", 
            "mtime": 1413471211.0, 
            "nlink": 1, 
            "path": "/etc/sysctl.conf", 
            "pw_name": "root", 
            "rgrp": true, 
            "roth": true, 
            "rusr": true, 
            "size": 1150, 
            "uid": 0, 
            "wgrp": false, 
            "woth": false, 
            "wusr": true, 
            "xgrp": false, 
            "xoth": false, 
            "xusr": false
        }
    }
    

    ansible web -m setup ##显示所有的ansible默认变量信息

  4. get_url 模块
    实现在远程主机下载指定URL到本地,支持sha256sum文件校验
    例如:

    #ansible host1 -m get_url -a "url=http://www.baidu.com dest=/tmp/index.html mode=0440 force=yes"
    172.16.29.193 | success >> {
        "changed": true,
        "checksum": "8bc43056c39fbb882cf5d7b0391d70b6e84096c6",
        "dest": "/tmp/index.html",
        "gid": 0,
        "group": "root",
        "md5sum": "324aa881293b385d2c0b355cf752cff9",
        "mode": "0440",
        "msg": "OK (unknown bytes)",
        "owner": "root",
        "secontext": "unconfined_u:object_r:user_tmp_t:s0",
        "sha256sum": "",
        "size": 93299,
        "src": "/tmp/tmp3WI5fE",
        "state": "file",
        "uid": 0,
        "url": "http://www.baidu.com"
    }
    
  5. yum 模块
    linux 平台软件包管理操作,常见的有yum,apt
    例如:

    #ansible host1 -m yum -a "name=vsftpd state=latest"     
    Ubuntu系列:
    #ansible host1 -m apt -a "pkg=vsftpd state=latest"
    yum 模块的一些用法:
    - name: install the latest version of Apache
      yum: name=httpd state=latest
    - name: remove the Apache package
      yum: name=httpd state=absent
    - name: install the latest version of Apache from the testing repo
      yum: name=httpd enablerepo=testing state=present
    - name: install one specific version of Apache
      yum: name=httpd-2.2.29-1.4.amzn1 state=present
    - name: upgrade all packages
      yum: name=* state=latest
    - name: install the nginx rpm from a remote repo
      yum: name=http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm state=present
    - name: install nginx rpm from a local file
      yum: name=/usr/local/src/nginx-release-centos-6-0.el6.ngx.noarch.rpm state=present
    - name: install the 'Development tools' package group
      yum: name="@Development tools" state=present
    - name: install the 'Gnome desktop' environment group
      yum: name="@^gnome-desktop-environment" state=present
    
  6. cron 模块
    远程主机crontab 配置,如下:

    #ansible host1 -m cron -a "name='crontab test' minute=0 hour=5,2 job='ls -alh > /dev/null'"
    172.16.29.193 | success >> {
        "changed": true,
        "jobs": [
            "crontab test"
        ]
    }
    效果如下:
    #Ansible: crontab test
    0 5,2 * * * ls -alh > /dev/null
    

    一个简单的yml例子添加cron:

    #cat add_cron.yml
    ---
    -  hosts: web_crontab
       remote_user: root
       gather_facts: True
       tasks:
       - name: add ntp server cron job
         cron: name="local network ntpserver" minute="*/12" hour="*" job="/usr/sbin/ntpdate 10.0.18.1 > /root/ntp.log"
    

    执行:
    ansible-playbook add_cron.yml

    移除一个cron任务:

    #cat del_cron.yml 
    ---
    - hosts: web
      remote_user: root
      gather_facts: false
      tasks:
       - name: del an old crontab job
         cron: name="local network ntpserver" state=absent
    

    执行:
    ansible-playbook del_cron.yml
    小案例: 假如有一个db备份脚本,需要推到所有db服务器上,并加入crontab,每隔1分钟执行一次,需要定义playbook结构的yml文件

    #tree cronjob/
    cronjob/
    └── tasks
        ├── crontest.yml
        └── main.yml
    yml文件如下:
    #cat test-cron.yml
    ---
    - name: cron jobs test
      hosts: "{{ host }}"
      remote_user: "{{ user }}"
      gather_facts: True
      roles:
        - cronjob
    tasks目录中的crontest.yml 
    #cat crontest.yml
    #copy cron job to client server
     - copy: src=/tmp/test_time.sh dest=/usr/local/src/test_time.sh owner=root group=root mode=0755
    #add cron job
     - cron: name="test time jobs" minute="*/1" hour="*" job="/usr/local/src/test_time.sh >> /tmp/time.log"
    tasks目录中的main.yml
    #cat main.yml
     - include: crontest.yml 
    

    执行:
    ansible-playbook test-cron.yml --extra-vars "host=172.16.29.193 user=root" --单台执行
    客户端crontab效果如下:

    #Ansible: test time jobs
    */1 * * * * /usr/local/src/test_time.sh >> /tmp/time.log
    

    以上有点复杂,整合进一个简单的yml文件:

    #cat test-cron.yml
    ---
    - hosts: host1
      remote_user: root
      gather_facts: True
      tasks:
       - name: copy cron job file to client server
         copy: src=/tmp/test_time.sh dest=/usr/local/src/test_time.sh owner=root group=root mode=0755
       - name: add cron job
         cron: name="test time jobs" minute="*/2" hour="*" job="/usr/local/src/test_time.sh >> /tmp/time.log"    
    

    执行:
    ansible-playbook test-cron.yml
    效果:

    #Ansible: test time jobs
    */2 * * * * /usr/local/src/test_time.sh >> /tmp/time.log
    

    启用10个并行进程数执行playbook:

    #ansible-playbook host1 nginx.yml -f 10
    
  7. file模块
    设置文件的属性,一个很常用的模块
    相关选项如下:

    force:需要在两种情况下强制创建软链接,一种是源文件不存在,但之后会建立的情况下;另一种是目标软链接已存在,需要先取消之前的软链,然后创建新的软链,有两个选项:yes|no
    group:定义文件/目录的属组
    mode: 定义文件/目录的权限
    owner:定义文件/目录的属主
    path: 必选项,定义文件/目录的路径
    recurse:递归设置文件的属性,只对目录有效
    src:被链接的源文件路径,只应用于state=link的情况
    dest:被链接到的路径,只应用于state=link的情况
    state:
        directory:如果目录不存在,就创建目录
        file:即使文件不存在,也不会被创建
        link:创建软链接
        hard:创建硬链接
        touch:如果文件不存在,则会创建一个新的文件,如果文件或目录已存在,则更新其最后修改时间
        absent:删除目录、文件或者取消链接文件
    

    比如:

    - file: src=/tmp/test1 dest=/home/test2 state=link
    - file: path=/root/test.txt state=touch
    - file: path=/root/tomcat state=directory owner=root group=root mode=0755
    
  8. mount 模块:远程主机分区挂载

    #ansible host1 -m mount -a "name=/mnt/data src=/dev/sd0 fstype=ext3 opts=ro state=present"
    
  9. service 模块:远程主机系统服务管理

    #ansible host1 -m service -a "name=httpd stete=restarted"
    
  10. sysctl 模块:远程linux主机sysctl配置

    sysctl: name=kernel.panic value=3 sysctl_file=/etc/sysctl.conf checks=before reload=yes
    以下是定义在yml格式文件中的例子:
    - sysctl: name=net.ipv4.tcp_rmem 'value=4096        87380   16777216' state=present
    - sysctl: name=net.ipv4.tcp_wmem 'value=4096        65536   16777216' state=present
    - sysctl: name=net.ipv6.conf.lo.disable_ipv6 value=1 state=present
    
  11. lineinfile模块
    Ensure a particular line is in a file, or replace an existing line using a back-referenced regular expression 确保特定的行在文件中,或使用反向引用正则表达式替换现有的行
    用法:Examples

    - lineinfile: dest=/etc/selinux/config regexp=^SELINUX= line=SELINUX=enforcing
    - lineinfile: dest=/etc/sudoers state=absent regexp="^%wheel"
    - lineinfile: dest=/etc/hosts regexp='^127\.0\.0\.1' line='127.0.0.1 localhost' owner=root group=root mode=0644
    - lineinfile: dest=/etc/httpd/conf/httpd.conf regexp="^Listen " insertafter="^#Listen " line="Listen 8080"
    - lineinfile: dest=/etc/services regexp="^# port for http" insertbefore="^www.*80/tcp" line="# port for http by default"
    # Add a line to a file if it does not exist, without passing regexp
    - lineinfile: dest=/tmp/testfile line="192.168.1.99 foo.lab.net foo"
    # Fully quoted because of the ': ' on the line. See the Gotchas in the YAML docs.
    - lineinfile: "dest=/etc/sudoers state=present regexp='^%wheel' line='%wheel ALL=(ALL) NOPASSWD: ALL'"
    - lineinfile: dest=/opt/jboss-as/bin/standalone.conf regexp='^(.*)Xms(\d+)m(.*)$' line='\1Xms${xms}m\3' backrefs=yes
    # Validate the sudoers file before saving
    - lineinfile: dest=/etc/sudoers state=present regexp='^%ADMIN ALL\=' line='%ADMIN ALL=(ALL) NOPASSWD:ALL' validate='visudo -cf %s'
    

    一个例子:

    #cat linetest.yml 
    ---
    - hosts: web
      user: root
      gather_facts: flase
      tasks:
        - name: change /etc/hosts
          lineinfile: 
              dest=/etc/hosts
              line='test line 1\ntest line 2\ntest line 3\ntest line 4'
    

    上面的例子是在/etc/hosts中添加4行,如果你只需要添加一行,line='test line 1'即可!

  12. blockinfile模块 Insert/update/remove a text block surrounded by marker lines
    注意:dest后面的路径和文件名一定要存在,否则会报错。

    Examples:
    Insert/update/remove a text block surrounded by marker lines
    - name: insert/update "Match User" configuation block in /etc/ssh/sshd_config
      blockinfile:
        dest: /etc/ssh/sshd_config
        block: |
          Match User ansible-agent
          PasswordAuthentication no
    - name: insert/update eth0 configuration stanza in /etc/network/interfaces
            (it might be better to copy files into /etc/network/interfaces.d/)
      blockinfile:
        dest: /etc/network/interfaces
        block: |
          iface eth0 inet static
              address 192.168.0.1
              netmask 255.255.255.0
    - name: insert/update HTML surrounded by custom markers after <body> line
      blockinfile:
        dest: /var/www/html/index.html
        marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->"
        insertafter: "<body>"
        content: |
          <h1>Welcome to `ansible_hostname`</h1>
          <p>Last updated on `ansible_date_time`.`iso8601`</p>
    - name: remove HTML as well as surrounding markers      ##此文件实现将上面添加的内容删除
      blockinfile:
        dest: /var/www/html/index.html
        marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->"
        content: ""
    - name: insert/update "Match User" configuation block in /etc/ssh/sshd_config
      blockinfile:
        dest: /etc/hosts
        block: |
          `item`.`name` `item`.`ip`
        marker: "# {mark} ANSIBLE MANAGED BLOCK `item`.`name`"
      with_items:
          - { name: host1, ip: 10.10.1.10 }
          - { name: host2, ip: 10.10.1.11 }
          - { name: host3, ip: 10.10.1.12 }
    

    第一个例子:在/etc/hosts文件中添加3行

    #cat blockinfile.yml 
    ---
    - hosts: web
      user: root
      tasks:
        - name: this is test blockinfile module
          blockinfile:
             dest: /etc/hosts
             block: |
               this is a test line 1 
               this is a test line 2 
               this is a test line 3
    

    结果:

    #cat /etc/hosts
    # BEGIN ANSIBLE MANAGED BLOCK
    this is a test line 1
    this is a test line 2
    this is a test line 3
    # END ANSIBLE MANAGED BLOCK
    

    第二个例子:创建一个index.html文件,并写入html格式内容

    #cat blockinfile.yml 
    ---
    - hosts: web
      user: root
      tasks:
        - name: create a test file
          file: path=/root/index.html state=touch
        - name: this is test blockinfile module
          blockinfile:
             dest: /root/index.html
             marker: "<!-- {mark} ansible managed block -->"
             insertafter: "<body>"
             content: |
                 <h1>welcome to `ansible_hostname`</h1>
                 <p>Last updated on `ansible_date_time`.`iso8601`</p>
    

    结果:

    #cat index.html 
    <!-- BEGIN ansible managed block -->
    <h1>welcome to http</h1>
    <p>Last updated on 2016-05-19T03:17:35Z</p>
    <!-- END ansible managed block -->
    

    注意:上面yml文件中ansible_hostname和ansible_date_time.iso8601变量是ansible默认的系统变量,这个变量可以通过-m setup查看到!
    所以上面的ansible_date_time.iso8601可以改为iso8601_basic_short(人类可读)
    结果就变成了如下:因为当前时间就是#Thu May 19 11:33:29 CST 2016
    <p>Last updated on 20160519T113219</p>
    第三个例子:index.html已经存在,并且内容如下:

    #cat index.html
    <!DOCTYPE html>
    <html>
    <head>
    <title>Welcome to nginx!</title>
    <style>
        body {
            width: 35em;
            margin: 0 auto;
            font-family: Tahoma, Verdana, Arial, sans-serif;
        }
    </style>
    </head>
    <body>
    <h1>Welcome to nginx!</h1>
    <p>If you see this page, the nginx web server is successfully installed and
    working. Further configuration is required.</p>
    <p>For online documentation and support please refer to
    <a href="http://nginx.org/">nginx.org</a>.<br/>
    Commercial support is available at
    <a href="http://nginx.com/">nginx.com</a>.</p>
    <p><em>Thank you for using nginx.</em></p>
    </body>
    </html>
    

    创建ansible的playbook文件如下:

    #cat blockinfile.yml 
    ---
    - hosts: 10.0.90.25
      user: root
      gather_facts: True
      tasks:
        - name: this is test blockinfile module
          blockinfile:
             dest: /root/index.html
             marker: "<!-- {mark} ansible managed block -->"
             insertafter: "<body>"
             content: |
                 <h1>welcome to `ansible_hostname`</h1>
                 <p>Last updated on `ansible_date_time`.`iso8601_basic_short`</p>
    

    执行之后,再查看index.html

    #cat index.html
    <!DOCTYPE html>
    <html>
    <head>
    <title>Welcome to nginx!</title>
    <style>
        body {
            width: 35em;
            margin: 0 auto;
            font-family: Tahoma, Verdana, Arial, sans-serif;
        }
    </style>
    </head>
    <body>
    <!-- BEGIN ansible managed block -->            ###从这里开始
    <h1>welcome to http</h1>
    <p>Last updated on 20160519T115013</p>
    <!-- END ansible managed block -->              ###在这里结束
    <h1>Welcome to nginx!</h1>
    <p>If you see this page, the nginx web server is successfully installed and
    working. Further configuration is required.</p>
     
    <p>For online documentation and support please refer to
    <a href="http://nginx.org/">nginx.org</a>.<br/>
    Commercial support is available at
    <a href="http://nginx.com/">nginx.com</a>.</p>
     
    <p><em>Thank you for using nginx.</em></p>
    </body>
    </html>
    

    第四个例子:使用变量

    #cat blockinfile.yml
    ---
    - hosts: 10.0.90.25
      user: root
      gather_facts: True
      tasks:
        - name: this is test blockinfile module
          blockinfile:
             dest: /etc/hosts
             block: |
                `item`.`name` `item`.`ip`
             marker: "# {mark} ansible managed block `item`.`name`"
          with_items:
             - { name: host1, ip: 10.10.1.10}
             - { name: host2, ip: 10.10.1.11}
             - { name: host3, ip: 10.10.1.12}
    

    执行后,结果如下:

    #cat /etc/hosts
    # BEGIN ansible managed block host1
    host1 10.10.1.10
    # END ansible managed block host1
    # BEGIN ansible managed block host2
    host2 10.10.1.11
    # END ansible managed block host2
    # BEGIN ansible managed block host3
    host3 10.10.1.12
    # END ansible managed block host3
    

    不足之处,请多多指出!

    原文链接

最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
  • 序言:七十年代末,一起剥皮案震惊了整个滨河市,随后出现的几起案子,更是在滨河造成了极大的恐慌,老刑警刘岩,带你破解...
    沈念sama阅读 212,080评论 6 493
  • 序言:滨河连续发生了三起死亡事件,死亡现场离奇诡异,居然都是意外死亡,警方通过查阅死者的电脑和手机,发现死者居然都...
    沈念sama阅读 90,422评论 3 385
  • 文/潘晓璐 我一进店门,熙熙楼的掌柜王于贵愁眉苦脸地迎上来,“玉大人,你说我怎么就摊上这事。” “怎么了?”我有些...
    开封第一讲书人阅读 157,630评论 0 348
  • 文/不坏的土叔 我叫张陵,是天一观的道长。 经常有香客问我,道长,这世上最难降的妖魔是什么? 我笑而不...
    开封第一讲书人阅读 56,554评论 1 284
  • 正文 为了忘掉前任,我火速办了婚礼,结果婚礼上,老公的妹妹穿的比我还像新娘。我一直安慰自己,他们只是感情好,可当我...
    茶点故事阅读 65,662评论 6 386
  • 文/花漫 我一把揭开白布。 她就那样静静地躺着,像睡着了一般。 火红的嫁衣衬着肌肤如雪。 梳的纹丝不乱的头发上,一...
    开封第一讲书人阅读 49,856评论 1 290
  • 那天,我揣着相机与录音,去河边找鬼。 笑死,一个胖子当着我的面吹牛,可吹牛的内容都是我干的。 我是一名探鬼主播,决...
    沈念sama阅读 39,014评论 3 408
  • 文/苍兰香墨 我猛地睁开眼,长吁一口气:“原来是场噩梦啊……” “哼!你这毒妇竟也来了?” 一声冷哼从身侧响起,我...
    开封第一讲书人阅读 37,752评论 0 268
  • 序言:老挝万荣一对情侣失踪,失踪者是张志新(化名)和其女友刘颖,没想到半个月后,有当地人在树林里发现了一具尸体,经...
    沈念sama阅读 44,212评论 1 303
  • 正文 独居荒郊野岭守林人离奇死亡,尸身上长有42处带血的脓包…… 初始之章·张勋 以下内容为张勋视角 年9月15日...
    茶点故事阅读 36,541评论 2 327
  • 正文 我和宋清朗相恋三年,在试婚纱的时候发现自己被绿了。 大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
    茶点故事阅读 38,687评论 1 341
  • 序言:一个原本活蹦乱跳的男人离奇死亡,死状恐怖,灵堂内的尸体忽然破棺而出,到底是诈尸还是另有隐情,我是刑警宁泽,带...
    沈念sama阅读 34,347评论 4 331
  • 正文 年R本政府宣布,位于F岛的核电站,受9级特大地震影响,放射性物质发生泄漏。R本人自食恶果不足惜,却给世界环境...
    茶点故事阅读 39,973评论 3 315
  • 文/蒙蒙 一、第九天 我趴在偏房一处隐蔽的房顶上张望。 院中可真热闹,春花似锦、人声如沸。这庄子的主人今日做“春日...
    开封第一讲书人阅读 30,777评论 0 21
  • 文/苍兰香墨 我抬头看了看天上的太阳。三九已至,却和暖如春,着一层夹袄步出监牢的瞬间,已是汗流浃背。 一阵脚步声响...
    开封第一讲书人阅读 32,006评论 1 266
  • 我被黑心中介骗来泰国打工, 没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留,地道东北人。 一个月前我还...
    沈念sama阅读 46,406评论 2 360
  • 正文 我出身青楼,却偏偏与公主长得像,于是被迫代替她去往敌国和亲。 传闻我的和亲对象是个残疾皇子,可洞房花烛夜当晚...
    茶点故事阅读 43,576评论 2 349

推荐阅读更多精彩内容