在使用ansible做自動化運維的時候,免不了的要重複執行某些操作,如:添加幾個用戶,創建幾個MySQL用戶併爲之賦予權限,操作某個目錄下所有文件等等。好在playbooks支持循環語句,可以使得某些需求很容易而且很規範的實現。
with_items是playbooks中最基本也是最常用的循環語句。
- name: add several users
user: name={{ item }} state=present groups=wheel
with_items:
- testuser1
- testuser2上邊例子表示,添加兩個用戶分別爲testuser1,testuser2。
也可以將用戶列表提前賦值給一個變量,然後在循環語句中調用:
with_items: "{{ somelist }}"使用with_items迭代循環的變量可以是個單純的列表,也可以是一個可以迭代的較爲複雜的數據結構,如字典類型:
- name: add several users
user: name={{ item.name }} state=present groups={{ item.groups }}
with_items:
- { name: 'testuser1', groups: 'wheel' }
- { name: 'testuser2', groups: 'root' }嵌套循環
- name: give users access to multiple databases
mysql_user: name={{ item[0] }} priv={{ item[1] }}.*:ALL append_privs=yes password=foo
with_nested:
- [ 'alice', 'bob' ]
- [ 'clientdb', 'employeedb', 'providerdb' ]item[0]是循環的第一個列表的值['alice','bob']。item[1]是第二個列表的值。表示循環創建alice和bob兩個用戶,並且爲其賦予在三個數據庫上的所有權限。
也可以將用戶列表事先賦值給一個變量:
- name: here, 'users' contains the above list of employees
mysql_user: name={{ item[0] }} priv={{ item[1] }}.*:ALL append_privs=yes password=foo
with_nested:
- "`users`"
- [ 'clientdb', 'employeedb', 'providerdb' ]with_dict可以遍歷更復雜的數據結構:
如,有以下變量內容:
--- users: alice: name: Alice Appleworth telephone: 123-456-7890 bob: name: Bob Bananarama telephone: 987-654-3210
現在需要輸出每個用戶的用戶名和手機號
tasks:
- name: Print phone records
debug: msg="User {{ item.key }} is {{ item.value.name }} ({{ item.value.telephone }})"
with_dict: "{{ users }}"文件匹配遍歷
with_fileglob匹配單個目錄下所有文件
---
- hosts: all
tasks:
# first ensure our target directory exists
- file: dest=/etc/fooapp state=directory
# copy each file over that matches the given pattern
- copy: src={{ item }} dest=/etc/fooapp/ owner=root mode=600
with_fileglob:
- /playbooks/files/fooapp/*注:在角色中以相對路徑使用with_fileglob,ansible會將路徑解析爲role/<rolename>/files。
遍歷數據並行集合
[root@web1 ~]# cat /etc/ansible/loop.yml
---
- hosts: webservers
remote_user: root
vars:
alpha: [ 'a','b','c','d']
numbers: [ 1,2,3,4 ]
tasks:
- debug: msg="{{ item.0 }} and {{ item.1 }}"
with_together:
- "{{ alpha }}"
- "{{ numbers }}"
[root@web1 ~]# ansible-playbook /etc/ansible/loop.yml
PLAY [webservers] *************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.1.65]
TASK: [debug msg="{{ item.0 }} and {{ item.1 }}"] *****************************
ok: [192.168.1.65] => (item=['a', 1]) => {
"item": [
"a",
1
],
"msg": "a and 1"
}
ok: [192.168.1.65] => (item=['b', 2]) => {
"item": [
"b",
2
],
"msg": "b and 2"
}
ok: [192.168.1.65] => (item=['c', 3]) => {
"item": [
"c",
3
],
"msg": "c and 3"
}
ok: [192.168.1.65] => (item=['d', 4]) => {
"item": [
"d",
4
],
"msg": "d and 4"
}
PLAY RECAP ********************************************************************
192.168.1.65 : ok=2 changed=0 unreachable=0 failed=0遍歷子元素
假如現在需要遍歷一個用戶列表,並創建每個用戶,而且還需要爲每個用戶配置以特定的SSH key登錄。變量文件內容如下:
--- users: - name: alice authorized: - /tmp/alice/onekey.pub - /tmp/alice/twokey.pub mysql: password: mysql-password hosts: - "%" - "127.0.0.1" - "::1" - "localhost" privs: - "*.*:SELECT" - "DB1.*:ALL" - name: bob authorized: - /tmp/bob/id_rsa.pub mysql: password: other-mysql-password hosts: - "db1" privs: - "*.*:SELECT" - "DB2.*:ALL"
playbooks中定義如下:
- user: name={{ item.name }} state=present generate_ssh_key=yes
with_items: "`users`"
- authorized_key: "user={{ item.0.name }} key='{{ lookup('file', item.1) }}'"
with_subelements:
- users
- authorized也可以遍歷嵌套的子列表:
- name: Setup MySQL users
mysql_user: name={{ item.0.user }} password={{ item.0.mysql.password }} host={{ item.1 }} priv={{ item.0.mysql.privs | join('/') }}
with_subelements:
- users
- mysql.hosts循環整數序列
with_sequence可以生成一個自增的整數序列,可以指定起始值和結束值,也可以指定增長步長。
參數以key=value的形式指定,format指定輸出的格式。
數字可以是十進制,十六進制,八進制。
---
- hosts: all
tasks:
# create groups
- group: name=evens state=present
- group: name=odds state=present
# create some test users
- user: name={{ item }} state=present groups=evens
with_sequence: start=0 end=32 format=testuser%02x
# create a series of directories with even numbers for some reason
- file: dest=/var/stuff/{{ item }} state=directory
with_sequence: start=4 end=16 stride=2
# a simpler way to use the sequence plugin
# create 4 groups
- group: name=group{{ item }} state=present
with_sequence: count=4隨機選擇
with_random_choice可以從列表中隨機取一個值。
- debug: msg={{ item }}
with_random_choice:
- "go through the door"
- "drink from the goblet"
- "press the red button"
- "do nothing"Do-Until 循環
- action: shell /usr/bin/foo
register: result
until: result.stdout.find("all systems go") != -1
retries: 5
delay: 10上邊的例子重複執行shell模塊,當shell模塊執行的命令輸出內容中包含"all systems go"的時候停止執行。重試5次,延遲時間10秒。retries默認值爲3,delay默認值爲5。
任務的返回值爲最後一次循環的返回結果。
循環註冊變量
在循環中使用register時,索保存的結果中包含results關鍵字,該關鍵字保存模塊執行結果的列表
- shell: echo "{{ item }}"
with_items:
- one
- two
register: echo變量echo內容如下:
{
"changed": true,
"msg": "All items completed",
"results": [
{
"changed": true,
"cmd": "echo \"one\" ",
"delta": "0:00:00.003110",
"end": "2013-12-19 12:00:05.187153",
"invocation": {
"module_args": "echo \"one\"",
"module_name": "shell"
},
"item": "one",
"rc": 0,
"start": "2013-12-19 12:00:05.184043",
"stderr": "",
"stdout": "one"
},
{
"changed": true,
"cmd": "echo \"two\" ",
"delta": "0:00:00.002920",
"end": "2013-12-19 12:00:05.245502",
"invocation": {
"module_args": "echo \"two\"",
"module_name": "shell"
},
"item": "two",
"rc": 0,
"start": "2013-12-19 12:00:05.242582",
"stderr": "",
"stdout": "two"
}
]
}遍歷註冊變量的結果:
- name: Fail if return code is not 0
fail:
msg: "The command ({{ item.cmd }}) did not have a 0 return code"
when: item.rc != 0
with_items: "`echo`.`results`"示例:
[root@web1 ~]# cat /etc/ansible/reloop.yml
---
- hosts: webservers
remote_user: root
tasks:
- shell: echo "{{ item }}"
with_items:
- one
- two
register: echo
- debug: msg="{{ echo }}"
- name: Fail if return code is not 0
fail: msg=" The command {{ item.cmd }} has a 0 return code"
when: item.rc != 0
with_items: "{{ echo.results }}"
[root@web1 ~]# ansible-playbook /etc/ansible/reloop.yml
PLAY [webservers] *************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.1.65]
TASK: [shell echo "{{ item }}"] ***********************************************
changed: [192.168.1.65] => (item=one)
changed: [192.168.1.65] => (item=two)
TASK: [debug msg="{{ echo }}"] ************************************************
ok: [192.168.1.65] => {
"msg": "{'msg': 'All items completed', 'changed': True, 'results': [{u'stdout': u'one', u'changed': True, u'end': u'2015-08-05 11:30:42.560652', u'start': u'2015-08-05 11:30:42.549056', u'cmd': u'echo \"one\"', u'rc': 0, 'item': 'one', u'stderr': u'', u'delta': u'0:00:00.011596', 'invocation': {'module_name': u'shell', 'module_args': u'echo \"one\"'}, 'stdout_lines': [u'one'], u'warnings': []}, {u'stdout': u'two', u'changed': True, u'end': u'2015-08-05 11:30:44.105387', u'start': u'2015-08-05 11:30:44.093500', u'cmd': u'echo \"two\"', u'rc': 0, 'item': 'two', u'stderr': u'', u'delta': u'0:00:00.011887', 'invocation': {'module_name': u'shell', 'module_args': u'echo \"two\"'}, 'stdout_lines': [u'two'], u'warnings': []}]}"
}
TASK: [Fail if return code is not 0] ******************************************
skipping: [192.168.1.65] => (item={u'cmd': u'echo "one"', u'end': u'2015-08-05 11:30:42.560652', u'stderr': u'', u'stdout': u'one', u'changed': True, u'rc': 0, 'item': 'one', u'warnings': [], u'delta': u'0:00:00.011596', 'invocation': {'module_name': u'shell', 'module_args': u'echo "one"'}, 'stdout_lines': [u'one'], u'start': u'2015-08-05 11:30:42.549056'})
skipping: [192.168.1.65] => (item={u'cmd': u'echo "two"', u'end': u'2015-08-05 11:30:44.105387', u'stderr': u'', u'stdout': u'two', u'changed': True, u'rc': 0, 'item': 'two', u'warnings': [], u'delta': u'0:00:00.011887', 'invocation': {'module_name': u'shell', 'module_args': u'echo "two"'}, 'stdout_lines': [u'two'], u'start': u'2015-08-05 11:30:44.093500'})
PLAY RECAP ********************************************************************
192.168.1.65 : ok=4 changed=1 unreachable=0 failed=0