Anisble中的任务执行控制_ansible在debug的时候怎么控制changed为 false

最新推荐文章于 2025-06-10 17:29:19 发布

2401_85956920

最新推荐文章于 2025-06-10 17:29:19 发布

阅读量664

点赞数 12

文章标签： ansible

本文链接：https://blog.youkuaiyun.com/2401_85956920/article/details/141371812

版权

tasks:
- name: file module
file:
name: /mnt/{{item}}
state: present

  loop:
    - westos_file1
    - westos_file2

#2.循环散列或字典列表#

name: create file
hosts: 172.25.0.254
tasks:
- name: file module
  service:
  name: “{{ item.name}}”
  state: “{{ item.state }}”
  loop:
  - name: httpd
    state: started
  - name: vsftpd
    state: stopped


 脚本练习：


在系统中完成以下用户操作


1.建立用户组shengchan，caiwu，jishu并满足以下要  
 \* shengchan组id为8000  
 \* caiwu组id为8001  
 \* jishu组id为8002


2.建立westosuser,linux,lee,westosadmin等用户完成以下要求  
 \* westosuser用户的附加组为shengchan和jishu  
 \* lee的主组为caiwu附加组为技术，lee的uid和gid必须一致  
 \* linux为系统账号不能直接被操作者使用  
 \* westosamdin用户不属于以上三个部门，但是可以在系统中自由的管理用户


3.  
 \* 以上用户密码均为westos,并要求用户首次登陆时强制修改密码  
 \* 设定以上用户密码必须在30天内进行休改，并在过期前2天发出警告求

name: create file
hosts: list1
tasks:
- name: create group
  group:
  name: “{{item.name}}”
  gid: “{{item.gid}}”
  state: present
  loop:
  - name: shengchan
    gid: 8000
  - name: caiwu
    gid: 8001
  - name: jishu
    gid: 8002
  - name: westosuser
    gid: 8003
  - name: linux
    gid: 8004
  - name: westosadmin
    gid: 8005
- name: create user
  user:
  name: “{{item.name}}”
  groups: “{{item.groups}}”
  group: “{{item.group}}”
  shell: “{{item.shell}}”
  uid: “{{item.uid}}”
  password: ‘$6 $4 RBS j f u Y I t 694 m E i$ KetzruRtGRzZIPA4B/hDCimIWCalsOkzCH2GEoHvRTZpDXWL1xf.0.SYDg.SQ6KwtMUDKsNIcH0MAd3AHBRET0’
  loop:
  - name: westosuser
    groups: shengchan, jishu
    group: 8003
    shell: /bin/bash
    uid: 8003
  - name: lee
    groups: jishu
    group: caiwu
    shell: /bin/bash
    uid: 8001
  - name: linux
    groups: linux
    group: linux
    shell: /sbin/nologin
    uid: 8004
  - name: westosadmin
    groups: westosadmin
    group: westosadmin
    shell: /bin/bash
    uid: 8005
- name: westosadmin
  lineinfile:
  path: /etc/sudoers
  regexp: “^root”
  insertafter: “^root”
  line: “westosadmin {{ansible_facts[‘fqdn’]}}=(root) NOPASSWD: /sbin/useradd, /sbin/userdel, /sbin/usermod”
- name: configure password messages
  shell: chage -d 0 -M 30 -W 2 “{{item}}”
  loop:
  - westosuser
  - lee
  - westosadmin
    …


#### 二、条件

when:

条件1
条件2

#条件判断#
= value == “字符串”,value == 数字
< value < 数字

  	value >  数字

<= value <= 数字

= value >= 数字
!= value != 数字
is defined value value is defined 变量存在
is not defined value is not defined 变量不存在
bool变量为true value value的值为true
bool变量 false not value value的值为false
value in value2 value的值在value2列表中
#多条条件组合#
when：
条件1 and 条件2

条件1
条件2

when:
条件1 or 条件2

when: >
条件1
or
条件2


测试题：


\*建立大小为1500M名为exam\_lvm的 lvm在westos组中


\*如果westos不存在请输入：


vg westos is not exist


\*如果westos大小不足1500M清输出：


vg westos is less then 1500M


并建立800M大小的lvm


三、触发器

notify: 触发器当遇到更改是触发handlers

handlers：触发器触发后执行的动作

#实例#

name: create virtualhost for web server
hosts: 172.25.0.254
vars_files:
./vhost_list.yml
tasks:
- name: create document
  file:
  path: “{{web2.document}}”
  state: directory
- name: create vhost.conf
  copy:
  dest: /etc/httpd/conf.d/vhost.conf
  content:
  “<VirtualHost *:{{web1.port}}>\n\tServerName {{web1.name}}\n\tDocumentRoot {{web1.document}}\n\tCustomLog logs/{{web1.name}}.log combined\n\n\n<VirtualHost *:{{web2.port}}>\n\tServerName {{web2.name}}\n\tDocumentRoot {{web2.document}}\n\tCustomLog logs/{{web2.name}}.log combined\n”
  notify:
  restart apache
handlers:
- name: restart apache
  service:
  name: httpd
  state: restarted


脚本练习：


搭建一个vsftpd服务

name: creat vsftpd
hosts: all
tasks:
- name: install vsftpd
  dnf:
  name: vsftpd
  state: present
- name: config vsftpd.conf
  template:
  src: ~/ansible/vsftpd.conf.j2
  dest: /etc/vsftpd/vsftpd.conf
  notify: restart vsftpd
- name: config ftpdir
  file:
  path: /var/ftp/pub
  group: ftp
  mode: ‘0775’
  setype: “public_content_rw_t”
- name: set sebool
  seboolean:
  name: ftpd_anon_write
  state: yes
  persistent: yes
- firewalld:
  zone: public
  service: ftp
  permanent: yes
  state: enabled
  immediate: yes
handlers:
- name: restart vsftpd
  service:
  name: vsftpd
  state: restarted
  …


#### 四、处理失败任务


1.ignore\_errors#  
 #作用：  
 当play遇到任务失败是会终止  
 ignore\_errors: yes    将会忽略任务失败使下面的任务继续运行


#实例#

name: test
hosts: all
tasks:
- name: test
  dnf:
  name: sun
  state: present
  ignore_errors: yes
- name: create file
  file:
  path: /mnt/sun
  state: touch

…


测试效果：


![](https://img-blog.csdnimg.cn/20201227122518104.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L1N1bl9fcw==,size_16,color_FFFFFF,t_70)


2.force\_handlers#  
 #作用：  
 #当任务失败后play被终止也会调用触发器进程


#示例#

name: apache change port
hosts: all
force_handlers: yes
vars:
http_port: 8080
tasks:
- name: configure apache conf file
  lineinfile:
  path: /etc/httpd/conf/httpd.conf
  regexp: “^Listen”
  line: “Listen {{ http_port }}”
  notify: restart apache
- name: install error
  dnf:
  name: westos
  state: latest
handlers:
- name: restart apache
  service:
  name: httpd
  state: restarted
  enabled: yes
  …


验证：


![](https://img-blog.csdnimg.cn/20201227123116632.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L1N1bl9fcw==,size_16,color_FFFFFF,t_70)


3.changed\_when#  
 #作用：  
 #控制任务在何时报告它已进行更改

name: apache change port
hosts: all
force_handlers: yes
vars:
http_port: 80
tasks:
- name: configure apache conf file
  lineinfile:
  path: /etc/httpd/conf/httpd.conf