Ansible之流程控制—4

---

判断语句
循环语句
触发器 handlers
tag标签
文件复用
忽略错误
异常处理

---

一、判断语句

---

• centos和ubuntu系统都需要安装httpd, 判断系统.
• 安装软件仓库,只有web组的安装webtatic其他的主机全部跳过.
• TASK任务, TASK1任务执行成功,才会执行TASK2

#案例一 根据不同的系统,安装不同的服务
[root@manager project1]# cat f15.yml 
- hosts: webservers
  tasks:
    - name: CentOS Installed Httpd Server
      yum:
        name: httpd
        state: present
      when: ( ansible_distribution == "CentOS" )
    - name: Ubuntu Installed Httpd Server
      yum:
        name: httpd2
        state: present
      when: ( ansible_distribution == "Ubuntu" )
# 案例二、所有为问问主机的名称的添加nginx仓库，其余的都跳过添加
[root@manager project1]# cat f16.yml 
- hosts: all
  tasks:
  - name: Add Nginx Yum Repository
    yum_repository:
      name: nginx
      description: Nginx Repository
      baseurl: http://nginx.org/packages/centos/7/$basearch/
    when: ( ansible_hostname is match ("web*"))
# 根据命令的执行结果进行判断
① 通过register将命令执行结果保存至变量，然后通过when语句进行判断
[root@manager project1]# cat f17.yml 
- hosts: webservers
  tasks:
    - name: Check Httpd Server
      command: systemctl is-active httpd
      register: Check_Httpd
      ignore_errors: yes
    #判断Check_Httpd.rc是否等于0,如果为0则执行任务,否则不执行
    - name: Restart Httpd Server
      systemd:
        name: httpd
        state: restarted
      when: ( Check_Httpd.rc == 0 )

---

二、Playbook循环语句

---

循环语句的优点就是减少了重复性的工作。

# 一次启动多个服务
[root@manager~/project1]# cat f18.yml 
- hosts: webservers
  tasks:
    - name: Systemd Nginx Status
      systemd:
        name: "{{ item }}"  #调用的变量也不变，也是固定。
        state: started
      # 固定的语法格式
      with_items:
        - nginx
        - php-fpm
# 一次拷贝多个文件
[root@manager~/project1]# cat f19.yml 
- hosts: webservers
  tasks:   
    - name: Configure nginx.conf
      copy: 
        src: './file/{{ item.src }}'
        dest: './file{{ item.dest }}'
        mode: '{{ item.mode }}'
      with_items:
        - { src: nginx.conf.j2, dest: /etc/nginx/nginx.conf, mode: '0644' }
        - { src: /kod.oldxu.com.conf.j2, dest: /etc/nginx/conf.d/kod.oldxu.com.conf, mode: '0600' }     
# 一次创建多个用户(比如创建三个用户)
[root@manager~/project1]# cat f20.yml 
- hosts: webservers
  tasks:
    - name: Create User
      user: 
        name: '{{ item.name }}'
        groups: '{{ item.groups}}'
        uid: "{{ item.uid }}"
        create_home: no
        shell: /sbin/nologin
      with_items:
        - {name: tt1, groups: bin, uid: 6666}
        - {name: tt2, groups: root, uid: 8888}
        - {name: tt3, groups: adm, uid: 9999}

总结

1.标准循环               
    item
    with_items:
       - test
2.字典循环:                
    itme.name
    with_items:
        - { name: test }
3.变量循环
[root@manager project1]# cat f21.yml 
- hosts: webservers
  tasks:
    - name: ensure a list of packages installed
      yum: name={{ packages }} state=present
      vars:
        packages:
          - httpd
          - httpd-tools

---

三、触发器handlers

---

Handlers是一个触发器，也是一个tasks，只不过是一个特殊的tasks，他是需要被tasks触发才会运行。
如果配置文件发生变更，则会触发重启，否则，不会触发重启。

• playbook安装nginx示例

[root@manager project1]# cat f22.yml 
- hosts: webservers
  tasks:
    - name: Installed Nginx and PHP Packages
      yum:
        name: nginx
        state: present
    - name: Configure nginx.conf 
      template:
        src: ./file/nginx.conf.j2
        dest: /etc/nginx/nginx.conf
      #监控-->changed状态-->通知-->handlers--->name-->Restart Nginx Server
      notify: Restart Nginx Server
      #notify:
      #  - Restart Nginx Server
      #  - Restart php Server
    - name: Systemd Nginx Server
      systemd:
        name: nginx
        state: started
        enabled: yes
#当nginx或php配置文件发生变更才会触发此操作
  handlers:
    - name: Restart Nginx Server
      systemd:
        name: nginx
        state: restarted

Handlers注意事项
>1.无论多少个task通知了相同的handlers，handlers仅会在所有tasks结束后运行一次。
2.只有task发生改变了才会通知handlers，没有改变则不会触发handlers.
3.不能使用handlers替代tasks、因为handlers是一个特殊的tasks。

**案例一、安装redis
要求：bind本地IP地址（{{ansible_eth1.ipv4.address}}） facts都要使用

[root@manager~/project1]# cat file/redis.conf.j2
bind 127.0.0.1 {{ansible_eth1.ipv4.address}}i
[root@manager~/project1]# cat redis.yml 
- hosts: redisservers
  tasks:
    - name: Installed Redis Server
      yum:
        name: redis
        state: present
    - name: Configure Redis Server
      template: 
        src: ./file/redis.conf.j2
        dest: /etc/redis.conf
        backup: yes 
      notify: Restart Redis Server
    - name: Sytemd Redis Server
      systemd:
        name: redis
        state: started 
        enabledi: yes
    - name: Check Redis Status
      shell: netstAT -lntp | grep redis
      register: Check_Redis
    - name: Debug Check_Redis Vsariables
      debug:
        msg: "Redis Status:{{ Check_Redis_Status }}"
  handlers:
    - name: Restart Redis Server
      systemd:
        name: redis
        state: restarted 
        enabled: yes

案例二 安装rsync
要求
使用循环 rsync.conf的权限为0644 rsync.passwd的权限为0600

[root@manager~/project1]# cat file/rsyncd.conf.j2 
uid = rsync
gid = rsync
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
[backup]
comment = welcome to oldboyedu backup!
path = /backup
[data]
path = /data

[root@manager~/project1]# cat file/rsync.passwd.j2 
rsync_backup:123456

[root@manager~/project1]# cat rsync.yml 
- hosts: backupservers
  tasks:
        #1.安装Rsync
    - name: Installed Rsyncd Server
      yum:
        name: rsync
        state: present
        disablerepo: webtatic-php
        #2.配置rsync
    - name: Configure Rsyncd Server
      template:
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
        mode: "{{ item.mode }}"
      with_items:
        - { src: './file/rsyncd.conf.j2', dest: '/etc/rsyncd.conf', mode: '0644' }
        - { src: './file/rsync.passwd.j2', dest: '/etc/rsync.passwd', mode: '0600' }
      notify: Restart Rsyncd Server
        #3.根据rsync配置初始化 进程用户|虚拟连接用户文件|备份模块仓库
    - name: Create Process User
      user:
        name: rsync
        create_home: no
        shell: /sbin/nologin
    - name: Create Rsyncd Repo Directory
      file:
        path: "{{ item }}"
        state: directory
        owner: rsync
        group: rsync
        mode: 0755
      with_items:
        - /backup
        - /data
        #4.启动rsync
    - name: Systemd Rsyncd Server
      systemd:
        name: rsyncd
        state: started
        enabled: yes
  handlers:
    - name: Restart Rsyncd Server
      systemd:
        name: rsyncd
        state: restarted

---

四、tag标签

---

默认情况下，Ansible在执行一个playbook是，会执行playbook中定义的所有任务。Ansible的标签功能都可以给单独任务甚至整个playbook打上标签，然后利用这些标签来制定运行playbook中的个别任务，或不执行指定的任务。

打标签的方式
一个task可以打一个标签，多个任务也可以打一个标签或一个任务打多个标签
如何使用标签
-t 执行指定的tag标签任务
--skip-tags 执行--skip-tags之外的标签任务

[root@manager tasks]# cat task_nfs.yml 
- hosts: webservers
  tasks:
        #对一个任务打多个标签
    - name: Install Nfs Server
      yum: 
        name: nfs-utils
        state: present
      tags:
        - install_nfs
        - install_nfs-server
        #对一个任务打一个标签
    - name: Service Nfs Server
      service:
        name: nfs-server 
        state: started
        enabled: yes
      tags: start_nfs-server
ansible-playbook -i ../hosts  task_nfs.yml  -t start_nfs-server123
ansible-playbook -i ../hosts  task_nfs.yml  --skip-tags install_nfs-server

---

四、文件复用（Include包含）

---

[root@manager~/project1]# cat restart_nginx.yml 
- name: Restart Nginx Server
  systemd:
    name: nginx
    state: restarted

[root@manager~/project1]# cat a_project.yml 
- hosts: webservers
  tasks:
    - name: A Project command
      command: echo "A"
    - name: Restart nginx
      include: ./restart_nginx.yml

[root@manager~/project1]# cat b_project.yml 
- hosts: webservers
  tasks:
    - name: B Project command
      command: echo "B"
    - name: Restart nginx
      include: restart_nginx.yml

---

五、忽略错误

---

默认Playbook会检测tasks执行的返回状态，如果玉带错误则会立即终止playbook的后续的task执行。然而当执行出现错误，加入ignore_errors:yes之后，则会忽略错误，且后续的任务仍将执行。

[root@manager~/project1/task]# cat task_ignore.yml 
- hosts: webservers
  tasks:
        #明确知道该TASK可能会报错,及时报错也希望不影响后续的TASK任务时
    - name: Ignore False
      command: /bin/false
      ignore_errors: yes
    - name: touch new file
      file: path=/tmp/bgx_ignore state=touch

---

六、异常处理

---

1.每次状态都是changed,纵使没有修改过被控端
[root@manager~/project1]# cat redis.yml 
- hosts: redisservers
  tasks:
    - name: Installed Redis Server
      yum:
        name: redis
        state: present
    - name: Configure Redis Server
      template: 
        src: ./file/redis.conf.j2
        dest: /etc/redis.conf
        backup: yes   
      notify: Restart Redis Server
    - name: Sytemd Redis Server
      systemd:
        name: redis
        state: started 
        enabledi: yes
 #Check_Redis_Status=$(netstat -lntp | grep redis) 
    - name: Check Redis Status
      shell: netstAT -lntp | grep redis
      register: Check_Redis
      changed_when: false
#echo ${Check_Redis_Status}
    - name: Debug Check_Redis Vsariables
      debug:
        msg: "Redis Status:{{ Check_Redis_Status.stdout_lines }}"
  #接收通知--->触发重启Redis操作
  handlers:
    - name: Restart Redis Server
      systemd:
        name: redis
        state: restarted 
        enabled: yes

2.nginx推送配置文件

第一种方式
[root@manager tasks]# cat task_nginx.yml 
- hosts: webservers
  tasks:
        #安装nginx
    - name: Installed nginx Server
      yum: 
        name: nginx
        state: present
        #配置nginx
    - name: Configure nginx Server
      template:
        src: ./file/nginx.conf.j2
        dest: /etc/nginx/nginx.conf
        #检查nginx (Check_Nginx_Status=$(nginx -t))
    - name: Check Nginx Configure File
      shell: nginx -t
      register: Check_Nginx_Status
      changed_when: 
        - Check_Nginx_Status.stdout.find('successful')
        - false   
        #启动Nginx
    - name: Systemd Nginx Server
      systemd:
        name: nginx
        state: started
        enabled: yes   
 第二种方式
[root@manager tasks]# cat task_nginx.yml 
- hosts: webservers
  tasks:
        #安装nginx
    - name: Installed nginx Server
      yum: 
        name: nginx
        state: present
        #配置nginx
    - name: Configure nginx Server
      template:
        src: ./file/nginx.conf.j2
        dest: /etc/nginx/nginx.conf
        #检查nginx (Check_Nginx_Status=$(nginx -t))
    - name: Check Nginx Configure File
      shell: nginx -t
        #启动Nginx
    - name: Systemd Nginx Server
      systemd:
        name: nginx
        state: started
        enabled: yes      

强制调用handlers

[root@manager tasks]# cat task_nginx.yml 
- hosts: webservers
  force_handlers: yes   #无论tasks失败与否,只要通过过handlers,那me一定会执行
  tasks:
        #安装nginx
    - name: Installed nginx Server
      yum: 
        name: nginx
        state: present
        #配置nginx
    - name: Configure nginx Server
      template:
        src: ./file/nginx.conf.j2
        dest: /etc/nginx/nginx.conf
      notify: Restart Nginx Server
        #检查nginx (Check_Nginx_Status=$(nginx -t))
    - name: Check Nginx Configure File
      shell: nginx -t
        #启动Nginx
    - name: Systemd Nginx Server
      systemd:
        name: nginx
        state: started
        enabled: yes 
  handlers:
    - name: Restart Nginx Server
      systemd: 
        name: nginx
        state: restarted