Skip to content

Ansible Modules

  • fileglob: 显示文件夹中的指定文件
    - name: show all test* file in /home/suofeiya/tmp floder
      debug: msg="【【lookup('fileglob','/home/suofeiya/tmp/test*')】】"
# 利用fileglob筛选出来的文件
    - name: copy /home/suofeiya/tmp all files to /tmp
      copy:
        src: "【【item】】"
        dest: "/tmp"
        owner: suofeiya
        mode: 600
      with_fileglob: 
        - "/home/suofeiya/tmp/test*"
    - name: show all test* file in /home/suofeiya/tmp floder
      debug: msg="【【lookup('fileglob','/home/suofeiya/tmp/test*')】】"
# 利用fileglob筛选出来的文件
    - name: copy /home/suofeiya/tmp all files to /tmp
      copy:
        src: "【【item】】"
        dest: "/tmp"
        owner: suofeiya
        mode: 600
      with_fileglob: 
        - "/home/suofeiya/tmp/test*"
  • mysql_user: 增删用户及授权mysql数据库
  - name: connect to mySQL and add User for mySQL
    mysql_user:
      login_host: 192.168.43.37
      login_port: 3306
      login_user: root
      login_password: 123
      name: "【【 item[0] 】】"
      priv: "【【 item[1] 】】.*:ALL"
      append_privs: yes
      password: "123"
      state: absent
    with_nested:
      - [ 'user1', 'user2' ]
      - [ 'test', 'test1' ]
  - name: connect to mySQL and add User for mySQL
    mysql_user:
      login_host: 192.168.43.37
      login_port: 3306
      login_user: root
      login_password: 123
      name: "【【 item[0] 】】"
      priv: "【【 item[1] 】】.*:ALL"
      append_privs: yes
      password: "123"
      state: absent
    with_nested:
      - [ 'user1', 'user2' ]
      - [ 'test', 'test1' ]
  • 遍历vars
  - name: Show value of 'variablename'
    debug: msg="【【 lookup('vars', item) 】】 -- sub-variable is 【【lookup('vars','test2').sub_test2】】"
    ignore_errors: True
    vars:
      test1: hello vars.test1
      test2:
        sub_test2: hello vars.test2.sub_test2
    loop:
    - test1
  - name: Show value of 'variablename'
    debug: msg="【【 lookup('vars', item) 】】 -- sub-variable is 【【lookup('vars','test2').sub_test2】】"
    ignore_errors: True
    vars:
      test1: hello vars.test1
      test2:
        sub_test2: hello vars.test2.sub_test2
    loop:
    - test1
  • apt&apt_key&apt_repository相关
- name: Install a list of packages
  apt:
    pkg:
    - foo
    - foo-tools
- name: Update all packages to their latest version
  apt:
    name: "*"
    state: latest
- name: Upgrade the OS (apt-get dist-upgrade)
  apt:
    upgrade: dist
- name: Install a .deb package
  apt:
    deb: /tmp/mypackage.deb
    # install a deb package form internet
    # deb: https://example.com/python-ppq_0.1-1_all.deb

# apt_key
- name: Add an Apt signing key, uses whichever key is at the URL
  apt_key:
    url: https://ftp-master.debian.org/keys/archive-key-6.0.asc
    state: present

# apt_repository
- name: Add specified repository into sources list
  apt_repository:
    repo: deb http://archive.canonical.com/ubuntu hardy partner
    state: present
- name: Add nginx stable repository from PPA and install its signing key on Ubuntu target
  apt_repository:
    repo: ppa:nginx/stable
- name: Install a list of packages
  apt:
    pkg:
    - foo
    - foo-tools
- name: Update all packages to their latest version
  apt:
    name: "*"
    state: latest
- name: Upgrade the OS (apt-get dist-upgrade)
  apt:
    upgrade: dist
- name: Install a .deb package
  apt:
    deb: /tmp/mypackage.deb
    # install a deb package form internet
    # deb: https://example.com/python-ppq_0.1-1_all.deb

# apt_key
- name: Add an Apt signing key, uses whichever key is at the URL
  apt_key:
    url: https://ftp-master.debian.org/keys/archive-key-6.0.asc
    state: present

# apt_repository
- name: Add specified repository into sources list
  apt_repository:
    repo: deb http://archive.canonical.com/ubuntu hardy partner
    state: present
- name: Add nginx stable repository from PPA and install its signing key on Ubuntu target
  apt_repository:
    repo: ppa:nginx/stable
  • assemble组合多个文件内容到一个文件, 并使用验证命令进行验证
- name: Assemble a new "sshd_config" file into place, after passing validation with sshd
  assemble:
    src: /etc/ssh/conf.d/
    dest: /etc/ssh/sshd_config
    validate: /usr/sbin/sshd -t -f %s
- name: Assemble a new "sshd_config" file into place, after passing validation with sshd
  assemble:
    src: /etc/ssh/conf.d/
    dest: /etc/ssh/sshd_config
    validate: /usr/sbin/sshd -t -f %s

使用该命令时, 目标文件将被清空并替换为组合文件的内容.

  • blockinfile
  - name: Insert/Update "Match User" configuration block in /etc/ssh/sshd_config
    blockinfile:
      path: /home/suofeiya/ansible_workspace/index.html
      marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->"
      insertafter: "<body>"
      block: |
        <h1>Welcome to 【【 ansible_hostname 】】</h1>
        <p>Last updated on 【【 ansible_date_time.iso8601 】】</p>
      
      # block: "【【 lookup('file', './local/sshd_config') 】】"
      # validate: /usr/sbin/sshd -T -f %s
      
      # clear block
      marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->"
      block: ""
  - name: Insert/Update "Match User" configuration block in /etc/ssh/sshd_config
    blockinfile:
      path: /home/suofeiya/ansible_workspace/index.html
      marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->"
      insertafter: "<body>"
      block: |
        <h1>Welcome to 【【 ansible_hostname 】】</h1>
        <p>Last updated on 【【 ansible_date_time.iso8601 】】</p>
      
      # block: "【【 lookup('file', './local/sshd_config') 】】"
      # validate: /usr/sbin/sshd -T -f %s
      
      # clear block
      marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->"
      block: ""
  • expect自动回复交互式命令(Ubuntu下测试无效)
- name: Case insensitive password string match
  expect:
    command: passwd username
    responses:
      (?i)password: "MySekretPa$$word"
  # you don't want to show passwords in your logs
  no_log: true
# 回复多个
    responses:
      Question:
        - response1
        - response2
        - response3
- name: Case insensitive password string match
  expect:
    command: passwd username
    responses:
      (?i)password: "MySekretPa$$word"
  # you don't want to show passwords in your logs
  no_log: true
# 回复多个
    responses:
      Question:
        - response1
        - response2
        - response3
  • fail:自定义错误信息
  - name: Using fail message.
    # you don't want to show passwords in your logs
    fail:
      msg: "you are not the one we are lookin for..."
    when: name != "agou"
    vars:
      name: agou-ops
  - name: Using fail message.
    # you don't want to show passwords in your logs
    fail:
      msg: "you are not the one we are lookin for..."
    when: name != "agou"
    vars:
      name: agou-ops
  • fetch: 从远程主机获取文件
- name: Specifying a destination path
  fetch:
    src: /tmp/uniquefile
    dest: /tmp/special/
    flat: yes		# 区分路径最后的那个`/`
- name: Specifying a destination path
  fetch:
    src: /tmp/uniquefile
    dest: /tmp/special/
    flat: yes		# 区分路径最后的那个`/`
  • get_url: 从http,https,ftp获取文件
- name: Download file with check (sha256)
  get_url:
    url: http://example.com/path/file.conf
    dest: /etc/foo.conf
    mode: '0440'
    checksum: sha256:b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c
- name: Download file with check (sha256)
  get_url:
    url: http://example.com/path/file.conf
    dest: /etc/foo.conf
    mode: '0440'
    checksum: sha256:b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c
  • git: 克隆仓库
- name: Create git archive from repo
  git:
    repo: https://github.com/ansible/ansible-examples.git
    dest: /src/ansible-examples
    version: release-0.22
    archive: /tmp/ansible-examples.zip
    # separate_git_dir: /src/ansible-examples.git

    
- name: Create git archive from repo
  git:
    repo: https://github.com/ansible/ansible-examples.git
    dest: /src/ansible-examples
    version: release-0.22
    archive: /tmp/ansible-examples.zip
    # separate_git_dir: /src/ansible-examples.git

    
  • random_choice: 随机选择
  - name: return a random list choice
    debug: msg="your random choice is:【【item】】"
    with_random_choice:
    - "go through the door"
    - "drink from the goblet"
    - "press the red button"
    - "do nothing"
  - name: return a random list choice
    debug: msg="your random choice is:【【item】】"
    with_random_choice:
    - "go through the door"
    - "drink from the goblet"
    - "press the red button"
    - "do nothing"
  • block: 更好的组织playbook, 处理任务过程之中的异常和错误
- name: Attempt and graceful roll back demo
  block:
    - name: Print a message
      debug:
        msg: 'I execute normally'

    - name: Force a failure
      command: /bin/false

    - name: Never print this
      debug:
  msg: 'I never execute, due to the above task failing, :-('
  when: ansible_facts['distribution'] == 'CentOS'
  become: true
  become_user: root
  ignore_errors: yes
  rescue:
    - name: Print when errors
      meta: flush_handlers      # 即使当错误出现,也要继续运行
      debug:
        msg: 'I caught an error'
  always:
    - name: Always do this
      debug:
        msg: "This always executes"
- name: Attempt and graceful roll back demo
  block:
    - name: Print a message
      debug:
        msg: 'I execute normally'

    - name: Force a failure
      command: /bin/false

    - name: Never print this
      debug:
  msg: 'I never execute, due to the above task failing, :-('
  when: ansible_facts['distribution'] == 'CentOS'
  become: true
  become_user: root
  ignore_errors: yes
  rescue:
    - name: Print when errors
      meta: flush_handlers      # 即使当错误出现,也要继续运行
      debug:
        msg: 'I caught an error'
  always:
    - name: Always do this
      debug:
        msg: "This always executes"
  • uri: 服务状态检查
  - name: check service status
    uri:
      url: http://127.0.0.1
      return_content: yes
    register: result
    until: '"???" in result.content'
    retries: 10
    delay: 1
  - name: check service status
    uri:
      url: http://127.0.0.1
      return_content: yes
    register: result
    until: '"???" in result.content'
    retries: 10
    delay: 1