Official documentation --Using Variables
It seems that it can be described in either ini file format or YAML format. Is this an inventory file ...?
#ini format
[atlanta]
host1
host2
[atlanta:vars]
ntp_server=ntp.atlanta.example.com
proxy=proxy.atlanta.example.com
#YAML format
atlanta:
hosts:
host1:
host2:
vars:
ntp_server: ntp.atlanta.example.com
proxy: proxy.atlanta.example.com
In addition to defining variables in the inventory, you can also define host variables and group variables.
In that case, it seems necessary to use YAML format.
Create a group name / host name file in the group_vars and host_vars directories under the / etc / ansible / directory and the current directory, and describe the settings.
/etc/ansible/group_vars/raleigh #The file extension is'.yml'、 '.yaml', Or'.json'
/etc/ansible/group_vars/webservers
/etc/ansible/host_vars/foosball
The definition file of variables associated with role may be a little different. Or main.yml.
I also want to read the following.
Official Documents --Best Practices
You can use loop orwith_ *to perform iterative processing.
loop seems to be a function added in version 2.5 of Ansible.
Some modules allow you to pass a list directly to a parameter, which can be more efficient than looping tasks. Read the module manual.
Official documentation --Loops
- name: add several users
user:
name: "{{ item }}"
state: present
groups: "wheel"
loop: # with_items:
- testuser1
- testuser2
- name: add several users
user:
name: "{{ item.name }}"
state: present
groups: "{{ item.groups }}"
loop: # with_items:
- { name: 'testuser1', groups: 'wheel' }
- { name: 'testuser2', groups: 'root' }
When iterating using a predefined variable, specify the variable in loop.
Variables cannot be referenced unless they are enclosed in " {{}} ".
What you should pay attention to is the variable name, and there are variables that are implicitly declared, so if you are in conflict with it, it will not work well and you will be addicted to it. .. .. Like groups.
Check Special Variables in Official Documents. .. ..
vars:
users:
- { name: 'testuser1', groups: 'wheel' }
- { name: 'testuser2', groups: 'root' }
- name: add several users
user:
name: "{{ item.name }}"
state: present
groups: "{{ item.groups }}"
loop: "{{ users }}"
If you cannot ssh as root, use become to run the task with administrator privileges.
Official Document --Understanding privilege escalation: become
When describing in the playbook, describe in the following form.
---
- hosts: all
become: yes
become_user: root
become_method: su
become_flags: '-s /bin/sh'
Or set a variable. I think that variables should be specified in an appropriate file according to the scope of application.
---
# group_vars/all.yml
ansible_become: yes
ansible_become_method: su
ansible_become_password: somepassword
It seems that become_password cannot specify a password hash.
If you want to protect sensitive data, use Ansible Vault.
DRY-RUN
Execute with the --check option.
There is also a --diff option, but what's the difference ...
Execute with the --syntax-check option.
Execute with the --list-tasks option.
ʻRun the ansible-playbookcommand with the--start-at-taskoption. To step, add the--step` option.
ansible-playbook -i hosts -l hostname site.yml --start-at-task="some task name" --step
Recommended Posts