我是ansible的新手,无法理解循环。我有以下有趣的剧本:
---
- name: Firewall Object Group Manager
hosts: all
gather_facts: yes
tasks:
- name: Manage ASA Object Groups
asa_og:
name: TEST_ANSIBLE_GROUP_1
state: replace
group_type:
host_ip:
- 127.0.0.1
- 127.0.0.2
ip_mask:
我的目标是能够管理多个ASA对象组。没有循环,我的游戏会喜欢
---
- name: Firewall Object Group Manager
hosts: all
gather_facts: yes
tasks:
- name: Manage ASA Object Groups
asa_og:
name: TEST_ANSIBLE_GROUP_1
state: replace
group_type:
host_ip:
- 127.0.0.1
- 127.0.0.2
ip_mask:
- name: Manage ASA Object Groups
asa_og:
name: TEST_ANSIBLE_GROUP_2
state: replace
group_type:
host_ip:
- 127.0.0.3
- 127.0.0.4
ip_mask:
- name: Manage ASA Object Groups
asa_og:
name: TEST_ANSIBLE_GROUP_3
state: replace
group_type:
host_ip:
- 127.0.0.5
- 127.0.0.6
ip_mask:
...等等
我对ansible循环的理解是,我应该能够调用一次任务并遍历变量。经过几个小时的研究,我的游戏现在看起来像这样:
---
- name: Firewall Object Group Manager
hosts: all
gather_facts: yes
vars:
Object_Groups:
- name: 'TEST_ANSIBLE_GROUP'
host_ip:
- 127.0.0.1
- 127.0.0.2
group_type: 'network-object'
- name: 'TEST_ANSIBLE_GROUP_2'
host_ip:
- 127.0.0.3
- 127.0.0.4
group_type: 'network-object'
- name: 'TEST_ANSIBLE_GROUP_3'
host_ip:
- 127.0.0.5
- 127.0.0.6
group_type: 'network-object'
tasks:
- name: Manage ASA Object Groups
asa_og:
name: "{{ item.0.name }}"
state: replace
group_type: "{{ item.0.group_type }}"
host_ip: "{{ item.0.host_ip }}"
ip_mask: "{{ item.0.ip_mask | default([]) }}"
loop:
- "{{ Object_Groups }}"
这是我播放剧本时的调试:
$ ANSIBLE_STDOUT_CALLBACK=debug ansible-playbook -i inventory.yml -k stackof.yml -v -l FW01
Using /etc/ansible/ansible.cfg as config file
SSH password:
PLAY [Firewall Object Group Manager] **********************************************************************************************************************************
TASK [Gathering Facts] ************************************************************************************************************************************************
ok: [FW01]
TASK [Manage ASA Object Groups] ***************************************************************************************************************************************
changed: [FW01] => (item=[{u'name': u'TEST_ANSIBLE_GROUP', u'group_type': u'network-object', u'host_ip': [u'127.0.0.1', u'127.0.0.2']}, {u'name': u'TEST_ANSIBLE_GROUP_2', u'group_type': u'network-object', u'host_ip': [u'127.0.0.3', u'127.0.0.4']}, {u'name': u'TEST_ANSIBLE_GROUP_3', u'group_type': u'network-object', u'host_ip': [u'127.0.0.5', u'127.0.0.6']}]) => {
"ansible_loop_var": "item",
"changed": true,
"commands": [
"object-group network TEST_ANSIBLE_GROUP",
"network-object host 127.0.0.2",
"network-object host 127.0.0.1",
"no network-object host 127.0.0.8",
"no network-object host 127.0.0.7",
"no network-object host 127.0.0.5"
],
"item": [
{
"group_type": "network-object",
"host_ip": [
"127.0.0.1",
"127.0.0.2"
],
"name": "TEST_ANSIBLE_GROUP"
},
{
"group_type": "network-object",
"host_ip": [
"127.0.0.3",
"127.0.0.4"
],
"name": "TEST_ANSIBLE_GROUP_2"
},
{
"group_type": "network-object",
"host_ip": [
"127.0.0.5",
"127.0.0.6"
],
"name": "TEST_ANSIBLE_GROUP_3"
}
]
}
PLAY RECAP ************************************************************************************************************************************************************
FW01 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
看起来Ansible可以看到所有变量,但是并没有使用我为下一个对象组定义的变量再次运行任务,然后再为第三个对象组定义任务。我似乎无法弄清楚我在做什么错。
一旦我可以正确地遍历变量,我的意图是将变量放置在vars/main.yml文件中,以便可以将所有对象组变量集中在一个地方。
作为参考,以下是我正在使用的Ansible模块的链接: https://docs.ansible.com/ansible/latest/modules/asa_og_module.html#asa-og-module
答案 0 :(得分:0)
如果您更改此设置怎么办
loop:
- "{{ Object_Groups }}"
收件人:
loop:
- "{{ TEST_ANSIBLE_GROUP_1 }}"
- "{{ TEST_ANSIBLE_GROUP_2 }}"
- "{{ TEST_ANSIBLE_GROUP_3 }}"
- "{{ TEST_ANSIBLE_GROUP_4 }}"
答案 1 :(得分:0)
Object_Groups变量是包含三个字典的单个项目的列表。因此,当您循环播放时,ansible只运行一次。可能还有其他人,但在此处发布了两个选项来修改任务以遍历所有字典。
选项1:使用with_items
- debug:
msg: "{{ item.name }} {{ item.group_type }} {{ item.host_ip }} {{ item.ip_mask | default([]) }}"
with_items: "{{ Object_Groups }}"
选项2:使用loop
- debug:
msg: "{{ item.name }} {{ item.group_type }} {{ item.host_ip }} {{ item.ip_mask | default([]) }}"
loop: "{{ Object_Groups | flatten(1) }}"
以上两个选项均提供:
TASK [debug] *******************************************************************************************************************************************************************************
ok: [localhost] => (item={'name': 'TEST_ANSIBLE_GROUP', 'host_ip': ['127.0.0.1', '127.0.0.2'], 'group_type': 'network-object'}) =>
msg: TEST_ANSIBLE_GROUP network-object ['127.0.0.1', '127.0.0.2'] []
ok: [localhost] => (item={'name': 'TEST_ANSIBLE_GROUP_2', 'host_ip': ['127.0.0.3', '127.0.0.4'], 'group_type': 'network-object'}) =>
msg: TEST_ANSIBLE_GROUP_2 network-object ['127.0.0.3', '127.0.0.4'] []
ok: [localhost] => (item={'name': 'TEST_ANSIBLE_GROUP_3', 'host_ip': ['127.0.0.5', '127.0.0.6'], 'group_type': 'network-object'}) =>
msg: TEST_ANSIBLE_GROUP_3 network-object ['127.0.0.5', '127.0.0.6'] []
请参阅how to convert with_* to loop和flatten过滤器的详细信息。