如何使用Ansible干净地管理printers.conf?

时间:2014-10-02 19:21:52

标签: ansible cups

我有以下Ansible playbook文件,它试图在一组CentOS 6盒子上管理printers.conf。

---
# file: roles/common/tasks/config-cups.yml
# Configure printing

- name: ensure cups is installed
  yum: pkg=cups state=installed

# We want to compare the local and remote printers.conf files so that
# we can predetermine if the copy needs to happen.  According to a
# comment in the default printers.conf file, we can't write
# printers.conf while cups is running. But to be idempotent, we want
# to avoid stopping the cups service if we don't need to.

- stat: path=printers.conf
  register: locst

- stat: path=/etc/cups/printers.conf
  register: remst

# can't write printers.conf while running, so says the default file
- name: ensure cups is stopped
  service: name=cups state=stopped
  when: locst.stat.md5 ne remst.stat.md5

- name: Configure printers
  tags: configuration
  copy: >
    src=printers.conf
    dest=/etc/cups/printers.conf
    mode=600 owner=root group=lp
  notify:
  - restart cups

- name: Enable the cups service
  service: name=cups enabled=yes

- name: Ensure cups is running
  service: name=cups state=started

不幸的是,我从when条件控制停止杯子服务时收到错误“致命:[hostxxx] =>错误,同时评估条件:locst.stat.md5 ne remst.stat.md5”

有没有办法查看被评估的条件中的值?添加-vvv对我没有帮助。

还有另一种调试条件的方法吗?

EDIT1:

显然,stat模块总是远程的 - 它无法与roles / common / files / printers.conf中的本地printers.conf匹配

TASK: [common | stat path=printers.conf] **************************************
<hostxxx> ESTABLISH CONNECTION FOR USER[...]
<hostxxx> REMOTE_MODULE stat path=printers.conf
[...]
ok: [hostxxx] => {"changed": false, "stat": {"exists": false}}

这将是我在评估条件时出错的原因。

所以我仍然不知道如何干净地管理文件。我不想手工编写md5值到任务中。

stackoverflow question正在寻找几乎相同的东西。

EDIT2:

虽然我现在能够针对本地文件执行stat模块,使用local_action和更长的路径来处理lack of role-path searching in local actions,但我在评估条件时仍会遇到相同的错误,尽管有有效的.stat.md5值。

- local_action: stat path=roles/common/files/printers.conf
  register: locst
然而,我确实注意到md5值意外地不同。似乎在运行期间,cups重写了printers.conf文件,其中包括一个名为“StateTime”的时间戳。通过编写配置文件来管理杯子的方式非常简单。

AFAICT,是干净地管理杯子的唯一方法,这样每次只会在比较之前过滤掉现有的printers.conf,或者更不合理,写一个webscraper来对抗界面杯希望您用来配置打印机。

3 个答案:

答案 0 :(得分:1)

我试图从AlexKing那里得到答案,但无法让“扩展”正常工作。所以,以下是我最终得到的(测试和工作)

- name: Install Printer Driver | Create Kyocera directory as required
  file: dest=/usr/share/cups/model/Kyocera mode=0755 state=directory owner=root

- name: Install Printer Driver | Copy PPD file
  copy: src=Kyocera_TASKalfa_4551ci.PPD dest=/usr/share/cups/model/Kyocera/Kyocera_TASKalfa_4551ci.PPD owner=root group=lp mode=0444

- name: Install Printer Driver | Ensure cups is stopped before updating the printers.conf file
  service: name=cups state=stopped

- name: Install Printer Driver | Configure Printer
  tags: configuration
  copy: src=printers.conf dest=/etc/cups/printers.conf mode=600 owner=root group=lp backup=yes 

- name:  Install Printer Driver | Ensure cups is running
  service: name=cups state=started

根据我对Ansible如何工作的理解,你不应该检查文件是否不同 - 这就是复制模块中已经发生的事情。

HTH,

罗素。

答案 1 :(得分:1)

您的方法可能没有什么潜在问题:

  • - stat: path=printers.conf指的是远程位置,而不是{{ playbook_dir }}/roles/common/
    • 下的本地文件 默认情况下,
  • md5处理未启用。您将明确撰写get_md5=yes
  • 运行Playbook的用户可能需要对stat /etc/cups/printers.conf
    • 进行sudo permitions

根据您的问题提出解决方案:

---
- name: "cups - installation"
  apt: name=cups state=installed update_cache=yes cache_valid_time=3600
  become: yes

- name: "cups - md5 on local printers.conf"
  local_action: stat path={{ playbook_dir }}/roles/homie/files/printers.conf get_md5=yes
  register: locst

- name: "cups - md5 on remote printers.conf"
  stat: path=/etc/cups/printers.conf get_md5=yes
  register: remst
  become: yes

- name: "cups - stop service"
  service: name=cups state=stopped
  when: not remst.stat.exists or (locst.stat.md5 != remst.stat.md5)
  become: yes

- name: "cups - configure drivers"
  copy: src=Canon_MG2900_series.ppd dest=/etc/cups/ppd/Canon_MG2900_series.ppd mode=640 owner=root group=lp backup=yes 
  become: yes

- name: "cups - configure printers"
  copy: src=printers.conf dest=/etc/cups/printers.conf mode=600 owner=root group=lp backup=yes
  notify: restart cups
  when: not remst.stat.exists or (locst.stat.md5 != remst.stat.md5)
  become: yes

和处理程序:

---
- name: restart cups
  service: name=cups state=restarted
  become: yes

使用ansible 2.1.0.0

答案 2 :(得分:0)

假设ansible只运行validate命令,如果文件不同并因此尝试替换它,你可以&#34;扩展&#34;用于停止杯子的验证功能:

- name: Configure printers
  tags: configuration
  copy: src=printers.conf dest=/etc/cups/printers.conf mode=600 owner=root group=lp validate="service cups stop %s"

- name: Ensure cups is running
  service: name=cups state=started

%s对于服务来说是多余的(但对我的debian系统没有影响),但根据文档需要ansible。见http://docs.ansible.com/copy_module.html

相关问题
最新问题