我想使用Ansible来自动执行OpenShift用户创建。
我目前正在测试列表和子元素,并且很接近。
vars文件
---
host_group: localhost
users:
- username: jdoe
password: tester123
groups:
- test-group1
- username: jdosephina
password: tester456
groups:
- test-group2
- test-group3
test.yaml
---
- hosts: "{{ host_group | default('empty_group') }}"
vars_files:
- /etc/ansible/vars/openshift_user_creation_vars.yaml
tasks:
- name: Create user on master server
debug:
msg: "htpasswd -b /etc/origin/master/htpasswd {{ item[0].username }} {{ item[0].password }}"
become: yes
with_subelements:
- "{{ users }}"
- groups
- name: Restart atomic service
debug:
msg: "systemctl restart atomic-openshift-master-api"
become: yes
- name: Add user to group
debug:
msg: "oc adm groups add-users {{ item[1] }} {{ item[0].username }}"
with_subelements:
- "{{ users }}"
- groups
我现在遇到的问题是,如果指定了多个组(在本例中为jdosephina),则创建用户的第一个命令也会多次运行。
TASK [Create user on master server] *********************************************************************************************************************************************************************************************************
ok: [localhost] => (item=None) => {
"msg": "htpasswd -b /etc/origin/master/htpasswd jdoe tester123"
}
ok: [localhost] => (item=None) => {
"msg": "htpasswd -b /etc/origin/master/htpasswd jdosephina tester456"
}
ok: [localhost] => (item=None) => {
"msg": "htpasswd -b /etc/origin/master/htpasswd jdosephina tester456"
}
TASK [Restart atomic service] ***************************************************************************************************************************************************************************************************************
ok: [localhost] => {
"msg": "systemctl restart atomic-openshift-master-api"
}
TASK [Add user to group] ********************************************************************************************************************************************************************************************************************
ok: [localhost] => (item=None) => {
"msg": "oc adm groups add-users test-group1 jdoe"
}
ok: [localhost] => (item=None) => {
"msg": "oc adm groups add-users test-group2 jdosephina"
}
ok: [localhost] => (item=None) => {
"msg": "oc adm groups add-users test-group3 jdosephina"
}
最好的方法是根据组数运行一次或多次使用组的命令,而对每个用户仅运行一次第一个命令?
答案 0 :(得分:0)
我需要将用户创建块中的{{ item[0].username }} {{ item[0].password }}更改为{{ item.username }} {{ item.password }},删除- groups,然后将with_subelements更改为with_items。
完整的新剧本:
test.yaml
---
- hosts: "{{ host_group | default('empty_group') }}"
vars_files:
- /etc/ansible/vars/openshift_user_creation_vars.yaml
tasks:
- name: Create user on master server
debug:
msg: "htpasswd -b /etc/origin/master/htpasswd {{ item.username }} {{ item.password }}"
become: yes
with_items:
- "{{ users }}"
- name: Restart atomic service
debug:
msg: "systemctl restart atomic-openshift-master-api"
become: yes
- name: Add user to group
debug:
msg: "oc adm groups add-users {{ item[1] }} {{ item[0].username }}"
with_subelements:
- "{{ users }}"
- groups