Linux Ansible可创建用户并基于VAR将其分配到特定组
大师,我正在学习ansible,并试图了解变量如何使用,我曾在剧本下面写过,但我不知道如何根据我在剧本中为Linux Ansible可创建用户并基于VAR将其分配到特定组,linux,ansible,centos7,ansible-2.x,Linux,Ansible,Centos7,Ansible 2.x,大师,我正在学习ansible,并试图了解变量如何使用,我曾在剧本下面写过,但我不知道如何根据我在剧本中为vars下的用户和组定义的变量将特定组分配给特定用户 我在下面的游戏中创建用户anika和rigved,并将其分配给docker组,而ayush和eshant应分配测试组 到目前为止,我还没有想到要做到这一点。但是,到目前为止,它在运行时会创建用户并将这两个组分配给所有用户 $ cat nested_playbook-1.yml --- - name: testing nested play
varsanikarigveddockerayusheshant测试组
到目前为止,我还没有想到要做到这一点。但是,到目前为止,它在运行时会创建用户并将这两个组分配给所有用户
$ cat nested_playbook-1.yml
---
- name: testing nested play
hosts: localhost
vars:
users:
- anika
- rigved
- ayush
- eshant
grps:
- docker
- test
tasks:
- name: make users members of groups
user:
name: "{{ item[0] }}"
state: present
groups: "{{ item[0] }}"
with_nested:
- "{{ users }}"
- "{{ grps }}"
您构建数据的方式没有显示用户和组之间的任何关系。一种选择是这样构造它:
grps:
- name: docker
users:
- anika
- rigved
- name: test
users:
- ayush
- eshant
---
- name: testing nested play
gather_facts: false
hosts: localhost
vars:
grps:
- name: docker
users:
- anika
- rigved
- name: test
users:
- ayush
- eshant
tasks:
- debug:
msg:
user:
name: "{{ item.1 }}"
state: present
groups: "{{ item.0.name }}"
loop: "{{ grps|subelements('users') }}"
loop_control:
label: "{{ item.1 }}"
users:
- name: anika
group: docker
- name: rigved
group: docker
- name: ayush
group: docker
- name: eshant
group: docker
使用此结构,您可以使用子元素
过滤器在GRP
上循环,如下所示:
grps:
- name: docker
users:
- anika
- rigved
- name: test
users:
- ayush
- eshant
---
- name: testing nested play
gather_facts: false
hosts: localhost
vars:
grps:
- name: docker
users:
- anika
- rigved
- name: test
users:
- ayush
- eshant
tasks:
- debug:
msg:
user:
name: "{{ item.1 }}"
state: present
groups: "{{ item.0.name }}"
loop: "{{ grps|subelements('users') }}"
loop_control:
label: "{{ item.1 }}"
users:
- name: anika
group: docker
- name: rigved
group: docker
- name: ayush
group: docker
- name: eshant
group: docker
过滤器是一种创建“嵌套循环”的方法:它迭代grps
中每个组的“用户”键的每个成员。在每个循环迭代过程中,item
是一个2元组,其中第一个项是grps
中的对应元素,第二个项迭代该元素的users
键。换言之,您最终会遍历此列表:
[{'name':'docker','users':['anika','rigged']},anika}
[{'name':'docker','users':['anika','rigged']},rigged}
[{'name':'test','users':['ayush','eshant']},ayush}
[{'name':'test','users':['ayush','eshant']},eshant}
因此在循环中,item.0
指的是组条目本身(因此item.0.name
指的是组名称),而item.1
指的是用户
PLAY [testing nested play] *******************************************************************
TASK [debug] *********************************************************************************
ok: [localhost] => (item=anika) => {
"msg": {
"user": {
"groups": "docker",
"name": "anika",
"state": "present"
}
}
}
ok: [localhost] => (item=rigved) => {
"msg": {
"user": {
"groups": "docker",
"name": "rigved",
"state": "present"
}
}
}
ok: [localhost] => (item=ayush) => {
"msg": {
"user": {
"groups": "test",
"name": "ayush",
"state": "present"
}
}
}
ok: [localhost] => (item=eshant) => {
"msg": {
"user": {
"groups": "test",
"name": "eshant",
"state": "present"
}
}
}
PLAY RECAP ***********************************************************************************
localhost : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
或者,您可以这样构造数据:
grps:
- name: docker
users:
- anika
- rigved
- name: test
users:
- ayush
- eshant
---
- name: testing nested play
gather_facts: false
hosts: localhost
vars:
grps:
- name: docker
users:
- anika
- rigved
- name: test
users:
- ayush
- eshant
tasks:
- debug:
msg:
user:
name: "{{ item.1 }}"
state: present
groups: "{{ item.0.name }}"
loop: "{{ grps|subelements('users') }}"
loop_control:
label: "{{ item.1 }}"
users:
- name: anika
group: docker
- name: rigved
group: docker
- name: ayush
group: docker
- name: eshant
group: docker
您可以使用一个简单的循环来处理此结构:
---
- name: testing nested play
gather_facts: false
hosts: localhost
vars:
users:
- name: anika
group: docker
- name: rigved
group: docker
- name: ayush
group: docker
- name: eshant
group: docker
tasks:
- debug:
msg:
user:
name: "{{ item.name }}"
state: present
groups: "{{ item.group }}"
loop: "{{ users }}"
loop_control:
label: "{{ item.name }}"
请注意,在上述两个示例中,我在任务上使用loop\u control
,只是为了设置循环标签并使输出看起来更漂亮。您可以从上述任务中删除loop\u control
,而不影响它们的操作方式。那么您想以某种方式加入具有相同子组计数的用户和组列表吗?我的意思是将用户列表按组数拆分,然后迭代用户?为什么ayush
不应该有docker
组?这些信息是如何存储的?如果有5个用户?或者13个用户和11个组呢?@KamilCuk,如果你不明白,很抱歉,我的意图与larsks
相同,请解释如果您有任何开放的解决方案,请告诉我。优秀的解决方案@larsks..这对我来说很有效,您介意解释一下项.0
和项.1
是否有效。这只是编写项[0]
或项[1]的另一种方式
。我已经用有关子元素
过滤器的更多信息更新了答案。非常感谢@lasrks。