ansible-task

动态变量#

- name: Render deployment templates
set_fact:
"{{ item }}": "{{ lookup('template', item + '.yml.j2') }}"
with_items:
- 'configmap'
- 'secret'
- 'deployment'
- 'supervisor'
- 'launch_awx'
no_log: true

批量模版#

- name: create x template
template:
src: '{{item}}'
dest: /tmp/{{ item | basename | regex_replace('\.j2','') }}
with_fileglob:
- ../templates/*.j2

密码生成#

  • lookup('password', 'credentials/db.passwd length=8 chars=digits') - 读取或随机生成密码
# 生成密码且不记录
- name: Generate broadcast websocket secret
set_fact:
broadcast_websocket_secret: "{{ lookup('password', '/dev/null length=128') }}"
run_once: true
no_log: true
when: broadcast_websocket_secret is not defined

临时文件存储模板#

- name: Create Temporary Values File (Kubernetes)
tempfile:
state: file
suffix: .yml
register: values_file
- name: Populate Temporary Values File (Kubernetes)
template:
# 会直接使用模版目录下文件
src: postgresql-values.yml.j2
dest: "{{ values_file.path }}"
no_log: true

等待命令成功#

- name: Wait for management pod to start
shell: |
{{ kubectl_or_oc }} -n {{ kubernetes_namespace }} \
get pod ansible-tower-management -o jsonpath="{.status.phase}"
register: result
# 条件
until: result.stdout == "Running"
retries: 60
delay: 10