Ansible,防止不必要的日志输出

【问题标题】:Ansible, prevent unneccessary log outputAnsible,防止不必要的日志输出
【发布时间】:2022-08-16 01:06:32
【问题描述】:

我目前正在使用条件 \"when\" 语句从我的剧本中调用角色。

我的剧本:

---
- hosts: all
  connection: local
  gather_facts: no
  
  tasks:
  roles:
    - role: my_role_one
      when: deviceType == \"roleOneDevice\"
    - role: my_role_two
      when: deviceType == \"roleTwoDevice\"

每个角色都有与之关联的相同任务。

角色一:

$ tree my_role_one/
my_role_one/
├── defaults
│   └── main.yml
├── files
├── handlers
│   └── main.yml
├── meta
│   └── main.yml
├── README.md
├── tasks
│   ├── install_certs.yml
│   ├── main.yml
│   ├── renew_certs.yml
│   └── revoke_certs.yml
├── templates
└── vars
    └── main.yml

角色 2:

tree my_role_two/
my_role_two/
├── defaults
│   └── main.yml
├── files
├── handlers
│   └── main.yml
├── meta
│   └── main.yml
├── README.md
├── tasks
│   ├── install_certs.yml
│   ├── main.yml
│   ├── renew_certs.yml
│   └── revoke_certs.yml
├── templates
└── vars
    └── main.yml

这是来自my_role_one 角色的main.yml

---
# main tasks to execute

- name: Renew SSL Certs
  import_tasks: renew_certs.yml
  tags:
    - renew
  when: deviceType == \"roleOneDevice\"

- name: Revoke SSL Certs
  import_tasks: revoke_certs.yml
  tags:
    - revoke
  when: deviceType == \"roleOneDevice\"

- name: Install SSL Certs
  import_tasks: install_certs.yml
  tags:
    - install
  when: deviceType == \"roleOneDevice\"

当我运行剧本时,我传入一个内联变量deviceTypewhen 条件作用于该变量。但是,当剧本运行时,我会看到两个角色的日志输出。我只想将与相应角色关联的任务的输出打印到屏幕上。

电流输出:

ansible-playbook lemur-staging-ssl-certs.yml -i hosts --limit \"lab-hub[0]\" -e deviceType=roleOneDevice -t \"renew\"

PLAY [all] 
TASK [my_role_one : fail] 
skipping: [device_one.mgt.net]

TASK [my_role_one : Delete newDevices.txt file.] 
changed: [device_one.mgt.net]

TASK [my_role_one : Log in to Lemur Stage Env.] 
ok: [device_one.mgt.net -> 127.0.0.1]

TASK [my_role_one : Getting current certificate data.] 
ok: [device_one.mgt.net -> 127.0.0.1]

TASK [my_role_one : Set currentCertSN and currentCertID vars.] 
ok: [device_one.mgt.net]

TASK [my_role_one : Writing devices with no certs to newDevices.txt.] 
changed: [device_one.mgt.net]

TASK [my_role_one : Set newDevices var.] 
ok: [device_one.mgt.net]

TASK [my_role_one : Creating new certificates.] 
skipping: [device_one.mgt.net] => (item=device_one.mgt.net) 

TASK [my_role_one : Set newCertData var for newly created cert (CER, ID, SN).] skipping: [device_one.mgt.net]

TASK [my_role_one : Reissuing certificates.] 
skipping: [device_one.mgt.net]

TASK [my_role_one : Set newCertData var with reissued cert data (CER, ID, SN).] 
skipping: [device_one.mgt.net]

TASK [my_role_one : Revoking old certificates.] 
skipping: [device_one.mgt.net]

TASK [my_role_two : fail] 
skipping: [device_one.mgt.net]

TASK [my_role_two : Delete newDevices.txt file.] 
skipping: [device_one.mgt.net]

TASK [my_role_two : Log in to Lemur Stage Env.] 
skipping: [device_one.mgt.net]

TASK [my_role_two : Getting current certificate data.] 
skipping: [device_one.mgt.net]

TASK [my_role_two : Set currentCertSN and currentCertID vars.] 
skipping: [device_one.mgt.net]

TASK [my_role_two : Writing devices with no certs to newDevices.txt.] 
skipping: [device_one.mgt.net]

TASK [my_role_two : Set newDevices var.] 
skipping: [device_one.mgt.net]

TASK [my_role_two : Creating new certificates.] 
skipping: [device_one.mgt.net] => (item=device_one.mgt.net) 

TASK [my_role_two : Set newCertData var for newly created cert (CER, ID, SN).] skipping: [device_one.mgt.net]

TASK [my_role_two : Reissuing certificates.] 
skipping: [device_one.mgt.net]

TASK [my_role_two : Set newCertData var with reissued cert data (CER, ID, SN).] 
skipping: [device_one.mgt.net]

TASK [my_role_two : Revoking old certificates.] 
skipping: [device_one.mgt.net]

PLAY RECAP device_one.mgt.net     : ok=6    changed=2    unreachable=0    failed=0    skipped=18   rescued=0    ignored=0

您可以看到我将“roleOneDevice”作为deviceType 传递,所以我希望只看到my_role_one 的日志输出,但在输出中,您会看到来自my_role_two 角色的日志。

    标签: ansible


    【解决方案1】:

    对于复杂性,您有不同的选择,但基本上我会使用 include_role 模块。

    使用这两种变体,您可以删除角色中的条件when: deviceType == "roleOneDevice"

    变体 1(不太复杂)

    您使用include_role 模块定义了两个任务,而不是两个角色。

    ---
- hosts: all
  connection: local
  gather_facts: no
  
  tasks:
    - name: Run role my_role_one
      include_role:
        name: my_role_one
      when: deviceType == "roleOneDevice"

    - name: Run role my_role_two
      include_role:
        name: my_role_two
      when: deviceType == "roleTwoDevice"

    对于include_role 的未执行任务,您将看到一个跳过,但不是针对角色的每一项任务。

    TASK [Run role my_role_two] ********************************************************************************************
skipping: [localhost]

    变体 2(更复杂)

    您可以根据您的设备类型定义一个变量,以及要执行的角色的名称 (run_role)。然后您只定义一个任务,该任务包含具有在run_role 变量中定义的名称的角色。为了安全起见,有一个条件是变量run_role 是真正定义的。

    ---
- hosts: all
  connection: local
  gather_facts: no
  
  vars:
    role_for_device:
      "roleOneDevice": my_role_one
      "roleTwoDevice": my_role_two

  pre_tasks:
    - name: Set run_role.
      set_fact:
        run_role: "{{ role_for_device[deviceType] }}"
      when: deviceType in role_for_device

  tasks:
    - name: Run device specific role
      include_role:
        name: "{{ run_role }}"
      when: run_role is defined

    使用此变体,您不会看到跳过任务不再存在,因为不存在需要跳过的任务。仅当deviceType 包含变量role_for_device 中不存在任何键的值时,这两个任务才会显示为跳过.

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 2020-02-05
      • 1970-01-01
      • 2021-08-18
      • 2021-02-06
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode