template:
src: foo.cfg.j2
dest: '{{ remote_install_path }}/foo.cfg'
name: '{{ abc }}'
dest: '{{ abc }}/abc.com'
dest: '{{ abc }}'/abc.com #문법 오류
- hosts: 192.168.100.11
vars:
msg: hello world
tasks:
- debug:
var: msg
- debug:
msg: '{{ msg }} korea'
- hosts: 192.168.100.11
vars:
msg: hello world
web:
message: hello web
fruits:
- apple
- banana
tasks:
- debug:
msg: '{{ msg }} korea'
- debug:
msg: "{{ web['message'] }}"
#msg: '{{ web["message"] }}' O
#msg: '{{ web['message'] }}' X
- debug:
msg: '{{ fruits[0] }} {{ fruits[1] }}'
등록: registered variable
- hosts: 192.168.100.11
tasks:
- yum:
name: httpd
state: installed
register: yum_result #등록 변수
- debug:
var: yum_result
- debug:
var: yum_result["rc"]
- hosts: a
vars:
message: hello
---
- hosts: 192.168.100.11
vars_prompt:
- name: username
prompt: What is your username?
private: no
- name: password
prompt: What is your password?
tasks:
- debug:
msg: 'Logging in as {{ username }}, password is {{ password }}'
참조
https://docs.ansible.com/ansible/latest/user_guide/playbooks_prompts.html#interactive-input-prompts
- hosts: a
vars_files:
- vars.yaml
tasks:
- debug:
var: msg
vars.yaml
msg: hello world
변수의 미치는 범위
특정 호스트 또는 그룹에게 영향을 줌
[nodes]
192.168.100.11 msg=seoul
192.168.100.12 msg=busan
[nodes:vars]
message="hello world"
- hosts: nodes
tasks:
- debug:
var: msg
- debug:
var: message
ansible-playbook test.yaml -e msg=korea
낮음
변수에서 필요한 내용만 취득
변수에서 값을 가공/형식변경(transform)
https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html
{{ msg | filter }}
- hosts: 192.168.100.11
vars:
pwd: P@ssw0rd
tasks:
- user:
name: devops
password: "{{ pwd | password_hash('sha512', 65534 | random(seed=inventory_hostname) | string) }}"
state: present
setup
모듈에 의해 수집(하드웨어, OS) 되는 호스트의 변수
플레이북 실행 항상 첫 작업 gathering facts
작업에 의해서 수집
- hosts: 192.168.100.11
gather_facts: no
https://docs.ansible.com/ansible/latest/reference_appendices/special_variables.html
jinja 템플릿
- hosts: 192.168.100.11
vars:
message: korea
tasks:
- copy:
src: origin.txt
dest: /tmp/copy.txt
- template:
src: origin.txt
dest: /tmp/template.txt
origin.txt
hello {{ message }} world
jinja 템프릿 파일 확장자
.j2
,.jinja2
Vagrant.configure("2") do |config|
# Define VM
config.vm.define "controller" do |centos|
centos.vm.box = "centos/7"
centos.vm.hostname = "controller"
centos.vm.network "private_network", ip: "192.168.100.10"
centos.vm.provider "virtualbox" do |vb|
vb.name = "controller"
vb.cpus = 2
vb.memory = 2048
end
end
# Define VM
config.vm.define "node1" do |centos|
centos.vm.box = "centos/7"
centos.vm.hostname = "node1"
centos.vm.network "private_network", ip: "192.168.100.11"
centos.vm.provider "virtualbox" do |vb|
vb.name = "node1"
vb.cpus = 2
vb.memory = 2048
end
end
# Define VM
config.vm.define "node2" do |centos|
centos.vm.box = "centos/7"
centos.vm.hostname = "node2"
centos.vm.network "private_network", ip: "192.168.100.12"
centos.vm.provider "virtualbox" do |vb|
vb.name = "node2"
vb.cpus = 2
vb.memory = 2048
end
end
# Define VM
config.vm.define "node3" do |ubuntu|
ubuntu.vm.box = "ubuntu/bionic64"
ubuntu.vm.hostname = "node3"
ubuntu.vm.network "private_network", ip: "192.168.100.13"
ubuntu.vm.provider "virtualbox" do |vb|
vb.name = "node3"
vb.cpus = 2
vb.memory = 2048
end
end
end
Netplan 도구
NetworkManager X
/etc/netplan/\*.yaml
netplan apply
보안
방화벽
Kernel(Netfilter) <-- iptables