未分类
通过ansible获取文件的几种方式
通过ansible获取文件的几种方式: 通过lookup读取ansible管理节点上的的内容, 并将其内容赋值给变量。如: 获取管理节点上的ssh key:
|
1 2 3 4 5 6 7 |
- name: Autoops | set ssh key set_fact: autoops_public_key: "{{ autoops_public_key | default(lookup('file', '/root/.ssh/id_rsa.pub')) }}" autoops_private_key: "{{ autoops_private_key | default(lookup('file', '/root/.ssh/id_rsa')) }}" delegate_to: localhost connection: local run_once: yes |
fetch 模块的作用就是”Fetches a file from remote nodes,fetch为”拿来”之意,当我们需要将受管主机中的文件拉取到ansible主机时,则可以使用此模块, 可以从远端将文件拉取到本地, 如获取k8s master节点上的ca证书到本地:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
- hosts: kube_control_plane:localhost gather_facts: False pre_tasks: - setup: gather_subset: 'min' tags: - kubeconfig_localhost - user_init tasks: - import_role: name: kubespray-defaults - name: "set_fact for current_user" set_fact: current_user: "{{ hostvars[inventory_hostname]['ansible_env'].USER }}" current_user_home: "{{ hostvars[inventory_hostname]['ansible_env'].HOME }}" tags: - kubeconfig_localhost - user_init - block: # edit admin.conf - name: modify admin.conf to api server domain lineinfile: dest: "{{ current_user_home }}/.kube/config" state: present regexp: '(^\s*.server: .*://).*(:.*$)' line: '\1{{ apiserver_loadbalancer_domain_name }}\2' backrefs: yes when: loadbalancer_apiserver is not defined delegate_to: localhost connection: local delegate_facts: yes become: no run_once: yes when: - kubeconfig_localhost tags: kubeconfig_localhost - name: Fetch ca.crt from master to ansible host fetch: src: "{{ kube_cert_compat_dir }}/ca.crt" dest: "{{ kube_cert_compat_dir }}/ca.crt" flat: yes validate_checksum: no register: copy_ca_result until: copy_ca_result is not failed retries: 20 become: no run_once: yes when: - kubeconfig_localhost - "'HOSTNAME' in hostvars['localhost']['ansible_env']" - "hostvars['localhost']['ansible_env'].get('HOSTNAME') not in groups['kube_control_plane']" tags: kubeconfig_localhost |
使用cat测试到变量 slurp 模块用于拉取远端文件的 base64 码, 可通过b64decode进行解码 任务: 获取etcd主机的ssl文件信息注册到变量, 用来生成etcdkeeper配置文件, 首先用cat来获取: tasks/main.yml:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
- block: - name: get remote file contents command: "cat {{ etcdkeeper_cacert_file }}" register: etcdkeeper_cacert_file - name: get remote file contents command: "cat {{ etcdkeeper_cert_file }}" register: etcdkeeper_cert_file - name: get remote file contents command: "cat {{ etcdkeeper_key_file }}" register: etcdkeeper_key_file when: - inventory_hostname == groups['etcd'][0] - name: show key contents debug: var: hostvars[groups['etcd'][0]].etcdkeeper_cacert_file.stdout - name: Autoops | Create addon dir file: path: "{{ item }}" state: directory owner: root group: root mode: 0755 recurse: yes with_items: - "{{ kube_config_dir }}/addons/etcdkeeper" when: - inventory_hostname == groups['kube_control_plane'][0] - name: Autoops | Create manifests template: src: "{{ item }}.yml.j2" dest: "{{ kube_config_dir }}/addons/etcdkeeper/{{ item }}.yml" vars: etcdkeeper_cacert: "{{ hostvars[groups['etcd'][0]].etcdkeeper_cacert_file.stdout }}" etcdkeeper_cert: "{{ hostvars[groups['etcd'][0]].etcdkeeper_cert_file.stdout }}" etcdkeeper_key: "{{ hostvars[groups['etcd'][0]].etcdkeeper_key_file.stdout }}" with_items: - etcdkeeper_ns - etcdkeeper_cm - etcdkeeper_deploy - etcdkeeper_svc register: etcdkeeper_manifests when: - inventory_hostname == groups['kube_control_plane'][0] - name: Autoops | Apply manifests shell: "{{ bin_dir }}/kubectl apply -f {{ kube_config_dir }}/addons/etcdkeeper/{{ item.item }}.yml" with_items: "{{ etcdkeeper_manifests.results }}" when: - inventory_hostname == groups['kube_control_plane'][0] |
结果发现, 生成的配置里, 换行符都被换成了空格 尝试使用slurp模块:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
- block: - name: Etcdkeeper | get remote ca file contents slurp: src: "{{ etcdkeeper_cacert_file }}" register: etcdkeeper_cacert_file - name: Etcdkeeper | get remote cert file contents slurp: src: "{{ etcdkeeper_cert_file }}" register: etcdkeeper_cert_file - name: Etcdkeeper | get remote key file contents slurp: src: "{{ etcdkeeper_key_file }}" register: etcdkeeper_key_file when: - inventory_hostname == groups['etcd'][0] - name: Etcdkeeper | Create addon dir file: path: "{{ item }}" state: directory owner: root group: root mode: 0755 recurse: yes with_items: - "{{ kube_config_dir }}/addons/etcdkeeper" when: - inventory_hostname == groups['kube_control_plane'][0] - name: Etcdkeeper | Create manifests template: src: "{{ item }}.yml.j2" dest: "{{ kube_config_dir }}/addons/etcdkeeper/{{ item }}.yml" vars: etcdkeeper_cacert: "{{ hostvars[groups['etcd'][0]].etcdkeeper_cacert_file.content | b64decode | regex_replace('\n', '\n ') }}" etcdkeeper_cert: "{{ hostvars[groups['etcd'][0]].etcdkeeper_cert_file.content | b64decode | regex_replace('\n', '\n ') }}" etcdkeeper_key: "{{ hostvars[groups['etcd'][0]].etcdkeeper_key_file.content | b64decode | regex_replace('\n', '\n ') }}" with_items: - etcdkeeper_ns - etcdkeeper_cm - etcdkeeper_deploy - etcdkeeper_svc register: etcdkeeper_manifests when: - inventory_hostname == groups['kube_control_plane'][0] |
结果换行符都保留了下来, 格式正确.