通过ansible获取文件的几种方式:
- 通过lookup读取ansible管理节点上的的内容, 并将其内容赋值给变量。如: 获取管理节点上的ssh key:
1234567- name: Autoops | set ssh keyset_fact:autoops_public_key: "{{ autoops_public_key | default(lookup('file', '/root/.ssh/id_rsa.pub')) }}"autoops_private_key: "{{ autoops_private_key | default(lookup('file', '/root/.ssh/id_rsa')) }}"delegate_to: localhostconnection: localrun_once: yes
- fetch 模块的作用就是”Fetches a file from remote nodes,fetch为”拿来”之意,当我们需要将受管主机中的文件拉取到ansible主机时,则可以使用此模块, 可以从远端将文件拉取到本地, 如获取k8s master节点上的ca证书到本地:
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354- hosts: kube_control_plane:localhostgather_facts: Falsepre_tasks:- setup:gather_subset: 'min'tags:- kubeconfig_localhost- user_inittasks:- import_role:name: kubespray-defaults- name: "set_fact for current_user"set_fact:current_user: "{{ hostvars[inventory_hostname]['ansible_env'].USER }}"current_user_home: "{{ hostvars[inventory_hostname]['ansible_env'].HOME }}"tags:- kubeconfig_localhost- user_init- block:# edit admin.conf- name: modify admin.conf to api server domainlineinfile:dest: "{{ current_user_home }}/.kube/config"state: presentregexp: '(^\s*.server: .*://).*(:.*$)'line: '\1{{ apiserver_loadbalancer_domain_name }}\2'backrefs: yeswhen: loadbalancer_apiserver is not defineddelegate_to: localhostconnection: localdelegate_facts: yesbecome: norun_once: yeswhen:- kubeconfig_localhosttags: kubeconfig_localhost- name: Fetch ca.crt from master to ansible hostfetch:src: "{{ kube_cert_compat_dir }}/ca.crt"dest: "{{ kube_cert_compat_dir }}/ca.crt"flat: yesvalidate_checksum: noregister: copy_ca_resultuntil: copy_ca_result is not failedretries: 20become: norun_once: yeswhen:- kubeconfig_localhost- "'HOSTNAME' in hostvars['localhost']['ansible_env']"- "hostvars['localhost']['ansible_env'].get('HOSTNAME') not in groups['kube_control_plane']"tags: kubeconfig_localhost
- 使用cat测试到变量
slurp模块用于拉取远端文件的 base64 码, 可通过b64decode进行解码
任务: 获取etcd主机的ssl文件信息注册到变量, 用来生成etcdkeeper配置文件, 首先用cat来获取:
tasks/main.yml:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
- block: - name: get remote file contents command: "cat {{ etcdkeeper_cacert_file }}" register: etcdkeeper_cacert_file - name: get remote file contents command: "cat {{ etcdkeeper_cert_file }}" register: etcdkeeper_cert_file - name: get remote file contents command: "cat {{ etcdkeeper_key_file }}" register: etcdkeeper_key_file when: - inventory_hostname == groups['etcd'][0] - name: show key contents debug: var: hostvars[groups['etcd'][0]].etcdkeeper_cacert_file.stdout - name: Autoops | Create addon dir file: path: "{{ item }}" state: directory owner: root group: root mode: 0755 recurse: yes with_items: - "{{ kube_config_dir }}/addons/etcdkeeper" when: - inventory_hostname == groups['kube_control_plane'][0] - name: Autoops | Create manifests template: src: "{{ item }}.yml.j2" dest: "{{ kube_config_dir }}/addons/etcdkeeper/{{ item }}.yml" vars: etcdkeeper_cacert: "{{ hostvars[groups['etcd'][0]].etcdkeeper_cacert_file.stdout }}" etcdkeeper_cert: "{{ hostvars[groups['etcd'][0]].etcdkeeper_cert_file.stdout }}" etcdkeeper_key: "{{ hostvars[groups['etcd'][0]].etcdkeeper_key_file.stdout }}" with_items: - etcdkeeper_ns - etcdkeeper_cm - etcdkeeper_deploy - etcdkeeper_svc register: etcdkeeper_manifests when: - inventory_hostname == groups['kube_control_plane'][0] - name: Autoops | Apply manifests shell: "{{ bin_dir }}/kubectl apply -f {{ kube_config_dir }}/addons/etcdkeeper/{{ item.item }}.yml" with_items: "{{ etcdkeeper_manifests.results }}" when: - inventory_hostname == groups['kube_control_plane'][0] |
结果发现, 生成的配置里, 换行符都被换成了空格
尝试使用slurp模块:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
- block: - name: Etcdkeeper | get remote ca file contents slurp: src: "{{ etcdkeeper_cacert_file }}" register: etcdkeeper_cacert_file - name: Etcdkeeper | get remote cert file contents slurp: src: "{{ etcdkeeper_cert_file }}" register: etcdkeeper_cert_file - name: Etcdkeeper | get remote key file contents slurp: src: "{{ etcdkeeper_key_file }}" register: etcdkeeper_key_file when: - inventory_hostname == groups['etcd'][0] - name: Etcdkeeper | Create addon dir file: path: "{{ item }}" state: directory owner: root group: root mode: 0755 recurse: yes with_items: - "{{ kube_config_dir }}/addons/etcdkeeper" when: - inventory_hostname == groups['kube_control_plane'][0] - name: Etcdkeeper | Create manifests template: src: "{{ item }}.yml.j2" dest: "{{ kube_config_dir }}/addons/etcdkeeper/{{ item }}.yml" vars: etcdkeeper_cacert: "{{ hostvars[groups['etcd'][0]].etcdkeeper_cacert_file.content | b64decode | regex_replace('\n', '\n ') }}" etcdkeeper_cert: "{{ hostvars[groups['etcd'][0]].etcdkeeper_cert_file.content | b64decode | regex_replace('\n', '\n ') }}" etcdkeeper_key: "{{ hostvars[groups['etcd'][0]].etcdkeeper_key_file.content | b64decode | regex_replace('\n', '\n ') }}" with_items: - etcdkeeper_ns - etcdkeeper_cm - etcdkeeper_deploy - etcdkeeper_svc register: etcdkeeper_manifests when: - inventory_hostname == groups['kube_control_plane'][0] |
结果换行符都保留了下来, 格式正确.
0 Comments