ansible - Ansible Playbook 使用具有一个或多个值的列表/字典

问题描述

我想使用 Ansible 自动创建 OpenShift 用户。

可以为一个或多个用户指定一个密码
每个用户将加入一个或多个组

我目前正在测试列表和子元素，并且很接近。

变量文件

---

host_group: localhost
users:
  - username: jdoe
    password: tester123
    groups:
      - test-group1
  - username: jdosephina
    password: tester456
    groups:
      - test-group2
      - test-group3

测试.yaml

---
- hosts: "{{ host_group | default('empty_group') }}"
  vars_files:
    - /etc/ansible/vars/openshift_user_creation_vars.yaml
  tasks:

  - name: Create user on master server
    debug:
      msg: "htpasswd -b /etc/origin/master/htpasswd {{ item[0].username }} {{ item[0].password }}"
    become: yes
    with_subelements:
      - "{{ users }}"
      - groups

  - name: Restart atomic service
    debug:
      msg: "systemctl restart atomic-openshift-master-api"
    become: yes

  - name: Add user to group
    debug:
      msg: "oc adm groups add-users {{ item[1] }} {{ item[0].username }}"
    with_subelements:
      - "{{ users }}"
      - groups

我现在遇到的问题是，如果指定了多个组（在此示例中为 jdosephina），则创建用户的第一个命令也会运行多次。

TASK [Create user on master server] *********************************************************************************************************************************************************************************************************
ok: [localhost] => (item=None) => {
    "msg": "htpasswd -b /etc/origin/master/htpasswd jdoe tester123"
}
ok: [localhost] => (item=None) => {
    "msg": "htpasswd -b /etc/origin/master/htpasswd jdosephina tester456"
}
ok: [localhost] => (item=None) => {
    "msg": "htpasswd -b /etc/origin/master/htpasswd jdosephina tester456"
}

TASK [Restart atomic service] ***************************************************************************************************************************************************************************************************************
ok: [localhost] => {
    "msg": "systemctl restart atomic-openshift-master-api"
}

TASK [Add user to group] ********************************************************************************************************************************************************************************************************************
ok: [localhost] => (item=None) => {
    "msg": "oc adm groups add-users test-group1 jdoe"
}
ok: [localhost] => (item=None) => {
    "msg": "oc adm groups add-users test-group2 jdosephina"
}
ok: [localhost] => (item=None) => {
    "msg": "oc adm groups add-users test-group3 jdosephina"
}

我最好的方法是根据组数运行一次或多次使用组的命令，但只为每个用户运行第一个命令一次？

标签： ansibleopenshift

我需要{{ item[0].username }} {{ item[0].password }}将用户创建块更改为{{ item.username }} {{ item.password }}、删除- groups和更改with_subelements为with_items.

全新剧本：

测试.yaml

---
- hosts: "{{ host_group | default('empty_group') }}"
  vars_files:
    - /etc/ansible/vars/openshift_user_creation_vars.yaml
  tasks:

  - name: Create user on master server
    debug:
      msg: "htpasswd -b /etc/origin/master/htpasswd {{ item.username }} {{ item.password }}"
    become: yes
    with_items:
      - "{{ users }}"

  - name: Restart atomic service
    debug:
      msg: "systemctl restart atomic-openshift-master-api"
    become: yes

  - name: Add user to group
    debug:
      msg: "oc adm groups add-users {{ item[1] }} {{ item[0].username }}"
    with_subelements:
      - "{{ users }}"
      - groups

ansible - Ansible Playbook 使用具有一个或多个值的列表/字典

问题描述

解决方案

推荐阅读