Ansible 重构代码,如可重用参数化 class 或函数
Ansible refactor code like reusable parameterized class or function
roles/mysql
├── handlers
│ └── main.yml
├── tasks
│ └── main.yml
├── templates
└── vars
└── main
├── mysql_user_privileges.yml
└── mysql_users.yml
var/main/mysql_user_privileges.yml
---
# MySQL Admin privileges
mysql_admin_user_host: "%"
mysql_admin_user_privileges: '*.*:ALL'
mysql_admin_user_pwd: secret
# MySQL Read-only Privileges
mysql_ro_user_host: "%"
mysql_ro_user_privileges: '*.*:SELECT'
mysql_ro_user_pwd: secret
mysql/tasks/main.yml
---
- name: Creating MySQL READ-ONLY Users ...
community.mysql.mysql_user:
# login_host: "{{ mysql_login_host }}"
login_port: "{{ mysql_login_port }}"
login_user: "{{ mysql_login_user }}"
login_password: "{{ mysql_login_pwd }}"
host: "{{ mysql_ro_user_host }}"
name: "{{ item }}"
password: "{{ mysql_ro_user_pwd }}"
priv: "{{ mysql_ro_user_privileges }}"
state: present
loop: "{{ mysql_ro_users }}"
- name: Creating MySQL ADMIN Users ...
community.mysql.mysql_user:
login_port: "{{ mysql_login_port }}"
login_user: "{{ mysql_login_user }}"
login_password: "{{ mysql_login_pwd }}"
host: "{{ mysql_admin_user_host }}"
name: "{{ item }}"
password: "{{ mysql_admin_user_pwd }}"
priv: "{{ mysql_admin_user_privileges }}"
state: present
loop: "{{ mysql_admin_users }}"
var/main/mysql_users.yml
---
# MySQL READ ONLY Users
mysql_ro_users:
- user1
# MySQL ADMIN Users
mysql_admin_users:
- user2
我是第一次尝试 Ansible。这是我在 mysql 服务器上创建具有 all 和只读(select)权限的用户的代码。我实际上是在 mysql_user_privileges.yml 和 tasks/main.yml 中重复我的代码。
我对 Puppet 有一点经验,我们可以使用参数化 类 并定义函数来最小化代码行和重复,但我在 Ansible 中找不到类似的东西。任何人都可以在 Ansible 中重构它或指导我正确的方向吗?
提前致谢!
您创建了一个与用户类型关联的参数:
- name: Creating All type of Users ...
community.mysql.mysql_user:
login_port: "{{ mysql_login_port }}"
login_user: "{{ mysql_login_user }}"
login_password: "{{ mysql_login_pwd }}"
host: "{{ vars[item[0] + '_host'] }}"
name: "{{ item[1] }}"
password: "{{ vars[item[0] + '_pwd'] }}"
priv: "{{ vars[item[0] + '_privileges'] }}"
state: present
loop: "{{ users | flatten(levels=1) }}"
vars:
users:
- "{{ ['mysql_ro_user'] | product(mysql_ro_users) }}"
- "{{ ['mysql_admin_user'] | product(mysql_admin_users) }}"
另一种编写任务的方法:
- name: Creating All type of Users ...
community.mysql.mysql_user:
# login_host: "{{ mysql_login_host }}"
login_port: "{{ mysql_login_port }}"
login_user: "{{ mysql_login_user }}"
login_password: "{{ mysql_login_pwd }}"
host: "{{ _host }}"
name: "{{ _name }}"
password: "{{ _pass }}"
priv: "{{ _priv }}"
state: present
loop: "{{ users | flatten(levels=1) }}"
vars:
users:
- "{{ ['mysql_ro_user'] | product(mysql_ro_users) }}"
- "{{ ['mysql_admin_user'] | product(mysql_admin_users) }}"
_host: "{{ vars[item[0] + '_host'] }}"
_pass: "{{ vars[item[0] + '_pwd'] }}"
_priv: "{{ vars[item[0] + '_privileges'] }}"
_name: "{{ item[1] }}"
_host: "{{ vars[item[0] + '_host'] }}"
可以写
_host: "{{ lookup('vars', item[0] + '_host') }}"
等等....
roles/mysql
├── handlers
│ └── main.yml
├── tasks
│ └── main.yml
├── templates
└── vars
└── main
├── mysql_user_privileges.yml
└── mysql_users.yml
var/main/mysql_user_privileges.yml
---
# MySQL Admin privileges
mysql_admin_user_host: "%"
mysql_admin_user_privileges: '*.*:ALL'
mysql_admin_user_pwd: secret
# MySQL Read-only Privileges
mysql_ro_user_host: "%"
mysql_ro_user_privileges: '*.*:SELECT'
mysql_ro_user_pwd: secret
mysql/tasks/main.yml
---
- name: Creating MySQL READ-ONLY Users ...
community.mysql.mysql_user:
# login_host: "{{ mysql_login_host }}"
login_port: "{{ mysql_login_port }}"
login_user: "{{ mysql_login_user }}"
login_password: "{{ mysql_login_pwd }}"
host: "{{ mysql_ro_user_host }}"
name: "{{ item }}"
password: "{{ mysql_ro_user_pwd }}"
priv: "{{ mysql_ro_user_privileges }}"
state: present
loop: "{{ mysql_ro_users }}"
- name: Creating MySQL ADMIN Users ...
community.mysql.mysql_user:
login_port: "{{ mysql_login_port }}"
login_user: "{{ mysql_login_user }}"
login_password: "{{ mysql_login_pwd }}"
host: "{{ mysql_admin_user_host }}"
name: "{{ item }}"
password: "{{ mysql_admin_user_pwd }}"
priv: "{{ mysql_admin_user_privileges }}"
state: present
loop: "{{ mysql_admin_users }}"
var/main/mysql_users.yml
---
# MySQL READ ONLY Users
mysql_ro_users:
- user1
# MySQL ADMIN Users
mysql_admin_users:
- user2
我是第一次尝试 Ansible。这是我在 mysql 服务器上创建具有 all 和只读(select)权限的用户的代码。我实际上是在 mysql_user_privileges.yml 和 tasks/main.yml 中重复我的代码。
我对 Puppet 有一点经验,我们可以使用参数化 类 并定义函数来最小化代码行和重复,但我在 Ansible 中找不到类似的东西。任何人都可以在 Ansible 中重构它或指导我正确的方向吗?
提前致谢!
您创建了一个与用户类型关联的参数:
- name: Creating All type of Users ...
community.mysql.mysql_user:
login_port: "{{ mysql_login_port }}"
login_user: "{{ mysql_login_user }}"
login_password: "{{ mysql_login_pwd }}"
host: "{{ vars[item[0] + '_host'] }}"
name: "{{ item[1] }}"
password: "{{ vars[item[0] + '_pwd'] }}"
priv: "{{ vars[item[0] + '_privileges'] }}"
state: present
loop: "{{ users | flatten(levels=1) }}"
vars:
users:
- "{{ ['mysql_ro_user'] | product(mysql_ro_users) }}"
- "{{ ['mysql_admin_user'] | product(mysql_admin_users) }}"
另一种编写任务的方法:
- name: Creating All type of Users ...
community.mysql.mysql_user:
# login_host: "{{ mysql_login_host }}"
login_port: "{{ mysql_login_port }}"
login_user: "{{ mysql_login_user }}"
login_password: "{{ mysql_login_pwd }}"
host: "{{ _host }}"
name: "{{ _name }}"
password: "{{ _pass }}"
priv: "{{ _priv }}"
state: present
loop: "{{ users | flatten(levels=1) }}"
vars:
users:
- "{{ ['mysql_ro_user'] | product(mysql_ro_users) }}"
- "{{ ['mysql_admin_user'] | product(mysql_admin_users) }}"
_host: "{{ vars[item[0] + '_host'] }}"
_pass: "{{ vars[item[0] + '_pwd'] }}"
_priv: "{{ vars[item[0] + '_privileges'] }}"
_name: "{{ item[1] }}"
_host: "{{ vars[item[0] + '_host'] }}"
可以写
_host: "{{ lookup('vars', item[0] + '_host') }}"
等等....