Linux 7 Ansible 初学 一个简单的 playbook 学习 yum 模块

编写一个简单的 playbook 要求被控制服务器[dev]组,安装 PHP 和 MariaDB   Development tools 并更新服务器的所有包到最新版本

[student@workstation ansible]$ vim package.yml 
[student@workstation ansible]$ cat package.yml 
- name: install package
  hosts: all
  - name: install php and mariaDB
      - php
      - mariadb
      state: present
    when: ansible_hostname in groups['dev']  

  - name: install the 'Development tools' package group
      name: "@Development tools"
      state: present
    when: ansible_hostname in groups['dev']

  - name: upgrade all packages
      name: "*"
      state: latest


[student@workstation ansible]$ ansible-playbook package.yml 

PLAY [install package] *********************************************************

TASK [Gathering Facts] *********************************************************
ok: [servera]
ok: [serverc]
ok: [serverb]
ok: [serverd]

TASK [install php and mariaDB] *************************************************
skipping: [serverd]
skipping: [serverc]
skipping: [serverb]
changed: [servera]

TASK [install the 'Development tools' package group] ***************************
skipping: [serverc]
skipping: [serverd]
skipping: [serverb]
changed: [servera]

TASK [upgrade all packages] ****************************************************
ok: [servera]
ok: [serverc]
ok: [serverb]
ok: [serverd]

PLAY RECAP *********************************************************************
servera                    : ok=4    changed=2    unreachable=0    failed=0   
serverb                    : ok=2    changed=0    unreachable=0    failed=0   
serverc                    : ok=2    changed=0    unreachable=0    failed=0   
serverd                    : ok=2    changed=0    unreachable=0    failed=0   


[student@workstation ansible]$ ansible dev -m shell -a 'rpm -qa|egrep "php|mariadb"'
servera | CHANGED | rc=0 >>

对于 yum 模块不熟悉的,可以通过 ansible-doc yum 命令查询帮助

[student@workstation ansible]$ ansible-doc yum
> YUM    (/usr/lib/python2.7/site-packages/ansible/modules/packaging/os/

        Installs, upgrade, downgrades, removes, and lists packages and
        groups with the `yum' package manager. This module only works
        on Python 2. If you require Python 3 support see the [dnf]

  * note: This module has a corresponding action plugin.

OPTIONS (= is mandatory):

- allow_downgrade
        Specify if the named package and version is allowed to
        downgrade a maybe already installed higher version of that
        package. Note that setting allow_downgrade=True can make this
        module behave in a non-idempotent way. The task could end up
        with a set of packages that does not match the complete list
        of specified packages to install (because dependencies between
        the downgraded package and others can cause changes to the
        packages which were in the earlier transaction).
        [Default: no]
        type: bool
        version_added: 2.4

- autoremove
        If `yes', removes all "leaf" packages from the system that
        were originally installed as dependencies of user-installed
        packages but which are no longer required by any such package.
        Should be used alone or when state is `absent'
        NOTE: This feature requires yum >= 3.4.3 (RHEL/CentOS 7+)
        [Default: False]
        type: bool
        version_added: 2.7

- bugfix
        If set to `yes', and `state=latest' then only installs updates
        that have been marked bugfix related.
        [Default: no]
        version_added: 2.6

- conf_file
        The remote yum configuration file to use for the transaction.
        [Default: (null)]
        version_added: 0.6

- disable_excludes
        Disable the excludes defined in YUM config files.
        If set to `all', disables all excludes.
        If set to `main', disable excludes defined in [main] in
        If set to `repoid', disable excludes defined for given repo
        [Default: (null)]
        version_added: 2.7

- disable_gpg_check
        Whether to disable the GPG checking of signatures of packages
        being installed. Has an effect only if state is `present' or
        [Default: no]
        type: bool
        version_added: 1.2

- disable_plugin
        `Plugin' name to disable for the install/update operation. The
        disabled plugins will not persist beyond the transaction.
        [Default: (null)]
        version_added: 2.5

- disablerepo
        `Repoid' of repositories to disable for the install/update
        operation. These repos will not persist beyond the
        transaction. When specifying multiple repos, separate them
        with a `","'.
        As of Ansible 2.7, this can alternatively be a list instead of
        `","' separated string
        [Default: (null)]
        version_added: 0.9

- download_only
        Only download the packages, do not install them.
        [Default: no]
        type: bool
        version_added: 2.7

- enable_plugin
        `Plugin' name to enable for the install/update operation. The
        enabled plugin will not persist beyond the transaction.
        [Default: (null)]
        version_added: 2.5

- enablerepo
        `Repoid' of repositories to enable for the install/update
        operation. These repos will not persist beyond the
        transaction. When specifying multiple repos, separate them
        with a `","'.
        As of Ansible 2.7, this can alternatively be a list instead of
        `","' separated string
        [Default: (null)]
        version_added: 0.9

- exclude
        Package name(s) to exclude when state=present, or latest
        [Default: (null)]
        version_added: 2.0

- installroot
        Specifies an alternative installroot, relative to which all
        packages will be installed.
        [Default: /]
        version_added: 2.3

- list
        Package name to run the equivalent of yum list <package>
        against. In addition to listing packages, use can also list
        the following: `installed', `updates', `available' and
        [Default: (null)]

- name
        A package name or package specifier with version, like
        If a previous version is specified, the task also needs to
        turn `allow_downgrade' on. See the `allow_downgrade'
        documentation for caveats with downgrading packages.
        When using state=latest, this can be `'*'' which means run
        `yum -y update'.
        You can also pass a url or a local path to a rpm file (using
        state=present). To operate on several packages this can accept
        a comma separated string of packages or (as of 2.0) a list of
        (Aliases: pkg)[Default: (null)]

- releasever
        Specifies an alternative release from which all packages will
        be installed.
        [Default: None]
        version_added: 2.7

- security
        If set to `yes', and `state=latest' then only installs updates
        that have been marked security related.
        [Default: no]
        type: bool
        version_added: 2.4

- skip_broken
        Skip packages with broken dependencies(devsolve) and are
        causing problems.
        [Default: no]
        type: bool
        version_added: 2.3

- state
        Whether to install (`present' or `installed', `latest'), or
        remove (`absent' or `removed') a package.
        `present' and `installed' will simply ensure that a desired
        package is installed.
        `latest' will update the specified package if it's not of the
        latest available version.
        `absent' and `removed' will remove the specified package.
        (Choices: absent, installed, latest, present,
        removed)[Default: present]

- update_cache
        Force yum to check if cache is out of date and redownload if
        needed. Has an effect only if state is `present' or `latest'.
        (Aliases: expire-cache)[Default: no]
        type: bool
        version_added: 1.9

- update_only
        When using latest, only update installed packages. Do not
        install packages.
        Has an effect only if state is `latest'
        [Default: no]
        type: bool
        version_added: 2.5

- use_backend
        This module supports `yum' (as it always has), this is known
        as `yum3'/`YUM3'/`yum-deprecated' by upstream yum developers.
        As of Ansible 2.7+, this module also supports `YUM4', which is
        the "new yum" and it has an `dnf' backend.
        By default, this module will select the backend based on the
        `ansible_pkg_mgr' fact.
        (Choices: auto, yum, yum4, dnf)[Default: auto]
        version_added: 2.7

- validate_certs
        This only applies if using a https url as the source of the
        rpm. e.g. for localinstall. If set to `no', the SSL
        certificates will not be validated.
        This should only set to `no' used on personally controlled
        sites using self-signed certificates as it avoids verifying
        the source site.
        Prior to 2.1 the code worked as if this was set to `yes'.
        [Default: yes]
        type: bool
        version_added: 2.1

      * When used with a `loop:` each package will be processed
        individually, it is much more efficient to pass the list
        directly to the `name` option.
      * In versions prior to 1.9.2 this module installed and
        removed each package given to the yum module separately.
        This caused problems when packages specified by filename
        or url had to be installed or removed together. In 1.9.2
        this was fixed so that packages are installed in one yum
        transaction. However, if one of the packages adds a new
        yum repository that the other packages come from (such
        as epel-release) then that package needs to be installed
        in a separate task. This mimics yum's command line
      * Yum itself has two types of groups.  "Package groups"
        are specified in the rpm itself while "environment
        groups" are specified in a separate file (usually by the
        distribution).  Unfortunately, this division becomes
        apparent to ansible users because ansible needs to
        operate on the group of packages in a single transaction
        and yum requires groups to be specified in different
        ways when used in that way.  Package groups are
        specified as "@development-tools" and environment groups
        are "@^gnome-desktop-environment". Use the "yum group
        list" command to see which category of group the group
        you want to install falls into.


AUTHOR: Ansible Core Team, Seth Vidal, Eduard Snesarev (@verm666), Berend De Sch
          - stableinterface
          supported_by: core

- name: install the latest version of Apache
    name: httpd
    state: latest

- name: ensure a list of packages installed
    name: "{{ packages }}"
    - httpd
    - httpd-tools

- name: remove the Apache package
    name: httpd
    state: absent

- name: install the latest version of Apache from the testing repo
    name: httpd
    enablerepo: testing
    state: present

- name: install one specific version of Apache
    name: httpd-2.2.29-1.4.amzn1
    state: present

- name: upgrade all packages
    name: '*'
    state: latest

- name: upgrade all packages, excluding kernel & foo related packages
    name: '*'
    state: latest
    exclude: kernel*,foo*

- name: install the nginx rpm from a remote repo
    state: present

- name: install nginx rpm from a local file
    name: /usr/local/src/nginx-release-centos-6-0.el6.ngx.noarch.rpm
    state: present

- name: install the 'Development tools' package group
    name: "@Development tools"
    state: present

- name: install the 'Gnome desktop' environment group
    name: "@^gnome-desktop-environment"
    state: present

- name: List ansible packages and register result to print with debug later.
    list: ansible
  register: result

- name: Install package with multiple repos enabled
    name: sos
    enablerepo: "epel,ol7_latest"

- name: Install package with multiple repos disabled
    name: sos
    disablerepo: "epel,ol7_latest"

- name: Install a list of packages
      - nginx
      - postgresql
      - postgresql-server
    state: present

- name: Download the nginx package but do not install it
      - nginx
    state: latest
    download_only: true



