小贝子编程

一个散列用于多个参数的可靠主机配置



我正在为应用程序配置网络端口,并相应地配置如下防火墙规则:

host_vars/hostXX.yaml:

cluster_nodes:
- map: TheIsland
user: theisland
network:
game_port: 7777
query_port: 27015
rcon_port: 27020
iptables_rules:
- rule:
chain: INPUT
interface: enp98s0f0
protocol: tcp
destination_port: 27020
jump: ACCEPT
- rule:
chain: INPUT
interface: enp98s0f0
protocol: udp
destination_port: 7777
jump: ACCEPT
- rule:
chain: INPUT
interface: enp98s0f0
protocol: udp
destination_port: 27015
jump: ACCEPT

我想实现的是,我想定义一个具有所有网络端口的哈希,然后引用它来配置应用程序和防火墙:

ark_cluster_ports:
theisland:
game_port: 7777
query_port: 27015
rcon_port: 27020
cluster_nodes:
- map: TheIsland
user: theisland
network:
game_port: > reference to ark_cluster_ports.theisland.game_port
query_port: > reference to ark_cluster_ports.theisland.query_port
rcon_port: > reference to ark_cluster_ports.theisland.rcon_port
iptables_rules:
- rule:
chain: INPUT
interface: enp98s0f0
protocol: tcp
destination_port: reference to ark_cluster_ports.theisland.rcon_port
jump: ACCEPT
- rule:
chain: INPUT
interface: enp98s0f0
protocol: udp
destination_port: reference to ark_cluster_ports.theisland.game_port
jump: ACCEPT
- rule:
chain: INPUT
interface: enp98s0f0
protocol: udp
destination_port: reference to ark_cluster_ports.theisland.query_port
jump: ACCEPT

到目前为止,我尝试的是锚点和合并运算符:

ark_cluster_ports: &ark_cluster_ports
theisland:
game_port: 7777
query_port: 27015
rcon_port: 27020
cluster_nodes:
- map: TheIsland
user: theisland
network:
<<: *ark_cluster_ports.theisland

使用字典查找:

ark_cluster_ports:
theisland:
game_port: 7777
query_port: 27015
rcon_port: 27020
cluster_nodes:
- map: TheIsland
user: theisland
network: "{{ lookup('dict', ark_cluster_ports.theisland) }}"

但我似乎完全错了。。。有人能给我指正确的方向吗?

非常感谢并致以最良好的问候,michael

TL;DR

以下是符合您问题中所述要求的YAML:

ark_cluster_ports:
theisland: &ark_cluster_ports_theisland
game_port: &ark_cluster_ports_theisland_game_port 7777
query_port: &ark_cluster_ports_theisland_query_port 27015
rcon_port: &ark_cluster_ports_theisland_rcon_port 27020
cluster_nodes:
- map: TheIsland
user: theisland
network:
<<: *ark_cluster_ports_theisland
iptables_rules:
- rule:
chain: INPUT
interface: enp98s0f0
protocol: tcp
destination_port: *ark_cluster_ports_theisland_rcon_port
jump: ACCEPT
- rule:
chain: INPUT
interface: enp98s0f0
protocol: udp
destination_port: *ark_cluster_ports_theisland_game_port
jump: ACCEPT
- rule:
chain: INPUT
interface: enp98s0f0
protocol: udp
destination_port: *ark_cluster_ports_theisland_query_port
jump: ACCEPT

YAML中的锚点和别名引用功能强大,但您正试图使其变得比YAML所能处理的更复杂。

您的问题是别名*ark_cluster_ports.theisland,它实际上太复杂了。

也就是说,你可以很容易地简化它,并立即锚定theisland密钥,例如:

ark_cluster_ports:
theisland: &ark_cluster_ports_theisland
game_port: 7777
query_port: 27015
rcon_port: 27020
cluster_nodes:
- map: TheIsland
user: theisland
network:
<<: *ark_cluster_ports_theisland

这将是一个工作剧本演示这个:

- hosts: all
gather_facts: no
tasks:
- debug:
var: cluster_nodes[0].network
vars:
ark_cluster_ports: 
theisland: &ark_cluster_ports_theisland
game_port: 7777
query_port: 27015
rcon_port: 27020
cluster_nodes:
- map: TheIsland
user: theisland
network:
<<: *ark_cluster_ports_theisland

这就产生了回顾:

PLAY [all] **************************************************************************************************************************************************
TASK [debug] ************************************************************************************************************************************************
ok: [localhost] => {
"cluster_nodes[0].network": {
"game_port": 7777,
"query_port": 27015,
"rcon_port": 27020
}
}
PLAY RECAP **************************************************************************************************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

对于iptables_rules字典,您也可以使用语法来锚定包含值的键

key: &anchor value

所以,在你的情况下:

rcon_port: &ark_cluster_ports_theisland_rcon_port 27020

下面是另一个演示的剧本:

- hosts: all
gather_facts: no
tasks:
- debug:
var: iptables_rules[0].destination_port
vars:
ark_cluster_ports: 
theisland: &ark_cluster_ports_theisland
game_port: 7777
query_port: 27015
rcon_port: &ark_cluster_ports_theisland_rcon_port 27020
cluster_nodes:
- map: TheIsland
user: theisland
network:
<<: *ark_cluster_ports_theisland
iptables_rules:
- rule:
chain: INPUT
interface: enp98s0f0
protocol: tcp
destination_port: *ark_cluster_ports_theisland_rcon_port

这就产生了回顾:

PLAY [all] *********************************************************************************************************
TASK [debug] *******************************************************************************************************
ok: [localhost] => {
"iptables_rules[0].destination_port": "27020"
}
PLAY RECAP *********************************************************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

相关内容

  • 没有找到相关文章

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium