我正在尝试docker.conf文件中插入一个字符串,但在 ansible 上失败可能是由于我的语法。当我手动执行此操作时有效。
变量:
memlock_value: "16777216:16777216"
docker_options_file: "/etc/systemd/system/docker.service.d/docker-options.conf"
任务是
- name: "Set in flag for ulimit in docker conf"
shell: |
- "sed '/^Environment=/ s/"$/ --default-ulimit memlock={{ memlock_value }}"/' {{ docker_options_file }} -i"
输出:
task path: /ansible-managed/jenkins-slave/slave1/workspace/teamd/run_ansible_playbook/k8s/baremetal/roles/team-node-config/tasks/main.yml
23:27:53 Tuesday 07 December 2021 07:27:53 +0000 (0:00:11.047) 0:00:19.487 ******
fatal: [node1]: FAILED! => {"changed": true, "cmd": "- "sed '/^Environment=/ s/\"$/ --default-ulimit memlock=16777216:16777216\"/' /etc/systemd/system/docker.service.d/docker-options.conf -i"n n", "delta": "0:00:00.004384", "end": "2021-12-07 07:27:53.586179", "msg": "non-zero return code", "rc": 2, "start": "2021-12-07 07:27:53.581795", "stderr": "/bin/sh: 0: Illegal option - ", "stderr_lines": ["/bin/sh: 0: Illegal option - "], "stdout": "", "stdout_lines": []}
手动命令工作:
sed '/^Environment=/ s/"$/ --default-ulimit memlock=16777216:16777216"/' /etc/systemd/system/docker.service.d/docker-options.conf -i
我也尝试了lineinefile,但它替换了整行,而不仅仅是在末尾插入
- name: "Set in flag for ulimit in docker conf"
lineinfile:
path: "{{ docker_options_file_dummy }}"
regexp: '^Environment='
insertafter: '^Environment=.+$'
line: "--default-ulimit memlock={{ memlock_value }}"
ignore_errors: yes
输出
=> {"backup": "", "changed": true, "msg": "line replaced"}
[Service]
--default-ulimit memlock=16777216:16777216
终于能够弄清楚它是,但我仍在努力弄清楚如何使其幂等。 多次运行继续在行尾添加内容。
- name: "add ulimit in tests file to end of line in {{ dummy_file }}"
lineinfile:
dest: "{{ dummy_file }}"
state: present
regexp: '^(Environment="[^"]*)'
backrefs: yes
line: '1 {{ ulimit_memlock_flag }}"'
任务前的文件
[Service]
Environment="DOCKER_OPTS= --data-root=/var/lib/docker --log-opt max-size=50m --log-opt max-file=5 --iptables=false"
任务后的文件
[Service]
Environment="DOCKER_OPTS= --data-root=/var/lib/docker --log-opt max-size=50m --log-opt max-file=5 --iptables=false --default-ulimit memlock=16777216:16777216"
终于能够弄清楚这里是幂等性的。 多次运行不会再次在行尾添加内容。
- name: "with idempotency add ulimit in tests file to end of line in {{ dummy_file }}"
lineinfile:
dest: "{{ dummy_file }}"
state: present
#regexp: '^(DOCKER_OPTS="[^"]*)'
regexp: (.*"DOCKER_OPTS=.*iptables=false)
backrefs: yes
line: '1 {{ ulimit_memlock_flag }}"'
任务前的文件
[Service]
Environment="DOCKER_OPTS= --data-root=/var/lib/docker --log-opt max-size=50m --log-opt max-file=5 --iptables=false"
任务运行后的文件 1
[Service]
Environment="DOCKER_OPTS= --data-root=/var/lib/docker --log-opt max-size=50m --log-opt max-file=5 --iptables=false --default-ulimit memlock=16777216:16777216"
任务运行后的文件 2
[Service]
Environment="DOCKER_OPTS= --data-root=/var/lib/docker --log-opt max-size=50m --log-opt max-file=5 --iptables=false --default-ulimit memlock=16777216:16777216"
块|文字文本不是数组。此外,删除全局引号"引号 - 命令不是单个命令,而是在空格上拆分,因此空格必须存在。
尝试:
shell: |
sed "'/^Environment=/ s/"$/ --default-ulimit memlock={{ memlock_value }}"/'" "{{ docker_options_file }}" -i
奇怪的是-i选项在最后。我认为最好:
shell: <
sed -i -e
"'/^Environment=/ s/"$/ --default-ulimit memlock={{ memlock_value }}"/'
"{{ docker_options_file }}"
你应该更喜欢command而不是shell
command:
argv:
- sed
- -i
- -e
- '/^Environment=/ s/"$/ --default-ulimit memlock={{ memlock_value }}"/'
- "{{ docker_options_file }}"
而且,您应该更喜欢lininfile而不是sed。沿途:
lineinfile:
regexp: '^(Environment=[^"]*)"'
backrefs: yes
line: '1 --default-ulimit memlock={{ memlock_value }}"'
path: "{{ docker_options_file }}"