ansible-playbook不限制主机
[英]ansible-playbook not limiting hosts
问题描述
I've got a hosts file, specifying a server belonging to multiple groups: 
我有一个主机文件,指定了一个属于多个组的服务器:
[web]
192.168.45.37
[integration]
192.168.45.37
[database]
192.168.45.37
The different groups have different roles applied to them in the playbook: 在剧本中,不同的小组具有不同的角色:
- hosts: all
roles:
- { role: base, tags: ['base'] }
- { role: logstash, tags: ['logstash'] }
- hosts: database
roles:
- { role: mysql, tags: ['database', 'mysql'] }
- { role: mysql-backup, tags: ['database', 'mysql', 'backup'] }
- hosts: web
roles:
- { role: nginx, tags: ['web', 'nginx'] }
- { role: ssl-certs, tags: ['web', 'ssl-certs'] }
- hosts: integration
roles:
- { role: jetty, tags: ['integration', 'jetty'] }
My problem is that when I go to run the playbook, trying to limit it to only the "roles" required by specifying the "group" with the "--limit" argument eg 我的问题是,当我去运行剧本时,尝试通过使用“ --limit”参数指定“ group”来将其限制为仅需要的“角色”
ansible-playbook -i hosts site.yml -l integration
It ends up running all of the plays against the server. 最终将对服务器运行所有播放。 Why does it do this? 为什么这样做呢? Can I get it to just run the set of plays/roles associated with that particular server group? 我能否只运行与该特定服务器组关联的一组播放/角色?
1 个解决方案
解决方案1
1 已采纳 2015-08-24 03:45:20
This is by design- under the covers, limits are implemented as a list of hosts, though the limit expression can be an arbitrarily complex combination of both hosts and groups. 这是设计使然-在幕后,限制被实现为主机列表,尽管limit表达式可以是主机和组的任意复杂组合。 We don't exclude group definitions that aren't specified in the limit expression (it sounds like that's what you want)- that would significantly hamper the utility of limit expressions for more complex use cases. 我们不排除没有在极限表达式中指定的组定义(听起来就是您想要的)-这将大大限制极限表达式在更复杂的用例中的实用性。
For example: if you had a play that targeted an intersection of two groups, "mysite:&myrole", I think the expectation would be that if you passed a limit expression of mysite, that it would run. 例如:如果您有一部针对两个群体的交集的剧本“ mysite:&myrole”,我认为可以期望的是,如果您传递了mysite的极限表达,它将可以运行。 If we explicitly dropped hosts for group defs that weren't specified in the limit expression, it wouldn't. 如果我们为限制定义中未指定的组定义显式删除主机,则不会。
Tags are definitely the right thing to use here, and they can be specified at the play level for the role-specific stuff so you don't have to repeat that part for each role/task underneath. 标记绝对是在这里使用的正确方法,并且可以在播放级别为特定于角色的东西指定标记,因此您不必为下面的每个角色/任务重复该部分。 The pre_tasks section should behave the same way with tags (ie, the tasks need to be tagged to run, though make sure you know about "always")- if they don't, that's definitely an issue you should report. pre_tasks部分的行为应与标签相同(即,必须对任务进行标记才能运行,尽管要确保您始终了解“总是”)-如果不这样做,则绝对是您应该报告的问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.