2016-04-21 65 views
0

在Ansible中,我有兩個單獨的任務來獲取redhat 6和7的現有服務列表,它們註冊到一個變量,然後我有另一個任務來停止這些服務如果我使用相同的變量,它會被最後一個任務覆蓋,所以它不會阻止任何事情。Ansible爲幾個任務註冊字典或動態變量

有沒有區分兩種結果的方法?但只能使用一項任務來停止服務?我嘗試了動態var名稱或創建一個字典,但沒有工作。

感謝

- name: Get registered services 
     command: bash -c "chkconfig --list | awk '{print $1}'" 
     register: loaded_services_{{ansible_distribution_major_version}} 
     when: ((ansible_os_family == "RedHat") and (ansible_distribution_major_version == "6")) 
     changed_when: False 
     tags: test 

    - name: Get registered services 
     command: bash -c "systemctl list-unit-files | grep enabled | cut -d. -f1" 
     register: loaded_services_{{ansible_distribution_major_version}} 
     when: ((ansible_os_family == "RedHat") and (ansible_distribution_major_version == "7")) 
     changed_when: False 
     tags: test 

    - name: shutdown unnecessary services 
     service: name={{ item }} enabled=no state=stopped 
     with_items: "{{ disable_services | intersect(loaded_services_{{ansible_distribution_major_version}}.stdout_lines)}}" 
     when: ansible_os_family == "RedHat" and ansible_distribution_major_version == "6" 
     tags: 
     - harden 
     - test 
     ignore_errors: yes 

回答

0

嘗試用塊,第一個以這種方式:

- block: 
    - name: Get registered services 
     command: bash -c "chkconfig --list | awk '{print $1}'" 
     register: loaded_services 
     changed_when: False 
     tags: test 
    when: ((ansible_os_family == "RedHat") and (ansible_distribution_major_version == "6")) 

    - block: 
    - name: Get registered services 
     command: bash -c "systemctl list-unit-files | grep enabled | cut -d. -f1" 
     register: loaded_services 
     changed_when: False 
     tags: test 
    when: ((ansible_os_family == "RedHat") and (ansible_distribution_major_version == "7")) 

    - name: shutdown unnecessary services 
    service: name={{ item }} enabled=no state=stopped 
    with_items: "{{ disable_services | intersect(loaded_services.stdout_lines)}}" 
    when: ansible_os_family == "RedHat" and ansible_distribution_major_version == "6" 
    tags: 
     - harden 
     - test 
    ignore_errors: yes 

如果doesn't工作,嘗試在這個其他方式:

- block: 
    - name: Get registered services 
     command: bash -c "chkconfig --list | awk '{print $1}'" 
     register: loaded_services 
     changed_when: False 
     tags: test 

    - name: shutdown unnecessary services 
     service: name={{ item }} enabled=no state=stopped 
     with_items: "{{ disable_services | intersect(loaded_services.stdout_lines)}}" 
     tags: 
     - harden 
     - test 
     ignore_errors: yes 

    when: ((ansible_os_family == "RedHat") and (ansible_distribution_major_version == "6")) 

    - block: 
    - name: Get registered services 
     command: bash -c "systemctl list-unit-files | grep enabled | cut -d. -f1" 
     register: loaded_services 
     changed_when: False 
     tags: test 

    - name: shutdown unnecessary services 
     service: name={{ item }} enabled=no state=stopped 
     with_items: "{{ disable_services | intersect(loaded_services.stdout_lines)}}" 
     tags: 
     - harden 
     - test 
     ignore_errors: yes 

    when: ((ansible_os_family == "RedHat") and (ansible_distribution_major_version == "7")) 
+0

有趣的是與選項一,變量仍然被跳過程序覆蓋:(「loaded_services」:「跳過」:true)...選項二將工作沒有塊(每個使用不同的變量),但這正是我試圖避免的 – Kenneth