无论如何,有多个用户可以更有效地运行多个Ansible剧本吗? [英] Is there anyway to run multiple Ansible playbooks as multiple users more efficiently?
问题描述
目前我的剧本结构如下:
Currently my playbook structure is like this:
~/test_ansible_roles ❯❯❯ tree .
.
├── checkout_sources
│ └── tasks
│ └── main.yml
├── install_dependencies
│ └── tasks
│ └── main.yml
├── make_dirs
│ └── tasks
│ └── main.yml
├── setup_machine.yml
我的角色之一是在我的盒子上安装依赖项,因此我需要sudo.正因为如此,我需要完成所有其他任务:
One of the roles that I have is to install dependencies on my box, so for this I need sudo. Because of that all of my other tasks I need to include the stanza:
become: yes
become_user: my_username
有更好的方法吗?
推荐答案
您可以按以下方式设置become选项:
You can set the become options per:
- 剧本
- 角色
- 任务
每本剧本:
- hosts: whatever
become: yes
become_user: my_username
roles:
- checkout_sources
- install_dependencies
- make_dirs
每个角色:
- hosts: whatever
roles:
- checkout_sources
- role: install_dependencies
become: yes
become_user: my_username
- make_dirs
每个任务:
- shell: do something
become: yes
become_user: my_username
您可以根据需要将其组合.该剧本可以以用户A的身份运行,可以以用户B的身份运行,最后可以以用户C的身份运行在角色内部.
You can combine this however you like. The playbook can run as user A, a role as user B and finally a task inside the role as user C.
很少需要为每个剧本或角色定义become.如果角色中的单个任务需要sudo,则仅应为该特定任务而不是角色进行定义.
Defining become per playbook or role is rarely needed. If a single task inside a role requires sudo it should only be defined for that specific task and not the role.
如果角色中的多个任务需要become,则块可以派上用场避免复发:
If multiple tasks inside a role require become, blocks come in handy to avoid recurrence:
- block:
- shell: do something
- shell: do something
- shell: do something
become: yes
become_user: my_username
这篇关于无论如何,有多个用户可以更有效地运行多个Ansible剧本吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
