Ansible:在服务列表上循环并从实际存在的不需要的服务列表中禁用这些服务 [英] Ansible: Loop over a list of services and disable those from a list of unwanted services which are actually present
问题描述
我正在使用Ansible从RHEL7.5的基础安装中构建基础映像 我想做的一件事就是禁用不需要的服务.所以我这样做:
I'm using Ansible to build a base image from a base installation of RHEL7.5 One of the things I want to do is to disable unwanted services. So I do this:
- name: "| disable unwanted services"
service:
name: "{{ item }}"
enabled: no
state: stopped
loop: "{{ disabled_services }}"
when: disabled_services is defined
可以正常工作,可以在localhost上进行测试;然后我在测试版本上进行了尝试,但由于我要管理的一项服务甚至不存在,因此出现了错误.
Which works fine, testing on localhost; then I try it on a test build, and it errors because one of the services I'm trying to manage isn't even present.
例如,disabled_services =="ntp postfix ip6tables",但未安装ip6tables.我会从这样的模块中得到一个错误:
Say for example that disabled_services == "ntp postfix ip6tables", but ip6tables isn't installed. I'll get an error from the module like so:
ok: [udggsydasd48] => (item=postfix)
failed: [udggsydasd48] (item=ip6tables) => {"changed": false, "item":"ip6tables", "msg": "Could not find the requested service ip6tables: host"}
因此,我正在调用service_facts模块以生成正在运行的服务的列表.在此循环中,我会将如果服务中有服务"放在此循环中的条件(和位置):
So I'm calling the service_facts module to generate a list of running services. What ( and where) in this loop would I put the "if service in services" conditional in this loop:
- name: "| disable unwanted services"
service:
name: "{{ item }}"
enabled: no
state: stopped
loop: "{{ disabled_services }}"
when: disabled_services is defined
因此,如果存在该软件,它将仅尝试从"disabled_services"中的阵列禁用服务?
So that it will only attempt to disable services from the array in "disabled_services" if the software is present?
我宁愿不使用fail_when:永远不要,因为这会隐藏其他错误.
I'd rather not use a fail_when: never, as this can hide other errors.
谢谢
推荐答案
After you load the list of running services, use the union filter.
loop: "{{ disabled_services | union(services) }}"
这篇关于Ansible:在服务列表上循环并从实际存在的不需要的服务列表中禁用这些服务的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
