Ansible变量详解（变量定义+变量优先级+变量注册+层级定义变量+facts缓存变量）

本篇文章详细给大家介绍Ansible变量，变量适合管理剧本中每个项目的动态值，或是某些值在多个地方重复使用，如果将此值设置为变量再在其他地方调用会方便许多。会用变量，才算真正会用Ansible，话不多说，直接开始。

1.变量定义

在测试情况下，可以在命令行中定义变量；当变量较少，不会被其他剧本调用的情况下，可以在剧本头部进行定义；当有较多playbook调用时，可以在文件中定义变量；也可以通过主机清单中定义变量，但是一般不推荐；也可以采取官方推荐的定义方式。一共四种定义方式。

（1）命令行定义变量

主机清单的变量会被剧本文件的方式覆盖，这两种方式的变量又会被命令行定义的方式覆盖，命令行可以使用--extra-vars或者-e设置变量。

[root@Ansible test]# cat test.yml
- hosts: web_grouptasks:- name: install httpd serveryum:name: "{{ web_server }}"
[root@Ansible test]# ansible-playbook test.yml -e "web_server=vsftpd"    #定义变量并运行[root@Ansible test]# cat test.yml
- hosts: web_grouptasks:- name: install httpd serveryum:name: - "{{ web_server }}"- "{{ db_server }}"
[root@Ansible test]# ansible-play test.yml -e "web_server=vsftpd" -e "db_server=mariadb-server"    #定义多个变量并运行

（2）剧本头部进行定义

#1、将一个列表定义在一个变量中
[root@Ansible test]# cat test.yml
- hosts: web_groupvars:packages:- httpd- mariadb-server- php- php-mysql- php-pdotasks:- name: install httpd ....yum: name: "{{ packages }}"#2、以列表的形式，一个内容定义一个变量
[root@Ansible test]# cat test.yml
- hosts: web_groupvars:- web_server: httpd- db_server: mariadb-server- php_server: php,php-mysql,php-pdotasks:- name: install httpd ....yum: name: - "{{ web_server }}"- "{{ db_server }}"- "{{ php_server }}"#3、以列表形式，多个内容由多个变量定义，最后拼接调用
[root@Ansible test]# cat test.yml
- hosts: web_groupvars:- ngx_ver: 1.1- ngx_dir: webtasks:- name: touchfile: name: /tmp/{{ ngx_dir }}_{{ ngx_ver }}state: touch#获取并调用Ansible内置变量
[root@Ansible test]# cat test.yml
- hosts: web_groupvars: - remote_ip: "{{ ansible_default_ipv4['address'] }}"- remote_hostname: "{{ ansible_fqdn }}"tasks:- name: touch ip filefile:path: /root/{{ remote_ip }}state: touch- name: touch hostname filefile:path: /root/{{ remote_hostname }}state: touch

（3）文件中定义变量

剧本头部定义变量的缺陷是只能当前变量使用，其他文件无法调用该变量文件，我们可以在文件中定义变量解决这个问题。

[root@Ansible test]# cat vars1.yml 
web_server: httpd
[root@Ansible test]# cat vars2.yml 
db_server: mariadb-server
[root@Ansible test]# cat test.yml    #调用一个文件一个变量
- hosts: web_groupvars_files: vars1.ymltasks:- name: install httpd mariadbyum:name: "{{ web_server }}"    [root@Ansible test]# cat test.yml    #调用多个文件多个变量
- hosts: web_groupvars_files: - vars1.yml- vars2.ymltasks:- name: install httpd mariadbyum:name: - "{{ web_server }}"- "{{ db_server }}"

（4）主机清单定义变量

在主机清单中定义变量，主机的变量要高于主机组的变量，所以该方法不推荐使用，容易将环境弄乱。

[root@Ansible test]# vim /etc/ansible/hosts
[web_group]
web01 ansible_ssh_host=10.0.0.7
web02 ansible_ssh_host=10.0.0.8
[web_group:vars]
web_server=httpd
index_file=index.html- hosts: web_grouptasks:- name: Install httpd Serveryum:name: "{{ web_server }}"- name: Create Index Filefile:path: /tmp/{{ index_file }}state: touch

（5）官方推荐定义变量

创建group_vars目录，在里面创建以组名命名的文件给组定义变量，想对所有主机进行定义使用组下面的all进行定义。

[root@Ansible test]# mkdir group_vars
[root@Ansible test]# cat group_vars/web_group 
web_server: httpd
[root@Ansible test]# cat test.yml 
- hosts: web_grouptasks:- name: install httpd serveryum:name: "{{ web_server }}"

创建host_vars目录，在里面创建以主机别名命名的文件给主机定义变量。

[root@Ansible test]# mkdir host_vars
[root@Ansible test]# cat host_vars/web01
web_server: nginx
[root@Ansible test]# cat test.yml 
- hosts: web_grouptasks:- name: install httpd serveryum:name: "{{ web_server }}"

2.变量优先级

变量读取优先级命令行>playbook文件>主机列表文件注意：尽量使用一种定义变量的方式进行定义，太乱了不容易操作

3.变量注册

Ansible模块运行时，都会返回一些result结果，类似于执行脚本，我们需要获取这些结果，判断上一步是否执行成功，默认情况下，Ansible的result并不会显示出来，所以，我们可以吧这些返回值储存到变量之中，通过调用对应的变量名，获取这些result。这种将模块的返回值写入到变量的方法叫做变量注册。

[root@Ansible test]# cat test.yml 
- hosts: web_grouptasks:- name: test register varsshell: "ls -l /"
[root@Ansible test]# ansible-playbook test.yml    PLAY [web_group] ***************************************************************TASK [Gathering Facts] *********************************************************
ok: [web01]
ok: [web02]TASK [test register vars] ******************************************************
changed: [web02]
changed: [web01]PLAY RECAP *********************************************************************
web01                      : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
web02                      : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

当我们执行这个命令时，并不会给我们返回结果，只会返回changed是否改变，这时我们使用变量注册。

[root@Ansible test]# cat test.yml 
- hosts: web_grouptasks:- name: test register varsshell: "ls -l /"register: list_dir- name: return resultdebug:msg: "{{ list_dir }}"                                                [root@Ansible test]# ansible-playbook test.ymlPLAY [web_group] ***************************************************************TASK [Gathering Facts] *********************************************************
ok: [web01]
ok: [web02]TASK [test register vars] ******************************************************
changed: [web02]
changed: [web01]TASK [return result] ***********************************************************
ok: [web01] => {"msg": {"changed": true, "cmd": "ls -l /", "delta": "0:00:00.073085", "end": "2023-04-19 17:30:57.892956", "failed": false, "rc": 0, "start": "2023-04-19 17:30:57.819871", "stderr": "", "stderr_lines": [], "stdout": "total 24\nlrwxrwxrwx.   1 root root    7 Mar 29 18:30 bin -> usr/bin\ndr-xr-xr-x.   5 root root 4096 Mar 29 18:41 boot\ndrwxr-xr-x    6 www  www    71 Apr 19 08:29 code\ndrwxr-xr-x   19 root root 3200 Apr 18 22:37 dev\ndrwxr-xr-x.  90 root root 8192 Apr 19 17:20 etc\ndrwxr-xr-x.   2 root root    6 Apr 11  2018 home\nlrwxrwxrwx.   1 root root    7 Mar 29 18:30 lib -> usr/lib\nlrwxrwxrwx.   1 root root    9 Mar 29 18:30 lib64 -> usr/lib64\ndrwxr-xr-x.   2 root root    6 Apr 11  2018 media\ndrwxr-xr-x.   2 root root    6 Apr 11  2018 mnt\ndrwxr-xr-x.   2 root root    6 Apr 11  2018 opt\ndr-xr-xr-x  128 root root    0 Mar 30 20:56 proc\ndr-xr-x---.   5 root root  197 Apr 19 16:25 root\ndrwxr-xr-x   29 root root  740 Apr 19 17:20 run\nlrwxrwxrwx.   1 root root    8 Mar 29 18:30 sbin -> usr/sbin\ndrwxr-xr-x.   2 root root    6 Apr 11  2018 srv\ndr-xr-xr-x   13 root root    0 Apr 19 17:28 sys\ndrwxrwxrwt.  11 root root 4096 Apr 19 17:30 tmp\ndrwxr-xr-x.  13 root root  155 Mar 29 18:30 usr\ndrwxr-xr-x.  21 root root 4096 Apr 19 17:20 var", "stdout_lines": ["total 24", "lrwxrwxrwx.   1 root root    7 Mar 29 18:30 bin -> usr/bin", "dr-xr-xr-x.   5 root root 4096 Mar 29 18:41 boot", "drwxr-xr-x    6 www  www    71 Apr 19 08:29 code", "drwxr-xr-x   19 root root 3200 Apr 18 22:37 dev", "drwxr-xr-x.  90 root root 8192 Apr 19 17:20 etc", "drwxr-xr-x.   2 root root    6 Apr 11  2018 home", "lrwxrwxrwx.   1 root root    7 Mar 29 18:30 lib -> usr/lib", "lrwxrwxrwx.   1 root root    9 Mar 29 18:30 lib64 -> usr/lib64", "drwxr-xr-x.   2 root root    6 Apr 11  2018 media", "drwxr-xr-x.   2 root root    6 Apr 11  2018 mnt", "drwxr-xr-x.   2 root root    6 Apr 11  2018 opt", "dr-xr-xr-x  128 root root    0 Mar 30 20:56 proc", "dr-xr-x---.   5 root root  197 Apr 19 16:25 root", "drwxr-xr-x   29 root root  740 Apr 19 17:20 run", "lrwxrwxrwx.   1 root root    8 Mar 29 18:30 sbin -> usr/sbin", "drwxr-xr-x.   2 root root    6 Apr 11  2018 srv", "dr-xr-xr-x   13 root root    0 Apr 19 17:28 sys", "drwxrwxrwt.  11 root root 4096 Apr 19 17:30 tmp", "drwxr-xr-x.  13 root root  155 Mar 29 18:30 usr", "drwxr-xr-x.  21 root root 4096 Apr 19 17:20 var"]}
}
ok: [web02] => {"msg": {"changed": true, "cmd": "ls -l /", "delta": "0:00:00.072887", "end": "2023-04-19 17:30:57.891135", "failed": false, "rc": 0, "start": "2023-04-19 17:30:57.818248", "stderr": "", "stderr_lines": [], "stdout": "total 28\nlrwxrwxrwx.   1 root root    7 Mar 29 18:30 bin -> usr/bin\ndr-xr-xr-x.   5 root root 4096 Mar 29 18:41 boot\ndrwxr-xr-x    6 www  www    71 Apr 19 08:29 code\ndrwxr-xr-x   19 root root 3200 Apr 18 22:37 dev\ndrwxr-xr-x.  90 root root 8192 Apr 19 17:20 etc\ndrwxr-xr-x.   2 root root    6 Apr 11  2018 home\nlrwxrwxrwx.   1 root root    7 Mar 29 18:30 lib -> usr/lib\nlrwxrwxrwx.   1 root root    9 Mar 29 18:30 lib64 -> usr/lib64\ndrwxr-xr-x.   2 root root    6 Apr 11  2018 media\ndrwxr-xr-x.   2 root root    6 Apr 11  2018 mnt\ndrwxr-xr-x.   2 root root    6 Apr 11  2018 opt\ndr-xr-xr-x  127 root root    0 Mar 30 20:56 proc\ndr-xr-x---.   5 root root 4096 Apr 19 16:25 root\ndrwxr-xr-x   29 root root  740 Apr 19 17:20 run\nlrwxrwxrwx.   1 root root    8 Mar 29 18:30 sbin -> usr/sbin\ndrwxr-xr-x.   2 root root    6 Apr 11  2018 srv\ndr-xr-xr-x   13 root root    0 Apr 19 17:28 sys\ndrwxrwxrwt.  10 root root 4096 Apr 19 17:30 tmp\ndrwxr-xr-x.  13 root root  155 Mar 29 18:30 usr\ndrwxr-xr-x.  21 root root 4096 Apr 19 17:20 var", "stdout_lines": ["total 28", "lrwxrwxrwx.   1 root root    7 Mar 29 18:30 bin -> usr/bin", "dr-xr-xr-x.   5 root root 4096 Mar 29 18:41 boot", "drwxr-xr-x    6 www  www    71 Apr 19 08:29 code", "drwxr-xr-x   19 root root 3200 Apr 18 22:37 dev", "drwxr-xr-x.  90 root root 8192 Apr 19 17:20 etc", "drwxr-xr-x.   2 root root    6 Apr 11  2018 home", "lrwxrwxrwx.   1 root root    7 Mar 29 18:30 lib -> usr/lib", "lrwxrwxrwx.   1 root root    9 Mar 29 18:30 lib64 -> usr/lib64", "drwxr-xr-x.   2 root root    6 Apr 11  2018 media", "drwxr-xr-x.   2 root root    6 Apr 11  2018 mnt", "drwxr-xr-x.   2 root root    6 Apr 11  2018 opt", "dr-xr-xr-x  127 root root    0 Mar 30 20:56 proc", "dr-xr-x---.   5 root root 4096 Apr 19 16:25 root", "drwxr-xr-x   29 root root  740 Apr 19 17:20 run", "lrwxrwxrwx.   1 root root    8 Mar 29 18:30 sbin -> usr/sbin", "drwxr-xr-x.   2 root root    6 Apr 11  2018 srv", "dr-xr-xr-x   13 root root    0 Apr 19 17:28 sys", "drwxrwxrwt.  10 root root 4096 Apr 19 17:30 tmp", "drwxr-xr-x.  13 root root  155 Mar 29 18:30 usr", "drwxr-xr-x.  21 root root 4096 Apr 19 17:20 var"]}
}PLAY RECAP *********************************************************************
web01                      : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
web02                      : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

内容很多，我们让其输入自己想要的内容。

[root@Ansible test]# cat test.yml
- hosts: web_grouptasks:- name: test register varsshell: "ls -l /"register: list_dir- name: return resultdebug:msg: "{{ list_dir.stdout_lines }}"
[root@Ansible test]# ansible-playbook test.yml PLAY [web_group] ***************************************************************TASK [Gathering Facts] *********************************************************
ok: [web02]
ok: [web01]TASK [test register vars] ******************************************************
changed: [web02]
changed: [web01]TASK [return result] ***********************************************************
ok: [web01] => {"msg": ["total 24", "lrwxrwxrwx.   1 root root    7 Mar 29 18:30 bin -> usr/bin", "dr-xr-xr-x.   5 root root 4096 Mar 29 18:41 boot", "drwxr-xr-x    6 www  www    71 Apr 19 08:29 code", "drwxr-xr-x   19 root root 3200 Apr 18 22:37 dev", "drwxr-xr-x.  90 root root 8192 Apr 19 17:20 etc", "drwxr-xr-x.   2 root root    6 Apr 11  2018 home", "lrwxrwxrwx.   1 root root    7 Mar 29 18:30 lib -> usr/lib", "lrwxrwxrwx.   1 root root    9 Mar 29 18:30 lib64 -> usr/lib64", "drwxr-xr-x.   2 root root    6 Apr 11  2018 media", "drwxr-xr-x.   2 root root    6 Apr 11  2018 mnt", "drwxr-xr-x.   2 root root    6 Apr 11  2018 opt", "dr-xr-xr-x  129 root root    0 Mar 30 20:56 proc", "dr-xr-x---.   5 root root  197 Apr 19 16:25 root", "drwxr-xr-x   29 root root  740 Apr 19 17:20 run", "lrwxrwxrwx.   1 root root    8 Mar 29 18:30 sbin -> usr/sbin", "drwxr-xr-x.   2 root root    6 Apr 11  2018 srv", "dr-xr-xr-x   13 root root    0 Apr 19 17:28 sys", "drwxrwxrwt.  11 root root 4096 Apr 19 17:34 tmp", "drwxr-xr-x.  13 root root  155 Mar 29 18:30 usr", "drwxr-xr-x.  21 root root 4096 Apr 19 17:20 var"]
}
ok: [web02] => {"msg": ["total 28", "lrwxrwxrwx.   1 root root    7 Mar 29 18:30 bin -> usr/bin", "dr-xr-xr-x.   5 root root 4096 Mar 29 18:41 boot", "drwxr-xr-x    6 www  www    71 Apr 19 08:29 code", "drwxr-xr-x   19 root root 3200 Apr 18 22:37 dev", "drwxr-xr-x.  90 root root 8192 Apr 19 17:20 etc", "drwxr-xr-x.   2 root root    6 Apr 11  2018 home", "lrwxrwxrwx.   1 root root    7 Mar 29 18:30 lib -> usr/lib", "lrwxrwxrwx.   1 root root    9 Mar 29 18:30 lib64 -> usr/lib64", "drwxr-xr-x.   2 root root    6 Apr 11  2018 media", "drwxr-xr-x.   2 root root    6 Apr 11  2018 mnt", "drwxr-xr-x.   2 root root    6 Apr 11  2018 opt", "dr-xr-xr-x  127 root root    0 Mar 30 20:56 proc", "dr-xr-x---.   5 root root 4096 Apr 19 16:25 root", "drwxr-xr-x   29 root root  740 Apr 19 17:20 run", "lrwxrwxrwx.   1 root root    8 Mar 29 18:30 sbin -> usr/sbin", "drwxr-xr-x.   2 root root    6 Apr 11  2018 srv", "dr-xr-xr-x   13 root root    0 Apr 19 17:28 sys", "drwxrwxrwt.  10 root root 4096 Apr 19 17:34 tmp", "drwxr-xr-x.  13 root root  155 Mar 29 18:30 usr", "drwxr-xr-x.  21 root root 4096 Apr 19 17:20 var"]
}PLAY RECAP *********************************************************************
web01                      : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
web02                      : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

debug模块常用参数

msg #调试输出的消息

var #将某个任务执行的输出作为变量传递给debug模块，debug会直接将其打印输出

verbosity #debug的级别（默认是0，全部显示）

4.层级定义变量

（1）编辑变量文件

[root@Ansible test]# cat vars_file.yml
lamp:framework:web_package: httpddb_package: mariadb-serverphp_package: phplnmp:framework:web_package: nginxdb_package: mysqlphp_package: phplnmt:framework:web_package: nginxdb_package: mysqljava_package: tomcat

（2）编辑剧本文件

#简单写法
[root@Ansible test]# cat test.yml
- hosts: web_groupvars_files: vars_file.ymltasks:- name: install lamp httpdyum:name: "{{ lamp.framework.web_package }}"- name: install lamp mariadb-serveryum:name: "{{ lamp.framework.db_package }}"- name: install lamp phpyum:name: "{{ lamp.framework.php_package }}"#官方推荐写法
[root@Ansible test]# cat test.yml
- hosts: web_groupvars_files: vars_file.ymltasks:- name: install lamp httpdyum:name: "{{ lamp['framework']['web_package'] }}"- name: install lamp mariadb-serveryum:name: "{{ lamp['framework']['db_package'] }}"- name: install lamp phpyum:name: "{{ lamp['framework']['php_package'] }}"

（3）执行剧本

[root@Ansible test]# ansible-playbook test.yml PLAY [web_group] ***************************************************************TASK [Gathering Facts] *********************************************************
ok: [web01]
ok: [web02]TASK [install lamp httpd] ******************************************************
ok: [web01]
ok: [web02]TASK [install lamp mariadb-server] *********************************************
ok: [web01]
ok: [web02]TASK [install lamp php] ********************************************************
ok: [web01]
ok: [web02]PLAY RECAP *********************************************************************
web01                      : ok=4    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
web02                      : ok=4    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

5.facts缓存变量

Ansible facts是在客户端主机通过Ansible自动采集发现的变量，facts包含每台特定的主机信息，如被控端的主机名、IP地址、系统版本、CPU数量、内存状态、磁盘状态等等。

（1）fasts使用场景

1、通过facts缓存检查CPU，来生成对应的nginx配置文件2、通过facts缓存检查主机名，生成不同的zabbix配置文件3、通过facts缓存检索物理机的内存大小来生成不同的mysql配置文件Ansible facts类似于saltstack中的grains，对于做自动化非常有帮助！

（2）fasts用法

[root@Ansible test]# cat test.yml 
- hosts: web_groupvars_files: vars_file.ymltasks:- name: get host infodebug:msg: Hostname "{{ ansible_fqdn }}" and IP "{{ an
sible_default_ipv4.address }}"[root@Ansible test]# ansible-playbook test.yml PLAY [web_group] ***************************************************************TASK [Gathering Facts] *********************************************************
ok: [web01]
ok: [web02]TASK [get host info] ***********************************************************
ok: [web01] => {"msg": "Hostname \"Web01\" and IP \"10.0.0.7\""
}
ok: [web02] => {"msg": "Hostname \"Web02\" and IP \"10.0.0.8\""
}PLAY RECAP *********************************************************************
web01                      : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
web02                      : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

（3）关闭fasts

[root@Ansible test]# cat test.yml
- hosts: web_groupgather_facts: no #关闭信息采集vars_files: vars_file.ymltasks:- name: get host infodebug:msg: Hostname "{{ ansible_fqdn }}" and IP "{{ ansible_default_ipv4.address }}"

（4）fasts生成zabbix配置文件

[root@Ansible test]# cat test.yml
- hosts: web_groupvars: - zabbix_server: 172.16.1.71tasks:- name: copy zabbix agent conftemplate:                    #作用是将管理机上的变量内容覆盖到客户机的目标配置文件中src: ./zabbix_agentd.confdest: /tmp/zabbix_agentd.conf

（5）facts生成mysqld配置文件

- hosts: db_grouptasks:- name: Install mysql serveryum:name: mariadb-serverstate: present- name: copy mysql  conftemplate:                  #作用是将管理机上的变量内容覆盖到客户机的目标配置文件中src: ./my.cnfdest: /etc/my.cnf[root@m01 ~]# vim /etc/my.cnf
[mysqld]
basedir=/usr
datadir=/var/lib/mysql/
socket=/var/lib/mysql/mysql.sock
log_error=/var/log/mariadb/mariadb.log
innodb_buffer_pool_size={{ ansible_memtotal_mb * 0.8 }}