我正在编写一个简单的Ansible剧本,用于RHEL在混合发行版的 Linux 机器上运行闰秒检测器。
这是剧本
---
- hosts: Linux
vars_files:
- ../group_vars/Linux.yml
tasks:
- name: Running RHEL leap second detector (will skip if distirubtion is not RHEL)
when: ansible_distribution == "RedHat"
script: ../scripts/leap_vulnerability.sh
register: result
changed_when: false
- name: RHEL Lead second detector result
when: ansible_distribution == "RedHat"
fail: msg="Kernel {{ansible_kernel}} is vulnerable"
failed_when: "'kernel is vulnerable' in result.stdout"
它工作正常,这是输出的示例
TASK: [Running RHEL leap second detector (will skip if distirubtion is not RHEL)] ***
skipping: [UTIL02]
skipping: [UTIL01]
ok: [SERV01]
ok: [SERV02]
TASK: [RHEL Lead second detector result] **************************************
skipping: [UTIL02]
skipping: [UTIL01]
failed: [SERV01] => {"failed": true, "failed_when_result": true}
msg: Kernel 2.6.18-53.el5 is vulnerable
failed: [SERV02] => {"failed": true, "failed_when_result": true}
msg: Kernel 2.6.18-53.el5 is vulnerable
PLAY RECAP ********************************************************************
UTIL01 : ok=1 changed=0 unreachable=0 failed=0
UTIL02 : ok=1 changed=0 unreachable=0 failed=0
SERV01 : ok=2 changed=0 unreachable=0 failed=1
SERV02 : ok=2 changed=0 unreachable=0 failed=1
正如您所看到的,有一行额外的消息我并不真正想要。
failed: [SERV01] => {"failed": true, "failed_when_result": true}
是否可以不打印条件评估消息而只打印我定义的错误消息?类似下面的东西
failed: Kernel 2.6.18-53.el5 is vulnerable
答案1
似乎没有办法改变 的正常输出ansible-playbook。但是您可以通过使用生成额外的输出回调插件。
您也许可以编写一个插件来获取自己的输出,而通过将其重定向到/dev/null.
答案2
failed_when这可能有点晚了,但是当你使用该模块时不需要使用fail。常规when应该足够了,不会显示条件评估消息。