对ansible不支持service模块的status命令进行修正
原生的ansible不支持service.status,在Google之后,发现有人提交了一个patch,可以支持status选项.见https://github.com/ritzk/ansible-modules-core/commit/ab4c9c226e94371c2b60aab57ef5b0a76f75a74b
就此使用一段时间后,在centos 7使用时,出现了报错.
root@HOSTXXXXXXX001:~# ansible HOSTXXXXXXX003 -m service -a 'name="zabbix-agent" state="status"' HOSTXXXXXXX003 | FAILED >> {
"failed": true,
"msg": "value of state must be one of: running,started,stopped,restarted,reloaded, got: status"
}
以前都是在centos 6使用的,正常,如今在centos 7出现报错,就打开源码查看了一下.
发现centos 6是/usr/local/lib/python3.6/dist-packages/ansible/modules/system/service.py
而centos 7使用的则是/usr/local/lib/python3.6/dist-packages/ansible/modules/system/systemd.py , 该文件并没有进行patch
于是对该文件进行了修改,如下.
#!/usr/bin/python
-*- coding: utf-8 -*-
Copyright: (c) 2016, Brian Coca bcoca@ansible.com
GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
patch by Redheat
email qjyyn@qq.com
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['stableinterface'],
'supported_by': 'core'}
DOCUMENTATION = '''
module: systemd
author:
- Ansible Core Team
version_added: "2.2"
short_description: Manage services
description:
- Controls systemd services on remote hosts.
options:
name:
description:
- Name of the service. When using in a chroot environment you always need to specify the full name i.e. (crond.service).
aliases: [ service, unit ]
state:
description:
- C(started)/C(stopped) are idempotent actions that will not run commands unless necessary.
C(restarted) will always bounce the service. C(reloaded) will always reload.
choices: [ reloaded, restarted, started, stopped ]
enabled:
description:
- Whether the service should start on boot. B(At least one of state and enabled are required.)
type: bool
masked:
description:
- Whether the unit should be masked or not, a masked unit is impossible to start.
type: bool
daemon_reload:
description:
- run daemon-reload before doing any other operations, to make sure systemd has read any changes.
type: bool
default: 'no'
aliases: [ daemon-reload ]
user:
description:
- run systemctl talking to the service manager of the calling user, rather than the service manager
of the system.
type: bool
default: 'no'
no_block:
description:
- Do not synchronously wait for the requested operation to finish.
Enqueued job will continue without Ansible blocking on its completion.
type: bool
default: 'no'
version_added: "2.3"
notes:
- Since 2.4, one of the following options is required 'state', 'enabled', 'masked', 'daemon_reload', and all except 'daemon_reload' also require 'name'.
- Before 2.4 you always required 'name'.
requirements:
- A system managed by systemd.
'''
EXAMPLES = '''
- name: Make sure a service is running
systemd: state=started name=httpd - name: stop service cron on debian, if running
systemd: name=cron state=stopped - name: restart service cron on centos, in all cases, also issue daemon-reload to pick up config changes
systemd:
state: restarted
daemon_reload: yes
name: crond - name: reload service httpd, in all cases
systemd:
name: httpd
state: reloaded - name: enable service httpd and ensure it is not masked
systemd:
name: httpd
enabled: yes
masked: no - name: enable a timer for dnf-automatic
systemd:
name: dnf-automatic.timer
state: started
enabled: True - name: just force systemd to reread configs (2.4 and above)
systemd: daemon_reload=yes
'''
RETURN = '''
status:
description: A dictionary with the key=value pairs returned from `systemctl show`
returned: success
type: complex
contains: {
"ActiveEnterTimestamp": "Sun 2016-05-15 18:28:49 EDT",
"ActiveEnterTimestampMonotonic": "8135942",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "active",
"After": "auditd.service systemd-user-sessions.service time-sync.target systemd-journald.socket basic.target system.slice",
"AllowIsolate": "no",
"Before": "shutdown.target multi-user.target",
"BlockIOAccounting": "no",
"BlockIOWeight": "1000",
"CPUAccounting": "no",
"CPUSchedulingPolicy": "0",
"CPUSchedulingPriority": "0",
"CPUSchedulingResetOnFork": "no",
"CPUShares": "1024",
"CanIsolate": "no",
"CanReload": "yes",
"CanStart": "yes",
"CanStop": "yes",
"CapabilityBoundingSet": "18446744073709551615",
"ConditionResult": "yes",
"ConditionTimestamp": "Sun 2016-05-15 18:28:49 EDT",
"ConditionTimestampMonotonic": "7902742",
"Conflicts": "shutdown.target",
"ControlGroup": "/system.slice/crond.service",
"ControlPID": "0",
"DefaultDependencies": "yes",
"Delegate": "no",
"Description": "Command Scheduler",
"DevicePolicy": "auto",
"EnvironmentFile": "/etc/sysconfig/crond (ignore_errors=no)",
"ExecMainCode": "0",
"ExecMainExitTimestampMonotonic": "0",
"ExecMainPID": "595",
"ExecMainStartTimestamp": "Sun 2016-05-15 18:28:49 EDT",
"ExecMainStartTimestampMonotonic": "8134990",
"ExecMainStatus": "0",
"ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"ExecStart": "{ path=/usr/sbin/crond ; argv[]=/usr/sbin/crond -n $CRONDARGS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"FragmentPath": "/usr/lib/systemd/system/crond.service",
"GuessMainPID": "yes",
"IOScheduling": "0",
"Id": "crond.service",
"IgnoreOnIsolate": "no",
"IgnoreOnSnapshot": "no",
"IgnoreSIGPIPE": "yes",
"InactiveEnterTimestampMonotonic": "0",
"InactiveExitTimestamp": "Sun 2016-05-15 18:28:49 EDT",
"InactiveExitTimestampMonotonic": "8135942",
"JobTimeoutUSec": "0",
"KillMode": "process",
"KillSignal": "15",
"LimitAS": "18446744073709551615",
"LimitCORE": "18446744073709551615",
"LimitCPU": "18446744073709551615",
"LimitDATA": "18446744073709551615",
"LimitFSIZE": "18446744073709551615",
"LimitLOCKS": "18446744073709551615",
"LimitMEMLOCK": "65536",
"LimitMSGQUEUE": "819200",
"LimitNICE": "0",
"LimitNOFILE": "4096",
"LimitNPROC": "3902",
"LimitRSS": "18446744073709551615",
"LimitRTPRIO": "0",
"LimitRTTIME": "18446744073709551615",
"LimitSIGPENDING": "3902",
"LimitSTACK": "18446744073709551615",
"LoadState": "loaded",
"MainPID": "595",
"MemoryAccounting": "no",
"MemoryLimit": "18446744073709551615",
"MountFlags": "0",
"Names": "crond.service",
"NeedDaemonReload": "no",
"Nice": "0",
"NoNewPrivileges": "no",
"NonBlocking": "no",
"NotifyAccess": "none",
"OOMScoreAdjust": "0",
"OnFailureIsolate": "no",
"PermissionsStartOnly": "no",
"PrivateNetwork": "no",
"PrivateTmp": "no",
"RefuseManualStart": "no",
"RefuseManualStop": "no",
"RemainAfterExit": "no",
"Requires": "basic.target",
"Restart": "no",
"RestartUSec": "100ms",
"Result": "success",
"RootDirectoryStartOnly": "no",
"SameProcessGroup": "no",
"SecureBits": "0",
"SendSIGHUP": "no",
"SendSIGKILL": "yes",
"Slice": "system.slice",
"StandardError": "inherit",
"StandardInput": "null",
"StandardOutput": "journal",
"StartLimitAction": "none",
"StartLimitBurst": "5",
"StartLimitInterval": "10000000",
"StatusErrno": "0",
"StopWhenUnneeded": "no",
"SubState": "running",
"SyslogLevelPrefix": "yes",
"SyslogPriority": "30",
"TTYReset": "no",
"TTYVHangup": "no",
"TTYVTDisallocate": "no",
"TimeoutStartUSec": "1min 30s",
"TimeoutStopUSec": "1min 30s",
"TimerSlackNSec": "50000",
"Transient": "no",
"Type": "simple",
"UMask": "0022",
"UnitFileState": "enabled",
"WantedBy": "multi-user.target",
"Wants": "system.slice",
"WatchdogTimestampMonotonic": "0",
"WatchdogUSec": "0",
}
''' # NOQA
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.service import sysv_exists, sysv_is_enabled, fail_if_missing
from ansible.module_utils._text import to_native
def is_running_service(service_status):
return service_status['ActiveState'] in set(['active', 'activating'])
def request_was_ignored(out):
return '=' not in out and 'ignoring request' in out
def parse_systemctl_show(lines):
# The output of 'systemctl show' can contain values that span multiple lines. At first glance it
# appears that such values are always surrounded by {}, so the previous version of this code
# assumed that any value starting with { was a multi-line value; it would then consume lines
# until it saw a line that ended with }. However, it is possible to have a single-line value
# that starts with { but does not end with } (this could happen in the value for Description=,
# for example), and the previous version of this code would then consume all remaining lines as
# part of that value. Cryptically, this would lead to Ansible reporting that the service file
# couldn't be found.
#
# To avoid this issue, the following code only accepts multi-line values for keys whose names
# start with Exec (e.g., ExecStart=), since these are the only keys whose values are known to
# span multiple lines.
parsed = {}
multival = []
k = None
for line in lines:
if k is None:
if '=' in line:
k, v = line.split('=', 1)
if k.startswith('Exec') and v.lstrip().startswith('{'):
if not v.rstrip().endswith('}'):
multival.append(v)
continue
parsed[k] = v.strip()
k = None
else:
multival.append(line)
if line.rstrip().endswith('}'):
parsed[k] = '\n'.join(multival).strip()
multival = []
k = None
return parsed
===========================================
Main control flow
def main():
# initialize
module = AnsibleModule(
argument_spec=dict(
name=dict(type='str', aliases=['service', 'unit']),
#choices里如果没有对应的操作就会报value of state must be one of: reloaded, restarted, started, stopped, got: status
#报错文件位于ansible/module_utils/basic.py 1810行
*state=dict(type='str', choices=['reloaded', 'restarted', 'started', 'stopped', 'status'*]),
**
enabled=dict(type='bool'),
masked=dict(type='bool'),
daemon_reload=dict(type='bool', default=False, aliases=['daemon-reload']),
user=dict(type='bool', default=False),
no_block=dict(type='bool', default=False),
),
supports_check_mode=True,
required_one_of=[['state', 'enabled', 'masked', 'daemon_reload']],
)
systemctl = module.get\_bin\_path('systemctl', True)
if module.params\['user'\]:
systemctl = systemctl + " --user"
if module.params\['no\_block'\]:
systemctl = systemctl + " --no-block"
unit = module.params\['name'\]
rc = 0
out = err = ''
result = dict(
name=unit,
changed=False,
status=dict(),
)
for requires in ('state', 'enabled', 'masked'):
if module.params\[requires\] is not None and unit is None:
module.fail\_json(msg="name is also required when specifying %s" % requires)
# Run daemon-reload first, if requested
if module.params\['daemon\_reload'\] and not module.check\_mode:
(rc, out, err) = module.run\_command("%s daemon-reload" % (systemctl))
if rc != 0:
module.fail\_json(msg='failure %d during daemon-reload: %s' % (rc, err))
if unit:
found = False
is\_initd = sysv\_exists(unit)
is\_systemd = False
# check service data, cannot error out on rc as it changes across versions, assume not found
**#这里执行的命令是类似systemctl show zabbix-agent**
(rc, out, err) = module.run\_command("%s show '%s'" % (systemctl, unit))
if request\_was\_ignored(out) or request\_was\_ignored(err):
# fallback list-unit-files as show does not work on some systems (chroot)
# not used as primary as it skips some services (like those using init.d) and requires .service/etc notation
(rc, out, err) = module.run\_command("%s list-unit-files '%s'" % (systemctl, unit))
if rc == 0:
is\_systemd = True
elif rc == 0:
# load return of systemctl show into dictionary for easy access and return
if out:
**#把返回值都扔进result\['status'\]去了**
result\['status'\] = parse\_systemctl\_show(to\_native(out).split('\\n'))
is\_systemd = 'LoadState' in result\['status'\] and result\['status'\]\['LoadState'\] != 'not-found'
# Check for loading error
if is\_systemd and 'LoadError' in result\['status'\]:
module.fail\_json(msg="Error loading unit file '%s': %s" % (unit, result\['status'\]\['LoadError'\]))
else:
# Check for systemctl command
module.run\_command(systemctl, check\_rc=True)
# Does service exist?
found = is\_systemd or is\_initd
if is\_initd and not is\_systemd:
module.warn('The service (%s) is actually an init script but the system is managed by systemd' % unit)
# mask/unmask the service, if requested, can operate on services before they are installed
if module.params\['masked'\] is not None:
# state is not masked unless systemd affirms otherwise
masked = ('LoadState' in result\['status'\] and result\['status'\]\['LoadState'\] == 'masked')
if masked != module.params\['masked'\]:
result\['changed'\] = True
if module.params\['masked'\]:
action = 'mask'
else:
action = 'unmask'
if not module.check\_mode:
(rc, out, err) = module.run\_command("%s %s '%s'" % (systemctl, action, unit))
if rc != 0:
# some versions of system CAN mask/unmask non existing services, we only fail on missing if they don't
fail\_if\_missing(module, found, unit, msg='host')
# if module.params\['choices'\] == 'status':
# Enable/disable service startup at boot if requested
if module.params\['enabled'\] is not None:
if module.params\['enabled'\]:
action = 'enable'
else:
action = 'disable'
fail\_if\_missing(module, found, unit, msg='host')
# do we need to enable the service?
enabled = False
(rc, out, err) = module.run\_command("%s is-enabled '%s'" % (systemctl, unit))
# check systemctl result or if it is a init script
if rc == 0:
enabled = True
elif rc == 1:
# if not a user service and both init script and unit file exist stdout should have enabled/disabled, otherwise use rc entries
if not module.params\['user'\] and \\
is\_initd and \\
(not out.strip().endswith('disabled') or sysv\_is\_enabled(unit)):
enabled = True
# default to current state
result\['enabled'\] = enabled
# Change enable/disable if needed
if enabled != module.params\['enabled'\]:
result\['changed'\] = True
if not module.check\_mode:
(rc, out, err) = module.run\_command("%s %s '%s'" % (systemctl, action, unit))
if rc != 0:
module.fail\_json(msg="Unable to %s service %s: %s" % (action, unit, out + err))
result\['enabled'\] = not enabled
# set service state if requested
if module.params\['state'\] is not None:
fail\_if\_missing(module, found, unit, msg="host")
# default to desired state
result\['state'\] = module.params\['state'\]
# What is current service state?
if 'ActiveState' in result\['status'\]:
action = None
if module.params\['state'\] == 'started':
if not is\_running\_service(result\['status'\]):
action = 'start'
elif module.params\['state'\] == 'stopped':
if is\_running\_service(result\['status'\]):
action = 'stop' **# patch status
# 如果是status,则判断返回的result['status'],并标记result['state']
# action其实是个flag,影响的是接下来的操作.完全可以不对action赋值,就不会影响下面的操作
# 仿照service.py这个patch,result['status']被我删了
elif module.params\['state'\] == 'status':
if is\_running\_service(result\['status'\]):
result\['state'\] = True
else:
result\['state'\] = False
del result\['status'\]** else:
if not is\_running\_service(result\['status'\]):
action = 'start'
else:
action = module.params\['state'\]\[:-2\] # remove 'ed' from restarted/reloaded
result\['state'\] = 'started'
if action:
result\['changed'\] = True
if not module.check\_mode:
(rc, out, err) = module.run\_command("%s %s '%s'" % (systemctl, action, unit))
if rc != 0:
module.fail\_json(msg="Unable to %s service %s: %s" % (action, unit, err))
else:
# this should not happen?
module.fail\_json(msg="Service is in unknown state", status=result\['status'\])
module.exit\_json(\*\*result)if __name__ == '__main__':
main()
染红加粗的几行,就是对status的支持和我写的几行简单说明.
我在git对源码进行了fork,见https://github.com/RedheatWei/ansible-modules-core
手机扫一扫
移动阅读更方便
你可能感兴趣的文章