问题描述
我下面有Playbook,可以为Linux中的用户设置文件描述符值,下面的代码经过测试,可以正常工作,我正在寻找是否使用vars
之类的代码来缩短代码。
准确地说,我想使用模块pam_limits
之一,并涵盖一下同时增加nofiles
和nproc
值的两个动作。
---
- name: Setting File-descriptor Values for db_user
hosts: all
become: yes
become_method: sudo
become_user: root
tasks:
- name: Setting-up file-max limit
sysctl:
name: fs.file-max
value: '1618107'
state: present
reload: yes
- name: setting-up nofile limit
pam_limits:
domain: db_user
limit_type: "{{ item }}"
limit_item: nofile
value: '260000'
loop:
- soft
- hard
- name: setting-up nproc limit
pam_limits:
domain: db_user
limit_type: "{{ item }}"
limit_item: nproc
value: '16383'
loop:
- soft
- hard
...
解决方法
一种方法,您可以对loop
使用以下方法,但是,我看到您的soft
和hard
极限值是相同的,因此您最好将-
用作我在下面的评论本身中提到了。
---
- name: Setting File-descriptor Values for db_user
hosts: all
become: yes
become_method: sudo
become_user: root
tasks:
- name: Setting-up file-max limit
sysctl:
name: fs.file-max
value: 1618107
state: present
reload: yes
- name: Setting-up nofles and nproc limit for db_user
pam_limits:
domain: db_user
limit_type: "{{item.limit_type}}"
limit_item: "{{item.limit_item}}"
value: "{{item.value}}"
loop:
# Add nofile and nproc,both soft and hard,limit for the user db_user with a comment.
# Type "-" for enforcing both soft and hard resource limits together for more details read `man limits.conf`.
- { limit_type: '-',limit_item: 'nofile',value: 260000 }
- { limit_type: '-',limit_item: 'nproc',value: 16383 }