1.加密控制
创建文件
普通的创建文件直接就可以查看
[root@bastion ansible]# ansible-vault create chihao1.yml
New Vault password:
Confirm New Vault password:
如此不会直接看到
[root@bastion ansible]# cat chihao1.yml
$ANSIBLE_VAULT;1.1;AES256
64356137323239373630343465666330623530383230643831663731663063303965663938363266
6638333261303366376266323562636633353132643032350a343162343133666564663761636132
39336234373634633361346466326433336436323861326438373437333031323730306264643362
3334303237366239620a396233306661333361643438626238663361336562303239663866643233
30356432333762303766303631373937313535623164316132356430336439306531303635373033
62643137316135393336323161653336633339626462333562393331653937663563663836376236
64646234323339306632623936383639666534346531306462313830353864656337323661653162
66663561376539616630
显示的都是加密字符串
[root@bastion ansible]# cat passwd
yume
编辑一个文件
[root@bastion ansible]# ansible-vault encrypt chihao.yml --vault-password-file=passwd
Encryption successful
给现有的文件加密
[root@bastion ansible]# ansible-vault view chihao.yml
Vault password:
---
- name: chihao
hosts: prod
tasks:
- debug:
msg: hello you
查看加密文件
[root@bastion ansible]# ansible-vault edit chihao.yml
编辑
[root@bastion ansible]# ansible-playbook chihao.yml --ask-vault-pass
执行后面要加参数
[root@bastion ansible]# ansible-vault decrypt chihao.yml
Vault password:
Decryption successful
解密
循环
1.简单循环
比如说用user模块创建用户时,如果要创建三个用户,写三次就很麻烦,所以使用循环减少工作量
---
- name: create user
hosts: prod
tasks:
- name: create user
user:
name: "{{item}}"
state: present
loop:
- user1
- user2
- user3
[root@serverc mnt]# id user3
uid=1006(user3) gid=1006(user3) groups=1006(user3)
[root@serverc mnt]# id user2
uid=1005(user2) gid=1005(user2) groups=1005(user2)
[root@serverc mnt]# id user1
uid=1004(user1) gid=1004(user1) groups=1004(user1)
三个用户被成功的建立了
忘记模块怎么写,随时使用ansible-doc user | less
查看帮助
---
- name: create user
hosts: prod
tasks:
- name: create user
user:
name: "{{item}}"
state: absent
loop:
- user1
- user2
- user3
删除只需要把present改称absent即可
2.散列或字典
多个元素进行循环
```powershell
---
- name: create user
hosts: prod
tasks:
- name: create user
user:
name: "{{item['name']}}"
uid: "{{item['uid']}}"
state: present
loop:
- name: user1
uid: 2000
- name: user2
uid: 3000
- name: user3
uid: 4000
{{item}} 迭代变量名称
loop: 赋值列表
-value1
-value2