一、 创建 password vault 创建一个名为 locker.yml 的 ansible vault 文件存储用户密码: *
Vault 文件中包含两个变量:
pw_developer: imadev
pw_manager: imamgr
加密此文件的密码为redhat *
此密码存放在: /home/devops/ansible/secret.txt
1、创建locker.yml指定键值对
$ vim locker.yml
---
pw_developer: lmadev
pw_manager: lmamgr
2、配置密钥文件secret.txt并更改权限
$ echo redhat > /home/devops/ansible/secret.txt
$ chmod 600 /home/devops/ansible/secret.txt
3、将密钥文件应用到locker.yml密码库上
$ ansible-vault encrypt --vault-id=secret.txt locker.yml
4、验证
$ ansible-vault view locker.yml
二、为 Ansible vault 文件修改密码 请为 expense.yml 文件修改 vault 密码,
要求如下:
- 请将 files/15/expense.yml 文 件 保 存 到 /home/devops/anstble/expense.yml
- 此文件当前的 vault 密码是: veryimportant
- 新的 vault 密码足: notveryimportant
1、复制相对路径
cp ~/files/15/expense.yum /home/devops/anstble/expense.yum
2、更改密码
ansible-vault rekey expense.yml
Vault password: 旧密码
New Vault password: 新密码
Confirm New Vault password: 新密码
3、查看文件
ansible-vault view expense.yml
Vault password: 新密码
创建逻辑卷和网页
lv.yml
---
- hosts: all
tasks:
- name: print Vg does not exists
debug:
msg: "Vg does not exists"
when: "'research' not in ansible_lvm.vgs "
- name: create lv
block:
- name: create lv 1500 MiB
lvol:
vg: research
lv: data
size: 1500
when: "'research' in ansible_lvm.vgs "
rescue:
- name: print Can't create lv of that size
debug:
msg: "Can't create lv of that size"
- name: create lv 500 MiB
lvol:
vg: research
lv: data
size: 500
when: "'research' in ansible_lvm.vgs "
- name: format
filesystem:
fstype: ext4
dev: /dev/research/data
webcontent.yml
---
- hosts: dev
roles:
- apache
tasks:
- name: create group
group:
name: webdev
state: present
- name: create directory
file:
path: /webdev
state: directory
group: webdev
mode: '2775'
setype: httpd_sys_content_t