ansible作业(二)
题目
1、给受管主机部署yum仓库,示例如下:
仓库1 :
Name: base
Description: baseos
Base url: https://mirrors.163.com/centos-vault/8.5.2111/BaseOS/x86_64/os/
需要验证软件包 GPG 签名
GPG key 在 /etc/pki/rpm-gpg/RPM-GPG-KEY-*
启用此软件仓库
仓库 2:
Name: app
Description: appstream
Base url: https://mirrors.163.com/centos-vault/8.5.2111/AppStream/x86_64/os/
需要验证软件包 GPG 签名
GPG key 在: /etc/pki/rpm-gpg/RPM-GPG-KEY-*
启用此软件仓库
注:检查你自己的linux系统版本,并选择相应版本仓库。
部署成功后在受管主机上安装vsftpd软件包
[admin@centos7_server ~]$ vim test.yml
---
- name: work
hosts: web
tasks:
- name: write appstream
yum_repository:
name: appstream
description: appstream
baseurl: https://mirrors.aliyun.com/centos/8.5.2111/AppStream/x86_64/os/
gpgcheck: no
- name: write baseos
yum_repository:
name: baseos
description: baseos
baseurl: https://mirrors.aliyun.com/centos/8.5.2111/BaseOS/x86_64/os/
gpgcheck: no
- name: yum vsftpd
yum:
name: vsftpd
state: latest
[admin@centos7_server ~]$ ansible-playbook test.yml
PLAY [work] ********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [node2]
ok: [node1]
TASK [write appstream] *********************************************************
changed: [node1]
changed: [node2]
TASK [write baseos] ************************************************************
changed: [node1]
changed: [node2]
TASK [yum vsftpd] **************************************************************
changed: [node1]
changed: [node2]
PLAY RECAP *********************************************************************
node1 : ok=4 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
node2 : ok=4 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
2、给web主机组写一个playbook,该playbook有两个play,第一个play可以保证在web主机组上安装httpd和php,确保web主机组的/var/www/html/目录下面有一个文件为index.php,内容如下:
$ cat /var/www/html/index.php
phpinfo();
该playbook里面的第二个play用于测试该web主机组的web服务能否被成功访问index.php内容。
[admin@centos7_server ~]$ vim test1.yml
---
- name: play1
hosts: web
tasks:
- name: install httpd php
yum:
name:
- httpd
- php
state: latest
- name: write index.php
shell: echo "$ cat /var/www/html/index.php" >> /var/www/html/index.php
- name: write
shell: echo "phppinfo();" >> /var/www/html/index.php
- name: started httpd
service:
name: httpd
state: started
- name: firewalld all httpd
firewalld:
service: http
permanent: yes
immediate: yes
state: enabled
- name: play2
hosts: web
tasks:
- name: test node1
uri:
url: http://node1
return_content: yes
- name: test node2
uri:
url: http://node2
return_content: yes
[admin@centos7_server ~]$ ansible-playbook test1.yml
PLAY [play1] *******************************************************************
TASK [Gathering Facts] *********************************************************
ok: [node1]
ok: [node2]
TASK [install httpd php] *******************************************************
ok: [node1]
ok: [node2]
TASK [write index.php] *********************************************************
changed: [node2]
changed: [node1]
TASK [write] *******************************************************************
changed: [node1]
changed: [node2]
TASK [started httpd] ***********************************************************
ok: [node2]
ok: [node1]
TASK [firewalld all httpd] *****************************************************
ok: [node2]
ok: [node1]
PLAY [play2] *******************************************************************
TASK [Gathering Facts] *********************************************************
ok: [node1]
ok: [node2]
TASK [test node1] **************************************************************
ok: [node1]
ok: [node2]
TASK [test node2] **************************************************************
ok: [node1]
ok: [node2]
PLAY RECAP *********************************************************************
node1 : ok=9 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
node2 : ok=9 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
3、在受控节点上添加一个普通用户xiaohong,配置当前控制节点的用户可以免密登录xiaohong用户,并且xiaohong可以sudo。
[admin@centos7_server ~]$ vim test2.yml
---
- name: add user
hosts: web
tasks:
- name: add xiaohong
user:
name: xiaohong
- name: add mima
shell: echo 123 | passwd xiaohong --stdin
- name: copy id_rsa.pub
copy:
src: /home/admin/.ssh/id_rsa.pub
dest: /home/xiaohong/.ssh/
- name: vim sudoers
lineinfile:
path: /etc/sudoers
line: 'xiaohong ALL=(ALL) NOPASSWD: ALL'
[admin@centos7_server ~]$ ansible-playbook test2.yml
PLAY [add user] ****************************************************************
TASK [Gathering Facts] *********************************************************
ok: [node1]
ok: [node2]
TASK [add xiaohong] ************************************************************
changed: [node1]
changed: [node2]
TASK [add mima] ****************************************************************
changed: [node2]
changed: [node1]
TASK [copy id_rsa.pub] *********************************************************
changed: [node2]
changed: [node1]
TASK [vim sudoers] *************************************************************
ok: [node2]
ok: [node1]
PLAY RECAP *********************************************************************
node1 : ok=5 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
node2 : ok=5 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0