(12)生成硬件报告
ansible查询变量格式
ansible all -m setup -a “filter=“mem””
生成/root/hwreport.txt硬件报告
vim /home/greg/ansible/hwreport.yml
- name: 生成硬件报告
hosts: all
vars:
hw_all:
- hw_name: HOST
hw_cont: “{{ inventory_hostname | default(‘NONE’,true) }}”
- hw_name: MEMORY
hw_cont : “{{ ansilbe_memtotal_mb | default(‘NONE’,true) }}”
- hw_name: BIOS
hw_cont : “{{ ansilbe_bios_version | default(‘NONE’,true) }}”
- hw_name: DISK_SIZE_VDA
hw_cont : “{{ ansilbe_device_vda_size | default(‘NONE’,true) }}”
- hw_name: DISK_SIZE_VDB
hw_cont : “{{ ansilbe_device_vdb_size | default(‘NONE’,true) }}”
tasks:- name: one
get_url:
url: http://materials/hwreport.empty
dest: /root/hwreport.txt - name: two
lineinfile:
path: /root/hwreport.txt
regexp: ‘^{{ item.hw_name }}’
line: HOST=’{{ item.hw_name }}={{ item.hw_cont }}’
loop: “{{ hw_all }}”
- name: one
(13)创建密码库
a,创建密码库
b,加密whenyouwishuponstart
c,密码值写入文件
d,配置文件中
vim /home/greg/ansible/locker.yml
pw_developer: Imadev
pw_manager: Imagr
wq!保存退出
vim /home/greg/ansible/sceret.txt
vim /etc/ansible.cfg
142行
vault_password_file = /
ansible-vault encrypt locker.yml
(14)创建用户账户
wget http://materials/user_list.yml
vim /home/greg/ansible/locker.yml
vim /home/greg/ansible/users.yml
- name: 创建用户账户
hosts: all
vars_files:-
/home/greg/ansible/locker.yml
-
/home/greg/ansible/user_list.yml
tasks: -
name: one
groups:
name: devops
when: item.job == ‘developer’ and (inventory_hostname in groups.dev orinventory_hostname in groups.test)
loop: {{ users }} -
name: two
user:
name: “{{ item.name }}”
password: “{{ pw_developer | password_hash(‘sha512’,‘mysecret’) }}”
groups:
name: opsmgr
when: item.job == ‘manager’ and (inventory_hostname in groups.dev or inventory_hostname in groups.prod)
loop: {{ users }} -
name:three
user:
name: “{{ item.name }}”
password: “{{ pw_developer | password_hash(‘sha512’,‘mysecret’) }}”
groups:
name: opsmgr
when: item.job == ‘manager’ and (inventory_hostname in groups.dev or inventory_hostname in groups.prod)
loop: {{ users }} -
name: four
user:
name: “{{ item.name }}”
password: “{{ pw_developer | password_hash(‘sha512’,‘mysecret’) }}”
groups:
name: opsmgr
when: item.job == ‘manager’ and (inventory_hostname in groups.dev or inventory_hostname in groups.prod)
loop: {{ users }}
-
(15)更新ansible库的密钥
ansible-vault rekey --ask-vault-passwd salaries.yml
复习和预习内容:
复习RHCSA和RHCE考前视频辅导;
星期五:第十章节
星期六:第十一章节、第十二章节
星期天:第十三章节