文章目录
Ansible Vault概述
- Ansible Vault做为Ansible的一项新功能,可将例如:password,keys等敏感数据文件进行加密处理,而非存放在明文的playbook中或roles中。
帮助:ansible-vault --help
加密一个文件: - ansible-vault encrypt include.yml
查看一个文件
[root@m01 m01]# ansible-vault view include.yml
Vault password:
- import_playbook: handler.yml
- import_playbook: when.yml
修改加密的文件内容
- ansible-vault edit include.yml
rekey 修改密码
[root@m01 m01]# ansible-vault rekey include.yml
Vault password:
New Vault password:
Confirm New Vault password:
Rekey successful
执行加密的playbook
echo "lcc" > ansible.pass
ansible-playbook include.yml --vault-password-file=ansible.pass