1、给受管主机部署yum仓库,示例如下:
仓库1 : Name: base
Description: baseos
Base url: Index of /centos-vault/8.5.2111/BaseOS/x86_64/os/
需要验证软件包 GPG 签名 GPG key 在 /etc/pki/rpm-gpg/RPM-GPG-KEY-*
启用此软件仓库
仓库 2: Name: app
Description: appstream
Base url: Index of /centos-vault/8.5.2111/AppStream/x86_64/os/
需要验证软件包 GPG 签名 GPG key 在: /etc/pki/rpm-gpg/RPM-GPG-KEY-*
启用此软件仓库
[admin@sunhailang test01]$ vim creat_yum.yml
---
- name: play1
hosts: all
tasks:
- name: create base
yum_repository:
name: base
description: baseos
baseurl: https://mirrors.aliyun.com/centos-vault/8.2.2004/BaseOS/x86_64/os/
gpgcheck: yes
- name: create appstream
yum_repository:
name: app
description: appstream
baseurl: https://mirrors.aliyun.com/centos-vault/8.2.2004/AppStream/x86_64/os/
gpgcheck: yes
- name: install vsftpd
yum:
name: vsftpd
state: latest
注:检查你自己的linux系统版本,并选择相应版本仓库。
部署成功后在受管主机上安装vsftpd软件包
2、给web主机组写一个playbook,该playbook有两个play,第一个play可以保证在web主机组上安装httpd和php,确保web主机组的/var/www/html/目录下面有一个文件为index.php,内容如下:
$ cat /var/www/html/index.php <?php phpinfo();
该playbook里面的第二个play用于测试该web主机组的web服务能否被成功访问index.php内容。
[admin@sunhailang test01]$ vim inventory
[admin@sunhailang test01]$ vim 1.yml
3、在受控节点上添加一个普通用户xiaohong,配置当前控制节点的用户可以免密登录xiaohong用户,并且xiaohong可以sudo。
[admin@sunhailang test01]$ vim 2.yml
---
- name: play1
hosts: node01
tasks:
- name: useradd xiaohong
user:
name: xiaohong
state: present
- name: xiaohong sudoers
lineinfile:
line: "xiaohong ALL=(ALL) NOPASSWD:ALL"
path: /etc/sudoers
- authorized_key:
state: present
user: xiaohong
key: "{{ lookup('file', '/home/admin/.ssh/id_rsa.pub') }}"