ce题库解析
文章目录
环境准备
1、
[kiosk@foundation ~]$ virt-manager
[kiosk@foundation ~]$ rht-vmctl reset all
输入y确认重置所有主机
[kiosk@foundation ~]$ ssh -X root@workstation
[root@workstation ~]# dnf install -y ansible
[root@workstation ~]# vim /etc/sudoers.d/student
student ALL=(ALL) NOPASSWD: ALL
[root@workstation ~]# for i in server{a..d} bastion
> do scp /etc/sudoers.d/student root@$i:/etc/sudoers.d/
> done
2、更改workstation、servera、serverb、serverc、serverd、bastion
主机的/etc/hosts文件,把文件中content.example.com对应的ip改为172.25.254.250
[root@workstation ~]# for i in server{a..d} bastion
> do scp /etc/hosts root@$i:/etc/hosts
> done
3、使用xshell将考试环境需要的那些文件都上传到/content/目录下
4、关闭bastion的httpd服务
ssh root@bastion
systemctl stop httpd
systemctl disable httpd
第一题
安装和配置Ansible
按照下方所述,在控制节点workstation.lab.example.com 上安装和配置Ansible:
安装所需的软件包
创建名为/home/student/ansible/inventory的静态清单文件, 以满足以下需求:
servera是dev主机组的成员
serverb是test主机组的成员
serverc和serverd是prod主机组的成员
bastion是balancers主机组的成员
prod组是webservers主机组的成员
创建名为/home/student/ansible/ansible.cfg的配置文件, 以满足以下要求:
主机清单文件为/home/student/ansible/inventory
playbook中使用的角色的位置包括/home/student/ansible/roles
安装ansible进行配置
[root@foundation0 ~]# ssh student@workstation
Activate the web console with: systemctl enable --now cockpit.socket
[student@workstation ansible]$ cp /etc/ansible/ansible.cfg .
[student@workstation ansible]$ ls
ansible.cfg
[student@workstation ansible]$ mkdir roles
inventory = /home/student/ansible/inventory
remote_user = student
···
roles_path = /home/student/ansible/roles
host_key_checking = False
···
[privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=False
配置静态主机清单
[student@workstation ansible]$ vim inventory
[student@workstation ansible]$ cat inventory
[dev]
servera
[test]
serverb
[prod]
serverc
serverd
[balancers]
bastion
[webservers:children]
prod
验证
[student@workstation ansible]$ ansible all -m ping
serverd | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
serverc | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
bastion | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
serverb | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
servera | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
第二题
创建和运行Ansible临时命令
作为系统管理员, 您需要在受管节点上安装软件.
请按照下方所述, 创建一个名为/home/student/ansible/adhoc.sh的shell脚本,
该脚本将使用Ansible临时命令在各个受管节点上安装yum存储库:
存储库1:
存储库的名称为 rh294_BASE
描述为 rh294 base software
基础URL为 http://content.example.com/rhel8.0/x86_64/dvd/BaseOS
GPG签名检查为启用状态
GPG密钥URL为 http://content.example.com/rhel8.0/x86_64/dvd/RPM-GPG-KEY-redhat-release
存储库为开启状态
存储库2:
存储库的名称为 rh294_STREAM
描述为 rh294 stream software
基础URL为 http://content.example.com/rhel8.0/x86_64/dvd/AppStream
GPG签名检查为启用状态
GPG密钥URL为 http://content.example.com/rhel8.0/x86_64/dvd/RPM-GPG-KEY-redhat-release
存储库为开启状态
创建shell脚本
[student@workstation ansible]$ vim adhoc.sh
[student@workstation ansible]$ cat adhoc.sh
#!/bin/bash
ansible all -m you_repository -a 'file=server name=rh294_BASE description="rh294 base software" baseurl=http://content.example.com/rhel8.0/x86_64/dvd/BaseOS gpgcheck=yes gpgkey=http://content.example.com/rhel8.0/x86_64/dvd/RPM-GPG-KEY-redhat-release enabled=yes"'
ansible all -m you_repository -a 'file=server name=rh294_STREAM description="rh294 stream software" baseurl=http://content.example.com/rhel8.0/x86_64/dvd/AppStream gpgcheck=yes gpgkey=http://content.example.com/rhel8.0/x86_64/dvd/RPM-GPG-KEY-redhat-release enabled=yes'
[student@workstation ansible]$ chmod +x adhoc.sh
执行
[student@workstation ansible]$ ./adhoc.sh
serverb | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"repo": "rh294_BASE",
"state": "present"
}
servera | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"repo": "rh294_BASE",
"state": "present"
}
bastion | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"repo": "rh294_BASE",
"state": "present"
}
serverc | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"repo": "rh294_BASE",
"state": "present"
}
serverd | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"repo": "rh294_BASE",
"state": "present"
}
servera | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"repo": "rh294_STREAM",
"state": "present"
}
serverc | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"repo": "rh294_STREAM",
"state": "present"
}
serverb | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"repo": "rh294_STREAM",
"state": "present"
}
serverd | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"repo": "rh294_STREAM",
"state": "present"
}
bastion | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"repo": "rh294_STREAM",
"state": "present"
}
第三题
安装软件包
创建一个名为 /home/student/ansible/packages.yml的 playbook:
•将 php 和 mariadb 软件包安装到 dev、test 和 prod 主机组中的主机上
•将 RPM Development Tools 软件包组安装到 dev主机组中的主机上
•将 dev 主机组中主机上的所有软件包更新为最新版本
编写playbook
[student@workstation ansible]$ vim packages.yml
[student@workstation ansible]$ cat packages.yml
---
- name: install php mariadb
hosts: dev,test,prod
tasks:
- name: install php mariadb
yum:
name:
- php
- mariadb
state: present
- name: install RPM
hosts: dev
tasks:
- name: yum RPM
yum:
name: "@RPM Development Tools"
state: present
- name: update all packages
yum:
name: '*'
state: latest
执行
[student@workstation ansible]$ ansible-playbook packages.yml
PLAY [install php mariadb] **************************************************************************
TASK [Gathering Facts] ******************************************************************************
ok: [serverc]
ok: [serverd]
ok: [servera]
ok: [serverb]
TASK [install php mariadb] **************************************************************************
changed: [serverd]
changed: [serverc]
changed: [serverb]
changed: [servera]
PLAY [install RPM] **********************************************************************************
TASK [Gathering Facts] ******************************************************************************
ok: [servera]
TASK [yum RPM] **************************************************************************************
changed: [servera]
TASK [update all packages] **************************************************************************
ok: [servera]
PLAY RECAP ******************************************************************************************
servera : ok=5 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverb : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverc : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverd : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
第四题-一
使用RHEL系统角色
安装 RHEL 系统角色软件包,并创建符合以下条件的playbook /home/student/ansible/timesync.yml:
在所有受管节点上运行
使用 timesync 角色
配置该角色,以使用当前有效的 NTP 提供商
配置该角色,以使用时间服务器 classroom.example.com
配置该角色,以启用 iburst 参数
下载系统角色软件包
[student@workstation ansible]$ sudo yum install -y rhel-system-roles
创建角色
[student@workstation ansible]$ cd roles/
[student@workstation roles]$ cp -r /usr/share/ansible/roles/rhel-system-roles.timesync/ timesync
[student@workstation roles]$ ls
timesync
编写playbook
[student@workstation roles]$ cd ..
[student@workstation ansible]$ vim timesync.yml
[student@workstation ansible]$ cat timesync.yml
---
- name: set time
hosts: all
vars:
timesync_ntp_servers:
- hostname: classroom.example.com
iburst: yes
roles:
- timesync
执行
[student@workstation ansible]$ ansible-playbook timesync.yml
第四题-二
另一种情况
•使用selinux角色
配置该角色,开启所有受控节点的selinux
创建角色
[student@workstation roles]$ cp -r /usr/share/ansible/roles/rhel-system-roles.selinux selinux
[student@workstation roles]$ ls
selinux timesync
[student@workstation roles]$ cd ..
编写playbook
[student@workstation ansible]$ vim selinux.yml
[student@workstation ansible]$ cat selinux.yml
---
- name: set selinux
hosts: all
vars:
selinux_state: enforcing
roles:
- role: selinux
become: true
执行
[student@workstation ansible]$ ansible-playbook selinux.yml
···
PLAY RECAP ***********************************************************************************************************************************************
bastion : ok=7 changed=1 unreachable=0 failed=0 skipped=14 rescued=0 ignored=0
servera : ok=7 changed=1 unreachable=0 failed=0 skipped=14 rescued=0 ignored=0
serverb : ok=7 changed=1 unreachable=0 failed=0 skipped=14 rescued=0 ignored=0
serverc : ok=7 changed=1 unreachable=0 failed=0 skipped=14 rescued=0 ignored=0
serverd : ok=7 changed=1 unreachable=0 failed=0 skipped=14 rescued=0 ignored=0
验证
[student@workstation ansible]$ ansible all -m shell -a 'getenforce'
servera | CHANGED | rc=0 >>
Enforcing
serverc | CHANGED | rc=0 >>
Enforcing
bastion | CHANGED | rc=0 >>
Enforcing
serverb | CHANGED | rc=0 >>
Enforcing
serverd | CHANGED | rc=0 >>
Enforcing
第五题
使用Ansible Galaxy安装角色
使用 Ansible Galaxy 和要求文件 /home/student/ansible/roles/requirements.yml,从以下 URL 下载角色并安装到 /home/student/ansible/roles:
http://content.example.com/haproxy.tar.gz 此角色的名称应当为 balancer
http://content.example.com/phpinfo.tar.gz 此角色的名称应当为 phpinfo
编写playbook
[student@workstation roles]$ vim requirements.yml
[student@workstation roles]$ cat requirements.yml
---
- name: balancer
src: http://content.example.com/haproxy.tar.gz
- name: phpinfo
src: http://content.example.com/phpinfo.tar.gz
执行
[student@workstation roles]$ ansible-galaxy install -r requirements.yml -p .
- downloading role from http://content.example.com/haproxy.tar.gz
- extracting balancer to /home/student/ansible/roles/balancer
- balancer was installed successfully
- downloading role from http://content.example.com/phpinfo.tar.gz
- extracting phpinfo to /home/student/ansible/roles/phpinfo
- phpinfo was installed successfully
[student@workstation roles]$ ls
balancer phpinfo requirements.yml selinux timesync
第六题
创建和使用角色
根据下列要求,在/home/student/ansible/roles中创建名为apache的角色:
httpd软件包已安装,设为在系统启动时启用并启动
防火墙已启用并正在运行,并使用允许访问Web服务器的规则
模板文件 index.html.j2 已存在,用于创建具有以下输出的文件/var/www/html/index.html:
Welcome to HOSTNAME on IPADDRESS
其中,HOSTNAME是受管节点的完全限定域名,IPADDRESS则是受管节点的IP地址。
按照下方所述,创建一个使用此角色的playbook /home/student/ansible/newrole.yml:
该playbook在webservers主机组中的主机上运行
编写角色模板playbook
[student@workstation roles]$ cat apache/tasks/main.yml
---
# tasks file for apache
- name: install httpd firewalld
yum:
name:
- httpd
- firewalld
state: present
- name: cp template
template:
src: index.html.j2
dest: /var/www/html/index.html
- name: restart httpd
service:
name: httpd
state: restarted
enabled: yes
- name: restart firewalld
service:
name: firewalld
state: restarted
enabled: yes
- name: firewalld for http
firewalld:
service: http
state: enabled
permanent: yes
immediate: yes
编写受控主机
[student@workstation roles]$ cat apache/templates/index.html.j2
Welcome to {{ inventory_hostname }} on {{ ansible_default_ipv4.address }}
编写使用角色的playbook
[student@workstation roles]$ cd ..
[student@workstation ansible]$ vim newrole.yml
[student@workstation ansible]$ cat newrole.yml
---
- name: user apache
hosts: webservers
roles:
- apache
执行
[student@workstation ansible]$ ansible-playbook newrole.yml
PLAY [user apache] ***************************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************
ok: [serverd]
ok: [serverc]
TASK [apache : install httpd firewalld] ******************************************************************************************************************
ok: [serverd]
ok: [serverc]
TASK [apache : cp template] ******************************************************************************************************************************
changed: [serverd]
changed: [serverc]
TASK [apache : restart httpd] ****************************************************************************************************************************
changed: [serverd]
changed: [serverc]
TASK [apache : restart firewalld] ************************************************************************************************************************
changed: [serverc]
changed: [serverd]
TASK [apache : firewalld for http] ***********************************************************************************************************************
changed: [serverc]
changed: [serverd]
PLAY RECAP ***********************************************************************************************************************************************
serverc : ok=6 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverd : ok=6 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
测试
[student@workstation ansible]$ curl serverc
Welcome to serverc on 172.25.250.12
[student@workstation ansible]$ curl serverd
Welcome to serverd on 172.25.250.13
第七题
从 Ansible Galaxy 使用角色
创建一个名为 /home/student/ansible/roles.yml 的 playbook:
•Playbook 中包含一个 play,该 play 在 balancers 主机组中的主机上运行并将使用 balancer 角色。
•此角色配置一项服务,以在 webservers 主机组中的主机之间平衡 Web 服务器请求的负载。
•浏览到 balancers 主机组中的主机(例如http://bastion.lab.example.com/ )将生成以下输出:
• Welcome to serverc.example.com on 172.25.250.12
•重新加载浏览器将从另一 Web 服务器生成输出:
• Welcome to serverd.example.com on 172.25.250.13
•playbook 中包含一个 play,该 play 在 webservers 主机组中的主机上运行并将使用 phpinfo 角色。
•通过 URL /hello.php 浏览到 webservers 主机组中的主机将生成以下输出:
•Hello PHP World from FQDN
•其中,FQDN 是主机的完全限定名称。
•例如,浏览到 http://serverc.lab.example.com/hello.php 会生成以下输出:
•Hello PHP World from serverc.example.com
•另外还有 PHP 配置的各种详细信息,如安装的PHP 版本等。
•同样,浏览到 http://serverd.lab.example.com/hello.php 会生成以下输出:
•Hello PHP World from serverd.example.com
另外还有 PHP 配置的各种详细信息,如安装的PHP 版本等。v
编写playbook
[student@workstation ansible]$ vim roles.yml
[student@workstation ansible]$ cat roles.yml
---
- name: get webservers fact
hosts: webservers
- name: user balacer role
hosts: balancers
roles:
- balancer
- name: user phpinfo role
hosts: webservers
roles:
- phpinfo
执行
[student@workstation ansible]$ ansible-playbook roles.yml
PLAY [get webservers fact] *******************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************
ok: [serverd]
ok: [serverc]
PLAY [user balacer role] *********************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************
ok: [bastion]
TASK [balancer : Install haproxy] ************************************************************************************************************************
[DEPRECATION WARNING]: Invoking "yum" only once while using a loop via squash_actions is deprecated. Instead of using a loop to supply multiple items and
specifying `name: "{{ item }}"`, please use `name: ['haproxy']` and remove the loop. This feature will be removed in version 2.11. Deprecation warnings
can be disabled by setting deprecation_warnings=False in ansible.cfg.
changed: [bastion] => (item=['haproxy'])
TASK [balancer : Configure the haproxy cnf file] *********************************************************************************************************
changed: [bastion]
TASK [balancer : Start the haproxy service] **************************************************************************************************************
changed: [bastion]
TASK [balancer : Install firewalld] **********************************************************************************************************************
ok: [bastion]
TASK [balancer : Start and enable firewalld] *************************************************************************************************************
ok: [bastion]
TASK [balancer : Enable http in firewall] ****************************************************************************************************************
changed: [bastion]
TASK [balancer : Install Apache] *************************************************************************************************************************
skipping: [bastion]
TASK [balancer : Install firewalld] **********************************************************************************************************************
skipping: [bastion]
TASK [balancer : Copy the index_ver.html.j2] *************************************************************************************************************
skipping: [bastion]
TASK [balancer : Start and enable firewalld] *************************************************************************************************************
skipping: [bastion]
TASK [balancer : Enable http in firewall] ****************************************************************************************************************
skipping: [bastion]
TASK [balancer : Start and enable httpd] *****************************************************************************************************************
skipping: [bastion]
RUNNING HANDLER [balancer : restart haproxy] *************************************************************************************************************
changed: [bastion]
PLAY [user phpinfo role] *********************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************
ok: [serverc]
ok: [serverd]
TASK [phpinfo : Install Apache] **************************************************************************************************************************
ok: [serverc]
ok: [serverd]
TASK [phpinfo : Install firewalld] ***********************************************************************************************************************
ok: [serverc]
ok: [serverd]
TASK [phpinfo : Start and enable firewalld] **************************************************************************************************************
ok: [serverc]
ok: [serverd]
TASK [phpinfo : Enable http in firewall] *****************************************************************************************************************
ok: [serverd]
ok: [serverc]
TASK [phpinfo : Copy the hello_ver.html.j2] **************************************************************************************************************
changed: [serverc]
changed: [serverd]
TASK [phpinfo : Start and enable httpd] ******************************************************************************************************************
ok: [serverc]
ok: [serverd]
RUNNING HANDLER [phpinfo : restart httpd] ****************************************************************************************************************
changed: [serverc]
changed: [serverd]
PLAY RECAP ***********************************************************************************************************************************************
bastion : ok=8 changed=5 unreachable=0 failed=0 skipped=6 rescued=0 ignored=0
serverc : ok=9 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverd : ok=9 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
测试
[student@workstation ansible]$ curl bastion
Welcome to serverc on 172.25.250.12
[student@workstation ansible]$ curl bastion
Welcome to serverd on 172.25.250.13
[student@workstation ansible]$ curl serverc/hello.php
Hello PHP World form serverc.lab.example.com
[student@workstation ansible]$ curl serverd/hello.php
Hello PHP World form serverd.lab.example.com
第八题-一
创建和使用逻辑卷
创建一个名为/home/student/ansible/lv.yml 的playbook,它将在所有受管节点上运行以执行下列任务:
创建符合以下要求的逻辑卷:
逻辑卷创建在research卷组中
逻辑卷名称为data
逻辑卷大小为1500MiB
使用ext4文件系统格式化逻辑卷
如果无法创建请求的逻辑卷大小,应显示错误消息
Could not create logical volume of that size,并且应改为使用大小 800MiB。
如果卷组research 不存在 ,应显示错误消息
Volume group does not exist。
不要以任何方式挂载逻辑卷
环境准备
[student@workstation ansible]$ cat lvm_pre.yml
---
- name: create volume group
hosts: dev, test
tasks:
- name: Create partition for LVM
parted:
device: /dev/vdb
number: 1
flags: [ lvm ]
state: present
part_start: 1MiB
part_end: 2GiB
- name: create research vg
lvg:
vg: research
pvs: /dev/vdb1
- name: create volume group
hosts: prod
tasks:
- name: Create partition for LVM
parted:
device: /dev/vdb
number: 1
flags: [ lvm ]
state: present
part_start: 1MiB
part_end: 1GiB
- name: create research vg
lvg:
vg: research
pvs: /dev/vdb1
[student@workstation ansible]$ ansible-playbook lvm_pre.yml
PLAY [create volume group] *******************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************
ok: [serverb]
ok: [servera]
TASK [Create partition for LVM] **************************************************************************************************************************
changed: [serverb]
changed: [servera]
TASK [create research vg] ********************************************************************************************************************************
[WARNING]: The value 4 (type int) in a string field was converted to '4' (type string). If this does not look like what you expect, quote the entire
value to ensure it does not change.
changed: [serverb]
changed: [servera]
PLAY [create volume group] *******************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************
ok: [serverc]
ok: [serverd]
TASK [Create partition for LVM] **************************************************************************************************************************
changed: [serverc]
changed: [serverd]
TASK [create research vg] ********************************************************************************************************************************
changed: [serverc]
changed: [serverd]
PLAY RECAP ***********************************************************************************************************************************************
servera : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverb : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverc : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverd : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
playbook
[student@workstation ansible]$ vim lv.yml
[student@workstation ansible]$ cat lv.yml
---
- name: create lv for all
hosts: all
tasks:
- name: create lv1
block:
- name: create lv 1500
lvol:
vg: research
lv: data
size: 1500M
rescue:
- name: output faill message
debug:
msg: Could not create logical volume of that size
- name: create lv 800
lvol:
vg: research
lv: data
size: 800M
always:
- name: format for lv
filesystem:
dev: /dev/research/data
fstype: ext4
when: "'research' in ansible_lvm.vgs"
- name: vg not exist
debug:
msg: Volume group does not exist
when: "'research' not in ansible_lvm.vgs"
执行
[student@workstation ansible]$ ansible-playbook lv.yml
PLAY [create lv for all] *********************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************
ok: [serverd]
ok: [serverb]
ok: [bastion]
ok: [servera]
ok: [serverc]
TASK [create lv 1500] ************************************************************************************************************************************
skipping: [bastion]
ok: [serverb]
ok: [servera]
fatal: [serverc]: FAILED! => {"changed": false, "err": " Insufficient free space: 175 extents needed, but only 55 available\n", "msg": "Unable to resize date to 1500m", "rc": 5}
fatal: [serverd]: FAILED! => {"changed": false, "err": " Insufficient free space: 175 extents needed, but only 55 available\n", "msg": "Unable to resize date to 1500m", "rc": 5}
TASK [output faill message] ******************************************************************************************************************************
ok: [serverc] => {
"msg": "Could not create logical volume of that size"
}
ok: [serverd] => {
"msg": "Could not create logical volume of that size"
}
TASK [create lv 800] *************************************************************************************************************************************
ok: [serverc]
ok: [serverd]
TASK [format for lv] *************************************************************************************************************************************
skipping: [bastion]
changed: [serverd]
changed: [serverb]
changed: [serverc]
changed: [servera]
TASK [vg not exist] **************************************************************************************************************************************
skipping: [servera]
skipping: [serverb]
ok: [bastion] => {
"msg": "Volume group does not exist"
}
skipping: [serverc]
skipping: [serverd]
PLAY RECAP ***********************************************************************************************************************************************
bastion : ok=2 changed=0 unreachable=0 failed=0 skipped=2 rescued=0 ignored=0
servera : ok=3 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
serverb : ok=3 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
serverc : ok=4 changed=1 unreachable=0 failed=0 skipped=1 rescued=1 ignored=0
serverd : ok=4 changed=1 unreachable=0 failed=0 skipped=1 rescued=1 ignored=0
第八题-二
创建和使用分区
创建名为partition.yml的playbook,对所有节点进行操作:
在vdb上创建一个主分区1500MiB
使用ext4文件系统进行格式化
将文件系统挂载到/newpart
如果分区大小不满足,产生报错信息 could not create partition os that size
则创建分区大小变成800MiB
如果磁盘不存在,产生报错信息:disk does not exist
编写playbook
[student@workstation ansible]$ vim partition.yml
[student@workstation ansible]$ cat partition.yml
---
- name: create partition
hosts: all
tasks:
- name: create part1
block:
- name: create part 1500
parted:
device: /dev/vdb
number: 1
part_type: primary
part_start: 10MiB
part_end: 1510MiB
state: present
rescue:
- name: output fail message
debug:
msg: could not create partition os that size
- name: create part 800
parted:
device: /dev/vdb
number: 1
part_type: primary
part_start: 10MiB
part_end: 800MiB
state: present
always:
- name: format part
filesystem:
dev: /dev/vdb1
fstype: ext4
- name: create mount point
file:
path: /newpart
state: directory
- name: mount
mount:
src: /dev/vdb1
path: /newpart
fstype: ext4
state: mounted
when: "ansible_devices.vdb is defined"
- name: vdb not exist
debug:
msg: disk does not exist
when: "ansible_devices.vdb is not defined"
执行
[student@workstation ansible]$ ansible-playbook partition.yml
说明:由于该练习环境中的所有受管主机都没有vdd硬盘,于是我把解题步骤写出来了。但是并没有执行
第九题
生成主机文件
将一个初始模板文件从http://content.example.com/hosts.j2下载到/home/student/ansible
完成该模板,以便用它生成以下文件:针对每个清单主机包含一行内容,其格式与 /etc/hosts 相同
创建名为 /home/student/ansible/hosts.yml 的playbook,它将使用此模板在 dev 主机组中的主机上生成文件 /etc/myhosts。
该 playbook 运行后,dev 主机组中主机上的文件/etc/myhosts 应针对每个受管主机包含一行内容:
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.24.1.6 servera.lab1.example.com servera
172.24.1.7 serverb.lab1.example.com serverb
172.24.1.8 serverc.lab1.example.com serverc
172.24.1.9 serverd.lab1.example.com serverd
172.24.1.10 bastion.lab1.example.com bastion
环境准备
[student@workstation ansible]$ wget http://content.example.com/hosts.j2
--2022-11-05 21:01:00-- http://content.example.com/hosts.j2
Resolving content.example.com (content.example.com)... 172.25.254.250
Connecting to content.example.com (content.example.com)|172.25.254.250|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 159
Saving to: ‘hosts.j2’
hosts.j2 100%[==========================================================================>] 159 --.-KB/s in 0s
2022-11-05 21:01:00 (16.4 MB/s) - ‘hosts.j2’ saved [159/159]
[student@workstation ansible]$ ls
adhoc.sh ansible.cfg hosts.j2 inventory lvm_pre.yml lv.yml newrole.yml packages.yml partition.yml roles roles.yml selinux.yml timesync.yml
对hosts.j2编写
[student@workstation ansible]$ vim hosts.j2
[student@workstation ansible]$ cat hosts.j2
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
{% for host in groups.all %}
{{ hostvars[host].ansible_enp1s0.ipv4.address }} {{ hostvars[host].ansible_fqdn }} {{ hostvars[host].ansible_hostname }}
{% endfor %}
编写playbook
[student@workstation ansible]$ vim hosts.yml
[student@workstation ansible]$ cat hosts.yml
---
- name: get all facts
hosts: all
- name: cp to myhosts
hosts: dev
tasks:
- name: cp file
template:
src: /home/student/ansible/hosts.j2
dest: /etc/myhosts
执行
[student@workstation ansible]$ ansible-playbook hosts.yml
PLAY [get all facts] *************************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************
ok: [bastion]
ok: [serverd]
ok: [servera]
ok: [serverb]
ok: [serverc]
PLAY [cp to myhosts] *************************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************
ok: [servera]
TASK [cp file] *******************************************************************************************************************************************
changed: [servera]
PLAY RECAP ***********************************************************************************************************************************************
bastion : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
servera : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverb : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverc : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverd
验证
[root@servera ~]# cat /etc/myhosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.25.250.10 servera.lab.example.com servera
172.25.250.11 serverb.lab.example.com serverb
172.25.250.254 bastion.lab.example.com bastion
172.25.250.12 serverc.lab.example.com serverc
172.25.250.13 serverd.lab.example.com serverd
第十题
修改文件内容
按照下方所述,创建一个名为 /home/student/ansible/issue.yml 的 playbook:
该 playbook 将在所有清单主机上运行
该 playbook 会将 /etc/issue 的内容替换为下方所示的一行文本:
在 dev 主机组中的主机上,这行文本显示为:Development
在 test 主机组中的主机上,这行文本显示为:Test
在 prod 主机组中的主机上,这行文本显示为:Production
编写playbook
[student@workstation ansible]$ vim issue.yml
[student@workstation ansible]$ cat issue.yml
---
- name: modify issue
hosts: all
tasks:
- name: input to issue
copy:
content: |
{% if 'dev' in group_names %}
Development
{% elif 'test' in group_names %}
Test
{% elif 'prod' in group_names %}
Production
{% endif %}
dest: /etc/issue
执行
[student@workstation ansible]$ ansible-playbook issue.yml
PLAY [modify issue] **************************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************
ok: [serverd]
ok: [servera]
ok: [serverc]
ok: [serverb]
ok: [bastion]
TASK [input to issue] ************************************************************************************************************************************
changed: [serverc]
changed: [serverd]
changed: [serverb]
changed: [servera]
changed: [bastion]
PLAY RECAP ***********************************************************************************************************************************************
bastion : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
servera : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverb : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverc : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverd
验证
[root@servera ~]# cat /etc/issue
Development
[root@serverb ~]# cat /etc/issue
Test
[root@serverc ~]# cat /etc/issue
Production
[root@serverd ~]# cat /etc/issue
Production
第十一题
创建Web内容目录
按照下方所述,创建一个名为 /home/student/ansible/webcontent.yml 的 playbook:
该 playbook 在 dev 主机组中的受管节点上运行
创建符合下列要求的目录 /webdev:
所有者为 devops 组
具有常规权限:owner=read+write+execute,group=read+write+execute,other=read+execute
具有特殊权限: set group ID
用符号链接将 /var/www/html/webdev 链接到 /webdev
创建文件 /webdev/index.html,其中包含如下所示的单行文本:Development
在 dev 主机组中主机上浏览此目录(例如 http://servera.lab.example.com/webdev/ )将生成以下输出:
Development
编写playbook
[student@workstation ansible]$ vim webcontent.yml
[student@workstation ansible]$ cat webcontent.yml
---
- name: web station
hosts: dev
tasks:
- name: install httpd firewalld
yum:
name:
- httpd
- firewalld
state: present
- name: create group
group:
name: devops
state: present
- name: create /webdev
file:
path: /webdev
state: directory
group: devops
mode: 2775
- name: cp
copy:
content: Development
dest: /webdev/index.html
- name: set selinux context
sefcontext:
target: /webdev(/.*)?
setype: httpd_sys_content_t
- name: shell
shell:
cmd: restorecon -Rv /webdev
- name: create link to /var/www/html/webdev
file:
src: /webdev
dest: /var/www/html/webdev
state: link
- name: restart httpd
service:
name: httpd
state: restarted
enabled: yes
- name: restart firewalld
service:
name: firewalld
state: restarted
enabled: yes
- name: firewall for http
firewalld:
service: http
state: enabled
permanent: yes
immediate: yes
执行
[student@workstation ansible]$ ansible-playbook webcontent.yml
PLAY [web station] ***************************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************
ok: [servera]
TASK [install httpd firewalld] ***************************************************************************************************************************
ok: [servera]
TASK [create group] **************************************************************************************************************************************
ok: [servera]
TASK [create /webdev] ************************************************************************************************************************************
changed: [servera]
TASK [cp] ************************************************************************************************************************************************
changed: [servera]
TASK [set selinux context] *******************************************************************************************************************************
changed: [servera]
TASK [shell] *********************************************************************************************************************************************
changed: [servera]
TASK [create link to /var/www/html/webdev] ***************************************************************************************************************
changed: [servera]
TASK [restart httpd] *************************************************************************************************************************************
changed: [servera]
TASK [restart firewalld] *********************************************************************************************************************************
changed: [servera]
TASK [firewall for http] *********************************************************************************************************************************
changed: [servera]
PLAY RECAP ***********************************************************************************************************************************************
servera : ok=11 changed=8 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
验证
[student@workstation ansible]$ curl http://servera.lab.example.com/webdev/
Development
第十二题
创建一个名为 /home/student/ansible/hwreport.yml的 playbook,它将在所有受管节点上生成含有以下信息的输出文件 /root/hwreport.txt:
输出文件中的每一行含有一个 key=value 对。
您的 playbook 应当:
从 http://content.example.com/hwreport.empty 下载文件,并将它保存为/root/hwreport.txt
使用正确的值修改 /root/hwreport.txt
如果硬件项不存在,相关的值应设为NONE
编写playbook
[student@workstation ansible]$ vim hwreport.yml
[student@workstation ansible]$ cat hwreport.yml
---
- name: get hwreport
hosts: all
tasks:
- name: Create report file
get_url:
url: http://content.example.com/hwreport.empty
dest: /root/hwreport.txt
- name: get inventory_hostname
replace:
path: /root/hwreport.txt
regexp: 'inventoryhostname'
replace: "{{ inventory_hostname }}"
- name: get mem
replace:
path: /root/hwreport.txt
regexp: 'memory_in_MB'
replace: "{{ ansible_memtotal_mb }}"
- name: get bios
replace:
path: /root/hwreport.txt
regexp: 'BIOS_version'
replace: "{{ ansible_bios_version }}"
- name: get vda
replace:
path: /root/hwreport.txt
regexp: 'disk_vda_size'
replace: "{{ ansible_devices.vda.size if ansible_devices.vda is defined else 'NONE'}}"
- name: get vdb
replace:
path: /root/hwreport.txt
regexp: 'disk_vdb_size'
replace: "{{ ansible_devices.vdb.size if ansible_devices.vdb is defined else 'NONE'}}"
执行
[student@workstation ansible]$ ansible-playbook hwreport.yml
PLAY [get hwreport] **************************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************
ok: [serverb]
ok: [serverc]
ok: [serverd]
ok: [bastion]
ok: [servera]
TASK [Create report file] ********************************************************************************************************************************
changed: [serverb]
changed: [servera]
changed: [serverd]
changed: [serverc]
changed: [bastion]
TASK [get inventory_hostname] ****************************************************************************************************************************
changed: [servera]
changed: [bastion]
changed: [serverc]
changed: [serverd]
changed: [serverb]
TASK [get mem] *******************************************************************************************************************************************
[WARNING]: The value 821 (type int) in a string field was converted to '821' (type string). If this does not look like what you expect, quote the entire
value to ensure it does not change.
changed: [serverb]
changed: [serverd]
changed: [servera]
changed: [serverc]
changed: [bastion]
TASK [get bios] ******************************************************************************************************************************************
changed: [serverc]
changed: [serverb]
changed: [servera]
changed: [serverd]
changed: [bastion]
TASK [get vda] *******************************************************************************************************************************************
changed: [serverb]
changed: [bastion]
changed: [servera]
changed: [serverc]
changed: [serverd]
TASK [get vdb] *******************************************************************************************************************************************
changed: [bastion]
changed: [servera]
changed: [serverb]
changed: [serverd]
changed: [serverc]
PLAY RECAP ***********************************************************************************************************************************************
bastion : ok=7 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
servera : ok=7 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverb : ok=7 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverc : ok=7 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverd : ok=7 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
验证
[student@workstation ansible]$ ansible all -m shell -a 'cat /root/hwreport.txt'
bastion | CHANGED | rc=0 >>
hostname: bastion
mem: 821
bios: 1.11.1-4.module+el8.1.0+4066+0f1aadab
vda: 10.00 GB
vdb: NONE
serverb | CHANGED | rc=0 >>
hostname: serverb
mem: 821
bios: 1.11.1-4.module+el8.1.0+4066+0f1aadab
vda: 10.00 GB
vdb: 5.00 GB
serverd | CHANGED | rc=0 >>
hostname: serverd
mem: 821
bios: 1.11.1-4.module+el8.1.0+4066+0f1aadab
vda: 10.00 GB
vdb: 5.00 GB
serverc | CHANGED | rc=0 >>
hostname: serverc
mem: 821
bios: 1.11.1-4.module+el8.1.0+4066+0f1aadab
vda: 10.00 GB
vdb: 5.00 GB
servera | CHANGED | rc=0 >>
hostname: servera
mem: 821
bios: 1.11.1-4.module+el8.1.0+4066+0f1aadab
vda: 10.00 GB
vdb: 5.00 GB
第十三题
创建密码库
按照下方所述,创建一个 Ansible 库来存储用户密码:
•库名称为 /home/student/ansible/locker.yml
•库中含有两个变量,名称如下:
•pw_developer,值为 Imadev
•pw_manager,值为 Imamgr
•用于加密和解密该库的密码为 kkk123456
•密码存储在文件 /home/student/ansible/secret.txt 中
辨析的playbook
[student@workstation ansible]$ vim locker.yml
[student@workstation ansible]$ cat locker.yml
---
pw_developer: lmadev
pw_manager: lmamgr
执行
[student@workstation ansible]$ echo whenyouwishuponastar > secret.txt
[student@workstation ansible]$ chmod 600 secret.txt
[student@workstation ansible]$ ansible-vault encrypt locker.yml --vault-id=/home/student/ansible/secret.txt
Encryption successful
第十四题
创建用户账户
•从 http://content.example.com/ansible2.8/user_list.yml 下载要创建的用户的列表,并将它保存到 /home/student/ansible
•在本次考试中使用在其他位置创建的密码库 /home/student/ansible/locker.yml,创建名为/home/student/ansible/users.yml 的 playbook,从而按以下所述创建用户帐户:
•职位描述为 developer 的用户应当:
•在 dev 和 test 主机组中的受管节点上创建
•从 pw_developer 变量分配密码,密码有效期30天
•是附加组 student 的成员
•职位描述为 manager 的用户应当:
•在 prod 主机组中的受管节点上创建
•从 pw_manager 变量分配密码,密码有效期30天
•是附加组 devops 的成员
•密码应采用 SHA512 哈希格式。
•您的 playbook 应能够在本次考试中使用在其他位置创建的库密码文件/home/student/ansible/secret.txt 正常运行
环境准备
[student@workstation ansible]$ wget http://content.example.com/user_list.yml
--2022-11-05 22:39:37-- http://content.example.com/user_list.yml
Resolving content.example.com (content.example.com)... 172.25.254.250
Connecting to content.example.com (content.example.com)|172.25.254.250|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 113
Saving to: ‘user_list.yml’
user_list.yml 100%[==========================================================================>] 113 --.-KB/s in 0s
2022-11-05 22:39:37 (12.1 MB/s) - ‘user_list.yml’ saved [113/113]
playbook
[student@workstation ansible]$ vim users.yml
[student@workstation ansible]$ cat users.yml
---
- name: create developer user
hosts: dev, test
vars_files:
- /home/student/ansible/locker.yml
- /home/student/ansible/user_list.yml
tasks:
- name: create group student
group:
name: student
state: present
- name: create user in developer
user:
name: "{{ item.name }}"
groups: student
password: "{{ pw_developer | password_hash('sha512') }}"
state: present
loop: "{{ users }}"
when: item.job == "developer"
- name: chage
shell:
cmd: chage -M 30 {{ item.name }}
loop: "{{ users }}"
when: item.job == "developer"
- name: create manager user
hosts: prod
vars_files:
- /home/student/ansible/locker.yml
- /home/student/ansible/user_list.yml
tasks:
- name: create group opsmgr
group:
name: opsmgr
state: present
- name: create user in manager
user:
name: "{{ item.name }}"
groups: opsmgr
password: "{{ pw_manager | password_hash('sha512') }}"
state: present
loop: "{{ users }}"
when: item.job == "manager"
- name: chage1
shell:
cmd: chage -M 30 {{ item.name }}
loop: "{{ users }}"
when: item.job == "manager"
执行
[student@workstation ansible]$ ansible-playbook users.yml --vault-id secret.txt
PLAY [create developer user] *****************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************
ok: [serverb]
ok: [servera]
TASK [create group student] ******************************************************************************************************************************
ok: [servera]
ok: [serverb]
TASK [create user in developer] **************************************************************************************************************************
changed: [serverb] => (item={'name': 'bob', 'job': 'developer'})
skipping: [serverb] => (item={'name': 'sally', 'job': 'manager'})
changed: [servera] => (item={'name': 'bob', 'job': 'developer'})
skipping: [servera] => (item={'name': 'sally', 'job': 'manager'})
changed: [servera] => (item={'name': 'fred', 'job': 'developer'})
changed: [serverb] => (item={'name': 'fred', 'job': 'developer'})
TASK [chage] *********************************************************************************************************************************************
changed: [servera] => (item={'name': 'bob', 'job': 'developer'})
changed: [serverb] => (item={'name': 'bob', 'job': 'developer'})
skipping: [servera] => (item={'name': 'sally', 'job': 'manager'})
skipping: [serverb] => (item={'name': 'sally', 'job': 'manager'})
changed: [serverb] => (item={'name': 'fred', 'job': 'developer'})
changed: [servera] => (item={'name': 'fred', 'job': 'developer'})
PLAY [create manager user] *******************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************
ok: [serverc]
ok: [serverd]
TASK [create group opsmgr] *******************************************************************************************************************************
changed: [serverc]
changed: [serverd]
TASK [create user in manager] ****************************************************************************************************************************
skipping: [serverc] => (item={'name': 'bob', 'job': 'developer'})
skipping: [serverd] => (item={'name': 'bob', 'job': 'developer'})
changed: [serverc] => (item={'name': 'sally', 'job': 'manager'})
skipping: [serverc] => (item={'name': 'fred', 'job': 'developer'})
changed: [serverd] => (item={'name': 'sally', 'job': 'manager'})
skipping: [serverd] => (item={'name': 'fred', 'job': 'developer'})
TASK [chage1] ********************************************************************************************************************************************
skipping: [serverc] => (item={'name': 'bob', 'job': 'developer'})
skipping: [serverd] => (item={'name': 'bob', 'job': 'developer'})
changed: [serverc] => (item={'name': 'sally', 'job': 'manager'})
skipping: [serverc] => (item={'name': 'fred', 'job': 'developer'})
changed: [serverd] => (item={'name': 'sally', 'job': 'manager'})
skipping: [serverd] => (item={'name': 'fred', 'job': 'developer'})
PLAY RECAP ***********************************************************************************************************************************************
servera : ok=4 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverb : ok=4 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverc : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverd : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
第十五题
更新Ansible库的密钥
•按照下方所述,更新现有 Ansible 库的密钥:
•从 http://content.example.com/ansible2.8/salaries.yml 下载 Ansible 库到 /home/student/ansible
•当前的库密码为 AAAAAAAAA
•新的库密码为 BBBBBBBBB
库使用新密码保持加密状态
环境准备
[student@workstation ansible]$ wget http://content.example.com/salaries.yml
--2022-11-05 22:48:08-- http://content.example.com/salaries.yml
Resolving content.example.com (content.example.com)... 172.25.254.250
Connecting to content.example.com (content.example.com)|172.25.254.250|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 484
Saving to: ‘salaries.yml’
salaries.yml 100%[==========================================================================>] 484 --.-KB/s in 0s
2022-11-05 22:48:08 (60.8 MB/s) - ‘salaries.yml’ saved [484/484]
[student@workstation ansible]$ ls
adhoc.sh hosts.j2 inventory lvm_pre.yml packages.yml roles.yml selinux.yml users.yml
ansible.cfg hosts.yml issue.yml lv.yml partition.yml salaries.yml timesync.yml webcontent.yml
a.yml hwreport.yml locker.yml newrole.yml roles secret.txt user_list.yml
执行命令
[student@workstation ansible]$ ansible-vault rekey salaries.yml
Vault password: AAAAAAAAA
New Vault password: BBBBBBBBB
Confirm New Vault password: BBBBBBBBB
Rekey successful
加密
[student@workstation ansible]$ ansible-vault view salaries.yml
Vault password:
askjbadfkh,asdf,jsdfnAKFJ,ASDF,
第十六题
创建⼀个名为 /home/greg/ansible/cron.yml 的 playbook ,
配置 cron 作业,该作业每隔 2 分钟运⾏并执⾏以下命令:
logger “EX294 in progress”,以⽤户 natasha 身份运⾏
编写playbook
[student@workstation ansible]$ vim cron.yml
[student@workstation ansible]$ cat cron.yml
---
- name: create cron
hosts: all
tasks:
- name: create user
user:
name: natasha
state: present
- name: create cron for all
cron:
name: cy
minute: '*/2'
job: logger "EX294 in progress"
user: natasha
执行playbook
[student@workstation ansible]$ ansible-playbook cron.yml
PLAY [create cron] ***************************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************
ok: [bastion]
ok: [servera]
ok: [serverb]
ok: [serverc]
ok: [serverd]
TASK [create user] **************************************************************************************************************************************
changed: [serverc]
changed: [serverb]
changed: [serverd]
changed: [servera]
changed: [bastion]
TASK [create cron for all] *******************************************************************************************************************************
changed: [serverb]
changed: [servera]
changed: [bastion]
changed: [serverd]
changed: [serverc]
PLAY RECAP ***********************************************************************************************************************************************
bastion : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
servera : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverb : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverc : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverd : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
1322
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
