【Linux32-10】ansible本地roles角色应用

1. 安装

1. dnf install rhel-system-roles.noarch -y：安装本地角色

2. ls /usr/share/ansible/roles/：角色目录

3. /usr/share/doc/rhel-system-roles/：剧本目录

2. 同步时区

1. cp /usr/share/doc/rhel-system-roles/timesync/example-timesync-playbook.yml /mnt/ansible/：复制同步时区剧本

2. vim ansible.cfg：修改角色变量路径

roles_path = /usr/share/ansible/roles/

3. vim example-timesync-playbook.yml

---
- hosts: webserver
  vars:
    timesync_ntp_servers:
      - hostname: 172.25.17.250
        iburst: yes
  roles:
    - rhel-system-roles.timesync

4. 执行剧本

在目标主机查看：

1. vim /etc/chrony.conf

2. chronyc sources -v

3. 修改selinux

1. cp /usr/share/doc/rhel-system-roles/selinux/example-selinux-playbook.yml /mnt/ansible/selinux-playbook.yml

3.1 无需重启的selinux修改

• enforcing 与 permissive 之间的转换

vim selinux-playbook.yml

---
- hosts: server2
  vars:
    selinux_policy: targeted
    selinux_state: permissive
  roles:
  - rhel-system-roles.selinux

在目标主机测试：

3.2 需要重启的selinux修改

• 与 disabled 之间的转换

vim selinux-playbook.yml

---
- hosts: test
  vars:
    selinux_policy: targeted
    selinux_state: disabled
  tasks:
    - name: execute the role and catch errors
      block:
        - include_role:
            name: rhel-system-roles.selinux
      rescue:
        # Fail if failed for a different reason than selinux_reboot_required.
        - name