ansible变量和机密(2)
ansible变量和机密(2)
在ansible节点中新建/home/student/ansible/hwreport.empty的文件,文件内容为
hostname: inventoryhostname
mem: memory_in_MB
bios: BIOS_version
sda: disk_sda_size
创建一个名为 /home/student/ansible/hwreport.yml的 playbook,它将在所有受管节点上生成含有
以下信息的输出文件 /root/hwreport.txt:
输出文件中的每一行含有一个 key=value 对。
您的 playbook 应当:
从 ansible节点中复制hwreport.empty文件到每台受控主机,并将它保存为/root/hwreport.txt, 使用
正确的值修改 /root/hwreport.txt
然后将/home/student/ansible/hwreport.yml这个playbook进行加密,加密的密码保存
在/home/student/ansible/pass文件中,密码为abcdefg
执行该playbook,实现需求
创建hwreport.empty
[root@ansible ~]# su - student
[student@ansible ~]$ cd ansible/
[student@server ansible]$ vim hwreport.empty
[student@server ansible]$ cat hwreport.empty
hostname:inventoryhostname
mem:memory_in_MB
bios:BIOS_version
sda:disk_sda_size
创建 hwreport.yml
[student@server ansible]$ vim hwreport.yml
[student@server ansible]$
[student@server ansible]$ cat hwreport.yml
- name: exercise2
hosts: all
tasks:
- name: copy hwreport.empty
copy:
src: /home/student/ansible/hwreport.empty
dest: /root/hwreport.txt
- name: inventoryhostname
replace:
path: /root/hwreport.txt
regexp: 'inventoryhostname'
replace: "{{ inventory_hostname }}"
- name: memory
replace:
path: /root/hwreport.txt
regexp: 'memory_in_MB'
replace: "{{ ansible_memtotal_mb | string }}"
- name: BIOS
replace:
path: /root/hwreport.txt
regexp: 'BIOS_version'
replace: "{{ ansible_bios_version }}"
- name: disk
replace:
path: /root/hwreport.txt
regexp: 'disk_sda_size'
replace: "{{ ansible_devices.sda.size }}"
```
加密 playbook
[student@server ansible]$ cat pass
abcdefg
[student@server ansible]$ chmod 600 pass
执行 playbook
[student@server ansible]$ ansible-playbook hwreport.yml --vault-id pass
[student@server ansible]$ ansible-playbook hwreport.yml --vault-id pass
PLAY [get file] *********************************************************
*******
TASK [Gathering Facts] **************************************************
*******
ok: [node1]
ok: [node3]
ok: [node2]
TASK [get inventory_hostname] *******************************************
*******
ok: [node1]
ok: [node3]
ok: [node2]
TASK [get mem] **********************************************************
*******
[WARNING]: The value 3704 (type int) in a string field was converted to
'3704'
(type string). If this does not look like what you expect, quote the enti
re
value to ensure it does not change.
ok: [node1]
[WARNING]: The value 1785 (type int) in a string field was converted to
'1785'
(type string). If this does not look like what you expect, quote the enti
re
value to ensure it does not change.
ok: [node3]
[WARNING]: The value 777 (type int) in a string field was converted to '7
77'
(type string). If this does not look like what you expect, quote the enti
re
value to ensure it does not change.
ok: [node2]
TASK [get bios] *********************************************************
*******
ok: [node1]
ok: [node3]
ok: [node2]
TASK [get sda] **********************************************************
*******
ok: [node1]
ok: [node3]
ok: [node2]
PLAY RECAP **************************************************************
*******
node1 : ok=5 changed=0 unreachable=0
failed=0 skipped=0 rescued=0 ignored=0
node2 : ok=5 changed=0 unreachable=0
failed=0 skipped=0 rescued=0 ignored=0
node3 : ok=5 changed=0 unreachable=0
failed=0 skipped=0 rescued=0 ignored=0
/5