【ansible变量和机密（2）】

著名抢人头选手

已于 2022-10-31 00:04:34 修改

阅读量247

点赞数

文章标签： ansible

于 2022-10-31 00:03:17 首次发布

本文链接：https://blog.csdn.net/weixin_72901306/article/details/127605306

版权

ansible变量和机密（2）

在ansible节点中新建/home/student/ansible/hwreport.empty的文件，文件内容为
hostname: inventoryhostname
mem: memory_in_MB
bios: BIOS_version
sda: disk_sda_size
创建一个名为 /home/student/ansible/hwreport.yml的 playbook，它将在所有受管节点上生成含有
以下信息的输出文件 /root/hwreport.txt：
输出文件中的每一行含有一个 key=value 对。
您的 playbook 应当：
从 ansible节点中复制hwreport.empty文件到每台受控主机，并将它保存为/root/hwreport.txt，使用
正确的值修改 /root/hwreport.txt
然后将/home/student/ansible/hwreport.yml这个playbook进行加密，加密的密码保存
在/home/student/ansible/pass文件中，密码为abcdefg
执行该playbook，实现需求
创建hwreport.empty

[root@ansible ~]# su - student
[student@ansible ~]$ cd ansible/
[student@server ansible]$ vim hwreport.empty
[student@server ansible]$ cat hwreport.empty 
hostname:inventoryhostname
mem:memory_in_MB
bios:BIOS_version
sda:disk_sda_size

创建 hwreport.yml

[student@server ansible]$  vim hwreport.yml
[student@server ansible]$ 
[student@server ansible]$ cat hwreport.yml
- name: exercise2
  hosts: all 
  tasks: 
    - name: copy hwreport.empty 
      copy: 
        src: /home/student/ansible/hwreport.empty 
        dest: /root/hwreport.txt

    - name: inventoryhostname 
      replace: 
        path: /root/hwreport.txt
        regexp: 'inventoryhostname' 
        replace: "{{ inventory_hostname }}" 

    - name: memory 
      replace: 
        path: /root/hwreport.txt 
        regexp: 'memory_in_MB'
        replace: "{{ ansible_memtotal_mb | string }}"

    - name: BIOS 
      replace: 
        path: /root/hwreport.txt 
        regexp: 'BIOS_version' 
        replace: "{{ ansible_bios_version }}" 

    - name: disk 
      replace: 
        path: /root/hwreport.txt 
        regexp: 'disk_sda_size' 
        replace: "{{ ansible_devices.sda.size }}" 
        ```
加密 playbook

[student@server ansible]$ cat pass
abcdefg

[student@server ansible]$ chmod 600 pass


执行 playbook

[student@server ansible]$ ansible-playbook hwreport.yml --vault-id pass

[student@server ansible]$ ansible-playbook hwreport.yml --vault-id pass
PLAY [get file] *********************************************************
*******
TASK [Gathering Facts] **************************************************
*******
ok: [node1]
ok: [node3]
ok: [node2]
TASK [get inventory_hostname] *******************************************
*******
ok: [node1]
ok: [node3]
ok: [node2]
TASK [get mem] **********************************************************
*******
[WARNING]: The value 3704 (type int) in a string field was converted to
'3704'
(type string). If this does not look like what you expect, quote the enti
re
value to ensure it does not change.
ok: [node1]
[WARNING]: The value 1785 (type int) in a string field was converted to
'1785'
(type string). If this does not look like what you expect, quote the enti
re
value to ensure it does not change.
ok: [node3]
[WARNING]: The value 777 (type int) in a string field was converted to '7
77'
(type string). If this does not look like what you expect, quote the enti
re
value to ensure it does not change.
ok: [node2]
TASK [get bios] *********************************************************
*******
ok: [node1]
ok: [node3]
ok: [node2]
TASK [get sda] **********************************************************
*******
ok: [node1]
ok: [node3]
ok: [node2]
PLAY RECAP **************************************************************
*******
node1 : ok=5 changed=0 unreachable=0
failed=0 skipped=0 rescued=0 ignored=0
node2 : ok=5 changed=0 unreachable=0
failed=0 skipped=0 rescued=0 ignored=0
node3 : ok=5 changed=0 unreachable=0
failed=0 skipped=0 rescued=0 ignored=0