zoukankan      html  css  js  c++  java
  • Ansible User 模块添加单用户并ssh-key复制

    Ansible User 模块添加单用户并ssh-key复制

    1 Ansible 版本:

    ansible 2.9.6
      config file = /etc/ansible/ansible.cfg
      configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
      ansible python module location = /usr/lib/python2.7/site-packages/ansible
      executable location = /usr/bin/ansible
      python version = 2.7.5 (default, Aug  7 2019, 00:51:29) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]
    

    2 Ansible 主机列表:

    [web]
    h1 ansible_ssh_host=10.10.XX.XX ansible_ssh_port=52113 ansible_ssh_user=root ansible_python_interpreter=/usr/bin/python
    t1 ansible_ssh_host=10.10.XX.XX ansible_ssh_port=22 ansible_ssh_user=root ansible_python_interpreter=/usr/bin/python
    
    #[run-group:children]
    #run-1
    #run-2
    

    3 Ansible-player roles:

    cat /etc/ansible/ansible_work/user-auth.yaml 
    ###############
    
    - hosts: all
      remote_user: root
      gather_facts: False
      vars:
        username: fmw
        usergid: '501'
        useruid: '501'
      tasks:
        - name: System Add group {{ username }}
          group:
            gid: '{{ usergid }}'
            name: '{{ username }}'
            state: present
            system: yes
    
        - name: System Add user {{ username }}
          user:
            name: '{{ username }}'
            password: "$6$vfci7x2o$mteutRBiEVwj7vM.CcZeIxR232cXVZte84u5Hv7fnnrypjzpjxZQE4IrhmJLl7EH9/LZ77X2M7BZjRTBnplPKfDsD1"
            shell: /bin/bash
            group: '{{ usergid }}'
            uid: '{{ useruid }}'
            create_home: True
            state: present
    
        #- name: Create  {{ username }} directory 
        #  file: path='/home/{{ username }}/.ssh' state=directory owner={{ username }} group={{ username }} mode=0700 
    
        - name: set {{ usrename }} authorized key files
          authorized_key:
            user: '{{ username }}'
            state: present
            manage_dir: true   # authorized_key 模块管理.ssh目录,如果不存在就自动创建,可以去掉上面的目录处理
            key: "{{ lookup('file', '/home/fmw/.ssh/id_rsa.pub') }}"
    

    4 运行剧本:

    
    # 语法测试:
    ansible-playbook user-auth.yaml --syntax-check
    
    # 运行剧本:
    1 ansible-playbook user-auth.yaml --check      # 测试运行剧本,但不真正执行.
    2 ansible-playbook user-auth.yaml -vvv         # 运行并显示详细执行过程.
    3 ansible-playbook user-auth.yaml              # 运行脚本会显示执行结果(默认此模式).
    
    # 例:
    [root@redis-2 ansible]# ansible-playbook user-auth.yaml
    
    PLAY [all] **********************************************************************************************************************************************************************************
    
    TASK [System Add group fmw] *****************************************************************************************************************************************************************
    changed: [t1]
    changed: [h1]
    
    TASK [System Add user fmw] ******************************************************************************************************************************************************************
    changed: [t1]
    changed: [h1]
    
    TASK [set {{ usrename }} authorized key files] **********************************************************************************************************************************************
    changed: [t1]
    changed: [h1]
    
    PLAY RECAP **********************************************************************************************************************************************************************************
    h1                         : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
    t1                         : ok=3    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
    
    
    
  • 相关阅读:
    数据结构之 移位操作
    大话设计模式之外观模式
    JSP的内置对象(application)
    从键盘输入一个整数(1~20) 则以该数字为矩阵的大小,把1,2,3…n*n 的数字按照顺时针螺旋的形式填入其中。
    linux线程应用
    【网络挖掘:成就与未来方向】之网络挖掘应用程序与相关概念
    Thinking in Java之匿名内部类
    [Go] map
    [跟着hsp步步学习系统]oracle培训学习集锦全360度扫描(2)
    HDU3791:二叉搜索树
  • 原文地址:https://www.cnblogs.com/zhenxing06/p/12707041.html
Copyright © 2011-2022 走看看