zoukankan      html  css  js  c++  java

  • 使用Ansible Vault加密内容

    Ansible 加密敏感数据

    [root@ansible-server ~]# ansible-vault create secret.yml
newusers:
    - name: ansibleuser1
      pw: redhat
    - name: ansibleuser2
      pw: $Re4H1t@

[root@ansible-server ansible]# cat create_users.yml 
- name: create user accounts for all our servers
  hosts: client
  vars_files:
    - secret.yml
  tasks:
    - name: create users
      user:
        name: "{{ item.name }}"
        password: "{{ item.pw | password_hash('sha512') }}"
      with_items: "{{ newusers }}"
[root@ansible-server ansible]# ansible-playbook --syntax-check --ask-vault-pass create_users.yml 
Vault password: 

playbook: create_users.yml
[root@ansible-server ansible]# echo redhat > vault.pass
[root@ansible-server ansible]# chmod 0600 vault.pass 
[root@ansible-server ansible]# ansible-playbook --syntax-check --vault-password-file=vault.pass create_users.yml               

playbook: create_users.yml
[root@ansible-server ansible]# ansible-playbook --vault-password-file=vault.pass create_users.yml  

PLAY [create user accounts for all our servers] *********************************************************************************

TASK [Gathering Facts] **********************************************************************************************************
ok: [172.16.216.182]
ok: [172.16.216.181]

TASK [create users] *************************************************************************************************************
changed: [172.16.216.182] => (item={u'name': u'ansibleuser1', u'pw': u'redhat'})
changed: [172.16.216.181] => (item={u'name': u'ansibleuser1', u'pw': u'redhat'})
changed: [172.16.216.182] => (item={u'name': u'ansibleuser2', u'pw': u'$Re4H1t@'})
changed: [172.16.216.181] => (item={u'name': u'ansibleuser2', u'pw': u'$Re4H1t@'})

PLAY RECAP **********************************************************************************************************************
172.16.216.181             : ok=2    changed=1    unreachable=0    failed=0   
172.16.216.182             : ok=2    changed=1    unreachable=0    failed=0   

[root@ansible-server ansible]# ssh ansibleuser1@172.16.216.181
ansibleuser1@172.16.216.181's password: 
the hostname is ansible-client1.liuxplus.com
today's date is 2018-10-11
[ansibleuser1@ansible-client1 ~]$ exit
登出
Connection to 172.16.216.181 closed.
[root@ansible-server ansible]# ssh ansibleuser1@172.16.216.182
ansibleuser1@172.16.216.182's password: 
the hostname is ansible-client2.linuxplust.com
today's date is 2018-10-11
[ansibleuser1@ansible-client2 ~]$ exit
登出
Connection to 172.16.216.182 closed.
[root@ansible-server ansible]# ssh ansibleuser2@172.16.216.181
ansibleuser2@172.16.216.181's password: 
the hostname is ansible-client1.liuxplus.com
today's date is 2018-10-11
[ansibleuser2@ansible-client1 ~]$ exit
登出
Connection to 172.16.216.181 closed.
[root@ansible-server ansible]# ssh ansibleuser2@172.16.216.182
ansibleuser2@172.16.216.182's password: 
the hostname is ansible-client2.linuxplust.com
today's date is 2018-10-11
[ansibleuser2@ansible-client2 ~]$ exit
登出
Connection to 172.16.216.182 closed.

      
  • 相关阅读:
    03-树3 Tree Traversals Again
    Utuntu下Xshell使用+vi使用
    CSDN总结的面试中的十大算法
    EDM(邮件营销)
    腾讯CDC谈扁平化设计
    Graph Search图谱搜索
    LBS 与 GPS 定位之间的区别
    中间件的理解
    夏梦竹谈Hive vs. HBase的区别
    维基百科上—数据仓库、数据挖掘、OLAP三者之间的区别
  • 原文地址:https://www.cnblogs.com/zydev/p/13921024.html
Copyright © 2011-2022 走看看