- π [λ²μ] Ansible(1) μλ‘ , μμνκΈ°, μν€ν μ²
- π [λ²μ] Ansible(2) inventory, Playbooks, Roles
- https://www.wizardx.guru/
- https://docs.ansible.com/
https://releases.ansible.com/ansible/
/etc/ansible/hosts
[all:children]
masters
workers
nexledger_stage
[all:vars]
ansible_connection=ssh
ansible_user=root
[masters:vars]
target_user=nexledger
[masters]
master[01:01]
[workers:vars]
target_user=nexledger
[workers]
worker[02:04]
[nexledger_stage:vars]
target_user=nexledger
[nexledger_stage]
worker[01:01]ssh-copy-id command
$ ssh-copy-id worker01
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '10.146.0.10 (10.146.0.10)' can't be established.
ECDSA key fingerprint is SHA256:SnwLm1IYQcihIbWDGipLKLIAtodZEblWwWP5yolLiu0.
ECDSA key fingerprint is MD5:6a:39:6c:79:db:e3:25:eb:d1:98:0c:ec:bf:d3:58:f1.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '10.146.0.10'"
and check to make sure that only the key(s) you wanted were added.
ssh Key fingerprint λ³κ²½ μ λ°μν μ μλ μ μμλ¬ μλ°©
[ssh_connection]
ssh_args = -o UserKnownHostsFile=/dev/null -o ControlMaster=no -C -o StrictHostKeyChecking=noDetails
all:
hosts:
master[01:01]:
target_user: "nexledger"
worker[01:04]:
target_user: "nexledger"
vars:
ansible_connection: ssh
ansible_user: root
children:
workers:
hosts:
worker[01:04:2]:
target_user: "nexledger"
masters:
hosts:
master[01:01]:
target_user: "nexledger"
prod:
children:
east:
test:
children:
west:https://docs.ansible.com/ansible/2.3/user_module.html
change-password.yaml
---
- name: Change Password
hosts: workers
# Setting
vars:
change_user: "change-user-id"
newpassword: "new-password-input"
tasks:
- name: Change Password
user:
name: "{{ change_user }}"
update_password: always
password: "{{ newpassword | password_hash('sha512') }}"add-user.yaml
---
- name : Create a login user
hosts: workers
gather_facts: no
# Setting
vars:
new_user: "new-user-id"
new_password: "new-user-password"
tasks:
- name: Create a login user
user:
name: "{{ new_user }}"
password: "{{ new_password | password_hash('sha512') }}"
groups: # Empty by default, here we give it some groups
- docker
- sudo
state: present
shell: /bin/bash # Defaults to /bin/bash
system: no # Defaults to no
createhome: yes # Defaults to yes
home: "/home/{{ new_user }}" # Defaults to /home/<username>check-password-expiration.yaml
---
- name: Check Password Expiration
hosts: workers
become: yes
become_user: "{{ target_user }}"
gather_facts: no
tasks:
- name: passwd command
shell: passwd -S
register: shell_result
- name: check result
debug:
var: shell_result.stdout_linesremove_user.yaml
---
- name : Remove a login user
hosts: workers
gather_facts: no
# Setting
#vars:
#delete_username: "rolroralra"
tasks:
- name: Remove a login user
user:
name: "{{ delete_username }}"
state: absent
remove: yesremove_user.yaml
---
- name : Copy files
hosts: workers
gather_facts: no
# Setting
vars:
file1: "docker-ce-cli_19.03.13_3-0_ubuntu-bionic_amd64.deb"
file2: "docker-ce_19.03.13_3-0_ubuntu-bionic_amd64.deb"
tasks:
- name: Copy File
copy:
src: "~/Share/{{ file1 }}"
dest: "/tmp/{{ file1 }}"
owner: root
group: root
mode: '0644'
backup: yes
- name: Copy File
copy:
src: "~/Share/{{ file2 }}"
dest: "/tmp/{{ file2 }}"
owner: root
group: root
mode: '0644'
backup: yesremove_user.yaml
---
- name : Docker Engine Version Update
hosts: test
gather_facts: no
# Setting
vars:
file1: "docker-ce-cli_19.03.13_3-0_ubuntu-bionic_amd64.deb"
#file1: "docker-ce-cli_19.03.3_3-0_ubuntu-bionic_amd64.deb"
file2: "docker-ce_19.03.13_3-0_ubuntu-bionic_amd64.deb"
#file2: "docker-ce_19.03.3_3-0_ubuntu-bionic_amd64.deb"
tasks:
- name: Copy File docker-ce-cli
copy:
src: "~/Share/{{ file1 }}"
dest: "/tmp/{{ file1 }}"
owner: root
group: root
mode: '0644'
backup: yes
- name: Copy File docker-ce
copy:
src: "~/Share/{{ file2 }}"
dest: "/tmp/{{ file2 }}"
owner: root
group: root
mode: '0644'
backup: yes
- name: Uninstall Old Version Docker
shell: |
dpkg --purge docker-ce
dpkg --purge docker-ce-cli
exit 0
- name: Install New Version Docker
shell: |
dpkg --install "{{ file1 }}"
dpkg --install "{{ file2 }}"
exit 0
args:
chdir: /tmp/# docker-ce, docker-ce-cli ν¨ν€μ§ μ
κ·Έλ μ΄λ
$ ansible workers -m 'shell' -a "apt update && apt install --only-upgrade -y docker-ce docker-ce-cli && dpkg -l | grep docker"