• 使用Ansible Vault加密内容

    Ansible 加密敏感数据

    [root@ansible-server ~]# ansible-vault create secret.yml
newusers:
    - name: ansibleuser1
      pw: redhat
    - name: ansibleuser2
      pw: $Re4H1t@

[root@ansible-server ansible]# cat create_users.yml 
- name: create user accounts for all our servers
  hosts: client
  vars_files:
    - secret.yml
  tasks:
    - name: create users
      user:
        name: "{{ item.name }}"
        password: "{{ item.pw | password_hash('sha512') }}"
      with_items: "{{ newusers }}"
[root@ansible-server ansible]# ansible-playbook --syntax-check --ask-vault-pass create_users.yml 
Vault password: 

playbook: create_users.yml
[root@ansible-server ansible]# echo redhat > vault.pass
[root@ansible-server ansible]# chmod 0600 vault.pass 
[root@ansible-server ansible]# ansible-playbook --syntax-check --vault-password-file=vault.pass create_users.yml               

playbook: create_users.yml
[root@ansible-server ansible]# ansible-playbook --vault-password-file=vault.pass create_users.yml  

PLAY [create user accounts for all our servers] *********************************************************************************

TASK [Gathering Facts] **********************************************************************************************************
ok: [172.16.216.182]
ok: [172.16.216.181]

TASK [create users] *************************************************************************************************************
changed: [172.16.216.182] => (item={u'name': u'ansibleuser1', u'pw': u'redhat'})
changed: [172.16.216.181] => (item={u'name': u'ansibleuser1', u'pw': u'redhat'})
changed: [172.16.216.182] => (item={u'name': u'ansibleuser2', u'pw': u'$Re4H1t@'})
changed: [172.16.216.181] => (item={u'name': u'ansibleuser2', u'pw': u'$Re4H1t@'})

PLAY RECAP **********************************************************************************************************************
172.16.216.181             : ok=2    changed=1    unreachable=0    failed=0   
172.16.216.182             : ok=2    changed=1    unreachable=0    failed=0   

[root@ansible-server ansible]# ssh ansibleuser1@172.16.216.181
ansibleuser1@172.16.216.181's password: 
the hostname is ansible-client1.liuxplus.com
today's date is 2018-10-11
[ansibleuser1@ansible-client1 ~]$ exit
登出
Connection to 172.16.216.181 closed.
[root@ansible-server ansible]# ssh ansibleuser1@172.16.216.182
ansibleuser1@172.16.216.182's password: 
the hostname is ansible-client2.linuxplust.com
today's date is 2018-10-11
[ansibleuser1@ansible-client2 ~]$ exit
登出
Connection to 172.16.216.182 closed.
[root@ansible-server ansible]# ssh ansibleuser2@172.16.216.181
ansibleuser2@172.16.216.181's password: 
the hostname is ansible-client1.liuxplus.com
today's date is 2018-10-11
[ansibleuser2@ansible-client1 ~]$ exit
登出
Connection to 172.16.216.181 closed.
[root@ansible-server ansible]# ssh ansibleuser2@172.16.216.182
ansibleuser2@172.16.216.182's password: 
the hostname is ansible-client2.linuxplust.com
today's date is 2018-10-11
[ansibleuser2@ansible-client2 ~]$ exit
登出
Connection to 172.16.216.182 closed.

      
  • 相关阅读:
    PyCharm黄色波浪线提示: Simplify chained comparison
    SQL Server 2017 新功能分享
    阿里云RDS for SQL Server使用的一些最佳实践
    Spark入门PPT分享
    亿级SQL Server运维的最佳实践PPT分享
    使用T-SQL找出执行时间过长的作业
    SQL Server中TOP子句可能导致的问题以及解决办法
    广州的小伙伴福利-由微软组织的在广州SQL Server线下活动
    在SQL Server中为什么不建议使用Not In子查询
    微软Ignite大会我的Session(SQL Server 2014 升级面面谈)PPT分享
  • 原文地址:https://www.cnblogs.com/zydev/p/13921024.html
Copyright © 2020-2023  润新知