Ansible 详解:group模块、vars_files变量、user模块实战
【代码】Ansible 详解:group模块、vars_files变量、user模块实战。
·
group模块
-m group
管理被控端用户组| 指令参数 | 选项 | 说明 |
|---|---|---|
| name | 创建的组名 | |
| gid | 设置组的ID | |
| state | present, absent | 状态操作 |
| system | yes, no | 是否是系统组 |
[root@ansible ~]# ansible webservers -m group -a 'name=aaa gid=1500 state=present'
192.168.92.20 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": true,
"gid": 1500,
"name": "aaa",
"state": "present",
"system": false
}
[root@ansible ~]# ansible webservers -m group -a 'name=aaa state=absent'
192.168.92.20 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": true,
"name": "aaa",
"state": "absent"
}
[root@ansible ~]#vars_files变量
[root@ansible ~]# vi bianliang.yml
[root@ansible ~]# cat bianliang.yml
uname: yun
uid: 9000
job: projector
url: www.baidu.com
[root@ansible ~]# vi an-4.yml
[root@ansible ~]# cat an-4.yml
#提前定义了变量文件,然后进行调用
- hosts: webservers
vars_files:
- /root/bianliang.yml
tasks:
- name: debug输出变量
debug:
msg:
- "输出用户名称: {{ uname }}"
- "输出网址: {{ url }}"
[root@ansible ~]# ansible-playbook an-4.yml
PLAY [webservers] ***************************************************************************************************************************************
TASK [Gathering Facts] **********************************************************************************************************************************
ok: [192.168.92.20]
TASK [debug输出变量] ************************************************************************************************************************************
ok: [192.168.92.20] => {
"msg": [
"输出用户名称: yun",
"输出网址: www.baidu.com"
]
}
PLAY RECAP **********************************************************************************************************************************************
192.168.92.20 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0user 模块
-m user
管理被控端用户| 指令参数 | 选项 | 说明 |
|---|---|---|
| name | 创建或者删除的用户名 | |
| uid | 设置用户的id | |
| password | 设置用户的登录密码 | |
| group | 设置用户的基本组 | |
| groups | 设置用户的附加组 | |
| shell | 设置用户的登录式shell | |
| create_home | yes,no | 为用户创建家目录/home,默认yes |
| state | present, absent | 操作状态,默认present |
| remove | yes, no | 删除用户相关的家目录;只有state=absent,它才生效,默认是no |
| generate_ssh_key | yes,no | 是否生成ssh密钥,默认no |
| ssh_key_bits | 2048 | ssh密钥的位数 |
| ssh_key file | ssh密钥文件,默认:.ssh/id_rsa* |
[root@ansible ~]# ansible webservers -m user -a 'state=present name=yun password=123456 uid=1200 group=root'
^[[D[WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this module to work properly.
192.168.92.20 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"append": false,
"changed": true,
"comment": "",
"group": 0,
"home": "/home/yun",
"move_home": false,
"name": "yun",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"state": "present",
"uid": 1200
}
[root@ansible ~]# ansible webservers -m user -a 'state=absent name=yun'
192.168.92.20 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": true,
"force": false,
"name": "yun",
"remove": false,
"state": "absent",
"stderr": "userdel: group yun not removed because it is not the primary group of user yun.\n",
"stderr_lines": [
"userdel: group yun not removed because it is not the primary group of user yun."
]
}
[root@ansible ~]# ansible webservers -m group -a 'name=yun2 state=present'
192.168.92.20 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": true,
"gid": 1001,
"name": "yun2",
"state": "present",
"system": false
}
[root@ansible ~]# ansible webservers -m user -a 'state=present name=yun password=123456 uid=1200 group=root groups=yun2'
[WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this module to work properly.
192.168.92.20 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 0,
"groups": "yun2",
"home": "/home/yun",
"name": "yun",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"state": "present",
"stderr": "useradd: warning: the home directory /home/yun already exists.\nuseradd: Not copying any file from skel directory into it.\nCreating mailbox file: File exists\n",
"stderr_lines": [
"useradd: warning: the home directory /home/yun already exists.",
"useradd: Not copying any file from skel directory into it.",
"Creating mailbox file: File exists"
],
"system": false,
"uid": 1200
}
[root@ansible ~]# ansible webservers -m user -a 'name=yun2 state=present password=123456 group=root groups=root,yun2'
[WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this module to work properly.
192.168.92.20 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 0,
"groups": "root,yun2",
"home": "/home/yun2",
"name": "yun2",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1201
}
[root@ansible ~]# ansible webservers -m user -a 'name=yun2 state=absent'
192.168.92.20 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": true,
"force": false,
"name": "yun2",
"remove": false,
"state": "absent",
"stderr": "userdel: group yun2 not removed because it is not the primary group of user yun2.\n",
"stderr_lines": [
"userdel: group yun2 not removed because it is not the primary group of user yun2."
]
}
[root@ansible ~]# ansible webservers -m shell -a 'ls /home'
192.168.92.20 | CHANGED | rc=0 >>
yun
yun2
[root@ansible ~]# ansible webservers -m user -a 'name=yun remove=yes state=absent'
192.168.92.20 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": true,
"force": false,
"name": "yun",
"remove": true,
"state": "absent",
"stderr": "userdel: group yun not removed because it is not the primary group of user yun.\n",
"stderr_lines": [
"userdel: group yun not removed because it is not the primary group of user yun."
]
}
[root@ansible ~]# ansible webservers -m shell -a 'ls /home'
192.168.92.20 | CHANGED | rc=0 >>
yun2
[root@ansible ~]# ansible webservers -m user -a 'state=present name=yun password=123456 uid=1200 group=root groups=yun2 generate_ssh_key=yes'
[WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this module to work properly.
192.168.92.20 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 0,
"groups": "yun2",
"home": "/home/yun",
"name": "yun",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"ssh_fingerprint": "3072 SHA256:58nnLq7Ayei+ENPof8bGe5jynGmSWyCmXpSVbidfry4 ansible-generated on web20h (RSA)",
"ssh_key_file": "/home/yun/.ssh/id_rsa",
"ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuT/Nl0BprWkgnXQ7xipGZEG4ap/x+ClUfmGkcY+YwpxF6gZRVhrvIlWtZzJGRfTrhSbvGyJ6m/4zX6AOTdzcV86XAjPc1EcBn3Vjfdor/g4VoZxphM81jV6O9J95RcW21Q3YlvL1+24o81dLjK078i5Vhxpun3wDVAxq5i/HCfB4KH602YgGhECAJe1y77IdZZaR5tiblcYAgBqX+f63HbEKzUx3gMtXW4MxUOS8xNtY302Zmsyn43WqkckmMGJ9b18p36+C1NjGYKV4mnHj56RjwbkajuRH9SH4/9eEGXs20Lcde/PvwBC3OBvDnvkOkxjFP7r/MCzt89UD7bo0DCbSLp0fnIx1PcSphAOL29poFJ1nHEt2LYwQYxGl8ug2ULdy92x0YdHPDSXYbk+z+cSniqAVqwuu9TLfZW/Cm8hqraSl4lh+hEOfoxRiu+J1nSce8QN/MjxeJsIRW1/OgN1xE53OXK63TGOZKZfcUd8biFSjW1ECdVQni9DXooQk= ansible-generated on web20h",
"state": "present",
"system": false,
"uid": 1200
}
[root@ansible ~]#
腾讯云面向开发者汇聚海量精品云计算使用和开发经验,营造开放的云计算技术生态圈。
更多推荐
6
0- 0
已为社区贡献20条内容
所有评论(0)