User Tools

Site Tools


wiki:ostatni:ansible:start

Ansible

Základní konfigurace

Vypnutí cowsay (kravičky):

export ANSIBLE_NOCOWS=1

nebo

V souboru /etc/ansible/ansible.cfg odkomentovat:

nocows = 1

Host key checking

Vypnutí ověřování klíče ssh serveru/hosta. Typicky po reinstalaci se změní klíč a ssh hlásí chybu při připojení, že klíč se změnil.

V souboru /etc/ansible/ansible.cfg:

[defaults]
host_key_checking = False

nebo

export ANSIBLE_HOST_KEY_CHECKING=False

Inventory

  • /etc/ansible/hosts

Ad-Hoc příkazy

Předpokladem je funkční SSH spojení se všemi prvky s ověřováním klíčem. Příkazy se spouští pod běžným uživatelským účtem (tedy ne pod rootem).

# test spojení na všechny prvky z inventory souboru
ansible all -m ping
 
# Spuštění příkazu na všech prvcích jako sudo
(ansible all -u kaplan --sudo --ask-sudo-pass -a "/bin/echo hello") starsi zpusob
 
ansible all -u kaplan -become -K -m ping

Skoleni cz.nic

https://gist.github.com/HalisCz/42752c7f9761946f2187fab63a386706

ansible all –inventory “172.29.29.14,172.29.29.15” -a 'cat /etc/os-release'

172.29.29.15 | SUCCESS | rc=0 >>
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"

CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"

172.29.29.14 | SUCCESS | rc=0 >>
NAME="Ubuntu"
VERSION="18.04.3 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.3 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic

ansible all –inventory “172.29.29.14,172.29.29.15” -m user -a 'name=bob shell=/bin/bash generate_ssh_key=yes'

172.29.29.15 | SUCCESS => {
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 1001, 
    "home": "/home/bob", 
    "name": "bob", 
    "shell": "/bin/bash", 
    "ssh_fingerprint": "2048 SHA256:CYAD6GRswrzm6L5wJZIvN9vDNp9tSmx7Uv0jv0i7H7g ansible-generated on centos (RSA)", 
    "ssh_key_file": "/home/bob/.ssh/id_rsa", 
    "ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsMWSIRw2NvfFvCV0cont5LNOP6vsqQoT8fLJYl7WWlwjwjPMRNckkF/XeF5D1M2Nt7GODLBXOCDZoFvIJQbQuXyxEE9G7oX/sxbObUOBi6cpDZX2BRKtLIlSMqC0o/rlCdQ7d3eYFTv4bcP6JgZyernjttPJZ+XqEYsuaot3nAdIJcRNxKSC4cVE2ibXIANA1dDxpHBGIlm682RXH1+n1QjXS2AYRehXL6QESk9fExWXvBKb2/bA/SAkHOUDmUgXOFY7G3uJWxm3NYmUq0Jew6j38dgzAS+3s7w9vQ1qsqpM+PI4IoHtvHZcebBW0RceJDFbVW1HjQKpCxaKPuzPR ansible-generated on centos", 
    "state": "present", 
    "system": false, 
    "uid": 1001
}
172.29.29.14 | SUCCESS => {
    "changed": true, 
    "comment": "", 
    "create_home": true, 
    "group": 1002, 
    "home": "/home/bob", 
    "name": "bob", 
    "shell": "/bin/bash", 
    "ssh_fingerprint": "2048 SHA256:+kSWr8AJLRu1/9Kj7gJzo29Xn9x2cHq6VXjdX4lH+P0 ansible-generated on ubuntu (RSA)", 
    "ssh_key_file": "/home/bob/.ssh/id_rsa", 
    "ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjbY0zkFkwv/xbzuoJYvOxkHiOJtQYG7RXlWT8ce/XlftoB5P3Vqoovj1g3ks1xWoHamG1lmbmdf+yPwTjJx3v2ZpPirrsXH5Y98GLjJ/8Xtf1XvKvsbfGH4CwC6577NOn4cDJ6+57rpHmYGHGOAVXI3DQTUnxIVCm98Dd3t2oA2KD1AhyU+PA4Yf+3YdpfY0rH0LhwbqGlHOtHYIr06hteJaMrDjujxix0vMBxlR9jH3erRNkSqSc2k6rSyRdaylWga7Uo4PoMBvhht3EE/38pDYEp7zlzx+MwSV/JzkTY0CP9pt4NaAJmqLcWZSKQQU65j8lHlatU1ynA8VVV1aZ ansible-generated on ubuntu", 
    "state": "present", 
    "system": false, 
    "uid": 1002
}
root@ubuntu:/vagrant_data# ansible all --inventory "172.29.29.14" -m user -a 'name=bob shell=/bin/bash'
 [WARNING]: Unable to parse /vagrant_data/172.29.29.14 as an inventory source

 [WARNING]: No inventory was parsed, only implicit localhost is available

 [WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost
does not match 'all'
root@ubuntu:/vagrant_data# ansible all --inventory "172.29.29.14," -m user -a 'name=bob shell=/bin/bash'
172.29.29.14 | SUCCESS => {
    "append": false, 
    "changed": false, 
    "comment": "", 
    "group": 1002, 
    "home": "/home/bob", 
    "move_home": false, 
    "name": "bob", 
    "shell": "/bin/bash", 
    "state": "present", 
    "uid": 1002
}
wiki/ostatni/ansible/start.txt · Last modified: 2019/12/10 11:07 by root