ansible hosts文件编写,简单使用测试(普通用户、sudo用户、root用户登录权限测试)
一、配置文件修改:
1、备份原配置文件:
cp /etc/ansible/hosts /etc/ansible/hosts.bak
2、修改hosts配置文件:
cat <<EOF>>/etc/ansible/hosts [test] 10.10.10.1 10.10.10.2 10.10.10.3 [test1] 10.10.10.11 10.10.10.12 [test:vars] ansible_ssh_user=test ansible_ssh_pass=111111 ansible_su_pass=111111 ansible_sudo_user=test ansible_sudo_pass=111111 [all:vars] ansible_ssh_user=test ansible_ssh_pass=123456 ansible_su_pass=123456 ansible_sudo_user=test ansible_sudo_pass=123456 EOF
注:
1、可以不设置免密码登录,配置好ansible_ssh_user和ansible_ssh_pass即可
2、若想用登录用户test启用sudo权限,登录目标服务器:
执行visudo命令,最后一行加入 'test ALL=(ALL) ALL'即可。
或
echo 'test ALL=(ALL) ALL' >>/etc/sudoers
( 不建议echo 'test ALL=(ALL) NOPASSWD: ALL' >>/etc/sudoers ; sudo免密码,普通用户权限过大,有安全隐患)
二、测试
1、登录用户测试
[root@localhost vmuser]# ansible test -m ping 10.10.10.1 | SUCCESS => { "changed": false, "ping": "pong" } 10.10.10.2 | SUCCESS => { "changed": false, "ping": "pong" } 10.10.10.3 | SUCCESS => { "changed": false, "ping": "pong" }
2、sudo权限测试
[root@localhost vmuser]# ansible test1 -m shell -a "fdisk -l |head -n2" -s 10.10.10.11 | SUCCESS | rc=0 >> Disk /dev/sda: 2000.4 GB, 2000398934016 bytes 10.10.10.12 | SUCCESS | rc=0 >> Disk /dev/sda: 2000.4 GB, 2000398934016 bytes
3、su权限测试:
[root@localhost vmuser]# ansible all -S -R root -m shell -a "/sbin/fdisk -l |head -n2" [DEPRECATION WARNING]: The su command line option has been deprecated in favor of the "become" command line arguments. This feature will be removed in version 2.6. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. 10.10.10.1 | SUCCESS | rc=0 >> Disk /dev/sda: 2000.4 GB, 2000398934016 bytes 10.10.10.2 | SUCCESS | rc=0 >> Disk /dev/sda: 2000.4 GB, 2000398934016 bytes 10.10.10.3 | SUCCESS | rc=0 >> Disk /dev/sda: 2000.4 GB, 2000398934016 bytes 10.10.10.11 | SUCCESS | rc=0 >> Disk /dev/sda: 2000.4 GB, 2000398934016 bytes 10.10.10.12 | SUCCESS | rc=0 >> Disk /dev/sda: 2000.4 GB, 2000398934016 bytes