Ansible Vault加密

Ansible Vault可以对文件进行加密。

可以将Vault密码通过命令行交互式保存，也可以将密码存储在文件中。

1. 首先定义一个users.yaml

---
- name: create user
  hosts: dev
  vars:
      users:
      - user01
      - user02
      - user03
  tasks:
    - name: create user
      user:
        name: "{{ item }}"
        state: present
      loop: "{{  users }}"

    - name: set password
      shell: echo '12345678' | passwd --stdin "{{ item }}"
      loop: "{{ users }}"

2. 使用Vault进行加密

# ansible-vault encrypt users.yaml
New Vault password: 
Confirm New Vault password:

3. 执行yaml时解密

# ansible-playbook --vault-id @prompt users.yaml
Vault password (default): 
PLAY [create user] *********************************************************************************************

TASK [Gathering Facts] *****************************************************************************************
ok: [servera.lab.example.com]

TASK [create user] *********************************************************************************************
ok: [servera.lab.example.com] => (item=user01)
ok: [servera.lab.example.com] => (item=user02)
ok: [servera.lab.example.com] => (item=user03)

posted @ 2020-03-28 14:08 Vincen_shen 阅读(367) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部