ansible-playbook 系统初始化配置

ansible-playbook 系统初始化配置

ansible安装

ansible来自epel源，可通过yum仓库、第三方仓库和编译安装

方式一：epel仓库
#yum -y install ansible
​
方式二：git仓库
#git clone git://github.com/ansible/ansible.git --recursive
#cd ./ansible
#source ./hacking/env-setup
​
方式三：pip安装
#yum -y install python-pip
#pip install --upgrade pip
#pip install ansible --upgrade
​
方式四：二进制安装
# wget https://releases.ansible.com/ansible/ansible-2.9.8.tar.gz
# tar xvf ansible-2.9.8.tar.gz -C /data/
# cp /data/ansible/bin/* /bin/
#yum -y install python-jinja2 PyYAML python-paramiko python-babel python-crypto
#python setup.py build
#python setup.py install
#mkdir /etc/ansible
#cp -r examples/* /etc/ansible
​
验证
#ansible --version

 

ansible-playbook  初始化

ansible初始化Centos 7 环境

验证环境
#cat host
[h1]
10.0.0.7
10.0.0.17
#ansible -i host h1 -m shell -a 'hostname -I'
​
方式一： script模块
#ansible -i host h1 -m script -a ./C7.sh
​
方式二：ansible-playbook
#cat C7.yaml
---
- hosts: h1
  remote_user: root
  tasks:
  - name: eth0 modfiy
    shell: sed -i.bak  '/^GRUB_CMDLINE_LINUX/s/"$/  net.ifnames=0"/' /etc/default/grub
  - name: install packages
    yum: name=autofs,tree,vim,lrzsz,wget,iotop,lsof,bash-completion,chrony,tcpdump
  - name: start service
    service: name=autofs state=started enabled=yes
  - name: start service
    service: name=chronyd state=started enabled=yes
  - name: add to bashrc
    lineinfile: path={{ item.path }} line={{ item.line }}
    with_items:
      - {path: /root/.bashrc,line: 'alias  date="date +%F_%T"'}
      - {path: /root/.bashrc,line: 'alias  alias  cdnet="cd  /etc/sysconfig/network-scripts/"'}
  - name: password time
    lineinfile:
      path={{ item.path }}
      regexp={{ item.regexp }}
      line={{ item.line }}
    with_items:
      - {path: /etc/login.defs,regexp: '^PASS_MAX_DAYS',line: 'PASS_MAX_DAYS    90'}
      - {path: /etc/login.defs,regexp: '^PASS_MIN_DAYS',line: 'PASS_MIN_DAYS    7'}
      - {path: /etc/login.defs,regexp: '^PASS_MIN_LEN',line: 'PASS_MIN_LEN  8'}
      - {path: /etc/login.defs,regexp: '^PASS_WARN_AGE',line: 'PASS_WARN_AGE    15'}
  - name: disable service
    shell: systemctl disable yum-updatesd
    shell: systemctl disable bluetooth
    shell: systemctl disable sendmail
    shell: systemctl stop NetworkManager
    shell: systemctl disable NetworkManager
​
语法检验：
#ansible-playbook -C C7.yaml  -i host -K
​
执行操作
#ansible-playbook  C7.yaml  -i host -K -v

验证

官方链接

https://www.ansible.com/

https://docs.ansible.com/