4.ansible 用户模块user 挂载模块mounted
user 用户管理模块
作用 创建用户信息
参数
name 创建的用户名称
uid 指定用户的uid信息
group 指定属于主要组
groups 指定属于哪个附属组
password 设置用户密码信息???
shell 指定登录方式 /bin/bash /sbin/nologin
create_home:
创建虚拟用户:
[root@m01 ~]# ansible backup -m user -a "name=Alex uid=250 group=root groups=oldboy shell=/sbin/nologin create_home=no"
172.16.1.41 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": false,
"group": 0,
"groups": "oldboy",
"home": "/home/Alex",
"name": "Alex",
"shell": "/sbin/nologin",
"state": "present",
"system": false,
"uid": 250
}
删除用户
ansible 192.168.1.201 -m user -a 'name=alex state=absent'
192.168.1.201 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"force": false,
"name": "alex",
"remove": false,
"state": "absent"
}
设置用户密码:
PS:密码信息必须是加密的
ansible backup -m user -a 'name=Alex02 password="$6$oldgirl$kAUTXVC2z1agr1HlmpFe9abFhWKwJ1fNyg64F95U3rVumwQfqOuhV3YkyZU9.H79TChzIKn5epl5M18B199qV1"'
如何生成密码信息:
=================================================================================================
ps: 密码密文生成方式:
https://docs.ansible.com/ansible/faq.html#how-do-i-generate-crypted-passwords-for-the-user-module
方法一:
ansible all -i localhost, -m debug -a "msg={{ 'mypassword' | password_hash('sha512', 'mysecretsalt') }}"
mypassword --- 明文密码信息
sha512 --- 明文转换为密文加密方法
mysecretsalt --- 用什么做算法依据生成密文信息
ansible all -i localhost, -m debug -a "msg={{ 'oldboy123' | password_hash('sha512', 'oldgirl') }}"
实践操作:
[root@m01 ~]# ansible all -i localhost, -m debug -a "msg={{ '123456' | password_hash('sha512', 'oldboy123') }}"
localhost | SUCCESS => {
"msg": "$6$oldboy123$W3jkmkkVTr.9UStm4S50RT2uIEjB/4GEtaAeVCSZ..uWVN1YGxHvluss9JVfAPV0gSJoGn1qAfxGyttIsTjcz0"
}
方法二: 在centos7中无法使用
mkpasswd --method=sha-512
方法三: 利用python模块功能
yum install python-pip
pip install passlib
python -c "from passlib.hash import sha512_crypt; import getpass; print(sha512_crypt.using(rounds=5000).hash(getpass.getpass()))"
=================================================================================================
mount 挂载模块
作用:实现批量挂载操作
参数:
src :需要挂载存储设备信息
path : 挂载点路径信息
fstype :挂载类型信息
state :挂载操作(mounted present)/卸载操作(unmounted absent)
mounted: 可以实现立即挂载 永久开机自动挂载
present: 永久开机自动挂载
unmounted: 可以实现立即卸载
absent: 可以实现立即卸载 永久卸载
批量挂载操作:
ansible 192.168.1.203 -m mount -a 'src=192.168.1.214:/bxy/nfsdata path=/mnt fstype=nfs state=unmounted'
192.168.1.203 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"dump": "0",
"fstab": "/etc/fstab",
"fstype": "nfs",
"name": "/mnt",
"opts": "defaults",
"passno": "0",
"src": "192.168.1.214:/bxy/nfsdata"
}