Ansible User 模块添加单用户并ssh-key复制
1 Ansible 版本:
ansible 2.9.6
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Aug 7 2019, 00:51:29) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]
2 Ansible 主机列表:
[web]
h1 ansible_ssh_host=10.10.XX.XX ansible_ssh_port=52113 ansible_ssh_user=root ansible_python_interpreter=/usr/bin/python
t1 ansible_ssh_host=10.10.XX.XX ansible_ssh_port=22 ansible_ssh_user=root ansible_python_interpreter=/usr/bin/python
#[run-group:children]
#run-1
#run-2
3 Ansible-player roles:
cat /etc/ansible/ansible_work/user-auth.yaml
###############
- hosts: all
remote_user: root
gather_facts: False
vars:
username: fmw
usergid: '501'
useruid: '501'
tasks:
- name: System Add group {{ username }}
group:
gid: '{{ usergid }}'
name: '{{ username }}'
state: present
system: yes
- name: System Add user {{ username }}
user:
name: '{{ username }}'
password: "$6$vfci7x2o$mteutRBiEVwj7vM.CcZeIxR232cXVZte84u5Hv7fnnrypjzpjxZQE4IrhmJLl7EH9/LZ77X2M7BZjRTBnplPKfDsD1"
shell: /bin/bash
group: '{{ usergid }}'
uid: '{{ useruid }}'
create_home: True
state: present
#- name: Create {{ username }} directory
# file: path='/home/{{ username }}/.ssh' state=directory owner={{ username }} group={{ username }} mode=0700
- name: set {{ usrename }} authorized key files
authorized_key:
user: '{{ username }}'
state: present
manage_dir: true # authorized_key 模块管理.ssh目录,如果不存在就自动创建,可以去掉上面的目录处理
key: "{{ lookup('file', '/home/fmw/.ssh/id_rsa.pub') }}"
4 运行剧本:
# 语法测试:
ansible-playbook user-auth.yaml --syntax-check
# 运行剧本:
1 ansible-playbook user-auth.yaml --check # 测试运行剧本,但不真正执行.
2 ansible-playbook user-auth.yaml -vvv # 运行并显示详细执行过程.
3 ansible-playbook user-auth.yaml # 运行脚本会显示执行结果(默认此模式).
# 例:
[root@redis-2 ansible]# ansible-playbook user-auth.yaml
PLAY [all] **********************************************************************************************************************************************************************************
TASK [System Add group fmw] *****************************************************************************************************************************************************************
changed: [t1]
changed: [h1]
TASK [System Add user fmw] ******************************************************************************************************************************************************************
changed: [t1]
changed: [h1]
TASK [set {{ usrename }} authorized key files] **********************************************************************************************************************************************
changed: [t1]
changed: [h1]
PLAY RECAP **********************************************************************************************************************************************************************************
h1 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
t1 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
