(一)要求剧本名/etc/ansible/play/play1.yaml,在被控节点实现初始化操作,例如创建一个demo用户,uid是3450,家目录是/tmp/demo,登录shell是/bin/bash,设置用户的密码为demo,要求这个demo用户可以使用sudo提权,并且控制节点可以实现免密登录到主机的demo用户
- name: play1
hosts: all
tasks:
- name: creat user
user:
name: demo
uid: 3450
home: /tmp/demo
shell: /bin/bash
- name: create passwd
shell: 'echo "demo" | passwd --stdin demo'
- name: sudo
shell: 'echo "demo ALL=(ALL) NOPASSWD:ALL >> /etc/sudoers"'
- name: mkdir /tmp/demo/.ssh
file:
path: /tmp/demo/.ssh
state: directory
owner: demo
group: demo
mode: '0700'
- name: ssh_nopasswd
copy:
src: /root/.ssh/id_rsa.pub
dest: /tmp/demo/.ssh/authorized_keys
(二)要求剧本名/etc/ansible/play/play2.yaml,在所有的被控节点上执行,要求配置本地YUM仓库,然后实现httpd软件的安装,并且最终在控制节点上使用curl命令访问被控节点主机名的时候,访问node1则输出的是node1内容,访问node2则输出的是node2内容
- name: play02
hosts: all
tasks:
- name: mount /dev/sr0
shell: "mount /dev/sr0 /iso"
ignore_errors: yes ##这个ignore_errors是task指令和模块同级作用:忽略这个play的错误
- name: repository_baseos
yum_repository:
file: yum
name: BaseOS
description: repository_baseos
baseurl:file:///iso/BaseOS
gpgcheck: 0
enabled: 1
- name: repository_appstream
yum_repository:
file: yum
name: AppStream
description: repository_appstream
baseurl:file:///iso/AppStream
gpgcheck: 0
enabled: 1
- name: httpd install
yum:
name: httpd
state: present
- name: systemctl start httpd
systemd:
name: httpd
state: started
- name: systemctl stop firewalld
systemd:
name: firewalld
state: stopped
- name: stop selinx
shell: "setenforce 0"
- name: play02_node1
hosts: node1
tasks:
- name: chages https content
copy:
content: "this is node1\n"
dest: /var/www/html/index.html
- name: play02_node2
hosts: node2
tasks:
- name: chages https content
copy:
content: "this is node2\n"
dest: /var/www/html/index.html