一、配置文件修改:
1、備份原配置文件:
cp /etc/ansible/hosts /etc/ansible/hosts.bak
2、修改hosts配置文件:
cat <<EOF>>/etc/ansible/hosts [test] 10.10.10.1 10.10.10.2 10.10.10.3 [test1] 10.10.10.11 10.10.10.12 [test:vars] ansible_ssh_user=test ansible_ssh_pass=111111 ansible_su_pass=111111 ansible_sudo_user=test ansible_sudo_pass=111111 [all:vars] ansible_ssh_user=test ansible_ssh_pass=123456 ansible_su_pass=123456 ansible_sudo_user=test ansible_sudo_pass=123456 EOF
注:
1、可以不設置免密碼登錄,配置好ansible_ssh_user和ansible_ssh_pass即可
2、若想用登錄用戶test啟用sudo權限,登錄目標服務器:
執行visudo命令,最后一行加入 'test ALL=(ALL) ALL'即可。
或
echo 'test ALL=(ALL) ALL' >>/etc/sudoers
( 不建議echo 'test ALL=(ALL) NOPASSWD: ALL' >>/etc/sudoers ; sudo免密碼,普通用戶權限過大,有安全隱患)
二、測試
1、登錄用戶測試
[root@localhost vmuser]# ansible test -m ping 10.10.10.1 | SUCCESS => { "changed": false, "ping": "pong" } 10.10.10.2 | SUCCESS => { "changed": false, "ping": "pong" } 10.10.10.3 | SUCCESS => { "changed": false, "ping": "pong" }
2、sudo權限測試
[root@localhost vmuser]# ansible test1 -m shell -a "fdisk -l |head -n2" -s 10.10.10.11 | SUCCESS | rc=0 >> Disk /dev/sda: 2000.4 GB, 2000398934016 bytes 10.10.10.12 | SUCCESS | rc=0 >> Disk /dev/sda: 2000.4 GB, 2000398934016 bytes
3、su權限測試:
[root@localhost vmuser]# ansible all -S -R root -m shell -a "/sbin/fdisk -l |head -n2" [DEPRECATION WARNING]: The su command line option has been deprecated in favor of the "become" command line arguments. This feature will be removed in version 2.6. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. 10.10.10.1 | SUCCESS | rc=0 >> Disk /dev/sda: 2000.4 GB, 2000398934016 bytes 10.10.10.2 | SUCCESS | rc=0 >> Disk /dev/sda: 2000.4 GB, 2000398934016 bytes 10.10.10.3 | SUCCESS | rc=0 >> Disk /dev/sda: 2000.4 GB, 2000398934016 bytes 10.10.10.11 | SUCCESS | rc=0 >> Disk /dev/sda: 2000.4 GB, 2000398934016 bytes 10.10.10.12 | SUCCESS | rc=0 >> Disk /dev/sda: 2000.4 GB, 2000398934016 bytes