| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 | 31 |
- mount
- 프로세스
- yum
- ansible
- nmcli
- docker network
- 날짜변경
- lvcreate
- journalctl
- ssh
- docker
- docker image
- M365필터
- 리다이렉션
- firewalld
- permission
- 같은폴더
- pvcreate
- vagrant kubernetes
- HTTPD
- chmod
- swapon
- chatGPT
- 엑셀파일명변경
- newbingai
- 랜카드인식불량
- Kubernetes
- MSBing
- vgcreate
- tar
- Today
- Total
becool
20210805 (목) ansible 실습3 본문
sudoers.d/ansible 추가시 permission denied. 문제발생
wheel 그룹 추가로 대신함
→ $ usermod -a -G wheel ansible_user01
[user@ansible-server project1]$ cat 0805_q2.yaml
---
- name: Q2
hosts: control, servers
become: true
tasks:
- name: create a user
user:
name: ansible_user01
state: present
uid: 2000
password: "{{ 'ansiblepass!' | password_hash('sha512') }}"
register: result_user
- name: print password
debug:
msg: "{{ result_user }}"
[user@ansible-server project1]$ cat 0805_q3.yaml
---
- name: Q3
hosts: control, servers
become: true
tasks:
- name: enable public key authentication
authorized_key:
user: ansible_user01
state: present
# key: ~/.ssh/id_rsa.pub
key: "{{ lookup('file', '/home/user/.ssh/id_rsa.pub') }}"
[user@ansible-server project1]$ cat 0805_q4.yaml
---
- name: Q4
hosts: all
become: true
tasks:
- name: create directory
file:
dest: /etc/sudoers.d/
state: directory
mode: "0600"
- name: edit sudoers file
copy:
dest: /etc/sudoers.d/ansible
content: ansible_user01 ALL=(ALL) NOPASSWD:ALL
[user@ansible-server project1]$ cat 0805_q5.yaml
---
- name: Q5
hosts: all
become: true
tasks:
- name: create a configuration file
copy:
dest: /home/ansible_user01/project1/ansible.cfg
recurse: true
content:
- inventory: ./inventory.ini
- remote_user: ansible_user01
-
[user@ansible-server project1]$ cat 0805_q6.yaml
---
- name: Q6_web
hosts: webservers
become: true
vars:
web_package: httpd
firewall_package: firewalld
php_package: php
web_service: httpd
firewall_service: firewalld
web_svc_name: http
tasks:
- name: "install {{ web_package }}"
yum:
name: "{{ web_package }}"
state: latest
- name: "install {{ firewall_package }}"
yum:
name: "{{ firewall_package }}"
state: latest
- name: "install {{ php_package }}"
yum:
name: "{{ php_package }}"
state: latest
- name: "enable {{ web_service }}"
service:
name: "{{ web_service }}"
state: started
- name: "enable {{ firewall_service }}"
service:
name: "{{ firewall_service }}"
state: started
- name: "allow {{ web_service }}"
firewalld:
service: "{{ web_svc_name }}"
state: enabled
permanent: true
immediate: true
- name: Q6_db
hosts: dbservers
vars:
db_package: mariadb-server
firewall_package: firewalld
db_service: mariadb
firewall_service: firewalld
db_svc_name: mysql
become: true
tasks:
- name: "install {{ firewall_package }}"
yum:
name: "{{ firewall_package }}"
state: latest
- name: "install {{ db_package }}"
yum:
name: "{{ db_package }}"
state: latest
- name: "enable {{ firewall_service }}"
service:
name: "{{ firewall_service }}"
state: started
- name: "enable {{ db_service }}"
service:
name: "{{ db_service }}"
state: started
- name: "allow {{ db_service }}"
firewalld:
service: "{{ db_svc_name }}"
state: enabled
permanent: true
immediate: true
[user@ansible-server project1]$
'ansible' 카테고리의 다른 글
| 20210806 (금) ansible lineinfile, cron (0) | 2021.08.06 |
|---|---|
| 20210806 (금) ansible role, dependency, strategy (0) | 2021.08.06 |
| 20210805 (목) ansible structure, priority, strategy, throttle (0) | 2021.08.05 |
| 20210804 (수) ansible 탬플릿, 역할 (0) | 2021.08.04 |
| 20210804 (수) ansible 작업제어 #3 (0) | 2021.08.04 |