李振东的blog

Ansible的资产清单

基于密码链接

需要预先做好指纹认证 !  !  !  无指纹认证报错

### 还要做好域名解析
10.0.0.101  aaa01
10.0.0.102  aaa02
10.0.0.103  aaa03

[root@m01 ~]# cat /etc/ansible/hosts
 
#方式一、IP+端口+用户+密码
[aaa]
10.0.0.101 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass='1'
10.0.0.102 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass='1'

	
#方式二、主机名+密码
[aaa]
aaa0[1:2] ansible_ssh_pass='1'
 
#方式三、主机+端口+密码
[aaa]
aaa0[1:2]
[webs:vars]
ansible_ssh_pass='1'

[root@li ~]#ansible aaa -m ping -i /etc/ansible/hosts
\[WARNING]: Platform linux on host 10.0.0.101 is using the discovered Python interpreter at /usr/bin/python3.12, but future installation of another Python
interpreter could change the meaning of that path. See https://docs.ansible.com/ansible-core/2.17/reference_appendices/interpreter_discovery.html for more
information.
10.0.0.101 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3.12"
    },
    "changed": false,
    "ping": "pong"
}
[WARNING]: Platform linux on host 10.0.0.102 is using the discovered Python interpreter at /usr/bin/python3.12, but future installation of another Python
interpreter could change the meaning of that path. See https://docs.ansible.com/ansible-core/2.17/reference_appendices/interpreter_discovery.html for more
information.
10.0.0.102 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3.12"
    },
    "changed": false,
    "ping": "pong"
}

基于密钥连接

基于密钥连接，需要先创建公钥和私钥，并下发公钥至被控端

#创建秘钥对
[root@m01 ~]# ssh-keygen
 
#推送公钥
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]

#方式一、主机+端口+密钥
[aaa]
10.0.0.101:22
10.0.0.102

[root@li ~]#!ansible
ansible aaa -m ping -i /etc/ansible/hosts
10.0.0.101 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3.12"
    },
    "changed": false,
    "ping": "pong"
}

10.0.0.102 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3.12"
    },
    "changed": false,
    "ping": "pong"
}

#方式二、别名+主机+端口+密钥
[aaa]
aaa01 ansible_ssh_host=10.0.0.101 ansible_ssh_port=22
aaa02 ansible_ssh_host=10.0.0.102
aaa03 ansible_ssh_host=10.0.0.103

[root@li ~]#!ansible
ansible aaa -m ping -i /etc/ansible/hosts

aaa02 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3.12"
    },
    "changed": false,
    "ping": "pong"
}

aaa01 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3.12"
    },
    "changed": false,
    "ping": "pong"
}

aaa03 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3.10"
    },
    "changed": false,
    "ping": "pong"
}

基于主机组（ssh免密）

[aa_group]
aaa01 ansible_ssh_host=10.0.0.102
aaa02 ansible_ssh_host=10.0.0.103
 
[bb_group]
bbb01 ansible_ssh_host=10.0.0.103

### 查看指定组中的主机
[root@li ~]#ansible aa_group -m ping -i /etc/ansible/hosts --list-host
  hosts (2):
    aaa01
    aaa02
[root@li ~]#ansible bb_group -m ping -i /etc/ansible/hosts --list-host
  hosts (1):
    bbb01

#### 关于组的聚合   children 聚合组
[aa_group]
aaa01 ansible_ssh_host=10.0.0.102
aaa02 ansible_ssh_host=10.0.0.103

[bb_group]
bbb01 ansible_ssh_host=10.0.0.103

[ccc:children]
aa_group
bb_group

[root@li ~]#ansible ccc -m ping -i /etc/ansible/hosts --list-host
  hosts (3):
    aaa01
    aaa02
    bbb01