ansible 通过密码登录主机

原创

小吉猫w 2024-04-15 10:48:12 博主文章分类：ansible ©著作权

文章标签 Ansible centos 文章分类 JavaScript 前端开发

©著作权归作者所有：来自51CTO博客作者小吉猫w的原创作品，请联系作者获取转载授权，否则将追究法律责任

hosts

[centos-root]
192.168.174.129 ansible_ssh_port=22  ansible_ssh_user=root ansible_ssh_pass=host1
192.168.174.130 ansible_ssh_port=22  ansible_ssh_user=root
192.168.174.131 ansible_ssh_port=22  ansible_ssh_user=root

Ansible Vault 文件

创建 Ansible Vault 文件

# ansible-vault create root-passwords.yml

New Vault password:                    # 12345678
Confirm New Vault password:

编辑 Ansible Vault 文件

# ansible-vault edit root-passwords.yml

Vault password:

root-passwords.yml

root_accounts:
  192.168.174.129:
    old_password: host1
    new_password: 12345678
  192.168.174.130:
    old_password: host2
    new_password: 12345678
  192.168.174.131:
    old_password: host3
    new_password: 12345678

root-playbook.yaml

- hosts: centos-root
  gather_facts: no  # 禁用 Ansible 在执行任务之前从目标主机中收集信息
  remote_user: root
  vars_files:
    - root-passwords.yml
  vars:
    ansible_ssh_pass: "{{ root_accounts[inventory_hostname].old_password }}"

  tasks:
    - name: Run command on hosts
      ansible.builtin.shell:
        cmd: |
          last_count=$(last | wc -l)
          failed_count=$(grep 'Failed password' /var/log/secure | wc -l)
          echo " {{ inventory_hostname }}  Last Count: $last_count , Failed Password Count: $failed_count"
      register: command_result

    - name: show result
      debug:
        msg: "{{ command_result.stdout }}"

执行结果

# ansible-playbook -i hosts root-playbook.yaml --ask-vault-pass

Vault password: 
[WARNING]: Invalid characters were found in group names but not replaced, use -vvvv to see details

PLAY [centos-root] ************************************************************************************************************************************************************

TASK [Gathering Facts] ********************************************************************************************************************************************************
ok: [192.168.174.130]
ok: [192.168.174.129]
ok: [192.168.174.131]

TASK [Run command on hosts] ***************************************************************************************************************************************************
changed: [192.168.174.130]
changed: [192.168.174.129]
changed: [192.168.174.131]

TASK [show result] ************************************************************************************************************************************************************
ok: [192.168.174.129] => {
    "msg": " 192.168.174.129  Last Count: 148 , Failed Password Count: 0"
}
ok: [192.168.174.130] => {
    "msg": " 192.168.174.130  Last Count: 160 , Failed Password Count: 1"
}
ok: [192.168.174.131] => {
    "msg": " 192.168.174.131  Last Count: 137 , Failed Password Count: 0"
}

PLAY RECAP ********************************************************************************************************************************************************************
192.168.174.129            : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
192.168.174.130            : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
192.168.174.131            : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0