ansible高階應用ansible-vault

gycixput發表於2018-03-23
ansible-vault屬於ansible高階應用。
在使用過程中ansible 1.9執行加密後的問題,提示錯誤;在ansible 2.5中可以執行,測試過程如下:

[root@DBA180321R00P ansible]# /usr/local/bin/ansible --version
ansible 1.9.0.1
  configured module search path = None


[root@GAOYCR00P ansible]# ansible --version
ansible 2.5.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible-2.5.0-py2.7.egg/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Oct 11 2015, 17:47:16) [GCC 4.8.3 20140911 (Red Hat 4.8.3-9)]
[root@GAOYCR00P ansible]# ansible-vault encrypt hosts
New Vault password: 
Confirm New Vault password: 
Encryption successful
[root@GAOYCR00P ansible]# more hosts
[Suse]
192.168.15.21 ansible_ssh_user=csuser ansible_ssh_pass=abcde123
192.168.15.22 ansible_ssh_user=csuser ansible_ssh_pass=abcde123
192.168.15.46 ansible_ssh_user=csuser ansible_ssh_pass=abcde123
192.168.15.47 ansible_ssh_user=csuser ansible_ssh_pass=abcde123
[plycs]
192.168.15.31  ansible_ssh_user=oracle ansible_ssh_pass=oracle
[root@GAOYCR00P ansible]# ansible Suse -m ping
192.168.15.46 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
192.168.15.21 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
192.168.15.22 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
192.168.15.47 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}


[root@GAOYCR00P ansible]# ansible-vault decrypt hosts
Vault password: 
Decryption successful
[root@GAOYCR00P ansible]# ansible Suse -m ping --ask-vault-pass
Vault password: 
192.168.15.47 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
192.168.15.22 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
192.168.15.46 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
192.168.15.21 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
[root@GAOYCR00P ansible]# /usr/local/bin/ansible --version
ansible 1.9.0.1
  configured module search path = None
[root@GAOYCR00P ansible]# /usr/local/bin/ansible Suse -m ping --ask-vault-pass
Vault password: 
No hosts matched
[root@GAOYCR00P ansible]# ansible-vault decrypt hosts
Vault password: 
Decryption successful
[root@GAOYCR00P ansible]# more hosts
[Suse]
192.168.15.21 ansible_ssh_user=csuser ansible_ssh_pass=abcde123
192.168.15.22 ansible_ssh_user=csuser ansible_ssh_pass=abcde123
192.168.15.46 ansible_ssh_user=csuser ansible_ssh_pass=abcde123
192.168.15.47 ansible_ssh_user=csuser ansible_ssh_pass=abcde123
[plycs]
192.168.15.31  ansible_ssh_user=oracle ansible_ssh_pass=oracle
[root@GAOYCR00P ansible]# /usr/local/bin/ansible Suse -m ping
192.168.15.21 | success >> {
    "changed": false, 
    "ping": "pong"
}


192.168.15.22 | success >> {
    "changed": false, 
    "ping": "pong"
}


192.168.15.46 | success >> {
    "changed": false, 
    "ping": "pong"
}


192.168.15.47 | success >> {
    "changed": false, 
    "ping": "pong"
}

來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/24585765/viewspace-2152177/,如需轉載,請註明出處,否則將追究法律責任。

相關文章