[root@192 ~]# ansible --version
ansible 2.9.11
config file = /etc/ansible/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.6/site-packages/ansible
executable location = /usr/bin/ansible
python version = 3.6.8 (default, Nov 21 2019, 19:31:34) [GCC 8.3.1 20190507 (Red Hat 8.3.1-4)]
[root@192 ~]# vim /etc/hosts
[root@192 ~]# scp /etc/hosts root@192.168.1.191:/etc/hosts
The authenticity of host '192.168.1.191 (192.168.1.191)' can't be established.
ECDSA key fingerprint is SHA256:ZVd4fwX7zxHrxSVxcJNQiZ0fzmEi1a9a+HIbw4pFZeU.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.1.191' (ECDSA) to the list of known hosts.
root@192.168.1.191's password:
hosts 100% 197 1.4KB/s 00:00
[root@192 ~]# hostnamectl set-hostname node1
Could not set property: Connection timed out
[root@192 ~]# hostnamectl set-hostname node1
[root@192 ~]# su -
Last login: Mon Apr 15 04:32:25 PDT 2024 from 192.168.1.40 on pts/1
[root@node1 etc]# cd /ansible
-bash: cd: /ansible: No such file or directory
[root@node1 etc]# cd /etc/ansible
[root@node1 ansible]# ll
total 24
-rw-r--r--. 1 root root 19985 Jul 21 2020 ansible.cfg
-rw-r--r--. 1 root root 1016 Jul 21 2020 hosts
drwxr-xr-x. 2 root root 6 Jul 21 2020 roles
[root@node1 ansible]# vim ansible.cfg
[root@node1 ansible]# ansible node2 -m shell -a "hostnamectl set-hostname node2" -u root -k
SSH password:
[WARNING]: provided hosts list is empty, only localhost is available. Note that the
implicit localhost does not match 'all'
[WARNING]: Could not match supplied host pattern, ignoring: node2
^C [ERROR]: User interrupted execution
[root@node1 ansible]# ansible node2 -m shell -a "hostnamectl set-hostname node2" -u root -k
SSH password:
[WARNING]: provided hosts list is empty, only localhost is available. Note that the
implicit localhost does not match 'all'
[WARNING]: Could not match supplied host pattern, ignoring: node2
[root@node1 ansible]# vim hosts
[root@node1 ansible]# ansible node2 -m shell -a "hostnamectl set-hostname node2" -u root -k
SSH password:
node2 | CHANGED | rc=0 >>
[root@node1 ansible]# ansible node2 -m shell -a 'hostname' -u root -k
SSH password:
node2 | CHANGED | rc=0 >>
node2
[root@node1 ansible]# ansible node2 -m shell -a "useradd admin" -u root -k
SSH password:
node2 | CHANGED | rc=0 >>
[root@node1 ansible]# ansible node2 -m shell -a "echo abc123. |passwd --stdin admin" -u root -k
SSH password:
node2 | CHANGED | rc=0 >>
Changing password for user admin.
passwd: all authentication tokens updated successfully.
[root@node1 ansible]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:MZuuc5+CUB8q0cLoskqbAjzPVW77mbWEAGF5mSJ2vIA root@node1
The key's randomart image is:
+---[RSA 3072]----+
| . .o. o |
| E +.=.+ |
| .o+o+ o |
| . +.+..= |
|.. +o+S. |
|oo. o..+o . |
|.++ .o..o. o |
|+ oo ooo =.. |
|+o .o.*o. |
+----[SHA256]-----+
[root@node1 ansible]# ssh-copy-id admin@node2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
admin@node2's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'admin@node2'"
and check to make sure that only the key(s) you wanted were added.
[root@node1 ansible]# ansible node2 -m shell -a ‘echo admin ”ALL=(ALL) NOPASSWD:ALL”>>/etc/sudoers.d/admin’ -u root -k
-bash: syntax error near unexpected token `('
[root@node1 ansible]# ansible node2 -m shell -a 'echo admin "ALL=(ALL) NOPASSWD:ALL">>/etc/sudoers.d/admin' -u root -k
SSH password:
node2 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: root@node2: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}
[root@node1 ansible]# ansible node2 -m shell -a 'echo admin "ALL=(ALL) NOPASSWD:ALL">>/etc/sudoers.d/admin' -u root -k
SSH password:
node2 | CHANGED | rc=0 >>
[root@node1 ansible]# ansible node2 -m shell -a "ls /root"
node2 | CHANGED | rc=0 >>
anaconda-ks.cfg
Desktop
Documents
Downloads
Music
original-ks.cfg
Pictures
Public
QQ_3.2.7_240401_x86_64_01.rpm
Templates
Videos
[root@node1 ansible]#
[root@node1 ansible]#
[root@node1 ansible]# ll
total 24
-rw-r--r--. 1 root root 20006 Apr 15 04:53 ansible.cfg
-rw-r--r--. 1 root root 1021 Apr 15 04:56 hosts
drwxr-xr-x. 2 root root 6 Jul 21 2020 roles
[root@node1 ansible]# vim inventory
[root@node1 ansible]# ssh-copy-id root@192.168.1.191
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.1.191's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.1.191'"
and check to make sure that only the key(s) you wanted were added.
[root@node1 ansible]# ansible httpd -m file -a 'path=/etc/yum.repos.d state=absent'
[WARNING]: Could not match supplied host pattern, ignoring: httpd
[WARNING]: No hosts matched, nothing to do
[root@node1 ansible]# ansible node2 -m file -a 'path=/etc/yum.repos.d state=absent'
node2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"path": "/etc/yum.repos.d",
"state": "absent"
}
[root@node1 ansible]# vim install.yml
---
- name: config httpd
hosts: all
tasks:
- name: config repo1
yum_repository:
name: BaseOS
description: BaseOS_repo
baseurl: file:///media/BaseOS
gpgcheck: no
enabled: yes
- name: config repo2
yum_repository:
name: AppStream
description: AppStream_repo
baseurl: file:///media/AppStream
gpgcheck: no
enabled: yes
- name: mount
command: mount /dev/sr0 /media
- name: install httpd
yum:
name: httpd
state: present
- name: index.html
copy:
content: "hello world!"
dest: /var/www/html/index.html
- name: start httpd
service:
name: httpd
state: restarted
enabled: yes
- name: close firewalld
service:
name: firewalld
state: stopped
enabled: no
[root@node1 ansible]# ansible-playbook install.yml
PLAY [config httpd] ***********************************************************************************************************************************************************************************************
TASK [Gathering Facts] ********************************************************************************************************************************************************************************************
ok: [node2]
TASK [config repo1] ***********************************************************************************************************************************************************************************************
ok: [node2]
TASK [config repo2] ***********************************************************************************************************************************************************************************************
ok: [node2]
TASK [mount] ******************************************************************************************************************************************************************************************************
[WARNING]: Consider using the mount module rather than running 'mount'. If you need to use command because mount is insufficient you can add 'warn: false' to this command task or set 'command_warnings=False'
in ansible.cfg to get rid of this message.
changed: [node2]
TASK [install httpd] **********************************************************************************************************************************************************************************************
changed: [node2]
TASK [index.html] *************************************************************************************************************************************************************************************************
changed: [node2]
TASK [start httpd] ************************************************************************************************************************************************************************************************
changed: [node2]
TASK [close firewalld] ********************************************************************************************************************************************************************************************
changed: [node2]
PLAY RECAP ********************************************************************************************************************************************************************************************************
node2 : ok=8 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0