Ansible 扩展
Ansible Vault加密概述
Ansible Vault做为Ansible的一项新功能,可将例如:password,keys等敏感数据文件进行加密处理,而非存放在明
文的playbook中或roles中。
Anisble Vault的使用
usage: ansible-vault [-h] [--version] [-v]
{create,decrypt,edit,view,encrypt,encrypt_string,rekey}
ansible-vault encrypt mysql.yml
ansible-vault view mysql.yml
ansible-vault edit mysql.yml
ansible-vault decrypt mysql.yml
vim /tmp/ap.txt
123
ansible-playbook mysql.yml --vault-password-file=/tmp/ap.txt
ansible-vault rekey mysql.yml
Ansible Tower
什么是Ansible Tower
Ansible Tower是由Redhat提供的一个管理Ansible前端UI,使用它可以免费管理10台以内的主机,所以它是一个收
费项目,该项目仅适用于那些不会运维开发,并且有钱的选手们,当然,如果会开发,懒得写,也可以 PJ Ansible
Tower。Do you understand me?
Ansible本质上是一个进行了封装的Shell。优点在于它是去中心化的工具,可以直接通过ssh管理远程主机,实现无
Agent的部署(ssh+python环境已经原生集成在Linux中)。
Ansible的缺点也在于其去中心化的特点,本身不支持高可用和分布式架构,无法实现Server-Proxy-Client的架构。
在比较复杂或者多区域的网络区域中,无法实现统一的集中式管理(如多个ansible管理端的配置同步),也没有前
端UI,对ansible的技能要求比较高。
Ansible Tower架构
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-e7su3OuU-1629379218795)(C:\Users\TF\AppData\Roaming\Typora\typora-user-images\image-20210819205825737.png)]
部署Anisble Tower
[root@web03 ~]
[root@web03 ~]
[root@web03 ansible]
bundle-3.6.2-1.el7.tar.gz
[root@web03 ansible]
-rw-r--r-- 1 root root 293849789 Dec 14 2019 ansible-tower-setup-bundle-3.6.2-
1.el7.tar.gz
[root@web03 ansible]
281M ansible-tower-setup-bundle-3.6.2-1.el7.tar.gz
[root@web03 ansible]
[root@web03 ansible]
total 286964
drwxr-xr-x 6 root root 190 Dec 14 2019 ansible-tower-setup-bundle-3.6.2-1
[root@web03 ansible-tower-setup-bundle-3.6.2-1]
total 52
-rw-r--r-- 1 root root 562 Dec 14 2019 backup.yml
drwxr-xr-x 4 root root 28 Dec 14 2019 bundle
drwxr-xr-x 2 root root 17 Dec 14 2019 group_vars
-rw-r--r-- 1 root root 7410 Dec 14 2019 install.yml
-rw-r--r-- 1 root root 1148 Dec 14 2019 inventory
drwxr-xr-x 3 root root 8192 Dec 14 2019 licenses
-rw-r--r-- 1 root root 2526 Dec 14 2019 README.md
-rw-r--r-- 1 root root 1335 Dec 14 2019 rekey.yml
-rw-r--r-- 1 root root 1393 Dec 14 2019 restore.yml
drwxr-xr-x 20 root root 312 Dec 14 2019 roles
-rwxr-xr-x 1 root root 11405 Dec 14 2019 setup.sh
[tower]
localhost ansible_connection=local
[database]
[all:vars]
admin_password='tower'
pg_host=''
pg_port=''
pg_database='awx'
pg_username='awx'
[root@web03 ansible-tower-setup-bundle-3.6.2-1]
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-gsRhm9pr-1629379218797)(C:\Users\TF\AppData\Roaming\Typora\typora-user-images\image-20210819210006168.png)]
安装成功
打开阅览器输入
http://10.0.0.9
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-IbU5hikb-1629379218798)(C:\Users\TF\AppData\Roaming\Typora\typora-user-images\image-20210819210107351.png)]
Ansible Tower 破解
0 ? 01:21:22 root@web03,172.16.1.9:~/ansible/ansible-tower-setup-bundle-3.6.2-1
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* centos-sclo-rh: mirrors.aliyun.com
* centos-sclo-sclo: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package python3-devel.x86_64 0:3.6.8-18.el7 will be installed
--> Processing Dependency: python3-libs(x86-64) = 3.6.8-18.el7 for package: python3-devel-3.6.8-18.el7.x86_64
--> Processing Dependency: python3 = 3.6.8-18.el7 for package: python3-devel-3.6.8-18.el7.x86_64
--> Processing Dependency: python(abi) = 3.6 for package: python3-devel-3.6.8-18.el7.x86_64
--> Processing Dependency: redhat-rpm-config for package: python3-devel-3.6.8-18.el7.x86_64
--> Processing Dependency: python3-rpm-macros for package: python3-devel-3.6.8-18.el7.x86_64
--> Processing Dependency: python3-rpm-generators for package: python3-devel-3.6.8-18.el7.x86_64
--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-devel-3.6.8-18.el7.x86_64
--> Running transaction check
---> Package python3.x86_64 0:3.6.8-18.el7 will be installed
--> Processing Dependency: python3-setuptools for package: python3-3.6.8-18.el7.x86_64
--> Processing Dependency: python3-pip for package: python3-3.6.8-18.el7.x86_64
---> Package python3-libs.x86_64 0:3.6.8-18.el7 will be installed
---> Package python3-rpm-generators.noarch 0:6-2.el7 will be installed
---> Package python3-rpm-macros.noarch 0:3-34.el7 will be installed
---> Package redhat-rpm-config.noarch 0:9.1.0-88.el7.centos will be installed
--> Processing Dependency: dwz >= 0.4 for package: redhat-rpm-config-9.1.0-88.el7.centos.noarch
--> Processing Dependency: zip for package: redhat-rpm-config-9.1.0-88.el7.centos.noarch
--> Processing Dependency: perl-srpm-macros for package: redhat-rpm-config-9.1.0-88.el7.centos.noarch
--> Running transaction check
---> Package dwz.x86_64 0:0.11-3.el7 will be installed
---> Package perl-srpm-macros.noarch 0:1-8.el7 will be installed
---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed
---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed
---> Package zip.x86_64 0:3.0-11.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
==========================================================================================================
Package Arch Version Repository Size
==========================================================================================================
Installing:
python3-devel x86_64 3.6.8-18.el7 updates 217 k
Installing for dependencies:
dwz x86_64 0.11-3.el7 base 99 k
perl-srpm-macros noarch 1-8.el7 base 4.6 k
python3 x86_64 3.6.8-18.el7 updates 70 k
python3-libs x86_64 3.6.8-18.el7 updates 6.9 M
python3-pip noarch 9.0.3-8.el7 base 1.6 M
python3-rpm-generators noarch 6-2.el7 base 20 k
python3-rpm-macros noarch 3-34.el7 base 8.1 k
python3-setuptools noarch 39.2.0-10.el7 base 629 k
redhat-rpm-config noarch 9.1.0-88.el7.centos base 81 k
zip x86_64 3.0-11.el7 base 260 k
Transaction Summary
==========================================================================================================
Install 1 Package (+10 Dependent packages)
Total download size: 9.9 M
Installed size: 49 M
Downloading packages:
(1/11): perl-srpm-macros-1-8.el7.noarch.rpm | 4.6 kB 00:00:00
(2/11): dwz-0.11-3.el7.x86_64.rpm | 99 kB 00:00:00
(3/11): python3-3.6.8-18.el7.x86_64.rpm | 70 kB 00:00:00
(4/11): python3-devel-3.6.8-18.el7.x86_64.rpm | 217 kB 00:00:00
(5/11): python3-rpm-generators-6-2.el7.noarch.rpm | 20 kB 00:00:00
(6/11): python3-rpm-macros-3-34.el7.noarch.rpm | 8.1 kB 00:00:00
(7/11): python3-setuptools-39.2.0-10.el7.noarch.rpm | 629 kB 00:00:00
(8/11): redhat-rpm-config-9.1.0-88.el7.centos.noarch.rpm | 81 kB 00:00:00
(9/11): zip-3.0-11.el7.x86_64.rpm | 260 kB 00:00:00
(10/11): python3-pip-9.0.3-8.el7.noarch.rpm | 1.6 MB 00:00:00
(11/11): python3-libs-3.6.8-18.el7.x86_64.rpm | 6.9 MB 00:00:01
----------------------------------------------------------------------------------------------------------
Total 4.4 MB/s | 9.9 MB 00:00:02
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : python3-setuptools-39.2.0-10.el7.noarch 1/11
Installing : python3-pip-9.0.3-8.el7.noarch 2/11
Installing : python3-3.6.8-18.el7.x86_64 3/11
Installing : python3-libs-3.6.8-18.el7.x86_64 4/11
Installing : python3-rpm-generators-6-2.el7.noarch 5/11
Installing : python3-rpm-macros-3-34.el7.noarch 6/11
Installing : dwz-0.11-3.el7.x86_64 7/11
Installing : zip-3.0-11.el7.x86_64 8/11
Installing : perl-srpm-macros-1-8.el7.noarch 9/11
Installing : redhat-rpm-config-9.1.0-88.el7.centos.noarch 10/11
Installing : python3-devel-3.6.8-18.el7.x86_64 11/11
Verifying : python3-rpm-generators-6-2.el7.noarch 1/11
Verifying : python3-libs-3.6.8-18.el7.x86_64 2/11
Verifying : perl-srpm-macros-1-8.el7.noarch 3/11
Verifying : python3-setuptools-39.2.0-10.el7.noarch 4/11
Verifying : zip-3.0-11.el7.x86_64 5/11
Verifying : dwz-0.11-3.el7.x86_64 6/11
Verifying : python3-rpm-macros-3-34.el7.noarch 7/11
Verifying : python3-3.6.8-18.el7.x86_64 8/11
Verifying : python3-pip-9.0.3-8.el7.noarch 9/11
Verifying : python3-devel-3.6.8-18.el7.x86_64 10/11
Verifying : redhat-rpm-config-9.1.0-88.el7.centos.noarch 11/11
Installed:
python3-devel.x86_64 0:3.6.8-18.el7
Dependency Installed:
dwz.x86_64 0:0.11-3.el7 perl-srpm-macros.noarch 0:1-8.el7
python3.x86_64 0:3.6.8-18.el7 python3-libs.x86_64 0:3.6.8-18.el7
python3-pip.noarch 0:9.0.3-8.el7 python3-rpm-generators.noarch 0:6-2.el7
python3-rpm-macros.noarch 0:3-34.el7 python3-setuptools.noarch 0:39.2.0-10.el7
redhat-rpm-config.noarch 0:9.1.0-88.el7.centos zip.x86_64 0:3.0-11.el7
Complete!
0 ? 01:22:18 root@web03,172.16.1.9:~/ansible/ansible-tower-setup-bundle-3.6.2-1
WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead.
Collecting uncompyle6
Downloading https://pypi.doubanio.com/packages/65/24/04e4e3eeb1d39c2a910f552bf0a69185a4d618924be2a98fad8e048e7cdf/uncompyle6-3.7.4-py3-none-any.whl (316kB)
100% |████████████████████████████████| 317kB 787kB/s
Collecting spark-parser<1.9.0,>=1.8.9 (from uncompyle6)
Downloading https://pypi.doubanio.com/packages/e1/c3/745adc57618998882a6e120cedebfba6ebf76aa9052c8b89e49c0fe47c2e/spark_parser-1.8.9-py3-none-any.whl
Collecting xdis<5.1.0,>=5.0.4 (from uncompyle6)
Downloading https://pypi.doubanio.com/packages/5a/d1/e6d3f51655eada8dc4628862357edaebafe7fa997ace9f51832c0389fd88/xdis-5.0.11-py2.py3-none-any.whl (129kB)
100% |████████████████████████████████| 133kB 1.5MB/s
Collecting click (from spark-parser<1.9.0,>=1.8.9->uncompyle6)
Downloading https://pypi.doubanio.com/packages/76/0a/b6c5f311e32aeb3b406e03c079ade51e905ea630fc19d1262a46249c1c86/click-8.0.1-py3-none-any.whl (97kB)
100% |████████████████████████████████| 102kB 3.6MB/s
Collecting six>=1.10.0 (from xdis<5.1.0,>=5.0.4->uncompyle6)
Downloading https://pypi.doubanio.com/packages/d9/5a/e7c31adbe875f2abbb91bd84cf2dc52d792b5a01506781dbcf25c91daf11/six-1.16.0-py2.py3-none-any.whl
Collecting importlib-metadata; python_version < "3.8" (from click->spark-parser<1.9.0,>=1.8.9->uncompyle6)
Downloading https://pypi.doubanio.com/packages/c0/72/4512a88e402d4dc3bab49a845130d95ac48936ef3a9469b55cc79a60d84d/importlib_metadata-4.6.4-py3-none-any.whl
Collecting zipp>=0.5 (from importlib-metadata; python_version < "3.8"->click->spark-parser<1.9.0,>=1.8.9->uncompyle6)
Downloading https://pypi.doubanio.com/packages/92/d9/89f433969fb8dc5b9cbdd4b4deb587720ec1aeb59a020cf15002b9593eef/zipp-3.5.0-py3-none-any.whl
Collecting typing-extensions>=3.6.4; python_version < "3.8" (from importlib-metadata; python_version < "3.8"->click->spark-parser<1.9.0,>=1.8.9->uncompyle6)
Downloading https://pypi.doubanio.com/packages/2e/35/6c4fff5ab443b57116cb1aad46421fb719bed2825664e8fe77d66d99bcbc/typing_extensions-3.10.0.0-py3-none-any.whl
Installing collected packages: zipp, typing-extensions, importlib-metadata, click, spark-parser, six, xdis, uncompyle6
Successfully installed click-8.0.1 importlib-metadata-4.6.4 six-1.16.0 spark-parser-1.8.9 typing-extensions-3.10.0.0 uncompyle6-3.7.4 xdis-5.0.11 zipp-3.5.0
3.反编译代码
进入代码目录
[root@web03 ~]
[root@web03 tower_license]
vim ip/get_ifconfig.yml
- hosts: all
tasks:
- name: Get Ifconfig
shell: 'ifconfig'
[root@web03 tower_license]
[root@web03 tower_license]
[root@web03 tower_license]
[root@web03 tower_license]
Restarting Tower
Redirecting to /bin/systemctl stop rh-postgresql10-postgresql.service
Redirecting to /bin/systemctl stop rabbitmq-server.service
Redirecting to /bin/systemctl stop nginx.service
Redirecting to /bin/systemctl stop supervisord.service
Redirecting to /bin/systemctl start rh-postgresql10-postgresql.service
Redirecting to /bin/systemctl start rabbitmq-server.service
Redirecting to /bin/systemctl start nginx.service
Redirecting to /bin/systemctl start supervisord.service
Ansible Tower使用
先创建连接虚拟机的方式
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-1gMeliQG-1629379218799)(C:\Users\TF\AppData\Roaming\Typora\typora-user-images\image-20210819211124922.png)]
选择使用密码或者秘钥
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-tLKyVozR-1629379218801)(C:\Users\TF\AppData\Roaming\Typora\typora-user-images\image-20210819211249645.png)]
创建主机清单
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-WEQesX5a-1629379218802)(C:\Users\TF\AppData\Roaming\Typora\typora-user-images\image-20210819211340192.png)]
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-agN208tn-1629379218803)(C:\Users\TF\AppData\Roaming\Typora\typora-user-images\image-20210819211403678.png)]
添加主机
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-6NcULRNO-1629379218804)(C:\Users\TF\AppData\Roaming\Typora\typora-user-images\image-20210819211423659.png)]
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-cE8zy6Ys-1629379218805)(C:\Users\TF\AppData\Roaming\Typora\typora-user-images\image-20210819211434504.png)]
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-phJYJ3RZ-1629379218806)(C:\Users\TF\AppData\Roaming\Typora\typora-user-images\image-20210819211456241.png)]
添加项目
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-q5UmytHZ-1629379218806)(C:\Users\TF\AppData\Roaming\Typora\typora-user-images\image-20210819211547028.png)]
编辑playbook
[root@web03 tower_license]
[root@web03 projects]
[root@web03 projects]
- hosts: all
tasks:
- name: Get Ifconfig
shell: 'ifconfig'
[root@web03 projects]
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-b9BnSUqx-1629379218807)(C:\Users\TF\AppData\Roaming\Typora\typora-user-images\image-20210819211727119.png)]
创建执行任务的模板
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-hh2OCwqG-1629379218809)(C:\Users\TF\AppData\Roaming\Typora\typora-user-images\image-20210819211749041.png)]
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-Xxoha8bj-1629379218810)(C:\Users\TF\AppData\Roaming\Typora\typora-user-images\image-20210819211759661.png)]
执行任务的结果
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-uoN9NNcv-1629379218812)(C:\Users\TF\AppData\Roaming\Typora\typora-user-images\image-20210819211854076.png)]
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-laxPWVXi-1629379218813)(C:\Users\TF\AppData\Roaming\Typora\typora-user-images\image-20210819211907288.png)]
绿色:表示成功
红色:表示失败
.授权
[root@web03 projects]# chown awx.awx -R /var/lib/awx/projects/
[外链图片转存中...(img-b9BnSUqx-1629379218807)]
**创建执行任务的模板**
[外链图片转存中...(img-hh2OCwqG-1629379218809)]
[外链图片转存中...(img-Xxoha8bj-1629379218810)]
**执行任务的结果**
**绿色:表示成功**
**红色:表示失败**
|