Ansible配置sudo提权免密登录

配置EPEL源:

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum clean all
yum makecache

安装ansible配置文件

yum install ansible

修改ansible配置文件

vim /etc/ansible/ansible.cfg
#去掉如下注释:
inventory      = /etc/ansible/hosts
remote_tmp     = ~/.ansible/tmp
local_tmp      = ~/.ansible/tmp
sudo_user      = root
ask_sudo_pass = True
remote_port    = 22
#去掉hosts_key检查步骤
host_key_checking = False

[privilege_escalation]
become=True
become_method=sudo
become_user=root
#become_ask_pass=False

配置hosts文件

#vim /etc/ansible/hosts
[webservers]
web1
web2
[webservers:vars]
#2.8版本
ansible_ssh_user=xx
ansible_sudo_pass='xxx'
ansible_ssh_pass='xxx'
#2.9版本
ansible_ssh_user=xxx
#ansible_become_user=root
ansible_become=true
ansible_become_method=sudo 
ansible_become_pass='xxx'

演示

[root@fpm01v ~]# ansible webservers -m command -a "df -h" 
[DEPRECATION WARNING]: DEFAULT_ASK_SUDO_PASS option, In favor of Ansible Become, which is a generic framework. See become_ask_pass. , use become instead. This feature will be removed in 
version 2.9. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
nginx.test1 | CHANGED | rc=0 >>
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/VolGroup00-LogVol03
                      1.5T  5.3G  1.5T   1% /
tmpfs                  63G     0   63G   0% /dev/shm
/dev/sda1             194M   77M  108M  42% /boot
/dev/mapper/VolGroup00-LogVol01
                     1008M   34M  924M   4% /tmp
/dev/mapper/VolGroup00-LogVol02
                      4.0G  290M  3.5G   8% /var

运行playbook

[root@yxfpm01v webserver]# ansible-playbook send_derviceinfo.yaml 
[DEPRECATION WARNING]: DEFAULT_ASK_SUDO_PASS option, In favor of Ansible Become, which is a generic framework. See become_ask_pass. , use become instead. This feature will be removed in 
version 2.9. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.

PLAY [webservers] ***************************************************************************************************************************************************************************

TASK [Gathering Facts] **********************************************************************************************************************************************************************
ok: [nginx.test]

TASK [下发send_dervice_info.py脚本] **********************************************************************************************************************************************************
ok: [nginx.test]

PLAY RECAP **********************************************************************************************************************************************************************************
nginx.test : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

你可能感兴趣的:(Ansible)