下面是我运行剧本时需要使用的清单文件。
[eu-de_eos]
eos-apps-45180 ansible_host=10.20.0.21
eos-apps-45181 ansible_host=10.20.0.22
[eu-de_ora]
ora-apps-45184 ansible_host=10.20.0.23
ora-apps-45185 ansible_host=10.20.0.24
[all_servers:children]
eu-de_eos
eu-de_ora
这是我的剧本,它只为库存中的每个主机做一只猫等/主机,并为此目的承担任务。
- name: Cat /etc/hosts
hosts: "{{ variable_host | default('all') }}"
remote_user: "{{ variable_user | default('ansible') }}"
roles:
- cat-hosts
为了能够通过 ssh 连接到清单中的远程主机,我需要通过一个堡垒。我知道在使用堡垒时我需要添加 ansible_ssh_common_args 像 eu-de_ora:vars 或 eu-de_eos:vars。更多细节在这里。我需要提到通过堡垒的连接有效,但我需要在不同的文件中使用 vars ,这是主要要求,如下所示:
这是我使用的 yaml 文件,但这仅适用于 eu-de_ora,10.20.30.40 应该是堡垒的 IP。
ansible_port: 22
ansible_user: linux
ansible_ssh_private_key_file: ~/.ssh/ora.pem
ansible_ssh_common_args: "-o StrictHostKeyChecking=no -o ProxyCommand=\"ssh -q [email protected] -o Port=65222 -W %h:%p\""
要使用上述文件作为 --extra-vars 运行我的剧本,我运行以下命令:
ansible-playbook -i inventory/inventory-otc-50160 manage_users.yml --extra-vars "@inventory/oravars.yaml" --extra-vars "variable_host=eu-de_ora"
但是这个场景只针对eu_de-ora。我需要为两个远程主机运行我的剧本,并在不同的文件中有 ansible_ssh_common_args。
我希望有一个不同的 yaml 文件,我可以将其用于两个远程主机。我需要提一下,我尝试了不同的方法,但都没有用。
#This is not working :(
eu-de_ora:
ansible_port: 22
ansible_user: linux
ansible_ssh_private_key_file: ~/.ssh/ora.pem
ansible_ssh_common_args: "-o StrictHostKeyChecking=no -o ProxyCommand=\"ssh -q [email protected] -o Port=65222 -W %h:%p\""
eu-de_eos:
ansible_port: 22
ansible_user: linux
ansible_ssh_private_key_file: ~/.ssh/eos.pem
ansible_ssh_common_args: "-o StrictHostKeyChecking=no -o ProxyCommand=\"ssh -q [email protected] -o Port=65222 -W %h:%p\""
你不需要额外的变量,只需要一个正确制作的库存:
示例文件结构:
.
├── demo_playbook.yml
└── inventories
└── demo
├── group_vars
│ ├── all.yml
│ ├── eu-de_eos.yml
│ └── eu-de_ora.yml
└── hosts
hosts
文件:
[eu-de_eos]
eos-apps-45180 ansible_host=10.20.0.21
eos-apps-45181 ansible_host=10.20.0.22
[eu-de_ora]
ora-apps-45184 ansible_host=10.20.0.23
ora-apps-45185 ansible_host=10.20.0.24
[all_servers:children]
eu-de_eos
eu-de_ora
组变量:
all.yml
---
ansible_port: 22
ansible_user: linux
ansible_ssh_common_args: "-o StrictHostKeyChecking=no -o ProxyCommand=\"ssh -q ansible@{{ jump_host }} -o Port=65222 -W %h:%p\""
eu-de_eos.yml
---
ansible_ssh_private_key_file: ~/.ssh/eos.pem
jump_host: 30.40.50.60
* `eu-de_ora.yml`
```yaml
---
ansible_ssh_private_key_file: ~/.ssh/ora.pem
jump_host: 10.20.30.40
将上述库存与假人一起使用
demo_playbook.yml
:
---
- hosts: all_servers
gather_facts: false
tasks:
- ansible.builtin.debug:
msg:
- "I'm running on {{ inventory_hostname }}"
- "I'd connect to target with user {{ ansible_user }}"
- "I'd use ssh port {{ ansible_port }}"
- "The private key for ssh would be {{ ansible_ssh_private_key_file }}"
- "The ssh option I would use are: {{ ansible_ssh_common_args }}"
给:
$ ansible-playbook -i inventories/demo/ demo_playbook.yml
[WARNING]: Invalid characters were found in group names but not replaced, use -vvvv to see details
PLAY [all_servers] *********************************************************************************************************************************************************************************************************************
TASK [ansible.builtin.debug] ***********************************************************************************************************************************************************************************************************
ok: [eos-apps-45180] => {
"msg": [
"I'm running on eos-apps-45180",
"I'd connect to target with user linux",
"I'd use ssh port 22",
"The private key for ssh would be ~/.ssh/eos.pem",
"The ssh option I would use are: -o StrictHostKeyChecking=no -o ProxyCommand=\"ssh -q [email protected] -o Port=65222 -W %h:%p\""
]
}
ok: [eos-apps-45181] => {
"msg": [
"I'm running on eos-apps-45181",
"I'd connect to target with user linux",
"I'd use ssh port 22",
"The private key for ssh would be ~/.ssh/eos.pem",
"The ssh option I would use are: -o StrictHostKeyChecking=no -o ProxyCommand=\"ssh -q [email protected] -o Port=65222 -W %h:%p\""
]
}
ok: [ora-apps-45184] => {
"msg": [
"I'm running on ora-apps-45184",
"I'd connect to target with user linux",
"I'd use ssh port 22",
"The private key for ssh would be ~/.ssh/ora.pem",
"The ssh option I would use are: -o StrictHostKeyChecking=no -o ProxyCommand=\"ssh -q [email protected] -o Port=65222 -W %h:%p\""
]
}
ok: [ora-apps-45185] => {
"msg": [
"I'm running on ora-apps-45185",
"I'd connect to target with user linux",
"I'd use ssh port 22",
"The private key for ssh would be ~/.ssh/ora.pem",
"The ssh option I would use are: -o StrictHostKeyChecking=no -o ProxyCommand=\"ssh -q [email protected] -o Port=65222 -W %h:%p\""
]
}
PLAY RECAP *****************************************************************************************************************************************************************************************************************************
eos-apps-45180 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
eos-apps-45181 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
ora-apps-45184 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
ora-apps-45185 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
请注意有关无效组名称的警告,您应将短划线 (
-
) 替换为下划线 (_
)。