use ansible configuration file "ansible.cfg"
I execute following command to specify inventory file "hosts" and vault password file "vault.txt".
By preparing ansible.cfg, I don't have to specify inventory file path and vault password file path every time.
[root@cent7devops ansible-test]# ansible-playbook -i hosts site.yml --vault-id vault.txt -l node01
I show prepared files.
[root@cent7devops ansible-test]# ls -1 ansible.cfg hosts vault.txt ansible.cfg hosts vault.txt [root@cent7devops ansible-test]#
[root@cent7devops ansible-test]# cat ansible.cfg [defaults] inventory=./hosts vault_password_file=./vault.txt [root@cent7devops ansible-test]#
[root@cent7devops ansible-test]# cat hosts [grp_node] node01 ansible_host=172.16.10.111 ansible_user=root node02 ansible_host=172.16.10.112 ansible_user=root node03 ansible_host=172.16.10.113 ansible_user=root [root@cent7devops ansible-test]#
Then, The command shown at the beginning is as follows.
[root@cent7devops ansible-test]# ansible-playbook site.yml -l node01
I have to study Container.
How Container Runtimes matter in Kubernetes? https://schd.ws/hosted_files/ossalsjp18/95/OSSJP_KubernetesRuntimes.pdf
When I study systemd.
This is useful information page for systemd. systemd - ArchWiki
try to use ansible-vault
When we use ansible, we would like to encrypt secret information like password.
Ansbile have ansible-vault
command to encrypt.
I try ansible-vault
command.
I create inventory file.
[root@cent7devops ansible-test]# cat hosts [test] node01 ansible_host=172.16.10.101 ansible_user=root [root@cent7devops ansible-test]#
I create host variables file.
[root@cent7devops ansible-test]# cat host_vars/node01.yml --- ansible_ssh_pass: passwordstring [root@cent7devops ansible-test]#
I encrypt host variables file.
"vault.txt" is a file to provide a vault password.
[root@cent7devops ansible-test]# ansible-vault encrypt host_vars/node01.yml --vault-id ./vault.txt Encryption successful [root@cent7devops ansible-test]#
I view the contents of an encrypted file.
[root@cent7devops ansible-test]# ansible-vault view host_vars/node01.yml --vault-id ./vault.txt --- ansible_ssh_pass: passwordstring [root@cent7devops ansible-test]#
I confirm variables of "node01" by ansible-inventory
command
[root@cent7devops ansible-test]# ansible-inventory -i hosts --host node01 --vault-id ./vault.txt { "ansible_host": "172.16.10.101", "ansible_ssh_pass": "passwordstring", "ansible_user": "root" } [root@cent7devops ansible-test]#
install ansible 2.5 on centos 7.
[root@localhost ~]# yum install epel-release *snip* Installed: epel-release.noarch 0:7-9 Complete! [root@localhost ~]#
[root@localhost ~]# yum --enablerepo=epel install ansible *snip* Installed: ansible.noarch 0:2.5.2-1.el7 Dependency Installed: PyYAML.x86_64 0:3.10-11.el7 libtomcrypt.x86_64 0:1.17-26.el7 libtommath.x86_64 0:0.42.0-6.el7 libyaml.x86_64 0:0.1.4-11.el7_0 python-babel.noarch 0:0.9.6-8.el7 python-backports.x86_64 0:1.0-8.el7 python-backports-ssl_match_hostname.noarch 0:3.4.0.2-4.el7 python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 python-httplib2.noarch 0:0.9.2-1.el7 python-idna.noarch 0:2.4-1.el7 python-ipaddress.noarch 0:1.0.16-2.el7 python-jinja2.noarch 0:2.7.2-2.el7 python-keyczar.noarch 0:0.71c-2.el7 python-markupsafe.x86_64 0:0.11-10.el7 python-paramiko.noarch 0:2.1.1-4.el7 python-ply.noarch 0:3.4-11.el7 python-pycparser.noarch 0:2.14-1.el7 python-setuptools.noarch 0:0.9.8-7.el7 python-six.noarch 0:1.9.0-2.el7 python2-crypto.x86_64 0:2.6.1-15.el7 python2-cryptography.x86_64 0:1.7.2-1.el7_4.1 python2-jmespath.noarch 0:0.9.0-3.el7 python2-pyasn1.noarch 0:0.1.9-7.el7 sshpass.x86_64 0:1.06-2.el7 Complete! [root@localhost ~]#
[root@localhost ~]# ansible --version ansible 2.5.2 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible python version = 2.7.5 (default, Aug 4 2017, 00:39:18) [GCC 4.8.5 20150623 (Red Hat 4.8.5-16)] [root@localhost ~]#
Can I create streaming video page?
This is useful !?