拷贝key到客户端
[iyunv@ansible ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.29.193
The authenticity of host '172.16.29.193 (172.16.29.193)' can't be established.
RSA key fingerprint is 0d:2c:da:c7:2b:2c:38:d3:28:bc:78:65:f4:dc:af:4f.
Are you sure you want to continue connecting (yes/no)? yes --输入yes
Warning: Permanently added '172.16.29.193' (RSA) to the list of known hosts. root@172.16.29.193's password: --输入172.16.29.193服务器的root密码
Now try logging into the machine, with "ssh 'root@172.16.29.193'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
到客户端查看key
[iyunv@web1 ~]# ls ~/.ssh/authorized_keys
/root/.ssh/authorized_keys
默认的模块名为command ,即“-m command” 可以省略
如:
ansible host1 -m command -a "uptime" 等价与 ansible host1 -a "uptime"
#ansible host1 -m service -a "name=httpd state=restarted"
5、ansible 管理系统用户
首先生成密码:
#openssl passwd -1 -salt 12345678
Password: --输入密码,就会生成加密字符串
创建:
#ansible web -m user -a 'name=test1 comment="add a test user" password="$1$12345678$qT.Vr20lsSaufZbuk4JIb."'
删除:
#ansible web -m user -a "name=test1 state=absent" --使用这种方式删除用户,不会删除用户的家目录
#ansible web -m user -a "name=test1 state=absent remove=yes" --使用这种方式删除用户,可以删除用户的家目录
ansible 使用普通用户操作
#su - test
$ansible webservers -m ping -u test1 -sudo