Ansible Vault加密

Ansible Vault可以对文件进行加密。

可以将Vault密码通过命令行交互式保存,也可以将密码存储在文件中。

1. 首先定义一个users.yaml

---
- name: create user
  hosts: dev
  vars:
      users:
      - user01
      - user02
      - user03
  tasks:
    - name: create user
      user:
        name: "{{ item }}"
        state: present
      loop: "{{  users }}"

    - name: set password
      shell: echo '12345678' | passwd --stdin "{{ item }}"
      loop: "{{ users }}"

 

2. 使用Vault进行加密

# ansible-vault encrypt users.yaml
New Vault password: 
Confirm New Vault password:

3. 执行yaml时解密

# ansible-playbook --vault-id @prompt users.yaml
Vault password (default): 
PLAY [create user] *********************************************************************************************

TASK [Gathering Facts] *****************************************************************************************
ok: [servera.lab.example.com]

TASK [create user] *********************************************************************************************
ok: [servera.lab.example.com] => (item=user01)
ok: [servera.lab.example.com] => (item=user02)
ok: [servera.lab.example.com] => (item=user03)
【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/vincenshen/p/12587166.html