This is an old revision of the document!
node1# apt install ansible
nodeN# apt install python python-apt
node1# cat /etc/ansible/hosts
#[corp] #server.corp[1:12].un #server.corp13.un ansible_ssh_user=root ansible_ssh_pass=123 192.168.[1:25].10 [corpX] node[1:2] [nodes] 192.168.X.[10:30:10] ansible_ssh_user=vagrant ansible_ssh_pass=vagrant [addnodes] 192.168.X.[3:9] ansible_ssh_user=root ansible_ssh_pass=123 [sws] switch[1:3] ansible_ssh_user=root ansible_ssh_pass=cisco
# cat /etc/ansible/ansible.cfg
... host_key_checking = False ...
node1# ssh-keygen node1# ssh-copy-id node1 node1# ssh-copy-id node2
node1# ansible corpX -m ping node1# ansible all -m ping node1# ansible corpX -m command -a 'uname -a' node1# ansible corpX -a 'uname -a' node1# ansible corpX -m apt -a 'pkg=apache2 state=present update_cache=true' server# ansible sws -m ios_command -a "commands='show cdp nei'" -c local
λ npp provision_always.yml
- hosts: all become: yes user: vagrant tasks: - name: Install Docker's prequirement apt: pkg: - apt-transport-https - ca-certificates - curl - gnupg2 - software-properties-common state: present update_cache: true - name: Add Docker's official GPG key apt_key: url: https://download.docker.com/linux/debian/gpg state: present - name: Add Docker's repository into sources list apt_repository: repo: deb [arch=amd64] https://download.docker.com/linux/debian buster stable state: present - name: Install Docker apt: pkg=docker-ce state=present update_cache=true
λ vagrant rsync λ vagrant provision --provision-with provision_always
node1# cat addusers.yml
- hosts: corpX tasks: - name: Add user1 user: name: user1 uid: 10001 shell: /bin/bash comment: "Ivan Ivanovitch Ivanov,RA1,401,499-239-45-23" password: $6$3Gz1ZuH3yHckA$wQNZbfU/9G6bYx08owpn7CoFP//2WbB4cmDDOgwDYBbwEyHxB0QQyCuMrOiPOLv3JF5RFtIv/r/kxoPPYFCsx1 - name: Add user2 user: name: user2 uid: 10002 shell: /bin/bash comment: "Petr Petrovitch Petrov,RA7,402,499-323-55-53" password: $6$x/AU/p9Dgi/ZiNF$6Xb8J4fsGuTi5IR0LaZe5pSgRX8vp54sfQGWJZZwKX.KFVpUL9m2PJNDh/d/l0rocueIvVjdQTzEAYPMmTm991
node1# ansible-playbook addusers.yml
server# cat cisco_change_conf.yml
- hosts: sws connection: local tasks: - name: Change config on cisco device ios_config: lines: # - logging facility local0 # - logging host server - ip scp server enable # - snmp-server community write RW # - snmp-server enable traps config # - snmp-server enable traps config-copy
server# ansible-playbook cisco_change_conf.yml server# ansible-playbook cisco_change_conf.yml --limit @/root/cisco_change_conf.retry
node1# ansible -m setup corpX node1# ansible -m setup corpX | grep ansible_fqdn node1# cat index.html.j2
<html> <body> <h1> {{ ansible_fqdn }} </h1> </body> </html>
node1# cat inst_apache.yml
- hosts: corpX tasks: - name: Installs apache web server apt: pkg=apache2 state=present update_cache=true - name: Create index.html file template: src=index.html.j2 dest=/var/www/html/index.html
node1# ansible-playbook inst_apache.yml
# cat iax.conf.j2
[general] disallow=all allow=alaw {% for Y in YS %} [corp{{Y}}] type=user host=dynamic secret=apassword{{Y}} auth=md5 [corp{{Y}}] type=peer host=server.corp{{Y}}.un username=corp{{X}} secret=apassword{{X}} auth=md5 {% endfor %}
# cat ast_iax_corps.yml
- hosts: corp tasks: - name: Create iax.conf file template: src=iax.conf.j2 dest=/etc/asterisk/iax.conf - name: Reload asterisk confs service: name=asterisk state=reloaded
# ansible-playbook ast_iax_corps.yml --extra-vars '{"X":"{{ ansible_eth0.ipv4.address.split(\".\")[3] }}","YS":[1,2,3,4,5,6,7,8,9,10,11,12,13]}'
node1# cat conf_apache.yml
- hosts: corpX tasks: - name: Add userdir to apache apache2_module: state: present # state: absent name: userdir notify: - restart apache handlers: - name: restart apache service: name=apache2 state=restarted
node1# ansible-playbook conf_apache.yml
# cat host.yml
- name: Network config for hosts hosts: addnodes roles: - host
# cat host/vars/main.yml
name_prefix: node X: "{{ ansible_eth0.ipv4.address.split('.')[2] }}" N: "{{ ansible_eth0.ipv4.address.split('.')[3] }}"
# cat host/tasks/main.yml
- name: Create hosts file template: src=hosts.j2 dest=/etc/hosts - name: Create resolv.conf file template: src=resolv.conf.j2 dest=/etc/resolv.conf - name: Create hostname file template: src=hostname.j2 dest=/etc/hostname - name: Create interfaces file template: src=interfaces.j2 dest=/etc/network/interfaces - name: Restart system reboot:
# cat host/templates/hostname.j2
{{ name_prefix }}{{ N }}.corp{{ X }}.un
# cat host/templates/hosts.j2
127.0.0.1 localhost {{ ansible_eth0.ipv4.address }} {{ name_prefix }}{{ N }}.corp{{ X }}.un {{ name_prefix }}{{ N }}
# cat host/templates/resolv.conf.j2
search corp{{ X }}.un nameserver 192.168.{{ X }}.1 nameserver 192.168.{{ X }}.2
# cat host/templates/interfaces.j2
auto lo iface lo inet loopback auto eth0 iface eth0 inet static address {{ ansible_eth0.ipv4.address }} netmask 255.255.255.0 gateway 192.168.{{ X }}.254
# ansible-playbook host.yml