User Tools

Site Tools


сервис_ansible

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
сервис_ansible [2022/03/15 09:42]
val [Пример 3]
сервис_ansible [2024/03/25 10:43] (current)
val [Использование модулей]
Line 1: Line 1:
 ====== Сервис Ansible ====== ====== Сервис Ansible ======
 +
 +  * Управление инфраструктурой на примере [[https://​ru.wikipedia.org/​wiki/​Ansible|Аnsible - wikipedia]]
  
   * [[https://​habrahabr.ru/​company/​express42/​blog/​254959/​|Ansible — давайте попробуем]]   * [[https://​habrahabr.ru/​company/​express42/​blog/​254959/​|Ansible — давайте попробуем]]
-  * [[https://​habrahabr.ru/​post/​195048/​|Ansible]] 
   * [[https://​habrahabr.ru/​post/​305400/​|Пособие по Ansible]]   * [[https://​habrahabr.ru/​post/​305400/​|Пособие по Ansible]]
 +  * [[https://​habr.com/​ru/​post/​508762/​|Основы Ansible, без которых ваши плейбуки — комок слипшихся макарон]]
  
   * [[https://​www.cisco.com/​c/​dam/​m/​ru_ru/​training-events/​2019/​cisco-connect/​pdf/​introduction_automation_with_ansible_idrey.pdf|Введение в автоматизацию с помощью Ansible (Cisco)]]   * [[https://​www.cisco.com/​c/​dam/​m/​ru_ru/​training-events/​2019/​cisco-connect/​pdf/​introduction_automation_with_ansible_idrey.pdf|Введение в автоматизацию с помощью Ansible (Cisco)]]
Line 45: Line 47:
 #[corp] #[corp]
 #​server.corp13.un #​server.corp13.un
-#​server.corp[1:​12].un ansible_ssh_user=root ansible_ssh_pass=123 +#​server.corp[1:​12].un ansible_ssh_user=root ansible_ssh_pass=strongpassword 
-#​mail.corp[1:​12].un ansible_ssh_user=root ansible_ssh_pass=123+#​mail.corp[1:​12].un ansible_ssh_user=root ansible_ssh_pass=strongpassword
 #​192.168.[1:​25].10 #​192.168.[1:​25].10
  
Line 53: Line 55:
  
 [addnodes] [addnodes]
-192.168.X.[3:​9] ansible_ssh_user=root ansible_ssh_pass=123+192.168.X.[3:​9] ansible_ssh_user=root ansible_ssh_pass=strongpassword
  
 [sws] [sws]
Line 59: Line 61:
  
 [nodes] [nodes]
 +##​192.168.X.[210:​230:​10]
 +##​192.168.X.[201:​203]
 node[1:3] node[1:3]
  
 [nodes:​vars] [nodes:​vars]
 ansible_ssh_user=vagrant ansible_ssh_user=vagrant
-ansible_ssh_pass=123+ansible_ssh_pass=strongpassword 
 +#​ansible_sudo_pass=strongpassword
 ansible_become=yes ansible_become=yes
 </​code>​ </​code>​
Line 75: Line 80:
 </​code><​code>​ </​code><​code>​
 [defaults] [defaults]
-...+#...
 host_key_checking = False host_key_checking = False
-...+#...
 </​code>​ </​code>​
  
Line 96: Line 101:
  
 node1# ansible corpX -m ping node1# ansible corpX -m ping
 +node1# ansible localhost -m ping
 node1# ansible all -m ping node1# ansible all -m ping
 node1# ansible all -m ping -i inv_file.ini node1# ansible all -m ping -i inv_file.ini
Line 101: Line 107:
  
 node1# ansible corpX -m command -a 'uname -a' node1# ansible corpX -m command -a 'uname -a'
-node1# ansible ​corpX -a 'uname -a'+ 
 +kube1# ansible ​kubes -a 'sed -i""​ -e "/​swap/​s/​^/#/"​ /​etc/​fstab'​ 
 +kube1# ansible kubes -a 'swapoff -a' 
 +  ИЛИ 
 +(venv1) server# ansible all -a 'sed -i""​ -e "/​swap/​s/​^/#/"​ /​etc/​fstab'​ -i /​root/​kubespray/​inventory/​mycluster/​hosts.yaml #​--limit=kube4 
 +(venv1) server# ansible all -a '​swapoff -a' -i /​root/​kubespray/​inventory/​mycluster/​hosts.yaml #​--limit=kube4
  
 node1# ansible corpX -f 2 -m apt -a '​pkg=apache2 state=present update_cache=true'​ node1# ansible corpX -f 2 -m apt -a '​pkg=apache2 state=present update_cache=true'​
  
-node1# ansible addnodes -f 5 -m apt -a '​pkg=ceph state=present update_cache=true'​ +node1# ansible addnodes ​-vv -f 5 -m apt -a '​pkg=ceph,​tgt-rbd ​state=present update_cache=true' ​#-e '​https_proxy=http://​radio.specialist.ru:​3128/'​ -e '​http_proxy=http://​radio.specialist.ru:​3128/'​ 
-node1# ansible ​addnodes ​-m community.general.shutdown ​ !!!Зависает Vbox, попробовать в один поток+ 
 +server# ansible ​nodes -f 3 -m apt -a '​pkg=openvpn state=present update_cache=true'​ 
 +server# ansible nodes -f 3 -m apt -a '​pkg=docker.io state=present update_cache=true'​
  
-node3# ansible addnodes -m copy -a '​src=/​etc/​ceph/​ceph.conf dest=/​etc/​ceph/​ceph.conf'​ 
  
 ubuntu20# apt install python3-paramiko ubuntu20# apt install python3-paramiko
Line 124: Line 136:
  
 ==== Пример 1 ==== ==== Пример 1 ====
 +
 +  * [[Технология Docker]]
 +
 <​code>​ <​code>​
-λ cat provision_docker.yml+server# cat provision_docker.yml 
 + 
 +  или 
 + 
 +λ touch provision_docker.yml 
 + 
 +  или 
 + 
 +student@node1:​~$ ​cat /vagrant/provision_docker.yml
 </​code><​code>​ </​code><​code>​
 - hosts: "{{ variable_host | default('​all'​) }}" - hosts: "{{ variable_host | default('​all'​) }}"
Line 143: Line 166:
     - name: Add Docker'​s official GPG key     - name: Add Docker'​s official GPG key
       apt_key:       apt_key:
-        ​url: https://​download.docker.com/​linux/​debian/​gpg+#        ​url: https://​download.docker.com/​linux/​debian/gpg 
 +#        url: https://​download.docker.com/​linux/​ubuntu/gpg
         state: present         state: present
     - name: Add Docker'​s repository into sources list     - name: Add Docker'​s repository into sources list
       apt_repository:​       apt_repository:​
-#        repo: deb [arch=amd64] https://​download.docker.com/​linux/​debian ​buster ​stable +#        repo: deb [arch=amd64] https://​download.docker.com/​linux/​debian ​bullseye ​stable 
-        repo: deb [arch=amd64] https://​download.docker.com/​linux/​debian bullseye ​stable+       repo: deb [arch=amd64] https://​download.docker.com/​linux/​ubuntu focal stable
         state: present         state: present
     - name: Install Docker     - name: Install Docker
-      apt: pkg=docker-ce state=present update_cache=true +      apt:  
-</​code><​code>​ +        ​pkg
-gate# ansible-playbook provision_docker.yml+          - docker-ce 
 +          - docker-ce-cli 
 +          - containerd.io 
 +          - docker-compose-plugin 
 +        ​statepresent ​ 
 +        ​update_cachetrue 
 +</​code>​ 
 + 
 +  * Технология Vagrant: [[Технология Vagrant#​Provision с использованием ansible]] 
 + 
 +<​code>​ 
 +server# ansible-playbook provision_docker.yml
  
-gate# ansible-playbook provision_docker.yml -i inv_file.ini+server# ansible-playbook provision_docker.yml --extra-vars "​variable_host=nodes"​
  
-gate# ansible-playbook provision_docker.yml -"ansible_python_interpreter=/​usr/​bin/​python3" ​-i 192.168.X.1:​2222,​+server# ansible-playbook provision_docker.yml --extra-vars ​"variable_host=localhost"
  
-gate# ansible-playbook provision_docker.yml --extra-vars "​variable_host=corp"​+server# ansible-playbook provision_docker.yml -i inv_file.ini
  
-gate# ansible-playbook provision_docker.yml --extra-vars ​"variable_host=localhost"+server# ansible-playbook provision_docker.yml -"ansible_python_interpreter=/​usr/​bin/​python3" ​-i 192.168.X.1:​2222,​
 </​code>​ </​code>​
 ==== Пример 2 ==== ==== Пример 2 ====
Line 188: Line 223:
  
 </​code><​code>​ </​code><​code>​
 +node1# ansible-playbook addusers.yml --syntax-check
 +
 +node1# apt install ansible-lint ​
 +node1# ansible-lint addusers.yml
 +
 node1# ansible-playbook addusers.yml node1# ansible-playbook addusers.yml
 </​code>​ </​code>​
Line 200: Line 240:
 - hosts: sws - hosts: sws
   connection: local   connection: local
 +  gather_facts:​ no
   tasks:   tasks:
     - name: configure top level configuration     - name: configure top level configuration
       ios_config:       ios_config:
         lines:         lines:
-          - ip host server 192.168.X.10 
- 
-          - snmp-server host server writetrap 
           - snmp-server community write RW           - snmp-server community write RW
 +        ​
 +#          - ip host server 192.168.X.10
 +#          - snmp-server host server writetrap
  
 #          - snmp-server enable traps config #          - snmp-server enable traps config
Line 227: Line 268:
 #          - enable secret cisco #          - enable secret cisco
 #          - aaa authorization console #          - aaa authorization console
 +
 #          - aaa authentication login default local #          - aaa authentication login default local
 #          - aaa authorization exec default local #          - aaa authorization exec default local
Line 273: Line 315:
 <​body>​ <​body>​
 <h1> <h1>
-{{ ansible_fqdn }}+Hello from {{ ansible_fqdn }}
 </h1> </h1>
 </​body>​ </​body>​
Line 325: Line 367:
 </​code>​ </​code>​
 ===== Использование handlers ===== ===== Использование handlers =====
 +
 +==== Пример 1 ====
 +
 +  * [[Сервис HTTP#​Использование домашних каталогов]]
  
 <​code>​ <​code>​
Line 346: Line 392:
 </​code>​ </​code>​
  
 +==== Пример 2 ====
 +
 +<​code>​
 +server# cat za.conf
 +</​code><​code>​
 +ListenIP=0.0.0.0
 +StartAgents=0
 +ServerActive=server
 +UserParameter=listinstalledsoft,​ls /​usr/​share/​applications | awk -F '​.desktop'​ ' { print $1}' -
 +</​code><​code>​
 +node1# cat za.yml
 +</​code><​code>​
 +- hosts: lin_ws
 +  tasks:
 +    - name: Install zabbix agent
 +      apt: pkg=zabbix-agent state=present update_cache=true
 +
 +    - name: Create conf file
 +      copy: src=za.conf dest=/​etc/​zabbix/​zabbix_agentd.conf.d/​za.conf
 +      notify:
 +        - restart za
 +
 +  handlers:
 +    - name: restart za
 +      service: name=zabbix-agent state=restarted
 +</​code><​code>​
 +server# ansible-playbook za.yml
 +</​code>​
 ===== Использование ролей ===== ===== Использование ролей =====
  
   * [[https://​rtfm.co.ua/​ansible-roli-roles-primer/​|Ansible:​ роли (roles) – пример]]   * [[https://​rtfm.co.ua/​ansible-roli-roles-primer/​|Ansible:​ роли (roles) – пример]]
 +  * [[https://​andreyex.ru/​linux/​ansible-roli-v-ansible/​|Ansible. Роли в Ansible]]
   * [[Настройка стендов слушателей#​Ansible конфигурация]]   * [[Настройка стендов слушателей#​Ansible конфигурация]]
 +
 +==== Роль настроенного через ifupdown узла сети ====
  
 <​code>​ <​code>​
 +# ###cd /root/conf/
 +# ###git pull origin master
 +# ###cd /​root/​conf/​ansible/​roles/​
 +
 # cat nodes.yml # cat nodes.yml
 </​code><​code>​ </​code><​code>​
 - name: Network config for nodes - name: Network config for nodes
   hosts: addnodes   hosts: addnodes
 +#  hosts: kubes
 +#  hosts: all
   roles:   roles:
     - node     - node
Line 364: Line 447:
 </​code><​code>​ </​code><​code>​
 name_prefix:​ node name_prefix:​ node
 +#​name_prefix:​ kube
 X: "{{ ansible_eth0.ipv4.address.split('​.'​)[2] }}" X: "{{ ansible_eth0.ipv4.address.split('​.'​)[2] }}"
-N: "{{ ansible_eth0.ipv4.address.split('​.'​)[3] }}"+N: "{{ ansible_eth0.ipv4.address.split('​.'​)[3][-1] }}"
 </​code><​code>​ </​code><​code>​
 # cat node/​tasks/​main.yml # cat node/​tasks/​main.yml
Line 411: Line 495:
 nameserver 192.168.{{ X }}.1 nameserver 192.168.{{ X }}.1
 nameserver 192.168.{{ X }}.2 nameserver 192.168.{{ X }}.2
 +#nameserver 192.168.{{ X }}.10
 </​code><​code>​ </​code><​code>​
 # cat node/​templates/​interfaces.j2 # cat node/​templates/​interfaces.j2
Line 422: Line 507:
         netmask 255.255.255.0         netmask 255.255.255.0
         gateway 192.168.{{ X }}.254         gateway 192.168.{{ X }}.254
 +#        gateway 192.168.{{ X }}.1
 </​code><​code>​ </​code><​code>​
 # ansible-playbook -f 5 nodes.yml # ansible-playbook -f 5 nodes.yml
 +
 +  ИЛИ
 +
 +# ansible-playbook -f 5 /​root/​conf/​ansible/​roles/​nodes.yml
 +
 +  ИЛИ
 +
 +(venv1) server# ansible-playbook -f 5 /​root/​conf/​ansible/​roles/​nodes.yml -i /​root/​kubespray/​inventory/​mycluster/​hosts.yaml #​--limit=kube4
 +</​code>​
 +
 +==== Роль OpenVPN сервера ====
 +<​code>​
 +server:~# mkdir openvpn1 && cd openvpn1
 +
 +server:​~/​openvpn1#​ ansible-galaxy init openvpn1
 +
 +server:​~/​openvpn1#​ cd openvpn1/​files/​
 +
 +server:​~/​openvpn1/​openvpn1/​files#​
 +</​code>​
 +  * В текущем каталоге выполняем и сохраняем файлы из тем [[Пакет OpenSSL#​Создание параметра DH]] и [[Пакет OpenSSL#​Создание самоподписанного сертификата]] (не указываем AltName, Common Name: server - достаточно)
 +<​code>​
 +server:​~/​openvpn1/​openvpn1/​files#​ ls
 +</​code><​code>​
 +dh2048.pem ​ server.crt ​ server.key
 +</​code><​code>​
 +server:​~/​openvpn1/​openvpn1/​files#​ cd ../../
 +
 +server:​~/​openvpn1#​ cat openvpn1/​templates/​openvpn1.conf.j2
 +</​code><​code>​
 +dev tun
 +keepalive 10 120
 +
 +server {{node_nets[ansible_hostname]}} 255.255.255.0
 +
 +push "route 192.168.{{X}}.0 255.255.255.0"​
 +#push "​dhcp-option DNS 192.168.{{X}}.10"​
 +#push "​block-outside-dns"​
 +#push "​dhcp-option DOMAIN corp{{X}}.un"​
 +
 +dh /​etc/​openvpn/​dh2048.pem
 +key /​etc/​ssl/​private/​server.key
 +ca /​etc/​ssl/​certs/​server.crt
 +cert /​etc/​ssl/​certs/​server.crt
 +
 +verify-client-cert none
 +plugin /​usr/​lib/​x86_64-linux-gnu/​openvpn/​plugins/​openvpn-plugin-auth-pam.so login
 +username-as-common-name
 +#​duplicate-cn
 +
 +status /​var/​log/​openvpn1-status.log
 +
 +management 0.0.0.0 7505
 +</​code><​code>​
 +server:​~/​openvpn1#​ cat openvpn1/​tasks/​main.yml
 +</​code><​code>​
 +- name: Install OpenVPN
 +  apt: pkg=openvpn state=present update_cache=true
 +#  when: node_nets[ansible_hostname] is defined
 +
 +- name: Create openvpn1.conf file
 +  template: src=openvpn1.conf.j2 dest=/​etc/​openvpn/​openvpn1.conf
 +  notify:
 +    - restart openvpn1
 +
 +- name: Copy file server.key
 +  copy:
 +    src: server.key
 +    dest: /​etc/​ssl/​private/​server.key
 +    mode: '​0600'​
 +  notify:
 +    - restart openvpn1
 +
 +- name: Copy many files
 +  copy:
 +    src: '​{{item.0}}'​
 +    dest: '​{{item.1}}'​
 +  loop:
 +    - [ '​dh2048.pem',​ '/​etc/​openvpn/​dh2048.pem'​ ]
 +    - [ '​server.crt',​ '/​etc/​ssl/​certs/​server.crt'​ ]
 +  notify:
 +    - restart openvpn1
 +
 +- name: Enable service OpenVPN
 +  service:
 +    name: openvpn@openvpn1
 +    enabled: yes
 +#    state: started
 +</​code><​code>​
 +server:​~/​openvpn1#​ cat openvpn1/​handlers/​main.yml
 +</​code><​code>​
 +- name: restart openvpn1
 +  service:
 +    name: openvpn@openvpn1
 +    state: restarted
 +</​code><​code>​
 +server:​~/​openvpn1#​ cat inventory.yaml
 +</​code><​code>​
 +all:
 +  vars:
 +    X: "{{ ansible_eth1.ipv4.address.split('​.'​)[2] }}"
 +    ansible_python_interpreter:​ "/​usr/​bin/​python3"​
 +    ansible_ssh_user:​ vagrant
 +    ansible_ssh_pass:​ strongpassword
 +    ansible_become:​ yes
 +    node_nets:
 +      node1: 192.168.110.0
 +      node2: 192.168.120.0
 +      node3: 192.168.130.0
 +
 +prod_nodes:
 +  hosts:
 +    node1:
 +    node2:
 +
 +test_nodes:
 +  hosts:
 +    node3:
 +</​code><​code>​
 +server:​~/​openvpn1#​ cat openvpn1.yaml
 +</​code><​code>​
 +- name: Run openvpn1 on nodes
 +  hosts: "{{ variable_host | default('​prod_nodes'​) }}"
 +  roles:
 +    - role: openvpn1
 +      when: node_nets[ansible_hostname] is defined
 +</​code><​code>​
 +server:~# wget https://​val.bmstu.ru/​unix/​conf.git/​conf/​ansible/​roles/​openvpn1.tgz && tar -xvzf openvpn1.tgz && cd openvpn1
 +
 +server:​~/​openvpn1#​ ansible-playbook openvpn1.yaml -i inventory.yaml -e "​variable_host=test_nodes"​
 +
 +server:​~/​openvpn1#​ ansible-playbook openvpn1.yaml -i inventory.yaml ​   # можно через GitLab CI/CD
 +
 +server:​~/​openvpn1#​ ansible-playbook openvpn1.yaml -i inventory.yaml -e "​variable_host=all"​
 +</​code>​
 +
 +  * [[Сервисы Gateway и routing#​Управление таблицей маршрутизации]]
 +
 +==== Фрагмент роли с условиями и отладкой ====
 +
 +<​code>​
 +# cat conf/​ansible/​roles/​host/​vars/​main.yml
 +</​code><​code>​
 +...
 +octet4: "{{ ansible_eth0.ipv4.address.split('​.'​)[3] }}"
 +...
 +</​code><​code>​
 +# cat conf/​ansible/​roles/​host/​tasks/​main.yml
 +</​code><​code>​
 +- name: set vars for server
 +  set_fact:
 +    hostname: "​mail"​
 +    X: "{{ octet4 | int - 100 }}"
 +  when: octet4 | int >= 100
 +
 +- name: set vars for mail
 +  set_fact:
 +    hostname: "​server"​
 +    X: "{{ octet4 }}"
 +  when: octet4 | int < 100
 +
 +- name: echo variables
 +  debug:
 +    msg: octet4 is {{ octet4 }}, X is {{ X }}, hostname is {{hostname}}
 +    ​
 +#- meta: end_play
 +
 +...
 +</​code>​
 +
 +==== ansible-pull ====
 +
 +  * [[https://​medium.com/​splunkuserdeveloperadministrator/​using-ansible-pull-in-ansible-projects-ac04466643e8|Using Ansible Pull In Ansible Projects]]
 +  * [[Инсталяция системы в конфигурации Desktop]]
 +  * [[Переменные окружения]]
 +
 +=== Вариант 1 ===
 +
 +<​code>​
 +client1:​~/​ansible-pull-gpo#​ cat thunderbird/​tasks/​main.yml
 +</​code><​code>​
 +- name: Install Thunderbird
 +  apt: pkg=thunderbird state=present update_cache=true
 +</​code><​code>​
 +client1:​~/​ansible-pull-gpo#​ cat proxy/​files/​etc/​environment
 +</​code><​code>​
 +#​http_proxy=http://​gate.corpX.un:​3128
 +https_proxy=http://​gate.corpX.un:​3128
 +no_proxy=localhost,​127.0.0.1,​isp.un,​corpX.un
 +</​code><​code>​
 +client1:​~/​ansible-pull-gpo#​ cat proxy/​tasks/​main.yml
 +</​code><​code>​
 +- name: Copy file environment
 +  copy:
 +    src: etc/​environment
 +    dest: /​etc/​environment
 +</​code><​code>​
 +client1:​~/​ansible-pull-gpo#​ cat local.yml
 +</​code><​code>​
 +- hosts: localhost
 +  roles:
 +    - role: proxy
 +    - role: thunderbird
 +</​code><​code>​
 +client1:​~/​ansible-pull-gpo#​ ansible-playbook local.yml
 +</​code>​
 +
 +  * [[Инструмент GitLab]] (Создать публичный проект без readme и скопировать подсказки)
 +
 +<​code>​
 +client3:~# ###​ansible-pull -U http://​gate.corpX.un/​user1/​ansible-pull-gpo.git
 +</​code><​code>​
 +client1:​~/​ansible-pull-gpo#​ cat start.sh
 +</​code><​code>​
 +#!/bin/bash
 +
 +apt update
 +apt install -y git ansible
 +
 +echo -e "0 */2 * * * \
 +/​usr/​bin/​ansible-pull -s 120 -U http://​gate.corpX.un/​user1/​ansible-pull-gpo.git -C $BR 2>&1 | /​usr/​bin/​logger -t ansible-pull\n\
 +@reboot sleep 1m; /​usr/​bin/​ansible-pull -U http://​gate.corpX.un/​user1/​ansible-pull-gpo.git -C $BR 2>&1 | /​usr/​bin/​logger -t ansible-pull"​ | crontab -
 +
 +init 6
 +</​code>​
 +
 +  * Инструмент GitLab [[Инструмент GitLab#​Подключение через API]]
 +
 +=== Вариант 2 ===
 +
 +  * [[Средства программирования shell#​Использование диалоговых окон]]
 +
 +<​code>​
 +$ cat ansible-pull-gpo\local.yml
 +</​code><​code>​
 +- hosts: localhost
 +  tasks:
 +
 +    - name: Set timezone to Europe/​Moscow
 +      timezone:
 +        name: Europe/​Moscow
 +
 +    - name: Russian Interface
 +      shell: |
 +        echo '​ru_RU.UTF-8 UTF-8' > /​etc/​locale.gen
 +        locale-gen
 +        echo LANG=ru_RU.UTF-8 > /​etc/​default/​locale
 +      when: CONF_RUS_INT is defined
 +
 +    - name: Install Firefox in Debian
 +      apt: pkg=firefox-esr state=present update_cache=true
 +#      debug: msg="​Install Firefox in Debian"​
 +      when: ansible_distribution == '​Debian'​
 +
 +    - name: Install Firefox in Ubuntu
 +      apt: pkg=firefox state=present update_cache=true
 +#      debug: msg="​Install Firefox in Ubuntu"​
 +      when: ansible_distribution == '​Ubuntu'​
 +
 +    - name: Install Thunderbird
 +      apt: pkg=thunderbird state=present update_cache=true
 +      when: PROG_THBIRD is defined
 +
 +  roles:
 +    - role: zabbix_agent
 +      when: ROLE_ZAB_AG is defined
 +
 +    - role: openvpn1_client
 +      when: ROLE_OVPN1_CL is defined
 +</​code><​code>​
 +client1:~# cat /​usr/​local/​etc/​gpo_options.yml
 +</​code><​code>​
 +CONF_RUS_INT:​
 +PROG_THBIRD:​
 +ROLE_ZAB_AG:​
 +</​code><​code>​
 +client1:~# /​usr/​bin/​ansible-pull -U http://​server.corp13.un/​student/​ansible-pull-gpo.git -C test -e @/​usr/​local/​etc/​gpo_options.yml
 +</​code>​
 +
 +  * [[Планирование выполнения заданий в Linux#​Сервис cron]]
 +
 +====== Дополнительные материалы ======
 +<​code>​
 +выполнение команд на цисках через ансибл
 +
 +1. добавить в /​etc/​ansible/​group_vars/​all.yml строки
 +ansible_connection:​ network_cli
 +ansible_network_os:​ ios
 +2. создать файл playbook формата
 +- name: Run show commands on routers
 +  hosts: cisco-routers
 +
 +  tasks:
 +
 +    - name: run show commands
 +      ios_command:​
 +        commands: # перечисление команд
 +          - show ip int br
 +          - sh ip route
 +      register: show_result
 </​code>​ </​code>​
сервис_ansible.1647326526.txt.gz · Last modified: 2022/03/15 09:42 by val