运维 使用ansible批量修改linux主机密码+主机名+节点加入k8s集群

 一、修改主机密码

#将要更改的主机存放至/etc/ansible/hosts，并定义一个主机组，这里定义为dev

[root@jhb-common-b38 ~]# cat /etc/hosts

[dev]

10.101.89.175

10.101.89.188

10.101.89.180

10.101.89.183

10.101.89.179

10.101.89.178

10.101.89.174

10.101.89.181

10.101.89.192

10.101.89.193

10.101.89.186

10.101.89.176

10.101.89.184

10.101.89.182

10.101.89.187

10.101.89.185

10.101.89.195

10.101.89.194

10.101.89.177

10.101.89.189

10.101.89.190

10.101.89.191

创建ssh目录，编辑key.sh文件发送密钥

[root@jhb-common-b38 ~]# mkdir ssh

[root@jhb-common-b38 ~]# cd ssh/

#将主机列表存放于ip.txt

[root@jhb-common-b38 ssh]# cat ip.txt

10.101.89.175

10.101.89.188

10.101.89.180

10.101.89.183

10.101.89.179

10.101.89.178

10.101.89.174

10.101.89.181

10.101.89.192

10.101.89.193

10.101.89.186

10.101.89.176

10.101.89.184

10.101.89.182

10.101.89.187

10.101.89.185

10.101.89.195

10.101.89.194

10.101.89.177

10.101.89.189

10.101.89.190

10.101.89.191

[root@jhb-common-b38 ssh]# cat key.sh

#!/bin/bash

for i in `cat ip.txt`

do

sshpass -p "原主机密码" ssh-copy-id -i ~/.ssh/id_dsa.pub -o StrictHostKeyChecking=no root@"$i" &> /dev/null && echo $i OK!! ||echo $i ERORR!!

done

#发送密钥，实现ansible主机可免密登录

[root@jhb-common-b38 ssh]# sh key.sh

10.101.89.175 OK!!

10.101.89.188 OK!!

10.101.89.180 OK!!

10.101.89.183 OK!!

10.101.89.179 OK!!

10.101.89.178 OK!!

10.101.89.174 OK!!

10.101.89.181 OK!!

10.101.89.192 OK!!

10.101.89.193 OK!!

10.101.89.186 OK!!

10.101.89.176 OK!!

10.101.89.184 OK!!

10.101.89.182 OK!!

10.101.89.187 OK!!

10.101.89.185 OK!!

10.101.89.195 OK!!

10.101.89.194 OK!!

10.101.89.177 OK!!

10.101.89.189 OK!!

10.101.89.190 OK!!

10.101.89.191 OK!!

 这里需要注意，如果将要更改的密码中带有“!”字符，chpass必须使用单引号，双引号会报错

[root@jhb-common-b38 ansible]# cat playbook.yml

---

- hosts: dev

gather_facts: false

tasks:

- name: Change password

user: name={{ name1 }} password={{ chpass | password_hash('sha512') }} update_password=always

[root@jhb-common-b38 ansible]# ansible-playbook playbook.yml -e 'name1=root chpass=将要更改的新密码'

密码修改完成，登录测试

二、修改主机名

cat dev-hostname-playbook.yaml

- name: update hostname

hosts: dev

become: yes

vars:

hostnames:

"10.101.89.188": "jha-common-a39"

"10.101.89.180": "jha-common-a40"

"10.101.89.183": "jha-common-a41"

"10.101.89.179": "jha-common-a42"

"10.101.89.178": "jha-common-a43"

"10.101.89.174": "jha-common-a44"

"10.101.89.181": "jha-common-a45"

"10.101.89.192": "jha-common-a46"

"10.101.89.193": "jha-common-a47"

"10.101.89.186": "jha-common-a48"

"10.101.89.176": "jhb-common-b39"

"10.101.89.184": "jhb-common-b40"

"10.101.89.182": "jhb-common-b41"

"10.101.89.187": "jhb-common-b42"

"10.101.89.185": "jhb-common-b43"

"10.101.89.195": "jhb-common-b44"

"10.101.89.194": "jhb-common-b45"

"10.101.89.177": "jhb-common-b46"

"10.101.89.189": "jhb-common-b47"

"10.101.89.190": "jhb-common-b48"

"10.101.89.191": "jhb-common-b49"

tasks:

- name: set hostname

shell: hostnamectl set-hostname "{{ hostnames[inventory_hostname] }}"

#运行以下命令来执行 playbook

ansible-playbook dev-hostname-playbook.yaml

三、新增节点加入k8s集群

---

- name: Execute Commands

hosts: dev-A

become: true

tasks:

- name: Add entry to /etc/hosts

lineinfile:

dest: /etc/hosts

line: "10.101.89.13 k8sapiserver.pro.mjh.pladaily.com.cn"

- name: Run kubeadm join command

shell: kubeadm join k8sapiserver.pro.mjh.pladaily.com.cn:6443 --token qqv0xi.tczaecotvyqvs50b --discovery-token-ca-cert-hash sha256:38f95ac8f38dbc2c4ee99d5f6c3a037d829c1560c51e2ab7525907ded7328a7b

上面的 playbook 包含两个任务。第一个任务使用 lineinfile 模块将一行文本追加到 /etc/hosts 文件中。

第二个任务使用 shell 模块执行 kubeadm join 命令。

运行此 playbook 的命令如下：

ansible-playbook execute_commands.yml

最后在k8smaster验证，等待pod正常启动

 四、在远程主机上进行文件传输和同步

可以使用Ansible的copy和synchronize模块来在远程主机上进行文件传输和同步。以下是使用这两个模块的示例Ansible Playbook：

copy模块：（用于复制本地文件到远程主机。在src参数中指定本地文件的路径，在dest参数中指定远程主机上的文件路径。）

- name: Copy file to remote host

hosts: remote_host

tasks:

- name: Copy file using copy module

copy:

src: /path/to/local/file

dest: /path/to/remote/file

synchronize模块：（用于将本地目录同步到远程主机。在src参数中指定本地目录的路径，在dest参数中指定远程主机上的目录路径。）

- name: Sync directory with remote host

hosts: remote_host

tasks:

- name: Sync directory using synchronize module

synchronize:

src: /path/to/local/directory/

dest: /path/to/remote/directory/

Ansible Playbook运行这个任务，运行以下命令：

ansible-playbook playbook.yml

其中playbook.yml是包含上述任务的Playbook文件的名称

五、 将文本追加到文件

编辑yaml文件

- hosts: hrcce

gather_facts: no

tasks:

- name: Append mount command to /etc/rc.local

lineinfile:

path: /etc/hosts

state: present

line: "10.50.9.32 rancher.huairou.junhao.mil.cn"

运行这个文件

ansible-playbook playbook.yml

查看/etc/hosts文件

好文链接