IT博客汇 | Ansible添加用户

Ansible添加用户

bear发表于 2016-09-05 08:51:12

本文演示了Ansible批量添加用户zhang3，并将用户的密码设定为12345678的过程。

方法一

$ pip install passlib

#获得采用sha512加密以后的密码串
$ python -c "from passlib.hash import sha512_crypt; print sha512_crypt.encrypt('12345678')"
$6$rounds=656000$SJkYJamGImQ/OVZC$.9RslNw5vUhd5bBCO3EkHCl/k0eVDlyRhXPXKUooF4nSQNoFdQw1STHj7WlYnOefXmb4IOZDuL49zYEDmSAHM/

$ vim useradd.yml    #写入如下内容

- hosts: 192.168.34.73
  vars:
    user: zhang3
    #run the command like below to generate crypted passwords.
    #generate crypted passwords: python -c "from passlib.hash import sha512_crypt; print sha512_crypt.encrypt('12345678')"
    password: '$6$rounds=656000$SJkYJamGImQ/OVZC$.9RslNw5vUhd5bBCO3EkHCl/k0eVDlyRhXPXKUooF4nSQNoFdQw1STHj7WlYnOefXmb4IOZDuL49zYEDmSAHM/'
  tasks:
  - name: create new user locadm
    user: name={{ user }} shell=/bin/bash groups=ndsdevelop,sudo password={{ password }} update_password=always append=yes

然后运行之

ansible-playbook useradd.yml

方法二

$ vim useradd.yml    #写入如下内容

- hosts: 192.168.34.73
  vars:
    user: zhang3
  tasks:
  - name: create new user {{ user }}
    user: name={{ user }} shell=/bin/bash groups=ndsdevelop,sudo password={{ '12345678' |password_hash('sha512') }} update_password=always append=yes

然后运行之

ansible-playbook useradd.yml

写法三（来自网络，未验证）

$ vim useradd.yml    #写入如下内容

- hosts: "{{hosts}}"
  gather_facts: false

  tasks:
  - name: Change password
    user: name={{ item }} password={{ new_pass | password_hash('sha512') }}
    with_items: users

然后运行之

ansible-playbook useradd.yml -e "hosts=jump users=zhang3 new_pass=*(12345678)"

删除用户

ansible 192.168.34.73 -m user -a 'name=zhang3 state=absent remove=yes'

参考文档：
How do I generate crypted passwords for the user module?
ANSIBLE – user – Manage user accounts
ansible使用2-命令
 Creating a new user and password with Ansible