搜索 收起

汇总all

编辑

临时总结

您的位置 首页 ansible自动化运维

ansible roles basic

白眉大叔 白眉大叔 发布于 2023年4月21日 评论关闭 阅读(475)

重构所有的服务到roles角色中
1.写一个基础roles角色 basic (对所有服务器初始化角色)

#1.关闭防火墙
#2.关闭selinux
#3.关闭NetworkManager
#4.修改默认的YUM仓库
#5.安装扩展epel源
#6.安装常用软件命令
#7.时间同步
#8.创建虚拟用户www
#9.加大文件描述符
#10.nginx_yum_repository

 

最新版本

[root@m01 /etc/ansible/roles/basic/tasks]#cat main.yml 
- name: Create www group
  group:
   name: www
   gid: 666
- name: create user www
  user:
    name: www
    uid: 666
    group: www
    shell: /sbin/nologin
    create_home: false
- name: install soft
  yum: 
   name: 
     - nmap
     - psmisc
   state: present
- name:  ntpdate 5
  cron:
    name: "每5分钟时间同步"
    minute: " */5 "
    job: "ntpdate ntp1.aliyun.com &>/dev/null"      

  

#- name: "debug"
#  debug: 
#    msg: "{{ aaa }}"

- name: Put SELinux in permissive mode, logging actions that would be blocked.
  selinux:
    policy: targeted
    state: disabled

- name: shut down firewalld
  systemd:
    name: firewalld
    state: stopped
    enabled: no
- name: Set sysctl filel limite
  pam_limits:
    dest: "{{ item.dest }}"
    domain: "*"
    limit_type: "{{ item.limit_type }}"
    limit_item: "{{ item.limit_item }}"
    value: "{{ item.value }}"
  loop: 
    - { dest: '/etc/security/limits.conf', limit_type: 'soft', limit_item: 'nofile', value: '655350' }
    - { dest: '/etc/security/limits.conf', limit_type: 'hard', limit_item: 'nofile', value: '655350' }
- name: install Packages
  yum: 
    name: "{{ item }}"
    state: present
  loop: 
    - vim
    - tree
    - lrzsz
    - wget
    - unzip
    - net-tools
    - MySQL-python
    - ntpdate
    - bash-completion.noarch
    - bash-completion-extras.noarch

 

 

之前的版本

[root@m01 /etc/ansible/roles/basic]#cat tasks/main.yml
- name: Create www group
group:
name: www
gid: 666
- name: create user www
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: false
- name: install soft
yum:
name:
- nmap
- psmisc
state: present
- name: ntpdate 5
cron:
name: "每5分钟时间同步"
minute: " */5 "
job: "ntpdate ntp1.aliyun.com &>/dev/null"

- name:
shell: "grep '* - nofile 65535' /etc/security/limits.conf| wc -l"
register: aaa

- name: file miaoshufu 65535
shell:
cmd: echo '* - nofile 65535' >> /etc/security/limits.conf
when: aaa.stdout == "0"

#- name: "debug"
# debug:
# msg: "{{ aaa }}"

- name: Put SELinux in permissive mode, logging actions that would be blocked.
selinux:
policy: targeted
state: disabled

- name: shut down firewalld
systemd:
name: firewalld
state: stopped
enabled: no
# tasks file for basic


 

欢迎来撩 : 汇总all

点赞(94)
白眉大叔

关于白眉大叔linux云计算: 白眉大叔

相关文章

热门文章

1解决node: /lib64/libstdc++.so.6: version `GLIBCXX_3.4.20′ not found (required by node)

点赞(84) 阅读(1,305)

2docker 使用gpu资源

点赞(214) 阅读(1,295)

3k8s 安装Milvus分布式2.0x

点赞(289) 阅读(1,286)

4pip is configured with locations that require TLS/SSL, however the ssl module in Python is not available

点赞(364) 阅读(1,280)

5云原生基础-汇总

点赞(316) 阅读(1,278)