写2个playbook,作用是为了批量修改新建的虚拟,新建的虚拟机基本上都是dhcp,只要收集到每台机器获得dhcp地址,写一个inventory文件将dhcp ip和计算机模版的默认密码写进去,ip 分两类1类是dhcp另外一类是想要更改的ip。 inventory [temporary] 192.168.1.14 ansible_user=root ansible_ssh_pass=P@ssw0rd 192.168.1.11 ansible_user=root ansible_ssh_pass=P@ssw0rd 192.168.1.7 ansible_user=root ansible_ssh_pass=P@ssw0rd 192.168.1.13 ansible_user=root ansible_ssh_pass=P@ssw0rd 192.168.1.9 ansible_user=root ansible_ssh_pass=P@ssw0rd 192.168.1.6 ansible_user=root ansible_ssh_pass=P@ssw0rd 192.168.1.12 ansible_user=root ansible_ssh_pass=P@ssw0rd 192.168.1.8 ansible_user=root ansible_ssh_pass=P@ssw0rd 192.168.1.5 ansible_user=root ansible_ssh_pass=P@ssw0rd

[new] 192.168.1.101 ansible_user=root ansible_ssh_pass=P@ssw0rd 192.168.1.102 ansible_user=root ansible_ssh_pass=P@ssw0rd 192.168.1.103 ansible_user=root ansible_ssh_pass=P@ssw0rd 192.168.1.104 ansible_user=root ansible_ssh_pass=P@ssw0rd 192.168.1.105 ansible_user=root ansible_ssh_pass=P@ssw0rd 192.168.1.106 ansible_user=root ansible_ssh_pass=P@ssw0rd 192.168.1.107 ansible_user=root ansible_ssh_pass=P@ssw0rd 192.168.1.108 ansible_user=root ansible_ssh_pass=P@ssw0rd 192.168.1.109 ansible_user=root ansible_ssh_pass=P@ssw0rd

除此之外还要新建一个vars.yml文件 将原dhcp地址和要更改的地址以及要修改的计算机名写进去 servers:

  • old_ip: 192.168.1.14 new_ip: 192.168.1.101 new_netmask: 255.255.255.0 new_gateway: 192.168.1.1 new_dns1: 192.168.1.1 new_hostname: web1
  • old_ip: 192.168.1.11 new_ip: 192.168.1.102 new_netmask: 255.255.255.0 new_gateway: 192.168.1.1 new_dns1: 192.168.1.1 new_hostname: web2
  • old_ip: 192.168.1.7 new_ip: 192.168.1.103 new_netmask: 255.255.255.0 new_gateway: 192.168.1.1 new_dns1: 192.168.1.1 new_hostname: web3
  • old_ip: 192.168.1.13 new_ip: 192.168.1.104 new_netmask: 255.255.255.0 new_gateway: 192.168.1.1 new_dns1: 192.168.1.1 new_hostname: db1
  • old_ip: 192.168.1.9 new_ip: 192.168.1.105 new_netmask: 255.255.255.0 new_gateway: 192.168.1.1 new_dns1: 192.168.1.1 new_hostname: db2
  • old_ip: 192.168.1.6 new_ip: 192.168.1.106 new_netmask: 255.255.255.0 new_gateway: 192.168.1.1 new_dns1: 192.168.1.1 new_hostname: db3
  • old_ip: 192.168.1.12 new_ip: 192.168.1.107 new_netmask: 255.255.255.0 new_gateway: 192.168.1.1 new_dns1: 192.168.1.1 new_hostname: docker1
  • old_ip: 192.168.1.8 new_ip: 192.168.1.108 new_netmask: 255.255.255.0 new_gateway: 192.168.1.1 new_dns1: 192.168.1.1 new_hostname: docker2
  • old_ip: 192.168.1.5 new_ip: 192.168.1.109 new_netmask: 255.255.255.0 new_gateway: 192.168.1.1 new_dns1: 192.168.1.1 new_hostname: docker3

执行过程中将会本地的 /etc/sysconfig/network-scripts/ifcfg-ens33 复制到远程计算机,ip 子网 网关 dns ansible修改起来比较方便,关于网卡名称ansible脚本会确认计算机的网卡名称是否和复制过去的配置文件一样,如果一样不修改,如果不一样就修改。 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=static DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=ens33 DEVICE=ens33 ONBOOT=yes IPADDR=192.168.1.20 NETMASK=255.255.255.0 GATEWAY=192.168.1.1 DNS1=114.114.114.114

ansible 脚本分2部分,第一个脚本 执行 修改 ip 计算机名 将其他的计算计算机名和ip写到hosts并重新启动机器,由于重新启动远程计算机后,远程计算机会和ansible失去链接,所以写了第二个脚本,第二个脚本生成sshkey 程序将sshkey复制到新的ip主机并测试链接

脚本1 名字根据自己意愿起,另外格式只能各位自己调整 注意 name: copy ip config 下的 /root/ansible_data/project/ipaddress/test/ifcfg-ens33位置自己调整,启动计算机时取消即可 image.png

  • name: Change Ip Address Set HostName hosts: temporary become: yes vars_files:

    • vars.yml

    tasks:

    • name: check ip network name shell: ip a |grep "<BROADCAST,MULTICAST,UP,LOWER_UP>"|awk -F':' '{print $2}' register: query_network

    • name: Trim whitespace from network interface name set_fact: network_interface: "{{ query_network.stdout | trim }}"

    • name: Display network name debug: msg: "network_interface is {{ network_interface }}"

    • name: copy ip config copy: src: /root/ansible_data/project/ipaddress/test/ifcfg-ens33 dest: /etc/sysconfig/network-scripts/ifcfg-ens33

    • name: query network config name raw: ls /etc/sysconfig/network-scripts/ifcfg-e* |grep -v '.bak$'|awk -F'-' '{print $3}' register: current_network

    • name: set new ip lineinfile: path: /etc/sysconfig/network-scripts/ifcfg-ens33 regexp: 'IPADDR=.*' line: 'IPADDR={{item.new_ip}}' loop: "{{ servers }}" when: inventory_hostname in item.old_ip

    • name: set new netmask lineinfile: path: /etc/sysconfig/network-scripts/ifcfg-ens33 regexp: 'NETMASK=.*' line: 'NETMASK={{item.new_netmask}}' loop: "{{ servers }}" when: inventory_hostname in item.old_ip

    • name: set new gateway lineinfile: path: /etc/sysconfig/network-scripts/ifcfg-ens33 regexp: 'GATEWAY=.*' line: 'GATEWAY={{item.new_gateway}}' loop: "{{ servers }}" when: inventory_hostname in item.old_ip

    • name: set new dns lineinfile: path: /etc/sysconfig/network-scripts/ifcfg-ens33 regexp: 'DNS1=.*' line: 'DNS1={{item.new_dns1}}' loop: "{{ servers }}" when: inventory_hostname in item.old_ip

    • name: Move ifcfg-ens33 to the new network interface name shell: mv /etc/sysconfig/network-scripts/ifcfg-ens33 /etc/sysconfig/network-scripts/ifcfg-{{network_interface}} when: network_interface != 'ens33'

    • name: Change network device name in config raw: | sed -i 's/DEVICE=ens33/DEVICE={{network_interface}}/' /etc/sysconfig/network-scripts/ifcfg-{{network_interface}} sed -i 's/NAME=ens33/NAME={{network_interface}}/' /etc/sysconfig/network-scripts/ifcfg-{{network_interface}} when: network_interface != 'ens33'

    • name: set hostname hostname: name: "{{item.new_hostname}}" loop: "{{ servers }}" when: inventory_hostname in item.old_ip

    • name: Add other hosts to /etc/hosts raw: echo -e "{{ item.new_ip }} {{ item.new_hostname }}" >> /etc/hosts loop: "{{ servers }}" when: inventory_hostname != item.new_ip

    • name: Reboot the machine ansible.builtin.reboot: reboot_timeout: 60

第二个脚本 名字根据自己意愿起,格式只能各位自己调整 image.png

  • name: Post-Reboot Tasks hosts: new become: yes gather_facts: no vars_files:

    • vars.yml

    tasks:

    • name: Read local SSH public key local_action: module: ansible.builtin.slurp src: ~/.ssh/id_rsa.pub register: ssh_key

    • name: Wait for the machine to come back online wait_for_connection: timeout: 30 loop: "{{ servers }}" delegate_to: "{{ item.new_ip }}" when: inventory_hostname == item.new_ip

    • name: Ensure .ssh directory exists on new IP file: path: /home/{{ ansible_user }}/.ssh state: directory mode: '0700' owner: "{{ ansible_user }}" group: "{{ ansible_user }}" loop: "{{ servers }}" delegate_to: "{{ item.new_ip }}" when: inventory_hostname == item.new_ip

    • name: Add SSH public key to authorized_keys on new IP authorized_key: user: "{{ ansible_user }}" key: "{{ ssh_key['content'] | b64decode }}" loop: "{{ servers }}" delegate_to: "{{ item.new_ip }}" when: inventory_hostname == item.new_ip

    • name: Test SSH connection shell: ssh -o StrictHostKeyChecking=no -T {{ ansible_user }}@{{ item.new_ip }} 'echo "SSH connection successful"' register: ssh_test_result delegate_to: localhost loop: "{{ servers }}" when: inventory_hostname == item.new_ip

最后测试ssh免密访问没有任何问题 image.png image.png