# 官方提供@yunTaoScripts 加密playbook 🔥🔥

[root@server1 playbook]#  ansible-vault encrypt 1.yaml
[root@server1 playbook]# cat 1.yaml 
$ANSIBLE_VAULT;1.1;AES256
39383464666532353332326234343061333535303961366564336163366339383938363230373436
3262366663353364353238663533643735386238363962330a653238313861313233306230666562
66393537626139653031353130623664336338313763323130646233376435633936343131306632
3562663230666636660a366137636162613263313266343636623130353434363962646465303233
37393766323364396431383161646339306537333465613730393636316235383839353063323366
64363533633761383864313133623335363533383661373937633332393962373333666364353139
62326437636332386533653836356261623631393438346564356438616364326663636162663364
32313432663264623561313766613437633934336562613463343938346336333965663364626665
35303433343033313965636235643566643462653961386532303230313463663535353730386333
34666362303933663038633932373234656239346332376133653939316535346534353230353130
61353165306231346338383764333738363834663430313865313730653361363465666461376463
31393037616161613135353036326462633534346265613061313536326661643565333463613239
32316536386662653436346631383264336136646632386566313937363234316365

  • 执行加密playbook
root@server1 playbook]# ansible-playbook --ask-vault-pass 1.yaml
  • 查看加密playbook
[root@server1 playbook]# ansible-vault view 1.yaml 
Vault password: 
---
- name: "定义普通变量"
  hosts:
  - server2
  - server3
  vars:
    name: "yuntao"
    age: 23
  tasks:
  - name: '打印普通变量'
    debug: msg="{{name}}===={{age}}" 
  • 解密playbook
[root@server1 playbook]#  ansible-vault decrypt 1.yaml 
Vault password: 
Decryption successful
[root@server1 playbook]# cat 1.yaml 
---
- name: "定义普通变量"
  hosts:
  - server2
  - server3
  vars:
    name: "yuntao"
    age: 23
  tasks:
  - name: '打印普通变量'
    debug: msg="{{name}}===={{age}}" 
  • 使用密码文件加密解密playbook
[root@server1 playbook]# echo "123" >pass
[root@server1 playbook]# ansible-vault encrypt --vault-id=pass 1.yaml 
Encryption successful
[root@server1 playbook]# ansible-vault view --vault-id=pass 1.yaml 
---
- name: "定义普通变量"
  hosts:
  - server2
  - server3
  vars:
    name: "yuntao"
    age: 23
  tasks:
  - name: '打印普通变量'
    debug: msg="{{name}}===={{age}}" 
[root@server1 playbook]# ansible-playbook --vault-id=pass 1.yaml
  • 重置密码
[root@server1 playbook]# ansible-vault rekey 1.yaml 
Vault password: 
New Vault password: 
Confirm New Vault password: 
Rekey successful
最后修改时间: 12/27/2022, 12:00:04 PM