搜档网

搜档网

当前位置:搜档网 > 运维自动化之ansible playbook一键化解决大量主机bash更新问题

运维自动化之ansible playbook一键化解决大量主机bash更新问题

今天发现有bash 漏洞,但我这里近1000台服务器,为了方便、省时间,觉得使用ansible 安装bash 更新包,下面分享一下我的安装方法。

1、安装的playbook 的内容

1

2

3

4

5

6

7

8

9

10 11 12 13 1

4

19:00:03 # cd /etc/ansible root@ip-10-10-10-10:/etc/ansible 19:00:06 # cat update_bash.yml --- - hosts: "{{ host }}" remote_user: "{{ user }}" gather_facts: True tasks: - name: update bash in redhat 6 version yum: name=http://www.sodocs.net/doc/5918e86b52d380eb62946de9.html /centos/6/updates/x86_64/Packages/bash-4.1.2-15.el6_5.2.x86_64.rpm state=present

when: ansible_os_family == "RedHat" and ansible_distribution_ver sion|int >=6

- name: update bash in redhat 5 version

yum: name=http://www.sodocs.net/doc/5918e86b52d380eb62946de9.html /centos/5/updates/x86_64/RPMS/bash-3.2-33.el5.2.x86_64.rpm state=present

when: ansible_os_family == "RedHat" and ansible_distribution_ver sion|int <=5 会自动判断系统版本,然后安装不同的包,本来想弄好yum 的update 源,但发现还在更新,觉得麻烦就还自己安装文件了。

2、安装前测试系统(centos 6系统)

为了测试需要,使用docker 虚拟个容器

1 2 3

4

5

6 16:32:46 # ssh 172.17.0.9

The authenticity of host '172.17.0.9 (172.17.0.9)' can't be establis hed. RSA key fingerprint is 39:7c:13:9f:d4:b0:d7:63:fc:ff:ae:e3:46:a4:bf :6b. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '172.17.0.9' (RSA) to the list of known h

TOP相关主题