这是我做事的方式,而且效果很好。我的命令行如下所示:
[prompt/]$ansible-playbook -i <inventory>, /mnt/m/NetworkGetters/get_vpn_status.yml --extra-vars varsfilepath=/mnt/m/NetworkVars/host_vars/test-oci-test-vpn-config.yml
我清理过的 passwords.yml(保险库文件)如下所示:
---
credentials:
base: &base
host: "{{ansible_host}}"
timeout: 30
transport: cli
svc_rhelsystemrw:
<<: *base
username: svc_rhelsystemrw
password: dWERE#@kds23
我的剧本遵循这个约定:
name: Set VPN Configuration
hosts: all
connection: local
gather_facts: no
vars_files:
- "{{ varsfilepath }}"
- "/etc/ansible/NetworkVars/passwords.yml"
vars:
# ssh_auth credentials come from ansible vault
provider_rw:
username: "{{ credentials['svc_rhelsystemrw'].username }}"
password: "{{ credentials['svc_rhelsystemrw'].password }}"
tasks:
- name: Capture Pre-change Configuration
ios_command:
provider: "{{ provider_rw }}"
commands:
- show running-config
register: running_config_before
tags: vpn
- debug:
var: running_config_before.stdout
tags: vpn