[Ansible] Ubuntu Password 일괄 변경

1. Python 설치

# Install ansible
apt install ansible

# Set Virtual-env
apt install python3.8-venv
source k8s-venv/bin/activate
pip install ansible==4.10.0

 

2. yaml 파일 생성

# update-root-pw.yaml
---
- hosts: all
  gather_facts: no
  tasks:
  - name: Update Root user's Password
    user:
      name: root
      update_password: always
      password: "{{ PASSWORD | password_hash('sha512') }}"

 

3. ansible-hosts 파일 생성

#  ansible-hosts
[all]
user01-deploy  ansible_host=192.168.110.10 ip=192.168.110.10
user01-master1 ansible_host=192.168.110.11 ip=192.168.110.11
user01-master2 ansible_host=192.168.110.12 ip=192.168.110.12
user01-master3 ansible_host=192.168.110.13 ip=192.168.110.13
user01-worker1 ansible_host=192.168.110.14 ip=192.168.110.14
user01-worker2 ansible_host=192.168.110.15 ip=192.168.110.15

user02-deploy  ansible_host=192.168.110.20 ip=192.168.110.20
user02-master1 ansible_host=192.168.110.21 ip=192.168.110.21
user02-master2 ansible_host=192.168.110.22 ip=192.168.110.22
user02-master3 ansible_host=192.168.110.23 ip=192.168.110.23
user02-worker1 ansible_host=192.168.110.24 ip=192.168.110.24
user02-worker2 ansible_host=192.168.110.25 ip=192.168.110.25

user03-deploy  ansible_host=192.168.110.30 ip=192.168.110.30
user03-master1 ansible_host=192.168.110.31 ip=192.168.110.31
user03-master2 ansible_host=192.168.110.32 ip=192.168.110.32
user03-master3 ansible_host=192.168.110.33 ip=192.168.110.33
user03-worker1 ansible_host=192.168.110.34 ip=192.168.110.34
user03-worker2 ansible_host=192.168.110.35 ip=192.168.110.35

 

4. 적용

ansible-playbook -i ansible-hosts update-root-pw.yaml --extra-vars "PASSWORD=passwd123$"

 

 

 

 

기타) root 로그인 허용

ansible -m shell -a "sed -i \"s/#   StrictHostKeyChecking*/StrictHostKeyChecking no/\"  /etc/ssh/sshd_config" -i ansible-hosts all
ansible -m shell -a "sed -i \"s/#PermitRootLogin.*/PermitRootLogin yes/\"  /etc/ssh/sshd_config" -i /tmp/sllee/ansible-hosts all