希望你做得很好。
我有一个关于 ansible inventory 插件非常基本的问题,特别是 proxmox 插件:
https://docs.ansible.com/ansible/latest/collections/community/general/proxmox_inventory.html
我得到了这个插件设置:
# More complete example demonstrating the use of 'want_facts' and the constructed options
# Note that using facts returned by 'want_facts' in constructed options requires 'want_facts=true'
# my.proxmox.yml
plugin: community.general.proxmox
url: https://1.2.3.4:8006
user: root1@pve
token_id: Administrator
token_secret: REDACTEDTOKEN
validate_certs: false
want_facts: true
# Create groups based on proxmox tags
groups:
preprod: "'preprod' in (proxmox_tags_parsed|list)"
prod: "'prod' in (proxmox_tags_parsed|list)"
public: "'public' in (proxmox_tags_parsed|list)"
lab: "'lab' in (proxmox_tags_parsed|list)"
decom: "'decom' in (proxmox_tags_parsed|list)"
# Create hostvars
compose:
ansible_port: 22
ansible_user: "'ansible'"
ansible_ssh_private_key_file: "'.ssh/ansible_srv'"
# Parse the IP address of host (split is used to strip '/CIDR' notation)
ansible_host: proxmox_agent_interfaces[1]["ip-addresses"][0] | default("") | split('/') | first
# Only add hosts that have an ip address
filters:
- proxmox_agent_interfaces is defined
# For testing purposes
#strict: true
它非常有效,只是有一些非常烦人的地方。
当我运行命令列出我的动态库存时:
ansible-inventory -i plugins/inventory/hypervisor.proxmox.yml --list
我获得了我的服务器的所有详细信息,而且我的保险库(在 group/vars 中)也以明文形式显示在输出中:
看 :
"proxmox_name": "b-server",
"proxmox_net0": {
"bridge": "vmbr0",
"virtio": "02:00:00:c4:c0:ea"
},
"proxmox_net1": {
"bridge": "vmbr1",
"firewall": "1",
"tag": "40",
"virtio": "21:48:65:C2:31:DE"
},
"proxmox_node": "opz",
"proxmox_numa": 0,
"proxmox_ostype": "l26",
"proxmox_qmpstatus": "running",
"proxmox_scsihw": {
"disk_image": "virtio-scsi-single"
},
"proxmox_serial0": "socket",
"proxmox_smbios1": {
"uuid": "1bd1077a-ddd7-4419-80eb-bc3ba442a8ad"
},
"proxmox_snapshots": [],
"proxmox_sockets": 1,
"proxmox_status": "running",
"proxmox_tags": "preprod",
"proxmox_tags_parsed": [
"preprod"
],
"proxmox_vga": "qxl",
"proxmox_virtio0": {
"disk_image": "local:167/vm-167-disk-0.raw",
"iothread": "1",
"size": "42G"
},
"proxmox_vmgenid": "38e3bfaf-9695-46c5-804b-d7dfa279c7d9",
"proxmox_vmid": 167,
"proxmox_vmtype": "qemu",
"vault_6admin_password": "REDACTEDPASSWORD",
"vault_admin1_password": "REDACTEDPASSWORD",
"vault_root_password": "REDACTEDPASSWORD"
},
有人能解释一下为什么插件会在输出中解密所有保险库吗?我可以简单地禁止这种行为吗?我需要 no_log 或类似的东西吗?
非常感谢你的灯。