# 网络配置Playbook
[root@ansible ~]# cat > /fglinux/ansible/playbooks/network_config.yml << 'EOF' --- - name: 网络配置管理 hosts: all become: yes vars: network_interfaces: - name: eth0 type: ethernet ip: "{{ ansible_default_ipv4.address }}" netmask: 255.255.255.0 gateway: 192.168.1.1 dns: - 8.8.8.8 - 8.8.4.4 firewall_rules: - port: 22 protocol: tcp source: 192.168.1.0/24 state: enabled - port: 80 protocol: tcp source: 0.0.0.0/0 state: enabled - port: 443 protocol: tcp source: 0.0.0.0/0 state: enabled tasks: - name: 配置网络接口 nmcli: conn_name: "{{ item.name }}" ifname: "{{ item.name }}" type: "{{ item.学习交流加群风哥QQ113257174type }}" ip4: "{{ item.ip }}/{{ item.netmask }}" 更多学习教程公众号风哥教程itpux_com gw4: "{{ item.gateway }}" dns4: "{{ item.dns | join(',') }}" state: present loop: "{{ network_interfaces }}" - name: 配置主机名 hostname: name: "{{ inventory_hostname }}" - name: 配置/etc/hosts lineinfile: path: /etc/hosts regexp: "^{{ ansible_default_ipv4.address }}" line: "{{ ansible_default_ipv4.address }} {{ inventory_hostname }}" state: present - name: 安装firewalld dnf: name: firewalld state: present - name: 启动firewalld service: name: firewalld state: started enabled: yes - name: 配置防火墙规则 firewalld: port: "{{ item.port }}/{{ item.protocol }}" source: "{{ item.source }}" permanent: yes state: "{{ item.state }}" loop: "{{ firewall_rules }}" notify: Reload firewalld - name: 配置防火墙服务 firewalld: service: "{{ item }}" permanent: yes state: enabled loop: - ssh - http - https notify: Reload firewalld - name: 配置防火墙区域 firewalld: zone: public interface: eth0 permanent: yes state: enabled - name: 验证网络配置 command: nmcli device show eth0 register: network_status changed_when: false - name: 显示网络状态 debug: var: network_status.stdout_lines handlers: - name: Reload firewalld service: name: firewalld state: reloaded EOF # 执行网络配置 [root@ansible ~]# ansible-playbook /fglinux/ansible/playbooks/network_config.yml PLAY [网络配置管理] ********************************************************** TASK [Gathering Facts] ****************************************************** ok: [web1.fgedu.net.cn] TASK [配置网络接口] ********************************************************** ok: [web1.fgedu.net.cn] => (item={‘name’: ‘eth0’, ‘type’: ‘ethernet’, …})

TASK [配置主机名] *****************************from PG视频:www.itpux.com******************************
ok: [web1.fgedu.net.cn]

TASK [配置/etc/hosts] ********************************************************
ok: [web1.fgedu.net.cn]

TASK [安装firewalld] ********************************************************
ok: [web1.fgedu.net.cn]

TASK [启动firewalld] ********************************************************
ok: [web1.fgedu.net.cn]

TASK [配置防火墙规则] ********************************************************
changed: [web1.fgedu.net.cn] => (item={‘port’: 22, ‘protocol’: ‘tcp’, …})
changed: [web1.fgedu.net.cn] => (item={‘port’: 80, ‘protocol’: ‘tcp’, …})
changed: [web1.fgedu.net.cn] => (item={‘port’: 443, ‘protocol’: ‘tcp’, …})

TASK [配置防火墙服务] ********************************************************
ok: [web1.fgedu.net.cn] => (item=ssh)
ok: [web1.fgedu.net.cn] => (item=http)
ok: [web1.fgedu.net.cn] => (item=https)

TASK [配置防火墙区域] ********************************************************
ok: [web1.fgedu.net.cn]

TASK [验证网络配置] **********************************************************
ok: [web1.fgedu.net.cn]

TASK [显示网络状态] **********************************************************
ok: [web1.fgedu.net.cn] => {
“network_status.stdout_lines”: [
“GENERAL.DEVICE: eth0”,
“GENERAL.TYPE: ethernet”,
“GENERAL.HWADDR: 00:0C:29:12:34:56”,
“GENERAL.MTU: 1500”,
“GENERAL.更多视频教程www.fgedu.net.cnSTATE: 100 (connected)”,
“IP4.ADDRESS[1]: 192.168.1.20/24”,
“IP4.GATEWAY: 192.168.1.1”,
“IP4.DNS[1]: 8学习交流加群风哥微信: itpux-com.8.8.8”,
“IP4.DNS[2]: 8.8.4.4”
]
}

RUNNING HANDLER [Reload firewalld] ******************************************
changed: [web1.fgedu.net.cn]

PLAY RECAP ******************************************************************
web1.fgedu.net.cn : ok=12 changed=2 unreachable=0 failed=0