April 2024
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
2930  

Categories

April 2024
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
2930  
«  
  »

ansible vault

root@controller ~]# ansible-vault create mohan.yml
Vault password:

[root@controller ~]# cat mohan.yml
$ANSIBLE_VAULT;1.1;AES256
38623235633039636166356162393064363936303461306536386237663032383932656164633131
6132633132376266313863366164396535386539666562310a306562383834343431633536353332
63303935623030393261373030343366323361653238306531356434333538613236303738653730
3935313536396361640a343836366434613638316538333165366161306166396564353635383831
30636536366462646362373432396234383432376437633764616239393938366137

[root@controller ~]# ansible-vault view mohan.yml
Vault password:
hai how are you

[root@controller ~]# ansible-vault edit mohan.yml
Vault password:

[root@controller ~]# ansible-vault rekey mohan.yml
Vault password:
New Vault password:
Confirm New Vault password:
Rekey successful

[root@controller ~]# ansible-playbook mohan.yml
ERROR! Decryption failed on /root/mohan.yml

[root@controller ~]# ansible-playbook –ask-vault-pass mohan.yml
Vault password:

[root@controller ~]# ansible-vault encrypt 4.yml
Vault password:
Encryption successful
[root@controller ~]# ansible-playbook 4.yml
ERROR! Decryption failed on /root/4.yml
[root@controller ~]# ansible-playbook –ask-vault-pass 4.yml
Vault password:

PLAY [localhost] ***************************************************************

TASK [setup] *******************************************************************
ok: [localhost]

PLAY RECAP *********************************************************************
localhost : ok=1 changed=0 unreachable=0 failed=0
=======================================
[root@controller ~]# ansible-vault decrypt 4.yml
Vault password:
Decryption successful

[root@controller ~]# ansible-playbook 4.yml

PLAY [localhost] ***************************************************************

TASK [setup] *******************************************************************
ok: [localhost]

PLAY RECAP *********************************************************************
localhost : ok=1 changed=0 unreachable=0 failed=0
========================================
[root@controller ~]# ansible-vault decrypt 4.yml –output=4-decrypted.yml
Vault password:
Decryption successful
[root@controller ~]# cat 4.yml
$ANSIBLE_VAULT;1.1;AES256
65386464336638663338363031383263633764393937633839366565336166303935363733616663
6636633734663766353365613063396565383662366539390a613765626239363361386165653763
35353730633164346634666339616232343830643434393563363662386633393830313538306130
3366386539313535380a643639613765653235363235383463663735663639333232353230343664
37346532353963663636303833653230333661333735393339336264303136636165366365326538
39613537353638373464333633353235356538653333643864623063333534303766373039373031
383436656161333330373162633966386639
[root@controller ~]# cat 4-decrypted.yml
– hosts: localhost
vars:
user: joe
home: /home/joe
=======================================
[root@controller ~]# vim vault-pass
redhat_123

[root@controller ~]# ansible-vault decrypt –vault-password-file=vault-pass sample.yaml

[root@controller ~]# ansible-vault create –vault-password-file=vault-pass example.yaml

– name: installing packages
hosts: localhost
tasks:
– yum: name=elinks state=latest

[root@controller ~]# cat example.yaml
$ANSIBLE_VAULT;1.1;AES256
37653137363538613630333039386164353232636333306430336333316164363566373464316634
3636336637336535633039323631313038643366393534650a393762643936343566313638646662
64663338376162643463343232396361383739303635383438323831386539303337623764316537
3961653566353362330a393530333638356663303264326331386166613330323539343436396632
38636630393133393064623437663133376233663934346666313162363838386532626337646134
39316561633530336663663238333766353861666339353134663930663839393532396334643062
64393233653834646463366432633965663432313431656236386664643461386365613363616432
35306537656335316561393966656362393634373237313737623164633836663561363636646332
32663839343461323832626263363762313730346333353034383539333332366463

[root@controller ~]# ansible-playbook example.yaml
ERROR! Decryption failed on /root/example.yaml

[root@controller ~]# ansible-playbook –vault-password-file=vault-pass –syntax-check example.yaml

playbook: example.yaml

[root@controller ~]# ansible-playbook –vault-password-file=vault-pass example.yaml

PLAY [installing packages] *****************************************************

TASK [setup] *******************************************************************
ok: [localhost]

TASK [yum] *********************************************************************
changed: [localhost]

PLAY RECAP *********************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0
=========================================

[root@controller ~]# vim newpassword
mohan0494

[root@controller ~]# ansible-vault rekey –new-vault-password-file=newpassword example.yaml
Vault password:
Rekey successful

[root@controller ~]# ansible-playbook –vault-password-file=newpassword example.yaml

PLAY [installing packages] *****************************************************

TASK [setup] *******************************************************************
ok: [localhost]

TASK [yum] *********************************************************************
ok: [localhost]

PLAY RECAP *********************************************************************
localhost : ok=2 changed=0 unreachable=0 failed=0

[root@controller ~]# ansible-vault decrypt –vault-password-file=newpassword example.yaml
Decryption successful
[root@controller ~]# cat example.yaml

– name: installing packages
hosts: localhost
tasks:
– yum: name=elinks state=latest

[root@controller ~]# ansible-vault encrypt –vault-password-file=newpassword example.yaml
Encryption successful
[root@controller ~]# cat example.yaml
$ANSIBLE_VAULT;1.1;AES256
64643166623463393937376165333034363635653931663839633836316239333035396161663165
6461613861373731383431303839383839316264366538350a373839396533633333313364626330
31336538356365666537373438306165333534363533636436636666656162346530643539316261
3431343233373135620a336163633164633961353339303433396639373735663038306262613639
65666130303539613131663666313361646538643038643834383966633364353162626233356132
64333930643531343066383164393238383639343764376661303734336532393431633534366238
62313537623834376535643830353361633336613563363535363931343934303739643039386532
62653335373632633465633063653564616430393234343862383437353732383231656138386165
38363135656434363239383065306136653863363334376230393739643539616463

April 6th, 2018 | Category: Ansibile

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>