Network Automation Cookbook
上QQ阅读APP看书,第一时间看更新
上一章目录下一章

How to do it...

  1. Create a new file called decrypt_passwd as shown:
$ echo 'strong_password' > decrypt_passwd
  1. Using ansible-vault creates a new file called secrets, as shown here:
$ ansible-vault create --vault-id=decrypt_passwd secrets
  1. Add the following variables to this new secrets file:
ospf_password: ospf_P@ssw0rD
bgp_password: BGP_p@ssw0rd
  1. Create a new playbook called ansible_vault.yml, as shown here:
---
  - name: Using Ansible vault
    hosts: all
    gather_facts: no
    vars_files:
      - secrets
    tasks:
      - name: Output OSPF passowrd
        debug:
          msg: "Router {{ hostname }} ospf Password {{ ospf_password }}"
        when: inventory_hostname == 'csr1'

      - name: Output BGP passowrd
        debug:
          msg: "Router {{ hostname }} BGP Password {{ bgp_password }}"
        when: inventory_hostname == 'mx1'
  1. Run the playbook as shown here:
$ ansible-playbook --vault-id=decrypt_passwd ansible_vault.yml -i hosts
上一章目录下一章