是的,您可以通过使用“保存您的凭据”来完成此操作安西布尔塔" Ansible Tower 上的凭证类型。
从 Ansible Tower UI 中,转至 Credentials -> New Credential,然后选择凭证类型“Ansible Tower”
此凭证类型需要三个输入,即主机名、用户名和密码。
保存凭据并将其作为凭据添加到作业模板后,您可以从 Playbook 中调用它们,如下所示:
---
- name: Trigger an Atower API
hosts: localhost
connection: local
vars:
tower_host: '{{ lookup("env", "TOWER_HOST") }}'
tower_username: '{{ lookup("env", "TOWER_USERNAME") }}'
tower_password: '{{ lookup("env", "TOWER_PASSWORD") }}'
tasks:
- name: Some tasks that can be achieved through "{{ apiEndpoint }}"
uri:
url: "{{ tower_host }}{{ apiEndpoint }}"
method: GET
url_username: "{{ tower_username }}"
url_password: "{{ tower_password }}"
force_basic_auth: yes
validate_certs: False
register: output
顺便说一句,在为这种情况寻找正确的注入值时,我还发现了针对不同凭证类型的其他值。您可以在这里获取它们:
vars:
machine:
username: '{{ ansible_user }}'
password: '{{ ansible_password }}'
network:
username: '{{ lookup("env", "ANSIBLE_NET_USERNAME") }}'
password: '{{ lookup("env", "ANSIBLE_NET_PASSWORD") }}'
aws:
access_key: '{{ lookup("env", "AWS_ACCESS_KEY_ID") }}'
secret_key: '{{ lookup("env", "AWS_SECRET_ACCESS_KEY") }}'
security_token: '{{ lookup("env", "AWS_SECURITY_TOKEN") }}'
vmware:
host: '{{ lookup("env", "VMWARE_HOST") }}'
username: '{{ lookup("env", "VMWARE_USER") }}'
password: '{{ lookup("env", "VMWARE_PASSWORD") }}'
gce:
email: '{{ lookup("env", "GCE_EMAIL") }}'
project: '{{ lookup("env", "GCE_PROJECT") }}'
azure:
client_id: '{{ lookup("env", "AZURE_CLIENT_ID") }}'
secret: '{{ lookup("env", "AZURE_SECRET") }}'
tenant: '{{ lookup("env", "AZURE_TENANT") }}'
subscription_id: '{{ lookup("env", "AZURE_SUBSCRIPTION_ID") }}'
rhev:
ovirt_url: '{{ lookup("env", "OVIRT_URL") }}'
ovirt_username: '{{ lookup("env", "OVIRT_USERNAME") }}'
ovirt_password: '{{ lookup("env", "OVIRT_PASSWORD") }}'
最后,如果您想对您的剧本进行更灵活的注入,您可以检查此链接:
- Ansible Tower 自定义凭证类型 https://docs.ansible.com/ansible-tower/latest/html/userguide/credential_types.html
