使用Ansible装载Azure文件共享
我想通过Ansible装载Azure文件共享。 如果我是手动安装,则命令如下:使用Ansible装载Azure文件共享,ansible,azure-storage,Ansible,Azure Storage,我想通过Ansible装载Azure文件共享。 如果我是手动安装,则命令如下: sudo mount -t cifs //xxxxxxxxxx.file.core.windows.net/yyyyyyyyyy /<mount point> -o vers=2.1,username=<username>,password=<password>,dir_mode=0777,file_mode=0777,serverino sudo mount-t cifs//x
sudo mount -t cifs //xxxxxxxxxx.file.core.windows.net/yyyyyyyyyy /<mount point> -o vers=2.1,username=<username>,password=<password>,dir_mode=0777,file_mode=0777,serverino
sudo mount-t cifs//xxxxxxxxx.file.core.windows.net/yyyyyyyyyyy/-o vers=2.1,用户名=,密码=,目录模式=0777,文件模式=0777,服务器ino
有人能帮我使用挂载模块通过Ansible进行挂载吗。只需使用Ansible docs for中描述的语法,就可以了 例如:
- name : Mount Azure files share's
mount:
fstype: cifs
src: "//xxxxxxxxxx.file.core.windows.net/yyyyyyyyyy"
path: /mountpoint
opts: vers=2.1,username=<username>,password=<password>,dir_mode=0777,file_mode=0777,serverino
state: mounted
-名称:装载Azure文件共享的
安装:
fstype:cifs
src://xxxxxxxxx.file.core.windows.net/yyyyyyy
路径:/mountpoint
选项:vers=2.1,用户名=,密码=,目录模式=0777,文件模式=0777,服务器ino
状态:已安装
以下代码在centos 7上的Ansible 2.7.5中运行良好:
首先,确保实例具有存储帐户密钥操作员服务角色
权限或具有该权限的用户分配标识。还应安装jq
:
然后,检查安装是否已设置:
- name: check mount
command: "mountpoint /mymounts/mysmb"
register: smb_check
ignore_errors: True
然后,获取存储令牌:
- name: get storage token
shell: "curl -s 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fmanagement.azure.com%2F' -H Metadata:true | jq -r '.access_token'"
register: storage_token
no_log: true
when: smb_check is failed
然后,获取存储密钥。设置您的订阅\u id
,资源组\u名称
,以及存储帐户\u名称
:
- name: get storage key
shell: "curl -s https://management.azure.com/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group_name }}/providers/Microsoft.Storage/storageAccounts/{{ storage_account_name }}/listKeys?api-version=2016-12-01 --request POST -d \"\" -H \"Authorization: Bearer {{ storage_token.stdout }}\" | jq -r '.keys[0].value'"
register: storage_key
no_log: true
when: smb_check is failed
- name: add SMB creds to file
lineinfile:
dest: "/etc/.smb"
line: "{{ item }}"
state: present
create: yes
owner: root
group: root
mode: '0600'
no_log: true
with_items:
- "username={{ storage_account_name }}"
- "password={{ storage_key.stdout }}"
when: smb_check is failed
- name : mount smb
mount:
fstype: cifs
src: "//{{ storage_account_name }}.file.core.windows.net/{{ file_share_name }}"
path: "/mymounts/mysmb"
opts: "nofail,vers=3.0,credentials=/etc/.smb,serverino,dir_mode=0755,file_mode=0755"
state: mounted
when: smb_check is failed
将行添加到文件中。替换存储帐户名称:
- name: get storage key
shell: "curl -s https://management.azure.com/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group_name }}/providers/Microsoft.Storage/storageAccounts/{{ storage_account_name }}/listKeys?api-version=2016-12-01 --request POST -d \"\" -H \"Authorization: Bearer {{ storage_token.stdout }}\" | jq -r '.keys[0].value'"
register: storage_key
no_log: true
when: smb_check is failed
- name: add SMB creds to file
lineinfile:
dest: "/etc/.smb"
line: "{{ item }}"
state: present
create: yes
owner: root
group: root
mode: '0600'
no_log: true
with_items:
- "username={{ storage_account_name }}"
- "password={{ storage_key.stdout }}"
when: smb_check is failed
- name : mount smb
mount:
fstype: cifs
src: "//{{ storage_account_name }}.file.core.windows.net/{{ file_share_name }}"
path: "/mymounts/mysmb"
opts: "nofail,vers=3.0,credentials=/etc/.smb,serverino,dir_mode=0755,file_mode=0755"
state: mounted
when: smb_check is failed
现在,安装驱动器。替换存储\帐户\名称
和文件\共享\名称
:
- name: get storage key
shell: "curl -s https://management.azure.com/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group_name }}/providers/Microsoft.Storage/storageAccounts/{{ storage_account_name }}/listKeys?api-version=2016-12-01 --request POST -d \"\" -H \"Authorization: Bearer {{ storage_token.stdout }}\" | jq -r '.keys[0].value'"
register: storage_key
no_log: true
when: smb_check is failed
- name: add SMB creds to file
lineinfile:
dest: "/etc/.smb"
line: "{{ item }}"
state: present
create: yes
owner: root
group: root
mode: '0600'
no_log: true
with_items:
- "username={{ storage_account_name }}"
- "password={{ storage_key.stdout }}"
when: smb_check is failed
- name : mount smb
mount:
fstype: cifs
src: "//{{ storage_account_name }}.file.core.windows.net/{{ file_share_name }}"
path: "/mymounts/mysmb"
opts: "nofail,vers=3.0,credentials=/etc/.smb,serverino,dir_mode=0755,file_mode=0755"
state: mounted
when: smb_check is failed
最后,为装载设置适当的权限:
- name: set correct permissions
file:
path: "/mymount/mysmb"
mode: "2755"
recurse: yes
when: smb_check is failed
对于最近遇到此答案的任何人,如果您的服务帐户中实施了加密协议(配置>需要安全传输),则需要使用vers=3.0,而不是此答案中显示的2.1。