使用Ansible装载Azure文件共享_Ansible_Azure Storage

使用Ansible装载Azure文件共享

ansible

使用Ansible装载Azure文件共享,ansible,azure-storage,Ansible,Azure Storage,我想通过Ansible装载Azure文件共享。如果我是手动安装，则命令如下： sudo mount -t cifs //xxxxxxxxxx.file.core.windows.net/yyyyyyyyyy /<mount point> -o vers=2.1,username=<username>,password=<password>,dir_mode=0777,file_mode=0777,serverino sudo mount-t cifs//x

我想通过Ansible装载Azure文件共享。如果我是手动安装，则命令如下：

sudo mount -t cifs //xxxxxxxxxx.file.core.windows.net/yyyyyyyyyy /<mount point> -o vers=2.1,username=<username>,password=<password>,dir_mode=0777,file_mode=0777,serverino

sudo mount-t cifs//xxxxxxxxx.file.core.windows.net/yyyyyyyyyyy/-o vers=2.1，用户名=，密码=，目录模式=0777，文件模式=0777，服务器ino

有人能帮我使用挂载模块通过Ansible进行挂载吗。

只需使用Ansible docs for中描述的语法，就可以了

例如：

- name : Mount Azure files share's
  mount:
    fstype: cifs
    src: "//xxxxxxxxxx.file.core.windows.net/yyyyyyyyyy"
    path: /mountpoint
    opts: vers=2.1,username=<username>,password=<password>,dir_mode=0777,file_mode=0777,serverino
    state: mounted

-名称：装载Azure文件共享的
安装：
fstype:cifs
src://xxxxxxxxx.file.core.windows.net/yyyyyyy
路径：/mountpoint
选项：vers=2.1，用户名=，密码=，目录模式=0777，文件模式=0777，服务器ino
状态：已安装

以下代码在centos 7上的Ansible 2.7.5中运行良好：

首先，确保实例具有

存储帐户密钥操作员服务角色

权限或具有该权限的用户分配标识。还应安装

jq

：

然后，检查安装是否已设置：

  - name: check mount
    command: "mountpoint /mymounts/mysmb"
    register: smb_check
    ignore_errors: True

然后，获取存储令牌：

  - name: get storage token
    shell: "curl -s 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fmanagement.azure.com%2F' -H Metadata:true | jq -r '.access_token'"
    register: storage_token
    no_log: true
    when: smb_check is failed

然后，获取存储密钥。设置您的

订阅\u id

，

资源组\u名称

，以及

存储帐户\u名称

：

  - name: get storage key
    shell: "curl -s https://management.azure.com/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group_name }}/providers/Microsoft.Storage/storageAccounts/{{ storage_account_name }}/listKeys?api-version=2016-12-01 --request POST -d \"\" -H \"Authorization: Bearer {{ storage_token.stdout }}\" | jq -r '.keys[0].value'"
    register: storage_key
    no_log: true
    when: smb_check is failed

  - name: add SMB creds to file
    lineinfile:
      dest: "/etc/.smb"
      line: "{{ item }}"
      state: present
      create: yes
      owner: root
      group: root
      mode: '0600'
    no_log: true
    with_items:
      - "username={{ storage_account_name }}"
      - "password={{ storage_key.stdout }}"
    when: smb_check is failed

  - name : mount smb
    mount:
      fstype: cifs
      src: "//{{ storage_account_name }}.file.core.windows.net/{{ file_share_name }}"
      path: "/mymounts/mysmb"
      opts: "nofail,vers=3.0,credentials=/etc/.smb,serverino,dir_mode=0755,file_mode=0755"
      state: mounted
    when: smb_check is failed

将行添加到文件中。替换存储帐户名称：

  - name: get storage key
    shell: "curl -s https://management.azure.com/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group_name }}/providers/Microsoft.Storage/storageAccounts/{{ storage_account_name }}/listKeys?api-version=2016-12-01 --request POST -d \"\" -H \"Authorization: Bearer {{ storage_token.stdout }}\" | jq -r '.keys[0].value'"
    register: storage_key
    no_log: true
    when: smb_check is failed

  - name: add SMB creds to file
    lineinfile:
      dest: "/etc/.smb"
      line: "{{ item }}"
      state: present
      create: yes
      owner: root
      group: root
      mode: '0600'
    no_log: true
    with_items:
      - "username={{ storage_account_name }}"
      - "password={{ storage_key.stdout }}"
    when: smb_check is failed

  - name : mount smb
    mount:
      fstype: cifs
      src: "//{{ storage_account_name }}.file.core.windows.net/{{ file_share_name }}"
      path: "/mymounts/mysmb"
      opts: "nofail,vers=3.0,credentials=/etc/.smb,serverino,dir_mode=0755,file_mode=0755"
      state: mounted
    when: smb_check is failed

现在，安装驱动器。替换

存储\帐户\名称

和

文件\共享\名称

：

  - name: get storage key
    shell: "curl -s https://management.azure.com/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group_name }}/providers/Microsoft.Storage/storageAccounts/{{ storage_account_name }}/listKeys?api-version=2016-12-01 --request POST -d \"\" -H \"Authorization: Bearer {{ storage_token.stdout }}\" | jq -r '.keys[0].value'"
    register: storage_key
    no_log: true
    when: smb_check is failed

  - name: add SMB creds to file
    lineinfile:
      dest: "/etc/.smb"
      line: "{{ item }}"
      state: present
      create: yes
      owner: root
      group: root
      mode: '0600'
    no_log: true
    with_items:
      - "username={{ storage_account_name }}"
      - "password={{ storage_key.stdout }}"
    when: smb_check is failed

  - name : mount smb
    mount:
      fstype: cifs
      src: "//{{ storage_account_name }}.file.core.windows.net/{{ file_share_name }}"
      path: "/mymounts/mysmb"
      opts: "nofail,vers=3.0,credentials=/etc/.smb,serverino,dir_mode=0755,file_mode=0755"
      state: mounted
    when: smb_check is failed

最后，为装载设置适当的权限：

  - name: set correct permissions
    file:
      path: "/mymount/mysmb"
      mode: "2755"
      recurse: yes
    when: smb_check is failed

对于最近遇到此答案的任何人，如果您的服务帐户中实施了加密协议（配置>需要安全传输），则需要使用vers=3.0，而不是此答案中显示的2.1。