标签:ansible ssh port modify ansible-playbook ssh ansible-playbook limits pam limits
一、描述
拿到一批机器,需要做首先是修改ssh端口,防火墙配置,以及limits.conf控制文件描述符,进程数,栈大小等。
二、剧本如下:
---
- hosts: "{{ host }}"
remote_user: "{{ user }}"
gather_facts: false
tasks:
- name: Modify ssh port 69410
lineinfile:
dest: /etc/ssh/{{ item }}
regexp: ‘^Port 69410‘
insertafter: ‘#Port 22‘
line: ‘Port 69410‘
with_items:
- sshd_config
- ssh_config
tags:
- sshport
- name: Set sysctl file limiits
# pam_limits: domain=‘*‘ limit_type={{item.limit_type}} limit_item={{item.limit_item}} value={{item.value}}
pam_limits:
dest: "{{ item.dest }}"
domain: ‘*‘
limit_type: "{{ item.limit_type }}"
limit_item: "{{ item.limit_item }}"
value: "{{ item.value }}"
with_items:
- { dest: ‘/etc/security/limits.conf‘,limit_type: ‘soft‘,limit_item: ‘nofile‘, value: ‘655350‘ }
- { dest: ‘/etc/security/limits.conf‘,limit_type: ‘hard‘,limit_item: ‘nofile‘, value: ‘655350‘}
- { dest: ‘/etc/security/limits.conf‘,limit_type: ‘soft‘,limit_item: ‘nproc‘, value: ‘102400‘ }
- { dest: ‘/etc/security/limits.conf‘,limit_type: ‘hard‘,limit_item: ‘nproc‘, value: ‘102400‘ }
- { dest: ‘/etc/security/limits.conf‘,limit_type: ‘soft‘,limit_item: ‘sigpending‘, value: ‘255377‘ }
- { dest: ‘/etc/security/limits.conf‘,limit_type: ‘hard‘,limit_item: ‘sigpending‘, value: ‘255377‘ }
- { dest: ‘/etc/security/limits.d/90-nproc.conf‘, limit_type: ‘soft‘,limit_item: ‘nproc‘, value: ‘262144‘ }
- { dest: ‘/etc/security/limits.d/90-nproc.conf‘, limit_type: ‘hard‘,limit_item: ‘nproc‘, value: ‘262144‘ }
tags:
- setlimits本文出自 “散人” 博客,请务必保留此出处http://zouqingyun.blog.51cto.com/782246/1885014
ansible-playbook之修改ssh端口和limits参数控制
标签:ansible ssh port modify ansible-playbook ssh ansible-playbook limits pam limits
原文地址:http://zouqingyun.blog.51cto.com/782246/1885014
