使用 Ansible 装载 Azure 文件共享

Question

我想通过 Ansible 挂载 Azure 文件共享。 如果我手动安装，那么命令如下：

sudo mount -t cifs //xxxxxxxxxx.file.core.windows.net/yyyyyyyyyy /<mount point> -o vers=2.1,username=<username>,password=<password>,dir_mode=0777,file_mode=0777,serverino

有人可以帮助我通过 Ansible 使用 mount 模块进行此安装。

Answer 1

只需使用 Mount Module 的 ansible 文档中描述的语法，它应该可以工作。

例子：

- name : Mount Azure files share's
  mount:
    fstype: cifs
    src: "//xxxxxxxxxx.file.core.windows.net/yyyyyyyyyy"
    path: /mountpoint
    opts: vers=2.1,username=<username>,password=<password>,dir_mode=0777,file_mode=0777,serverino
    state: mounted

Answer 2

以下代码在 centos 7 上的 Ansible 2.7.5 中运行良好：

首先，确保实例具有Storage Account Key Operator Service Role 权限或具有该权限的用户分配的身份。还应该安装jq：

然后，检查挂载是否已经设置：

  - name: check mount
    command: "mountpoint /mymounts/mysmb"
    register: smb_check
    ignore_errors: True

然后，获取存储令牌：

  - name: get storage token
    shell: "curl -s 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fmanagement.azure.com%2F' -H Metadata:true | jq -r '.access_token'"
    register: storage_token
    no_log: true
    when: smb_check is failed

然后，获取存储密钥。设置您的subscription_id、resource_group_name 和storage_account_name：

  - name: get storage key
    shell: "curl -s https://management.azure.com/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group_name }}/providers/Microsoft.Storage/storageAccounts/{{ storage_account_name }}/listKeys?api-version=2016-12-01 --request POST -d \"\" -H \"Authorization: Bearer {{ storage_token.stdout }}\" | jq -r '.keys[0].value'"
    register: storage_key
    no_log: true
    when: smb_check is failed

将行添加到文件中。替换storage_account_name：

  - name: add SMB creds to file
    lineinfile:
      dest: "/etc/.smb"
      line: "{{ item }}"
      state: present
      create: yes
      owner: root
      group: root
      mode: '0600'
    no_log: true
    with_items:
      - "username={{ storage_account_name }}"
      - "password={{ storage_key.stdout }}"
    when: smb_check is failed

现在，安装驱动器。替换storage_account_name和file_share_name：

  - name : mount smb
    mount:
      fstype: cifs
      src: "//{{ storage_account_name }}.file.core.windows.net/{{ file_share_name }}"
      path: "/mymounts/mysmb"
      opts: "nofail,vers=3.0,credentials=/etc/.smb,serverino,dir_mode=0755,file_mode=0755"
      state: mounted
    when: smb_check is failed

最后，设置正确的挂载权限：

  - name: set correct permissions
    file:
      path: "/mymount/mysmb"
      mode: "2755"
      recurse: yes
    when: smb_check is failed