annan211
- 浏览: 470465 次
- 性别:
- 来自: 广州
-
文章分类
- 全部博客 (369)
- javascript html (20)
- java (31)
- jquery (15)
- jcrop (0)
- JEECG (1)
- ajax (3)
- 反射 (3)
- VI (1)
- mysql (48)
- easyui (1)
- svn (2)
- MD5 加密 (1)
- spring (14)
- ORACLE (8)
- 经验总结 (1)
- TCP/IP协议 (1)
- ICMP协议 (1)
- eclipse (1)
- Reflect (1)
- linux (21)
- android (5)
- excel 操作 (1)
- java tree (1)
- html (1)
- plupload (1)
- mongodb (9)
- aes (1)
- python (1)
- java relax (1)
- highcharts (2)
- json (2)
- java 多线程 (30)
- maven (2)
- 设计模式 (1)
- jsp+js (2)
- 面向对象 (1)
- jvm (16)
- 缓存 (1)
- proxy (1)
- 聊侃 (1)
- 面经 (1)
- java 字节 (1)
- java 类加载器 (2)
- java 基础 (2)
- java 语法糖 (1)
- java 位运算 (1)
- 排序 (3)
- java 服务器性能优化 (19)
- 网络编程 (2)
- jvm 参数设置 (0)
- jersey (1)
- webservice (2)
- nginx+多tomcat 集成 (5)
- nginx (16)
- squid (3)
- memcached (5)
- 正则表达式 (1)
- 常用免费接口 (1)
- jpa (1)
- win7 (1)
- java处理大文件 (1)
- js正则表达式 (1)
- tomcat (1)
- java 敏感字 (1)
- 系统架构优化 (4)
- 学习 (1)
- 本地测试QQ微博第三方登陆 (1)
- java 错误 (1)
- 微信支付 (1)
- https (1)
- httpclient (1)
- awk (2)
- loadrunner (1)
- sql server 2008 (3)
- git (4)
- sql server2008 (1)
- solr (2)
- centos (1)
- 数据存储架构 (3)
- log4j (1)
- weboffice (1)
- 并发编程 (1)
- postgreSQL (0)
- ssl (1)
- openssl (1)
- activeMQ (2)
- IDEA (1)
- shell (1)
- ansible (4)
- docker (2)
- grafana (1)
- jmeter (1)
- TLS (1)
- 将博客搬至CSDN (1)
最新评论
-
dida1990:
啊喔,过去了这么久,不过还是评一个。谁说uuid的hashCo ...
高并发生成订单号(二) -
annan211:
yclovesun 写道使用了uuid,为什么还要machin ...
高并发生成订单号(二) -
yclovesun:
使用了uuid,为什么还要machineId?uuid已经可以 ...
高并发生成订单号(二) -
u013280917:
太深奥,看不懂
mysql优化特定类型的查询
Ansible 根据主机的不同,有时候需要处理不同的场景,例如存在如下场景,配置多台VM的Compoment 不同的 TLS证书和Password。
inventory 文件
configure.yml 文件
vars 变量文件
common/connector-mqtt-tls-enable.yml
common/connector-http-tls-enable.yml
Result
第二种方式
inventory 文件
vars 变量文件
configure.yml文件
common/connector-mqtt-tls-enable.yml
common/connector-http-tls-enable.yml
结果是一样的
inventory 文件
[dispatcher-connector] 192.168.99.17 192.168.99.5 [dispatcher-manager] 192.168.99.17 [dispatcher-tools] 192.168.99.17
configure.yml 文件
---
- name: tls enable for connector
hosts: dispatcher-connector
vars_files:
- ./vars/dispatcher.yml
vars:
certs_store_path: "{{ connector_certs_dir }}"
configure_file: "{{ dispatcher_installation_home }}/dispatcher/dispatcher-connector/conf/connector.properties"
become: yes
become_user: root
tasks:
- debug: var=hostvars[inventory_hostname]['ansible_default_ipv4']['address']
- debug: var=connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['ssl.keystore.location']
- debug: var={{connector_mqtt_key_store_password_base64[inventory_hostname]}}
- name: add mqtt configure tls config
include: "{{ playbook_dir }}/common/connector-mqtt-tls-enable.yml"
when: connector_mqtt_tls_enable
- name: add http configure tls config
include: "{{ playbook_dir }}/common/connector-http-tls-enable.yml"
when: connector_http_tls_enable
tags: dispatcher-connector
vars 变量文件
############################## Dispatcher Installation Basic Info ###############
latest_version: 4.1.1
origin_version: 4.1.1
dispatcher_installation_home: /opt/ddi/dispatcher
dispatcher_user_name: dispatcher
dispatcher_group_name: dispatcher
dispatcher_user_home: /home/dispatcher
dispatcher_connector_http_host: "{{ groups['dispatcher-connector'][0] }}"
############################## Dispatcher EP Installation Info #################
connector_ep_list:
manager_ep_list:
connector_lib_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-connector/lib"
manager_lib_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-manager/webapps/WEB-INF/lib"
certs_from_path: "{{ playbook_dir }}/files"
connector_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-connector/conf/certs"
manager_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-manager/conf/certs"
tools_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-tools/cli/conf/certs"
############################## tls setting for dispatcher ######################
connector_mqtt_tls_enable: true
connector_mqtt:
192.168.99.17:
key_store_password_base64: MTEyMjMz
key_manager_password_base64: MTEyMjMz
trust_store_password_base64: Y2hhbmdlaXQ=
ssl.keystore.location: "/opt/connector-mqtt.server.keystore.jks"
ssl.truststore.location: "/opt/connector-mqtt.server.truststore.jks"
192.168.99.5:
key_store_password_base64: MTEyMjMz
key_manager_password_base64: MTEyMjMz
trust_store_password_base64: Y2hhbmdlaXQ=
ssl.keystore.location: "/opt/connector-mqtt.server.keystore.jks"
ssl.truststore.location: "/opt/connector-mqtt.server.truststore.jks"
connector_http_tls_enable: true
connector_http:
192.168.99.17:
key_store_password_base64: MTEyMjMz
key_manager_password_base64: MTEyMjMz
trust_store_password_base64: Y2hhbmdlaXQ=
ssl.keystore.location: "{{ playbook_dir }}/files/192.168.99.17/connector-mqtt.server.keystore.jks"
ssl.truststore.location: "{{ playbook_dir }}/files/192.168.99.17/connector-mqtt.server.truststore.jks"
192.168.99.5:
key_store_password_base64: MTEyMjMz
key_manager_password_base64: MTEyMjMz
trust_store_password_base64: Y2hhbmdlaXQ=
ssl.keystore.location: "{{ playbook_dir }}/files/192.168.99.5/connector-mqtt.server.keystore.jks"
ssl.truststore.location: "{{ playbook_dir }}/files/192.168.99.5/connector-mqtt.server.truststore.jks"
#connector_mqtt_key_store_password_base64: MTEyMjMz
#connector_mqtt_key_manager_password_base64: MTEyMjMz
#connector_mqtt_trust_store_password_base64: Y2hhbmdlaXQ=
#connector_http_key_store_password_base64: MTEyMjMz
#connector_http_key_manager_password_base64: MTEyMjMz
#connector_http_trust_store_password_base64: Y2hhbmdlaXQ=
connectivity_https_port: 8443
monitor_https_port: 8444
connectivity_http_port: 8080
monitor_http_port: 8161
common/connector-mqtt-tls-enable.yml
---
- name: create certs store directory
file:
path: "{{ certs_store_path }}"
owner: dispatcher
group: dispatcher
state: directory
- name: copy dispatcher-connector keystore certs
copy:
src: "{{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['ssl.keystore.location'] }}"
dest: "{{ certs_store_path }}/connector-mqtt.server.keystore.jks"
mode: 0644
- name: copy dispatcher-connector truststore certs
copy:
src: "{{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['ssl.truststore.location'] }}"
dest: "{{ certs_store_path }}/connector-mqtt.server.truststore.jks"
mode: 0644
- name: modify connector keystore path if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.store.path=\s*/?\w+'
line: 'mqtt.ssl.key.store.path={{ certs_store_path }}/connector-mqtt.server.keystore.jks'
backrefs: yes
backup: yes
state: present
- name: add connector keystore path if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.store.path=\s*/?\w+'
line: 'mqtt.ssl.key.store.path={{ certs_store_path }}/connector-mqtt.server.keystore.jks'
insertafter: '^mqtt.authentication.certificate.deviceId.key'
state: present
- name: modify connector keystore password if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.store.password=\s*/?\w+'
line: "mqtt.ssl.key.store.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_store_password_base64'] }}"
backrefs: yes
backup: yes
state: present
- name: add connector keystore password if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.store.password=\s*/?\w+'
line: "mqtt.ssl.key.store.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_store_password_base64'] }}"
insertafter: '^mqtt.ssl.key.store.path'
state: present
- name: modify connector key manager password if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.manager.password=\s*/?\w+'
line: "mqtt.ssl.key.manager.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_manager_password_base64'] }}"
backrefs: yes
backup: yes
state: present
- name: add connector keystore password if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.manager.password=\s*/?\w+'
line: "mqtt.ssl.key.manager.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_manager_password_base64'] }}"
insertafter: '^mqtt.ssl.key.store.password'
state: present
- name: modify connector truststore path if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.trust.store.path=\s*/?\w+'
line: 'mqtt.ssl.trust.store.path={{ certs_store_path }}/connector-mqtt.server.truststore.jks'
backrefs: yes
backup: yes
state: present
- name: add connector truststore path if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.trust.store.path=\s*/?\w+'
line: 'mqtt.ssl.trust.store.path={{ certs_store_path }}/connector-mqtt.server.truststore.jks'
insertafter: '^mqtt.ssl.key.manager.password'
state: present
- name: modify connector truststore password if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.trust.store.password=\s*/?\w+'
line: "mqtt.ssl.trust.store.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['trust_store_password_base64'] }}"
backrefs: yes
backup: yes
state: present
- name: add connector truststore password if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.trust.store.password=\s*/?\w+'
line: "mqtt.ssl.trust.store.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['trust_store_password_base64'] }}"
insertafter: '^mqtt.ssl.trust.store.path'
state: present
common/connector-http-tls-enable.yml
---
- name: create certs store directory
file:
path: "{{ certs_store_path }}"
owner: dispatcher
group: dispatcher
state: directory
- name: copy dispatcher-connector keystore certs
copy:
src: "{{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['ssl.keystore.location'] }}"
dest: "{{ certs_store_path }}/connector-http.server.keystore.jks"
mode: 0644
- name: copy dispatcher-connector truststore certs
copy:
src: "{{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['ssl.truststore.location'] }}"
dest: "{{ certs_store_path }}/connector-http.server.truststore.jks"
mode: 0644
- name: modify connector keystore path if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.store.path=\s*/?\w+'
line: 'http.ssl.key.store.path={{ certs_store_path }}/connector-http.server.keystore.jks'
backrefs: yes
backup: yes
state: present
- name: add connector keystore path if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.store.path=\s*/?\w+'
line: 'http.ssl.key.store.path={{ certs_store_path }}/connector-http.server.keystore.jks'
insertafter: '^mqtt.ssl.trust.store.password'
state: present
- name: modify connector keystore password if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.store.password=\s*/?\w+'
line: "http.ssl.key.store.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_store_password_base64'] }}"
backrefs: yes
backup: yes
state: present
- name: add connector keystore password for http if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.store.password=\s*/?\w+'
line: "http.ssl.key.store.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_store_password_base64'] }}"
insertafter: '^http.ssl.key.store.path'
state: present
- name: modify connector key manager password for http if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.manager.password=\s*/?\w+'
line: "http.ssl.key.manager.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_manager_password_base64'] }}"
backrefs: yes
backup: yes
state: present
- name: add connector key manager password for http if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.manager.password=\s*/?\w+'
line: "http.ssl.key.manager.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_manager_password_base64'] }}"
insertafter: '^http.ssl.key.store.password'
state: present
- name: modify connector truststore path for http if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.trust.store.path=\s*/?\w+'
line: 'http.ssl.trust.store.path={{ certs_store_path }}/connector-http.server.truststore.jks'
backrefs: yes
backup: yes
state: present
- name: add connector truststore path for http if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.trust.store.path=\s*/?\w+'
line: 'http.ssl.trust.store.path={{ certs_store_path }}/connector-http.server.truststore.jks'
insertafter: '^http.ssl.key.manager.password'
state: present
- name: modify connector truststore password for http if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.trust.store.password=\s*/?\w+'
line: "http.ssl.trust.store.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['trust_store_password_base64'] }}"
backrefs: yes
backup: yes
state: present
- name: add connector truststore password for http if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.trust.store.password=\s*/?\w+'
line: "http.ssl.trust.store.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['trust_store_password_base64'] }}"
insertafter: '^http.ssl.trust.store.path'
state: present
Result
第二种方式
inventory 文件
[dispatcher-connector] 192.168.99.17 192.168.99.5 [dispatcher-manager] 192.168.99.17 [dispatcher-tools] 192.168.99.17
vars 变量文件
---
############################## Dispatcher Installation Basic Info ###############
latest_version: 4.1.1
origin_version: 4.1.1
dispatcher_installation_home: /opt/ddi/dispatcher
dispatcher_user_name: dispatcher
dispatcher_group_name: dispatcher
dispatcher_user_home: /home/dispatcher
dispatcher_connector_http_host: "{{ groups['dispatcher-connector'][0] }}"
############################## Dispatcher EP Installation Info #################
connector_ep_list:
manager_ep_list:
connector_lib_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-connector/lib"
manager_lib_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-manager/webapps/WEB-INF/lib"
certs_from_path: "{{ playbook_dir }}/files"
connector_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-connector/conf/certs"
manager_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-manager/conf/certs"
tools_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-tools/cli/conf/certs"
############################## tls setting for dispatcher ######################
connector_mqtt_tls_enable: true
connector_http_tls_enable: true
connector_mqtt_key_store_password_base64:
host1: MTEyMjMz1
host2: MTEyMjMz2
connector_mqtt_key_manager_password_base64:
host1: MTEyMjMz1
host2: MTEyMjMz2
connector_mqtt_trust_store_password_base64:
host1: Y2hhbmdlaXQ=1
host2: Y2hhbmdlaXQ=2
connector_mqtt_ssl_keystore_location:
host1: /opt/ssl/connector-mqtt.server.keystore1.jks
host2: /opt/ssl/connector-mqtt.server.keystore2.jks
connector_mqtt_ssl_truststore_location:
host1: /opt/ssl/connector-mqtt.server.truststore1.jks
host2: /opt/ssl/connector-mqtt.server.truststore2.jks
connector_http_key_store_password_base64:
host1: MTEyMjMz1
host2: MTEyMjMz2
connector_http_key_manager_password_base64:
host1: MTEyMjMz1
host2: MTEyMjMz2
connector_http_trust_store_password_base64:
host1: Y2hhbmdlaXQ=1
host2: Y2hhbmdlaXQ=2
connector_http_ssl_keystore_location:
host1: /opt/ssl/connector-http.server.keystore1.jks
host2: /opt/ssl/connector-http.server.keystore2.jks
connector_http_ssl_truststore_location:
host1: /opt/ssl/connector-http.server.truststore1.jks
host2: /opt/ssl/connector-http.server.truststore2.jks
configure.yml文件
---
- name: tls enable for connector
hosts: dispatcher-connector
vars_files:
- ./vars/dispatcher.yml
vars:
certs_store_path: "{{ connector_certs_dir }}"
configure_file: "{{ dispatcher_installation_home }}/dispatcher/dispatcher-connector/conf/connector.properties"
become: yes
become_user: root
tasks:
- name: add kafka tls config
include: "{{ playbook_dir }}/common/kafka-tls-enable.yml"
when: kafka_tls_enable
- name: add cassandra tls config
include: "{{ playbook_dir }}/common/cassandra-tls-enable.yml"
when: cassandra_tls_enable
- name: add mqtt configure tls config
include: "{{ playbook_dir }}/common/connector-mqtt-tls-enable.yml"
when: connector_mqtt_tls_enable
- name: add http configure tls config
include: "{{ playbook_dir }}/common/connector-http-tls-enable.yml"
when: connector_http_tls_enable
tags: dispatcher-connector
- name: tls enable for manager
hosts: dispatcher-manager
vars_files:
- ./vars/dispatcher.yml
vars:
certs_store_path: "{{ manager_certs_dir }}"
configure_file: "{{ dispatcher_installation_home }}/dispatcher/dispatcher-manager/conf/manager.properties"
become: yes
become_user: root
tasks:
- name: add kafka tls config
include: "{{ playbook_dir }}/common/kafka-tls-enable.yml"
when: kafka_tls_enable
- name: add cassandra tls config
include: "{{ playbook_dir }}/common/cassandra-tls-enable.yml"
when: cassandra_tls_enable
tags: dispatcher-manager
- name: tls enable for tools
hosts: dispatcher-tools
vars_files:
- ./vars/dispatcher.yml
vars:
certs_store_path: "{{ tools_certs_dir }}"
configure_file: "{{ dispatcher_installation_home }}/dispatcher/dispatcher-tools/cli/conf/cli.conf"
become: yes
become_user: root
tasks:
- name: add cassandra tls config
include: "{{ playbook_dir }}/common/cassandra-tls-enable.yml"
when: cassandra_tls_enable
tags: dispatcher-tools
common/connector-mqtt-tls-enable.yml
---
- name: create certs store directory
file:
path: "{{ certs_store_path }}"
owner: dispatcher
group: dispatcher
state: directory
- name: copy dispatcher-connector keystore certs
copy:
src: "{{ connector_mqtt_ssl_keystore_location[inventory_hostname] }}"
dest: "{{ certs_store_path }}/connector-mqtt.server.keystore.jks"
mode: 0644
- name: copy dispatcher-connector truststore certs
copy:
src: "{{ connector_mqtt_ssl_truststore_location[inventory_hostname] }}"
dest: "{{ certs_store_path }}/connector-mqtt.server.truststore.jks"
mode: 0644
- name: modify connector keystore path if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.store.path=\s*/?\w+'
line: 'mqtt.ssl.key.store.path={{ certs_store_path }}/connector-mqtt.server.keystore.jks'
backrefs: yes
backup: yes
state: present
- name: add connector keystore path if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.store.path=\s*/?\w+'
line: 'mqtt.ssl.key.store.path={{ certs_store_path }}/connector-mqtt.server.keystore.jks'
insertafter: '^mqtt.authentication.certificate.deviceId.key'
state: present
- name: modify connector keystore password if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.store.password=\s*/?\w+'
line: "mqtt.ssl.key.store.password={{ connector_mqtt_key_store_password_base64[inventory_hostname] }}"
backrefs: yes
backup: yes
state: present
- name: add connector keystore password if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.store.password=\s*/?\w+'
line: "mqtt.ssl.key.store.password={{ connector_mqtt_key_store_password_base64[inventory_hostname] }}"
insertafter: '^mqtt.ssl.key.store.path'
state: present
- name: modify connector key manager password if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.manager.password=\s*/?\w+'
line: "mqtt.ssl.key.manager.password={{ connector_mqtt_key_manager_password_base64[inventory_hostname] }}"
backrefs: yes
backup: yes
state: present
- name: add connector key manager password if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.manager.password=\s*/?\w+'
line: "mqtt.ssl.key.manager.password={{ connector_mqtt_key_manager_password_base64[inventory_hostname] }}"
insertafter: '^mqtt.ssl.key.store.password'
state: present
- name: modify connector truststore path if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.trust.store.path=\s*/?\w+'
line: 'mqtt.ssl.trust.store.path={{ certs_store_path }}/connector-mqtt.server.truststore.jks'
backrefs: yes
backup: yes
state: present
- name: add connector truststore path if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.trust.store.path=\s*/?\w+'
line: 'mqtt.ssl.trust.store.path={{ certs_store_path }}/connector-mqtt.server.truststore.jks'
insertafter: '^mqtt.ssl.key.manager.password'
state: present
- name: modify connector truststore password if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.trust.store.password=\s*/?\w+'
line: "mqtt.ssl.trust.store.password={{ connector_mqtt_trust_store_password_base64[inventory_hostname] }}"
backrefs: yes
backup: yes
state: present
- name: add connector truststore password if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.trust.store.password=\s*/?\w+'
line: "mqtt.ssl.trust.store.password={{ connector_mqtt_trust_store_password_base64[inventory_hostname] }}"
insertafter: '^mqtt.ssl.trust.store.path'
state: present
common/connector-http-tls-enable.yml
---
- name: create certs store directory
file:
path: "{{ certs_store_path }}"
owner: dispatcher
group: dispatcher
state: directory
- name: copy dispatcher-connector keystore certs
copy:
src: "{{ connector_http_ssl_keystore_location[inventory_hostname] }}"
dest: "{{ certs_store_path }}/connector-http.server.keystore.jks"
mode: 0644
- name: copy dispatcher-connector truststore certs
copy:
src: "{{ connector_http_ssl_truststore_location[inventory_hostname] }}"
dest: "{{ certs_store_path }}/connector-http.server.truststore.jks"
mode: 0644
- name: modify connector keystore path if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.store.path=\s*/?\w+'
line: 'http.ssl.key.store.path={{ certs_store_path }}/connector-http.server.keystore.jks'
backrefs: yes
backup: yes
state: present
- name: add connector keystore path if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.store.path=\s*/?\w+'
line: 'http.ssl.key.store.path={{ certs_store_path }}/connector-http.server.keystore.jks'
insertafter: '^mqtt.ssl.trust.store.password'
state: present
- name: modify connector keystore password if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.store.password=\s*/?\w+'
line: "http.ssl.key.store.password={{ connector_http_key_store_password_base64[inventory_hostname] }}"
backrefs: yes
backup: yes
state: present
- name: add connector keystore password for http if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.store.password=\s*/?\w+'
line: "http.ssl.key.store.password={{ connector_http_key_store_password_base64[inventory_hostname] }}"
insertafter: '^http.ssl.key.store.path'
state: present
- name: modify connector key manager password for http if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.manager.password=\s*/?\w+'
line: "http.ssl.key.manager.password={{ connector_http_key_manager_password_base64[inventory_hostname] }}"
backrefs: yes
backup: yes
state: present
- name: add connector key manager password for http if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.manager.password=\s*/?\w+'
line: "http.ssl.key.manager.password={{ connector_http_key_manager_password_base64[inventory_hostname] }}"
insertafter: '^http.ssl.key.store.password'
state: present
- name: modify connector truststore path for http if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.trust.store.path=\s*/?\w+'
line: 'http.ssl.trust.store.path={{ certs_store_path }}/connector-http.server.truststore.jks'
backrefs: yes
backup: yes
state: present
- name: add connector truststore path for http if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.trust.store.path=\s*/?\w+'
line: 'http.ssl.trust.store.path={{ certs_store_path }}/connector-http.server.truststore.jks'
insertafter: '^http.ssl.key.manager.password'
state: present
- name: modify connector truststore password for http if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.trust.store.password=\s*/?\w+'
line: "http.ssl.trust.store.password={{ connector_http_trust_store_password_base64[inventory_hostname] }}"
backrefs: yes
backup: yes
state: present
- name: add connector truststore password for http if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.trust.store.password=\s*/?\w+'
line: "http.ssl.trust.store.password={{ connector_http_trust_store_password_base64[inventory_hostname] }}"
insertafter: '^http.ssl.trust.store.path'
state: present
结果是一样的
- 大小: 31.7 KB
分享到:
发表评论
相关推荐
案件 提供Ansible剧本来安装Chocolatey,git和OpenSSH,还使用本地...在清单文件./inventories/case_study/hosts.yml (请参见下图) 指定主机名或IP地址 指定用户/密码。 请注意,最好使用而不要清除密码。 指定w
内容概要:本文详细介绍了如何利用A*算法改进传统的往返式路径规划,解决扫地机器人在复杂环境中容易卡住的问题。首先构建了一个可视化的栅格地图用于模拟环境,然后引入了优先级运动规则,使机器人能够有规律地进行往返清扫。当遇到死角时,通过A*算法计算最佳逃生路径,确保机器人能够顺利脱困并继续完成清扫任务。实验结果显示,改进后的算法显著提高了清洁覆盖率,降低了路径重复率。此外,还讨论了一些潜在的优化方向,如动态调整启发函数权重、断点续传以及能耗模型等。 适合人群:对路径规划算法感兴趣的科研人员、自动化专业学生、扫地机器人开发者。 使用场景及目标:适用于需要高覆盖率和低重复率的室内清洁任务,旨在提高扫地机器人的工作效率和智能化水平。 其他说明:文中提供了详细的Matlab代码实现,并附带了仿真测试结果,有助于读者理解和复现该算法。
爬取喜马拉雅听书(1)
安卓向上传递数据学习笔记总结
1、文件说明: Centos8操作系统tigervnc-selinux-1.11.0-9.el8.rpm以及相关依赖,全打包为一个tar.gz压缩包 2、安装指令: #Step1、解压 tar -zxvf tigervnc-selinux-1.11.0-9.el8.tar.gz #Step2、进入解压后的目录,执行安装 sudo rpm -ivh *.rpm
内容概要:本文详细介绍了户外储能电源双向逆变器板的技术资料及其特点。涵盖原理文件、PCB文件、源代码、电感与变压器规格参数等,适用于2KW(最大3KW)的户外储能电源。文中强调了双向软开关DC-DC设计、两颗M0+ 32位MCU的分工、SPWM调制方式、H桥IGBT的应用、详细的电气参数和技术特性。此外,还包括了SPWM信号生成代码示例、硬件设计细节、生产注意事项等。 适合人群:从事户外储能电源开发的技术人员、电子工程师、产品经理等。 使用场景及目标:帮助开发者快速掌握双向逆变器板的设计和生产要点,缩短产品研发周期,提高产品质量和可靠性。具体应用场景包括但不限于户外应急电源、便携式储能设备等。 其他说明:本文提供了丰富的技术细节和实践经验,如双向软开关DC-DC设计、SPWM调制、IGBT驱动、EMC整改记录等,有助于解决实际开发中的难题。同时,附带的实际案例展示了该方案的成功应用,进一步证明了其可行性和优越性。
电子仿真教程,从基础到精通,每个压缩包15篇教程,每篇教程5000字以上。
内容概要:美国计算机学会(ACM)是一个成立于1947年的国际性计算机专业组织,致力于推动计算机科学的发展,提供教育、资源和专业发展机会。ACM的使命是促进计算机科学和信息技术领域的进步,愿景是成为全球计算机专业人士的首选组织。其核心价值包括卓越、诚信、包容性、合作和创新。ACM定期举办学术会议,如SIGGRAPH和图灵奖颁奖典礼,出版高质量的学术期刊和会议论文集,涵盖人工智能、软件工程、网络安全等领域。此外,ACM还提供在线课程、研讨会、认证项目等教育资源,以及职业规划、网络机会和领导力培训等职业发展服务。ACM图灵奖被誉为“计算机界的诺贝尔奖”,每年颁发给对计算机科学和技术做出重大贡献的个人。; 适合人群:计算机科学领域的专业人士、教育工作者、工程师和学生。; 使用场景及目标:①了解计算机科学领域的最新研究成果和发展趋势;②获取高质量的教育资源和职业发展机会;③参与计算机科学领域的学术交流和合作。; 其他说明:ACM作为一个全球性的组织,在教育、研究和行业实践中发挥着重要作用,推动了技术创新和社会进步。
logstash-8.17.4-windows-x86_64.zip
springboot 一个基于Springboot使用Aspect实现一个切面,以记录日志为例
音箱底部折边设备sw22可编辑_三维3D设计图纸_包括零件图_机械3D图可修改打包下载_三维3D设计图纸_包括零件图_机械3D图可修改打包下载.zip
内容概要:本文详细介绍了如何使用Python、Django和MySQL构建一个完整的个性化图书推荐系统。系统从前端界面设计、后端逻辑实现到数据库设计,涵盖了用户管理、图书管理、评分系统等功能模块。重点讲解了基于用户和项目的协同过滤算法实现,以及在用户评分数据不足时的标签推荐备份方案。此外,还包括了系统部署、测试和优化的具体步骤,如云服务器部署、性能测试、数据库优化等。 适合人群:具备一定Python和Web开发基础的研发人员,尤其是对推荐系统感兴趣的技术爱好者。 使用场景及目标:适用于希望深入了解图书推荐系统的工作原理和实现细节的技术人员。目标是帮助读者掌握从零开始搭建一个完整的个性化推荐系统的方法,包括前后端开发、算法实现和系统部署。 其他说明:文中提供了大量代码示例和实战经验,如数据库设计、爬虫实现、权限管理等,有助于读者更好地理解和应用相关技术。
Ai和python学习资料
文本摘要
冲击试验机sw22_三维3D设计图纸_包括零件图_机械3D图可修改打包下载_三维3D设计图纸_包括零件图_机械3D图可修改打包下载.zip
内容概要:本文详细介绍了MyBatis Plus(MP),它是MyBatis的增强工具,旨在简化CRUD操作、提高开发效率。其主要功能包括内置分页插件、简化CRUD操作以及代码生成器。使用时只需引入相应依赖,自定义Mapper接口继承BaseMapper泛型接口,并通过实体类反射获取数据库表信息。文章还介绍了常用注解如@TableName、@TableId、@TableField、@TableLogic和@Version,配置项如全局配置、类型别名和Mapper文件路径,以及核心功能如批量插入、分页查询、条件构造器(Wrapper)等。此外,扩展功能涵盖逻辑删除、枚举处理器和JSON处理器,插件功能则包括分页插件的配置和使用。 适合人群:具备一定Java开发经验,尤其是熟悉MyBatis框架的开发者,特别是那些希望提高开发效率、减少重复代码的工作1-3年研发人员。 使用场景及目标:①简化数据库操作,提高开发效率;②快速生成代码,减少手动编写SQL语句的工作量;③实现分页查询、逻辑删除、枚举和JSON字段处理等高级功能,提升应用的灵活性和可维护性。 其他说明:本文不仅提供了MyBatis Plus的功能介绍和使用方法,还深入探讨了条件构造器(Wrapper)的使用技巧,帮助开发者更好地理解和掌握这一强大的工具。在实际开发中,合理利用这些功能可以显著提高开发效率和代码质量。建议在学习过程中结合具体项目实践,逐步掌握各个功能的应用场景和最佳实践。
电子仿真教程,从基础到精通,每个压缩包15篇教程,每篇教程5000字以上。
这个是完整源码 SpringBoot + vue 实现 【java毕业设计】Springboot+Vue高考志愿填报系统 源码+sql脚本+论文 完整版 数据库是mysql 随着高考制度的不断完善和高等教育资源的日益丰富,高考志愿填报成为考生和家长关注的焦点。本文旨在开发一个基于Spring Boot后端框架、Vue.js前端框架和实现以下功能:考生信息管理、院校信息查询、专业信息查询、志愿填报、志愿评测等。通过Spring Boot框架构建后端服务,提供 API接口与前端进行交互;Vue.js框架用于构建前端用户界面,实现数据的动态展示和交互操作;MySQL数据库用于存储考生信息、院校信息、专业信息等数据。 在系统设计过程中,我们充分考MySQL数据库的高考志愿填报系统,提高志愿填报的效率和准确性,为考生和家长提供便捷的服务。 系统主要实现以下功能:考分考MySQL数据库的高考志愿填报系统,提高志愿填报的效率和准确性,为考生和家长提供便捷的服务生信息管理、院校信息查询、专业信息查询、志愿填报、志愿评测等。通过Spring Boot框架构建后端服务,提供 API接口与前端进行交互;Vue.js框架用于构建前端用户界面,实现数据的动态展示和交互操作;MySQL数据库用于存储考生信息、院校信息、专业信息等数据。 在系统设计过程中,我们充分考虑了系统的易用性、可扩展性和安全性。通过合理的数据库设计和优化,提高了系统的查询效率。同时,采用Spring Security等安全框架对系统进行安全防护,确保数据的安全性。 本文详细阐述了系统的需求分析、设计、实现和测试过程,并对关键技术和实现难点进行了深入探讨。通过实验验证,本系统能够满足高考志愿填报的基本需求,为考生和家长提供了高效、便捷的服务。此外,本文还对系统未来的发展方向和改进空间进行了展望,以期进一步完善系统功能,提高用户体验。
内容概要:本文详细介绍了基于MATLAB实现的两种经典特征选择算法——向后搜索(SBS)和向前搜索(SFS)。首先通过构造简单的虚拟数据集展示了这两个算法的基本思想和实现步骤。接着深入探讨了SBS和SFS的具体实现方式,包括特征集的初始化、特征的选择/剔除机制以及评价函数的设计。文中还提供了具体的MATLAB代码示例,帮助读者更好地理解和应用这两种算法。此外,文章讨论了SBS和SFS的特点和局限性,并给出了在实际工程项目中的选型建议。 适合人群:对特征选择有一定兴趣并希望深入了解SBS和SFS算法的初学者,尤其是那些希望通过MATLAB进行特征选择研究的人群。 使用场景及目标:适用于需要从大量特征中挑选出最具影响力的少数特征的情况,如生物医学数据分析、图像识别等领域。主要目标是提高模型性能的同时减少计算成本。 其他说明:尽管SBS和SFS属于较为基础的特征选择方法,在现代工业级项目中已被更先进的算法所替代,但对于理解特征选择的基本原理仍然非常重要。同时,文章强调了评价函数设计的重要性,并指出在实际应用中应综合考虑业务背景和技术因素。