ansbile 创建 主机之间的信任关系

- hosts: servers
  user: ubuntu
  sudo: yes
  gather_facts: no

  tasks:
   - name: create temp dir
     file: path=/tmp/special state=directory mode=0755
   - name: check private key
     stat: path=~/.ssh/id_rsa
     register: st
   - name: create key pairs
     shell:  ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa -q -b 2048 -C "com"
     when: st.stat.exists == False
   - name: get the public ke
     fetch:
       src: ~/.ssh/id_rsa.pub
       dest: /tmp/special/

- hosts: server1
  user: sdev
  sudo: yes
  gather_facts: no

  tasks:
   - name: get key list
     shell: cat  /tmp/special/*/root/.ssh/id_rsa.pub
     connection: local
     register: key_list
   - name: add keys
     lineinfile:
      dest: /root/.ssh/authorized_keys
      line: "{{ item }}"
     with_items: "{{ key_list.stdout_lines }}"
   - name: remove old keys
     file:  path=/tmp/special state=absent
     connection: local


此playbook 实现了 创建key pairs时候，如果key pair已经创建，就不会再创建新的key pair；

在添加pub key时 ，如果pub key已经在文件 authorized_keys存在，不会重复添加。