时间戳

首页 > 解决方案 > 为什么我在ansible中看到remote_user应该是字符串错误?

linux - 为什么我在ansible中看到remote_user应该是字符串错误?

问题描述

所以我有剧本

定义在

Ansible_set_up_ssh/roles/comon/tasks/main.yml

---
- name: Add a new user named provision
  user:
    name: provision
    password: "{{ provision_password }}"

- name: Add provision user to the sudoers
  copy:
    dest: "/etc/sudoers.d/provision"
    content: "provision  ALL=(ALL)  NOPASSWD: ALL"

- name: Deploy SSH Key
  authorized_key: 
    user: provision
    key: "{{ lookup('file', '/home/provision/.ssh/id_rsa.pub') }}"
    state: present

- name: Disable Password Authentication
  lineinfile:
    path: /etc/ssh/sshd_config
    regexp: '^PasswordAuthentication'
    line: "PasswordAuthentication no"
    state: present
    backup: yes

  notify:
    - restart ssh

- name: Disable Root Login
  lineinfile:
    path: /etc/ssh/sshd_config
    regexp: '^PermitRootLogin'
    line: "PermitRootLogin no"
    state: present
    backup: yes

  notify:
    - restart ssh

vars 文件在这里定义

Ansible_set_up_ssh/roles/comon/vars/main.yml

provision_password: 'foo'
remote_user: root

处理程序在这里定义 Ansible_set_up_ssh/roles/comon/handlers/main.yml

- name: restart ssh
  systemd:
    name: sshd
    state: restarted

调用角色的主文件是通过 ansible-playbook main.yml以下代码指定的 main.yml 文件

---
- name: Running Updates against hosts
  hosts: all
  become: yes
  roles:
  - { role: Ansible_set_up_ssh/roles/common }

但是当我运行代码时,我得到了错误

ERROR! The field 'remote_user' is supposed to be a string type, however the incoming data structure is a <class 'ansible.parsing.yaml.objects.AnsibleMapping'>

The error appears to be in '/home/dc/xcp/xcp-projects/Ansible_set_up_ssh/roles/comon/tasks/main.yml': line 2, column 3, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

---
- name: Add a new user named provision
  ^ here

我很难理解为什么会这样

我试过通过命令运行剧本

ansible-playbook main.yml -i inventoryfile --ssh-extra-args="-oStrictHostKeyChecking=no" --become-user="root" --limit=kubernetescluster

我还在没有 -become-user="root" 的情况下运行了上面的命令,从文档看来我可以将 remote_user:root 添加到任务清单中,有趣的是,当我这样做时,我得到了错误

ERROR! both 'user' and 'remote_user' are set for . The use of 'user' is deprecated, and should be removed

然而,该文档描绘了一幅不同的画面 https://docs.ansible.com/ansible/latest/collections/ansible/builtin/user_module.html 并且似乎表明该user:密钥仍然受支持

我也尝试完全删除root_user: root键值对,但仍然得到 remote_user 应该是字符串错误?

我的另一个问题是申请时

key: "{{ lookup('file', '/home/provision/.ssh/id_rsa.pub') }}" ansible 会在本地查找此文件,然后将公钥推送到远程系统,还是远程查找此文件.. 文档似乎建议其进行本地查找?

我正在使用的 ansible 版本

ansible --version
ansible 2.9.6
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/dc/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.6/dist-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 3.6.9 (default, Oct  8 2020, 12:12:24) [GCC 8.4.0]

使用的库存文件

[kubernetescluster]
kubernetes_node1 ansible_host=192.168.10.9
kubernetes_node2 ansible_host=192.168.10.10
kubernetes_node3 ansible_host=192.168.10.11

[kubernetescluster:vars]
ansible_python_interpreter=/usr/bin/python3
ansible_user=root

欢迎就如何解决此问题提出想法

标签: linuxansible

解决方案

推荐阅读