linux - 为什么我在ansible中看到remote_user应该是字符串错误?
问题描述
所以我有剧本
定义在
Ansible_set_up_ssh/roles/comon/tasks/main.yml
---
- name: Add a new user named provision
user:
name: provision
password: "{{ provision_password }}"
- name: Add provision user to the sudoers
copy:
dest: "/etc/sudoers.d/provision"
content: "provision ALL=(ALL) NOPASSWD: ALL"
- name: Deploy SSH Key
authorized_key:
user: provision
key: "{{ lookup('file', '/home/provision/.ssh/id_rsa.pub') }}"
state: present
- name: Disable Password Authentication
lineinfile:
path: /etc/ssh/sshd_config
regexp: '^PasswordAuthentication'
line: "PasswordAuthentication no"
state: present
backup: yes
notify:
- restart ssh
- name: Disable Root Login
lineinfile:
path: /etc/ssh/sshd_config
regexp: '^PermitRootLogin'
line: "PermitRootLogin no"
state: present
backup: yes
notify:
- restart ssh
vars 文件在这里定义
Ansible_set_up_ssh/roles/comon/vars/main.yml
provision_password: 'foo'
remote_user: root
处理程序在这里定义 Ansible_set_up_ssh/roles/comon/handlers/main.yml
- name: restart ssh
systemd:
name: sshd
state: restarted
调用角色的主文件是通过
ansible-playbook main.yml
以下代码指定的 main.yml 文件
---
- name: Running Updates against hosts
hosts: all
become: yes
roles:
- { role: Ansible_set_up_ssh/roles/common }
但是当我运行代码时,我得到了错误
ERROR! The field 'remote_user' is supposed to be a string type, however the incoming data structure is a <class 'ansible.parsing.yaml.objects.AnsibleMapping'>
The error appears to be in '/home/dc/xcp/xcp-projects/Ansible_set_up_ssh/roles/comon/tasks/main.yml': line 2, column 3, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
---
- name: Add a new user named provision
^ here
我很难理解为什么会这样
我试过通过命令运行剧本
ansible-playbook main.yml -i inventoryfile --ssh-extra-args="-oStrictHostKeyChecking=no" --become-user="root" --limit=kubernetescluster
我还在没有 -become-user="root" 的情况下运行了上面的命令,从文档看来我可以将 remote_user:root 添加到任务清单中,有趣的是,当我这样做时,我得到了错误
ERROR! both 'user' and 'remote_user' are set for . The use of 'user' is deprecated, and should be removed
然而,该文档描绘了一幅不同的画面
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/user_module.html
并且似乎表明该user:
密钥仍然受支持
我也尝试完全删除root_user: root
键值对,但仍然得到 remote_user 应该是字符串错误?
我的另一个问题是申请时
key: "{{ lookup('file', '/home/provision/.ssh/id_rsa.pub') }}"
ansible 会在本地查找此文件,然后将公钥推送到远程系统,还是远程查找此文件.. 文档似乎建议其进行本地查找?
我正在使用的 ansible 版本
ansible --version
ansible 2.9.6
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/dc/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.6/dist-packages/ansible
executable location = /usr/local/bin/ansible
python version = 3.6.9 (default, Oct 8 2020, 12:12:24) [GCC 8.4.0]
使用的库存文件
[kubernetescluster]
kubernetes_node1 ansible_host=192.168.10.9
kubernetes_node2 ansible_host=192.168.10.10
kubernetes_node3 ansible_host=192.168.10.11
[kubernetescluster:vars]
ansible_python_interpreter=/usr/bin/python3
ansible_user=root
欢迎就如何解决此问题提出想法
解决方案
推荐阅读
- python - Discord.py|用 id 替换频道
- javascript - 弹出模式关闭后如何从正文中删除css?
- node.js - 在 Sequelize 中为同一模型引用多个外键属性时出错
- json - 验证发送到 API 的表单数据?
- python - 用条件填充熊猫列
- r - 我需要什么样的功能来避免在 R studio 中重复动作?
- docker - Kubernetes “RETAIN” PV 没有在重启时自动挂载
- vba - Range.Offset 变成了 Double
- python - 在字符串中使用变量(Python)
- apache-flink - 为什么我的 flink 程序没有加入两个流?