在剧本中使用保管库 [英] Using vault in playbooks
本文介绍了在剧本中使用保管库的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
您好,我正在尝试使用 Vault 运行以下剧本,但我似乎无法让它工作.
Hello I am trying to run the following playbook using the vault, but i can't seem to get it to work.
使用以下方法创建 ansible Vault 文件:
Created an ansible vault file using:
ansible-valut create group_vars/routers
在那里我有以下条目:
ansible_ssh_user: admin
ansible_ssh_pw: admin
auth_pass: admin
然后我有以下剧本:
---
- hosts:routers
gather_facts: true
connection: local
tasks:
- name: show run
ios_command:
authorize: yes
auth_pass: "{{ auth_pass }}"
commands:
- show run
register: config
当我尝试使用此 cli 命令运行它时
When i try to run it using this cli command
ansible-playbook -u admin script.yaml --ask-vault-pass
我每次都收到以下错误
Unable to elevate privelage to enable mode, at prompt [None] with error: timeout value 10 seconds reached while trying to send command: enable
更新
如果我将连接更改为 network_cli,现在我收到以下错误:
UPDATE
If i change the connection to network_cli, now i get the following error:
fatal: [ROUTER-A]: Failed! => {"changed": false, "msg": "show run\r\n ^\r\n% Invalid input detected at '^' marker.\r\n\rROUTER-A>"}
推荐答案
请参阅下面的最小示例.文件中要加密的文本是
See minimal example below. Text to be encrypted in the file is
shell> cat group_vars/routers
test: "TEST VARIABLE"
shell> set | grep VAULT
ANSIBLE_VAULT_PASSWORD_FILE=/home/admin/.vault_pass.txt
shell> ls -1
ansible.cfg
group_vars
hosts
test.yml
shell> cat ansible.cfg
[defaults]
inventory = $PWD/hosts
shell> cat hosts
localhost
[routers]
localhost
shell> ansible-vault create group_vars/routers
shell> cat group_vars/routers
$ANSIBLE_VAULT;1.1;AES256
3733 ...
shell> cat test.yml
- hosts: routers
tasks:
- debug: var=test
shell> ansible-playbook test.yml
PLAY [routers]
TASK [Gathering Facts]
ok: [localhost]
TASK [debug]
ok: [localhost] => {
"test": "TEST VARIABLE"
}
PLAY RECAP
localhost: ok=2 changed=0 unreachable=0 failed=0
这篇关于在剧本中使用保管库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
