如何以正确的方式在多个服务器上运行Ansible剧本? [英] How to run Ansible playbook to multiple servers in a right way?
问题描述
可以使用ssh将软件设置到远程主机.
Ansible use ssh to setup softwares to remote hosts.
如果刚安装了一些新机器,则由于一台远程主机上没有经过授权的密钥,因此在一台主机上运行Ansible剧本将无法连接它们.
If there are some fresh machines just been installed, run Ansible playbook from one host will not connect them because of no authorized_keys on remote hosts.
如果将Ansible主机的发布密钥复制到这些目标主机,例如:
If copy the Ansible host's pub key to those target hosts like:
$ ssh user@server "echo \"`cat .ssh/id_rsa.pub`\" >> .ssh/authorized_keys"
首先应ssh登录并在每个远程主机上制作文件:
First should ssh login and make file on every remote host:
$ mkdir .ssh
$ touch .ssh/authorized_keys
这是将Ansible剧本运行到远程服务器的常用方法吗?是否存在更好的方法?
Is this the common way to run Ansible playbook to remote servers? Is there a better way exist?
推荐答案
I think it's better to do that using Ansible as well, with the authorized_key
module. For example, to authorize your key for user root
:
ansible <hosts> -m authorized_key -a "user=root state=present key=\"$(cat ~/.ssh/id_rsa.pub)\"" --ask-pass
这也可以在剧本中完成,目标用户是默认为 root
的变量:
This can be done in a playbook also, with the target user as a variable that defaults to root
:
- hosts: <NEW_HOSTS>
vars:
- username: root
tasks:
- name: Add authorized key
authorized_key:
user: "{{ username }}"
state: present
key: "{{ lookup('file', '/home/<YOUR_USER>/.ssh/id_rsa.pub') }}"
并执行:
ansible-playbook auth.yml --ask-pass -e username=<TARGET_USER>
您的用户应具有特权,如果不使用,则应成为.
Your user should have privileges, if not use became
.
这篇关于如何以正确的方式在多个服务器上运行Ansible剧本?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!