如何以正确的方式在多个服务器上运行Ansible剧本? [英] How to run Ansible playbook to multiple servers in a right way?

问题描述

可以使用ssh将软件设置到远程主机.

Ansible use ssh to setup softwares to remote hosts.

如果刚安装了一些新机器，则由于一台远程主机上没有经过授权的密钥，因此在一台主机上运行Ansible剧本将无法连接它们.

If there are some fresh machines just been installed, run Ansible playbook from one host will not connect them because of no authorized_keys on remote hosts.

如果将Ansible主机的发布密钥复制到这些目标主机，例如:

If copy the Ansible host's pub key to those target hosts like:

$ ssh user@server "echo \"`cat .ssh/id_rsa.pub`\" >> .ssh/authorized_keys"

首先应ssh登录并在每个远程主机上制作文件:

First should ssh login and make file on every remote host:

$ mkdir .ssh
$ touch .ssh/authorized_keys

这是将Ansible剧本运行到远程服务器的常用方法吗?是否存在更好的方法?

Is this the common way to run Ansible playbook to remote servers? Is there a better way exist?

推荐答案

我认为最好同时使用Ansible和

I think it's better to do that using Ansible as well, with the authorized_key module. For example, to authorize your key for user root:

ansible <hosts> -m authorized_key -a "user=root state=present key=\"$(cat ~/.ssh/id_rsa.pub)\"" --ask-pass

这也可以在剧本中完成，目标用户是默认为 root 的变量:

This can be done in a playbook also, with the target user as a variable that defaults to root:

- hosts: <NEW_HOSTS>
  vars:
  - username: root    

  tasks:
  - name: Add authorized key
    authorized_key: 
      user: "{{ username }}"
      state: present
      key: "{{ lookup('file', '/home/<YOUR_USER>/.ssh/id_rsa.pub') }}"

并执行:

ansible-playbook auth.yml --ask-pass -e username=<TARGET_USER>

您的用户应具有特权，如果不使用，则应成为.

Your user should have privileges, if not use became.

这篇关于如何以正确的方式在多个服务器上运行Ansible剧本?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！