如何在远程主机上执行ansible序列化命令? [英] How ansible serialise commands to execute on remote host?
问题描述
在目标主机上没有代理的情况下,Ansible能够执行诸如添加用户(-m用户)之类的任务.
Without an agent on target host, Ansible is able to perform tasks like for example: adding a user(-m user).
要了解这一点,我阅读了文章,其中说:
To understand this, I read this article, which says:
"Ansible通过连接到节点并向其推出小程序来工作.这些小程序被称为"Ansible模块".这些程序被编写为系统所需状态的资源模型."
"Ansible works by connecting to your nodes and pushing out small programs, called "Ansible modules" to them. These programs are written to be resource models of the desired state of the system."
要理解这一点,我的解释是, user 模块是位于控制服务器中的python模块,并且在运行 ansible 命令后,此模块已通过有线方式串行化到目标主机使用 -m用户选项.
To understand this point, my interpretation is, user module is python module located in control server and this module is serialized on wire to target host, after running ansible command with -m user option.
ansible 是否通过ssh序列化这些程序( user 源代码)?在远程主机上执行...
Does ansible serialize these programs(user source code) via ssh? to execute on remote host...
此序列化是否涉及ssh代理转发技术?
Does this serialization involves ssh agent forwarding technique?
推荐答案
当ansible在您的剧本中执行模块时,它将需要运行的代码与遇到的参数序列化为名为< local的本地python文件.用户home>/.ansible/tmp/ansible-local-< current-run-hash>/tmp< some-other-hash> .
When ansible executes a module in your playbook, it serializes the code it needs to run with the encountered parameters into a local python files named <local user home>/.ansible/tmp/ansible-local-<current-run-hash>/tmp<some-other-hash>.
此文件通过< remote_user主目录dir>/.ansible/tmp/ansible-tmp-< current-run-hashed-id>/AnsiballZ_< module_name> .py 上传到远程主机.使用此主机的声明连接(ssh,docker,本地...).
This file is uploaded to the remote host in <remote_user home dir>/.ansible/tmp/ansible-tmp-<current-run-hashed-id>/AnsiballZ_<module_name>.py using the declared connection for this host (ssh, docker, local...).
通过该连接在远程主机上执行python文件,将结果取回本地计算机并清除该文件.
The python file is executed on the remote host through that connection, result is fetched back to the local machine and the file is cleaned-up.
使用 ansible-playbook (或 ansible )的 -vvv 选项,您可以确切地看到所有这些操作的执行方式(如果您要发送广告,-hoc命令).这是运行 stat 的示例>针对本地计算机上的Docker主机的模块.
You can see exactly how all this is executed using the -vvv option to ansible-playbook (or ansible if you are sending ad-hoc commands). Here is an example of running the stat module against a docker host on my local machine.
任务:
- name: Check if SystemD service is installed
stat:
path: /etc/systemd/system/nexus.service
register: nexus_systemd_service_file
使用 -vvv 运行.复制到远程的文件从第7行开始.
Running with -vvv. The file copy to remote starts at line 7.
TASK [nexus3-oss : Check if SystemD service is installed] **********************
task path: /projects/ansible/nexus3-oss/tasks/main.yml:13
<nexus3-oss-debian-stretch> ESTABLISH DOCKER CONNECTION FOR USER: root
<nexus3-oss-debian-stretch> EXEC ['/usr/bin/docker', b'exec', b'-i', 'nexus3-oss-debian-stretch', '/bin/sh', '-c', "/bin/sh -c 'echo ~ && sleep 0'"]
<nexus3-oss-debian-stretch> EXEC ['/usr/bin/docker', b'exec', b'-i', 'nexus3-oss-debian-stretch', '/bin/sh', '-c', '/bin/sh -c \'( umask 77 && mkdir -p "` echo /home/deployuser/.ansible/tmp/ansible-tmp-1555848182.1761565-31974482443721 `" && echo ansible-tmp-1555848182.1761565-31974482443721="` echo /deployuser/.ansible/tmp/ansible-tmp-1555848182.1761565-31974482443721 `" ) && sleep 0\'']
Using module file /home/localuser/.local/lib/python3.6/site-packages/ansible/modules/files/stat.py
<nexus3-oss-debian-stretch> PUT /home/localuser/.ansible/tmp/ansible-local-30458wt820190/tmpq2vjarrv TO /home/deployuser/.ansible/tmp/ansible-tmp-1555848182.1761565-31974482443721/AnsiballZ_stat.py
<nexus3-oss-debian-stretch> EXEC ['/usr/bin/docker', b'exec', b'-i', 'nexus3-oss-debian-stretch', '/bin/sh', '-c', "/bin/sh -c 'chmod u+x /home/deployuser/.ansible/tmp/ansible-tmp-1555848182.1761565-31974482443721/ /home/deployuser/.ansible/tmp/ansible-tmp-1555848182.1761565-31974482443721/AnsiballZ_stat.py && sleep 0'"]
<nexus3-oss-debian-stretch> EXEC ['/usr/bin/docker', b'exec', b'-i', 'nexus3-oss-debian-stretch', '/bin/sh', '-c', '/bin/sh -c \'http_proxy=\'"\'"\'\'"\'"\' https_proxy=\'"\'"\'\'"\'"\' no_proxy=\'"\'"\'\'"\'"\' /usr/bin/python /home/deployuser/.ansible/tmp/ansible-tmp-1555848182.1761565-31974482443721/AnsiballZ_stat.py && sleep 0\'']
<nexus3-oss-debian-stretch> EXEC ['/usr/bin/docker', b'exec', b'-i', 'nexus3-oss-debian-stretch', '/bin/sh', '-c', "/bin/sh -c 'rm -f -r /home/deployuser/.ansible/tmp/ansible-tmp-1555848182.1761565-31974482443721/ > /dev/null 2>&1 && sleep 0'"]
ok: [nexus3-oss-debian-stretch] => {
"changed": false,
"invocation": {
"module_args": {
"checksum_algorithm": "sha1",
"follow": false,
"get_attributes": true,
"get_checksum": true,
"get_md5": null,
"get_mime": true,
"path": "/etc/systemd/system/nexus.service"
}
},
"stat": {
"atime": 1555848116.0796735,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "f1de2c2bc91adc019e58f83a29c970d1d79d5cc9",
"ctime": 1553622777.8884165,
"dev": 77,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 22997,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0644",
"mtime": 1553622777.3485653,
"nlink": 1,
"path": "/etc/systemd/system/nexus.service",
"pw_name": "root",
"readable": true,
"rgrp": true,
"roth": true,
"rusr": true,
"size": 248,
"uid": 0,
"version": "687353",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
这篇关于如何在远程主机上执行ansible序列化命令?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
