没有为远程脚本执行设置远程tmp目录 [英] remote tmp directory not set for ansible script execution
问题描述
我需要在远程服务器上安装二进制文件.以下是我正在执行的任务列表.
I need to install binary on remote servers. Following are the list of tasks that i am performing.
- 复制/scp二进制文件到远程服务器
- 以静默方式运行安装程序
第1步将二进制文件复制到远程主机上的/tmp ,/tmp 的空间非常小,一旦/tmp 已满.我了解默认情况下,ansible脚本/文件将被复制到/tmp 目录,一旦活动完成,它将被删除.由于/tmp 非常低,我需要使用用户目录来复制二进制文件.
Step #1 is copying binaries to /tmp, on remote hosts /tmp has very less space and scp is failing once the /tmp is full. I understood that by default ansible scripts/files will be copied to /tmp directory, once the activity is done it will be removed. Since /tmp is very low i need to use user directory to copy the binaries.
下面是 ansible.cfg :
remote_user = testaccount
host_key_checking = False
scp_if_ssh=True
remote_tmp = $HOME/.ansible/tmp
以下是剧本:
- name: deploy binaries
hosts: test
strategy: free
become_method: 'sudo'
tasks:
- name: transfer
copy: src=./files/weblogic.jar dest=$HOME mode=0777
register: transfer
- debug: var=transfer.stdout
剧本执行:
ansible-playbook --inventory="hosts" --ask-pass --ask-become-pass --extra-vars="ansible_ssh_user=<unixaccount>" copybinaries.yml
即使使用上述配置,二进制文件也不会复制到用户主目录,但我必须确保具有 $ HOME/.ansible/tmp 目录,甚至使用硬编码,如/home/testaccount/.ansbile/tmp .
Even with above config the binaries are not copied to user home, I have make sure to have $HOME/.ansible/tmp directory and even hard coded like /home/testaccount/.ansbile/tmp.
是否需要在 ansible.cfg 中覆盖其他任何配置?
Any other configs needs to be overridden in ansible.cfg?
推荐答案
尽管您仍未包含连贯的 MCVE ,但我猜猜:
Although you still have not included a coherent MCVE, I guess:
-
您正在使用成为非特权用户选项运行任务;
either you are running the task with become-an-unprivileged-user option;
或您的清单文件,配置文件,执行调用和剧本包含不必要和矛盾的设置,使Ansible或多或少地不确定地运行.
or your inventory file, configuration file, the execution call, and the playbook contain unnecessary and contradictory settings making Ansible run in a more or less nondeterministic way.
Ansible将系统临时目录用于以其他用户身份运行的任务.此行确定这一点.
Ansible uses the system temp directory for tasks being run as a different user. This line determines this.
对于此类任务,您只能指定/tmp (默认)或/var/tmp 的子目录(使用 remote_tmp ).请参阅评论在Ansible代码中:
You can only specify /tmp (default) or a subdirectory of /var/tmp for such tasks (with remote_tmp). See the comment in the Ansible code:
# When system is specified we have to create this in a directory where
# other users can read and access the temp directory. This is because
# we use system to create tmp dirs for unprivileged users who are
# sudo'ing to a second unprivileged user. The only dirctories where
# that is standard are the tmp dirs, /tmp and /var/tmp. So we only
# allow one of those two locations if system=True. However, users
# might want to have some say over which of /tmp or /var/tmp is used
# (because /tmp may be a tmpfs and want to conserve RAM or persist the
# tmp files beyond a reboot. So we check if the user set REMOTE_TMP
# to somewhere in or below /var/tmp and if so use /var/tmp. If
# anything else we use /tmp (because /tmp is specified by POSIX nad
# /var/tmp is not).
这篇关于没有为远程脚本执行设置远程tmp目录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
