如何以正确的方式将 Ansible playbook 运行到多个服务器? [英] How to run Ansible playbook to multiple servers in a right way?
问题描述
Ansible 使用 ssh 将软件设置到远程主机.
Ansible use ssh to setup softwares to remote hosts.
如果刚安装了一些新机器,在一台主机上运行 Ansible playbook 将无法连接它们,因为远程主机上没有authorized_keys.
If there are some fresh machines just been installed, run Ansible playbook from one host will not connect them because of no authorized_keys on remote hosts.
如果将 Ansible 主机的 pub 密钥复制到这些目标主机,例如:
If copy the Ansible host's pub key to those target hosts like:
$ ssh user@server "echo \"`cat .ssh/id_rsa.pub`\" >> .ssh/authorized_keys"
首先应该 ssh 登录并在每个远程主机上制作文件:
First should ssh login and make file on every remote host:
$ mkdir .ssh
$ touch .ssh/authorized_keys
这是将 Ansible playbook 运行到远程服务器的常用方法吗?有没有更好的方法?
Is this the common way to run Ansible playbook to remote servers? Is there a better way exist?
推荐答案
我认为最好也使用 Ansible,使用 authorized_key
模块.例如,为用户 root
授权您的密钥:
I think it's better to do that using Ansible as well, with the authorized_key
module. For example, to authorize your key for user root
:
ansible <hosts> -m authorized_key -a "user=root state=present key=\"$(cat ~/.ssh/id_rsa.pub)\"" --ask-pass
这也可以在剧本中完成,目标用户作为默认为 root
的变量:
This can be done in a playbook also, with the target user as a variable that defaults to root
:
- hosts: <NEW_HOSTS>
vars:
- username: root
tasks:
- name: Add authorized key
authorized_key:
user: "{{ username }}"
state: present
key: "{{ lookup('file', '/home/<YOUR_USER>/.ssh/id_rsa.pub') }}"
并执行:
ansible-playbook auth.yml --ask-pass -e username=<TARGET_USER>
你的用户应该有权限,如果没有使用became
.
Your user should have privileges, if not use became
.
这篇关于如何以正确的方式将 Ansible playbook 运行到多个服务器?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!