我正在尝试使用aurthorized_key ansible模块将我的Jump ec2实例公共密钥(id_rsa.pub)插入其他3个远程服务器的自动密钥文件中,以便我登录到它们。但我一直收到此错误:
WARNING]: Unable to find '/home/ec2-user/.ssh/id_rsa.pub' in expected paths (use -vvvvv to see paths)
[WARNING]: Unable to find '/home/ec2-user/.ssh/id_rsa.pub' in expected paths (use -vvvvv to see paths)
fatal: [dev]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'file'. Error was a <class 'ansible.errors.AnsibleError'>, original message: could not locate file in lookup: /home/ec2-user/.ssh/id_rsa.pub"}
fatal: [prod]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'file'. Error was a <class 'ansible.errors.AnsibleError'>, original message: could not locate file in lookup: /home/ec2-user/.ssh/id_rsa.pub"}
[WARNING]: Unable to find '/home/ec2-user/.ssh/id_rsa.pub' in expected paths (use -vvvvv to see paths)
fatal: [jenkins]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'file'. Error was a <class 'ansible.errors.AnsibleError'>, original message: could not locate file in lookup: /home/ec2-user/.ssh/id_rsa.pub"}
[WARNING]: Unable to find '/home/ec2-user/.ssh/id_rsa.pub' in expected paths (use -vvvvv to see paths)
fatal: [jump]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'file'. Error was a <class 'ansible.errors.AnsibleError'>, original message: could not locate file in lookup: /home/ec2-user/.ssh/id_rsa.pub"}
这是我的烦人的剧本:
tasks:
- name: Set hostname
hostname:
name: "{{inventory_hostname}}"
- openssh_keypair:
path: /home/ec2-user/.ssh/id_rsa.pub
when: inventory_hostname == 'jump'
- name: Fetching file to install ssh keys
fetch:
src: /home/ec2-user/.ssh/id_rsa.pub
dest: /tmp/id_rsa.pub
- name: Set authorized key taken from file
authorized_key:
user: jump
state: present
key: "{{ lookup('file', '/home/ec2-user/.ssh/id_rsa.pub') }}"
这期望/home/ec2-user/.ssh/id_rsa.pub
位于具有当前用户可读权限的本地计算机(正在运行ansible的计算机上。)>
似乎主机名称为“ jump”的情况下您有第一个任务的条件,然后继续假设该文件已存在用于其他任务。
确认以下内容:
jump
以外的所有主机名在路径/home/ec2-user/.ssh/id_rsa.pub
中都有一个发布密钥。jump
。也作为建议,如果您一直在生成此内容,但是应该是相同的密钥,则可以考虑将内容安全地存储在Ansible Vault中
- openssh_keypair:
path: /home/ec2-user/.ssh/id_rsa
when: inventory_hostname == 'jump'
- name: Fetching file to install ssh keys
fetch:
src: /home/ec2-user/.ssh/id_rsa.pub
dest: /tmp/id_rsa.pub
flat: yes
when: inventory_hostname == 'jump'
- name: Set authorized key taken from file
authorized_key:
user: ec2-user
state: present
key: "{{ lookup('file', '/tmp/id_rsa.pub') }}"