我在AWS上有一台CentOS机器,我打算在其上安装httpd,这需要我们成为root用户。我使用become_method : sudo作为root工作,但我仍然无法解决它。
这是我的剧本:
---
- hosts : aws
connection : ssh
remote_user : centos
become_method : sudo
gather_facts : yes
tasks :
- name : Connect to the remote host and executing yum updates
yum : name=* state=latest
- name : Installing HTTPD Server
yum : name=httpd state=latest
- name : Deploy the static website
copy : src=../files/index.html dest=/var/www/html/index.html owner=centos group=centos mode=0655 backup=yes
- name : Restart the HTTPD Service
service: name=httpd state=restarted
- name : Wait for the HTTPD port 80 to be listening
wait_for : host=ec2-54-152-85-197.compute-1.amazonaws.com
- name : Installing WGET to test the site
yum : name=wget state=latest
- name : Test the site
shell : /usr/bin/wget http://localhost
register : site_result
- name : Display the site output results
debug : var=site_result
通过这样做,我遇到以下错误:
TASK [Connect to the remote host and executing yum updates] ********************
task path: /home/centos/Playbooks/example/example_playbook.yaml:8
Using module file /usr/lib/python2.7/site-packages/ansible-2.2.0-py2.7.egg/ansible/modules/core/packaging/os/yum.py
<ec2-54-152-85-197.compute-1.amazonaws.com> ESTABLISH SSH CONNECTION FOR USER: centos
<ec2-54-152-85-197.compute-1.amazonaws.com> SSH: EXEC ssh -q -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/home/centos/AnsibleKeyPair.pem"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=centos -o ConnectTimeout=10 -o ControlPath=/home/centos/.ansible/cp/ansible-ssh-%h-%p-%r ec2-54-152-85-197.compute-1.amazonaws.com '/bin/sh -c '"'"'/usr/bin/python && sleep 0'"'"''
fatal: [ec2-54-152-85-197.compute-1.amazonaws.com]: FAILED! => {
"changed": true,
"failed": true,
"invocation": {
"module_args": {
"conf_file": null,
"disable_gpg_check": false,
"disablerepo": null,
"enablerepo": null,
"exclude": null,
"install_repoquery": true,
"list": null,
"name": [
"*"
],
"state": "latest",
"update_cache": false,
"validate_certs": true
},
"module_name": "yum"
},
"msg": "You need to be root to perform this command.\n",
"rc": 1,
"results": [
"Loaded plugins: fastestmirror\n"
]
}
你足够接近,让Ansible升级到root你需要将become: yes添加到你的剧本中。
- hosts: aws
connection: ssh
remote_user: centos
become_method: sudo
become: yes
gather_facts: yes
tasks:
[...]
就像一个注释,你不需要明确指定:connection become_method gather_facts,它们都将默认为这些值。
编辑:
默认情况下,CentOS推出了Default: requiretty,因此你有2种方法可以修复它:
requiretty文件中注释sudoers的行pipelining在你的剧本中添加pipelinig: no