我正在为没有配置基于密钥的身份验证的特定服务器编写剧本,我的 ansible.cfg 有
[defaults]
ask_pass = false
因为我的大部分服务器都是基于密钥的,使用相同的 ansible.cfg 在同一项目目录中编写剧本,我可以在剧本中指定 remote_user 但是当我定义
ask_pass: true
它给我错误
这是我的剧本和错误,请注意我不想传递命令行参数 --ask-pass 但我希望它为特定的剧本配置 ask_pass
---
- name: ping
hosts: all
remote_user: student
ask_pass: true
tasks:
- name: pinging
ping:
出现此错误:
$ ansible-navigator run ping.yml -m stdout
ERROR! 'ask_pass' is not a valid attribute for a Play
The error appears to be in '/home/student/playbook-manage/ping.yml': line 2, column 3, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
---
- name: ping
^ here
如果我通过从命令行传递 --ask-pass 来运行它,它将起作用,我想知道是否支持在剧本/任务级别配置它,如果是的话,正确的语法是什么
---
- name: ping
hosts: all
remote_user: student
ask_pass: true
tasks:
- name: pinging
ping:
为那些需要在
host_vars
中使用密码进行身份验证的主机设置密码,并使用 ansible-vault
. 加密包含凭据的 host_vars
例子:
## CONSIDER host1 and host4 NEED PASSWORD AUTHENTICATION.
---
all:
children:
gp1:
hosts:
host1:
gp2:
hosts:
host2:
gp3:
hosts:
host4:
host5:
...
├── host_vars
│ ├── host1
│ ├── host4
# host_vars/host1 file
---
ansible_password: 'password123'
ansible_user: student
ansible_port: 22
ansible_become_pass: "{{ ansible_password }}"
...
# host_vars/host4 file
---
ansible_password: '123546'
ansible_user: thisone
ansible_port: 222
ansible_become_pass: "{{ ansible_password }}"
...
我就是这样做的。