gpt4 book ai didi

ansible - 使用脚本模块引导 ansible 先决条件。需要Python吗?

转载 作者:行者123 更新时间:2023-12-02 16:01:55 27 4
gpt4 key购买 nike

目标:给定一个没有安装 python 的 Debian 服务器(以及其他一些缺少 ansible 先决条件),使用 ansible 来安装它们,这样我就可以使用普通的 ansible 模块(几乎所有模块都需要 python)来配置服务器。

根据the ansible documentation for the "script" module ,“这个模块不需要远程系统上的Python,就像原始模块一样。”。然而,根据我的测试,脚本模块似乎确实尝试在远程系统上运行 python,至少在 sudo 选项为 true 的情况下是如此。我相信只要我不启用 ansible 的 sudo 选项,我就可以让它与脚本模块一起使用,但是我需要我的远程用户在没有密码提示的情况下拥有 sudo 权限,或者我的脚本是只是挂起等待交互式输入 sudo 密码。

所以我的问题是:A)“脚本”模块是怎么回事。远程系统上是否需要 python?

和 B) 有没有更好的方法来实现我的更大目标,即完全自动化部署,在使用 ansible 本身之前无需任何手动步骤?

这是我的 ansible-playbook -vvv 输出,它清楚地显示它正在远程系统上运行 /usr/bin/python,并且那里没有文件,因为python 尚未安装。

TASK: [install ansible prerequisites]
***************************************** <10.9.8.31> ESTABLISH
CONNECTION FOR USER: plyons <10.9.8.31> EXEC ['ssh', '-C', '-tt',
'-q', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s',
'-o', 'ControlPath=/Users/plyons/.ansible/cp/ansible-
ssh-%h-%p-%r', '-o', 'StrictHostKeyChecking=no', '-o',
'KbdInteractiveAuthentication=no', '-o', 'PreferredAuthentications
=gssapi-with-mic,gssapi-keyex,hostbased,publickey', '-o',
'PasswordAuthentication=no', '-o', 'ConnectTimeout=10',
'10.9.8.31', "/bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-
tmp-1396233547.35-182235573044157 && chmod a+rx $HOME/.ansible/tmp
/ansible-tmp-1396233547.35-182235573044157 && echo
$HOME/.ansible/tmp/ansible-tmp-1396233547.35-182235573044157'"]
<10.9.8.31> PUT
/var/folders/n4/8skjkv9s5hbc4t5r0tr0xrk80000gn/T/tmpT1Vh6e TO
/home/plyons/.ansible/tmp/ansible-
tmp-1396233547.35-182235573044157/stat <10.9.8.31> EXEC ['ssh',
'-C', '-tt', '-q', '-o', 'ControlMaster=auto', '-o',
'ControlPersist=60s', '-o', 'ControlPath=/Users/plyons/.ansible/cp
/ansible-ssh-%h-%p-%r', '-o', 'StrictHostKeyChecking=no', '-o',
'KbdInteractiveAuthentication=no', '-o', 'PreferredAuthentications
=gssapi-with-mic,gssapi-keyex,hostbased,publickey', '-o',
'PasswordAuthentication=no', '-o', 'ConnectTimeout=10',
'10.9.8.31', '/bin/sh -c \'sudo -k && sudo -H -S -p "[sudo via
ansible, key=hyplatqjmvybpfqtukjegkibbuyrnoqj] password: " -u root
/bin/sh -c \'"\'"\'echo SUDO-SUCCESS-
hyplatqjmvybpfqtukjegkibbuyrnoqj; /usr/bin/python
/home/plyons/.ansible/tmp/ansible-
tmp-1396233547.35-182235573044157/stat\'"\'"\'\'']

这是我的剧本任务:

tasks:
-
name: install ansible prerequisites
script: ansible_prereqs.sh creates=/root/.ansible_prereqs_installed

还有 ansible_prereqs.sh 脚本:

#!/bin/sh
#install ansible prereqs manually or all apt-based ansible commands will fail
# http://euphonious-intuition.com/2013/01/bootstrapping-a-cluster-with-ansible-debian-6-and-oracle-java-7/
apt-get update
apt-get install -y python python-apt python-pycurl sshpass
touch /root/.ansible_prereqs_installed

最佳答案

好吧,进一步的测试让我明白 @DomaNitro 是正确的,因为它不是 script 模块本身需要 python,而是 creates 选项特别是,因为它使用 stat python 脚本。

但是,事情似乎仍然工作正常,因为在 creates 标记文件的初始检查中,ansible 会这样做:/usr/bin/python/home/plyons/.ansible/tmp/ansible-tmp-1396271950.37-134911276396535/stat,这会失败,因为 /usr/bin/python 不存在,但这没关系,因为我们希望脚本无论如何都能运行。

一旦我的 ansible_prereqs.sh 脚本运行,ansible 的 stat 模块将开始工作,因为 /usr/bin/python 现已安装,所以随后的重新运行将看到标记文件存在并绕过脚本。

所以我不需要在 shell 脚本代码中实现 creates 逻辑。这是我的最终工作手册:

---
-
hosts: all
gather_facts: no
sudo: yes
tasks:
-
name: install ansible prerequisites
script: ansible_prereqs.sh creates=/root/.ansible_prereqs_installed

这是它运行的脚本ansible_prereqs.sh:

#!/bin/bash
set -e
apt-get -qq update
apt-get -qq --yes install python python-apt python-pycurl sshpass
touch /root/.ansible_prereqs_installed

这是一些添加了解释性注释的 ansible-playbook -vvv 输出。

<10.9.8.31> ESTABLISH CONNECTION FOR USER: plyons

#Not sure exactly what this does, but presumably some basic
#bootstrap sanity checking
<10.9.8.31> EXEC ['ssh', '-C', '-tt',
'-q', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o',
'ControlPath=/Users/plyons/.ansible/cp/ansible-ssh-%h-%p-%r', '-o',
'StrictHostKeyChecking=no', '-o', 'KbdInteractiveAuthentication=no',
'-o', 'PreferredAuthentications=gssapi-with-mic,gssapi-
keyex,hostbased,publickey', '-o', 'PasswordAuthentication=no', '-o',
'ConnectTimeout=10', '10.9.8.31', "/bin/sh -c 'mkdir -p
$HOME/.ansible/tmp/ansible-tmp-1396273094.39-170062058638174 && chmod
a+rx $HOME/.ansible/tmp/ansible-tmp-1396273094.39-170062058638174 &&
echo $HOME/.ansible/tmp/ansible-tmp-1396273094.39-170062058638174'"]

#OK the "creates" option causes ansible to upload the "stat"
#python program
<10.9.8.31> PUT
/var/folders/n4/8skjkv9s5hbc4t5r0tr0xrk80000gn/T/tmp5CVz6i TO
/home/plyons/.ansible/tmp/ansible-
tmp-1396273094.39-170062058638174/stat

#Then ansible attempts to run it with /usr/bin/python
#This fails but ansible seems to proceed anyway, which is OK
<10.9.8.31> EXEC ['ssh', '-C', '-tt', '-q', '-o', 'ControlMaster=auto', '-o',
'ControlPersist=60s', '-o', 'ControlPath=/Users/plyons/.ansible/cp
/ansible-ssh-%h-%p-%r', '-o', 'StrictHostKeyChecking=no', '-o',
'KbdInteractiveAuthentication=no', '-o', 'PreferredAuthentications
=gssapi-with-mic,gssapi-keyex,hostbased,publickey', '-o',
'PasswordAuthentication=no', '-o', 'ConnectTimeout=10', '10.9.8.31',
'/bin/sh -c \'sudo -k && sudo -H -S -p "[sudo via ansible,
key=llljvkxiztigvqonzohgzwwekusxtprk] password: " -u root /bin/sh -c
\'"\'"\'echo SUDO-SUCCESS-llljvkxiztigvqonzohgzwwekusxtprk;
/usr/bin/python /home/plyons/.ansible/tmp/ansible-
tmp-1396273094.39-170062058638174/stat\'"\'"\'\'']

#Now ansible uploads my script
<10.9.8.31> PUT
/Users/plyons/projects/redacted/deploy/ansible_prereqs.sh
TO /home/plyons/.ansible/tmp/ansible-tmp-1396273094.39-170062058638174/ansible_prereqs.sh

#Then it marks it executable
<10.9.8.31> EXEC ['ssh', '-C',
'-tt', '-q', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s',
'-o', 'ControlPath=/Users/plyons/.ansible/cp/ansible-ssh-%h-%p-%r',
'-o', 'StrictHostKeyChecking=no', '-o',
'KbdInteractiveAuthentication=no', '-o', 'PreferredAuthentications
=gssapi-with-mic,gssapi-keyex,hostbased,publickey', '-o',
'PasswordAuthentication=no', '-o', 'ConnectTimeout=10', '10.9.8.31',
u'/bin/sh -c \'sudo -k && sudo -H -S -p "[sudo via ansible,
key=cgmwlvtjoxuighdqujwmmpvioiumveac] password: " -u root /bin/sh -c
\'"\'"\'echo SUDO-SUCCESS-cgmwlvtjoxuighdqujwmmpvioiumveac; chmod +rx
/home/plyons/.ansible/tmp/ansible-
tmp-1396273094.39-170062058638174/ansible_prereqs.sh\'"\'"\'\'']

#Then it runs it
<10.9.8.31> EXEC ['ssh', '-C', '-tt', '-q', '-o',
'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o',
'ControlPath=/Users/plyons/.ansible/cp/ansible-ssh-%h-%p-%r', '-o',
'StrictHostKeyChecking=no', '-o', 'KbdInteractiveAuthentication=no',
'-o', 'PreferredAuthentications=gssapi-with-mic,gssapi-
keyex,hostbased,publickey', '-o', 'PasswordAuthentication=no', '-o',
'ConnectTimeout=10', '10.9.8.31', u'/bin/sh -c \'sudo -k && sudo -H -S
-p "[sudo via ansible, key=cqqswbszbeabpclraxsxwzzatbolgmgf] password:
" -u root $SHELL -c \'"\'"\'echo SUDO-SUCCESS-
cqqswbszbeabpclraxsxwzzatbolgmgf; /home/plyons/.ansible/tmp/ansible-
tmp-1396273094.39-170062058638174/ansible_prereqs.sh \'"\'"\'\'']

#Then it deletes it
<10.9.8.31> EXEC ['ssh', '-C', '-tt',
'-q', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o',
'ControlPath=/Users/plyons/.ansible/cp/ansible-ssh-%h-%p-%r', '-o',
'StrictHostKeyChecking=no', '-o', 'KbdInteractiveAuthentication=no',
'-o', 'PreferredAuthentications=gssapi-with-mic,gssapi-
keyex,hostbased,publickey', '-o', 'PasswordAuthentication=no', '-o',
'ConnectTimeout=10', '10.9.8.31', "/bin/sh -c 'rm -rf
/home/plyons/.ansible/tmp/ansible-tmp-1396273094.39-170062058638174/
>/dev/null 2>&1'"]

关于ansible - 使用脚本模块引导 ansible 先决条件。需要Python吗?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/22753081/

27 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com