我在用Ansible+流浪汉创建我的基础设施或进行一些我想要的模拟。它安装 postgres 并创建一个 ssh 目录来存储每个主机的不同密钥。
这是我的项目结构:
.
├── ansible.cfg
├── cluster_hosts
├── group_vars
│ ├── host_master
│ ├── host_pgpool
│ ├── host_slave1
│ └── postgresql
├── roles
│ ├── postgresql
│ │ ├── files
│ │ ├── handlers
│ │ └── tasks
│ │ └── main.yml
│ └── ssh_agent
│ └── tasks
│ └── main.yml
└── site.yml
它是集群主机宣言:
host_master ansible_ssh_host=192.168.1.10 ansible_ssh_user=vagrant ansible_ssh_pass=vagrant
host_slave1 ansible_ssh_host=192.168.1.11 ansible_ssh_user=vagrant ansible_ssh_pass=vagrant
host_slave2 ansible_ssh_host=192.168.1.12 ansible_ssh_user=vagrant ansible_ssh_pass=vagrant
host_pgpool ansible_ssh_host=192.168.1.13 ansible_ssh_user=vagrant ansible_ssh_pass=vagrant
[ssh]
host_master
host_pgpool
host_slave1
[pg_pool]
host_pgpool
[database]
host_master
host_pgpool
host_slave1
host_slave2
这是我的 group_vars 文件:
主机
known_hosts:
- 192.168.1.11
- 192.168.1.12
主机名
known_hosts:
- 192.168.1.11
- 192.168.1.12
主机_从机1
known_hosts:
- 192.168.1.12
这是我的站点配置文件:
---
# The main playbook to deploy the cluster
# setup database
- hosts: database
sudo: True
tags:
- setup_db
roles:
- postgresql
# setup ssh
- hosts: all
sudo: True
tags:
- setup_ssh
roles:
- ssh_agent
这是ssh_agent 角色:
---
- name: Install sshpass
apt: name={{ item }} state=present
with_items:
- sshpass
- rsync
- name: Create ssh directory
sudo_user: postgres
command: mkdir -p /var/lib/postgresql/.ssh/ creates=/var/lib/postgresql/.ssh/
- name: Generate known hosts
sudo_user: postgres
shell: ssh-keyscan -t rsa {{ item }} >> /var/lib/postgresql/.ssh/known_hosts
with_items:
- "{{ known_hosts }}"
- name: Generate id_rsa key
sudo_user: postgres
command: ssh-keygen -t rsa -N "" -C "" -f /var/lib/postgresql/.ssh/id_rsa
- name: Add authorized_keys
command: sshpass -p postgres ssh-copy-id -i /var/lib/postgresql/.ssh/id_rsa.pub postgres@{{ item }}
sudo_user: postgres
with_items:
- "{{ known_hosts }}"
- name: Owner postgresql
command: chown postgres:postgres /var/lib/postgresql/.ssh/ -R
好的,现在当我运行:
ansible-playbook -i cluster_hosts site.yml --tags setup_ssh
我收到一个错误生成已知主机任务 :
PLAY [all] ********************************************************************
GATHERING FACTS ***************************************************************
ok: [host_pgpool]
ok: [host_slave2]
ok: [host_slave1]
ok: [host_master]
TASK: [ssh_agent | Install sshpass] *******************************************
ok: [host_slave1] => (item=sshpass,rsync)
ok: [host_master] => (item=sshpass,rsync)
ok: [host_pgpool] => (item=sshpass,rsync)
ok: [host_slave2] => (item=sshpass,rsync)
TASK: [ssh_agent | Create ssh directory] **************************************
skipping: [host_master]
skipping: [host_slave2]
skipping: [host_slave1]
skipping: [host_pgpool]
TASK: [ssh_agent | Generate known hosts] **************************************
fatal: [host_slave1] => One or more undefined variables: 'known_hosts' is undefined
fatal: [host_master] => One or more undefined variables: 'known_hosts' is undefined
fatal: [host_slave2] => One or more undefined variables: 'known_hosts' is undefined
fatal: [host_pgpool] => One or more undefined variables: 'known_hosts' is undefined
FATAL: all hosts have already failed -- aborting
PLAY RECAP ********************************************************************
to retry, use: --limit @/home/robe/site.retry
host_master : ok=2 changed=0 unreachable=1 failed=0
host_pgpool : ok=2 changed=0 unreachable=1 failed=0
host_slave1 : ok=2 changed=0 unreachable=1 failed=0
host_slave2 : ok=2 changed=0 unreachable=1 failed=0
我不明白为什么会出现这个错误?如果每个变量都在group_vars(host_master,host_pgpool,host_slave1)中声明。
我的 yml 语法错误吗?我想这可能是问题所在,但我发现它对我来说是正确的?
答案1
默认情况下,ansible 不会读取 中的所有文件group_vars/;它只读取group_vars/all(或group_vars/all.yml;顺便说一句,我发现将扩展名添加到 vars 文件更方便)。您需要告诉它读取您想要在 中.yml使用的文件,如下所示:vars_filessite.yml
- hosts: database
sudo: True
tags:
- setup_db
roles:
- postgresql
vars_files:
- group_vars/host_master