我大胆地使用 Ansible 部署 OpenStack。最后阶段是输入命令,但我遇到了 ssh 错误。这似乎是为 OpenStack 分叉或定制的 ansible。过去,使用“ssh-copy-id”和正确的 cfg,一切立即生效。(注意:出于测试目的,允许 root 登录)
os@7:/opt/openstack-ansible/playbooks$ sudo openstack-ansible setup-hosts.yml -vvvv
Variable files: "-e @/etc/openstack_deploy/user_group_vars.yml -e @/etc/openstack_deploy/user_secrets.yml -e @/etc/openstack_deploy/user_variables.yml "
PLAY [Basic host setup] *******************************************************
GATHERING FACTS ***************************************************************
<172.27.255.84> ESTABLISH CONNECTION FOR USER: root
<10.4.1.113> ESTABLISH CONNECTION FOR USER: root
<172.27.255.84> REMOTE_MODULE setup
<172.27.255.93> ESTABLISH CONNECTION FOR USER: root
<10.4.1.113> REMOTE_MODULE setup
<172.27.255.91> ESTABLISH CONNECTION FOR USER: root
<172.27.255.164> ESTABLISH CONNECTION FOR USER: root
<172.27.255.93> REMOTE_MODULE setup
<172.27.255.91> REMOTE_MODULE setup
<172.27.255.164> REMOTE_MODULE setup
<172.27.255.84> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 172.27.255.84 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671499.99-38377904647735 && echo $HOME/.ansible/tmp/ansible-tmp-1458671499.99-38377904647735'
<10.4.1.113> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 10.4.1.113 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671499.99-28043973332190 && echo $HOME/.ansible/tmp/ansible-tmp-1458671499.99-28043973332190'
<172.27.255.93> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 172.27.255.93 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671499.99-247742941146890 && echo $HOME/.ansible/tmp/ansible-tmp-1458671499.99-247742941146890'
<172.27.255.91> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 172.27.255.91 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671499.99-239068187999404 && echo $HOME/.ansible/tmp/ansible-tmp-1458671499.99-239068187999404'
<172.27.255.164> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 172.27.255.164 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671499.99-253354461562706 && echo $HOME/.ansible/tmp/ansible-tmp-1458671499.99-253354461562706'
fatal: [infra1] => SSH Error: Permission denied (publickey,password).
while connecting to 172.27.255.84:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
<172.27.255.164> ESTABLISH CONNECTION FOR USER: root
fatal: [900089-compute001] => SSH Error: Permission denied (publickey,password).
while connecting to 172.27.255.164:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
<172.27.255.164> REMOTE_MODULE setup
fatal: [storage1] => SSH Error: Permission denied (publickey,password).
while connecting to 10.4.1.113:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
<172.27.255.164> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 172.27.255.164 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671500.08-121316397320847 && echo $HOME/.ansible/tmp/ansible-tmp-1458671500.08-121316397320847'
fatal: [infra3] => SSH Error: Permission denied (publickey,password).
while connecting to 172.27.255.93:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
fatal: [infra2] => SSH Error: Permission denied (publickey,password).
while connecting to 172.27.255.91:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
fatal: [compute1] => SSH Error: Permission denied (publickey,password).
while connecting to 172.27.255.164:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
TASK: [apt_package_pinning | Add apt pin preferences] *************************
FATAL: no hosts matched or all hosts have already failed -- aborting
PLAY RECAP ********************************************************************
to retry, use: --limit @/home/os/setup-hosts.retry
900089-compute001 : ok=0 changed=0 unreachable=1 failed=0
compute1 : ok=0 changed=0 unreachable=1 failed=0
infra1 : ok=0 changed=0 unreachable=1 failed=0
infra2 : ok=0 changed=0 unreachable=1 failed=0
infra3 : ok=0 changed=0 unreachable=1 failed=0
storage1 : ok=0 changed=0 unreachable=1 failed=0
os@7:/opt/openstack-ansible/playbooks$
如您所见,“ssh os@ip”直接起作用。
root@7:/etc/openstack_deploy# ssh [email protected]
Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.19.0-47-generic x86_64)
* Documentation: https://help.ubuntu.com/
root@13:~#
root@13:~# exit
logout
Connection to 172.27.255.164 closed.
root@7:/etc/openstack_deploy#
但只有通过“ansible”才会失败。
这是版本#
$ openstack-ansible --version
Variable files: "-e @/etc/openstack_deploy/user_group_vars.yml -e @/etc/openstack_deploy/user_secrets.yml -e @/etc/openstack_deploy/user_variables.yml "
ansible-playbook 1.9.4
configured module search path = /etc/ansible/plugins/library
以及 playbooks 提取的 cfg
[defaults]
# Additional plugins
lookup_plugins = /etc/ansible/plugins/lookup
filter_plugins = /etc/ansible/plugins/filter
action_plugins = /etc/ansible/plugins/action
library = /etc/ansible/plugins/library
transport = smart
remote_port = 22
#ask_sudo_pass = True
# Fact caching
gathering = smart
fact_caching = jsonfile
fact_caching_connection = /etc/openstack_deploy/ansible_facts
fact_caching_timeout = 86400
inventory = inventory
#host_key_checking = False
# Set color options
nocolor = 0
# SSH timeout
timeout = 120
private_key_file = ~/.ssh/id_rsa
[ssh_connection]
#pipelining = True
答案1
看来您的清单未使用 root 权限id_rsa,而是使用位于的权限,/home/os/.ssh/id_rsa因此当 ansible 尝试连接您的主机时,这是不允许的。尝试通过引用正确的权限来更改清单id_rsa。
另外,https://www.rdoproject.org它允许您在 OpenStack 上部署 OpenStack,也称为 TripleO,它是一个使用 Ansible 的 bash 脚本。使用它在一小时内设置了我的堆栈。