Foreman/Katello 与 ansible

tag-icon tag-icon ssl certificate ansible foreman katello
Foreman/Katello 与 ansible

我对 foreman/katello 的 ansible 插件很着迷。

https://theforeman.org/plugins/foreman_ansible/1.x/index.html

我只是按照描述进行安装。

当我运行 ansibl-playbook 时,出现以下错误:

# ansible-playbook /etc/ansible/temp.yml
 [WARNING]: SSL verification of https://katello.domain.com disabled


PLAY [test the ansible] **********************************************************************************************************************************************************************

TASK [Gathering Facts] ***********************************************************************************************************************************************************************
ok: [katello.domain.com]

PLAY RECAP ***********************************************************************************************************************************************************************************
katello.domain.com : ok=1    changed=0    unreachable=0    failed=0

 [WARNING]: Failure using method (v2_playbook_on_stats) in callback plugin (</usr/lib/python2.7/site-packages/ansible/plugins/callback/foreman.CallbackModule object at 0x2d2b750>): [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:579)

 [WARNING]: Failure using method (v2_playbook_on_stats) in callback plugin (</usr/lib/python2.7/site-packages/ansible/plugins/callback/foreman.CallbackModule object at 0x2d82ed0>): [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:579)

我正在使用来自 comodo 的官方签名证书。

SSLCertificateFile    "/etc/pki/tls/certs/katello.domain.com.crt"
SSLCertificateKeyFile "/etc/pki/tls/private/katello.domain.com.key"
SSLCertificateChainFile "/etc/pki/tls/certs/katello.domain.com-ca.crt"

我的回调插件配置:

FOREMAN_URL = os.getenv('FOREMAN_URL', "https://katello.domain.com")
FOREMAN_SSL_CERT = (os.getenv('FOREMAN_SSL_CERT',
                              "/etc/pki/tls/certs/katello.domain.com.crt"),
                    os.getenv('FOREMAN_SSL_KEY',
                              "/etc/pki/tls/private/katello.domain.com.key"))
FOREMAN_SSL_VERIFY = os.getenv('FOREMAN_SSL_VERIFY', "0")

亲切的问候

答案1

你好你可以试试这个

FOREMAN_URL = os.getenv('FOREMAN_URL', "https://katello.domain.com")
# Substitute by a real SSL certificate and key if your Foreman uses HTTPS FOREMAN_SSL_CERT = (os.getenv('FOREMAN_SSL_CERT', "/etc/foreman/client_cert.pem"),
                    os.getenv('FOREMAN_SSL_KEY', "/etc/foreman/client_key.pem")) FOREMAN_SSL_VERIFY = os.getenv('FOREMAN_SSL_VERIFY', "1")

/etc/foreman/client_cert.pem & /etc/foreman/client_cert.pem 是默认证书

相关内容