我对 foreman/katello 的 ansible 插件很着迷。
https://theforeman.org/plugins/foreman_ansible/1.x/index.html
我只是按照描述进行安装。
当我运行 ansibl-playbook 时,出现以下错误:
# ansible-playbook /etc/ansible/temp.yml
[WARNING]: SSL verification of https://katello.domain.com disabled
PLAY [test the ansible] **********************************************************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************************************************
ok: [katello.domain.com]
PLAY RECAP ***********************************************************************************************************************************************************************************
katello.domain.com : ok=1 changed=0 unreachable=0 failed=0
[WARNING]: Failure using method (v2_playbook_on_stats) in callback plugin (</usr/lib/python2.7/site-packages/ansible/plugins/callback/foreman.CallbackModule object at 0x2d2b750>): [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:579)
[WARNING]: Failure using method (v2_playbook_on_stats) in callback plugin (</usr/lib/python2.7/site-packages/ansible/plugins/callback/foreman.CallbackModule object at 0x2d82ed0>): [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:579)
我正在使用来自 comodo 的官方签名证书。
SSLCertificateFile "/etc/pki/tls/certs/katello.domain.com.crt"
SSLCertificateKeyFile "/etc/pki/tls/private/katello.domain.com.key"
SSLCertificateChainFile "/etc/pki/tls/certs/katello.domain.com-ca.crt"
我的回调插件配置:
FOREMAN_URL = os.getenv('FOREMAN_URL', "https://katello.domain.com")
FOREMAN_SSL_CERT = (os.getenv('FOREMAN_SSL_CERT',
"/etc/pki/tls/certs/katello.domain.com.crt"),
os.getenv('FOREMAN_SSL_KEY',
"/etc/pki/tls/private/katello.domain.com.key"))
FOREMAN_SSL_VERIFY = os.getenv('FOREMAN_SSL_VERIFY', "0")
亲切的问候
答案1
你好你可以试试这个
FOREMAN_URL = os.getenv('FOREMAN_URL', "https://katello.domain.com")
# Substitute by a real SSL certificate and key if your Foreman uses HTTPS FOREMAN_SSL_CERT = (os.getenv('FOREMAN_SSL_CERT', "/etc/foreman/client_cert.pem"),
os.getenv('FOREMAN_SSL_KEY', "/etc/foreman/client_key.pem")) FOREMAN_SSL_VERIFY = os.getenv('FOREMAN_SSL_VERIFY', "1")
/etc/foreman/client_cert.pem & /etc/foreman/client_cert.pem 是默认证书