我在带有 Python 2.6.6 的 Oracle Linux 6.10 上安装了 Ansible 2.6.20,并且正在尝试在 HACMP 集群中配置运行 AIX 7.2 和 Python 2.7.15 的 IBM 机器。
在控制台模式下运行 ansible 或针对专用节点运行 ansible-playbook 可以正常工作,但如果我尝试针对集群服务 ip 地址运行,则会收到目标无法访问错误。
+--------> node A 10.1.1.11 => connection o.k.
/
Ansible host 10.1.2.10 -----------> cluster service ip 10.1.1.10 => connection failure
\
+--------> node B 10.1.1.12 => connection o.k.
这是 Ansible 错误消息(已格式化),出于安全考虑,已替换用户和服务器名称。
16:02:11 [/home/_ansible_/ansible]
terminal [_ansible_@_server_]$ ansible -vvvv -i ./inventory/test.txt _target_ --user _user_ -a 'date'
ansible 2.6.17
config file = /home/_ansible_/ansible/ansible.cfg
configured module search path = [u'/home/_ansible_/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.6/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.6.6 (r266:84292, Aug 18 2016, 08:36:59) [GCC 4.4.7 20120313 (Red Hat 4.4.7-17)]
Using /home/_ansible_/ansible/ansible.cfg as config file
setting up inventory plugins
Parsed /home/_ansible_/ansible/inventory/test.txt inventory source with ini plugin
Loading callback plugin minimal of type stdout, v2.0 from /usr/lib/python2.6/site-packages/ansible/plugins/callback/minimal.pyc
META: ran handlers
<_target_> ESTABLISH SSH CONNECTION FOR USER: _user_
<_target_> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=_user_ -o ConnectTimeout=10 -o ControlPath=/home/_ansible_/.ansible/cp/f5a095d7af _target_ '/bin/sh -c '"'"'echo ~_user_ && sleep 0'"'"''
<_target_> (255, '', 'OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: cipher ok: aes256-ctr [aes256-ctr,aes192-ctr,aes128-ctr]
debug3: cipher ok: aes192-ctr [aes256-ctr,aes192-ctr,aes128-ctr]
debug3: cipher ok: aes128-ctr [aes256-ctr,aes192-ctr,aes128-ctr]
debug3: ciphers ok: [aes256-ctr,aes192-ctr,aes128-ctr]
debug1: Applying options for *
debug2: mac_setup: found hmac-ripemd160
debug3: mac ok: hmac-ripemd160 [hmac-ripemd160,hmac-sha1]
debug2: mac_setup: found hmac-sha1
debug3: mac ok: hmac-sha1 [hmac-ripemd160,hmac-sha1]
debug3: macs ok: [hmac-ripemd160,hmac-sha1]
debug1: auto-mux: Trying existing master
debug2: fd 4 setting O_NONBLOCK
debug2: mux_client_hello_exchange: master version 4
debug3: mux_client_request_forwards: requesting forwardings: 0 local, 0 remote
debug3: mux_client_request_session: entering
debug3: mux_client_request_alive: entering
debug3: mux_client_request_alive: done pid = 311
debug3: mux_client_request_session: session request sent
debug1: mux_client_request_session: master session id: 12
debug3: mux_client_read_packet: read header failed: Broken pipe
debug2: Control master terminated unexpectedly
')
_target_ | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: cipher ok: aes256-ctr [aes256-ctr,aes192-ctr,aes128-ctr]
debug3: cipher ok: aes192-ctr [aes256-ctr,aes192-ctr,aes128-ctr]
debug3: cipher ok: aes128-ctr [aes256-ctr,aes192-ctr,aes128-ctr]
debug3: ciphers ok: [aes256-ctr,aes192-ctr,aes128-ctr]
debug1: Applying options for *
debug2: mac_setup: found hmac-ripemd160
debug3: mac ok: hmac-ripemd160 [hmac-ripemd160,hmac-sha1]
debug2: mac_setup: found hmac-sha1
debug3: mac ok: hmac-sha1 [hmac-ripemd160,hmac-sha1]
debug3: macs ok: [hmac-ripemd160,hmac-sha1]
debug1: auto-mux: Trying existing master
debug2: fd 4 setting O_NONBLOCK
debug2: mux_client_hello_exchange: master version 4
debug3: mux_client_request_forwards: requesting forwardings: 0 local, 0 remote
debug3: mux_client_request_session: entering
debug3: mux_client_request_alive: entering
debug3: mux_client_request_alive: done pid = 311
debug3: mux_client_request_session: session request sent
debug1: mux_client_request_session: master session id: 12
debug3: mux_client_read_packet: read header failed: Broken pipe
debug2: Control master terminated unexpectedly",
"unreachable": true
}
使用公钥认证的手动 SSH 连接可以很好地与这三个 IP 地址配合使用。
我的问题是:
- 是否有人熟悉这个问题并且知道解决办法。
- 我该怎么做才能获得更多的调试输出?
提前感谢 Stefan
答案1
查看 AIX 上的 ssd 配置,也许守护进程没有配置为监听所有系统 ip 地址,而只监听节点 ip。