我是 Ansible 新手,所以任何建议都非常感谢。
我使用的是 ansible 2.9.10。
首先
在我的控制节点上,我创建了一个剧本,在其中我将控制主机设置为存储库主机:必须将 RHEL 8 安装 ISO 循环挂载到目录 /var/ftp/repo 上,firewalld
禁用服务并vsftpd
启动和启用该服务,并允许匿名用户访问 /var/ftp/repo 目录
---
- name: Setup control host as repository host
hosts: localhost
become: true
vars:
anonymous_enable: yes
tasks:
- name: Install vsftpd
yum:
name: vsftpd
state: latest
- name: Start and enable vsftpd service
service:
name: vsftpd
state: started
enabled: true
- name: Disable firewall
firewalld:
service: firewall
state: disabled
- name: Allow anonymous user access to /var/ftp/repo
template:
src: templates/vsftpd.j2/v.j2
dest: /etc/vsftpd/vsftpd.conf
- name: Setup repo directory
file:
path: /var/ftp/repo
state: directory
- name: create repo
mount:
path: /var/ftp/repo
src: /dev/sr0
fstype: iso9660
opts: loop,ro
state: mounted
下一个
我有托管节点,并希望将其配置为存储库服务器的存储库客户端,该服务器已在上例中配置。我想使用临时命令来启用对我的控制节点上的 BaseOS 和 AppStream 存储库的访问。以下是此命令和返回的结果:
[ansible@control ~]$ ansible ansible1 -u root --ask-pass -m yum_repository -a "name=AppStream file=AppStream baseurl=ftp://control.example.com/repo/AppStream/ description=AppStream gpgcheck=no enabled=yes state=present"
SSH password:
ansible1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"repo": "AppStream",
"state": "present"
}
[ansible@control ~]$ ansible ansible1 -u root --ask-pass -m yum_repository -a "name=BaseOS file=BaseOS baseurl=ftp://control.example.com/repo/ description=BaseOS gpgcheck=no enabled=yes state=present"
SSH password:
ansible1 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"repo": "BaseOS",
"state": "present"
看起来一切正常,但是当我登录到托管节点并尝试执行yum 重新排序, 我收到了:
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
AppStream 0.0 B/s | 0 B 00:01
BaseOS 0.0 B/s | 0 B 00:01
Failed to synchronize cache for repo 'AppStream', ignoring this repo.
Failed to synchronize cache for repo 'BaseOS', ignoring this repo.
然后我使用 rhel 订阅管理器订阅了系统,但是当我再次登录到管理节点并尝试执行 yum repolist 时,我收到了完全相同的错误(关于我在 /var/ftp/repo 目录中控制节点上的本地存储库):
Updating Subscription Management repositories.
AppStream 0.0 B/s | 0 B 00:01
BaseOS 0.0 B/s | 0 B 00:01
Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs) 3.2 kB/s | 4.5 kB 00:01
Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs) 2.8 kB/s | 4.1 kB 00:01
Failed to synchronize cache for repo 'AppStream', ignoring this repo.
Failed to synchronize cache for repo 'BaseOS', ignoring this repo.
repo id repo name status
rhel-8-for-x86_64-appstream-rpms Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs) 10,766
rhel-8-for-x86_64-baseos-rpms Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs) 4,834
我需要在 /var/ftp/repo 中使用我的本地存储库,请帮我找出错误!此外,当我尝试使用 ad-hoc 命令安装某些 pkg 时,我收到错误:
[ansible@control ~]$ ansible ansible1 -u root --ask-pass -m yum -a "name=httpd state=latest"
SSH password:
ansible1 | FAILED! => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"failures": [
"No package httpd available."
],
"msg": "Failed to install some of the specified packages",
"rc": 1,
"results": []
FTP相关信息:
[ansible@control ~]$ ls /var/ftp/repo/
AppStream EFI extra_files.json images media.repo RPM-GPG-KEY-redhat-release
BaseOS EULA GPL isolinux RPM-GPG-KEY-redhat-beta TRANS.TBL
[ansible@control ~]$ systemctl status vsftpd
● vsftpd.service - Vsftpd ftp daemon
Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2020-07-01 22:02:01 EEST; 50min ago
Process: 1055 ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf (code=exited, status=0/SUCCESS)
Main PID: 1059 (vsftpd)
Tasks: 1 (limit: 4915)
Memory: 344.0K
CGroup: /system.slice/vsftpd.service
└─1059 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
托管节点上的 Repo 文件内容:
[ansible@control ~]$ ansible ansible1 -m command -a "cat /etc/yum.repos.d/AppStream.repo"
ansible1 | CHANGED | rc=0 >>
[AppStream]
baseurl = ftp://control.example.com/repo/
enabled = 1
gpgcheck = 0
name = AppStream
[ansible@control ~]$ ansible ansible1 -m command -a "cat /etc/yum.repos.d/BaseOS.repo"
ansible1 | CHANGED | rc=0 >>
[BaseOS]
baseurl = ftp://control.example.com/repo/
enabled = 1
gpgcheck = 0
name = BaseOS
答案1
您必须先安装软件包,然后才能安装订阅系统并获得权利。
您可以使用redhat_subscription 模块。注册后,您可以使用rhsm_repository 模块以启用您想要的存储库。
以下是我注册 RHEL 系统并启用所需 RHEL 存储库的方法:
---
- hosts: all
gather_facts: True
tasks:
- name: "Group by operating system"
group_by:
key: os_{{ ansible_distribution }}
- hosts: os_RedHat
gather_facts: True
# Registering the system and enabling repos must come first,
# before installing packages
pre_tasks:
- block:
- name: Register RHEL system
redhat_subscription:
activationkey: "Ansible_Provisioned"
org_id: "*******"
auto_attach: True
- name: Enable RHEL repos (RHEL 7)
rhsm_repository: name={{item}} state=enabled
with_items:
- rhel-{{ansible_distribution_major_version}}-server-rpms
- rhel-{{ansible_distribution_major_version}}-server-extras-rpms
- rhel-{{ansible_distribution_major_version}}-server-optional-rpms
when: ansible_distribution_major_version|int <= 7
- name: Enable RHEL repos (RHEL 8)
rhsm_repository: name={{item}} state=enabled
with_items:
- rhel-{{ansible_distribution_major_version}}-for-{{ansible_architecture}}-baseos-rpms
- rhel-{{ansible_distribution_major_version}}-for-{{ansible_architecture}}-appstream-rpms
- rhel-{{ansible_distribution_major_version}}-for-{{ansible_architecture}}-supplementary-rpms
- codeready-builder-for-rhel-{{ansible_distribution_major_version}}-{{ansible_architecture}}-rpms
when: ansible_distribution_major_version|int == 8
- name: Disable RHEL repos (RHEL 7)
rhsm_repository: name={{item}} state=disabled
with_items:
- rhel-{{ansible_distribution_major_version}}-server-rt-rpms
- rhel-{{ansible_distribution_major_version}}-server-rt-beta-rpms
when: ansible_distribution_major_version|int <= 7
when: ansible_distribution == 'RedHat'
roles:
- redhatinsights.insights-client
请注意,如果您尝试离线安装软件包,则必须在软件包安装过程中暂时(或永久)禁用在线 Red Hat 存储库。例如:
- name: Install httpd
dnf:
name: httpd
disablerepo: rhel-8-for-x86_64-appstream-rpms,rhel-8-for-x86_64-baseos-rpms
看起来您的自定义存储库 BaseOS 和 AppStream 实际上无法从新节点访问,因此您也应该解决这个问题。