从AWS机密管理器查找机密| Ansible
使用地形代码,我在AWS机密管理器中创建了其他类型的机密。 我需要在Ansible代码中使用这些AWS机密。我在下面找到了这个链接,但我无法继续 我有以下可翻译代码:-从AWS机密管理器查找机密| Ansible,ansible,ansible-2.x,aws-secrets-manager,Ansible,Ansible 2.x,Aws Secrets Manager,使用地形代码,我在AWS机密管理器中创建了其他类型的机密。 我需要在Ansible代码中使用这些AWS机密。我在下面找到了这个链接,但我无法继续 我有以下可翻译代码:- database.yml - name: Airflow | DB | Create MySQL DB mysql_db: login_user: "{{ mysql_user }}" # login_password: "{{ mysql_root_password }}" login_passwo
database.yml- name: Airflow | DB | Create MySQL DB
mysql_db:
login_user: "{{ mysql_user }}"
# login_password: "{{ mysql_root_password }}"
login_password: "{{ lookup('ca_dev', 'mysql_root_password') }}"
# config_file: /etc/my.cnf
# login_unix_socket: /var/lib/mysql/mysql.sock
# encrypted: yes
name: "airflow"
state: "present"
TASK [../../roles/airflow : Airflow | DB | Create MySQL DB] **************************************************************************************************************************************************************************
task path: /home/ec2-user/cng-ansible/roles/airflow/tasks/database.yml:25
The full traceback is:
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py", line 140, in run
res = self._execute()
File "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py", line 539, in _execute
self._task.post_validate(templar=templar)
File "/usr/lib/python2.7/site-packages/ansible/playbook/task.py", line 267, in post_validate
super(Task, self).post_validate(templar)
File "/usr/lib/python2.7/site-packages/ansible/playbook/base.py", line 364, in post_validate
value = templar.template(getattr(self, name))
File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py", line 540, in template
disable_lookups=disable_lookups,
File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py", line 495, in template
disable_lookups=disable_lookups,
File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py", line 746, in do_template
res = j2_concat(rf)
File "<template>", line 8, in root
File "/usr/lib/python2.7/site-packages/jinja2/runtime.py", line 193, in call
return __obj(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py", line 631, in _lookup
instance = self._lookup_loader.get(name.lower(), loader=self._loader, templar=self)
File "/usr/lib/python2.7/site-packages/ansible/plugins/loader.py", line 381, in get
obj = getattr(self._module_cache[path], self.class_name)
AttributeError: 'module' object has no attribute 'LookupModule'
fatal: [127.0.0.1]: FAILED! => {
"msg": "Unexpected failure during module execution.",
"stdout": ""
}
RUNNING HANDLER [../../roles/airflow : restart rabbitmq-server]
task path: /home/ec2-user/cng-ansible/roles/airflow/handlers/main.yml:28
to retry, use: --limit @/home/ec2-user/cng-ansible/plays/airflow/installAirflow.retry
PLAY RECAP
127.0.0.1 : ok=39 changed=7 unreachable=0 failed=1
TASK[../../roles/aiffort:aiffort | DB | Create MySQL DB]**************************************************************************************************************************************************************************
任务路径:/home/ec2 user/cng ansible/roles/afflow/tasks/database.yml:25
完整回溯是:
回溯(最近一次呼叫最后一次):
文件“/usr/lib/python2.7/site packages/ansible/executor/task_executor.py”,第140行,正在运行
res=self.\u execute()
文件“/usr/lib/python2.7/site packages/ansible/executor/task_executor.py”,第539行,in_execute
self.\u task.post\u验证(templar=templar)
文件“/usr/lib/python2.7/site packages/ansible/playbook/task.py”,第267行,在post\u验证中
超级(任务,自我)。后验证(圣堂武士)
文件“/usr/lib/python2.7/site packages/ansible/playbook/base.py”,第364行,在post\u验证中
value=templar.template(getattr(self,name))
文件“/usr/lib/python2.7/site packages/ansible/template/_init__.py”,模板中第540行
禁用\u查找=禁用\u查找,
文件“/usr/lib/python2.7/site packages/ansible/template/_init__.py”,模板中第495行
禁用\u查找=禁用\u查找,
文件“/usr/lib/python2.7/site packages/ansible/template/_init__.py”,第746行,在do_模板中
res=j2_concat(rf)
文件“”,第8行,在根目录中
文件“/usr/lib/python2.7/site packages/jinja2/runtime.py”,第193行,在调用中
返回对象(*args,**kwargs)
文件“/usr/lib/python2.7/site packages/ansible/template/_init__.py”,第631行,在查找中
instance=self.\u lookup\u loader.get(name.lower(),loader=self.\u loader,templar=self)
文件“/usr/lib/python2.7/site packages/ansible/plugins/loader.py”,get中第381行
obj=getattr(self.\u模块\u缓存[path],self.class\u名称)
AttributeError:“模块”对象没有属性“LookupModule”
致命:[127.0.0.1]:失败!=>{
“msg”:“模块执行期间出现意外故障。”,
“标准输出”:”
}
正在运行处理程序[../../roles/afflow:重新启动rabbitmq服务器]
任务路径:/home/ec2 user/cng ansible/roles/afflow/handlers/main.yml:28
要重试,请使用:--limit@/home/ec2 user/cng ansible/plays/aiffair/installaiffair.retry
重演
127.0.0.1:正常=39更改=7无法访问=0失败=1
ansible doc-t lookup-l{“msg”:“找不到查找插件(ca_dev)}查找login_password: "{{ lookup('ca_dev', 'mysql_root_password') }}"
login_password: "{{ lookup('aws_secret', 'mysql_root_password') }}"
ca_devaws_secret~/.ansible/plugins/lookup:/usr/share/ansible/plugins/lookupDEFAULT_LOOKUP_PLUGIN_PATH
Description: Colon separated paths in which Ansible will search for Lookup Plugins.
Type: pathspec
Default: ~/.ansible/plugins/lookup:/usr/share/ansible/plugins/lookup
Ini Section: defaults
Ini Key: lookup_plugins
Environment: ANSIBLE_LOOKUP_PLUGINS
这方面的文档可以在官方文档部分找到我将删除底部的快速问题,它也会使问题本身变得复杂broad@HermanTheGermanHesse是否可以编辑您的问题并详细说明“我无法继续”(您尝试了什么,结果是什么/错误消息/日志等)?使用aws_秘密查找似乎正是您所需要的。同时,请注意,此模块似乎仅在ansible 2.8中可用(您使用此版本吗?@Zeitounator我仍然没有为此编写任何代码。如表2.8所示,发布日期为2019年5月16日。我没有任何步骤将
ansible 2.7.102.8stable-2.82.8.0a12.8.0b1TASK[../../roles/aiffort:aiffort | DB | Create MySQL DB]致命:[127.0.0.1]:失败!=>{“msg”:“找不到查找插件(aws_secret)}ansible doc-t lookup-lansible doc-t lookup-l