Ansible errros out when daemon_reload=yes,在daemon reload期间出现错误1:无法执行操作:连接超时
处理程序的YAML文件如下:YAML文件位置如下Ansible errros out when daemon_reload=yes,在daemon reload期间出现错误1:无法执行操作:连接超时,ansible,Ansible,处理程序的YAML文件如下:YAML文件位置如下 RUNNING HANDLER [ansible_role_ssm_agent : systemctl_handler] ******************************************************** fatal: [13.236.87.146]: FAILED! => {"changed": false, "msg": "failure 1 during
RUNNING HANDLER [ansible_role_ssm_agent : systemctl_handler] ********************************************************
fatal: [13.236.87.146]: FAILED! => {"changed": false, "msg": "failure 1 during daemon-reload: Failed to execute operation: Connection timed out\n"}
ansible\u patching/ssm\u agent.yml
---
- hosts: all
gather_facts: true
become: true
roles:
- ssm_agent
# handlers file for ansible-role-ssm-agent
- name: systemctl_handler
systemd:
name: amazon-ssm-agent
daemon_reload: yes
state: "{{ ssm_agent_svc_state }}"
enabled: yes
---
- name: Check required input parameters
assert:
that:
- ({{ item }} is defined)
- ({{ item }} is not none)
- ({{ item }} | trim != '')
with_items:
- os_name
- os_version
loop_control:
loop_var: item
- name: Include architecture specific
include: "{{ ansible_architecture }}.yml"
- name: Include for centos 7
include: install_{{ os_name }}_{{ os_version }}.yml
when: ansible_distribution == "{{ os_name }}" and ansible_distribution_major_version == "{{ os_version }}"
角色/ssm_代理/handlers/main.yml
---
- hosts: all
gather_facts: true
become: true
roles:
- ssm_agent
# handlers file for ansible-role-ssm-agent
- name: systemctl_handler
systemd:
name: amazon-ssm-agent
daemon_reload: yes
state: "{{ ssm_agent_svc_state }}"
enabled: yes
---
- name: Check required input parameters
assert:
that:
- ({{ item }} is defined)
- ({{ item }} is not none)
- ({{ item }} | trim != '')
with_items:
- os_name
- os_version
loop_control:
loop_var: item
- name: Include architecture specific
include: "{{ ansible_architecture }}.yml"
- name: Include for centos 7
include: install_{{ os_name }}_{{ os_version }}.yml
when: ansible_distribution == "{{ os_name }}" and ansible_distribution_major_version == "{{ os_version }}"
ansible\u补丁/roles/ssm\u agent/tasks/main.yml
---
- hosts: all
gather_facts: true
become: true
roles:
- ssm_agent
# handlers file for ansible-role-ssm-agent
- name: systemctl_handler
systemd:
name: amazon-ssm-agent
daemon_reload: yes
state: "{{ ssm_agent_svc_state }}"
enabled: yes
---
- name: Check required input parameters
assert:
that:
- ({{ item }} is defined)
- ({{ item }} is not none)
- ({{ item }} | trim != '')
with_items:
- os_name
- os_version
loop_control:
loop_var: item
- name: Include architecture specific
include: "{{ ansible_architecture }}.yml"
- name: Include for centos 7
include: install_{{ os_name }}_{{ os_version }}.yml
when: ansible_distribution == "{{ os_name }}" and ansible_distribution_major_version == "{{ os_version }}"
我得到的错误如下
RUNNING HANDLER [ansible_role_ssm_agent : systemctl_handler] ********************************************************
fatal: [13.236.87.146]: FAILED! => {"changed": false, "msg": "failure 1 during daemon-reload: Failed to execute operation: Connection timed out\n"}
但是,我可以在远程主机[远程CentOS主机的公共IP]上使用相同的远程用户(ansible)重新启动服务
请查看以下输出:
[ansible@ip-172-31-33-3 tmp]$ sudo systemctl status amazon-ssm-agent
[sudo] password for ansible:
● amazon-ssm-agent.service - amazon-ssm-agent
Loaded: loaded (/etc/systemd/system/amazon-ssm-agent.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2020-06-25 01:22:40 UTC; 44min ago
Main PID: 1978 (amazon-ssm-agen)
CGroup: /system.slice/amazon-ssm-agent.service
└─1978 /usr/bin/amazon-ssm-agent
[ansible@ip-172-31-33-3 tmp]$ sudo systemctl restart amazon-ssm-agent
[ansible@ip-172-31-33-3 tmp]$ sudo systemctl status amazon-ssm-agent
● amazon-ssm-agent.service - amazon-ssm-agent
Loaded: loaded (/etc/systemd/system/amazon-ssm-agent.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2020-06-25 02:07:06 UTC; 2s ago
Main PID: 2157 (amazon-ssm-agen)
CGroup: /system.slice/amazon-ssm-agent.service
└─2157 /usr/bin/amazon-ssm-agent
注意:如果我评论守护进程重新加载:是,那么剧本(ansible ssm代理安装角色)可以正常工作
如有任何指导,将不胜感激
[ansible@ip-172-31-38-88 ~]$ sudo systemctl daemon-reload
[ansible@ip-172-31-38-88 ~]$ echo $?
0
编辑2:使用sudo命令在远程主机上运行良好
[ansible@ip-172-31-38-88 ~]$ sudo cat /etc/sudoers |grep ansible
[sudo] password for ansible:
ansible ALL=(ALL) ALL
[ansible@ip-172-31-38-88 ~]$
编辑4:远程ansible用户与root用户具有相同的权限。从您问题中的详细信息,我可以看出您正在使用
ansible
用户登录远程计算机
要启动、停止、重新启动或重新加载系统服务,您的ansible
用户必须具有管理权限,即sudo
权限
从systemctl daemon reload
的输出中,我们可以清楚地看到您没有所需的权限。所以,为了让它发挥作用
ansible
用户#usermod-aG sudo ansible
在CentOS中(使用root用户或sudo):
#usermod-aG wheel ansible
been:true
就这些 是否需要
守护进程重新加载
属性?这应该在远程计算机上执行systemctl守护程序重载
。您能以ansible用户的身份成功执行吗?手动操作不起作用,先生。我在P.S.之后粘贴了输出。我不知道是否需要该属性。我添加了一个预防措施。对不起。您需要使用sudo
发出命令。这可能吗sudo systemctl daemon reload
您能在问题中分享您的剧本吗?先生,我已经用所有YAML文件和远程ansible用户权限更新了剧本,请协助。