Fatal编程技术网
  • ansible/
  • Ansible errros out when daemon_reload=yes,在daemon reload期间出现错误1:无法执行操作:连接超时

Ansible errros out when daemon_reload=yes,在daemon reload期间出现错误1:无法执行操作:连接超时

ansible

Ansible errros out when daemon_reload=yes,在daemon reload期间出现错误1:无法执行操作:连接超时,ansible,Ansible,处理程序的YAML文件如下:YAML文件位置如下 RUNNING HANDLER [ansible_role_ssm_agent : systemctl_handler] ******************************************************** fatal: [13.236.87.146]: FAILED! => {"changed": false, "msg": "failure 1 during

处理程序的YAML文件如下:YAML文件位置如下

RUNNING HANDLER [ansible_role_ssm_agent : systemctl_handler] ********************************************************
fatal: [13.236.87.146]: FAILED! => {"changed": false, "msg": "failure 1 during daemon-reload: Failed to execute operation: Connection timed out\n"}
ansible\u patching/ssm\u agent.yml

---
- hosts: all
  gather_facts: true
  become: true

  roles:
  - ssm_agent

# handlers file for ansible-role-ssm-agent
- name: systemctl_handler
  systemd:
    name: amazon-ssm-agent
    daemon_reload: yes
    state: "{{ ssm_agent_svc_state }}"
    enabled: yes

---
- name: Check required input parameters
  assert:
    that:
      - ({{ item }} is defined)
      - ({{ item }} is not none)
      - ({{ item }} | trim != '')
  with_items:
    - os_name
    - os_version
  loop_control:
          loop_var: item
- name: Include architecture specific
  include: "{{ ansible_architecture }}.yml"

- name: Include for centos 7
  include: install_{{ os_name }}_{{ os_version }}.yml
  when: ansible_distribution == "{{ os_name }}" and ansible_distribution_major_version == "{{ os_version }}"
角色/ssm_代理/handlers/main.yml

---
- hosts: all
  gather_facts: true
  become: true

  roles:
  - ssm_agent

# handlers file for ansible-role-ssm-agent
- name: systemctl_handler
  systemd:
    name: amazon-ssm-agent
    daemon_reload: yes
    state: "{{ ssm_agent_svc_state }}"
    enabled: yes

---
- name: Check required input parameters
  assert:
    that:
      - ({{ item }} is defined)
      - ({{ item }} is not none)
      - ({{ item }} | trim != '')
  with_items:
    - os_name
    - os_version
  loop_control:
          loop_var: item
- name: Include architecture specific
  include: "{{ ansible_architecture }}.yml"

- name: Include for centos 7
  include: install_{{ os_name }}_{{ os_version }}.yml
  when: ansible_distribution == "{{ os_name }}" and ansible_distribution_major_version == "{{ os_version }}"
ansible\u补丁/roles/ssm\u agent/tasks/main.yml

---
- hosts: all
  gather_facts: true
  become: true

  roles:
  - ssm_agent

# handlers file for ansible-role-ssm-agent
- name: systemctl_handler
  systemd:
    name: amazon-ssm-agent
    daemon_reload: yes
    state: "{{ ssm_agent_svc_state }}"
    enabled: yes

---
- name: Check required input parameters
  assert:
    that:
      - ({{ item }} is defined)
      - ({{ item }} is not none)
      - ({{ item }} | trim != '')
  with_items:
    - os_name
    - os_version
  loop_control:
          loop_var: item
- name: Include architecture specific
  include: "{{ ansible_architecture }}.yml"

- name: Include for centos 7
  include: install_{{ os_name }}_{{ os_version }}.yml
  when: ansible_distribution == "{{ os_name }}" and ansible_distribution_major_version == "{{ os_version }}"
我得到的错误如下

RUNNING HANDLER [ansible_role_ssm_agent : systemctl_handler] ********************************************************
fatal: [13.236.87.146]: FAILED! => {"changed": false, "msg": "failure 1 during daemon-reload: Failed to execute operation: Connection timed out\n"}
但是,我可以在远程主机[远程CentOS主机的公共IP]上使用相同的远程用户(ansible)重新启动服务

请查看以下输出:

[ansible@ip-172-31-33-3 tmp]$ sudo systemctl status amazon-ssm-agent
[sudo] password for ansible:
● amazon-ssm-agent.service - amazon-ssm-agent
   Loaded: loaded (/etc/systemd/system/amazon-ssm-agent.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2020-06-25 01:22:40 UTC; 44min ago
 Main PID: 1978 (amazon-ssm-agen)
   CGroup: /system.slice/amazon-ssm-agent.service
           └─1978 /usr/bin/amazon-ssm-agent

[ansible@ip-172-31-33-3 tmp]$ sudo systemctl restart amazon-ssm-agent
[ansible@ip-172-31-33-3 tmp]$ sudo systemctl status amazon-ssm-agent
● amazon-ssm-agent.service - amazon-ssm-agent
   Loaded: loaded (/etc/systemd/system/amazon-ssm-agent.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2020-06-25 02:07:06 UTC; 2s ago
 Main PID: 2157 (amazon-ssm-agen)
   CGroup: /system.slice/amazon-ssm-agent.service
           └─2157 /usr/bin/amazon-ssm-agent
注意:如果我评论守护进程重新加载:是,那么剧本(ansible ssm代理安装角色)可以正常工作

如有任何指导,将不胜感激

[ansible@ip-172-31-38-88 ~]$ sudo systemctl daemon-reload
[ansible@ip-172-31-38-88 ~]$ echo $?
0
编辑2:使用sudo命令在远程主机上运行良好

[ansible@ip-172-31-38-88 ~]$ sudo cat /etc/sudoers |grep ansible
[sudo] password for ansible:
ansible ALL=(ALL)       ALL
[ansible@ip-172-31-38-88 ~]$
编辑4:远程ansible用户与root用户具有相同的权限。

从您问题中的详细信息,我可以看出您正在使用
ansible
用户登录远程计算机

要启动、停止、重新启动或重新加载系统服务,您的
ansible
用户必须具有管理权限,即
sudo
权限

systemctl daemon reload
的输出中,我们可以清楚地看到您没有所需的权限。所以,为了让它发挥作用

  • 您需要将sudo权限授予您的
    ansible
    用户
    • 在Ubuntu中(使用root用户或sudo): 
    #usermod-aG sudo ansible

    在CentOS中(使用root用户或sudo): 
    #usermod-aG wheel ansible

  • 你需要在剧本中设置
    been:true
    • 就这些

    是否需要
    守护进程重新加载
    属性?这应该在远程计算机上执行
    systemctl守护程序重载
    。您能以ansible用户的身份成功执行吗?手动操作不起作用,先生。我在P.S.之后粘贴了输出。我不知道是否需要该属性。我添加了一个预防措施。对不起。您需要使用
    sudo
    发出命令。这可能吗
    sudo systemctl daemon reload
    您能在问题中分享您的剧本吗?先生,我已经用所有YAML文件和远程ansible用户权限更新了剧本,请协助。