Loops Ansible-与\u fileglob循环-成为\u用户不工作-在源计算机上运行操作
Env是:Ansible 1.9.4或1.9.2,Linux CentOS 6.5 我有一个角色构建,其中: $cat角色/build/defaults/main.yml:Loops Ansible-与\u fileglob循环-成为\u用户不工作-在源计算机上运行操作,loops,ansible,roles,ansible-playbook,file-globs,Loops,Ansible,Roles,Ansible Playbook,File Globs,Env是:Ansible 1.9.4或1.9.2,Linux CentOS 6.5 我有一个角色构建,其中: $cat角色/build/defaults/main.yml: --- build_user: confman build_group: confman tools_dir: ~/tools $cat角色/build/tasks/main.yml - debug: msg="User is = {{ build_user }} -- {{ tools_dir }}" tags:
---
build_user: confman
build_group: confman
tools_dir: ~/tools
$cat角色/build/tasks/main.yml
- debug: msg="User is = {{ build_user }} -- {{ tools_dir }}"
tags:
- koba
- name: Set directory ownership
file: path="{{ tools_dir }}" owner={{ build_user }} group={{ build_group }} mode=0755 state=directory recurse=yes
become_user: "{{ build_user }}"
tags:
- koba
- name: Set private key file access
file: path="{{ item }}" owner={{ build_user }} group={{ build_group }} mode=0600 state=touch
with_fileglob:
- "{{ tools_dir }}/vmwaretools-lib-*/lib/insecure_private_key"
# with_items:
# - ~/tools/vmwaretools/lib/insecure_private_key
become_user: "{{ build_user }}"
tags:
- koba
在我的工作区中:主机文件(清单)包含:
[ansible_servers]
server01.project.jenkins
---
- hosts: ansible_servers
sudo: yes
roles:
- build
site.yml(剧本)包含:
[ansible_servers]
server01.project.jenkins
---
- hosts: ansible_servers
sudo: yes
roles:
- build
我正在运行以下命令:
$ ansible-playbook site.yml -i hosts -u confman --private-key ${DEPLOYER_KEY_FILE} -t koba
我得到了以下错误,并且由于某种原因,在使用Ansible循环时在Ansible中变成用户:带有是不是使用confman用户的~(主目录)(在变量{build\u user}中设置)相反,它选择的是我自己的用户ID(c123456)
在调试操作的控制台输出中,很明显,用户(将成为_user)是confman,tools_dir变量的值是~/tools
PLAY [ansible_servers] ********************************************************
GATHERING FACTS ***************************************************************
ok: [server01.project.jenkins]
TASK: [build | debug msg="User is = {{ build_user }} -- {{ tools_dir }}"] *****
ok: [server01.project.jenkins] => {
"msg": "User is = confman -- ~/tools"
}
TASK: [build | Set directory ownership] ***************************************
changed: [server01.project.jenkins]
TASK: [build | Set private key file access] ***********************************
failed: [server01.project.jenkins] => (item=/user/home/c123456/tools/vmwaretools-lib-1.0.8-SNAPSHOT/lib/insecure_private_key) => {"failed": true, "item": "/user/home/c123456/tools/vmwaretools-lib-1.0.8-SNAPSHOT/lib/insecure_private_key", "parsed": false}
BECOME-SUCCESS-ajtxlfymjcquzuolgfrrxbssfolqgrsg
Traceback (most recent call last):
File "/tmp/ansible-tmp-1449615824.69-82085663620220/file", line 1994, in <module>
main()
File "/tmp/ansible-tmp-1449615824.69-82085663620220/file", line 372, in main
open(path, 'w').close()
IOError: [Errno 2] No such file or directory: '/user/home/c123456/tools/vmwaretools-lib-1.0.8-SNAPSHOT/lib/insecure_private_key'
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: auto-mux: Trying existing master
debug1: mux_client_request_session: master session id: 2
debug1: mux_client_request_session: master session id: 2
Shared connection to server01.project.jenkins closed.
我只想在包含私钥文件的~confman/tools/vmwaretools lib-*/…位置中迭代这些文件,并更改权限,但使用“with_fileglob”变成_user在操作期间设置用户不工作
如果我注释掉with_fileglob部分,并在tasks/main.yml中使用/uncommentwith_items部分,那么它(变成_user)工作正常,并选择~confman(而不是~c123456)并给出以下输出:
TASK: [build | Set private key file access] ***********************************
changed: [server01.project.jenkins] => (item=~/tools/vmwaretools/lib/insecure_private_key)
我发现的一件奇怪的事情是,目标机器(server01.project.jenkins)上没有用户c123456,这告诉我,with_fileglob使用源/本地/主Ansible机器(在那里我运行Ansible playbook命令)来查找全局模式(而不是在server01.project.jenkins服务器上通过SSH查找/运行它),在本地/源Ansible机器上,我确实是以c123456的身份登录的。奇怪的是,在输出中,它仍然显示目标机器,但根据上面的输出,模式路径来自源机器
failed: [server01.project.jenkins]
知道吗!我错过了什么?谢谢
PS:
-我不想设置tools\u dir:“{{build\u user}}/tools”或硬编码它,因为用户可以在命令行传递tools\u dir变量(在运行ansible playbook命令时使用-e/--extra vars“tools\u dir=/production/slave/tools”
- 进一步研究它,我发现with_fileglob用于要迭代的本地文件列表,使用shell fileglob表示法(例如,/playbooks/files/fooapp/*)进行描述。那么,我应该使用什么来使用模式匹配(fileglob)在目标/远程服务器(在我的例子中是server01.project.jenkins)上迭代呢
- name: Set private key file access
shell: "chmod 0400 {{ tools_dir }}/vmtools-lib-*/lib/insecure_private_key"
become_user: "{{ build_user }}"
tags:
- koba
用_fileglob finding更新了我的帖子。