本地和远程主机之间可交换的SSH授权
我在centos 7上有一个流浪者盒子,我正在那里创建LXC容器。在流浪者包厢里的一次快跑。我使用Ansible创建容器,如下所示:本地和远程主机之间可交换的SSH授权,ssh,ansible,ssh-keys,openssh,lxc,Ssh,Ansible,Ssh Keys,Openssh,Lxc,我在centos 7上有一个流浪者盒子,我正在那里创建LXC容器。在流浪者包厢里的一次快跑。我使用Ansible创建容器,如下所示: - name: Create containers lxc_container: name: localdev_nginx container_log: true template: centos container_config: - 'lxc.network.ipv4 = 192.168.42.110/24'
- name: Create containers
lxc_container:
name: localdev_nginx
container_log: true
template: centos
container_config:
- 'lxc.network.ipv4 = 192.168.42.110/24'
- 'lxc.network.ipv4.gateway = 192.168.42.1'
container_command: |
yum -y install openssh-server
echo "Som*th1ng" | passwd root --stdin
ssh-keygen -b 2048 -t rsa -f /root/.ssh/id_rsa -q -N ""
state: started
- name: Tell the host about our servers it might want to ssh to
shell: ssh-keyscan -t rsa 192.168.42.110 >> /root/.ssh/known_hosts
[dev-webservers]
loc-dev-www1.internavenue.com hostname=loc-dev-www1.internavenue.com ansible_ssh_host=192.168.42.110 ansible_connection=ssh ansible_user=root ansible_ssh_pass=Som*th1ng
这是为我创建容器,但在此之后,我无法从Ansible访问容器。如果我将容器ssh pubkey带到流浪的已知\u主机,如下所示:
- name: Create containers
lxc_container:
name: localdev_nginx
container_log: true
template: centos
container_config:
- 'lxc.network.ipv4 = 192.168.42.110/24'
- 'lxc.network.ipv4.gateway = 192.168.42.1'
container_command: |
yum -y install openssh-server
echo "Som*th1ng" | passwd root --stdin
ssh-keygen -b 2048 -t rsa -f /root/.ssh/id_rsa -q -N ""
state: started
- name: Tell the host about our servers it might want to ssh to
shell: ssh-keyscan -t rsa 192.168.42.110 >> /root/.ssh/known_hosts
[dev-webservers]
loc-dev-www1.internavenue.com hostname=loc-dev-www1.internavenue.com ansible_ssh_host=192.168.42.110 ansible_connection=ssh ansible_user=root ansible_ssh_pass=Som*th1ng
如果我在Ansible hosts文件中添加容器根密码,如下所示:
- name: Create containers
lxc_container:
name: localdev_nginx
container_log: true
template: centos
container_config:
- 'lxc.network.ipv4 = 192.168.42.110/24'
- 'lxc.network.ipv4.gateway = 192.168.42.1'
container_command: |
yum -y install openssh-server
echo "Som*th1ng" | passwd root --stdin
ssh-keygen -b 2048 -t rsa -f /root/.ssh/id_rsa -q -N ""
state: started
- name: Tell the host about our servers it might want to ssh to
shell: ssh-keyscan -t rsa 192.168.42.110 >> /root/.ssh/known_hosts
[dev-webservers]
loc-dev-www1.internavenue.com hostname=loc-dev-www1.internavenue.com ansible_ssh_host=192.168.42.110 ansible_connection=ssh ansible_user=root ansible_ssh_pass=Som*th1ng
我希望它有一个更好的解决方案,因为它真的很糟糕。我怎样才能正常工作 我使用此标记将Vagrant box公钥复制到容器的授权密钥和主机中:
ansible_ssh_extra_args="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
这仅在Ansible>2.0时允许