1、批量分发密钥
(1)配置 host
[test1]
10.142.131.159 ansible_user=username ansible_ssh_pass=password
(2)创建playbook
vim ssh.yml
---
- hosts: test1
remote_user: admin
tasks:
- name: ssh-copy
authorized_key:
user: admin
key: "{{lookup('file','~/.ssh/id_rsa.pub')}}"
state: present
exclusive: yes
~
验证
安装文件并启动服务
vim install_exporter
---
- hosts: test1
tasks:
- name: 分发exporter安装文件
copy: src=/etc/ansible/roles/install_exporter/files/node_exporter.tar.gz dest=/home/admin/
- name: 解压tar
raw: "{{ item }}"
with_items:
- "tar -xf /home/admin/node_exporter.tar.gz -C /home/admin/"
- name: run this command and ignore the result
shell: cd /home/admin/node_exporter-0.17.0.linux-amd64/&& nohup ./node_exporter &
验证ok
问题总结:
10.142.239.36 | FAILED! => {
"msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this host's fingerprint to your known_hosts file to manage this host."
}
``3.原因和解决办法:
ssh第一次连接的时候一般会提示输入yes 进行确认为将key字符串加入到 ~/.ssh/known_hosts 文件中。而本机的~/.ssh/known_hosts文件中并有fingerprint key串
解决方法:在ansible.cfg文件中更改下面的参数:
#host_key_checking = False 将#号去掉即可`
报错:
FAILED! => {“msg”: “An unhandled exception occurred while running the lookup plugin ‘file’. Error was a <class ‘ansible.errors.AnsibleError’>, original message: could not locate file in lookup: ~/.ssh/id_rsa.pub”}
ssh-keygen -t rsa//生成公钥和密钥,一路enter
扫一扫
2763
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
