环境:centos7 yum源:网络yum源
安装:
默认yum安装,也可以自己编译安装
yum -y install ansible
本机测试:
[root@localhost ~]# ansible 192.168.100.120 -m ping
[WARNING]: Could not match supplied host pattern, ignoring: 192.168.100.120
[WARNING]: provided hosts list is empty, only localhost is available
[WARNING]: No hosts matched, nothing to do
没有这个主机,我们首先要编辑ansible的host文件
[root@localhost .ssh]# vim /etc/ansible/hosts
[test] #组名字 192.168.100.120 #组成员
我们接着测试:
[root@localhost ansible]# ansible 192.168.100.120 -m ping The authenticity of host '192.168.100.120 (192.168.100.120)' can't be established. ECDSA key fingerprint is SHA256:EMibfCrcMWOocTvKl/6bBPFMBpXv4SictIciUjv3Qmc. ECDSA key fingerprint is MD5:2a:cb:5e:3e:85:1c:51:81:d1:ac:bb:2b:b4:e3:c9:27. Are you sure you want to continue connecting (yes/no)? no 192.168.100.120 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: Host key verification failed. ", "unreachable": true }
遇到这个问题就是我们拒绝保存连接生成的key文件,下次我们连接这台主机直接提示拒绝保存。
[root@localhost ansible]# ansible 192.168.100.120 -m ping
192.168.100.120 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.100.120' (ECDSA) to the list of known hosts.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
",
"unreachable": true
}
解决办法:
生成ssh-keygen
[root@localhost ~]# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:hgZwYVVjPqcgaIvHeNORH9QEGDXM6+6c+rXXw8cW1Xk root@localhost.localdomain The key's randomart image is: +---[RSA 2048]----+ | . =O*== | | =.oo+.. | | o = o.o . o| | = o =.+ + .E| |o * ..+ S ..| | o . ... . | | . . o . . | | ..o .. + + | | .+= .. + | +----[SHA256]-----+
把生成的ssh-key再发送给本机
[root@localhost .ssh]# ssh-copy-id root@127.0.0.1 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established. ECDSA key fingerprint is SHA256:EMibfCrcMWOocTvKl/6bBPFMBpXv4SictIciUjv3Qmc. ECDSA key fingerprint is MD5:2a:cb:5e:3e:85:1c:51:81:d1:ac:bb:2b:b4:e3:c9:27. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@127.0.0.1's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@127.0.0.1'" and check to make sure that only the key(s) you wanted were added.
再次测试连接:
[root@localhost ~]# ansible 192.168.100.120 -m ping
192.168.100.120 | SUCCESS => {
"changed": false,
"ping": "pong"
}
测试成功