環境:centos7 yum源:網絡yum源
安裝:
默認yum安裝,也可以自己編譯安裝
yum -y install ansible
本機測試:
[root@localhost ~]# ansible 192.168.100.120 -m ping
[WARNING]: Could not match supplied host pattern, ignoring: 192.168.100.120
[WARNING]: provided hosts list is empty, only localhost is available
[WARNING]: No hosts matched, nothing to do
沒有這個主機,我們首先要編輯ansible的host文件
[root@localhost .ssh]# vim /etc/ansible/hosts
[test] #組名字 192.168.100.120 #組成員
我們接着測試:
[root@localhost ansible]# ansible 192.168.100.120 -m ping The authenticity of host '192.168.100.120 (192.168.100.120)' can't be established. ECDSA key fingerprint is SHA256:EMibfCrcMWOocTvKl/6bBPFMBpXv4SictIciUjv3Qmc. ECDSA key fingerprint is MD5:2a:cb:5e:3e:85:1c:51:81:d1:ac:bb:2b:b4:e3:c9:27. Are you sure you want to continue connecting (yes/no)? no 192.168.100.120 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: Host key verification failed.\r\n", "unreachable": true }
遇到這個問題就是我們拒絕保存連接生成的key文件,下次我們連接這台主機直接提示拒絕保存。
[root@localhost ansible]# ansible 192.168.100.120 -m ping
192.168.100.120 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.100.120' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n",
"unreachable": true
}
解決辦法:
生成ssh-keygen
[root@localhost ~]# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:hgZwYVVjPqcgaIvHeNORH9QEGDXM6+6c+rXXw8cW1Xk root@localhost.localdomain The key's randomart image is: +---[RSA 2048]----+ | . =O*== | | =.oo+.. | | o = o.o . o| | = o =.+ + .E| |o * ..+ S ..| | o . ... . | | . . o . . | | ..o .. + + | | .+= .. + | +----[SHA256]-----+
把生成的ssh-key再發送給本機
[root@localhost .ssh]# ssh-copy-id root@127.0.0.1 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established. ECDSA key fingerprint is SHA256:EMibfCrcMWOocTvKl/6bBPFMBpXv4SictIciUjv3Qmc. ECDSA key fingerprint is MD5:2a:cb:5e:3e:85:1c:51:81:d1:ac:bb:2b:b4:e3:c9:27. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@127.0.0.1's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@127.0.0.1'" and check to make sure that only the key(s) you wanted were added.
再次測試連接:
[root@localhost ~]# ansible 192.168.100.120 -m ping
192.168.100.120 | SUCCESS => {
"changed": false,
"ping": "pong"
}
測試成功