如何让ansible访问sshd容器?
如何让ansible访问sshd容器?
提问于 2018-06-16 22:26:26
我使用ansible脚本加载和启动https://hub.docker.com/r/rastasheep/ubuntu-sshd/容器。
因此,这当然是一个好的开始:
bash-4.4$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8bedbd3b7d88 rastasheep/ubuntu-sshd "/usr/sbin/sshd -D" 37 minutes ago Up 36 minutes 0.0.0.0:49154->22/tcp test
bash-4.4$ 所以,在ssh访问失败之后,我从shell手动测试了一下,这也没问题。
bash-4.4$ ssh root@172.17.0.2
The authenticity of host '172.17.0.2 (172.17.0.2)' can't be established.
ECDSA key fingerprint is SHA256:YtTfuoRRR5qStSVA5UuznGamA/dvf+djbIT6Y48IYD0.
ECDSA key fingerprint is MD5:43:3f:41:e9:89:45:06:6f:f6:42:c4:6a:70:37:f8:1d.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.17.0.2' (ECDSA) to the list of known hosts.
root@172.17.0.2's password:
root@8bedbd3b7d88:~# logout
Connection to 172.17.0.2 closed.
bash-4.4$因此,失败的步骤是尝试从ansible脚本访问它&访问ssh-copy-id
可能的错误消息是:
Fatal: [172.17.0.2]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added '172.17.0.2' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey,password).\r\n", "unreachable": true}
---
- hosts: 127.0.0.1
tasks:
- name: start docker service
service:
name: docker
state: started
- name: load and start the container we wanna use
docker_container:
name: test
image: rastasheep/ubuntu-sshd
state: started
ports:
- "49154:22"
- name: Wait maximum of 300 seconds for ports to be available
wait_for:
host: 0.0.0.0
port: 49154
state: started
- hosts: 172.17.0.2
vars:
passwordadmin: $6$pbE6yznA$AeFIdI.....K0
passwordroot: $6$TMrxQUxT$I8.JIzR.....TV1
ansible_ssh_extra_args: "-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
tasks:
- name: Build test container root user rsa ssh-key
shell: docker exec test ssh-keygen -b 2048 -t rsa -f /root/.ssh/id_rsa -q -N ""所以我甚至不能运行所需的步骤来构建ssh,那么怎么办??
- 第一步(ansible任务):加载docker container
- 2cd步骤(ansible任务仅在172.17.0.2上):连接到它并设置它
- 之后将有第三步在它上面运行应用程序。
仅当启动2cd步骤时才会出现问题
回答 1
Stack Overflow用户
发布于 2018-06-17 00:38:46
好的,在对第二个容器进行了多次尝试之后,结论是我的过程很糟糕
我做了什么来解决这个问题:
inventory inventory构建一个目录树,将./ ./inventory ./includes
- build 1Yaml文件按主机分隔开(,
- ,实验) action)
- setup
- build 1 main yaml file on ./
- build 1新主机文件由sshpass强制在默认情况下停靠到docker it
- 将授权密钥上的主机密钥添加到登录专用usage
- installed pyhton (需要回答任何可能的主机否则它会随机生成模块错误或拒绝连接,具体取决于当前
sudoers中的ssh登录用户<
- >H121然后我可以运行labo.yaml操作
- 然后我终于可以运行labo.yaml操作了。
感谢你的帮助
现在我可以构建缺少的工具了。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/50888760
复制相关文章
相似问题