# 推荐将公钥传到被管理主机上面[root@VM-0-17-centos ~]# ssh-keygen -t rsa # 创建公钥
Generating public/private rsa key pair.
Enter fileinwhich to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Qj0BOMA7w5BT57pyv29IBTpni5rMPXt9RivKSKp8wCA root@VM-0-17-centos
The key's randomart image is:
+---[RSA 2048]----+
| +o...... |
|+ .o+ . . |
| + o.o. o |
|E B.o.. . |
|+ .B o. S |
| o..o . . |
|+o=o .. . . |
|+=o=+..o + |
|oo.o**o + |
+----[SHA256]-----+
[root@VM-0-17-centos ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub 121.37.227.88 # 将公钥传给被管理主机
root@121.37.227.88's password: # 输入密码[root@VM-0-17-centos ~]# ssh 121.37.227.88 # 远程登录被管理主机
Welcome to Huawei Cloud Service
[root@ecs-proxy ~]# # 成功!# 也可以选择在本机的配置文件上面添加被管理主机的用户名密码,但是并不安全[root@VM-0-17-centos ~]# vim /etc/ansible/hosts # 修改配置文件[webservers]
121.37.227.88 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass=123456
ps:当第一次远程的时候需要确认一下主机之间的公钥连接,我们需要在配置文件中将这个选项修改
[root@VM-0-17-centos ~]# vim /etc/ansible/ansible.cfg
39 host_key_checking = False
执行测试
[root@VM-0-17-centos ~]# ansible -i /etc/ansible/hosts webservers -m ping
121.37.227.88 | success >>{"changed": false,
"ping":"pong"# 成功}# 查看服务器的状态[root@VM-0-17-centos ~]# ansible webservers -m command -a 'w'
121.37.227.88 | success | rc=0 >>
14:22:03 up 36 days, 20:56, 3 users, load average: 0.00, 0.03, 0.07
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root tty1 21Jul20 36days 0.07s 0.07s -bash
root pts/0 220.112.46.251 10:05 2:46m 0.06s 0.06s -bash
root pts/1 106.54.95.242 14:22 1.00s 0.06s 0.01s w
—我遇到的坑坑坑坑们—
执行playbook时报错
pkg_resources.DistributionNotFound: The 'pynacl>=1.0.1' distribution was not found and is required by paramiko
提示pynacl没有安装或者安装版本过低
[root@VM-0-17-centos ~]# pip install pynacl
再报错
paramiko 2.7.1 requires bcrypt>=3.1.3, which is not installed.
提示bcrypt没有安装
[root@VM-0-17-centos ~]# pip install bcrypt
--------------------------------------------------------------------------------
执行ansible时报出紫色的[DEPRECATION WARNING]警告
[DEPRECATION WARNING]: [defaults]hostfile option, The key is misleading as it can also be a list of
hosts, a directory or a list of paths , use [defaults] inventory=/path/to/file|dir instead. This
feature will be removed in version 2.8. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
[DEPRECATION WARNING]: DEFAULT_MODULE_LANG option, Modules are coded to set their own locale if needed
for screenscraping . This feature will be removed in version 2.9. Deprecation warnings can be disabled
by setting deprecation_warnings=False in ansible.cfg.
[DEPRECATION WARNING]: DEFAULT_SUDO_EXE option, In favor of Ansible Become, which is a generic
framework. See become_exe. , use become instead. This feature will be removed in version 2.8.
Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
[DEPRECATION WARNING]: DEFAULT_SUDO_USER option, In favor of Ansible Become, which is a generic
framework. See become_user. , use become instead. This feature will be removed in version 2.8.
Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
解决办法:
在ansible.cfg文件中根据提示将deprecation_warnings改为FALSE
[root@VM-0-17-centos ~]# vim /etc/ansible/ansible.cfg
103 deprecation_warnings = False