当 ansible 尝试使用 sudo 创建目录时权限被拒绝

Question

我有一个roles/ec2/tasks/main.yml正在尝试创建一个文件夹：

---    
- name: Mkdir /opt/applications
  file: path=/opt/applications state=directory

它被称为以下角色start.yml：

- hosts: tag_composant_XXX:&tag_Name_XXX-sandbox
  remote_user: ec2-user
  vars:
    ec2_ami_name: XXX-base-{{ ansible_date_time.year }}-{{ ansible_date_time.month }}-{{ ansible_date_time.day }}
    ec2_ami_description: Ami to launch XXX
    instance_tag_environnement: XXX
  roles:
    - {role: ec2, sudo: true}

它是说

failed: [x.x.x.x] => {"failed": true, "parsed": false}
Traceback (most recent call last):
  File "/home/ec2usr/.ansible/tmp/ansible-tmp-1438095761.0-196976221154211/file", line 1994, in <module>
    main()
  File "/home/ec2usr/.ansible/tmp/ansible-tmp-1438095761.0-196976221154211/file", line 279, in main
    os.mkdir(curpath)
OSError: [Errno 13] Permission denied: '/opt/applications'
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /home/xxx/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: auto-mux: Trying existing master
debug2: fd 3 setting O_NONBLOCK
debug2: mux_client_hello_exchange: master version 4
debug3: mux_client_forwards: request forwardings: 0 local, 0 remote
debug3: mux_client_request_session: entering
debug3: mux_client_request_alive: entering
debug3: mux_client_request_alive: done pid = 4869
debug3: mux_client_request_session: session request sent
debug1: mux_client_request_session: master session id: 2
debug3: mux_client_read_packet: read header failed: Broken pipe
debug2: Received exit status from master 0
Shared connection to x.x.x.x closed.

执行是通过以下方式完成的：

ansible-playbook --private-key=~/.ssh/key -vvvv -i ../ec2.py start.yml

（我没有接触过py脚本）

它在更改 ansible 版本之前有效（请参阅此）。我所做的不仅仅是卸载+安装ansible，我还删除了一些文件夹~/.ansible/tmp/（例如ansible-tmp-1438095761.0-196976221154211/，但我不记得确切的名称）。难道是因为它才出现问题吗？

我已成功手动连接到 EC2 实例并创建文件夹，但使用 Ansible 似乎不起作用。为什么？问题是什么？

Answer 1

不确定这是否可能之前。但现在可以直接在任务级别定义它，例如

- name: Mkdir /opt/applications
  file: 
    path=/opt/applications 
    state=directory
  become: yes

另外https://docs.ansible.com/ansible/2.7/user_guide/become.html可能有助于解决进一步的问题