Kat*_*ate 8 sudo aws-cloudformation ansible
当我设置具有云形成的环境时,我需要在Vagrant盒子和aws上运行剧本。
在Vagrant文件中,我使用ansible-local,一切正常
name: Setup Unified Catalog Webserver
hosts: 127.0.0.1
connection: local
become: yes
become_user: root
roles: generic
但是,当我在AWS中创建实例时,ansible剧本因错误而失败:
sudo: sorry, you must have a tty to run sudo
发生这种情况是因为它以root身份运行并且没有tty。但我不知道如何解决它没有作出改变/etc/sudoers,以允许!requiretty
我可以在ansible.cfg或云形成模板中设置任何标志吗?
"#!/bin/bash\n", "\n", "
echo 'Installing Git'\n","
yum --nogpgcheck -y install git ansible htop nano wget\n",
"wget https://s3.eu-central-1.amazonaws.com/XXX -O /root/.ssh/id_rsa\n",
"chmod 600 /root/.ssh/id_rsa\n",
"ssh-keyscan 172.31.7.235 >> /root/.ssh/known_hosts\n",
"git clone git@172.31.7.235:something/repo.git /root/repo\n",
"ansible-playbook /root/env/ansible/test.yml\n
我为自己找到了以下解决方案:
1. 将 requiretty 更改/etc/sudoers为sedrun playbooks 并将其更改回来。
"#!/bin/bash\n", "\n", "
echo 'Installing Git'\n","
yum --nogpgcheck -y install git ansible htop nano wget\n",
"wget https://s3.eu-central-1.amazonaws.com/xx/ansible -O /root/.ssh/id_rsa\n",
"chmod 600 /root/.ssh/id_rsa\n",
"ssh-keyscan 172.31.9.231 >> /root/.ssh/known_hosts\n",
"git clone git@172.31.5.254:somerepo/dev.git /root/dev\n",
"sed -i 's/Defaults requiretty/Defaults !requiretty/g' /etc/sudoers\n",
"\n",
"ansible-playbook /root/dev/env/ansible/uk.yml\n",
"\n",
"sed -i 's/Defaults !requiretty/Defaults requiretty/g' /etc/sudoers\n"
或者 2. 在 ansible playbook 中指定变量:
- name: Setup
hosts: 127.0.0.1
connection: local
sudo: {{ require_sudo }}
roles:
- generic
在 AWS Cloud Formation 模板中运行将是
"ansible-playbook -e require_sudo=False /root/dev/env/ansible/uk.yml\n"
对于ansible.cfg中的Vagrant,可以指定
require_sudo=True
另外,在 CF 模板中可以识别谁在运行以及传递变量
ansible-playbook -e$(id -u |egrep '^0$' > /dev/null && require_sudo=False || require_sudo=True; echo "require_sudo=$require_sudo") /apps/ansible/uk.yml
| 归档时间: |
|
| 查看次数: |
14232 次 |
| 最近记录: |