用户配置 ansible 花费的时间太长
Users provisioning with ansible takes too long
我有将用户提供给远程主机的剧本:
---
- hosts: webserver
remote_user: myuser
sudo: yes
tasks:
- name: Add ssh Users
authorized_key: user='ubuntu' key="{{ lookup('file', './keys/{{item}}.pub') }}"
with_items:
- user1
- user2
- user3
- user4
- user5
- user6
- user7
- user8
- user9
- user10
- user11
- user12
这个单一任务需要 110 秒,这非常慢。
$ ansible-playbook -i ./inventory setup_ssh.yaml -vvv
Using /vagrant/ansible.cfg as config file
1 plays in setup_ssh.yaml
...
PLAY RECAP *********************************************************************
XXX.XXX.XXX.XXX : ok=2 changed=0 unreachable=0 failed=0
Wednesday 27 July 2016 07:38:39 +0000 (0:01:50.486) 0:02:00.054 ********
===============================================================================
TASK: ssh_keys : Add ssh Users ---------------------------------------- 110.49s
TASK: setup ------------------------------------------------------------- 9.49s
查看 full log。
我尝试启用流水线,但没有帮助。
我正在使用 ansible 2.0.0.2
这是我的 ansible.cfg:
[defaults]
hostfile = inventory
host_key_checking = false
roles_path = ./roles
private_key_file = ~/.ssh/id_rsa
deprecation_warnings=False
remote_user = ubuntu
callback_whitelist = profile_tasks
pipelining = true
[ssh_connection]
ssh_args=-o ForwardAgent=yes
通过指定:
ssh_args=-o ForwardAgent=yes
您已经替换了 ansible 的默认值:
ssh_args = -o ControlMaster=auto -o ControlPersist=60s
因此禁用了 ssh 连接重用。将此选项添加到您的配置中,然后重试。
如果时间增益不够,您可能需要先在本地连接所有 .pub 文件,然后以多行字符串作为关键参数执行一次 authorized_key 模块 – 此模块可以处理它。
authorized_key 为每个用户执行原始问题中的任务,并且每次重新连接到服务器。在这种情况下,每个连接大约需要 7 秒。
首先,我尝试 并将时间减少到 运行 48 秒。我很好奇是否可以改善结果。
我使用生成所有 ssh 密钥的模板成功解决了我的问题:
---
- hosts: webserver
remote_user: myuser
sudo: yes
vars:
ssh_users: ['user1','user2','user3','user4','user5','user6','user7','user8','user9','user10','user11','user12']
tasks:
- name: Add ssh Users
template:
dest=/home/myuser/.ssh/authorized_keys
src=templates/authorized_keys
owner=myuser
group=myuser
mode=600
模板文件如下所示:
{% for user in ssh_users %}
{{ lookup('file', './keys/'+user+'.pub') }}
{% endfor %}
这是我最终的 ansible 配置:
[defaults]
hostfile = inventory
host_key_checking = false
roles_path = ./roles
private_key_file = ~/.ssh/id_rsa
deprecation_warnings=False
remote_user = ubuntu
callback_whitelist = profile_tasks
pipelining = true
[ssh_connection]
ssh_args=-o ForwardAgent=yes -o ControlMaster=auto -o ControlPersist=60s
现在看起来快多了。
$ ansible-playbook -i ./inventory setup_ssh.yaml -vv
Using /vagrant/ansible.cfg as config file
1 plays in setup_backend_test.yaml
PLAY [Configure common packages] ***********************************************
TASK [setup] *******************************************************************
Wednesday 27 July 2016 14:23:48 +0000 (0:00:00.063) 0:00:00.063 ********
ok: [XXX.XXX.XXX.XXX]
TASK [ssh_keys : Add ssh Users] ************************************************
Wednesday 27 July 2016 14:23:54 +0000 (0:00:06.025) 0:00:06.088 ********
changed: [XXX.XXX.XXX.XXX] => {"changed": true, "checksum": "3df874356f41d3dc5592441a86060d2796b4a714", "dest": "/home/myuser/.ssh/authorized_keys", "gid": 1000, "group": "myuser", "md5sum": "4c7d6c58a618a9fbd5e5ed3b29a3e7d3", "mode": "0600", "owner": "myuser", "size": 5357, "src": "/home/myuser/.ansible/tmp/ansible-tmp-1469629434.59-30865046320342/source", "state": "file", "uid": 1000}
PLAY RECAP *********************************************************************
XXX.XXX.XXX.XXX : ok=2 changed=1 unreachable=0 failed=0
Wednesday 27 July 2016 14:24:02 +0000 (0:00:07.855) 0:00:13.944 ********
===============================================================================
TASK: ssh_keys : Add ssh Users ------------------------------------------ 7.85s
TASK: setup ------------------------------------------------------------- 6.03s
我有将用户提供给远程主机的剧本:
---
- hosts: webserver
remote_user: myuser
sudo: yes
tasks:
- name: Add ssh Users
authorized_key: user='ubuntu' key="{{ lookup('file', './keys/{{item}}.pub') }}"
with_items:
- user1
- user2
- user3
- user4
- user5
- user6
- user7
- user8
- user9
- user10
- user11
- user12
这个单一任务需要 110 秒,这非常慢。
$ ansible-playbook -i ./inventory setup_ssh.yaml -vvv
Using /vagrant/ansible.cfg as config file
1 plays in setup_ssh.yaml
...
PLAY RECAP *********************************************************************
XXX.XXX.XXX.XXX : ok=2 changed=0 unreachable=0 failed=0
Wednesday 27 July 2016 07:38:39 +0000 (0:01:50.486) 0:02:00.054 ********
===============================================================================
TASK: ssh_keys : Add ssh Users ---------------------------------------- 110.49s
TASK: setup ------------------------------------------------------------- 9.49s
查看 full log。
我尝试启用流水线,但没有帮助。
我正在使用 ansible 2.0.0.2 这是我的 ansible.cfg:
[defaults]
hostfile = inventory
host_key_checking = false
roles_path = ./roles
private_key_file = ~/.ssh/id_rsa
deprecation_warnings=False
remote_user = ubuntu
callback_whitelist = profile_tasks
pipelining = true
[ssh_connection]
ssh_args=-o ForwardAgent=yes
通过指定:
ssh_args=-o ForwardAgent=yes
您已经替换了 ansible 的默认值:
ssh_args = -o ControlMaster=auto -o ControlPersist=60s
因此禁用了 ssh 连接重用。将此选项添加到您的配置中,然后重试。
如果时间增益不够,您可能需要先在本地连接所有 .pub 文件,然后以多行字符串作为关键参数执行一次 authorized_key 模块 – 此模块可以处理它。
authorized_key 为每个用户执行原始问题中的任务,并且每次重新连接到服务器。在这种情况下,每个连接大约需要 7 秒。
首先,我尝试
---
- hosts: webserver
remote_user: myuser
sudo: yes
vars:
ssh_users: ['user1','user2','user3','user4','user5','user6','user7','user8','user9','user10','user11','user12']
tasks:
- name: Add ssh Users
template:
dest=/home/myuser/.ssh/authorized_keys
src=templates/authorized_keys
owner=myuser
group=myuser
mode=600
模板文件如下所示:
{% for user in ssh_users %}
{{ lookup('file', './keys/'+user+'.pub') }}
{% endfor %}
这是我最终的 ansible 配置:
[defaults]
hostfile = inventory
host_key_checking = false
roles_path = ./roles
private_key_file = ~/.ssh/id_rsa
deprecation_warnings=False
remote_user = ubuntu
callback_whitelist = profile_tasks
pipelining = true
[ssh_connection]
ssh_args=-o ForwardAgent=yes -o ControlMaster=auto -o ControlPersist=60s
现在看起来快多了。
$ ansible-playbook -i ./inventory setup_ssh.yaml -vv
Using /vagrant/ansible.cfg as config file
1 plays in setup_backend_test.yaml
PLAY [Configure common packages] ***********************************************
TASK [setup] *******************************************************************
Wednesday 27 July 2016 14:23:48 +0000 (0:00:00.063) 0:00:00.063 ********
ok: [XXX.XXX.XXX.XXX]
TASK [ssh_keys : Add ssh Users] ************************************************
Wednesday 27 July 2016 14:23:54 +0000 (0:00:06.025) 0:00:06.088 ********
changed: [XXX.XXX.XXX.XXX] => {"changed": true, "checksum": "3df874356f41d3dc5592441a86060d2796b4a714", "dest": "/home/myuser/.ssh/authorized_keys", "gid": 1000, "group": "myuser", "md5sum": "4c7d6c58a618a9fbd5e5ed3b29a3e7d3", "mode": "0600", "owner": "myuser", "size": 5357, "src": "/home/myuser/.ansible/tmp/ansible-tmp-1469629434.59-30865046320342/source", "state": "file", "uid": 1000}
PLAY RECAP *********************************************************************
XXX.XXX.XXX.XXX : ok=2 changed=1 unreachable=0 failed=0
Wednesday 27 July 2016 14:24:02 +0000 (0:00:07.855) 0:00:13.944 ********
===============================================================================
TASK: ssh_keys : Add ssh Users ------------------------------------------ 7.85s
TASK: setup ------------------------------------------------------------- 6.03s