如何让 Ansible 使用与 SSH 代理打包程序启动时相同的 SSH 端口?
How do I get Ansible to use the same SSH port as the SSH proxy packer has launched?
我 运行 在 docker 容器内打包,以在 AWS 中配置 windows 服务器。我正在使用 winrm 连接到加壳器构建器,但是当 运行 在我的加壳器构建中执行 ansible playbook 步骤时,我 运行 遇到了问题。
似乎加壳器启动了一个 ssh 代理,然后通过 winrm 将命令转发到我的远程机器(来自日志):
packer: 2017/11/09 09:33:37 SSH proxy: serving on 127.0.0.1:45145
再往下一点,我看到了这个:
<127.0.0.1> ESTABLISH SSH CONNECTION FOR USER: root[0m
<127.0.0.1> SSH: EXEC ssh -C -o ControlMaster=auto
-o ControlPersist=60s
-o StrictHostKeyChecking=no
-o 'IdentityFile="/tmp/ansible-key835953388"'
-o KbdInteractiveAuthentication=no
-o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
-o PasswordAuthentication=no
-o User=root
-o ConnectTimeout=10
-o ControlPath=/root/.ansible/cp/842df7d42c 127.0.0.1 'PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand <redacted>'
<127.0.0.1> (255, '', 'ssh: connect to host 127.0.0.1 port 22: Connection refused\r\n')
我看到一个明显的问题:
"SSH proxy: serving on 127.0.0.1:45145" ---> "ssh: connect to host 127.0.0.1 port 22"
Packer 每次都使用 'random' 端口 - 而 ansible 使用默认端口。
如何让加壳器使用与ansible相同的端口?
看来我只需要为加壳器提供一个配置设置:
https://www.packer.io/docs/provisioners/ansible.html#local_port
local_port (string) - The port on which to attempt to listen for SSH connections. This value is a starting point. The provisioner will attempt listen for SSH connections on the first available of ten ports, starting at local_port. A system-chosen port is used when local_port is missing or empty.
我 运行 在 docker 容器内打包,以在 AWS 中配置 windows 服务器。我正在使用 winrm 连接到加壳器构建器,但是当 运行 在我的加壳器构建中执行 ansible playbook 步骤时,我 运行 遇到了问题。
似乎加壳器启动了一个 ssh 代理,然后通过 winrm 将命令转发到我的远程机器(来自日志):
packer: 2017/11/09 09:33:37 SSH proxy: serving on 127.0.0.1:45145
再往下一点,我看到了这个:
<127.0.0.1> ESTABLISH SSH CONNECTION FOR USER: root[0m
<127.0.0.1> SSH: EXEC ssh -C -o ControlMaster=auto
-o ControlPersist=60s
-o StrictHostKeyChecking=no
-o 'IdentityFile="/tmp/ansible-key835953388"'
-o KbdInteractiveAuthentication=no
-o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
-o PasswordAuthentication=no
-o User=root
-o ConnectTimeout=10
-o ControlPath=/root/.ansible/cp/842df7d42c 127.0.0.1 'PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand <redacted>'
<127.0.0.1> (255, '', 'ssh: connect to host 127.0.0.1 port 22: Connection refused\r\n')
我看到一个明显的问题:
"SSH proxy: serving on 127.0.0.1:45145" ---> "ssh: connect to host 127.0.0.1 port 22"
Packer 每次都使用 'random' 端口 - 而 ansible 使用默认端口。
如何让加壳器使用与ansible相同的端口?
看来我只需要为加壳器提供一个配置设置:
https://www.packer.io/docs/provisioners/ansible.html#local_port
local_port (string) - The port on which to attempt to listen for SSH connections. This value is a starting point. The provisioner will attempt listen for SSH connections on the first available of ten ports, starting at local_port. A system-chosen port is used when local_port is missing or empty.