使用 remote_src 时,Ansible 副本不会保留模式 "preserve" 的原始权限
Ansible copy does not retain original permissions with mode "preserve" when using remote_src
我正在使用 Ansible 2.8.5(目标服务器是 Red Hat 4.8.5-39)。我正在从 GitLab 复制一些 files/directories 到几个远程主机。
我首先将初始副本复制到共享位置(因此 run_once: true):
- name: "Copy/Transfer application, configuration, and support file(s)"
block:
- name: "Copying application build"
copy:
dest: "{{ path_tmp }}/{{ CI_PIPELINE_ID }}/"
mode: "0755"
src: "{{ CI_PROJECT_DIR }}/build/libs/{{ artifact_id }}.war"
run_once: true
- name: "Copying (template) configuration and support file(s)"
template:
dest: "{{ path_tmp }}/{{ CI_PIPELINE_ID }}/{{ item.dest }}"
mode: "0644"
src: "{{ item.src }}"
run_once: true
with_items:
- { dest: "config/logback.xml", src: "logback.xml.j2" }
- { dest: "{{ artifact_id }}.conf", src: "{{ artifact_id }}.conf.j2" }
...然后将文件复制到每个主机上的所需位置:
- name: "Deploy/Install new application"
block:
# All this Jiu Jitsu just to clear {{ path_home }}/ directory
- name: "Collecting current directories and/or files inside {{ path_home }}/"
find:
file_type: any
hidden: yes
paths: "{{ path_home }}/"
register: collected_items
- name: "Removing current directories and/or files inside {{ path_home }}/"
file:
path: "{{ item.path }}"
state: absent
with_items: "{{ collected_items.files }}"
- name: "Copying new application, configuration, and support files"
copy:
dest: "{{ path_home }}/"
mode: preserve
remote_src: yes
src: "{{ path_tmp }}/{{ CI_PIPELINE_ID }}/"
...
问题是文件权限没有得到 "honored",我不想定义几个步骤来纠正这个问题。这就是 files/directories 最初被复制的方式(以及我想要的方式):
[deployer@unix core]$ ll -AR 41397/
41397/:
total 51M
drwxr-xr-x. 3 tomcat 4.0K Oct 11 11:23 .
drwxr-xr-x. 5 tomcat 4.0K Oct 11 11:22 ..
drwxr-xr-x. 2 tomcat 4.0K Oct 11 11:23 config
-rw-r--r--. 1 tomcat 1.2K Oct 11 11:23 core.conf
-rwxr-xr-x. 1 tomcat 50M Oct 11 11:23 core.war
41397/config:
total 12K
drwxr-xr-x. 2 tomcat 4.0K Oct 11 11:23 .
drwxr-xr-x. 3 tomcat 4.0K Oct 11 11:23 ..
-rw-r--r--. 1 tomcat 1.6K Oct 11 11:23 logback.xml
...这是使用 remote_src: yes:
复制后的样子
[deployer@unix core]$ ll -AR /data/st01/apps/core/
/data/st01/apps/core/:
total 50M
drwxr-xr-x. 3 tomcat 4.0K Oct 11 11:23 .
drwxr-xr-x. 3 tomcat 4.0K Oct 9 16:36 ..
drwxr-xr-x. 2 tomcat 4.0K Oct 11 11:23 config
-rw-r-----. 1 tomcat 1.2K Oct 11 11:23 core.conf
-rw-r-----. 1 tomcat 50M Oct 11 11:23 core.war
/data/st01/apps/core/config:
total 12K
drwxr-xr-x. 2 tomcat 4.0K Oct 11 11:23 .
drwxr-xr-x. 3 tomcat 4.0K Oct 11 11:23 ..
-rw-r--r--. 1 tomcat 1.6K Oct 11 11:23 logback.xml
是否可以使用 remote_src: yes 并保留原有的 file/directories 权限? copy module 的文档是这样说的,但我可能遗漏了一些东西。
ansible 文档说
remote_src 从版本 2.8 开始支持递归复制。
remote_src 仅适用于版本 2.6
的 mode=preserve
您要么需要将系统降级到 ansible 2.6,要么尝试给予 'mode' 所需的权限(例如 0644 或 01777)
我的另一个解决方案是使用 synchronize 模块 因为我没有很多文件 到 copy/move:
- name: "Copy latest application build, configuration, and support file(s)"
synchronize:
delete: yes
dest: "{{ app_path }}/latest/"
recursive: yes
src: "{{ tmp_path }}/{{ PIPELINE_ID }}/"
delegate_to: "{{ inventory_hostname }}"
我正在使用 Ansible 2.8.5(目标服务器是 Red Hat 4.8.5-39)。我正在从 GitLab 复制一些 files/directories 到几个远程主机。
我首先将初始副本复制到共享位置(因此 run_once: true):
- name: "Copy/Transfer application, configuration, and support file(s)"
block:
- name: "Copying application build"
copy:
dest: "{{ path_tmp }}/{{ CI_PIPELINE_ID }}/"
mode: "0755"
src: "{{ CI_PROJECT_DIR }}/build/libs/{{ artifact_id }}.war"
run_once: true
- name: "Copying (template) configuration and support file(s)"
template:
dest: "{{ path_tmp }}/{{ CI_PIPELINE_ID }}/{{ item.dest }}"
mode: "0644"
src: "{{ item.src }}"
run_once: true
with_items:
- { dest: "config/logback.xml", src: "logback.xml.j2" }
- { dest: "{{ artifact_id }}.conf", src: "{{ artifact_id }}.conf.j2" }
...然后将文件复制到每个主机上的所需位置:
- name: "Deploy/Install new application"
block:
# All this Jiu Jitsu just to clear {{ path_home }}/ directory
- name: "Collecting current directories and/or files inside {{ path_home }}/"
find:
file_type: any
hidden: yes
paths: "{{ path_home }}/"
register: collected_items
- name: "Removing current directories and/or files inside {{ path_home }}/"
file:
path: "{{ item.path }}"
state: absent
with_items: "{{ collected_items.files }}"
- name: "Copying new application, configuration, and support files"
copy:
dest: "{{ path_home }}/"
mode: preserve
remote_src: yes
src: "{{ path_tmp }}/{{ CI_PIPELINE_ID }}/"
...
问题是文件权限没有得到 "honored",我不想定义几个步骤来纠正这个问题。这就是 files/directories 最初被复制的方式(以及我想要的方式):
[deployer@unix core]$ ll -AR 41397/
41397/:
total 51M
drwxr-xr-x. 3 tomcat 4.0K Oct 11 11:23 .
drwxr-xr-x. 5 tomcat 4.0K Oct 11 11:22 ..
drwxr-xr-x. 2 tomcat 4.0K Oct 11 11:23 config
-rw-r--r--. 1 tomcat 1.2K Oct 11 11:23 core.conf
-rwxr-xr-x. 1 tomcat 50M Oct 11 11:23 core.war
41397/config:
total 12K
drwxr-xr-x. 2 tomcat 4.0K Oct 11 11:23 .
drwxr-xr-x. 3 tomcat 4.0K Oct 11 11:23 ..
-rw-r--r--. 1 tomcat 1.6K Oct 11 11:23 logback.xml
...这是使用 remote_src: yes:
[deployer@unix core]$ ll -AR /data/st01/apps/core/
/data/st01/apps/core/:
total 50M
drwxr-xr-x. 3 tomcat 4.0K Oct 11 11:23 .
drwxr-xr-x. 3 tomcat 4.0K Oct 9 16:36 ..
drwxr-xr-x. 2 tomcat 4.0K Oct 11 11:23 config
-rw-r-----. 1 tomcat 1.2K Oct 11 11:23 core.conf
-rw-r-----. 1 tomcat 50M Oct 11 11:23 core.war
/data/st01/apps/core/config:
total 12K
drwxr-xr-x. 2 tomcat 4.0K Oct 11 11:23 .
drwxr-xr-x. 3 tomcat 4.0K Oct 11 11:23 ..
-rw-r--r--. 1 tomcat 1.6K Oct 11 11:23 logback.xml
是否可以使用 remote_src: yes 并保留原有的 file/directories 权限? copy module 的文档是这样说的,但我可能遗漏了一些东西。
ansible 文档说
remote_src 从版本 2.8 开始支持递归复制。 remote_src 仅适用于版本 2.6
的 mode=preserve您要么需要将系统降级到 ansible 2.6,要么尝试给予 'mode' 所需的权限(例如 0644 或 01777)
我的另一个解决方案是使用 synchronize 模块 因为我没有很多文件 到 copy/move:
- name: "Copy latest application build, configuration, and support file(s)"
synchronize:
delete: yes
dest: "{{ app_path }}/latest/"
recursive: yes
src: "{{ tmp_path }}/{{ PIPELINE_ID }}/"
delegate_to: "{{ inventory_hostname }}"