Ansible 因保险库而失败
Ansiblle become fails with vault
我创建了一个加密的 credent.yml 文件,内容如下:
sudo_password: whatever
我可以用 ansible-vault view credent.yml 解密,但是我不能用这个剧本来解密:
---
- name: "Ansible test localhost"
hosts: 127.0.0.1
connection: local
tasks:
- name: check file existance
ansible.builtin.stat: path=/tmp/err
register: result
- name: Print error if file does not exist
ansible.builtin.fail:
msg: "The file or directory does not exists"
when: not result.stat.exists
- name: Print debug message if it exists
ansible.builtin.debug:
msg: "The file or directory exists"
when: result.stat.exists
become: yes
vars:
ansible_become_password: '{{ sudo_password }}'
这是输出:
ansible-playbook --ask-vault-pass --extra-vars '@credent.yml' checkfile.yml
Vault password:
ERROR! We were unable to read either as JSON nor YAML, these are the errors we got from each:
JSON: No JSON object could be decoded
Syntax Error while loading YAML.
did not find expected node content
The error appears to be in '/root/test-ansible/credent.yml': line 1, column 16, but may
be elsewhere in the file depending on the exact syntax problem.
Ansible 版本:
ansible 2.9.18
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.13 (default, Aug 22 2020, 10:03:02) [GCC 6.3.0 20170516]
注意:如果我在 playbook 中设置 ansible_python_interpreter: /usr/bin/python3 它也会失败
我做错了什么?
我检查了 credent.yml 和 运行
yamllint credent.yml
告诉我语法错误。
我在文件顶部添加了 --- 并转义了特殊字符。
剧本 运行 没问题。
我创建了一个加密的 credent.yml 文件,内容如下:
sudo_password: whatever
我可以用 ansible-vault view credent.yml 解密,但是我不能用这个剧本来解密:
---
- name: "Ansible test localhost"
hosts: 127.0.0.1
connection: local
tasks:
- name: check file existance
ansible.builtin.stat: path=/tmp/err
register: result
- name: Print error if file does not exist
ansible.builtin.fail:
msg: "The file or directory does not exists"
when: not result.stat.exists
- name: Print debug message if it exists
ansible.builtin.debug:
msg: "The file or directory exists"
when: result.stat.exists
become: yes
vars:
ansible_become_password: '{{ sudo_password }}'
这是输出:
ansible-playbook --ask-vault-pass --extra-vars '@credent.yml' checkfile.yml
Vault password:
ERROR! We were unable to read either as JSON nor YAML, these are the errors we got from each:
JSON: No JSON object could be decoded
Syntax Error while loading YAML.
did not find expected node content
The error appears to be in '/root/test-ansible/credent.yml': line 1, column 16, but may
be elsewhere in the file depending on the exact syntax problem.
Ansible 版本:
ansible 2.9.18
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.13 (default, Aug 22 2020, 10:03:02) [GCC 6.3.0 20170516]
注意:如果我在 playbook 中设置 ansible_python_interpreter: /usr/bin/python3 它也会失败
我做错了什么?
我检查了 credent.yml 和 运行
yamllint credent.yml
告诉我语法错误。
我在文件顶部添加了 --- 并转义了特殊字符。
剧本 运行 没问题。