Ansible - 运行 使用 systemd 的剧本(.service 文件)
Ansible - Run playbooks using systemd (.service files)
我想通过服务启动一个ansible playbook。
问题是,如果我尝试在 .service 文件的帮助下启动特定的 playbook,则会发生异常。
通过命令行正常执行不会抛出任何异常。
具体错误如下:
ESTABLISH LOCAL CONNECTION FOR USER: build
EXEC /bin/sh -c '( umask 77 && mkdir -p "echo /tmp"&& mkdir "echo /tmp/ansible-tmp-1628159196.970389-90181-42979741793270" && echo ansible-tmp-1628159196.970389-90181-42979741793270="echo /tmp/ansible-tmp-1628159196.970389-90181-42979741793270" ) && sleep 0'
fatal: [Ares]: UNREACHABLE! => changed=false
msg: 'Failed to create temporary directory.In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in "/tmp", for more error information use -vvv. Failed command was: ( umask 77 && mkdir -p "echo /tmp"&& mkdir "echo /tmp/ansible-tmp-1628159196.970389-90181-42979741793270" && echo ansible-tmp-1628159196.970389-90181-42979741793270="echo /tmp/ansible-tmp-1628159196.970389-90181-42979741793270" ), exited with result 127'
unreachable: true'
我试过以下方法:
- Authentication or permission failure, did not have permissions on the remote directory
- https://github.com/ansible/ansible/issues/43830
- 一般是在寻找答案,但我能找到的只是将
remote_config 更改为 /tmp
- 正在将 /tmp 文件夹的权限更改为 777
- 将服务的用户更改为
build 和 root
- 将服务组更改为
build 和 root
当前配置:
remote_tmp设置为/tmp
/tmp 的权限是:drwxrwxrwt. 38 root root
这是我正在启动的服务:
[Unit]
Description=Running vmware in a service
After=network.target
[Service]
User=build
Group=build
WorkingDirectory=/home/build/dev/sol_project_overview/ansible-interface
Environment="PATH=/home/build/dev/sol_project_overview/ansible-interface/venv/bin"
ExecStart=/home/build/dev/sol_project_overview/ansible-interface/venv/bin/ansible-playbook ./playbooks/get_vm_data_playbook.yml --vault-password-file password.txt -vvv
[Install]
WantedBy=multi-user.target
抛出此异常的确切 ansible 任务:
- name: Write Disks Data to file
template:
src: template.j2
dest: /home/build/dev/sol_project_overview/tmp/vm_data
delegate_to: localhost
run_once: yes
通常我会通过这个服务文件 运行 一个 python 脚本,当满足特殊条件时会调用 ansible。但是服务启动的 python 脚本也会出现同样的错误。
所有这些让我认为问题出在 .service 文件上...我只是不知道是什么。
感谢任何帮助。
编辑:SELinux 被禁用
所以我发现了问题:
使用 -vvvv => 4 * verbose 进行调试时,您会得到更准确的错误消息:
"msg": "Failed to create temporary directory.In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in "/tmp", for more error information use -vvv. Failed command was: ( umask 77 && mkdir -p "echo /tmp/.ansible/tmp"&& mkdir "echo /tmp/.ansible/tmp/ansible-tmp-1629205650.8804808-397364-56399467035196" && echo ansible-tmp-1629205650.8804808-397364-56399467035196="echo /tmp/.ansible/tmp/ansible-tmp-1629205650.8804808-397364-56399467035196" ), exited with result 127**, stderr output: /bin/sh: mkdir: command not found\n",**
在最后一部分有这样的信息:,stderr 输出:/bin/sh: mkdir: command not found\n",
所以在谷歌搜索后我意识到问题出在我在 .service 文件中设置的那个“PATH”变量。
这就是问题所在:
Environment="PATH=/home/build/dev/sol_project_overview/ansible-interface/venv/bin"
它找不到 mkdir,因为“mkdir”所在的“bin”文件夹没有在“PATH”变量中指定
剩下要做的就是正确更改服务的 PATH 变量。为此,我在相应虚拟环境处于活动状态时从相应的虚拟环境中获取了 PATH 变量。
教训:如果您正在使用虚拟环境并希望使用其环境中的服务,则将 PATH 变量更改为虚拟机的变量。
我想通过服务启动一个ansible playbook。
问题是,如果我尝试在 .service 文件的帮助下启动特定的 playbook,则会发生异常。
通过命令行正常执行不会抛出任何异常。
具体错误如下:
ESTABLISH LOCAL CONNECTION FOR USER: build
EXEC /bin/sh -c '( umask 77 && mkdir -p "
echo /tmp"&& mkdir "echo /tmp/ansible-tmp-1628159196.970389-90181-42979741793270" && echo ansible-tmp-1628159196.970389-90181-42979741793270="echo /tmp/ansible-tmp-1628159196.970389-90181-42979741793270" ) && sleep 0' fatal: [Ares]: UNREACHABLE! => changed=false
msg: 'Failed to create temporary directory.In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in "/tmp", for more error information use -vvv. Failed command was: ( umask 77 && mkdir -p "
echo /tmp"&& mkdir "echo /tmp/ansible-tmp-1628159196.970389-90181-42979741793270" && echo ansible-tmp-1628159196.970389-90181-42979741793270="echo /tmp/ansible-tmp-1628159196.970389-90181-42979741793270" ), exited with result 127'
unreachable: true'
我试过以下方法:
- Authentication or permission failure, did not have permissions on the remote directory
- https://github.com/ansible/ansible/issues/43830
- 一般是在寻找答案,但我能找到的只是将
remote_config更改为/tmp - 正在将 /tmp 文件夹的权限更改为 777
- 将服务的用户更改为
build和root - 将服务组更改为
build和root
当前配置:
remote_tmp设置为/tmp
/tmp 的权限是:drwxrwxrwt. 38 root root
这是我正在启动的服务:
[Unit]
Description=Running vmware in a service
After=network.target
[Service]
User=build
Group=build
WorkingDirectory=/home/build/dev/sol_project_overview/ansible-interface
Environment="PATH=/home/build/dev/sol_project_overview/ansible-interface/venv/bin"
ExecStart=/home/build/dev/sol_project_overview/ansible-interface/venv/bin/ansible-playbook ./playbooks/get_vm_data_playbook.yml --vault-password-file password.txt -vvv
[Install]
WantedBy=multi-user.target
抛出此异常的确切 ansible 任务:
- name: Write Disks Data to file
template:
src: template.j2
dest: /home/build/dev/sol_project_overview/tmp/vm_data
delegate_to: localhost
run_once: yes
通常我会通过这个服务文件 运行 一个 python 脚本,当满足特殊条件时会调用 ansible。但是服务启动的 python 脚本也会出现同样的错误。
所有这些让我认为问题出在 .service 文件上...我只是不知道是什么。
感谢任何帮助。
编辑:SELinux 被禁用
所以我发现了问题:
使用 -vvvv => 4 * verbose 进行调试时,您会得到更准确的错误消息:
"msg": "Failed to create temporary directory.In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in "/tmp", for more error information use -vvv. Failed command was: ( umask 77 && mkdir -p "
echo /tmp/.ansible/tmp"&& mkdir "echo /tmp/.ansible/tmp/ansible-tmp-1629205650.8804808-397364-56399467035196" && echo ansible-tmp-1629205650.8804808-397364-56399467035196="echo /tmp/.ansible/tmp/ansible-tmp-1629205650.8804808-397364-56399467035196" ), exited with result 127**, stderr output: /bin/sh: mkdir: command not found\n",**
在最后一部分有这样的信息:,stderr 输出:/bin/sh: mkdir: command not found\n",
所以在谷歌搜索后我意识到问题出在我在 .service 文件中设置的那个“PATH”变量。
这就是问题所在:
Environment="PATH=/home/build/dev/sol_project_overview/ansible-interface/venv/bin"
它找不到 mkdir,因为“mkdir”所在的“bin”文件夹没有在“PATH”变量中指定
剩下要做的就是正确更改服务的 PATH 变量。为此,我在相应虚拟环境处于活动状态时从相应的虚拟环境中获取了 PATH 变量。
教训:如果您正在使用虚拟环境并希望使用其环境中的服务,则将 PATH 变量更改为虚拟机的变量。