Ansible не может подключиться к удаленному хосту через ssh - PullRequest
Новая
       12

Ansible не может подключиться к удаленному хосту через ssh

1 голос
/ 17 апреля 2020

Я пытаюсь использовать jenkins для автоматизации конфигурации моих серверов. Для этого я использую Ansible.

. Для подключения к моему серверу я использую s sh -агентный плагин .

При выполнении простого задания от jenkins я вижу, что соединение s sh работает правильно: 

Running as SYSTEM
Building in workspace /var/jenkins_home/workspace/test ssh
[ssh-agent] Looking for ssh-agent implementation...
[ssh-agent]   Exec ssh-agent (binary ssh-agent on a remote machine)
$ ssh-agent
SSH_AUTH_SOCK=/tmp/ssh-4XDUsG0J48a3/agent.2046
SSH_AGENT_PID=2049
[ssh-agent] Started.
Running ssh-add (command line suppressed)
Identity added: /var/jenkins_home/workspace/test ssh@tmp/private_key_1209322285087807037.key (jaep@emmanuels-mbp.lan)
[ssh-agent] Using credentials ubuntu
[test ssh] $ /bin/sh -xe /tmp/jenkins3316727259326040096.sh
+ ssh ubuntu@192.168.50.10 uname -n
dummy-node-01
$ ssh-agent -k
unset SSH_AUTH_SOCK;
unset SSH_AGENT_PID;
echo Agent pid 2049 killed;
[ssh-agent] Stopped.
Finished: SUCCESS

Но когда я пытаюсь использовать тот же метод с Ansible, соединение не устанавливается: 

Running as SYSTEM
Building in workspace /var/jenkins_home/workspace/test ansible
[ssh-agent] Looking for ssh-agent implementation...
[ssh-agent]   Exec ssh-agent (binary ssh-agent on a remote machine)
$ ssh-agent
SSH_AUTH_SOCK=/tmp/ssh-mBo76NlvAkNi/agent.2587
SSH_AGENT_PID=2590
[ssh-agent] Started.
Running ssh-add (command line suppressed)
Identity added: /var/jenkins_home/workspace/test ansible@tmp/private_key_1675485652255015509.key (jaep@emmanuels-mbp.lan)
[ssh-agent] Using credentials ubuntu
using credential 8b7b07f7-7e7f-4419-bcc6-2810ff21dec8
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
...
[test ansible] $ /bin/sh -xe /tmp/shiningpanda4284977286200997881.sh
+ pip3 install -r requirements.txt
...
+ ansible-playbook playbooks/main.yml -i inventory/local
PLAY [dev] *********************************************************************

TASK [Gathering Facts] *********************************************************
fatal: [192.168.50.10]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.50.10' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey).", "unreachable": true}
ok: [localhost]

TASK [ping the hosts] **********************************************************
ok: [localhost]

PLAY RECAP *********************************************************************
192.168.50.10              : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0   
localhost                  : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

Build step 'Virtualenv Builder' marked build as failure
$ ssh-agent -k
unset SSH_AUTH_SOCK;
unset SSH_AGENT_PID;
echo Agent pid 2590 killed;
[ssh-agent] Stopped.
Finished: FAILURE

При попытке выполнить тот же процесс без s sh -агента, я получаю то же сообщение об ошибке: 

Running as SYSTEM
Building in workspace /var/jenkins_home/workspace/test ansible
using credential 8b7b07f7-7e7f-4419-bcc6-2810ff21dec8
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
...
[test ansible] $ /bin/sh -xe /tmp/shiningpanda3043667756031558264.sh
+ pip3 install -r requirements.txt
...
+ ansible-playbook playbooks/main.yml -i inventory/local

PLAY [dev] *********************************************************************

TASK [Gathering Facts] *********************************************************
fatal: [192.168.50.10]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.50.10' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey).", "unreachable": true}
ok: [localhost]

TASK [ping the hosts] **********************************************************
ok: [localhost]

PLAY RECAP *********************************************************************
192.168.50.10              : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0   
localhost                  : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

Build step 'Virtualenv Builder' marked build as failure
Finished: FAILURE

Похоже, агент s sh не учитывается при установлении соединения s sh.

My ansible .cfg выглядит следующим образом: 

[defaults]
roles_path = ./roles
host_key_checking = False
retry_files_enabled = False
inventory = ./inventory/local

[ssh_connection]
ssh_args = -o ForwardAgent=yes -o ControlMaster=auto -o ControlPersist=60s  -o UserKnownHostsFile=/dev/null -o IdentitiesOnly=yes

У меня действительно заканчиваются идеи здесь ... Любые предложения?

...