Shell 명령어를 통해 원격 GCP 서버에서 Ansible 실행

tag-icon tag-icon ansible
Shell 명령어를 통해 원격 GCP 서버에서 Ansible 실행

3개의 Linux 서버 A, B, C가 있습니다. A는 모든 개발자가 사용하는 곳이고, B는 플레이북이 있는 Ansible 서버이며, C는 특정 작업을 실행하는 데 필요한 대상 서버입니다.

이것은 연극의 뼈대입니다 - play.yml:

---
- name: get inst info
  hosts: localhost
  connection: local
  gather_facts: no

  tasks:

    - debug: msg="Before going to {{ target_instance }}"

- hosts: "{{ target_instance }}"
  become: yes
  become_user: root

  tasks:

  - debug: msg="In {{ target_instance }}"

A에서는 다음 명령을 실행합니다.

user_a@A~$ ssh B "cd <ansible_playbook_dir>; ansible-playbook play.yml -e \"target_instance=wolf\""

그리고 출력:

PLAY [get inst info] ********************************************************************************************************************************************************************************************************************

TASK [Involve general variables] ********************************************************************************************************************************************************************************************************
Thursday 04 November 2021  23:08:00 +0000 (0:00:00.023)       0:00:00.023 ***** 
ok: [localhost]

TASK [Involve prodcopy variables] *******************************************************************************************************************************************************************************************************
Thursday 04 November 2021  23:08:00 +0000 (0:00:00.021)       0:00:00.045 ***** 
ok: [localhost]

TASK [debug] ****************************************************************************************************************************************************************************************************************************
Thursday 04 November 2021  23:08:01 +0000 (0:00:00.019)       0:00:00.065 ***** 
ok: [localhost] => {
    "msg": "Before going to wolf"
}

PLAY [wolf] *************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************************************************************************************************************
Thursday 04 November 2021  23:08:01 +0000 (0:00:00.077)       0:00:00.143 ***** 
ok: [wolf]

TASK [debug] ****************************************************************************************************************************************************************************************************************************
Thursday 04 November 2021  23:08:02 +0000 (0:00:01.877)       0:00:02.021 ***** 
ok: [wolf] => {
    "msg": "In wolf"
}

PLAY RECAP ******************************************************************************************************************************************************************************************************************************
localhost                  : ok=3    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
wolf                       : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

Thursday 04 November 2021  23:08:02 +0000 (0:00:00.031)       0:00:02.052 ***** 
===============================================================================

그러나 SSH 키 비밀번호를 사용하여 사용자와 동일한 명령을 실행하면

user_b@A~$ ssh B "cd <ansible_playbook_dir; ansible-playbook play.yml -e \"target_instance=wolf\""

SSH 오류가 발생합니다.

PLAY [get inst info] ***********************************************************

TASK [Involve general variables] ***********************************************
Thursday 04 November 2021  23:00:42 +0000 (0:00:00.025)       0:00:00.025 ***** 
ok: [localhost]

TASK [Involve prodcopy variables] **********************************************
Thursday 04 November 2021  23:00:42 +0000 (0:00:00.039)       0:00:00.065 ***** 
ok: [localhost]

TASK [debug] *******************************************************************
Thursday 04 November 2021  23:00:42 +0000 (0:00:00.037)       0:00:00.103 ***** 
ok: [localhost] => {
    "msg": "Before going to wolf"
}

PLAY [wolf] ****************************************************************

TASK [Gathering Facts] *********************************************************
Thursday 04 November 2021  23:00:42 +0000 (0:00:00.048)       0:00:00.151 ***** 
fatal: [wolf]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: user_b@wolf: Permission denied (publickey).", "unreachable": true}

PLAY RECAP *********************************************************************
localhost                  : ok=3    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
wolf                       : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0   

Thursday 04 November 2021  23:00:42 +0000 (0:00:00.066)       0:00:00.218 ***** 
===============================================================================

user_b에 대해 A와 B에 키체인을 설정했습니다.

어쨌든 SSH 키 비밀번호를 가진 사용자가 이 기능을 사용할 수 있도록 할 수 있습니까?

감사해요!

관련 정보