I am trying to transfer key from ansible control node to remote node using authorized_key module. Below is my ansible playbook.
- name: ssh
hosts: temp1
remote_user: <username>
become: true
tasks:
- name: ssh
authorized_key:
user:
state: present
key: "{{ lookup('file', '/home/<username>/.ssh/id_rsa.pub') }}"
manage_dir: yes
become: yes
Error:
fatal: []: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: #: Permission denied (publickey).",
"unreachable": true }
PLAY RECAP
********************************************************************************************************** : ok=0 changed=0 unreachable=1
failed=0 skipped=0 rescued=0 ignored=0
As per my understanding the function of a authorized_key module is to copy public key from control node and paste it into the authrozied_keys files of the remote node so SSH connection can be established without manually copying the public key from one server to the other. I confirm that the user I am using has SUDO privilege on both side of VM.
I a really appreciate any help on this.
Related
I've been wanting to try out Ansible modules available for Netbox [1].
However, I find myself stuck right in the beginning.
Here's what I've tried:
Add prefix/VLAN to netbox [2]:
cat setup-vlans.yml
---
- hosts: netbox
tasks:
- name: Create prefix 192.168.10.0/24 in Netbox
netbox_prefix:
netbox_token: "{{ netbox_token }}"
netbox_url: "{{ netbox_url }}"
data:
prefix: 192.168.10.0/24
state: present
That gives me the following error:
ansible-playbook setup-vlans.yml
PLAY [netbox] *********************************************************************************************************************************
TASK [Gathering Facts] ************************************************************************************************************************
ok: [NETBOX]
TASK [Create prefix 192.168.10.0/24 in Netbox] ************************************************************************************************
fatal: [NETBOX]: FAILED! => {"changed": false, "msg": "Failed to establish connection to Netbox API"}
PLAY RECAP ************************************************************************************************************************************
NETBOX : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
Can someone please point me where I am going wrong?
Note: The NetBox URL is an https://url setup with nginx and netbox-docker [3].
Thanks & Regards,
Sana
[1] https://github.com/netbox-community/ansible_modules
[2] https://docs.ansible.com/ansible/latest/modules/netbox_prefix_module.html
[3]
https://github.com/netbox-community/netbox-docker
I had the same. Apparently the pynetbox api has changed in instantiation (ssl_verify is now replaced by requests session parameters).
I had to force ansible galaxy to update to the latest netbox module with:
ansible-galaxy collection install netbox.netbox -f
The force option did the trick for me.
All playbooks using API modules like netbox (but this is the same for gcp or aws) must use as host not the target but the host that will execute the playbook to call the API. Most of the time this is localhost, but that can be also a dedicated node like a bastion.
You can see in the example on the documentation you linked that it uses hosts: localhost.
Hence I think your playbook should be
---
- hosts: localhost
connection: local
gather_facts: False
tasks:
- name: Create prefix 192.168.10.0/24 in Netbox
netbox_prefix:
netbox_token: "{{ netbox_token }}"
netbox_url: "{{ netbox_url }}"
data:
prefix: 192.168.10.0/24
state: present
My hosts file
[all]
192.168.77.10
192.168.77.11
192.1680.77.12
And here is my playbook.yml
---
- hosts: all
tasks:
- name: Add the Google signing key
apt_key : url=https://packages.cloud.google.com/apt/doc/apt-key.gpg state=present
- name: Add the k8s APT repo
apt_repository: repo='deb http://apt.kubernetes.io/ kubernetes-xenial main' state=present
- name: Install packages
apt :
name: "{{ packages }}"
vars:
packages:
- vim
- htop
- tmux
- docker.io
- kubelet
- kubeadm
- kubectl
- kubernetes-cni
When I run
ansible-playbook -i hosts playbook.yml
unexpected authentication problem occurs.
The authenticity of host '192.168.77.11 (192.168.77.11)' can't be established.
ECDSA key fingerprint is SHA256:mgX/oadP2cL6g33u7xzrEblvga9CGfpW13K2YUdeKsE.
Are you sure you want to continue connecting (yes/no)? The authenticity of host '192.168.77.10 (192.168.77.10)' can't be established.
ECDSA key fingerprint is SHA256:ayWHzp/yquIuQxw7MKGR0+NbtrzHY86Z8PdIPv7r6og.
Are you sure you want to continue connecting (yes/no)? fatal: [192.1680.77.12]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname 192.1680.77.12: Name or service not known\r\n", "unreachable": true}
^C [ERROR]: User interrupted execution
I am following the example from DevOps book,I reproduced the original code. MY OS is Ubuntu 18.04.
telnet hosts
telnet: could not resolve hosts/telnet: Temporary failure in name resolution
VM ls output
vagrant#ubuntu-bionic:~$ ls
hosts playbook.retry playbook.yml
I edited /etc/ansible/ansible.cfg by ading False option.
Anyway it does not work again
fatal: [192.1680.77.12]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname 192.1680.77.12: Name or service not known\r\n", "unreachable": true}
fatal: [192.168.77.10]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.77.10' (ECDSA) to the list of known hosts.\r\nvagrant#192.168.77.10: Permission denied (publickey).\r\n", "unreachable": true}
fatal: [192.168.77.11]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.77.11' (ECDSA) to the list of known hosts.\r\nvagrant#192.168.77.11: Permission denied (publickey).\r\n", "unreachable": true}
to retry, use: --limit #/home/vagrant/playbook.retry
PLAY RECAP *************************************************************************************************************************************************************************************************
192.168.77.10 : ok=0 changed=0 unreachable=1 failed=0
192.168.77.11 : ok=0 changed=0 unreachable=1 failed=0
192.1680.77.12 : ok=0 changed=0 unreachable=1 failed=0
How to resolve this issue?
You have several options. One is of course to SSH to the hosts and add them to the known hosts files of your Ansible servers. Another option is to set the environment variable ANSIBLE_HOST_KEY_CHECKING to false. A third option is to use the ansible.cfg config file:
[defaults]
host_key_checking = False
See the official documentation.
Could someone please help me to write ansible inventory file to connect to bitbucket - clone a file and place into ansible machine.
Playbook
---
- hosts: bitbucketURL
tasks:
- git:
repo: https://p-bitbucket.com:5999/projects/VIT/repos/sample-playbooks/browse/hello.txt
dest: /home/xxx/demo/output/
Inventory file
[bitbucketURL]
p-bitbucket.com:5999
[bitbucketURL:vars]
ansible_connection=winrm
ansible_user=xxx
ansible_pass=<passwd>
I am getting error while using this playbook and inventory file
-bash-4.2$ ansible-playbook -i inv demo_draft1.yml
PLAY [bitbucketURL] *****************************************************************************************************************************************
TASK [Gathering Facts] **************************************************************************************************************************************
fatal: [p-bitbucket.nl.eu.abnamro.com]: UNREACHABLE! => {"changed": false, "msg": "ssl: auth method ssl requires a password", "unreachable": true}
to retry, use: --limit #/home/c55016a/demo/demo_draft1.retry
PLAY RECAP **************************************************************************************************************************************************
p-bitbucket.nl.eu.abnamro.com : ok=0 changed=0 unreachable=1 failed=0
Please help me write a proper inventory file with correct parameters
You need no inventory at all. All you need to do is to set the play to execute on localhost:
---
- hosts: localhost
connection: local
gather_facts: false
tasks:
- git:
repo: https://p-bitbucket.com:5999/projects/VIT/repos/sample-playbooks/browse/hello.txt
dest: /home/xxx/demo/output/
That said, URL should point to Git repository, not a single file (if hello.txt is a single file).
I am getting error while trying to retrieve the key values from consul kv store.
we have key values are stored under config/app-name/ folder. there are many keys. I want to retrieve all the key values from the consul using ansible.
But getting following error:
PLAY [Adding host to inventory] **********************************************************************************************************************************************************
TASK [Adding new host to inventory] ******************************************************************************************************************************************************
changed: [localhost]
PLAY [Testing consul kv] *****************************************************************************************************************************************************************
TASK [show the lookups] ******************************************************************************************************************************************************************
fatal: [server1]: FAILED! => {"failed": true, "msg": "{{lookup('consul_kv','config/app-name/')}}: An unhandled exception occurred while running the lookup plugin 'consul_kv'. Error was a <class 'ansible.errors.AnsibleError'>, original message: Error locating 'config/app-name/' in kv store. Error was 500 No known Consul servers"}
PLAY RECAP *******************************************************************************************************************************************************************************
server1 : ok=0 changed=0 unreachable=0 failed=1
localhost : ok=1 changed=1 unreachable=0 failed=0
Here is the code i am trying.
---
- name: Adding host to inventory
hosts: localhost
tasks:
- name: Adding new host to inventory
add_host:
name: "{{ target }}"
- name: Testing consul kv
hosts: "{{ target }}"
vars:
kv_info: "{{lookup('consul_kv','config/app-name/')}}"
become: yes
tasks:
- name: show the lookups
debug: msg="{{ kv_info }}"
but removing folder and adding folder are working well. but getting the key values from consul cluster is throwing error. please suggest some better way here.
- name: remove folder from the store
consul_kv:
key: 'config/app-name/'
value: 'removing'
recurse: true
state: absent
- name: add folder to the store
consul_kv:
key: 'config/app-name/'
value: 'adding'
I tried this but still the same error.
---
- name: Adding host to inventory
hosts: localhost
environment:
ANSIBLE_CONSUL_URL: "http://consul-1.abcaa.com"
tasks:
- name: Adding new host to inventory
add_host:
name: "{{ target }}"
- name: show the lookups
debug: kv_info= "{{lookup('consul_kv','config/app-name/')}}"
All lookup plugins in Ansible are always evaluated on localhost, see docs:
Note:
Lookups occur on the local computer, not on the remote computer.
I guess you expect kv_info to be populated by executing consul fetch from
{{ target }} server.
But this lookup is actually executed on your Ansible control host (localhost), and if you have no ANSIBLE_CONSUL_URL set, you get No known Consul servers error.
When you use consul_kv module (to create/delete folders), it is executed on {{ target }} host in contrast to consul_kv lookup plugin.
---
- hosts: my-host
tasks:
- vsphere_guest:
vcenter_hostname: vcenter.mydomain.local
username: myuser
password: mypass
guest: newvm001
vmware_guest_facts: yes
When I run this playbook, I get this error
PLAY [my-host]
TASK [setup]
******************************************************************* ok: [19.3.112.97 ]
TASK [vsphere_guest]
*********************************************************** fatal: [19.3.112.97 ]: FAILED! => {"changed": false, "failed": true, "msg":
"pysphere module required"}
NO MORE HOSTS LEFT
************************************************************* [WARNING]: Could not create retry file 'createvms.retry'.
[Errno 2] No such file or directory: ''
PLAY RECAP
19.3.112.97 : ok=1 changed=0 unreachable=0 failed=1
Why do I get this error? I have uninstalled and installed pysphere. I have used previous and current versions of it but I still get this error.
You usually want to run cloud/VM management modules from your control machine (localhost).
This would look like this:
---
- hosts: localhost
connection: local
tasks:
- vsphere_guest:
vcenter_hostname: vcenter.mydomain.local
username: myuser
password: mypass
guest: newvm001
vmware_guest_facts: yes
In this case ansible use PySphere installed on your control host to connect to vcenter.mydomain.local and provision VMs.
In your example PySphere should be installed on 19.3.112.97 and vcenter.mydomain.local should be accessible from that host.