如何在Ansible

时间:2016-02-01 14:16:06

标签: ssh key ansible

我有一个ansible库存,看起来像:

# Create an OSEv3 group that contains the masters and nodes groups
[OSEv3:children]
masters
nodes

# Set variables common for all OSEv3 hosts
[OSEv3:vars]
# SSH user, this user should allow ssh based auth without requiring a password
ansible_ssh_user=centos

# If ansible_ssh_user is not root, ansible_sudo must be set to true
ansible_sudo=true

product_type=openshift
deployment_type=enterprise

# uncomment the following to enable htpasswd authentication; defaults to DenyAllPasswordIdentityProvider
#openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/openshift/openshift-passwd'}]

# host group for masters
[masters]
master.example.com

# host group for nodes, includes region info
[nodes]
master.example.com openshift_node_labels="{'region': 'infra', 'zone': 'default'}"
node1.example.com openshift_node_labels="{'region': 'primary', 'zone': 'east'}"
node2.example.com openshift_node_labels="{'region': 'primary', 'zone': 'west'}"

现在我需要密钥才能使主机可以访问ansible。 我有2把钥匙。一个用于我的主人,一个用于我的节点。如何更改此脚本以告知ansible必须使用哪个密钥?

脚本将在我的主人身上执行。我的主人包含/root/.ssh/

中的2个键

目前我只在private_key_file/etc/ansible/ansible.cfg,但只能为Ansible配置一个标准密钥。

1 个答案:

答案 0 :(得分:2)

您可以在广告资源中定义behavioral parameters。在每个主机后面或在单独的<struts> <constant name="struts.objectFactory" value="spring" /> <constant name="struts.convention.result.path" value="/jsp/" /> <constant name="struts.convention.default.parent.package" value="app-pkg" /> <constant name="struts.ui.theme" value="simple" /> <constant name="struts.custom.i18n.resources" value="messages" /> <constant name="struts.devMode" value="${struts.mode}" /> <constant name="struts.convention.package.locators" value="ihm,actions" /> <!-- <constant name="struts.multipart.saveDir" value="" /> --> <constant name="struts.multipart.maxSize" value="10000000" /> <package name="app-pkg" extends="json-default,struts-default"> <interceptors> <interceptor name="exception" class="amundi.sits.myApp.web.utils.interceptor.ExceptionLoggingInterceptor" /> <interceptor name="i18n" class="amundi.sits.myApp.web.utils.interceptor.I18nInterceptor" /> <!-- Basic Stack --> <interceptor-stack name="appBasicStack"> <interceptor-ref name="exception"> <param name="logEnabled">true</param> <param name="logLevel">ERROR</param> </interceptor-ref> <interceptor-ref name="i18n" /> <interceptor-ref name="fileUpload"/> <interceptor-ref name="servletConfig" /> <interceptor-ref name="prepare"> <param name="excludeMethods">search*</param> </interceptor-ref> <interceptor-ref name="checkbox" /> <interceptor-ref name="multiselect" /> <interceptor-ref name="actionMappingParams" /> <interceptor-ref name="params"> <param name="excludeParams">dojo\..*,^struts\..*</param> </interceptor-ref> </interceptor-stack> <interceptor-stack name="appStack"> <interceptor-ref name="appBasicStack" /> <interceptor-ref name="conversionError" /> <interceptor-ref name="validation" /> <interceptor-ref name="workflow" /> </interceptor-stack> <interceptor-stack name="annotatedStack"> <interceptor-ref name="i18n" /> <interceptor-ref name="params" /> <interceptor-ref name="conversionError" /> <interceptor-ref name="annotationWorkflow" /> </interceptor-stack> <!-- Stack basique qui priorise les params sur le prepare --> <interceptor-stack name="paramsFirstStack"> <interceptor-ref name="i18n" /> <interceptor-ref name="exception"> <param name="logEnabled">true</param> <param name="logLevel">ERROR</param> </interceptor-ref> <interceptor-ref name="checkbox" /> <interceptor-ref name="params"> <param name="excludeParams">dojo\..*,^struts\..*</param> </interceptor-ref> <interceptor-ref name="servletConfig" /> <interceptor-ref name="prepare" /> <interceptor-ref name="actionMappingParams" /> </interceptor-stack> <!-- Stack Json validation --> <interceptor-stack name="jsonValidationStack"> <interceptor-ref name="appBasicStack" /> <interceptor-ref name="validation"> <param name="excludeMethods">input,back,cancel</param> </interceptor-ref> <interceptor-ref name="jsonValidation" /> <interceptor-ref name="workflow" /> </interceptor-stack> </interceptors> <default-interceptor-ref name="appStack" /> <global-results> <result name="exception">/jsp/view/error/error.jsp</result> <result name="login" type="redirect">/Login.action</result> <result name="accessdenied" type="redirectAction"> <param name="actionName">security/access/accessDenied.action</param> <param name="namespace">/</param> </result> </global-results> <global-exception-mappings> <exception-mapping exception="java.lang.Throwable" result="exception" /> </global-exception-mappings> </package> 部分中。由于您有多个共享相同密钥的节点,后者更有意义:

group:vars
相关问题
最新问题