Ansible在本地和远程主机之间的SSH授权

时间:2016-02-18 16:45:28

标签: ssh ansible ssh-keys openssh lxc

我有一个带有centos 7的Vagrant盒子,我正在创建LXC容器。一个Ansible在Vagrant框中运行。我使用Ansible创建容器,如下所示:

- name: Create containers
  lxc_container:
    name: localdev_nginx
    container_log: true
    template: centos
    container_config:
      - 'lxc.network.ipv4 = 192.168.42.110/24'
      - 'lxc.network.ipv4.gateway = 192.168.42.1'
    container_command: |
        yum -y install openssh-server
        echo "Som*th1ng" | passwd root --stdin
        ssh-keygen -b 2048 -t rsa -f /root/.ssh/id_rsa -q -N ""
    state: started

这是为我创建容器,但在此之后我无法从Ansible访问容器。就好像我把容器ssh pubkey带到像这样的Vagrant known_hosts:

- name: Tell the host about our servers it might want to ssh to
  shell: ssh-keyscan -t rsa 192.168.42.110 >> /root/.ssh/known_hosts

如果我在Ansible主机文件中添加容器root密码,如下所示:

[dev-webservers]
loc-dev-www1.internavenue.com hostname=loc-dev-www1.internavenue.com ansible_ssh_host=192.168.42.110  ansible_connection=ssh  ansible_user=root   ansible_ssh_pass=Som*th1ng

我希望它有更好的解决方案,因为非常糟糕。我该怎么办呢?

1 个答案:

答案 0 :(得分:0)

我使用此标记将Vagrant框公钥复制到容器的authorized_keys和主机中:

ansible_ssh_extra_args="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"

仅允许来自Ansible> 2.0

相关问题
最新问题