Ansible slurp模块失败并带有变量

时间:2017-11-10 02:47:00

标签: ansible slurp

当我使用带有slurp模块的src选项的Ansible变量时,slurp模块会失败。

我正在尝试构建一个Ansible playbook,将SSH公钥从组中的每个节点复制到组中的每个其他节点。我不能使用Ansible lookup()函数,因为它只能在Ansible服务器上查找文件。相反,我构建了id_rsa.pub的路径,目的是为authorized_key函数进入内存。

我的问题是,当我为slurp模块的src指定Ansible变量时,即使它列出了id_rsa.pub文件的正确路径,Playbook也会失败。如果我指定路径而不是使用变量,则slurp模块可以工作。

这是我的剧本:

# Usage: ansible-playbook copyPublicKey.yaml --limit <GRP> --extra-vars "userid=<userid>"
---
- hosts: all
  remote_user: root
  vars:
      user_id: "{{ userid }}"

  tasks:
  - name: Determine the path to the public key file
    shell: grep "{{ user_id }}" /etc/passwd | cut -d":" -f6
    changed_when: false
    register: user_home

  - set_fact:
        rsa_file: "{{ user_home.stdout_lines | to_nice_yaml | replace('\n', '') }}/.ssh/id_rsa.pub"
  - debug:
        msg: "Public key file - {{ rsa_file }}"

  - slurp:
        src: "{{ rsa_file }}"
    register: public_key
  - debug:
        msg: "Public key: {{ public_key }}"

调用:

ansible-playbook copyPublicKey.yaml --limit DEV --extra-vars "userid=deleteme2"

slurp模块的输出:

TASK: [slurp ] ****************************************************************
failed: [hana-np-11.cisco.com] => {"failed": true}
msg: file not found: - /usr/sap/DEV/home/deleteme2/.ssh/id_rsa.pub
failed: [hana-np-13.cisco.com] => {"failed": true}
msg: file not found: - /usr/sap/DEV/home/deleteme2/.ssh/id_rsa.pub
failed: [hana-np-14.cisco.com] => {"failed": true}
msg: file not found: - /usr/sap/DEV/home/deleteme2/.ssh/id_rsa.pub
failed: [hana-np-15.cisco.com] => {"failed": true}
msg: file not found: - /usr/sap/DEV/home/deleteme2/.ssh/id_rsa.pub
failed: [hana-np-12.cisco.com] => {"failed": true}
msg: file not found: - /usr/sap/DEV/home/deleteme2/.ssh/id_rsa.pub

FATAL: all hosts have already failed -- aborting

然而,如果我在slurp模块中指定实际路径:

  - slurp:
        src: /usr/sap/DEV/home/deleteme2/.ssh/id_rsa.pub

我得到了我期望的输出:

TASK: [slurp ] ****************************************************************
ok: [hana-np-11.cisco.com]
ok: [hana-np-12.cisco.com]
ok: [hana-np-15.cisco.com]
ok: [hana-np-14.cisco.com]
ok: [hana-np-13.cisco.com]

    TASK: [debug ] ****************************************************************
ok: [hana-np-11.cisco.com] => {
    "msg": "Public key: c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBQkl3QUFBUUVBbHgzM0FUdGlLcWlrblQxMWorNjZKSXVFQW1OWWxZcDdCbHIwZXBzaWRuZ3NNYW9pMjNYL1Bjb0EvdnVxYmpxbmZ0Q1YzQmhUdURYQ3BYY0FwNDF5TEF5dlIvOW8xYi9mR2VtZWtlS296ZDh5Smh5VXFMR3IvMmJ6N0N2NFdaOWVqU0dyMFlzWGNjSFNDRmYzNmJreVBPNUg5NUdZdXpGMUV2RzVVcGM3YVNXWEVpM3JWVGJETEhBVC9YTk0veXhRUEMxRjB5Vi8yRkY1WDg4SXU5U0w2TGxrVnhsMUU3VkozTm40UEQrY3RUbGxFeno3enNETWxDbXpzMW5MaHROWnFuSXRZUkhMd21WUk5VcHJvYlpyUm1YMFJVYmIwNFNVbzdBbXpBNnZNcHR1OE1aUURzUGRMckMwYWxPWnZHMHpEUi9ReDlGalh6MVRXMld5WWhZNllRPT0gYW5zaWJsZS1nZW5lcmF0ZWQgb24gaGFuYS1ucC0xMQo=..."
}
ok: [hana-np-12.cisco.com] => {
    "msg": "Public key: c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBQkl3QUFBUUVBd2hPa0FqcEhwbUU4ZEkvemR6d0I1U0htZnlpdXljd2ZmK2lDNW9KaEN4aU5ST0ZKbnVyOFArWno2K2c4Qy8waUdkNGs1ZHIwcE9IY1liWHlMeDNObHhTTWN6RnowZWNSUnMzL1FOOEQzSnBtWlR6T0JaMm1SaG1FY0hGbS9uTkh5eUZyWXlPOHlQNWpqNmxiSUlwU0lMb1BZZGJvM1dxenBGZjhiaDFlVkhRTEo2citVZzNwcUhUeWRzRDZhY3Rtc1ZvWWUvdVV6WExiYkpKbUxxdi9ZeGU4ZW9aUmtONkVqNGtaVDBibDFYUktkM0xTQlZKMHRwa3A1bVgzekxMNGVvWVEzMzMzam1qd2MzU1dWSHVObVl1b1ZsRFEvSzdoR2lFVHd5YUM3VU9hQ29pcEVnUGl5b2o3U1JpNzZCenpxV2hXc2dIbHI0REM3U0p2WFpObk9RPT0gYW5zaWJsZS1nZW5lcmF0ZWQgb24gaGFuYS1ucC0xMgo=..."
}
ok: [hana-np-13.cisco.com] => {
    "msg": "Public key: c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBQkl3QUFBUUVBemFzeitlSW9OSnc2Q3psaVVSR2NQbnMyRkVWbDRtd1RqbDJrWkYxcC9uL0d1b3RPS01vMnR2RmQrN3JmY3YrN2VSZXNtM1lldXJzOXRCQXdSVDdvbXdjckpqUkJiM2Q3UHd3MnM1OTJjb0RjdFo3aE9vL3p4S1FCeWtjaXcvejJ3U1pKWUZKdnE4eFloWkxQNmxnK01uVW1Rd0JROURhREc3MVY2VFc5cFdSM0poYk5BZ2s4bWpBYlEyQk1kK2lWOGxoOUorcWIxbGE3RVVRRGZNaUM3R0ZKVmxJUVlpdm02Q045dGZOdnJGRlNaamZ6MEZKeXhQQWd1VW05d2NUMG9lUDdEQTJTVFNZQ0trQklvRmVuTUp3eFFzNDZSclJSenlBNlErN3I3Q3g5WnpPSlQ0OGgzQnpHQkNwYnhNd0R2L1RMNjRNTDN3UGxXVng5NGZvU2NRPT0gYW5zaWJsZS1nZW5lcmF0ZWQgb24gaGFuYS1ucC0xMwo=..."
}
ok: [hana-np-14.cisco.com] => {
    "msg": "Public key: c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBQkl3QUFBUUVBd3U5V3FaZHBmSjdUZkFhNkc2V05pTkpraWVjWllObjZ4Mno2WWo3eUhsdDBrVWhoYmVXZWR4and0Ukl5d0h2UUZCU2xoVVo2V1Vhc2w0RlZsdzcrOHRGVkVIMkkwTUQ1YjN5UGFrclFhVXdxZHZ6TDEvVXpQWkJjTGU0SENmTGdLNjAxaXdncXBvdUVoRjFEdjEvVHorcTFvU0dmTTFOVjFPOFBGc1pQVjRZbVpoTC9qTVZBNE5MUzFKdXRoS1VmZlo3TmJOSk42SmdWaE14UW8vQXZIZmZvYktDUGJ1VWxDTFE0cTV6VlVTWkxyV1p3VmdncU44MkVnd0xYS00xU0IvOVQ2YmFMVXZhaDVVN0s1QjEzR0pFVXJWek1NNWZ0clpwdEo4T1N3OXUvMHJLVXlzZ0hRcUZVM0ViN0JkVkUxQVdCRXFtaW1XRFdMV3hUclJmZ053PT0gYW5zaWJsZS1nZW5lcmF0ZWQgb24gaGFuYS1ucC0xNAo=..."
}
ok: [hana-np-15.cisco.com] => {
    "msg": "Public key: c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBQkl3QUFBUUVBdWwxTjlWQkNSU3QrOG5jdTRMVUlBb2hxUEkrWmRlcEtINHlhU1BBZWtETXdkaXpLVHZRSElXdC9iVkpXUzNma3BOYjVuTXFtMkR1eFZnKzBtZmRPTTk1Q2ZsUk00ZUNON05Jb25HQTQrUGVyOXRYdlNrdFU4U0huWERsZVNNa3dybUxnQ1dQN2lwbDRTdGt1SUNGaFh1NzBkOHBEN29IeW9BZVVWWVFuYzRkZldHQStVNU1SdWNSaC9mNWhhS25pN1hpRHZ0alVTaDJHN1RpMTlIdHBvYnlQdmdNSjVnRUt2OXRlWGJ3Qk14YXZicEFiRjJVOTRRTmorKzZOYTZIaWUweS9JQzVtWDRvSmgyb2Z6bGwybjA0MHdtQWRkQS9mY1d1L0IvR3FyOWNDZlhXK0hIUU95MEJoUXNBMk54K3A1RU4rbG1iREg1TUNHTW41Y0RLVEpRPT0gYW5zaWJsZS1nZW5lcmF0ZWQgb24gaGFuYS1ucC0xNQo=..."
}

我做错了什么?关于使用Ansible变量,我不知道什么?

2 个答案:

答案 0 :(得分:1)

slurp模块因为您提供的数据不正确而失败 - 错误消息为:

  

msg:找不到文件: - /usr/sap/DEV/home/deleteme2/.ssh/id_rsa.pub

改写:

  

找不到名为“- /usr/sap/DEV/home/deleteme2/.ssh/id_rsa.pub”的文件。

很明显,这样一个带有连字符和开头空格的文件不存在且错误有效。

错误数据的原因是to_nice_yaml列表中不必要的user_home.stdout_lines过滤器(连字符是YAML中的元素标记)。

您可以安全地删除它并使用以下内容:

---
- hosts: all
  remote_user: root
  vars:
    user_id: "{{ userid }}"

  tasks:
    - name: Determine the path to the public key file
      shell: grep "{{ user_id }}" /etc/passwd | cut -d":" -f6
      changed_when: false
      register: user_home

    - slurp:
        src: "{{ user_home.stdout_lines[0] }}/.ssh/id_rsa.pub"
      register: public_key

    - debug:
        msg: "Public key: {{ public_key }}"

stdout_lines的元素没有尾随换行符,因此replace('\n', '')是不必要的,但由于它是一个列表,即使南方只有一个元素,您只需要使用{来解决第一个元素{1}}。

否则您也可以使用[0]获取值。

答案 1 :(得分:0)

在这种情况下,问题与文件名不正确有关(如techraf所述)。

但是关于我所经历的只是一个注释,当文件驻留在其权限不允许敏感用户读取内容的目录中时,slurp还会显示相同的错误“找不到文件”。虽然,它应该打印与权限相关的错误,但会显示“找不到文件”错误。