我是Ansible的新手,并且在与库存文件相结合的情况下与Ansible保险库斗争。
我想要实现的是更新三台机器的剧本。其中两台机器需要密码(sudo),所以我可以成为root。
所以这是我的剧本......
---
- name: update all hosts, make sure default software is installed
hosts:
- vhosts
- physical
vars_files:
- 'vars/main.yml'
tasks:
- name: Update apt cache
apt: update_cache=yes
- name: Upgrade packages
apt: upgrade=dist
...这是我的库存(文件名inventory),密码仍然是纯文本:
[vhosts]
10.0.0.1 ansible_user=root
[physical]
10.0.0.200 ansible_user=xxx ansible_become=yes ansible_become_method=sudo ansible_become_pass=secretpassword1
10.0.0.201 ansible_user=yyy ansible_become=yes ansible_become_method=sudo ansible_become_pass=secretpassword2
这很好。
原因我不想在广告资源中使用secretpassword1或secretpassword2。所以我创建了一个保管库(存储在文件vars/main.yml中,看起来像这样:
---
- vars:
pass1:secretpassword1
pass2:secretpassword2
我将库存文件更改为:
[vhosts]
10.0.0.1 ansible_user=root
[physical]
10.0.0.200 ansible_user=xxx ansible_become=yes ansible_become_method=sudo ansible_become_pass="{{ pass1 }}"
10.0.0.201 ansible_user=yyy ansible_become=yes ansible_become_method=sudo ansible_become_pass="{{ pass2 }}"
现在当我尝试用ansible-playbook update.yml -i inventory --ask-vault-pass执行善意时,我收到以下错误:
fatal: [10.0.0.200]: FAILED! => {"msg": "The field 'become_pass' has an invalid value, which includes an undefined variable. The error was: 'pass1' is undefined\nexception type: <class 'ansible.errors.AnsibleUndefinedVariable'>\nexception: 'pass1' is undefined"}
fatal: [10.0.0.201]: FAILED! => {"msg": "The field 'become_pass' has an invalid value, which includes an undefined variable. The error was: 'pass2' is undefined\nexception type: <class 'ansible.errors.AnsibleUndefinedVariable'>\nexception: 'pass2' is undefined"}
好像我无法正确定义变量。但我完全不知道如何这样做。如果有人能帮助我,我会非常高兴。感谢。
答案 0 :(得分:2)
使您的保管库文件如下所示:
---
pass1: secretpassword1
pass2: secretpassword2
您的错误: