我正在尝试创建ansible playbooks以在centos7上安装和配置kerberos。
我有一个任务,yum安装所需的rpms
body {
background-color: red;
width:3000px;
}
启动服务的任务
- name: install kerberos
yum: name={{ item }} state=present
with_items:
- krb5-server
- krb5-libs
剧本以
失败- name: start kerberos service
service: name=krb5kdc.service state=started enabled=yes
这看起来应该很简单,yum安装rpm然后启动服务,但服务单元文件甚至无法找到。我做错了什么?
为清楚起见,我使用的是ansible 2.4.2.0和centos:7.3.1611 docker base image。
修改:: yum安装步骤正在运行......
TASK [kerberos : start the systemd kerberos service] ********************************
fatal: [zen_wozniak]: FAILED! => {"changed": false, "msg": "Could not find the requested service krb5kdc.service: host"}
登录失败的ansible容器并手动启动,如下所示
TASK [kerberos : debug] ***********************************************************************************************
ok: [brave_payne] => {
"result": {
"changed": false,
"failed": false,
"results": [
{
"arch": "x86_64",
"envra": "0:krb5-server-1.15.1-8.el7.x86_64",
"epoch": "0",
"name": "krb5-server",
"release": "8.el7",
"repo": "base",
"version": "1.15.1",
"yumstate": "available"
},
{
"arch": "x86_64",
"envra": "0:krb5-server-1.15.1-8.el7.x86_64",
"epoch": "0",
"name": "krb5-server",
"release": "8.el7",
"repo": "installed",
"version": "1.15.1",
"yumstate": "installed"
}
]
}
}
是的,容器正在运行特权
[root@94e29c0e8bdd /]# systemctl status krb5kdc.service
Failed to get D-Bus connection: Operation not permitted
答案 0 :(得分:1)
这似乎是一个随机问题。到目前为止,我发现的唯一解决方法是:
systemctl daemon-reload。 要通过Ansible运行它:
ansible <host> --become -m shell -a 'systemctl daemon-reload' 更新:
使用Ansible systemd模块,您可以添加:daemon_reload: yes
答案 1 :(得分:0)
我认为问题的根源是容器没有特权,因此无法与dbus通信,这可能意味着返回到Ansible的systemd状态包含LoadState=not-found的输出中的文本systemctl show krb5kdc.service 1}}这是导致Ansible提供你所得错误的原因。