我开始使用Ansible,试图在Azure中制作vms等。
我在认证方面遇到了一些问题。这是我用来创建我认为需要的命令:
az ad sp create-for-rbac --name AzureTools --password "A Password I Made Up"
然后我使用以下内容制作了〜/ .ansible / credentials文件:
[default]
subscription_id=my-sub-id
client_id=the appId from when I ran the previous command
secret='A Password I Made Up'
tenant=the tenantid from the above command
当我尝试运行ansible playbook时,我得到了这个(提供了无效的客户端密码)请参阅下面的完整错误:
fatal: [localhost]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):\n File \"/tmp/ansible_QL57O_/ansible_module_azure_rm_virtualmachine.py\", line 1553, in <module>\n main()\n File \"/tmp/ansible_QL57O_/ansible_module_azure_rm_virtualmachine.py\", line 1550, in main\n AzureRMVirtualMachine()\n File \"/tmp/ansible_QL57O_/ansible_module_azure_rm_virtualmachine.py\", line 651, in __init__\n supports_check_mode=True)\n File \"/tmp/ansible_QL57O_/ansible_modlib.zip/ansible/module_utils/azure_rm_common.py\", line 265, in __init__\n File \"/usr/local/lib/python2.7/dist-packages/msrestazure/azure_active_directory.py\", line 440, in __init__\n self.set_token()\n File \"/usr/local/lib/python2.7/dist-packages/msrestazure/azure_active_directory.py\", line 473, in set_token\n raise_with_traceback(AuthenticationError, \"\", err)\n File \"/usr/local/lib/python2.7/dist-packages/msrest/exceptions.py\", line 48, in raise_with_traceback\n raise error\nmsrest.exceptions.AuthenticationError: , InvalidClientError: (invalid_client) AADSTS70002: Error validating credentials. AADSTS50012: Invalid client secret is provided.\r\nTrace ID: 34de605e-5d21-4be2-84c1-27759ffe0000\r\nCorrelation ID: e62ed2ee-46b8-4847-9c1d-0c1e24ab711a\r\nTimestamp: 2018-03-08 21:00:55Z\n",
"module_stdout": "",
"msg": "MODULE FAILURE",
"rc": 0
那么,我错过了什么?秘密不应该是那个密码吗?如果不是,它应该是什么?所有的文档只是说“只是把你的秘密放在这里”,但他们没有解释它是什么或它来自何处。
环境:在Azure中以虚拟机运行的Ubuntu 16.04。
ansible 2.4.3.0
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/home/path/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.12 (default, Nov 20 2017, 18:23:56) [GCC 5.4.0 20160609]
如果我错过了提供任何信息,请告诉我。
提前致谢!
答案 0 :(得分:1)
在secret
行中,您应该删除单引号。我在我的实验室测试,如果我使用单引号,我会得到相同的错误日志。
第二个问题是你应该在credentials
而不是~/.azure/credentials
中创建~/.ansible
。有关这方面的更多信息,请参阅此link。