无法通过REST API调用执行Ansible剧本

时间:2019-05-16 16:04:02

标签: python flask ansible gunicorn

我将Gunicorn用作wsgi,将Flask用作Web框架。 Flask位于Gunicorn的后面,Gunicorn由systemd管理,用于启动,停止和传递环境变量。

我有一个Flask路由,它接收端口列表和一个主机名作为JSON对象。然后将这些数据传递给一个函数,该函数从Jinja2模板构建Ansible剧本。生成的剧本将在AWS中部署资源,因此可以使用 localhost connection = local

然后将剧本传递给以下代码:

def ansible_part(**kwargs):

    p = kwargs.pop('playbook', None)
    h = kwargs.pop('hosts', None)
    group = kwargs.pop('group', None)
    p = p.split('.')
    p.insert(1, '_' + group + '.')
    p = ''.join(p)
    playbook_path = p
    inventory_path = h
    try:
        Options = namedtuple('Options', ['connection', 'module_path', 'forks', 'become', 'become_method', 'become_user', 'check', 'diff', 'listhosts', 'listtasks', 'listtags', 'syntax'])
        loader = DataLoader()
        options = Options(connection='local', module_path='%s/' % (ROOT_DIR), forks=100, become=None, become_method=None, become_user=None, check=False,
                    diff=False, listhosts=False, listtasks=False, listtags=False, syntax=False)
        passwords = dict(vault_pass='secret')
        inventory = InventoryManager(loader=loader, sources=[inventory_path])
        variable_manager = VariableManager(loader=loader, inventory=inventory)
        executor = PlaybookExecutor(  
                playbooks=[playbook_path], inventory=inventory, variable_manager=variable_manager, loader=loader,  
                options=options, passwords=passwords)  
        results = executor.run()  
    except Exception as e:
        import traceback
        logger.error(traceback.format_exc())

通过systemd运行此文件,尽管一切都在本地,但Ansible尝试写入 remote_tmp 似乎存在某种权限问题。

这是Ansible日志中的错误(更改远程温度没有影响):

fatal: [127.0.0.1]: UNREACHABLE! => {"changed": false, "msg": "Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in \"/tmp\". Failed command was: ( umask 77 && mkdir -p \"` echo /root/.ansible/tmp/ansible-tmp-1557947091.84-58355327375919 `\" && echo ansible-tmp-1557947091.84-58355327375919=\"` echo /root/.ansible/tmp/ansible-tmp-1557947091.84-58355327375919 `\" ), exited with result 127", "unreachable": true}

如果我在systemd之外执行以下操作,则运行正常:

nohup /opt/proxy_scaler/proxy_scaler_env/bin/gunicorn proxy_scaler:app -b 0.0.0.0:8700 --timeout 30 -k gevent -w 1 -k eventlet &

我试图找出解决权限问题的方法,或者找出有效地以哪个用户身份运行并适当地设置权限范围。

0 个答案:

没有答案
相关问题
最新问题