我有两个云形成模板(YML)文件。我希望Ansible的 cloudformation 模块可以配置它们中的每一个,但是它不起作用。
下面的代码
roles/patching-cf-ssm/tasks/main.yml
---
# tasks file for patching-cf-ssm
- name: create a cloudformation stack
cloudformation:
#aws_access_key: "{{ assumed_role.sts_creds.access_key }}"
#aws_secret_key: "{{ assumed_role.sts_creds.secret_key }}"
#security_token: "{{ assumed_role.sts_creds.session_token }}"
stack_name: "ansible-cloudformation"
state: "present"
disable_rollback: true
template: "roles/patching-cf-ssm/files/{{ item }}"
with_file:
- PatchBaseline.yml
- MaintenanceWindow.yml
#environment:
#AWS_ACCESS_KEY_ID: "{{ assumed_role.sts_creds.access_key }}"
#AWS_SECRET_ACCESS_KEY: "{{ assumed_role.sts_creds.secret_key }}"
#AWS_SECURITY_TOKEN: "{{ assumed_role.sts_creds.session_token }}"
...
我遇到如下错误:
File "/tmp/ansible_cloudformation_payload_3Xbko8/ansible_cloudformation_payload.zip/ansible/modules/cloud/amazon/cloudformation.py", line 819, in <module>
File "/tmp/ansible_cloudformation_payload_3Xbko8/ansible_cloudformation_payload.zip/ansible/modules/cloud/amazon/cloudformation.py", line 678, in main
IOError: [Errno 36] File name too long: 'roles/patching-cf-ssm/files/AWSTemplateFormatVersion: 2010-09-09\nDescription: >-\n Creating Maintenance Window for Non-Production Windows Server Patching.\nResources:\n MaintenanceWindow:\n Type: AWS::SSM::MaintenanceWindow\n Properties:\n AllowUnassociatedTargets: false\n Cutoff: 1\n Description: Maintenance Window to update SSM Agent\n Duration: 6\n Name: MaintenanceWindowCFN\n Schedule: "cron(0 45 09 ? * TUE *)"\n ScheduleTimezone: "Australia/Melbourne"\n MaintenanceWindowTarget:\n Type: AWS::SSM::MaintenanceWindowTarget\n Properties:\n WindowId: !Ref MaintenanceWindow\n ResourceType: INSTANCE\n Targets:\n - Key: tag:Patch Group\n Values:\n - Group A\n OwnerInformation: SSM Target\n Name: SSMMaintenanceWindow\n Description: A target for demonstrating maintenance windows \n DependsOn: MaintenanceWindow\n MaintenanceWindowTask:\n Type: AWS::SSM::MaintenanceWindowTask\n Properties:\n WindowId: !Ref MaintenanceWindow\n Targets: \n - Key: WindowTargetIds\n Values:\n - !Ref MaintenanceWindowTarget\n TaskArn: AWS-RunPatchBaseline\n TaskType: RUN_COMMAND\n TaskInvocationParameters:\n MaintenanceWindowRunCommandParameters:\n Parameters:\n Operation:\n - Install\n Priority: 1\n MaxConcurrency: 2\n MaxErrors: 1\n Name: RegistrationTaskwithTargets\n DependsOn: MaintenanceWindowTarget'
failed: [localhost] (item=AWSTemplateFormatVersion: 2010-09-09
Description: >-
Creating Maintenance Window for Non-Production Windows Server Patching.
Resources:
MaintenanceWindow:
Type: AWS::SSM::MaintenanceWindow
Properties:
AllowUnassociatedTargets: false
Cutoff: 1
Description: Maintenance Window to update SSM Agent
Duration: 6
Name: MaintenanceWindowCFN
Schedule: "cron(0 45 09 ? * TUE *)"
ScheduleTimezone: "Australia/Melbourne"
MaintenanceWindowTarget:
Type: AWS::SSM::MaintenanceWindowTarget
Properties:
WindowId: !Ref MaintenanceWindow
ResourceType: INSTANCE
Targets:
- Key: tag:Patch Group
Values:
- Group A
OwnerInformation: SSM Target
Name: SSMMaintenanceWindow
Description: A target for demonstrating maintenance windows
DependsOn: MaintenanceWindow
MaintenanceWindowTask:
Type: AWS::SSM::MaintenanceWindowTask
Properties:
WindowId: !Ref MaintenanceWindow
Targets:
- Key: WindowTargetIds
Values:
- !Ref MaintenanceWindowTarget
TaskArn: AWS-RunPatchBaseline
TaskType: RUN_COMMAND
TaskInvocationParameters:
MaintenanceWindowRunCommandParameters:
Parameters:
Operation:
- Install
Priority: 1
MaxConcurrency: 2
MaxErrors: 1
Name: RegistrationTaskwithTargets
DependsOn: MaintenanceWindowTarget) => {
"ansible_loop_var": "item",
"changed": false,
"item": "AWSTemplateFormatVersion: 2010-09-09\nDescription: >-\n Creating Maintenance Window for Non-Production Windows Server Patching.\nResources:\n MaintenanceWindow:\n Type: AWS::SSM::MaintenanceWindow\n Properties:\n AllowUnassociatedTargets: false\n Cutoff: 1\n Description: Maintenance Window to update SSM Agent\n Duration: 6\n Name: MaintenanceWindowCFN\n Schedule: \"cron(0 45 09 ? * TUE *)\"\n ScheduleTimezone: \"Australia/Melbourne\"\n MaintenanceWindowTarget:\n Type: AWS::SSM::MaintenanceWindowTarget\n Properties:\n WindowId: !Ref MaintenanceWindow\n ResourceType: INSTANCE\n Targets:\n - Key: tag:Patch Group\n Values:\n - Group A\n OwnerInformation: SSM Target\n Name: SSMMaintenanceWindow\n Description: A target for demonstrating maintenance windows \n DependsOn: MaintenanceWindow\n MaintenanceWindowTask:\n Type: AWS::SSM::MaintenanceWindowTask\n Properties:\n WindowId: !Ref MaintenanceWindow\n Targets: \n - Key: WindowTargetIds\n Values:\n - !Ref MaintenanceWindowTarget\n TaskArn: AWS-RunPatchBaseline\n TaskType: RUN_COMMAND\n TaskInvocationParameters:\n MaintenanceWindowRunCommandParameters:\n Parameters:\n Operation:\n - Install\n Priority: 1\n MaxConcurrency: 2\n MaxErrors: 1\n Name: RegistrationTaskwithTargets\n DependsOn: MaintenanceWindowTarget",
"module_stderr": "Traceback (most recent call last):\n File \"/home/ansible/.ansible/tmp/ansible-tmp-1594131096.31-26760-86736344792660/AnsiballZ_cloudformation.py\", line 102, in <module>\n _ansiballz_main()\n File \"/home/ansible/.ansible/tmp/ansible-tmp-1594131096.31-26760-86736344792660/AnsiballZ_cloudformation.py\", line 94, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/home/ansible/.ansible/tmp/ansible-tmp-1594131096.31-26760-86736344792660/AnsiballZ_cloudformation.py\", line 40, in invoke_module\n runpy.run_module(mod_name='ansible.modules.cloud.amazon.cloudformation', init_globals=None, run_name='__main__', alter_sys=True)\n File \"/usr/lib64/python2.7/runpy.py\", line 188, in run_module\n fname, loader, pkg_name)\n File \"/usr/lib64/python2.7/runpy.py\", line 82, in _run_module_code\n mod_name, mod_fname, mod_loader, pkg_name)\n File \"/usr/lib64/python2.7/runpy.py\", line 72, in _run_code\n exec code in run_globals\n File \"/tmp/ansible_cloudformation_payload_3Xbko8/ansible_cloudformation_payload.zip/ansible/modules/cloud/amazon/cloudformation.py\", line 819, in <module>\n File \"/tmp/ansible_cloudformation_payload_3Xbko8/ansible_cloudformation_payload.zip/ansible/modules/cloud/amazon/cloudformation.py\", line 678, in main\nIOError: [Errno 36] File name too long: 'roles/patching-cf-ssm/files/AWSTemplateFormatVersion: 2010-09-09\\nDescription: >-\\n Creating Maintenance Window for Non-Production Windows Server Patching.\\nResources:\\n MaintenanceWindow:\\n Type: AWS::SSM::MaintenanceWindow\\n Properties:\\n AllowUnassociatedTargets: false\\n Cutoff: 1\\n Description: Maintenance Window to update SSM Agent\\n Duration: 6\\n Name: MaintenanceWindowCFN\\n Schedule: \"cron(0 45 09 ? * TUE *)\"\\n ScheduleTimezone: \"Australia/Melbourne\"\\n MaintenanceWindowTarget:\\n Type: AWS::SSM::MaintenanceWindowTarget\\n Properties:\\n WindowId: !Ref MaintenanceWindow\\n ResourceType: INSTANCE\\n Targets:\\n - Key: tag:Patch Group\\n Values:\\n - Group A\\n OwnerInformation: SSM Target\\n Name: SSMMaintenanceWindow\\n Description: A target for demonstrating maintenance windows \\n DependsOn: MaintenanceWindow\\n MaintenanceWindowTask:\\n Type: AWS::SSM::MaintenanceWindowTask\\n Properties:\\n WindowId: !Ref MaintenanceWindow\\n Targets: \\n - Key: WindowTargetIds\\n Values:\\n - !Ref MaintenanceWindowTarget\\n TaskArn: AWS-RunPatchBaseline\\n TaskType: RUN_COMMAND\\n TaskInvocationParameters:\\n MaintenanceWindowRunCommandParameters:\\n Parameters:\\n Operation:\\n - Install\\n Priority: 1\\n MaxConcurrency: 2\\n MaxErrors: 1\\n Name: RegistrationTaskwithTargets\\n DependsOn: MaintenanceWindowTarget'\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
要进行进一步添加,是否只有在PatchBaseline.yml成功的情况下才可以供应MaintenanceWindow.yml?
如果您尚未创建补丁程序基准,我问的原因是没有必要创建MaintenanceWindow。