在Dockerfile中本地运行Ansible SSH身份验证问题

由于身份验证问题,我无法在Dockerfile中运行我的ansible playbook.

这是我的dockerfile:

FROM ubuntu:14.04
MAINTAINER hyperfocus

# Update system and install ansible
RUN apt-get -y update
RUN apt-get install -y python-yaml python-jinja2 git
RUN git clone http://github.com/ansible/ansible.git /tmp/ansible

# Set environment
WORKDIR /tmp/ansible
ENV PATH /tmp/ansible/bin:/sbin:/usr/sbin:/usr/bin
ENV ANSIBLE_LIBRARY /tmp/ansible/library
ENV PYTHONPATH /tmp/ansible/lib:$PYTHON_PATH

# Add repo key and add it to known hosts
ADD id_rsa /root/.ssh/id_rsa
RUN chmod 700 /root/.ssh/id_rsa
RUN touch /root/.ssh/known_hosts
RUN ssh-keyscan bitbucket.org >> /root/.ssh/known_hosts

# Bootstrap playbook
RUN git clone git@bitbucket.org:xxx/xxx.git /tmp/playbook
ADD hosts /etc/ansible/hosts
WORKDIR /tmp/playbook

# Bootstrap
RUN ansible-playbook /tmp/playbook/site.yml -c local -t bootstrap

# Debug
# RUN ansible all -m ping -i /etc/ansible/hosts -vvvvvv

# Container settings
EXPOSE 22 3000
ENTRYPOINT [“/usr/bin/foo”]

我的主机文件:

[web]
localhost ansible_connection=local

[database]
localhost ansible_connection=local

[cache]
localhost ansible_connection=local

输出:

PLAY [bootstrap installer] ****************************************************

GATHERING FACTS ***************************************************************
fatal: [localhost] => Authentication or permission failure.  In some cases,you may have been able to authenticate and did not have permissions on the remote directory. Consider changing the remote temp path in ansible.cfg to a path rooted in "/tmp". Failed command was: mkdir -p $HOME/.ansible/tmp/ansible-tmp-1403661775.03-87881370436819 && echo $HOME/.ansible/tmp/ansible-tmp-1403661775.03-87881370436819,exited with result 127

我在这里想念的是什么?

最佳答案
Ansible正在容器中运行,试图连接到容器,因此您需要同时授权容器和root用户.容器必须是已知主机,并且必须授权root的公钥.例如:

RUN ssh-keyscan -t rsa 127.0.0.1 >>/root/.ssh/known_hosts
RUN cat /root/.ssh/id_rsa.pub >>/root/.ssh/authorized_keys 

我正在使用Docker 1.1.2版,构建d84a070.登录到我的容器(作为root)我发现pip使用了/.pip而不是/root/.pip;虽然ssh按预期使用/root/.ssh而不是像Gekkie建议的/.ssh.

相关文章

文章浏览阅读8.8k次,点赞2次,收藏7次。本文介绍Docker Com...
文章浏览阅读1.5w次,点赞7次,收藏76次。原网提供的教程需要...
文章浏览阅读940次,点赞20次,收藏20次。通过 docker run 命...
文章浏览阅读1k次,点赞20次,收藏20次。Podman 是一个开源的...
文章浏览阅读2.1k次。请注意,这些命令需要在 Docker 主机上...
文章浏览阅读1.1k次,点赞37次,收藏40次。nacos搭建集群连接...