问题描述
我正在尝试针对 aws ec2 实例运行 awx 作业,但我不断收到警告“[警告] 无法匹配提供的主机模式,忽略:security_groups_webservers”。如果我从命令行运行相同的剧本,它有效。
版本:
awx: 17.0.1 (same problem on 15.0.1)
ansible: 2.9.17
ansible.cfg
[defaults]
inventory = /opt/ansible/inventory/aws_ec2.yml
enable_plugins = aws_ec2
host_key_checking = false
private_key_file = [the key identified on the EC2 instance]
remote_user = ubuntu
作业清单/opt/ansible/inventory/aws_ec2.yml:
plugin: aws_ec2
regions:
- us-east-2
strict: false
keyed_groups:
- key: tags
prefix: tag
- key: placement.region
prefix: aws_region
- key: 'security_groups|json_query("[].group_name")'
prefix: 'security_groups'
hostnames:
- ip-address
- dns-name
- tag:Name
- private-ip-address
请注意以下主机是如何按 IP 地址而不是公共 dns 名称列出的。这是因为上述清单文件“aws_ec2.yml”的“主机名”部分。主机名部分在优先级列表中告诉 ansible-inventory,如何显示主机。
ansible-inventory --graph
@all:
|--@aws_ec2:
| |--###.###.166.103
| |--###.###.76.94
| @aws_region_us_east_2:
| |--###.###.166.103
| |--###.###.76.94
| @security_groups_dbservers:
| |--###.###.166.103
| @security_groups_webservers:
| |--###.###.76.94
...
一个名为“ping.yml”的简单 ping 手册
---
- hosts:
- security_groups_dbservers
- security_groups_webservers
tasks:
- name: ping hosts
ping:
从命令行运行剧本:
ansible-playbook ping.yml
PLAY [security_groups_dbservers,security_groups_webservers]****
TASK [Gathering Facts] ****************************************
ok: [###.###.76.94]
ok: [###.###.166.103]
TASK [ping hosts] *********************************************
ok: [###.###.76.94]
ok: [###.###.166.103]
PLAY RECAP ****************************************************
###.###.166.103 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
###.###.76.94 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
AWX 项目详情:
Name: ping-project
Organization: Default
Source Control Credential Type: Manual
Project Base Path: /var/lib/awx/projects
Playbook directory: lab1
库存:
Name: aws-ec2-inventory
Organization: Default
库存来源:(同步)
Name: aws-ec2-source
Source: Amazon EC2
Credential: aws-iam-user
Overwrite: (checked)
库存主机:
ec2-###-###-166-103.us-east-2.compute.amazonaws.com
ec2-###-###-76-94.us-east-2.compute.amazonaws.com
这是出现问题的第一个迹象。主机按其 dns 名称列出。如果 awx 使用与 ansible-inventory 相同的清单文件,它们将显示为 IP 地址。
以下是其中一位主持人的 AWX 详细信息(事实):
...
network_interfaces:
- association:
...
groups:
group_name: dbservers
...
...
security_groups:
group_name: dbservers
...
显然没有将 aws_ec2 插件中生成的 'security_groups_dbservers' 组与上述 security_groups.group_name: dbservers 相关联。所以我想我必须将剧本中的组名转换为 awx 术语。问题是,如何?
凭据:
(AWS IAM user)
Name: aws-iam-user
Orgainzation: Default
Credential Type: Amazon Web Services
Access Key: [aws iam user's ACCESS key]
Secret Key: [aws iam user's SECRET key]
(AWS Ubuntu t2.micro instance)
Name: ubuntu-machine-ssh
Organization: Default
Credential Type: Machine
Username: ubuntu
SSH Private Key: [the key identified on the EC2 instance]
AWX 作业模板:
Name: ping-hosts
Job Type: Run
Inventory: aws-ec2-inventory
Project: ping-project
Playbook: ping.yml
Credentials: ubuntu-machine-ssh
输出:
Identity added: /tmp/awx_288_j3vtwbvj/artifacts/288/ssh_key_data
(/tmp/awx_288_j3vtwbvj/artifacts/288/ssh_key_data)
[WARNING]: Could not match supplied host pattern,ignoring:
security_groups_dbservers
[WARNING]: Could not match supplied host pattern,ignoring:
security_groups_webservers
PLAY [security_groups_dbservers,security_groups_webservers] ********************
skipping: no hosts matched
PLAY RECAP *********************************************************************
调试输出:
Using /tmp/awx_288_j3vtwbvj/project/ansible.cfg as config file
host_list declined parsing /tmp/awx_288_j3vtwbvj/tmpbc_m8p2g as it did
not pass its verify_file() method
这里让我印象深刻的是,它说“host_list”模块拒绝解析。但是在 ansible.cfg 中,'aws_ec2' 插件是启用的,它应该将它放在 'inventories' 列表中,以便与 'host_list' 模块一起检查。它说'aws_ec2'插件甚至没有被检查。
有什么建议吗?
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)