У меня установлен Ansible 2.6.20 на Oracle Linux 6.10 с Python 2.6.6, и я пытаюсь настроить машины IBM с AIX 7.2 с Python 2.7.15 в кластере HACMP.
Запуск ansible в консольном режиме или ansible-playbook на выделенном узле работает нормально, но если я пытаюсь запустить с IP-адресом службы кластера, я получаю ошибку целевой недоступности.
+--------> node A 10.1.1.11 => connection o.k.
/
Ansible host 10.1.2.10 -----------> cluster service ip 10.1.1.10 => connection failure
\
+--------> node B 10.1.1.12 => connection o.k.
Вот сообщение об ошибке Ansible (отформатированное) с замененными именами пользователей и серверов в целях безопасности.
16:02:11 [/home/_ansible_/ansible]
terminal [_ansible_@_server_]$ ansible -vvvv -i ./inventory/test.txt _target_ --user _user_ -a 'date'
ansible 2.6.17
config file = /home/_ansible_/ansible/ansible.cfg
configured module search path = [u'/home/_ansible_/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.6/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.6.6 (r266:84292, Aug 18 2016, 08:36:59) [GCC 4.4.7 20120313 (Red Hat 4.4.7-17)]
Using /home/_ansible_/ansible/ansible.cfg as config file
setting up inventory plugins
Parsed /home/_ansible_/ansible/inventory/test.txt inventory source with ini plugin
Loading callback plugin minimal of type stdout, v2.0 from /usr/lib/python2.6/site-packages/ansible/plugins/callback/minimal.pyc
META: ran handlers
<_target_> ESTABLISH SSH CONNECTION FOR USER: _user_
<_target_> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=_user_ -o ConnectTimeout=10 -o ControlPath=/home/_ansible_/.ansible/cp/f5a095d7af _target_ '/bin/sh -c '"'"'echo ~_user_ && sleep 0'"'"''
<_target_> (255, '', 'OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: cipher ok: aes256-ctr [aes256-ctr,aes192-ctr,aes128-ctr]
debug3: cipher ok: aes192-ctr [aes256-ctr,aes192-ctr,aes128-ctr]
debug3: cipher ok: aes128-ctr [aes256-ctr,aes192-ctr,aes128-ctr]
debug3: ciphers ok: [aes256-ctr,aes192-ctr,aes128-ctr]
debug1: Applying options for *
debug2: mac_setup: found hmac-ripemd160
debug3: mac ok: hmac-ripemd160 [hmac-ripemd160,hmac-sha1]
debug2: mac_setup: found hmac-sha1
debug3: mac ok: hmac-sha1 [hmac-ripemd160,hmac-sha1]
debug3: macs ok: [hmac-ripemd160,hmac-sha1]
debug1: auto-mux: Trying existing master
debug2: fd 4 setting O_NONBLOCK
debug2: mux_client_hello_exchange: master version 4
debug3: mux_client_request_forwards: requesting forwardings: 0 local, 0 remote
debug3: mux_client_request_session: entering
debug3: mux_client_request_alive: entering
debug3: mux_client_request_alive: done pid = 311
debug3: mux_client_request_session: session request sent
debug1: mux_client_request_session: master session id: 12
debug3: mux_client_read_packet: read header failed: Broken pipe
debug2: Control master terminated unexpectedly
')
_target_ | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: cipher ok: aes256-ctr [aes256-ctr,aes192-ctr,aes128-ctr]
debug3: cipher ok: aes192-ctr [aes256-ctr,aes192-ctr,aes128-ctr]
debug3: cipher ok: aes128-ctr [aes256-ctr,aes192-ctr,aes128-ctr]
debug3: ciphers ok: [aes256-ctr,aes192-ctr,aes128-ctr]
debug1: Applying options for *
debug2: mac_setup: found hmac-ripemd160
debug3: mac ok: hmac-ripemd160 [hmac-ripemd160,hmac-sha1]
debug2: mac_setup: found hmac-sha1
debug3: mac ok: hmac-sha1 [hmac-ripemd160,hmac-sha1]
debug3: macs ok: [hmac-ripemd160,hmac-sha1]
debug1: auto-mux: Trying existing master
debug2: fd 4 setting O_NONBLOCK
debug2: mux_client_hello_exchange: master version 4
debug3: mux_client_request_forwards: requesting forwardings: 0 local, 0 remote
debug3: mux_client_request_session: entering
debug3: mux_client_request_alive: entering
debug3: mux_client_request_alive: done pid = 311
debug3: mux_client_request_session: session request sent
debug1: mux_client_request_session: master session id: 12
debug3: mux_client_read_packet: read header failed: Broken pipe
debug2: Control master terminated unexpectedly",
"unreachable": true
}
Соединение Manuell SSH с аутентификацией с открытым ключом отлично работает со всеми тремя IP-адресами.
Мои вопросы:
Заранее, Стефан
посмотрите конфигурацию ssd в AIX, возможно, демон не настроен для прослушивания всех системных IP-адресов, а только IP-адреса узла.