Назад | Перейти на главную страницу

openstack-ansible застрял на ssh

Я смело развертываю OpenStack с помощью Ansible. Наконец, этап ввода команд, за исключением того, что я столкнулся с ошибкой ssh. Кажется, это либо разветвленный, либо настроенный для OpenStack. Раньше при использовании "ssh-copy-id" и правильного cfg все работало сразу. (Примечание: в целях тестирования разрешен вход с правами root)

os@7:/opt/openstack-ansible/playbooks$ sudo openstack-ansible setup-hosts.yml -vvvv
Variable files: "-e @/etc/openstack_deploy/user_group_vars.yml -e @/etc/openstack_deploy/user_secrets.yml -e @/etc/openstack_deploy/user_variables.yml "

PLAY [Basic host setup] ******************************************************* 

GATHERING FACTS *************************************************************** 
<172.27.255.84> ESTABLISH CONNECTION FOR USER: root
<10.4.1.113> ESTABLISH CONNECTION FOR USER: root
<172.27.255.84> REMOTE_MODULE setup
<172.27.255.93> ESTABLISH CONNECTION FOR USER: root
<10.4.1.113> REMOTE_MODULE setup
<172.27.255.91> ESTABLISH CONNECTION FOR USER: root
<172.27.255.164> ESTABLISH CONNECTION FOR USER: root
<172.27.255.93> REMOTE_MODULE setup
<172.27.255.91> REMOTE_MODULE setup
<172.27.255.164> REMOTE_MODULE setup
<172.27.255.84> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 172.27.255.84 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671499.99-38377904647735 && echo $HOME/.ansible/tmp/ansible-tmp-1458671499.99-38377904647735'
<10.4.1.113> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 10.4.1.113 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671499.99-28043973332190 && echo $HOME/.ansible/tmp/ansible-tmp-1458671499.99-28043973332190'
<172.27.255.93> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 172.27.255.93 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671499.99-247742941146890 && echo $HOME/.ansible/tmp/ansible-tmp-1458671499.99-247742941146890'
<172.27.255.91> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 172.27.255.91 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671499.99-239068187999404 && echo $HOME/.ansible/tmp/ansible-tmp-1458671499.99-239068187999404'
<172.27.255.164> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 172.27.255.164 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671499.99-253354461562706 && echo $HOME/.ansible/tmp/ansible-tmp-1458671499.99-253354461562706'
fatal: [infra1] => SSH Error: Permission denied (publickey,password).
    while connecting to 172.27.255.84:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
<172.27.255.164> ESTABLISH CONNECTION FOR USER: root
fatal: [900089-compute001] => SSH Error: Permission denied (publickey,password).
    while connecting to 172.27.255.164:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
<172.27.255.164> REMOTE_MODULE setup
fatal: [storage1] => SSH Error: Permission denied (publickey,password).
    while connecting to 10.4.1.113:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
<172.27.255.164> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 172.27.255.164 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671500.08-121316397320847 && echo $HOME/.ansible/tmp/ansible-tmp-1458671500.08-121316397320847'
fatal: [infra3] => SSH Error: Permission denied (publickey,password).
    while connecting to 172.27.255.93:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
fatal: [infra2] => SSH Error: Permission denied (publickey,password).
    while connecting to 172.27.255.91:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
fatal: [compute1] => SSH Error: Permission denied (publickey,password).
    while connecting to 172.27.255.164:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.

TASK: [apt_package_pinning | Add apt pin preferences] ************************* 
FATAL: no hosts matched or all hosts have already failed -- aborting


PLAY RECAP ******************************************************************** 
           to retry, use: --limit @/home/os/setup-hosts.retry

900089-compute001          : ok=0    changed=0    unreachable=1    failed=0   
compute1                   : ok=0    changed=0    unreachable=1    failed=0   
infra1                     : ok=0    changed=0    unreachable=1    failed=0   
infra2                     : ok=0    changed=0    unreachable=1    failed=0   
infra3                     : ok=0    changed=0    unreachable=1    failed=0   
storage1                   : ok=0    changed=0    unreachable=1    failed=0   

os@7:/opt/openstack-ansible/playbooks$ 

Как видите, "ssh os @ ip" работает.

root@7:/etc/openstack_deploy# ssh root@172.27.255.164
Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.19.0-47-generic x86_64)

 * Documentation:  https://help.ubuntu.com/
root@13:~# 
root@13:~# exit
logout
Connection to 172.27.255.164 closed.
root@7:/etc/openstack_deploy# 

Но только через "анзибл" не получается.

Вот версия #

$ openstack-ansible --version
Variable files: "-e @/etc/openstack_deploy/user_group_vars.yml -e @/etc/openstack_deploy/user_secrets.yml -e @/etc/openstack_deploy/user_variables.yml "
ansible-playbook 1.9.4
  configured module search path = /etc/ansible/plugins/library

и cfg, который тянет playbooks

[defaults]
# Additional plugins
lookup_plugins = /etc/ansible/plugins/lookup
filter_plugins = /etc/ansible/plugins/filter
action_plugins = /etc/ansible/plugins/action
library = /etc/ansible/plugins/library
transport = smart
remote_port = 22
#ask_sudo_pass = True
# Fact caching
gathering = smart
fact_caching = jsonfile
fact_caching_connection = /etc/openstack_deploy/ansible_facts
fact_caching_timeout = 86400

inventory = inventory
#host_key_checking = False

# Set color options
nocolor = 0

# SSH timeout
timeout = 120

private_key_file = ~/.ssh/id_rsa



[ssh_connection]
#pipelining = True

Похоже, что ваш инвентарь не использует root id_rsa но тот, что находится в /home/os/.ssh/id_rsa поэтому, когда ansible пытается подключить ваш хост, это не разрешено. Попробуйте изменить инвентарь, указав соответствующий id_rsa.

С другой стороны, есть https://www.rdoproject.org который позволяет развернуть OpenStack на OpenStack, также называемом TripleO, это сценарий bash, использующий Ansible под капотом. Получил настройку моего стека за час.