[Klug-general] Ansible

Kevin Groves kgroves at cix.co.uk
Tue Feb 3 19:35:51 UTC 2015 

So seeing things like:

"10.0.100.37" from file "/root/.ssh/known_hosts

100.37 isn't listed in your ansible hosts file so is that the machine 
you are running FROM?

Seems odd that known_hosts is a problem as that is for incoming 
connections????

I just looked at some of mine but I tend towards using root ssh keys. I 
suggest stripping it back to a really simple task with root keys for 
example. I think there is a switch to actually prompt for passwords 
instead of use keys so this could be worth a try to see what user(s) are 
really being used. Even worth switching on sshd server debug too to see 
what end is doing what.

Kev



On 03/02/15 19:03, Dan Attwood wrote:
> logged in as administrator and sudo
>
> so yes
>
> I also tried it with one machine and adding administrator to the 
> sudoers files with passwd:all. but no dice
>
> On 3 February 2015 at 18:59, Kevin Groves <kgroves at cix.co.uk 
> <mailto:kgroves at cix.co.uk>> wrote:
>
>     On 03/02/15 12:30, Dan Attwood wrote:
>>      ssh-copy-id administrator at 10.0.100.93
>>     <mailto:administrator at 10.0.100.93>
>>
>>
>
>     OK and you did that logged in as administrator? and when I mean
>     logged in as administrator you did login and not did su administator?
>
>     Kev
>
>
>
>>     manage to hit send to soon
>>
>>     On 3 February 2015 at 12:29, Dan Attwood <danattwood at gmail.com
>>     <mailto:danattwood at gmail.com>> wrote:
>>
>>         my host files looks like this:
>>
>>         [all:vars]
>>         ansible_sudo_pass=secretpassword
>>
>>         [servers]
>>         10.0.100.56
>>         10.0.100.72
>>         10.0.100.93
>>         10.0.100.38
>>
>>
>>         my playbook is:
>>
>>         - hosts: servers
>>           gather_facts: no
>>           user: administrator
>>           remote_user: administrator
>>           sudo: yes
>>           tasks:
>>            - name: updates a server
>>              apt: update_cache=yes
>>            - name: upgrade a server
>>              apt: upgrade=dist
>>
>>
>>         So it thought I was pretty clear to ansible that the user is
>>         'administrator'
>>
>>
>>         when i copied the keys over i did:
>>
>>
>>
>>         On 3 February 2015 at 12:26, Kevin Groves
>>         <kgroves at ksoft-creative-projects.co.uk
>>         <mailto:kgroves at ksoft-creative-projects.co.uk>> wrote:
>>
>>
>>             On 03/02/15 09:00, Dan Attwood wrote:
>>
>>                 ok i've done that and that speed things up a bit.
>>                 unfortunately it speeds it towards the next fail.
>>                 witht he debug on I can the errors lists below.
>>                 I've double checked that I can ssh into the servers
>>                 via kay and I'm following the note I made when I had
>>                 this working at home so and dan :-(
>>
>>                 error below
>>
>>
>>                 fatal: [10.0.100.37] => SSH encountered an unknown
>>                 error. The output was:
>>                 OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
>>                 debug1: Reading configuration data /etc/ssh/ssh_config
>>                 debug1: /etc/ssh/ssh_config line 19: Applying options
>>                 for *
>>                 debug1: auto-mux: Trying existing master
>>
>>
>>
>>                 debug1: Control socket
>>                 "/home/administrator/.ansible/cp/ansible-ssh-10.0.100.37-22-administrator"
>>                 does not exist
>>
>>
>>             Is this home dir connected with an 'administrator' user?
>>             It could be that ansible is using the wrong user key to
>>             connect with what looks like 'root' on the other machine.
>>
>>             Hopefully its just a matter of which user is being used
>>             on which side.
>>
>>             You might also want to take a look at the ansible config
>>             file. Mine is in /etc/ansible/ansible.cfg which has lines
>>             like:
>>
>>             poll_interval  = 15
>>             sudo_user      = root
>>             #ask_sudo_pass = True
>>             #ask_pass      = True
>>             transport      = smart
>>             remote_port    = 22
>>
>>             I think you can be specific about what users are used
>>             instead of assuming it knows what you really mean. :-)
>>
>>             Kev
>>
>>
>>
>>             _______________________________________________
>>             Kent mailing list
>>             Kent at mailman.lug.org.uk <mailto:Kent at mailman.lug.org.uk>
>>             https://mailman.lug.org.uk/mailman/listinfo/kent
>>
>>
>>
>>
>>
>>     _______________________________________________
>>     Kent mailing list
>>     Kent at mailman.lug.org.uk  <mailto:Kent at mailman.lug.org.uk>
>>     https://mailman.lug.org.uk/mailman/listinfo/kent
>
>
>     _______________________________________________
>     Kent mailing list
>     Kent at mailman.lug.org.uk <mailto:Kent at mailman.lug.org.uk>
>     https://mailman.lug.org.uk/mailman/listinfo/kent
>
>
>
>
> _______________________________________________
> Kent mailing list
> Kent at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/kent

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/kent/attachments/20150203/a03eb5f1/attachment-0001.html>

More information about the Kent mailing list