概要
ansibleを使っていてハマった点と、その解決策を残しておく
環境
・AWS EC2
・CentOS7
・Ansible2.9.0.dev0
対象ホストにつながらない
事象
$ ansible -m ping -i inventory/inventory.ini apsv
172.31.3.52 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}
原因
対象サーバで実行サーバの認証に失敗していた。
対策
対象サーバにansible実行サーバの公開鍵を配置する。
172.31.3.52は上記コマンドのapsvに該当
$ ssh-copy-id 172.31.3.52
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/ansible/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
ansible@172.31.3.52's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '172.31.3.52'"
and check to make sure that only the key(s) you wanted were added.
対象サーバへの処理が成功するようになった。
$ ansible -m ping -i inventory/inventory.ini apsv
Enter passphrase for key '/home/ansible/.ssh/id_rsa':
172.31.3.52 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}