Welche Einstellungen sind erforderlich, um Ansible auf AWS EC2 auszuführen?

Question

Ich habe eine neue Amazon EC2 Ubuntu-Instanz konfiguriert. und habe meinen öffentlichen SSH-Schlüssel zum Server hinzugefügt.

cat ~/.ssh/id_rsa.pub | ssh -I aws.pem ubuntu@<ec2publicDNS> "cat - >> ~/.ssh/authorized_keys2" 

Ich bin jetzt in der Lage, die Instanz zugreifen mit

ssh ubuntu@<ec2publicIP> 

So habe ich folgendes meine /etc/ansible/hosts

[webservers] 
ubuntu@<ec2publicIP> 

wenn ich laufe ANSIBLE_DEBUG=1 ansible all -m ping ich die folgenden:

9264 1486122587.48735: starting run 
    9264 1486122587.58557: Loading CacheModule 'memory' from /usr/local/lib/python2.7/site-packages/ansible/plugins/cache/memory.py 
    9264 1486122587.62315: Loading CallbackModule 'minimal' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/minimal.py 
    9264 1486122587.62373: Loading CallbackModule 'actionable' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/actionable.py (found_in_cache=False, class_only=True) 
    9264 1486122587.62388: Loading CallbackModule 'context_demo' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/context_demo.py (found_in_cache=False, class_only=True) 
    9264 1486122587.62401: Loading CallbackModule 'debug' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/debug.py (found_in_cache=False, class_only=True) 
    9264 1486122587.62420: Loading CallbackModule 'default' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/default.py (found_in_cache=False, class_only=True) 
    9264 1486122587.62450: Loading CallbackModule 'foreman' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/foreman.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63003: Loading CallbackModule 'hipchat' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/hipchat.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63048: Loading CallbackModule 'jabber' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/jabber.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63064: Loading CallbackModule 'json' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/json.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63096: Loading CallbackModule 'junit' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/junit.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63121: Loading CallbackModule 'log_plays' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/log_plays.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63173: Loading CallbackModule 'logentries' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/logentries.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63266: Loading CallbackModule 'mail' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/mail.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63273: Loading CallbackModule 'minimal' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/minimal.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63288: Loading CallbackModule 'oneline' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/oneline.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63304: Loading CallbackModule 'osx_say' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/osx_say.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63321: Loading CallbackModule 'profile_tasks' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/profile_tasks.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63648: Loading CallbackModule 'skippy' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/skippy.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63678: Loading CallbackModule 'slack' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/slack.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63755: Loading CallbackModule 'syslog_json' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/syslog_json.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63772: Loading CallbackModule 'timer' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/timer.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63789: Loading CallbackModule 'tree' from /usr/local/lib/python2.7/site-packages/ansible/plugins/callback/tree.py (found_in_cache=False, class_only=True) 
    9264 1486122587.63795: in VariableManager get_vars() 
    9264 1486122587.63812: done with get_vars() 
    9264 1486122587.64662: Loading StrategyModule 'linear' from /usr/local/lib/python2.7/site-packages/ansible/plugins/strategy/linear.py 
    9264 1486122587.64819: getting the remaining hosts for this loop 
    9264 1486122587.64824: done getting the remaining hosts for this loop 
    9264 1486122587.64832: building list of next tasks for hosts 
    9264 1486122587.64838: getting the next task for host ubuntu@<ec2publicIP> 
    9264 1486122587.64846: done getting next task for host ubuntu@<ec2publicIP> 
    9264 1486122587.64852:^task is: TASK: meta (flush_handlers) 
    9264 1486122587.64859:^state is: HOST STATE: block=1, task=1, rescue=0, always=0, role=None, run_state=ITERATING_TASKS, fail_state=FAILED_NONE, pending_setup=False, tasks child state? (None), rescue child state? (None), always child state? (None), did rescue? False, did start at task? False 
    9264 1486122587.64863: done building task lists 
    9264 1486122587.64868: counting tasks in each state of execution 
    9264 1486122587.64872: done counting tasks in each state of execution: 
    num_setups: 0 
    num_tasks: 1 
    num_rescue: 0 
    num_always: 0 
    9264 1486122587.64876: advancing hosts in ITERATING_TASKS 
    9264 1486122587.64881: starting to advance hosts 
    9264 1486122587.64885: getting the next task for host ubuntu@<ec2publicIP> 
    9264 1486122587.64892: done getting next task for host ubuntu@<ec2publicIP> 
    9264 1486122587.64896:^task is: TASK: meta (flush_handlers) 
    9264 1486122587.64901:^state is: HOST STATE: block=1, task=1, rescue=0, always=0, role=None, run_state=ITERATING_TASKS, fail_state=FAILED_NONE, pending_setup=False, tasks child state? (None), rescue child state? (None), always child state? (None), did rescue? False, did start at task? False 
    9264 1486122587.64907: done advancing hosts to next task 
    9264 1486122587.65149: done queuing things up, now waiting for results queue to drain 
    9264 1486122587.65157: results queue empty 
    9264 1486122587.65161: checking for any_errors_fatal 
    9264 1486122587.65164: done checking for any_errors_fatal 
    9264 1486122587.65168: checking for max_fail_percentage 
    9264 1486122587.65171: done checking for max_fail_percentage 
    9264 1486122587.65175: checking to see if all hosts have failed and the running result is not ok 
    9264 1486122587.65180: done checking to see if all hosts have failed 
    9264 1486122587.65186: getting the remaining hosts for this loop 
    9264 1486122587.65190: done getting the remaining hosts for this loop 
    9264 1486122587.65198: building list of next tasks for hosts 
    9264 1486122587.65202: getting the next task for host ubuntu@<ec2publicIP> 
    9264 1486122587.65208: done getting next task for host ubuntu@<ec2publicIP> 
    9264 1486122587.65212:^task is: TASK: ping 
    9264 1486122587.65216:^state is: HOST STATE: block=2, task=1, rescue=0, always=0, role=None, run_state=ITERATING_TASKS, fail_state=FAILED_NONE, pending_setup=False, tasks child state? (None), rescue child state? (None), always child state? (None), did rescue? False, did start at task? False 
    9264 1486122587.65220: done building task lists 
    9264 1486122587.65224: counting tasks in each state of execution 
    9264 1486122587.65228: done counting tasks in each state of execution: 
    num_setups: 0 
    num_tasks: 1 
    num_rescue: 0 
    num_always: 0 
    9264 1486122587.65232: advancing hosts in ITERATING_TASKS 
    9264 1486122587.65235: starting to advance hosts 
    9264 1486122587.65238: getting the next task for host ubuntu@<ec2publicIP> 
    9264 1486122587.65244: done getting next task for host ubuntu@<ec2publicIP> 
    9264 1486122587.65248:^task is: TASK: ping 
    9264 1486122587.65252:^state is: HOST STATE: block=2, task=1, rescue=0, always=0, role=None, run_state=ITERATING_TASKS, fail_state=FAILED_NONE, pending_setup=False, tasks child state? (None), rescue child state? (None), always child state? (None), did rescue? False, did start at task? False 
    9264 1486122587.65256: done advancing hosts to next task 
    9264 1486122587.65263: getting variables 
    9264 1486122587.65269: in VariableManager get_vars() 
    9264 1486122587.65297: done with get_vars() 
    9264 1486122587.65308: done getting variables 
    9264 1486122587.65313: sending task start callback, copying the task so we can template it temporarily 
    9264 1486122587.65318: done copying, going to template now 
    9264 1486122587.65324: done templating 
    9264 1486122587.65329: here goes the callback... 
    9264 1486122587.65336: sending task start callback 
    9264 1486122587.65342: entering _queue_task() for ubuntu@<ec2publicIP>/ping 
    9264 1486122587.65349: Creating lock for ping 
    9264 1486122587.65468: worker is 1 (out of 1 available) 
    9264 1486122587.65510: exiting _queue_task() for ubuntu@<ec2publicIP>/ping 
    9264 1486122587.65575: done queuing things up, now waiting for results queue to drain 
    9264 1486122587.65582: waiting for pending results... 
    9267 1486122587.65922: running TaskExecutor() for ubuntu@<ec2publicIP>/TASK: ping 
    9267 1486122587.65987: in run() 
    9267 1486122587.66061: calling self._execute() 
    9267 1486122587.67436: Loading Connection 'ssh' from /usr/local/lib/python2.7/site-packages/ansible/plugins/connection/ssh.py 
    9267 1486122587.67554: Loading ShellModule 'csh' from /usr/local/lib/python2.7/site-packages/ansible/plugins/shell/csh.py 
    9267 1486122587.67589: Loading ShellModule 'fish' from /usr/local/lib/python2.7/site-packages/ansible/plugins/shell/fish.py 
    9267 1486122587.67632: Loading ShellModule 'powershell' from /usr/local/lib/python2.7/site-packages/ansible/plugins/shell/powershell.py 
    9267 1486122587.67649: Loading ShellModule 'sh' from /usr/local/lib/python2.7/site-packages/ansible/plugins/shell/sh.py 
    9267 1486122587.67672: Loading ShellModule 'sh' from /usr/local/lib/python2.7/site-packages/ansible/plugins/shell/sh.py (found_in_cache=True, class_only=False) 
    9267 1486122587.67693: in VariableManager get_vars() 
    9267 1486122587.67736: done with get_vars() 
    9267 1486122587.67764: Loading ActionModule 'normal' from /usr/local/lib/python2.7/site-packages/ansible/plugins/action/normal.py 
    9267 1486122587.67774: starting attempt loop 
    9267 1486122587.67783: running the handler 
    9267 1486122587.67827: ANSIBALLZ: Using lock for ping 
    9267 1486122587.67831: ANSIBALLZ: Acquiring lock 
    9267 1486122587.67837: ANSIBALLZ: Lock acquired: 4559072080 
    9267 1486122587.67841: ANSIBALLZ: Creating module 
    9267 1486122587.75433: ANSIBALLZ: Writing module 
    9267 1486122587.75461: ANSIBALLZ: Renaming module 
    9267 1486122587.75472: ANSIBALLZ: Done creating module 
    9267 1486122587.75528: _low_level_execute_command(): starting 
    9267 1486122587.75537: _low_level_execute_command(): executing: /bin/sh -c '(umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1486122587.76-200107609248376 `" && echo ansible-tmp-1486122587.76-200107609248376="` echo ~/.ansible/tmp/ansible-tmp-1486122587.76-200107609248376 `") && sleep 0' 
    9267 1486122590.52707: stdout chunk (state=2): 
>>>ansible-tmp-1486122587.76-200107609248376=/home/ubuntu/.ansible/tmp/ansible-tmp-1486122587.76-200107609248376 
<<< 

    9267 1486122590.52765: stdout chunk (state=3): 
>>><<< 

    9267 1486122590.52775: stderr chunk (state=3): 
>>><<< 

    9267 1486122590.52795: _low_level_execute_command() done: rc=0, stdout=ansible-tmp-1486122587.76-200107609248376=/home/ubuntu/.ansible/tmp/ansible-tmp-1486122587.76-200107609248376 
, stderr= 
    9267 1486122590.52808: transferring module to remote /home/ubuntu/.ansible/tmp/ansible-tmp-1486122587.76-200107609248376/ping.py 
    9267 1486122590.53337: Sending initial data 
    9267 1486122590.53347: Sent initial data (139 bytes) 
    9267 1486122590.54550: stderr chunk (state=3): 
>>>ssh: Could not resolve hostname <ec2publicIP>]: nodename nor servname provided, or not known 
<<< 

    9267 1486122590.54583: stderr chunk (state=3): 
>>>Connection closed 
<<< 

    9267 1486122590.54612: stdout chunk (state=3): 
>>><<< 

    9267 1486122590.54618: stderr chunk (state=3): 
>>><<< 

[WARNING]: sftp transfer mechanism failed on [ubuntu@<ec2publicIP>]. Use ANSIBLE_DEBUG=1 to see detailed information 

    9267 1486122590.54711: 
    9267 1486122590.54718: ssh: Could not resolve hostname <ec2publicIP>]: nodename nor servname provided, or not known 
Connection closed 

    9267 1486122590.56466: stderr chunk (state=2): 
>>>ssh: Could not resolve hostname <ec2publicIP>]: nodename nor servname provided, or not known 
<<< 

    9267 1486122590.56501: stderr chunk (state=3): 
>>>lost connection 
<<< 

    9267 1486122590.56525: stdout chunk (state=3): 
>>><<< 

    9267 1486122590.56534: stderr chunk (state=3): 
>>><<< 

[WARNING]: scp transfer mechanism failed on [ubuntu@<ec2publicIP>]. Use ANSIBLE_DEBUG=1 to see detailed information 

    9267 1486122590.56573: 
    9267 1486122590.56577: ssh: Could not resolve hostname <ec2publicIP>]: nodename nor servname provided, or not known 
lost connection 

    9267 1486122590.56621: done running TaskExecutor() for ubuntu@<ec2publicIP>/TASK: ping 
    9267 1486122590.56628: sending task result 
    9267 1486122590.56669: done sending task result 
    9267 1486122590.56674: WORKER PROCESS EXITING 
    9264 1486122590.56785: in VariableManager get_vars() 
    9264 1486122590.56925: done with get_vars() 
    9264 1486122590.56939: marking ubuntu@<ec2publicIP> as failed 
    9264 1486122590.56947: marking host ubuntu@<ec2publicIP> failed, current state: HOST STATE: block=2, task=1, rescue=0, always=0, role=None, run_state=ITERATING_TASKS, fail_state=FAILED_NONE, pending_setup=False, tasks child state? (None), rescue child state? (None), always child state? (None), did rescue? False, did start at task? False 
    9264 1486122590.56952:^failed state is now: HOST STATE: block=2, task=1, rescue=0, always=0, role=None, run_state=ITERATING_COMPLETE, fail_state=FAILED_TASKS, pending_setup=False, tasks child state? (None), rescue child state? (None), always child state? (None), did rescue? False, did start at task? False 
    9264 1486122590.57203: getting the next task for host ubuntu@<ec2publicIP> 
    9264 1486122590.57211: host ubuntu@<ec2publicIP> is done iterating, returning 
ubuntu@<ec2publicIP> | FAILED! => { 
    "failed": true, 
    "msg": "failed to transfer file to /home/ubuntu/.ansible/tmp/ansible-tmp-1486122587.76-200107609248376/ping.py:\n\nssh: Could not resolve hostname <ec2publicIP>]: nodename nor servname provided, or not known\r\nlost connection\n" 
} 
    9264 1486122590.57242: no more pending results, returning what we have 
    9264 1486122590.57251: results queue empty 
    9264 1486122590.57255: checking for any_errors_fatal 
    9264 1486122590.57259: done checking for any_errors_fatal 
    9264 1486122590.57262: checking for max_fail_percentage 
    9264 1486122590.57265: done checking for max_fail_percentage 
    9264 1486122590.57269: checking to see if all hosts have failed and the running result is not ok 
    9264 1486122590.57272: done checking to see if all hosts have failed 
    9264 1486122590.57275: getting the remaining hosts for this loop 
    9264 1486122590.57279: done getting the remaining hosts for this loop 
    9264 1486122590.60734: building list of next tasks for hosts 
    9264 1486122590.60741: getting the next task for host ubuntu@<ec2publicIP> 
    9264 1486122590.60748: host ubuntu@<ec2publicIP> is done iterating, returning 
    9264 1486122590.60752: done building task lists 
    9264 1486122590.60755: counting tasks in each state of execution 
    9264 1486122590.60759: done counting tasks in each state of execution: 
    num_setups: 0 
    num_tasks: 0 
    num_rescue: 0 
    num_always: 0 
    9264 1486122590.60768: all hosts are done, so returning None's for all hosts 
    9264 1486122590.60773: done queuing things up, now waiting for results queue to drain 
    9264 1486122590.60777: results queue empty 
    9264 1486122590.60780: checking for any_errors_fatal 
    9264 1486122590.60785: done checking for any_errors_fatal 
    9264 1486122590.60789: checking for max_fail_percentage 
    9264 1486122590.60793: done checking for max_fail_percentage 
    9264 1486122590.60796: checking to see if all hosts have failed and the running result is not ok 
    9264 1486122590.60802: done checking to see if all hosts have failed 
    9264 1486122590.60809: getting the next task for host ubuntu@<ec2publicIP> 
    9264 1486122590.60813: host ubuntu@<ec2publicIP> is done iterating, returning 
    9264 1486122590.60818: running handlers 
    9264 1486122590.60893: RUNNING CLEANUP 

muss ich einige zusätzliche Ports in meiner security_group in aws verfügbar machen? Bis jetzt ist nur Port 22 freigelegt.

Answer 1

Versuchen Sie, Ihre Hosts-Datei ändern:

[webservers] 
<ec2publicIP> ansible_user=ubuntu 

Answer 2

ansible ssh verwendet, so Port 22 genug ist, werden Sie für Sie EC2-Instanz keine zusätzlichen Sicherheitsgruppen nicht benötigen. Sie können Ihr Inventar ändern und statt <username>@<ipaddress> nur <ipaddress> (oder auflösbaren Namen) verwenden. Sie können remote_user in Ihrem Spielbuch oder mit ansible_user in Ihrem Inventar angegeben, wie Konstantin darauf hingewiesen.