I posted this yesterday, but have yet to see it show up in the forum:
I have the following in one of my playbooks:
- name: "Copy SSH keys"
command: sshpass -f ~/temp.pass ssh-copy-id -i ~/.ssh/id_rsa.pub {{
ansible_user }}@{{ item }}
with_flattened:
- groups.worker
- groups.proxy
when: item not in groups.master
with this inventory file:
[master]
9.42.23.241
kubelet_extra_args='["--eviction-hard=memory.available<100Mi,nodefs.available<2Gi,nodefs.inodesFree<5%",
"--image-gc-high-threshold=100%", "--image-gc-low-threshold=100%"]'
[worker]
9.42.23.147
[proxy]
9.42.23.241
kubelet_extra_args='["--eviction-hard=memory.available<100Mi,nodefs.available<2Gi,nodefs.inodesFree<5%",
"--image-gc-high-threshold=100%", "--image-gc-low-threshold=100%"]'
[management]
9.42.23.241
kubelet_extra_args='["--eviction-hard=memory.available<100Mi,nodefs.available<2Gi,nodefs.inodesFree<5%",
"--image-gc-high-threshold=100%", "--image-gc-low-threshold=100%"]'
This works fine when I run on an Ubuntu 16.04 system, but when I run on
RHEL 7.4, I get:
failed: [9.42.23.241] (item=groups.worker) => {"changed": true, "cmd":
["sshpass", "-f", "~/temp.pass", "ssh-copy-id", "-i", "~/.ssh/id_rsa.pub",
"[email protected]"], "delta": "0:00:00.128010", "end": "2018-01-11
12:55:19.491284", "failed": true, "item": "groups.worker", "msg": "non-zero
return code", "rc": 1, "start": "2018-01-11 12:55:19.363274", "stderr":
"/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed:
\"/root/.ssh/id_rsa.pub\"\n/usr/bin/ssh-copy-id: INFO: attempting to log in
with the new key(s), to filter out any that are already
installed\n\n/usr/bin/ssh-copy-id: ERROR: ssh: Could not resolve hostname
groups.worker: Name or service not known", "stderr_lines":
["/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed:
\"/root/.ssh/id_rsa.pub\"", "/usr/bin/ssh-copy-id: INFO: attempting to log
in with the new key(s), to filter out any that are already installed", "",
"/usr/bin/ssh-copy-id: ERROR: ssh: Could not resolve hostname
groups.worker: Name or service not known"], "stdout": "", "stdout_lines":
[]}
failed: [9.42.23.241] (item=groups.proxy) => {"changed": true, "cmd":
["sshpass", "-f", "~/temp.pass", "ssh-copy-id", "-i", "~/.ssh/id_rsa.pub",
"[email protected]"], "delta": "0:00:00.122724", "end": "2018-01-11
12:55:19.942384", "failed": true, "item": "groups.proxy", "msg": "non-zero
return code", "rc": 1, "start": "2018-01-11 12:55:19.819660", "stderr":
"/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed:
\"/root/.ssh/id_rsa.pub\"\n/usr/bin/ssh-copy-id: INFO: attempting to log in
with the new key(s), to filter out any that are already
installed\n\n/usr/bin/ssh-copy-id: ERROR: ssh: Could not resolve hostname
groups.proxy: Name or service not known", "stderr_lines":
["/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed:
\"/root/.ssh/id_rsa.pub\"", "/usr/bin/ssh-copy-id: INFO: attempting to log
in with the new key(s), to filter out any that are already installed", "",
"/usr/bin/ssh-copy-id: ERROR: ssh: Could not resolve hostname groups.proxy:
Name or service not known"], "stdout": "", "stdout_lines": []}
to retry, use: --limit @/root/ansible/deploy.retry
As you can see, groups.workers and groups.proxy are taken as literal
strings and are the IP addresses are not substituted. Should I be doing
this another way?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/16ffb033-6028-47f2-a8f7-98112c902043%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
