[英]GIT over SSH in Ansible hangs, eventhough ssh-agent forwarding is set up
I have set up everyhing I could find, but still cloning a repo from GitHub hangs the provisioning process. 我已经设置了我能找到的每一个,但仍然从GitHub克隆一个repo挂起了配置过程。
I have: 我有:
.ssh/config 的.ssh /配置
Host github.com ForwardAgent yes StrictHostKeyChecking no
copied private key 复制私钥
vagrant
user 该命令作为vagrant
用户运行 the play is: 该剧是:
- name: Checkout from git git: repo=git@github.com:username/repositoryname.git dest=/srv/website
Just to expand on tillda's answer, that config can be placed in an ansible.cfg file alongside your playbook. 只是为了扩展到fifda的答案,该配置可以放在你的剧本旁边的ansible.cfg文件中。 eg: 例如:
ansible.cfg ansible.cfg
[defaults]
transport = ssh
[ssh_connection]
ssh_args = -o ForwardAgent=yes
I'd say it's better to do that than setting as an env variable, as placing it in a conf file is both more declarative and also will minimise the steps needed for other people you may be working with to going with a project. 我认为这样做比设置为env变量更好,因为将它放在conf文件中更具说明性,并且还将最小化您可能正在使用项目的其他人所需的步骤。
Conf docs: http://docs.ansible.com/intro_configuration.html#the-ansible-configuration-file Conf docs: http : //docs.ansible.com/intro_configuration.html#the-ansible-configuration-file
Example config file: https://raw.github.com/ansible/ansible/devel/examples/ansible.cfg 配置文件示例: https : //raw.github.com/ansible/ansible/devel/examples/ansible.cfg
I want to share the answer that worked for me: 我想分享对我有用的答案:
https://groups.google.com/forum/#!msg/ansible-project/u6o-sWynMjo/69UwJfJPq7cJ - From Ansible Google Group https://groups.google.com/forum/#!msg/ansible-project/u6o-sWynMjo/69UwJfJPq7cJ - 来自Ansible Google Group
For ansible, ssh-add to load ssh keys in your host machine first. 对于ansible,ssh-add首先在主机中加载ssh密钥。 Then use "ssh" as connection type with forwarding enabled. 然后使用“ssh”作为连接类型并启用转发。
Such as: 如:
$ ssh-add $ export ANSIBLE_TRANSPORT="ssh" $ export ANSIBLE_SSH_ARGS="-o ForwardAgent=yes"
See manual for ssh-add for running the agent. 有关运行代理的信息,请参阅ssh-add手册。
The Ansible docs for ssh-args
are http://docs.ansible.com/intro_configuration.html#ssh-args ssh-args
的Ansible文档是http://docs.ansible.com/intro_configuration.html#ssh-args
this works for me 这对我有用
- name: ensure known hosts
shell: touch ~/.ssh/known_hosts
- name: remove github.com from known host
shell: ssh-keygen -R github.com
# >> instead of > to keep existing known_hosts file
- name: ensure github.com in known host
shell: ssh-keyscan -H github.com >> ~/.ssh/known_hosts
Add to ansible.cfg the following parameter: 添加到ansible.cfg以下参数:
[defaults]
sudo_flags=-HE
In my case the issue was the repository string. 就我而言,问题是存储库字符串。 I had a bitbucket private repository set as: 我有一个bitbucket私有存储库设置为:
git@tsrs... Git的@ TSRS ...
but it should be: 但它应该是:
ssh ://git@tsrs... ssh :// git @tsrs ...
Notice the subtle absence of the prefix "ssh". 注意前缀“ssh”的微妙缺失。 The weird part is that if I clone a github repository without the "ssh", it works fine! 奇怪的是,如果我克隆一个没有“ssh”的github存储库,它运行正常!
I had an error : 我有一个错误:
bitbucket.org has an unknown hostkey. bitbucket.org有一个未知的主机密钥。 Set accept_hostkey to True or manually add the hostkey prior to running the git module 将accept_hostkey设置为True或在运行git模块之前手动添加hostkey
I had to add a accept_hostkey
parameter to my git module command : 我必须在我的git模块命令中添加一个accept_hostkey
参数:
playbook : 剧本:
tasks:
- name: clone
git: repo=git@bitbucket.org:robusta-code/xyz.git
dest=/app
accept_hostkey=yes
ansible.cfg ansible.cfg
[ssh_connection]
ssh_args = -o ForwardAgent=yes
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.