简体繁体 English

来自 jenkins 用户的 Ansible 剧本

[英]Ansible playbook via jenkins user

原文 2020-09-12 15:30:37 8 1 jenkins/ ssh/ ansible

I am trying to call my Ansible playbook from jenkins.我正在尝试从 jenkins 调用我的 Ansible 剧本。 But everytime i do so, i am getting permission denied for public key error.但是每次我这样做时，我都会因公钥错误而被拒绝。 My objective is to push the playbook from local machine to GC VM.我的目标是将剧本从本地机器推送到 GC VM。

Facts:事实：

Ansible and jenkins are installed on same machine Ansible 和 jenkins 安装在同一台机器上
My GC VM instance key is in /home/govind/Desktop/splukinstancekey.pem path.我的 GC VM 实例密钥位于 /home/govind/Desktop/slukinstancekey.pem 路径中。 This is in my main user ("govind").这是我的主要用户（“govind”）。
In jenkins, i have generated a RSA key using ssh-keygen and added the same in user "govind" .ssh/authorized_keys.在 jenkins 中，我使用 ssh-keygen 生成了一个 RSA 密钥，并在用户“govind”.ssh/authorized_keys 中添加了相同的密钥。 So i am able to make a connection from jenkins user to govind user (where ansible is installed ).所以我能够建立从 jenkins 用户到 govind 用户（安装 ansible 的地方）的连接。

The problem is whenever i run the playbook from jenkins user , below error is thrown:问题是每当我从 jenkins 用户运行剧本时，就会抛出以下错误：

TASK [Gathering Facts] *********************************************************************************************************************** fatal: [34.71.8.168]: UNREACHABLE!任务 [收集事实] ************************************************* ****************************************************** ************************ 致命：[34.71.8.168]：无法访问！ => {"changed": false, "msg": "Failed to connect to the host via ssh: Load key "/home/govind/Desktop/splunkinstancekey.pem": Permission denied\\r\\nubuntu@34.71.8.168: Permission denied (publickey).", "unreachable": true} fatal: [35.223.166.86]: UNREACHABLE! => {"changed": false, "msg": "无法通过 ssh 连接到主机：加载密钥 "/home/govind/Desktop/splunkinstancekey.pem": 权限被拒绝\\r\\nubuntu@34.71.8.168: 权限拒绝（公钥）。”，“无法访问”：true} 致命：[35.223.166.86]：无法访问！ => {"changed": false, "msg": "Failed to connect to the host via ssh: Load key "/home/govind/Desktop/splunkinstancekey.pem": Permission denied\\r\\nubuntu@35.223.166.86: Permission denied (publickey).", "unreachable": true} => {"changed": false, "msg": "无法通过 ssh 连接到主机：加载密钥 "/home/govind/Desktop/splunkinstancekey.pem": 权限被拒绝\\r\\nubuntu@35.223.166.86: 权限拒绝（公钥）。”，“无法访问”：true}

From user "govind" i can easily ping remote servers via ansible command.从用户“govind”，我可以通过 ansible 命令轻松地 ping 远程服务器。 Can anyone please help me in understanding what gap i might be missing from jenkins user.任何人都可以帮助我了解我可能与 jenkins 用户遗漏的差距。 I understand that jenkins cannot access the pem file in as it does not belong to it.我知道 jenkins 无法访问 pem 文件，因为它不属于它。 From various other posts i read that jenkins makes connection to user where ansible in installed and then that playbook is executed.从其他各种帖子中，我读到 jenkins 在安装 ansible 的地方与用户建立连接，然后执行该剧本。 But not able to make any progress.但无法取得任何进展。

1 个解决方案

It seems like you should approach this from a ssh troubleshooting perspective.似乎您应该从 ssh 故障排除的角度来解决这个问题。 It sounds like you are trying to ssh from your jenkins box to the govind box.听起来您正在尝试从 jenkins 盒 ssh 到 govind 盒。 So, with the key pair you generated, you need to put the public key under authorized_keys on the govind box under the ubuntu user.所以，有了你生成的密钥对，你需要将公钥放在ubuntu用户下的govind框上的authorized_keys下。 ie- because in your error you are sshing as the ubuntu user -- ubuntu@34.71.8.168 .即- 因为在您的错误中，您以 ubuntu 用户ubuntu@34.71.8.168 - ubuntu@34.71.8.168 。 You then should be able to ssh from the jenkins box to the govind box as the ubuntu user as you seem to be trying to do.然后，您应该能够以ubuntu用户的身份从 jenkins 框 ssh 到 govind 框，就像您试图做的那样。