动态清单文件上的 Ansible + AWS EC2 插件 + 用户名 + ssh 密钥
[英]Ansible + AWS EC2 Plugin + username + ssh key on the dynamic inventory file
问题描述
I'm using the aws_ec2 plugin to get my inventory on AWS but I need some help.
我正在使用 aws_ec2 插件在 AWS 上获取我的库存,但我需要一些帮助。
I want to set the 'ansible_user' and 'ansible_ssh_private_key_file' on the dynamic inventory file but I cant get it work.我想在动态库存文件上设置“ansible_user”和“ansible_ssh_private_key_file”,但我无法让它工作。 ¿Is this possible?这可能吗? So I don't need to set the '--private-key' and '-u' options on the command line.所以我不需要在命令行上设置“--private-key”和“-u”选项。
This is my current aws_ec2.yaml:这是我当前的 aws_ec2.yaml:
---
plugin: aws_ec2
aws_access_key: 123
aws_secret_key: 345
filters:
tag:Cliente: CustName
instance-state-name : running
Any Idea?任何想法?
Thanks!谢谢!
1 个解决方案
解决方案1
0 2021-05-25 15:07:07
You can create and load dynamic variables for each Ansible host group.您可以为每个 Ansible 主机组创建和加载动态变量。 You need to create appropriate files on your inventory directory.您需要在库存目录中创建适当的文件。 For example: Say you have configured your ansible.cfg file with the inventory key pointing to the relative path ./inventory .例如:假设您已经配置了ansible.cfg文件,其中inventory键指向相对路径./inventory 。 This tells Ansible that it should look inside a file called ./inventory or a series of files inside the ./inventory folder for the host group's information.这告诉 Ansible 它应该在名为./inventory的文件或./inventory文件夹中的一系列文件中查找主机组的信息。
You tell Ansible to load different variables for each group just by following the appropriate convention for the folder structure:你告诉 Ansible 为每个组加载不同的变量,只需遵循文件夹结构的适当约定:
-
./inventory/group_vars: will hold group variables../inventory/group_vars:将保存组变量。 -
./inventory/host_vars: will hold host variables../inventory/host_vars:将保存主机变量。
Ansible will use the file's name inside each of these folders to reference the appropriate group or host . Ansible 将使用每个文件夹中的文件名来引用适当的group或host 。 You can also use sub-directories with the group's name if you want to use multiple files to hold all the variables.如果要使用多个文件来保存所有变量,也可以使用带有组名的子目录。
It's important that your
aws_ec2.ymlfile be located inside the./inventorydirectory.aws_ec2.yml文件位于./inventory目录中很重要。
For example: if you wanted to store the appropriate user and key configuration to access EC2 instances tagged with the Project tag set to stackoverflow , you would need to create a directory at ./inventory/group_vars/tag_Project_stackoverflow with a variables file like the following:例如:如果您想存储适当的user和key配置以访问标记为将Project标签设置为stackoverflow的 EC2 实例,则需要在./inventory/group_vars/tag_Project_stackoverflow处创建一个目录,其中包含如下变量文件:
ansible_user: ec2-user
ansible_ssh_private_key_file: ~/.ssh/id_rsa
The EC2 dynamic inventory module can create dynamic groups from the configuration of your EC2 instances.
You can even create these files dynamically using tasks.您甚至可以使用任务动态创建这些文件。 Here I create a new ec2 key, store it locally, and create the necessary folder structure to hold the connection information:这里我创建一个新的 ec2 密钥,将其存储在本地,并创建必要的文件夹结构来保存连接信息:
- name: Create a new EC2 key
amazon.aws.ec2_key:
name: "{{ ec2_key_name }}"
register: ec2_key_output
- name: Save private key
ansible.builtin.copy:
content: "{{ ec2_key_output.key.private_key }}"
dest: "{{ ec2_key_path }}"
mode: 0600
when: ec2_key_output.changed == True
- name: Create the group_vars folder
ansible.builtin.file:
path: ./inventory/group_vars
state: directory
mode: '0755'
- name: Create the group_vars configuration file
ansible.builtin.copy:
content: |
ansible_user: "{{ ec2_user }}"
ansible_ssh_private_key_file: "{{ ec2_key_path }}"
dest: ./inventory/group_vars/tag_Project_stackoverflow
Please check out Ansible's documentation regarding inventory management for more information.请查看Ansible 关于库存管理的文档以获取更多信息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.