[英]Ansible + AWS EC2 Plugin + username + ssh key on the dynamic inventory file
I'm using the aws_ec2 plugin to get my inventory on AWS but I need some help.我正在使用 aws_ec2 插件在 AWS 上获取我的库存,但我需要一些帮助。
I want to set the 'ansible_user' and 'ansible_ssh_private_key_file' on the dynamic inventory file but I cant get it work.我想在动态库存文件上设置“ansible_user”和“ansible_ssh_private_key_file”,但我无法让它工作。 ¿Is this possible?这可能吗? So I don't need to set the '--private-key' and '-u' options on the command line.所以我不需要在命令行上设置“--private-key”和“-u”选项。
This is my current aws_ec2.yaml:这是我当前的 aws_ec2.yaml:
---
plugin: aws_ec2
aws_access_key: 123
aws_secret_key: 345
filters:
tag:Cliente: CustName
instance-state-name : running
Any Idea?任何想法?
Thanks!谢谢!
You can create and load dynamic variables for each Ansible host group.您可以为每个 Ansible 主机组创建和加载动态变量。 You need to create appropriate files on your inventory directory.您需要在库存目录中创建适当的文件。 For example: Say you have configured your ansible.cfg
file with the inventory
key pointing to the relative path ./inventory
.例如:假设您已经配置了ansible.cfg
文件,其中inventory
键指向相对路径./inventory
。 This tells Ansible that it should look inside a file called ./inventory
or a series of files inside the ./inventory
folder for the host group's information.这告诉 Ansible 它应该在名为./inventory
的文件或./inventory
文件夹中的一系列文件中查找主机组的信息。
You tell Ansible to load different variables for each group just by following the appropriate convention for the folder structure:你告诉 Ansible 为每个组加载不同的变量,只需遵循文件夹结构的适当约定:
./inventory/group_vars
: will hold group variables. ./inventory/group_vars
:将保存组变量。./inventory/host_vars
: will hold host variables. ./inventory/host_vars
:将保存主机变量。 Ansible will use the file's name inside each of these folders to reference the appropriate group
or host
. Ansible 将使用每个文件夹中的文件名来引用适当的group
或host
。 You can also use sub-directories with the group's name if you want to use multiple files to hold all the variables.如果要使用多个文件来保存所有变量,也可以使用带有组名的子目录。
It's important that your
aws_ec2.yml
file be located inside the./inventory
directory.aws_ec2.yml
文件位于./inventory
目录中很重要。
For example: if you wanted to store the appropriate user
and key
configuration to access EC2 instances tagged with the Project
tag set to stackoverflow
, you would need to create a directory at ./inventory/group_vars/tag_Project_stackoverflow
with a variables file like the following:例如:如果您想存储适当的user
和key
配置以访问标记为将Project
标签设置为stackoverflow
的 EC2 实例,则需要在./inventory/group_vars/tag_Project_stackoverflow
处创建一个目录,其中包含如下变量文件:
ansible_user: ec2-user
ansible_ssh_private_key_file: ~/.ssh/id_rsa
The EC2 dynamic inventory module can create dynamic groups from the configuration of your EC2 instances. EC2 动态清单模块可以根据您的 EC2 实例的配置创建动态组。 Check its documentation to see how to configure it.查看其文档以了解如何配置它。
You can even create these files dynamically using tasks.您甚至可以使用任务动态创建这些文件。 Here I create a new ec2 key, store it locally, and create the necessary folder structure to hold the connection information:这里我创建一个新的 ec2 密钥,将其存储在本地,并创建必要的文件夹结构来保存连接信息:
- name: Create a new EC2 key
amazon.aws.ec2_key:
name: "{{ ec2_key_name }}"
register: ec2_key_output
- name: Save private key
ansible.builtin.copy:
content: "{{ ec2_key_output.key.private_key }}"
dest: "{{ ec2_key_path }}"
mode: 0600
when: ec2_key_output.changed == True
- name: Create the group_vars folder
ansible.builtin.file:
path: ./inventory/group_vars
state: directory
mode: '0755'
- name: Create the group_vars configuration file
ansible.builtin.copy:
content: |
ansible_user: "{{ ec2_user }}"
ansible_ssh_private_key_file: "{{ ec2_key_path }}"
dest: ./inventory/group_vars/tag_Project_stackoverflow
Please check out Ansible's documentation regarding inventory management for more information.请查看Ansible 关于库存管理的文档以获取更多信息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.