![](/img/trans.png)
[英]How to fix boto3 aws botocore.exceptions.NoCredentialsError:
[英]Ansible aws_secret module returns "botocore and boto3 are required for aws_ssm lookup" despite both having been installed with pip
我正在运行来自 Jenkins 的 Ansible 剧本。该剧本在运行Ubuntu 20.04.2
的目标主机上以用户ubuntu
的身份运行。 我的playbook.yml
文件是:
---
- name: Test
hosts: all
vars:
ansible_python_interpreter: /usr/bin/python3
pre_tasks:
- name: Install boto3 and botocore with pip3 module
pip:
name:
- boto3
- botocore
- ansible
executable: /usr/bin/pip3
tasks:
- name: "Template file"
template:
src:.env
dest: ".env"
owner: ubuntu
group: ubuntu
mode: '0664'
.env
文件是:
TEST_VAR={{ lookup('aws_secret', 'test-secret') }}
aws_secret
插件需要boto3
和botocore>=1.10.0
。
当剧本运行时,我得到:
$ ansible-playbook playbook.yml -i host.compute-1.amazonaws.com, --private-key /var/lib/jenkins/workspace/xxx/xxx.key -u ubuntu
PLAY [Test] ******************************************************************
TASK [Gathering Facts] *********************************************************
ok: [host.compute-1.amazonaws.com][0m
TASK [Install boto3 and botocore with pip3 module] *****************************
ok: [host.compute-1.amazonaws.com][0m
TASK [Template file] *****************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ansible.errors.AnsibleError: An unhandled exception occurred while running the lookup plugin 'aws_secret'. Error was a <class 'ansible.errors.AnsibleError'>, original message: botocore and boto3 are required for aws_ssm lookup.
如果我将-vvv
标志添加到 playbook 执行命令,并在安装 boto3/botocore 模块后将其添加为pre_task
任务:
- name: Check binaries and versions
shell: |
echo $PATH
export PATH=$PATH:$HOME/.local/bin
echo $PATH
which python3
python3 --version
which pip3
pip3 --version
which ansible
ansible --version
pip3 list | grep -e ansible -e boto
python3 -c 'import botocore'
python3 -c 'import boto3'
我得到这个标准输出:
TASK [Install boto3 and botocore with pip3 module] *****************************
"Requirement already satisfied: boto3 in /home/ubuntu/.local/lib/python3.8/site-packages (1.18.36)",
"Requirement already satisfied: botocore in /home/ubuntu/.local/lib/python3.8/site-packages (1.21.36)",
"Requirement already satisfied: ansible in /home/ubuntu/.local/lib/python3.8/site-packages (4.5.0)",
"Requirement already satisfied: jmespath<1.0.0,>=0.7.1 in /home/ubuntu/.local/lib/python3.8/site-packages (from boto3) (0.10.0)",
"Requirement already satisfied: s3transfer<0.6.0,>=0.5.0 in /home/ubuntu/.local/lib/python3.8/site-packages (from boto3) (0.5.0)",
"Requirement already satisfied: urllib3<1.27,>=1.25.4 in /usr/lib/python3/dist-packages (from botocore) (1.25.8)",
"Requirement already satisfied: python-dateutil<3.0.0,>=2.1 in /home/ubuntu/.local/lib/python3.8/site-packages (from botocore) (2.8.2)",
"Requirement already satisfied: ansible-core<2.12,>=2.11.4 in /home/ubuntu/.local/lib/python3.8/site-packages (from ansible) (2.11.4)",
"Requirement already satisfied: six>=1.5 in /usr/lib/python3/dist-packages (from python-dateutil<3.0.0,>=2.1->botocore) (1.14.0)",
"Requirement already satisfied: resolvelib<0.6.0,>=0.5.3 in /home/ubuntu/.local/lib/python3.8/site-packages (from ansible-core<2.12,>=2.11.4->ansible) (0.5.4)",
"Requirement already satisfied: cryptography in /usr/lib/python3/dist-packages (from ansible-core<2.12,>=2.11.4->ansible) (2.8)",
"Requirement already satisfied: packaging in /home/ubuntu/.local/lib/python3.8/site-packages (from ansible-core<2.12,>=2.11.4->ansible) (21.0)",
"Requirement already satisfied: jinja2 in /usr/lib/python3/dist-packages (from ansible-core<2.12,>=2.11.4->ansible) (2.10.1)",
"Requirement already satisfied: PyYAML in /usr/lib/python3/dist-packages (from ansible-core<2.12,>=2.11.4->ansible) (5.3.1)",
"Requirement already satisfied: pyparsing>=2.0.2 in /home/ubuntu/.local/lib/python3.8/site-packages (from packaging->ansible-core<2.12,>=2.11.4->ansible) (2.4.7)"
TASK [Check binaries and versions] **********************************************************
"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin",
"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin:/home/ubuntu/.local/bin",
"/usr/bin/python3",
"Python 3.8.10",
"/usr/bin/pip3",
"pip 20.0.2 from /usr/lib/python3/dist-packages/pip (python 3.8)",
"/home/ubuntu/.local/bin/ansible",
"ansible [core 2.11.4] ",
" config file = None",
" configured module search path = ['/home/ubuntu/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']",
" ansible python module location = /home/ubuntu/.local/lib/python3.8/site-packages/ansible",
" ansible collection location = /home/ubuntu/.ansible/collections:/usr/share/ansible/collections",
" executable location = /home/ubuntu/.local/bin/ansible",
" python version = 3.8.10 (default, Jun 2 2021, 10:49:15) [GCC 9.4.0]",
" jinja version = 2.10.1",
" libyaml = True"
"ansible 4.5.0 ",
"ansible-core 2.11.4 ",
"boto3 1.18.36 ",
"botocore 1.21.36 "
boto3
和botocore
显然都安装在目标主机上。 为什么aws_secret
插件告诉我botocore and boto3 are required for aws_ssm lookup
?
正如@Zeitounator 所述,查找在 Ansible 控制机器 ( docs ) 上执行和评估。 所以解决方案是在Jenkins服务器上通过pip
安装botocore
和boto3
。
如果您安装了 boto3 和 botocore,但仍然出现此错误,则可能是这样:您同时安装了 python2 和 python3。 Ansible 可能在 python3 下运行,但aws_secret
查找出于某种原因仍在使用 python2。 对我来说一个糟糕的修复是pip2 install boto3 botocore
。 我现在正在寻找更好的解决方案。 Ubuntu 18.04...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.