[英]Ansible aws_secret module returns "botocore and boto3 are required for aws_ssm lookup" despite both having been installed with pip
我正在运行来自 Jenkins 的 Ansible 剧本。该剧本在运行Ubuntu 20.04.2的目标主机上以用户ubuntu的身份运行。 我的playbook.yml文件是:
---
- name: Test
hosts: all
vars:
ansible_python_interpreter: /usr/bin/python3
pre_tasks:
- name: Install boto3 and botocore with pip3 module
pip:
name:
- boto3
- botocore
- ansible
executable: /usr/bin/pip3
tasks:
- name: "Template file"
template:
src:.env
dest: ".env"
owner: ubuntu
group: ubuntu
mode: '0664'
.env文件是:
TEST_VAR={{ lookup('aws_secret', 'test-secret') }}
aws_secret 插件需要boto3和botocore>=1.10.0 。
当剧本运行时,我得到:
$ ansible-playbook playbook.yml -i host.compute-1.amazonaws.com, --private-key /var/lib/jenkins/workspace/xxx/xxx.key -u ubuntu
PLAY [Test] ******************************************************************
TASK [Gathering Facts] *********************************************************
ok: [host.compute-1.amazonaws.com][0m
TASK [Install boto3 and botocore with pip3 module] *****************************
ok: [host.compute-1.amazonaws.com][0m
TASK [Template file] *****************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ansible.errors.AnsibleError: An unhandled exception occurred while running the lookup plugin 'aws_secret'. Error was a <class 'ansible.errors.AnsibleError'>, original message: botocore and boto3 are required for aws_ssm lookup.
如果我将-vvv标志添加到 playbook 执行命令,并在安装 boto3/botocore 模块后将其添加为pre_task任务:
- name: Check binaries and versions
shell: |
echo $PATH
export PATH=$PATH:$HOME/.local/bin
echo $PATH
which python3
python3 --version
which pip3
pip3 --version
which ansible
ansible --version
pip3 list | grep -e ansible -e boto
python3 -c 'import botocore'
python3 -c 'import boto3'
我得到这个标准输出:
TASK [Install boto3 and botocore with pip3 module] *****************************
"Requirement already satisfied: boto3 in /home/ubuntu/.local/lib/python3.8/site-packages (1.18.36)",
"Requirement already satisfied: botocore in /home/ubuntu/.local/lib/python3.8/site-packages (1.21.36)",
"Requirement already satisfied: ansible in /home/ubuntu/.local/lib/python3.8/site-packages (4.5.0)",
"Requirement already satisfied: jmespath<1.0.0,>=0.7.1 in /home/ubuntu/.local/lib/python3.8/site-packages (from boto3) (0.10.0)",
"Requirement already satisfied: s3transfer<0.6.0,>=0.5.0 in /home/ubuntu/.local/lib/python3.8/site-packages (from boto3) (0.5.0)",
"Requirement already satisfied: urllib3<1.27,>=1.25.4 in /usr/lib/python3/dist-packages (from botocore) (1.25.8)",
"Requirement already satisfied: python-dateutil<3.0.0,>=2.1 in /home/ubuntu/.local/lib/python3.8/site-packages (from botocore) (2.8.2)",
"Requirement already satisfied: ansible-core<2.12,>=2.11.4 in /home/ubuntu/.local/lib/python3.8/site-packages (from ansible) (2.11.4)",
"Requirement already satisfied: six>=1.5 in /usr/lib/python3/dist-packages (from python-dateutil<3.0.0,>=2.1->botocore) (1.14.0)",
"Requirement already satisfied: resolvelib<0.6.0,>=0.5.3 in /home/ubuntu/.local/lib/python3.8/site-packages (from ansible-core<2.12,>=2.11.4->ansible) (0.5.4)",
"Requirement already satisfied: cryptography in /usr/lib/python3/dist-packages (from ansible-core<2.12,>=2.11.4->ansible) (2.8)",
"Requirement already satisfied: packaging in /home/ubuntu/.local/lib/python3.8/site-packages (from ansible-core<2.12,>=2.11.4->ansible) (21.0)",
"Requirement already satisfied: jinja2 in /usr/lib/python3/dist-packages (from ansible-core<2.12,>=2.11.4->ansible) (2.10.1)",
"Requirement already satisfied: PyYAML in /usr/lib/python3/dist-packages (from ansible-core<2.12,>=2.11.4->ansible) (5.3.1)",
"Requirement already satisfied: pyparsing>=2.0.2 in /home/ubuntu/.local/lib/python3.8/site-packages (from packaging->ansible-core<2.12,>=2.11.4->ansible) (2.4.7)"
TASK [Check binaries and versions] **********************************************************
"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin",
"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin:/home/ubuntu/.local/bin",
"/usr/bin/python3",
"Python 3.8.10",
"/usr/bin/pip3",
"pip 20.0.2 from /usr/lib/python3/dist-packages/pip (python 3.8)",
"/home/ubuntu/.local/bin/ansible",
"ansible [core 2.11.4] ",
" config file = None",
" configured module search path = ['/home/ubuntu/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']",
" ansible python module location = /home/ubuntu/.local/lib/python3.8/site-packages/ansible",
" ansible collection location = /home/ubuntu/.ansible/collections:/usr/share/ansible/collections",
" executable location = /home/ubuntu/.local/bin/ansible",
" python version = 3.8.10 (default, Jun 2 2021, 10:49:15) [GCC 9.4.0]",
" jinja version = 2.10.1",
" libyaml = True"
"ansible 4.5.0 ",
"ansible-core 2.11.4 ",
"boto3 1.18.36 ",
"botocore 1.21.36 "
boto3和botocore显然都安装在目标主机上。 为什么aws_secret插件告诉我botocore and boto3 are required for aws_ssm lookup ?
正如@Zeitounator 所述,查找在 Ansible 控制机器 ( docs ) 上执行和评估。 所以解决方案是在Jenkins服务器上通过pip安装botocore和boto3 。
如果您安装了 boto3 和 botocore,但仍然出现此错误,则可能是这样:您同时安装了 python2 和 python3。 Ansible 可能在 python3 下运行,但aws_secret查找出于某种原因仍在使用 python2。 对我来说一个糟糕的修复是pip2 install boto3 botocore 。 我现在正在寻找更好的解决方案。 Ubuntu 18.04...
如何修复 boto3 aws botocore.exceptions.NoCredentialsError:
[英]How to fix boto3 aws botocore.exceptions.NoCredentialsError:
boto3 如何通过 python 脚本使用 AWS SSM 服务安装 cloud watch agent
[英]boto3 How to install cloud watch agent using AWS SSM service through python script
在 AWS 秘密管理器中存储 Ansible Vault 密码并在需要时使用它
[英]Storing Ansible Vault password in AWS secret manager and using it when required
如何使用 boto3 轮换我的 AWS IAM 用户访问权限和密钥?
[英]How do I rotate my AWS IAM user access and secret key using boto3?
FileNotFoundError: [Errno 2] 没有这样的文件或目录 boto3 aws
[英]FileNotFoundError: [Errno 2] No such file or directory boto3 aws
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.