常见错误问题
FAQ
ansible常规设置
- 配置默认ssh_key ~/.ssh/config
[15:37:31] sysadm@SYS-OPS-CD-0-252:/etc/ansible $ cat ~/.ssh/config Host * User sysadm IdentityFile ~/.ssh/sysadm.id_rsa
- 关闭首次连接身份验证, 防止中间人攻击
[21:33:12] sysadm@SYS-OPS-CD-0-252:~ $ ssh 10.1.17.68 The authenticity of host '10.1.17.68 (10.1.17.68)' can't be established. ED25519 key fingerprint is SHA256:1g0AcIo0SRXOtMVFTyt9bR97A7unIr6iiB9CXMC0sKw. This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])?
[15:37:31] sysadm@SYS-OPS-CD-0-252:/etc/ansible $ cat ~/.ssh/config Host * StrictHostKeyChecking no
- ansible服务端与客户端的openssh版本不一致, 不接受ssh-rsa加密算法
[15:43:59] sysadm@SYS-OPS-CD-0-252:~/.ssh $ ssh -i sysadm.id_rsa sysadm@10.1.17.91 sign_and_send_pubkey: no mutual signature supported sign_and_send_pubkey: no mutual signature supported sysadm@10.1.17.91: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
[15:37:31] sysadm@SYS-OPS-CD-0-252:/etc/ansible $ cat ~/.ssh/config Host * PubkeyAcceptedAlgorithms +ssh-rsa HostkeyAlgorithms +ssh-rsa
- 客户端Python版本低于ansible服务端
[WARNING]: Platform linux on host 10.1.54.201 is using the discovered Python interpreter at /usr/bin/python3.8, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible-core/2.17/reference_appendices/interpreter_discovery.html for more information.
编辑/etc/ansible/下的inventroy
[all:vars] ansible_python_interpreter=/usr/bin/python3 或者 ansible_python_interpreter=/usr/local/bin/python3