问题描述
我需要在远程服务器上安装二进制文件.以下是我正在执行的任务列表.
I need to install binary on remote servers. Following are the list of tasks that i am performing.
- 将/scp 二进制文件复制到远程服务器
- 以静默模式运行安装程序
第 1 步是将二进制文件复制到 /tmp,在远程主机 /tmp 上的空间非常少,一旦 /tmp scp 就会失败> 已满.我知道默认情况下,ansible 脚本/文件将被复制到 /tmp 目录,一旦活动完成,它将被删除.由于 /tmp 非常低,我需要使用用户目录来复制二进制文件.
Step #1 is copying binaries to /tmp, on remote hosts /tmp has very less space and scp is failing once the /tmp is full. I understood that by default ansible scripts/files will be copied to /tmp directory, once the activity is done it will be removed. Since /tmp is very low i need to use user directory to copy the binaries.
下面是ansible.cfg:
remote_user = testaccount
host_key_checking = False
scp_if_ssh=True
remote_tmp = $HOME/.ansible/tmp
以下是剧本:
- name: deploy binaries
hosts: test
strategy: free
become_method: 'sudo'
tasks:
- name: transfer
copy: src=./files/weblogic.jar dest=$HOME mode=0777
register: transfer
- debug: var=transfer.stdout
剧本执行:
ansible-playbook --inventory="hosts" --ask-pass --ask-become-pass --extra-vars="ansible_ssh_user=<unixaccount>" copybinaries.yml
即使使用上述配置,二进制文件也不会复制到用户主页,我确保有 $HOME/.ansible/tmp 目录,甚至像 /home/testaccount/这样的硬编码.ansbile/tmp.
Even with above config the binaries are not copied to user home, I have make sure to have $HOME/.ansible/tmp directory and even hard coded like /home/testaccount/.ansbile/tmp.
是否需要在 ansible.cfg 中覆盖任何其他配置?
Any other configs needs to be overridden in ansible.cfg?
推荐答案
虽然你还没有包含一个连贯的 MCVE,我猜测:
Although you still have not included a coherent MCVE, I guess:
您是否正在使用 become-an-unprivileged-user 选项运行任务;
either you are running the task with become-an-unprivileged-user option;
或者你的清单文件、配置文件、执行调用和剧本包含不必要和矛盾的设置,使 Ansible 以或多或少的不确定方式运行.
or your inventory file, configuration file, the execution call, and the playbook contain unnecessary and contradictory settings making Ansible run in a more or less nondeterministic way.
Ansible 将系统临时目录用于以不同用户身份运行的任务.这一行决定了这一点.
Ansible uses the system temp directory for tasks being run as a different user. This line determines this.
您只能为此类任务指定/tmp(默认)或/var/tmp 的子目录(使用remote_tmp).请参阅评论 在 Ansible 代码中:
You can only specify /tmp (default) or a subdirectory of /var/tmp for such tasks (with remote_tmp). See the comment in the Ansible code:
# When system is specified we have to create this in a directory where
# other users can read and access the temp directory. This is because
# we use system to create tmp dirs for unprivileged users who are
# sudo'ing to a second unprivileged user. The only dirctories where
# that is standard are the tmp dirs, /tmp and /var/tmp. So we only
# allow one of those two locations if system=True. However, users
# might want to have some say over which of /tmp or /var/tmp is used
# (because /tmp may be a tmpfs and want to conserve RAM or persist the
# tmp files beyond a reboot. So we check if the user set REMOTE_TMP
# to somewhere in or below /var/tmp and if so use /var/tmp. If
# anything else we use /tmp (because /tmp is specified by POSIX nad
# /var/tmp is not).
这篇关于未为 ansible 脚本执行设置远程 tmp 目录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!