由于身份验证问题,我无法在Dockerfile中运行我的ansible playbook.
这是我的dockerfile:
FROM ubuntu:14.04
MAINTAINER hyperfocus
# Update system and install ansible
RUN apt-get -y update
RUN apt-get install -y python-yaml python-jinja2 git
RUN git clone http://github.com/ansible/ansible.git /tmp/ansible
# Set environment
WORKDIR /tmp/ansible
ENV PATH /tmp/ansible/bin:/sbin:/usr/sbin:/usr/bin
ENV ANSIBLE_LIBRARY /tmp/ansible/library
ENV PYTHONPATH /tmp/ansible/lib:$PYTHON_PATH
# Add repo key and add it to known hosts
ADD id_rsa /root/.ssh/id_rsa
RUN chmod 700 /root/.ssh/id_rsa
RUN touch /root/.ssh/known_hosts
RUN ssh-keyscan bitbucket.org >> /root/.ssh/known_hosts
# Bootstrap playbook
RUN git clone git@bitbucket.org:xxx/xxx.git /tmp/playbook
ADD hosts /etc/ansible/hosts
WORKDIR /tmp/playbook
# Bootstrap
RUN ansible-playbook /tmp/playbook/site.yml -c local -t bootstrap
# Debug
# RUN ansible all -m ping -i /etc/ansible/hosts -vvvvvv
# Container settings
EXPOSE 22 3000
ENTRYPOINT [“/usr/bin/foo”]
我的主机文件:
[web]
localhost ansible_connection=local
[database]
localhost ansible_connection=local
[cache]
localhost ansible_connection=local
输出:
PLAY [bootstrap installer] ****************************************************
GATHERING FACTS ***************************************************************
fatal: [localhost] => Authentication or permission failure. In some cases,you may have been able to authenticate and did not have permissions on the remote directory. Consider changing the remote temp path in ansible.cfg to a path rooted in "/tmp". Failed command was: mkdir -p $HOME/.ansible/tmp/ansible-tmp-1403661775.03-87881370436819 && echo $HOME/.ansible/tmp/ansible-tmp-1403661775.03-87881370436819,exited with result 127
我在这里想念的是什么?
Ansible正在容器中运行,试图连接到容器,因此您需要同时授权容器和root用户.容器必须是已知主机,并且必须授权root的公钥.例如:
RUN ssh-keyscan -t rsa 127.0.0.1 >>/root/.ssh/known_hosts
RUN cat /root/.ssh/id_rsa.pub >>/root/.ssh/authorized_keys
我正在使用Docker 1.1.2版,构建d84a070.登录到我的容器(作为root)我发现pip使用了/.pip而不是/root/.pip;虽然ssh按预期使用/root/.ssh而不是像Gekkie建议的/.ssh.
