谈ansible配置host_key_checking = False

听闻少年二字,当与平庸相斥。这篇文章主要讲述谈ansible配置host_key_checking = False相关的知识,希望能为你提供帮助。

192.168.26.128
ansible主控端
192.168.26.129
ansible被控制端
192.168.26.130
ansible被控制端


1、ansible主配置文件/etc/ansible/ansible.cfg和受管主机/etc/ansible/hosts里面的配置


[root@192 ~]# cat /etc/ansible/ansible.cfg |grep -v "^#"|grep -v "^$"
[defaults]
[inventory]
[privilege_escalation]
[paramiko_connection]
[ssh_connection]
[persistent_connection]
[accelerate]
[selinux]
[colors]
[diff]


[root@192 ~]# cat /etc/ansible/hosts |grep -v "^#"|grep -v "^$"
[test]
192.168.26.129
192.168.26.130


2、使用ping模块探测其它主机




[root@192 ~]# ansible test -m ping -k
SSH password:  
192.168.26.130 | FAILED! => {
    "msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this.   Please add this hosts fingerprint to your known_hosts file to manage this host."
}
192.168.26.129 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },  
    "changed": false,  
    "ping": "pong"
}


3、可以看到192.168.26.130的主机不能到达,原因是这台主机是新加的机器,信息没写入known_hosts文件


4、在/etc/ansible/hosts把host_key_checking = False注释取消


[root@192 ~]# cat /etc/ansible/ansible.cfg |grep -v "^#"|grep -v "^$"
[defaults]
host_key_checking = False
[inventory]
[privilege_escalation]
[paramiko_connection]
[ssh_connection]
[persistent_connection]
[accelerate]
[selinux]
【谈ansible配置host_key_checking = False】[colors]
[diff]


5、再次执行ping模块探测其它主机


[root@192 ~]# ansible test -m ping -k
SSH password:  
192.168.26.129 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },  
    "changed": false,  
    "ping": "pong"
}
192.168.26.130 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },  
    "changed": false,  
    "ping": "pong"
}


6、可以看到正常的探测到其它的机器,这个方法适用大批量的新增主机至/etc/ansible/hosts主机配置文件中











    推荐阅读