谈ansible配置host_key_checking = False

听闻少年二字，当与平庸相斥。这篇文章主要讲述谈ansible配置host_key_checking = False相关的知识，希望能为你提供帮助。

192.168.26.128	ansible主控端
192.168.26.129	ansible被控制端
192.168.26.130	ansible被控制端

1、ansible主配置文件/etc/ansible/ansible.cfg和受管主机/etc/ansible/hosts里面的配置

[root@192 ~]# cat /etc/ansible/ansible.cfg |grep -v "^#"|grep -v "^$"
[defaults]
[inventory]
[privilege_escalation]
[paramiko_connection]
[ssh_connection]
[persistent_connection]
[accelerate]
[selinux]
[colors]
[diff]

[root@192 ~]# cat /etc/ansible/hosts |grep -v "^#"|grep -v "^$"
[test]
192.168.26.129
192.168.26.130

2、使用ping模块探测其它主机

[root@192 ~]# ansible test -m ping -k
SSH password:
192.168.26.130 | FAILED! => {
"msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this hosts fingerprint to your known_hosts file to manage this host."
}
192.168.26.129 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}

3、可以看到192.168.26.130的主机不能到达，原因是这台主机是新加的机器，信息没写入known_hosts文件

4、在/etc/ansible/hosts把host_key_checking = False注释取消

[root@192 ~]# cat /etc/ansible/ansible.cfg |grep -v "^#"|grep -v "^$"
[defaults]
host_key_checking = False
[inventory]
[privilege_escalation]
[paramiko_connection]
[ssh_connection]
[persistent_connection]
[accelerate]
[selinux]
【谈ansible配置host_key_checking = False】[colors]
[diff]

5、再次执行ping模块探测其它主机

[root@192 ~]# ansible test -m ping -k
SSH password:
192.168.26.129 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
192.168.26.130 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}

6、可以看到正常的探测到其它的机器，这个方法适用大批量的新增主机至/etc/ansible/hosts主机配置文件中