ping模块是Ansible入门到放弃的必经之路,用于测试Ansible server到inventory主机的连通性,包括网络和登录信息ansible_ssh_user、ansible_ssh_pass。官网只有模块的简单使用ping – Try to connect to host, verify a usable python and return,那么,常见报错有哪些?我们可以从中得到什么信息呢?Let’s get started. Here is my inventory:
[TEST]
172.17.192.156
199.31.176.146
199.31.177.91
172.17.197.236
199.31.176.204
199.31.176.137
199.31.176.23
199.31.191.80
199.31.176.246
[TEST:vars]
ansible_ssh_user=test
ansible_ssh_pass=xxxxxx
Message Type One: SUCCESS (默认是浅绿色)
172.17.192.156 | SUCCESS => {
"changed": false,
"failed": false,
"ping": "pong"
Message Type Two: FAILED! (默认是红色)
失败的原因有多种,比如:
1.目标机器的Python版本太低,报错中有“from __future__ import absolute_import”
199.31.176.146 | FAILED! => {
"changed": false,
"failed": true,
"module_stderr": "Shared connection to 199.31.176.146 closed.
",
"module_stdout": " File "/tmp/ansible_knbXZf/ansible_module_ping.py", line 8
from __future__ import absolute_import, division, print_function
SyntaxError: future feature absolute_import is not defined
",
"msg": "MODULE FAILURE",
"rc": 0
}
登录199.31.176.146查看Python版本为2.4.3,09年6月11日发布的版本
Last login: Fri Jul 20 10:18:20 2018 from 192.168.10.1
[ncms@localhost ~]$ python
Python 2.4.3 (#, Jun 11 2009, 14:09:37)
[GCC 4.1.2 20080704 (Red Hat 4.1.2-44)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>>
Ansible server与目标机器python的版本对应的关系
Ansible 2.6:You need Python 2 (version 2.6 or later) or Python 3 (version 3.5 or later).
Ansible 2.5:You need Python 2 (version 2.6 or later) or Python 3 (version 3.5 or later).
Ansible 2.4: You need Python 2.6 or later.
Ansible 2.3:You need Python 2.4 or later. If you are running less than Python 2.5 on the remotes, you will also need python-simplejson
2.目标机器的Python环境有问题,从module_stdout可以看出
199.31.177.91 | FAILED! => {
"changed": false,
"failed": true,
"module_stderr": "Shared connection to 199.31.177.91 closed.
",
"module_stdout": "Could not find platform independent libraries <prefix>
Could not find platform dependent libraries <exec_prefix>
Consider setting $PYTHONHOME to <prefix>[:<exec_prefix>]
ImportError: No module named site
",
"msg": "MODULE FAILURE",
"rc": 0
}
登录199.31.177.91后终端输入python,内容与报错信息一致
[ncms@localhost ~]$ python
Could not find platform independent libraries <prefix>
Could not find platform dependent libraries <exec_prefix>
Consider setting $PYTHONHOME to <prefix>[:<exec_prefix>]
ImportError: No module named site
[ncms@localhost ~]$
3.目标机器没有上Python,报错信息中有“/bin/sh: /usr/bin/python: not found”
172.17.197.236 | FAILED! => {
"changed": false,
"failed": true,
"module_stderr": "Shared connection to 172.17.197.236 closed. \r\n",
"module_stdout": "/bin/sh: /usr/bin/python: not found. \r\n",
"msg": "MODULE FAILURE",
"rc": 0
}
这个也不容忽视,比如很多企业使用的AIX
Last login: Fri Jul 13 14:51:42 CST 2018 on /dev/pts/0 from 200.31.225.40
*******************************************************************************
* *
* *
* Welcome to AIX Version 7.1! *
* *
* *
* Please see the README file in /usr/lpp/bos for information pertinent to *
* this release of the AIX Operating System. *
* *
* *
*******************************************************************************
test@KSWAPAPP01:/home/test>python2
ksh: python2: not found.
test@KSWAPAPP01:/home/test>python3
ksh: python3: not found.
test@KSWAPAPP01:/home/test>
Message Type Three: UNREACHABLE! (默认是红色)
主机不可达的原因有多种,不一定是网络问题,比如:
1.目标机器磁盘空间不足,报错中有“No space left on device”
199.31.176.204 | UNREACHABLE! => {
"changed": false,
"msg": "mkdir: cannot create directory `/tmp/.ansible/tmp/ansible-tmp-1531795083.82-248388551908845': No space left on device
",
"unreachable": true
}
注意:Ansible到目标机器的哪个目录创建文件.ansible/tmp/ansible-tmp…xxx…是可以在.ansible.cfg中设置的,[remote_tmp]项
[defaults]
# some basic default values...
inventory = /home/ncms/ncms/ansible_/hosts
#library = /usr/share/my_modules/
#module_utils = /usr/share/my_module_utils/
remote_tmp = /tmp # 比如这里我设置成了/tmp目录
#local_tmp = ~/.ansible/tmp
#plugin_filters_cfg = /etc/ansible/plugin_filters.yml
2.网络正常,登录信息不正确
199.31.176.137 | UNREACHABLE! => {
"changed": false,
"msg": "Authentication failure.",
"unreachable": true
}
3.私钥的问题,具体什么原因我也不知道。清除Ansible server的~/.ssh/known_hosts文件中对应主机的私钥就解决了
199.31.176.23 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:0Q8tgeKgkLA2ipRuBgqoH/nNjJaGCXcE5oIWax1ANQI.
Please contact your system administrator.
Add correct host key in /home/ncms/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/ncms/.ssh/known_hosts:619
Password authentication is disabled to avoid man-in-the-middle attacks.
Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
",
"unreachable": true
}
4.网络问题,没有可到达的路由,报错中有“No route to host”
199.31.191.80 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: ssh: connect to host 199.31.191.80 port 22: No route to host
",
"unreachable": true
}
5.网络问题,防火墙端口不通或者网络不可达
199.31.176.246 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: ssh: connect to host 199.31.176.246 port 22: Connection refused
",
"unreachable": true
}
以上总结了ping模块的9种返回信息,有不对或需要补充的地方欢迎指正!