您好,我正在尝试使用Vault运行以下剧本,但我似乎无法使其正常工作。
使用以下命令创建一个Ansible Vault文件:
ansible-valut create group_vars/routers
在那我输入了以下内容:
ansible_ssh_user: admin
ansible_ssh_pw: admin
auth_pass: admin
然后我有以下剧本:
---
- hosts:routers
gather_facts: true
connection: local
tasks:
- name: show run
ios_command:
authorize: yes
auth_pass: "{{ auth_pass }}"
commands:
- show run
register: config
当我尝试使用此cli命令运行它
ansible-playbook -u admin script.yaml --ask-vault-pass
我每次都会收到以下错误消息
Unable to elevate privelage to enable mode, at prompt [None] with error: timeout value 10 seconds reached while trying to send command: enable
如果我将连接更改为network_cli,现在出现以下错误:
fatal: [ROUTER-A]: Failed! => {"changed": false, "msg": "show run\r\n ^\r\n% Invalid input detected at '^' marker.\r\n\rROUTER-A>"}
答案 0 :(得分:0)
请参阅下面的最小示例。文件中要加密的文本是
test: "TEST VARIABLE"
。
> set | grep VAULT
ANSIBLE_VAULT_PASSWORD_FILE=/home/admin/.vault_pass.txt
> ls -1
ansible.cfg
group_vars
hosts
test.yml
> cat ansible.cfg
[defaults]
inventory = $PWD/hosts
> cat hosts
localhost
[routers]
localhost
> ansible-vault create group_vars/routers
> cat group_vars/routers
$ANSIBLE_VAULT;1.1;AES256
3733 ...
> cat test.yml
- hosts: routers
tasks:
- debug: var=test
> ansible-playbook test.yml
PLAY [routers]
TASK [Gathering Facts]
ok: [localhost]
TASK [debug]
ok: [localhost] => {
"test": "TEST VARIABLE"
}
PLAY RECAP
localhost : ok=2 changed=0 unreachable=0 failed=0