不可信的剧本错误
不可信的剧本错误
提问于 2020-11-05 17:14:50
我试图在远程主机上执行由弹性提供的cert,但是,它是在抱怨剧本的结构,但是,我有一个类似的剧本,很好地工作,我没有看到区别。我觉得我需要第二双眼睛。
我尝试过对游戏手册的顶部做各种修改,比如添加
- 名称:安装证书
但是,它抱怨-名字。我来自盐的背景和新的ansible所以,我觉得我错过了某种类型的结构。
hosts: elasticnodes
become: true
vars:
elasticsearch_path_home: "/usr/share/elasticsearch"
elasticsearch_path_etc: "/etc/elasticsearch"
elasticsearch_tls_cert_ca_pass: "plop99"
elasticsearch_tls_cert_pass: "plop99"
elasticsearch_tls_cert_dir: "certs"
elasticsearch_user: "elasticsearch"
elasticsearch_user_group: "elasticsearch"
tasks:
- name: Create a certificate directory
file:
owner: root
group: '{{ elasticsearch_user_group }}'
mode: u=rwx,g+rx,o-rwx
path: '{{ elasticsearch_path_etc }}/{{ elasticsearch_tls_cert_dir }}'
state: directory
when: elasticsearch_tls_cert_dir is defined
- name: Check a certificate of authority
stat:
path: "{{ elasticsearch_path_etc }}/{{ elasticsearch_tls_cert_dir }}/elastic-stack-ca.p12"
register: elastic_stack_ca_file
- name: Generate a certificate of authority
args:
chdir: '{{ elasticsearch_path_etc }}'
become: yes
command: "'{{ elasticsearch_path_home }}'/bin/elasticsearch-certutil ca --out '{{ elasticsearch_path_etc }}/{{ elasticsearch_tls_cert_dir }}'/elastic-stack-ca.p12 --pass '{{ elasticsearch_tls_cert_pass }}'"
when: not elastic_stack_ca_file.stat.exists
- name: Check a certificate and private key for a node
stat:
path: "{{ elasticsearch_path_etc }}/{{ elasticsearch_tls_cert_dir }}/elastic-certificates.p12"
register: elastic_certificates_file
- name: Generate a certificate and private key for a node
args:
chdir: '{{ elasticsearch_path_etc }}'
become: yes
command: "'{{ elasticsearch_path_home }}'/bin/elasticsearch-certutil cert --ca '{{ elasticsearch_path_etc }}/{{ elasticsearch_tls_cert_dir }}'/elastic-stack-ca.p12 --ca-pass '{{ elasticsearch_tls_cert_pass }}' --out '{{ elasticsearch_path_etc }}/{{ elasticsearch_tls_cert_dir }}'/elastic-certificates.p12 --pass '{{ elasticsearch_tls_cert_ca_pass }}'"
when: elastic_stack_ca_file.stat.exists and not elastic_certificates_file.stat.exists这给出了一个错误
ERROR! A playbook must be a list of plays, got a <class 'ansible.parsing.yaml.objects.AnsibleMapping'> instead
The error appears to be in '/root/elastic/ansible/playbooks/cert_setup.yml': line 2, column 3, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
hosts: elasticnodes
^ here但是像这样的剧本很好用。
# modify the /etc/sysctl.conf file
- name: Configure sysctl.conf and /etc/hosts
hosts: elasticnodes
become: true
vars:
fqdn: "domain.com"
tasks:
- name: Configure sysctl
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
reload: yes
sysctl_set: yes
with_items:
- { name: vm.swappiness, value: 1 }
# modify the /etc/hosts file work in progress
- name: Build hosts file
lineinfile:
dest: /etc/hosts
regexp: '.*{{ item }}$'
line: '{{ hostvars[item].ansible_default_ipv4.address }} {{item}}.{{fqdn}} {{item}}'
state: present
with_items: '{{ groups["etc_hosts"] }}'
- name: Update Host Names
hostname:
name: "{{ inventory_hostname }}"
# start firewall
- name: Enable firewalld
service:
name: firewalld
state: started
enabled: yes
# restart firewall
- name: Restart firewalld
service:
name: firewalld
state: restarted
enabled: yes
# Update firewall rules
- name: Update Firewall Settings
ansible.posix.firewalld:
zone: public
permanent: yes
immediate: yes
state: enabled
port: 9200/tcp
# Update firewall rules
- name: Update Firewall Settings
ansible.posix.firewalld:
zone: public
permanent: yes
immediate: yes
state: enabled
port: 9300/tcp我不太确定我错过了什么,感觉很明显。
回答 1
Stack Overflow用户
发布于 2020-11-05 17:27:04
错误是A playbook must be a list of plays。第一个剧本在开始时缺少-,然后没有列表播放,而带有args的任务没有模块command。试一试如下。
- hosts: elasticnodes
become: true
vars:
elasticsearch_path_home: "/usr/share/elasticsearch"
elasticsearch_path_etc: "/etc/elasticsearch"
elasticsearch_tls_cert_ca_pass: "plop99"
elasticsearch_tls_cert_pass: "plop99"
elasticsearch_tls_cert_dir: "certs"
elasticsearch_user: "elasticsearch"
elasticsearch_user_group: "elasticsearch"
tasks:
- name: Create a certificate directory
file:
owner: root
group: '{{ elasticsearch_user_group }}'
mode: u=rwx,g+rx,o-rwx
path: '{{ elasticsearch_path_etc }}/{{ elasticsearch_tls_cert_dir }}'
state: directory
when: elasticsearch_tls_cert_dir is defined
- name: Check a certificate of authority
stat:
path: "{{ elasticsearch_path_etc }}/{{ elasticsearch_tls_cert_dir }}/elastic-stack-ca.p12"
register: elastic_stack_ca_file
- name: Generate a certificate of authority
command: "'{{ elasticsearch_path_home }}'/bin/elasticsearch-certutil ca --out '{{ elasticsearch_path_etc }}/{{ elasticsearch_tls_cert_dir }}'/elastic-stack-ca.p12 --pass '{{ elasticsearch_tls_cert_pass }}'"
args:
chdir: '{{ elasticsearch_path_etc }}'
become: yes
when: not elastic_stack_ca_file.stat.exists
- name: Check a certificate and private key for a node
stat:
path: "{{ elasticsearch_path_etc }}/{{ elasticsearch_tls_cert_dir }}/elastic-certificates.p12"
register: elastic_certificates_file
- name: Generate a certificate and private key for a node
command: "'{{ elasticsearch_path_home }}'/bin/elasticsearch-certutil cert --ca '{{ elasticsearch_path_etc }}/{{ elasticsearch_tls_cert_dir }}'/elastic-stack-ca.p12 --ca-pass '{{ elasticsearch_tls_cert_pass }}' --out '{{ elasticsearch_path_etc }}/{{ elasticsearch_tls_cert_dir }}'/elastic-certificates.p12 --pass '{{ elasticsearch_tls_cert_ca_pass }}'"
args:
chdir: '{{ elasticsearch_path_etc }}'
become: yes
when: elastic_stack_ca_file.stat.exists and not elastic_certificates_file.stat.exists这是一种最佳实践,把你的剧本命名为你的第二本剧本,我建议你阅读最佳实践来改进你的剧本。
https://www.ansible.com/blog/ansible-best-practices-essentials
查看command模块的正式文档。
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/command_module.html
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/64702090
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号