playbook无法自动甄别操作系统版本

playbook无法自动甄别操作系统版本

playbook无法自动甄别操作系统版本

ansible 内置变量 ansible_distribution 代表客户端的分发版,比如redhat或者debian
ansible_distribution_major_version 代表分发版的版本号,比如7.2

进行自动版本区分失败。

在playbook中根据不通的分发版来给予不通的变量,几乎是现在所有playbook的通用做法。
代码中通过{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml来加载相应的var变量。
在一些服务器中运行报错,报错说找不到对应的var定义

TASK [jjmomark.yumrepo : Set OS dependent variables] ***************************
fatal: [10.xxx.xxx.xxx]: FAILED! => {"failed": true, "msg": "No file was found when using with_first_found. Use the 'skip: true' option to allow this task to be skipped if no files are found"}

ansible已经配置了redis作为变量缓存,登陆到redis查看 ansible cache 发现 变量都变成了这样

"ansible_os_family": "-----------------------------------------------------------",
"ansible_distribution": "-----------------------------------------------------------",
"ansible_distribution_major_version": "-----------------------------------------------------------",
"ansible_distribution_release": "NA",
"ansible_distribution_version": "-----------------------------------------------------------",

恍然大悟

原因是之前写的安全加固playbook,其中会把

  • /etc/motd
  • /etc/issue
  • /etc/ssh/ssh_banner
  • /etc/redhat-release

    等文件中的内容替换为警示语:

-----------------------------------------------------------
This computer system is for authorized users only. Individuals using this
system without authority or in excess of their authority are subject to
having all their activities on this system monitored and recorded or examined
by any authorized person, including law enforcement, as system personnel deem
appropriate. In the course of monitoring individuals improperly using the
system or in the course of system maintenance, the activities of authorized
users may also be monitored and recorded. Any material so recorded may be
disclosed as appropriate. Anyone using this system consents to these terms.<br/--<---------------------------------------------------------

这就是变量中“-------------”的来历

修正

  • 删除掉redis的内容。
  • 恢复目标机器的 – /etc/redhat-release 和 – /etc/issue ( playbook替换文件时,打开backup=yes是个好习惯)

问题就解决了。

如果不成功说明缓存还在。 用–flush-cache 选项多跑一次 ansible-playbook应该就可以了。