由于身份validation问题,我无法在Dockerfile中运行我的可靠剧本。
这是我的dockerfile:
FROM ubuntu:14.04 MAINTAINER hyperfocus # Update system and install ansible RUN apt-get -y update RUN apt-get install -y python-yaml python-jinja2 git RUN git clone http://github.com/ansible/ansible.git /tmp/ansible # Set environment WORKDIR /tmp/ansible ENV PATH /tmp/ansible/bin:/sbin:/usr/sbin:/usr/bin ENV ANSIBLE_LIBRARY /tmp/ansible/library ENV PYTHONPATH /tmp/ansible/lib:$PYTHON_PATH # Add repo key and add it to known hosts ADD id_rsa /root/.ssh/id_rsa RUN chmod 700 /root/.ssh/id_rsa RUN touch /root/.ssh/known_hosts RUN ssh-keyscan bitbucket.org >> /root/.ssh/known_hosts # Bootstrap playbook RUN git clone [email protected]:xxx/xxx.git /tmp/playbook ADD hosts /etc/ansible/hosts WORKDIR /tmp/playbook # Bootstrap RUN ansible-playbook /tmp/playbook/site.yml -c local -t bootstrap # Debug # RUN ansible all -m ping -i /etc/ansible/hosts -vvvvvv # Container settings EXPOSE 22 3000 ENTRYPOINT [“/usr/bin/foo”] 我的主机文件:
[web] localhost ansible_connection=local [database] localhost ansible_connection=local [cache] localhost ansible_connection=local
输出:
PLAY [bootstrap installer] **************************************************** GATHERING FACTS *************************************************************** fatal: [localhost] => Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the remote directory. Consider changing the remote temp path in ansible.cfg to a path rooted in "/tmp". Failed command was: mkdir -p $HOME/.ansible/tmp/ansible-tmp-1403661775.03-87881370436819 && echo $HOME/.ansible/tmp/ansible-tmp-1403661775.03-87881370436819, exited with result 127
我在这里错过了什么?
Ansible在容器中运行,试图连接到容器,因此您需要授权容器和根用户。 容器必须是已知的主机,并且必须授权root的公钥。 例如:
RUN ssh-keyscan -t rsa 127.0.0.1 >>/root/.ssh/known_hosts RUN cat /root/.ssh/id_rsa.pub >>/root/.ssh/authorized_keys
我正在使用Docker版本1.1.2,生成d84a070。 login到我的容器(以root用户身份)我发现该pip使用/.pip而不是/root/.pip; 而ssh使用了/root/.ssh,而不是像Gekkie所build议的那样使用/.ssh。