ansible:git 模块挂起
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/20136358/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
ansible: git module is hanging
提问by Michael
I am using Ansible and I am having a hard time making the git module works. I have read several posts of people having the same problem, I looked at the ansible doc, well I tried almost everything. I found a clear tutorial that I followed until they use git but again I have a problem when I use my repository... :/ The git task just hangs... no error, it is just stuck!
我正在使用 Ansible,但我很难让 git 模块正常工作。我已经阅读了几篇有同样问题的人的帖子,我查看了 ansible 文档,我几乎尝试了所有方法。我找到了一个清晰的教程,在他们使用 git 之前我一直在遵循它,但是当我使用我的存储库时,我又遇到了一个问题......:/ git 任务只是挂起......没有错误,它只是卡住了!
Here is my host file:
这是我的主机文件:
[web]
dev1 ansible_ssh_host=10.0.0.101 ansible_ssh_user=root
This is a vagrant VM running on virtualbox on my computer.
这是在我的计算机上的 virtualbox 上运行的流浪虚拟机。
I took the playbook from this tutorial and did all the steps until step 08: https://github.com/leucos/ansible-tuto/tree/master/step-08
我从本教程中获取了剧本并完成了步骤 08 之前的所有步骤:https: //github.com/leucos/ansible-tuto/tree/master/step-08
I run it on my VM, it works fine, then I add one task "Deploy my code" to use my repository... but this task does not work. It is a private repository on bitbucket. Does it make a difference?
我在我的虚拟机上运行它,它工作正常,然后我添加了一个任务“部署我的代码”来使用我的存储库......但这个任务不起作用。它是 bitbucket 上的私有存储库。这有什么不同吗?
- hosts: web
tasks:
- name: Deploy our awesome application
action: git repo=https://github.com/leucos/ansible-tuto-demosite.git dest=/var/www/awesome-app
tags: deploy
- name: Deploy my code
action: git repo=https://[email protected]/YAmikep/djangotutorial.git dest=/var/www/my-app
tags: deploy
There might be something with the user, or the user running ansible, or the keys, etc, but I tried back and forth for hours and I am even more confused now... I just do not know what to do to debug that now and find out what is wrong and what I am missing.
用户可能有什么问题,或者用户运行 ansible,或者密钥等,但我来回尝试了几个小时,现在我更加困惑......我只是不知道现在该怎么做调试并找出什么是错的,我错过了什么。
Thanks.
谢谢。
回答by Marcos Abreu
There are a couple of reasons why the git module might be hanging, but the most possible is that the git clonecommand is waiting for a confirmation if the host key should be added to your server's known hosts. To verify if this is the problem execute ansible with the flag: --verbose, so that it runs in verbose mode, this will give you more information about the error.
git 模块可能挂起的原因有几个,但最有可能的原因是该git clone命令正在等待确认是否应将主机密钥添加到服务器的已知主机。要验证这是否是问题,请使用标志执行 ansible: --verbose,以便它以详细模式运行,这将为您提供有关错误的更多信息。
If you confirm that the known hosts is the problem, then you have two choices:
如果您确认已知主机是问题所在,那么您有两个选择:
Solution 1:
解决方案1:
To avoid this problem with the gitmodule use the accept_hostkeyparameter.
为避免git模块出现此问题,请使用该accept_hostkey参数。
- name: ensure jquery repo is available
git: [email protected]:jquery/jquery.git version=master accept_hostkey=True
Solution 2:
解决方案2:
Use the ansible-sshknownhoststhird-party module before using the core gitmodule:
使用ansible-sshknownhosts使用核心之前,第三方模块git模块:
- name: ensure github is a known host
action: sshknownhosts host=github.com state=present
- name: ensure jquery repo is available
git: [email protected]:jquery/jquery.git version=master accept_hostkey=True
Since the knownhostsis not a core ansible module, you will need to install it first, please refer to the github repo docsfor more information hon how to install it.
由于knownhosts它不是核心 ansible 模块,您需要先安装它,有关如何安装它的更多信息,请参阅github repo 文档。
another solution would be to disable ssh host key checking, but this has security implications, so unless you really know what you are doing it is best to avoid this.
另一种解决方案是禁用 ssh 主机密钥检查,但这具有安全隐患,因此除非您真的知道自己在做什么,否则最好避免这种情况。
回答by silverdr
I tried basically everything (accepting keys, ssh config change, known_hosts file, ssh-agent forwarding, and forgot what else) to no success.
我基本上尝试了所有方法(接受密钥、ssh 配置更改、known_hosts 文件、ssh-agent 转发,但忘记了其他内容)都没有成功。
After pulling all of my hair out, I eventually nailed down the problem to be a fact that the SSH private keymay require a passphrase!
在把我所有的头发都拔掉之后,我最终确定了问题是 SSH私钥可能需要密码!
I didn't notice that earlier because local ssh agent took care of it using keyring stored passphrase so everything worked locally. Using Ansible on a Vagrant Virtual Machine, this mechanism was not available and the git module got stuck waiting for the passphrase to be entered. Once realised the possible cause, I created a special keypair without passphrase (security aspects are known, right?) and added the public key to bitbucket (/github /whichever). When using this particular key - things went smoothly through.
我之前没有注意到这一点,因为本地 ssh 代理使用密钥环存储的密码来处理它,所以一切都在本地工作。在 Vagrant 虚拟机上使用 Ansible,此机制不可用,并且 git 模块卡在等待输入密码短语。一旦意识到可能的原因,我创建了一个没有密码短语的特殊密钥对(安全方面是已知的,对吧?)并将公钥添加到 bitbucket(/github/以哪个为准)。使用此特定键时 - 事情进展顺利。
回答by Jake Kreider
If the user requires a password, the git module can hang if one isn't provided while the git executable prompts for it in the background. For your repo parameter, try using https://YAmikep:{yourpassword}@bitbucket.org/YAmikep/djangotutorial.git. Or, try using git/ssh keys instead so no password is required.
如果用户需要密码,当 git 可执行文件在后台提示输入密码时,如果未提供密码,则 git 模块可能会挂起。对于您的 repo 参数,请尝试使用https://YAmikep:{yourpassword}@bitbucket.org/YAmikep/djangotutorial.git. 或者,尝试使用 git/ssh 密钥,这样就不需要密码。
回答by spacediver
I've encountered this, and in my case git hang up on confirming new ssh key for a host (bitbucket.org). This could be solved by sshknownhostsmodule, which is run before git to populate .ssh/known_hosts at the host, so that afterwards git does not need to hang on it.
我遇到过这种情况,在我的情况下,git 挂断了确认主机 (bitbucket.org) 的新 ssh 密钥。这可以通过sshknownhosts模块解决,该模块在 git 之前运行以在主机上填充 .ssh/known_hosts,以便之后 git 不需要挂在它上面。
But be careful about possible security issues, read module documentation.
但要小心可能的安全问题,阅读模块文档。
回答by Nick
fwiw I've also had this apparently caused by multiple ssh agents running (osx client). Fixed by
fwiw 我也有这显然是由多个 ssh 代理运行(osx 客户端)引起的。固定由
killall ssh-agent && eval `ssh-agent` && ssh-add -K
killall ssh-agent && eval `ssh-agent` && ssh-add -K
回答by villy393
For me the problem was specifying the https path to git instead of the ssh path.
对我来说,问题是指定 git 的 https 路径而不是 ssh 路径。
https://gitlab.com/foo/bar.git # Incorrect
[email protected]:foo/bar.git # Correct
回答by liamconnell
I had a similar problem when using ansible with terraform. Terraform security groups do not default to "allow all egress" like they do in the AWS console, so the git clone request would not be sent regardless of client causing the hanging behavior.
将 ansible 与 terraform 一起使用时,我遇到了类似的问题。Terraform 安全组不像在 AWS 控制台中那样默认为“允许所有出口”,因此无论客户端是否导致挂起行为,都不会发送 git clone 请求。
See the note in the terraform docs here: https://www.terraform.io/docs/providers/aws/r/security_group.html#description-2
请参阅此处的 terraform 文档中的注释:https: //www.terraform.io/docs/providers/aws/r/security_group.html#description-2
