Tôi đang cố gắng sử dụng Ansible để kết nối với một phiên bản AWS EC2 từ một bản dựng Codeship. Điều này đã được làm việc một cách hoàn hảo trong một khu vực AWS (eu-tây-1) nhưng bây giờ tôi muốn đến các máy chủ thiết lập trong chúng ta đông-1 và tôi nhận được lỗi sau:Ansible không thể kết nối với cá thể AWS EC2
<ec2-52-11-9-45.compute-1.amazonaws.com> ESTABLISH SSH CONNECTION FOR USER: ec2-user
<ec2-52-11-9-45.compute-1.amazonaws.com> SSH: EXEC ssh -C -vvv -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ec2-user -o ConnectTimeout=10 -o ControlPath=/home/rof/.ansible/cp/ansible-ssh-%h-%p-%r -tt ec2-52-11-9-45.compute-1.amazonaws.com '(umask 22 && mkdir -p "$(echo $HOME/.ansible/tmp/ansible-tmp-1461915330.37-230126286487108)" && echo "$(echo $HOME/.ansible/tmp/ansible-tmp-1461915330.37-230126286487108)")'
fatal: [ec2-52-11-9-45.compute-1.amazonaws.com]: UNREACHABLE! => {"changed": false, "msg": "ERROR! SSH encountered an unknown error. The output was:\nOpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /home/rof/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: auto-mux: Trying existing master
debug1: Control socket \"/home/rof/.ansible/cp/ansible-ssh-ec2-52-11-9-45.compute-1.amazonaws.com-22-ec2-user\" does not exist
debug2: ssh_connect: needpriv 0
debug1: Connecting to ec2-52-11-9-45.compute-1.amazonaws.com [52.1.39.45] port 22.
debug2: fd 3 setting O_NONBLOCK
debug1: fd 3 clearing O_NONBLOCK
debug1: Connection established.
debug3: timeout: 10000 ms remain after connect
debug3: Incorrect RSA1 identifier
debug3: Could not load \"/home/rof/.ssh/id_rsa\" as a RSA1 public key
debug1: identity file /home/rof/.ssh/id_rsa type -1
debug1: identity file /home/rof/.ssh/id_rsa-cert type -1
debug1: identity file /home/rof/.ssh/id_dsa type -1
debug1: identity file /home/rof/.ssh/id_dsa-cert type -1
debug1: identity file /home/rof/.ssh/id_ecdsa type -1
debug1: identity file /home/rof/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/rof/.ssh/id_ed25519 type -1
debug1: identity file /home/rof/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host \"ec2-52-11-9-45.compute-1.amazonaws.com\" from file \"/dev/null\"
debug3: load_hostkeys: loaded 0 keys
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: [email protected],zlib,none
debug2: kex_parse_kexinit: [email protected],zlib,none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected]
debug2: kex_parse_kexinit: none,[email protected]
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: setup [email protected]
debug1: kex: server->client aes128-ctr [email protected] [email protected]
debug2: mac_setup: setup [email protected]
debug1: kex: client->server aes128-ctr [email protected] [email protected]
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA f6:db:c0:15:19:17:45:cc:db:6f:16:f4:6f:02:bf:79
debug3: load_hostkeys: loading entries for host \"ec2-52-11-9-45.compute-1.amazonaws.com\" from file \"/dev/null\"
debug3: load_hostkeys: loaded 0 keys
debug3: load_hostkeys: loading entries for host \"52.1.39.45\" from file \"/dev/null\"
debug3: load_hostkeys: loaded 0 keys
Warning: Permanently added 'ec2-52-11-9-45.compute-1.amazonaws.com,52.1.39.45' (ECDSA) to the list of known hosts.
debug1: ssh_ecdsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/rof/.ssh/id_rsa (0x7fbfa369ea30),
debug2: key: /home/rof/.ssh/id_rsa ((nil)),
debug2: key: /home/rof/.ssh/id_dsa ((nil)),
debug2: key: /home/rof/.ssh/id_ecdsa ((nil)),
debug2: key: /home/rof/.ssh/id_ed25519 ((nil)),
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred gssapi-with-mic,gssapi-keyex,hostbased,publickey
debug3: authmethod_lookup publickey
debug3: remaining preferred: ,gssapi-keyex,hostbased,publickey
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/rof/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp 6a:73:a4:d1:c5:79:9d:6b:6f:3f:7d:cd:8e:60:97:84
debug3: sign_and_send_pubkey: RSA 6a:73:a4:d1:c5:79:9d:6b:6f:3f:7d:cd:8e:60:97:84
debug1: Enabling compression at level 6.
debug1: Authentication succeeded (publickey).
Authenticated to ec2-52-11-9-45.compute-1.amazonaws.com ([52.1.39.45]:22).
debug1: setting up multiplex master socket
debug3: muxserver_listen: temporary control path /home/rof/.ansible/cp/ansible-ssh-ec2-52-11-9-45.compute-1.amazonaws.com-22-ec2-user.WpJOoaH4MuX8djA0
debug2: fd 4 setting O_NONBLOCK
debug3: fd 4 is O_NONBLOCK
debug3: fd 4 is O_NONBLOCK
debug1: channel 0: new [/home/rof/.ansible/cp/ansible-ssh-ec2-52-11-9-45.compute-1.amazonaws.com-22-ec2-user]
debug3: muxserver_listen: mux listener channel 0 fd 4
debug2: fd 3 setting TCP_NODELAY
debug3: packet_set_tos: set IP_TOS 0x08
debug1: control_persist_detach: backgrounding master process
debug2: control_persist_detach: background process is 8248
Control socket connect(/home/rof/.ansible/cp/ansible-ssh-ec2-52-11-9-45.compute-1.amazonaws.com-22-ec2-user): Connection refused
Failed to connect to new control master
", "unreachable": true}
Tôi có thể kết nối với một lệnh ssh đơn giản như thế này ssh [email protected]
vì vậy tôi khá chắc chắn rằng các phím ssh được thiết lập một cách chính xác. Sự khác biệt duy nhất là khu vực và AMI, nhưng AMI là Amazon Linux trong cả hai trường hợp.
Ai đó có thể cho tôi biết sự cố hoặc chỉ cho tôi đúng hướng.
xác thực có vẻ chính xác (bạn nhận được "Được xác thực đến ec2-52-11-9-45.compute-1.amazonaws.com"). Bạn có thể chạy lệnh cục bộ trên cá thể ec2 để gỡ rối không? Bất kỳ cơ hội nào bạn đã thực hiện một bước cấu hình sẵn trên eu-west-1 mà bạn quên trên chúng tôi-đông-1? – Tom
Có, tôi có thể thực hiện lệnh này trên cá thể ec2 '(umask 22 && mkdir -p" $ (echo $ HOME/.ansible/tmp/ansible-tmp-1461915330.37-230126286487108) "&& echo" $ (echo $ HOME /. ansible/tmp/ansible-tmp-1461915330.37-230126286487108) ")' Và tôi chắc chắn rằng tôi đã không làm bất kỳ bước nào khác trước đây. –
Khi tôi chạy toàn bộ lệnh ssh 'ssh -C -vvv -o ControlMaster = auto -o ControlPersist = 60s -o StrictHostKeyChecking = no -o KbdInteractiveAuthentication = no -o PreferredAuthentications = gssapi-với-mic, gssapi-keyex, hostbased, publickey -o PasswordAuthentication = no -o Người dùng = ec2-user -o ConnectTimeout = 10 -o ControlPath =/home/rof/.ansible/cp/ansible-ssh-% h-% p-% r -tt ec2-52- 1-39-45.compute-1.amazonaws.com '(umask 22 && mkdir -p "$ (echo $ HOME/.ansible/tmp/ansible-tmp-1461915330.37-230126286487108)" && echo "$ (echo $ HOME /.ansible/tmp/ansible-tmp-1461915330.37-230126286487108) ") '' Tôi gặp lỗi khác –