问题:
从ansible playbook获取更新时忽略关键错误
郭修平
我在ansible中有一个playbook,它可以从一个存储库中安装包含无效密钥的软件包:
- name: Add Cloudera key
apt_key:
keyserver: keys.gnupg.net
id: F36A89E33CC1BD0F71079007327574EE02A818DD
- name: Install Cloudera packages
apt:
name: {{ item }}
update_cache: yes
state: latest
allow_unautenticated: yes
with_items:
- sudo
- libssl-dev
- ....
但ansible无法更新缓存:
"msg": "Failed to update apt cache: W:GPG error: http://archive.cloudera.com/cdh5/debian/jessie/amd64/cdh jessie-cdh5 InRelease: The following signatures were invalid: F36A89E33CC1BD0F71079007327574EE02A818DD, E:The repository 'http://archive.cloudera.com/cdh5/debian/jessie/amd64/cdh jessie-cdh5 InRelease' is not signed."
即使allow_unauthenticated选项或force选项设置为yes。如何用这些关键问题更新缓存?
EDIT再现此行为的apt命令是:
sudo wget 'https://archive.cloudera.com/cdh5/debian/jessie/amd64/cdh/cloudera.list' \ -O /etc/apt/sources.list.d/cloudera.list
sudo apt-get update
W: GPG error: http://archive.cloudera.com/cdh5/debian/jessie/amd64/cdh jessie-cdh5 InRelease: The following signatures were invalid: F36A89E33CC1BD0F71079007327574EE02A818DD
W: The repository 'http://archive.cloudera.com/cdh5/debian/jessie/amd64/cdh jessie-cdh5 InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
但我可以继续发布命令
sudo apt-get install hadoop-hdfs-namenode
并在警告后安装软件包。Ansible正在考虑上面的警告(W以下签名无效),这是Cloudera方面的一个错误,提供了错误的密钥或错误的签名存储库,但继续安装包:
dpkg -l | grep hadoop-hdfs-namenode
ii hadoop-hdfs-namenode 2.6.0+cdh5.14.2+2748-1.cdh5.14.2.p0.11~jessie-cdh5.14.2 all Name Node for Hadoop
因此,我试图实现的是Ansible复制了这种行为:执行apt get update命令,并在不退出更新部分的情况下继续。Ansible可以使用选项allow_unauthenticated从未签名的存储库安装软件包。
编辑#2:完整的anable命令如下:
iveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/user/.ansible/cp/be00dd5395 -tt 192.168.9.22 '/bin/sh -c '"'"'sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-thnmveqcmiwmvbdbabglejbbsaidohqe; /usr/bin/python /home/user/.ansible/tmp/ansible-tmp-1528224540.4225562-47865757921408/apt.py'"'"'"'"'"'"'"'"' && sleep 0'"'"''
Escalation succeeded
<192.168.9.22> (1, b'\r\n{"msg": "Failed to update apt cache: W:GPG error: http://archive.cloudera.com/cdh5/debian/jessie/amd64/cdh jessie-cdh5 InRelease: The following signatures were invalid: F36A89E33CC1BD0F71079007327574EE02A818DD, E:The repository \'http://archive.cloudera.com/cdh5/debian/jessie/amd64/cdh jessie-cdh5 InRelease\' is not signed.", "failed": true, "exception": " File \\"/tmp/ansible_RDFb3C/ansible_module_apt.py\\", line 991, in main\\n cache.update()\\n File \\"/usr/lib/python2.7/dist-packages/apt/cache.py\\", line 464, in update\\n raise FetchFailedException(e)\\n", "invocation": {"module_args": {"dpkg_options": "force-confdef,force-confold", "upgrade": null, "force": false, "force_apt_get": false, "install_recommends": null, "package": ["sudo", "build-essential", "python-dev", "python3-dev", "openjdk-8-jdk", "git", "libssl-dev", "libsqlite3-dev", "zlib1g-dev", "bzip2", "libreadline-dev", "vim", "rsync", "apt-transport-https", "vsftpd", "ftp", "tmux", "postgresql", "postgresql-client", "libpq-dev", "python-psycopg2", "ntp", "r-base"], "autoclean": false, "name": ["sudo", "build-essential", "python-dev", "python3-dev", "openjdk-8-jdk", "git", "libssl-dev", "libsqlite3-dev", "zlib1g-dev", "bzip2", "libreadline-dev", "vim", "rsync", "apt-transport-https", "vsftpd", "ftp", "tmux", "postgresql", "postgresql-client", "libpq-dev", "python-psycopg2", "ntp", "r-base"], "purge": false, "allow_unauthenticated": true, "state": "latest", "autoremove": false, "update_cache": true, "default_release": null, "only_upgrade": false, "deb": null, "cache_valid_time": 0}}}\r\n', b'Shared connection to 192.168.9.22 closed.\r\n')
<192.168.9.22> ESTABLISH SSH CONNECTION FOR USER: None
<192.168.9.22> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/user/.ansible/cp/be00dd5395 192.168.9.22 '/bin/sh -c '"'"'rm -f -r /home/user/.ansible/tmp/ansible-tmp-1528224540.4225562-47865757921408/ > /dev/null 2>&1 && sleep 0'"'"''
<192.168.9.22> (0, b'', b'')
The full traceback is:
File "/tmp/ansible_RDFb3C/ansible_module_apt.py", line 991, in main
cache.update()
File "/usr/lib/python2.7/dist-packages/apt/cache.py", line 464, in update
raise FetchFailedException(e)
failed: [192.168.9.22] (item=['sudo', 'build-essential', 'python-dev', 'python3-dev', 'openjdk-8-jdk', 'git', 'libssl-dev', 'libsqlite3-dev', 'zlib1g-dev', 'bzip2', 'libreadline-dev', 'vim', 'rsync', 'apt-transport-https', 'vsftpd', 'ftp', 'tmux', 'postgresql', 'postgresql-client', 'libpq-dev', 'python-psycopg2', 'ntp', 'r-base']) => {
"changed": false,
"invocation": {
"module_args": {
"allow_unauthenticated": true,
"autoclean": false,
"autoremove": false,
"cache_valid_time": 0,
"deb": null,
"default_release": null,
"dpkg_options": "force-confdef,force-confold",
"force": false,
"force_apt_get": false,
"install_recommends": null,
"name": [
"sudo",
"build-essential",
"python-dev",
"python3-dev",
"openjdk-8-jdk",
"git",
"libssl-dev",
"libsqlite3-dev",
"zlib1g-dev",
"bzip2",
"libreadline-dev",
"vim",
"rsync",
"apt-transport-https",
"vsftpd",
"ftp",
"tmux",
"postgresql",
"postgresql-client",
"libpq-dev",
"python-psycopg2",
"ntp",
"r-base"
],
"only_upgrade": false,
"package": [
"sudo",
"build-essential",
"python-dev",
"python3-dev",
"openjdk-8-jdk",
"git",
"libssl-dev",
"libsqlite3-dev",
"zlib1g-dev",
"bzip2",
"libreadline-dev",
"vim",
"rsync",
"apt-transport-https",
"vsftpd",
"ftp",
"tmux",
"postgresql",
"postgresql-client",
"libpq-dev",
"python-psycopg2",
"ntp",
"r-base"
],
"purge": false,
"state": "latest",
"update_cache": true,
"upgrade": null
}
},
"item": [
"sudo",
"build-essential",
"python-dev",
"python3-dev",
"openjdk-8-jdk",
"git",
"libssl-dev",
"libsqlite3-dev",
"zlib1g-dev",
"bzip2",
"libreadline-dev",
"vim",
"rsync",
"apt-transport-https",
"vsftpd",
"ftp",
"tmux",
"postgresql",
"postgresql-client",
"libpq-dev",
"python-psycopg2",
"ntp",
"r-base"
],
"msg": "Failed to update apt cache: W:GPG error: http://archive.cloudera.com/cdh5/debian/jessie/amd64/cdh jessie-cdh5 InRelease: The following signatures were invalid: F36A89E33CC1BD0F71079007327574EE02A818DD, E:The repository 'http://archive.cloudera.com/cdh5/debian/jessie/amd64/cdh jessie-cdh5 InRelease' is not signed."
}
共有1个答案
苗烈
将apt命令粘贴在bash脚本中,并使用脚本模块执行它们。
类似资料:
-
我希望用同一行中其他列的相关值更新列。我正在更新的列是唯一的,如果执行此操作,我有时会出现重复的键错误。我希望忽略这些错误,只更新其中一条记录,忽略其他记录。 我的查询如下所示: 现在,在Fname和Lname两行匹配的情况下,我只希望更新第一个记录Coolname。 谢谢(MS SQL Server)
-
问题内容: 我正在使用Python 在mysql中运行查询 运行查询后,我想知道该行的主键。我知道有查询 但是我不确定它是否可以与插入忽略一起使用 做这个的最好方式是什么? 问题答案: 文档的说: 如果使用INSERT IGNORE并且忽略该行,则AUTO_INCREMENT计数器不会增加,并且LAST_INSERT_ID()返回0,这表明没有插入行。 知道了这一点,您可以将其分为多个步骤: 插入
-
我在更新和获取键/值时使用ServiceStack Redis的AcquireLock方法,如下所示: 我扩展了AcqurieLock方法,以接受锁密钥过期时的额外参数。所以我想知道我是否需要AcquireLock?我的类在每个操作中都使用AcquireLock,比如Get 但是这种方法并不是每次都有效。例如,如果锁中的操作抛出异常,那么密钥将保持锁定状态。对于这种情况,我已将DefaultLoc
-
我目前使用JOOQ的可更新记录如下模式插入: 在,我希望使用数据库中的值更新,例如,如果表具有自动递增的列,将返回其值。 如果列具有唯一约束,则当违反该约束时,将抛出。我的问题是可以告诉JOOQ不要抛出异常,但仍然用现有的值更新记录吗?
-
我正在导入一个相当大的数据库。文件中几乎有1,000,000行。问题是我在尝试导入数据库时遇到语法错误。上面写着: 第8428420行错误1064(42000):您的SQL语法中有错误;检查与您的MySQL server版本相对应的手册,以获得在“ 致命错误:中超过600秒的最大执行时间”附近使用的正确语法 通常我会打开.sql文件并修复错误。但我的电脑真的很难打开这个文件。 在导入MySQL数据