I just try to use set_fact,but only one one host: 47.108.234.26 get the token value,the other master node : 47.108.213.148 dont get it --- - hosts: master gather_facts: no tasks: - name: register hash shell: "openssl x509 -in /etc/kubernetes/pki/ca.crt -noout -pubkey | openssl rsa -pubin -outform DER 2>/dev/null | sha256sum | cut -d' ' -f1" register: kubeadm_hash #when: inventory_hostname == groups['master']|first
- name: register token shell: kubeadm token list |grep forever|awk '{print $1}' register: kubeadm_token #when: inventory_hostname == groups['master']|first - name: Set facts set_fact: new_token: "{{kubeadm_token.stdout}}" new_hash: "{{kubeadm_hash.stdout}}" - name: add master node shell: kubeadm join --control-plane {{ groups['master'][0] }}:6443 --token {{ new_token }} --discovery-token-ca-cert-hash sha256:{{ new_hash }} when: inventory_hostname != groups['master']|first the results is : TASK [add master node] ****************************************************************************************************************************************************** skipping: [47.108.222.84] fatal: [47.108.213.148]: FAILED! => {"changed": true, "cmd": "kubeadm join --control-plane 47.108.222.84:6443 --token --discovery-token-ca-cert-hash sha256:af040f8e06e320e264a79f62b677b3267f4b681d869408658bdd121fa568216c", "delta": "0:00:00.046088", "end": "2021-01-20 15:45:04.843444", "msg": "non-zero return code", "rc": 1, "start": "2021-01-20 15:45:04.797356", "stderr": "accepts at most 1 arg(s), received 2\nTo see the stack trace of this error execute with --v=5 or higher", "stderr_lines": ["accepts at most 1 arg(s), received 2", "To see the stack trace of this error execute with --v=5 or higher"], "stdout": "", "stdout_lines": []} fatal: [47.108.234.26]: FAILED! => {"changed": true, "cmd": "kubeadm join --control-plane 47.108.222.84:6443 --token otnb1h.cvagwwe7tgdvzbtx --discovery-token-ca-cert-hash sha256:af040f8e06e320e264a79f62b677b3267f4b681d869408658bdd121fa568216c", "delta": "0:00:00.332618", "end": "2021-01-20 15:45:05.120137", "msg": "non-zero return code", "rc": 1, "start": "2021-01-20 15:45:04.787519", "stderr": "\t[WARNING IsDockerSystemdCheck]: detected \"cgroupfs\" as the Docker cgroup driver. The recommended driver is \"systemd\". Please follow the guide at https://kubernetes.io/docs/setup/cri/\nerror execution phase preflight: [preflight] Some fatal errors occurred:\n\t[ERROR DirAvailable--etc-kubernetes-manifests]: /etc/kubernetes/manifests is not empty\n\t[ERROR FileAvailable--etc-kubernetes-kubelet.conf]: /etc/kubernetes/kubelet.conf already exists\n\t[ERROR Port-10250]: Port 10250 is in use\n[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`\nTo see the stack trace of this error execute with --v=5 or higher", "stderr_lines": ["\t[WARNING IsDockerSystemdCheck]: detected \"cgroupfs\" as the Docker cgroup driver. The recommended driver is \"systemd\". Please follow the guide at https://kubernetes.io/docs/setup/cri/", "error execution phase preflight: [preflight] Some fatal errors occurred:", "\t[ERROR DirAvailable--etc-kubernetes-manifests]: /etc/kubernetes/manifests is not empty", "\t[ERROR FileAvailable--etc-kubernetes-kubelet.conf]: /etc/kubernetes/kubelet.conf already exists", "\t[ERROR Port-10250]: Port 10250 is in use", "[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`", "To see the stack trace of this error execute with --v=5 or higher"], "stdout": "[preflight] Running pre-flight checks", "stdout_lines": ["[preflight] Running pre-flight checks"]} 在2021年1月20日星期三 UTC+8 下午3:53:15<liyo...@126.com> 写道: > yes,I want only get one host in member of group ‘master’,how to write it ? > [root@localhost ~]# cat /etc/ansible/hosts > [master] > 47.108.222.84 > 47.108.234.26 > 47.108.213.148 > > only use "47.108.222.84" to do shell command > > 在2021年1月20日星期三 UTC+8 下午3:47:31<jyle...@gmail.com> 写道: > >> I'm wrong.... it's not hostvars['master'], because master is not the name >> of your first host in group master >> >> >> Le 20/01/2021 à 08:33, Jean-Yves LENHOF a écrit : >> >> You're looking for something like this I think (not tested) : >> >> - name: add master node >> shell: "kubeadm join {{ groups['master']|first }}:6443 --token >> {{hostvars['master']['kubeadm_token'].stdout}} >> --discovery-token-ca-cert-hash >> sha256:{{hostvars['master']['kubeadm_hash'].stdout}} --control-plane" >> when: inventory_hostname != groups['master']|first >> >> Please be careful using special hostvars variable, there's no control in >> this array if the variable exist, etc... so use with caution >> >> Regards, >> >> JYL >> >> Le 20/01/2021 à 08:17, liyo...@126.com a écrit : >> >> I know,but I want get the token in A host,use it in other hosts,how to do >> it ? >> >> 在2021年1月20日星期三 UTC+8 下午2:31:36<dick....@geant.org> 写道: >> >>> Hii >>> >>> You're registering a variable for one host (47.108.222.84) but then try >>> to use it for another (47.108.213.148). >>> >>> I'm have no experience with kubeadm but I think your logic wrt host >>> selection should be improved, so that you can reliably pick the variable >>> from a stable group name, instead of "the last item". >>> >>> >>> On Wed, 20 Jan 2021 at 05:26, liyo...@126.com <liyo...@126.com> wrote: >>> >>>> when I edit a playbook test.yml: >>>> >>>> --- >>>> - hosts: master >>>> gather_facts: no >>>> tasks: >>>> - name: register hash >>>> shell: "openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | >>>> openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | >>>> sed 's/^ .* //'|cut -d' ' -f 2" >>>> register: kubeadm_hash >>>> when: inventory_hostname == groups['master']|first >>>> >>>> - name: display hash >>>> debug: msg="{{kubeadm_hash.stdout}}" >>>> when: inventory_hostname == groups['master']|first >>>> >>>> - name: register token >>>> shell: kubeadm token list |grep forever|awk '{print $1}' >>>> register: kubeadm_token >>>> when: inventory_hostname == groups['master']|first >>>> >>>> - name: display token >>>> debug: msg="{{kubeadm_token.stdout}}" >>>> when: inventory_hostname == groups['master']|first >>>> >>>> - name: add master node >>>> shell: "kubeadm join {{ groups['master'][0] }}:6443 --token >>>> {{kubeadm_token.stdout}} --discovery-token-ca-cert-hash >>>> sha256:{{kubeadm_hash.stdout}} --control-plane" >>>> when: inventory_hostname != groups['master']|first >>>> >>>> >>>> the results is below: >>>> PLAY [master] >>>> *************************************************************************************************************************************************************** >>>> >>>> TASK [register hash] >>>> ******************************************************************************************************************************************************** >>>> skipping: [47.108.234.26] >>>> skipping: [47.108.213.148] >>>> changed: [47.108.222.84] >>>> >>>> TASK [display hash] >>>> ********************************************************************************************************************************************************* >>>> ok: [47.108.222.84] => { >>>> "msg": >>>> "af040f8e06e320e264a79f62b677b3267f4b681d869408658bdd121fa568216c" >>>> } >>>> skipping: [47.108.213.148] >>>> skipping: [47.108.234.26] >>>> >>>> TASK [register token] >>>> ******************************************************************************************************************************************************* >>>> skipping: [47.108.234.26] >>>> skipping: [47.108.213.148] >>>> changed: [47.108.222.84] >>>> >>>> TASK [display token] >>>> ******************************************************************************************************************************************************** >>>> ok: [47.108.222.84] => { >>>> "msg": "otnb1h.cvagwwe7tgdvzbtx" >>>> } >>>> skipping: [47.108.234.26] >>>> skipping: [47.108.213.148] >>>> >>>> TASK [add master node] >>>> ****************************************************************************************************************************************************** >>>> skipping: [47.108.222.84] >>>> fatal: [47.108.234.26]: FAILED! => {"msg": "The task includes an option >>>> with an undefined variable. The error was: 'dict object' has no attribute >>>> 'stdout'\n\nThe error appears to be in '/root/test.yml': line 23, column >>>> 7, >>>> but may\nbe elsewhere in the file depending on the exact syntax >>>> problem.\n\nThe offending line appears to be:\n\n\n - name: add master >>>> node\n ^ here\n"} >>>> fatal: [47.108.213.148]: FAILED! => {"msg": "The task includes an >>>> option with an undefined variable. The error was: 'dict object' has no >>>> attribute 'stdout'\n\nThe error appears to be in '/root/test.yml': line >>>> 23, >>>> column 7, but may\nbe elsewhere in the file depending on the exact syntax >>>> problem.\n\nThe offending line appears to be:\n\n\n - name: add master >>>> node\n ^ here\n"} >>>> >>>> PLAY RECAP >>>> ****************************************************************************************************************************************************************** >>>> 47.108.213.148 : ok=0 changed=0 unreachable=0 >>>> failed=1 skipped=4 rescued=0 ignored=0 >>>> 47.108.222.84 : ok=4 changed=2 unreachable=0 >>>> failed=0 skipped=1 rescued=0 ignored=0 >>>> 47.108.234.26 : ok=0 changed=0 unreachable=0 >>>> failed=1 skipped=4 rescued=0 ignored=0 >>>> >>>> how to use it ? >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Ansible Project" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to ansible-proje...@googlegroups.com. >>>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/ansible-project/21ca354e-a0ed-4d10-9d01-8f48f170d22cn%40googlegroups.com >>>> >>>> <https://groups.google.com/d/msgid/ansible-project/21ca354e-a0ed-4d10-9d01-8f48f170d22cn%40googlegroups.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- >>> Sent from a mobile device - please excuse the brevity, spelling and >>> punctuation. >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to ansible-proje...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/647f4749-f97f-4522-a368-c95a25878790n%40googlegroups.com >> >> <https://groups.google.com/d/msgid/ansible-project/647f4749-f97f-4522-a368-c95a25878790n%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to ansible-proje...@googlegroups.com. >> >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/1ed8d8ac-3d8b-29cd-576b-a26fecb91ed7%40lenhof.eu.org >> >> <https://groups.google.com/d/msgid/ansible-project/1ed8d8ac-3d8b-29cd-576b-a26fecb91ed7%40lenhof.eu.org?utm_medium=email&utm_source=footer> >> . >> >> -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/09c4d4ba-09b6-4f6b-b20c-712c0f18d67bn%40googlegroups.com.