Ansible 抛出 "Failed to update apt cache: W:Updating from such a repository can't be done securely" 错误
Ansible throwing a "Failed to update apt cache: W:Updating from such a repository can't be done securely" Error
我是 Ansible 的新手,我正在尝试在 class.
的 EC2 实例 (Ubuntu 18.04) 上安装 kubectl
我有 运行 剧本,它运行良好,直到它遇到任务 4,然后抛出以下错误:
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to update apt cache: W:Updating from such a repository can't be done securely, and is therefore disabled by default., W:See apt-secure(8) manpage for repository creation and user configuration details., W:GPG error: https://packages.cloud.google.com/apt kubernetes-xenial InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY FEEA9169307EA071 NO_PUBKEY 8B57C5C2836F4BEB, E:The repository 'https://apt.kubernetes.io kubernetes-xenial InRelease' is not signed."}
现在,每当我再次尝试 运行 它时,它都会在任务 1 上抛出相同的错误。有人可以告诉我如何解决这个问题吗?
这是我编写的剧本,它基于我完成的使用 Ansible 安装 Docker 的练习以及给我的安装 kubectl 的命令:
- name: A playbook to install kubectl on a VM
hosts: localhost
user: ubuntu
become: yes
tasks:
- name: 1. Update APT Package Manager
apt:
update_cache: yes
- name: 2. Install dependency packages
apt:
name={{ item }}
with_items:
- apt-transport-https
- ca-certificates
- curl
- gnupg-agent
- software-properties-common
- name: 3. Get APT Key
shell:
cmd: curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
cmd: echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee -a /etc/apt/sources.list.d/kubernetes.list
- name: 4. Update Packages
apt:
update_cache: yes
- name: 5. Install Kubectl
apt:
update_cache: yes
name: kubectl
关于部分
- name: 3. Get APT Key
shell:
cmd: curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
cmd: echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee -a /etc/apt/sources.list.d/kubernetes.list
shell_module 只会执行第二个cmd。 Ansible只能传给模块其中一个参数,最后一个。
至download files from HTTPS to node you may use the get_url_module, followed by an apt_key_module task to add an apt key。
- name: Download apt key
get_url:
url: https://packages.cloud.google.com/apt/doc/apt-key.gpg
dest: /tmp # or /etc/pki/rpm-gpg depending on the infrastructure
- name: Add a key from a file
ansible.builtin.apt_key:
file: /tmp/apt-key.gpg
state: present
您也可以通过
添加
- name: Add an Apt signing key, uses whichever key is at the URL
ansible.builtin.apt_key:
url: https://packages.cloud.google.com/apt/doc/apt-key.gpg
state: present
我是 Ansible 的新手,我正在尝试在 class.
的 EC2 实例 (Ubuntu 18.04) 上安装 kubectl我有 运行 剧本,它运行良好,直到它遇到任务 4,然后抛出以下错误:
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to update apt cache: W:Updating from such a repository can't be done securely, and is therefore disabled by default., W:See apt-secure(8) manpage for repository creation and user configuration details., W:GPG error: https://packages.cloud.google.com/apt kubernetes-xenial InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY FEEA9169307EA071 NO_PUBKEY 8B57C5C2836F4BEB, E:The repository 'https://apt.kubernetes.io kubernetes-xenial InRelease' is not signed."}
现在,每当我再次尝试 运行 它时,它都会在任务 1 上抛出相同的错误。有人可以告诉我如何解决这个问题吗?
这是我编写的剧本,它基于我完成的使用 Ansible 安装 Docker 的练习以及给我的安装 kubectl 的命令:
- name: A playbook to install kubectl on a VM
hosts: localhost
user: ubuntu
become: yes
tasks:
- name: 1. Update APT Package Manager
apt:
update_cache: yes
- name: 2. Install dependency packages
apt:
name={{ item }}
with_items:
- apt-transport-https
- ca-certificates
- curl
- gnupg-agent
- software-properties-common
- name: 3. Get APT Key
shell:
cmd: curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
cmd: echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee -a /etc/apt/sources.list.d/kubernetes.list
- name: 4. Update Packages
apt:
update_cache: yes
- name: 5. Install Kubectl
apt:
update_cache: yes
name: kubectl
关于部分
- name: 3. Get APT Key
shell:
cmd: curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
cmd: echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee -a /etc/apt/sources.list.d/kubernetes.list
shell_module 只会执行第二个cmd。 Ansible只能传给模块其中一个参数,最后一个。
至download files from HTTPS to node you may use the get_url_module, followed by an apt_key_module task to add an apt key。
- name: Download apt key
get_url:
url: https://packages.cloud.google.com/apt/doc/apt-key.gpg
dest: /tmp # or /etc/pki/rpm-gpg depending on the infrastructure
- name: Add a key from a file
ansible.builtin.apt_key:
file: /tmp/apt-key.gpg
state: present
您也可以通过
添加- name: Add an Apt signing key, uses whichever key is at the URL
ansible.builtin.apt_key:
url: https://packages.cloud.google.com/apt/doc/apt-key.gpg
state: present