Ansible 加载 epel 和 yum 更新答案

【问题标题】：Ansible load epel and yum updateAnsible 加载 epel 和 yum 更新
【发布时间】：2020-05-30 05:52:40
【问题描述】：

尝试添加 epel，然后在 amazon-linux-2 服务器上通过 ansible 进行 yum 更新。我使用的 URL 基于：https://aws.amazon.com/premiumsupport/knowledge-center/ec2-enable-epel/

我的 ansible 脚本是：

---
- hosts: all
  remote_user: cloud_user

  tasks:

  - name: 01 add epel
    yum_repository:
      name: epel
      description: EPEL YUM repo
      baseurl: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
    become: yes

  - name: 02 yum update 
    yum: name=* state=latest
    become: yes

我的错误是在任务 02 上（任务 01 有“更改”通知）：

     FAILED! => {"changed": false, "msg": "https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm/repodata/repomd.xml: 
[Errno 14] HTTPS Error 404 - Not Found\nTrying other mirror.\n\n\n One of the configured repositories failed (EPEL YUM repo),\n and yum doesn't have enough cached data to continue. At this point the only\n safe thing yum can do is fail. There are a few ways to work \"fix\" this:\n\n     
1. Contact the upstream for the repository and get them to fix the problem.\n\n     
2. Reconfigure the baseurl/etc. for the repository, to point to a working\n        upstream. This is most often useful if you are using a newer\n        distribution release than is supported by the repository (and the\n        packages for the previous distribution release still work).\n\n     
3. Run the command with the repository temporarily disabled\n            yum --disablerepo=epel ...\n\n     
4. Disable the repository permanently, so yum won't use it by default. Yum\n        
will then just ignore the repository until you permanently enable it\n        again or use --enablerepo for temporary usage:\n\n            
yum-config-manager --disable epel\n        
or\n            
subscription-manager repos --disable=epel\n\n     
5. Configure the failing repository to be skipped, if it is unavailable.\n        Note that yum will try to contact the repo. when it runs most commands,\n        
so will have to try and fail each time (and thus. yum will be be much\n        
slower). If it is a very temporary problem though, this is often a nice\n        
compromise:\n\n            yum-config-manager --save --setopt=epel.skip_if_unavailable=true\n\nfailure: repodata/repomd.xml from epel:
 [Errno 256] No more mirrors to try.\nhttps://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm/repodata/repomd.xml: 
[Errno 14] HTTPS Error 404 - Not Found\n", "rc": 1, "results": []}

任何指导或帮助都会很棒。

【问题讨论】：

标签： ansible amazon-linux-2 epel

【解决方案1】：

https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm 不是 yum 仓库，它是一个 yum 包。

正如您在链接的文档中看到的那样，他们做了一个yum install：

sudo yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

然后他们通过命令yum-config-manager启用它

sudo yum-config-manager --enable epel

另一方面，https://dl.fedoraproject.org/pub/epel/$releasever/$basearch/ 是一个 yum 存储库 URL。

所以你的第一个任务应该是

- name: 01 add epel
    yum_repository:
      name: epel
      description: EPEL YUM repo
      baseurl: https://dl.fedoraproject.org/pub/epel/$releasever/$basearch/
    become: yes

你的错误实际上表明了它：

https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm/repodata/repomd.xml

看看它是如何尝试获取文件夹 repodata 和文件 repomd.xml 的？

现在，如果您浏览 https://dl.fedoraproject.org/pub/epel/ 并在文件夹 7 下查看，然后在任何子文件夹下，您将找到确切的 repodata 文件夹和确切的 repomd.xml 文件。

注意：有关变量 $releasever 和 $basearch 的额外信息可以找到：following this link

此外，由于您的知识文章指导您使用版本 7（请参阅 epel-release-latest-7.noarch.rpm 中的 7），您可以做的是将其作为属性传递给您的 yum 任务。

- name: 02 yum update 
  yum: 
    name: '*' 
    state: latest
    releasever: 7
  become: yes

注意：我还更改了您的语法，我会说在同一个 playbook 中混合使用 attribute=value 和 YAML 语法是个坏主意。

【讨论】：

嗨，谢谢，已更新到您的示例，但在第 2 步中仍然出现相同的错误。:(，它如何知道 $release 和 $basearch 的变量？"changed": false, "msg ": "dl.fedoraproject.org/pub/epel/2/x86_64/repodata/repomd.xml: [Errno 14] HTTPS 错误 404 - 未找到\n正在尝试其他镜像。\n\n\n 配置的存储库之一失败（EPEL YUM 存储库）
你不知道他们，保持原样，ansible会关心那些（也看看文档中的例子：docs.ansible.com/ansible/latest/modules/…）
你也可以看看access.redhat.com/documentation/en-us/red_hat_enterprise_linux/…
如果您确实想要使用特定版本的 repo，您可以在您的 yum 任务中添加属性 releasever。查看答案的更新版本。
谢谢，将阅读，仍然无法运行。我刚刚尝试迁移到 geerlingguy epel-repo，但它也因错误失败而超时！ => {"attempts": 5, "changed": false, "msg": "Failure loading dl.fedoraproject.org/pub/epel/epel-release-latest-2.noarch.rpm, HTTP Error 404: Not Found"} 如果我运行下面的它就可以了！ sudo wget -r --no-parent -A 'epel-release-.rpm' dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e sudo rpm-Uvh dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release -.rpm sudo yum-config-manager --enable epel* 就可以了

【解决方案2】：

要安装 EPEL，只需从基础 repo 安装 epel-release 包就足够了。此外，考虑到建议尽可能不要使用 shell 或 command 模块，我们可以通过直接更新其配置文件来启用 repo。所以我建议如下：

- name: Install EPEL repository
  yum:
    name: epel-release
    state: present

- name: Ensure EPEL repo is enabled
  ini_file:
    dest: /etc/yum.repos.d/epel.repo
    section: epel
    option: enabled
    value: '1'

- name: Conduct yum update 
  yum: 
    name: * 
    state: latest
    become: True
    update_cache: True

【讨论】：

【解决方案3】：

感谢所有输入。不确定它是否是 amazon-linux-2 的东西，但我唯一的工作是使用银河角色，代码如下：

  roles:
    - role: geerlingguy.repo-epel
      vars:
        epel_repo_url: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm"
        epel_repo_gpg_key_url: "/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7"
      become: yes

【讨论】：