中添加ansible_ssh_common_args我想要使用ansible_ssh_common_args的ProxyCommand跳轉/ SSH Bastion Host。 ansible服務器:10.10.149.2 網關/堡壘主機:10.10.149.70 主機連接:10.32.32.190 所以我的目標是從10.10.149.2槽10.10.149.70(SSH隧道)是否有可能在清單文件
連接10.32.32.190 ansible --version ansible 2.1.0.0
我盤點:
[local]
10.10.149.2
[Private]
10.32.32.190
[Private:vars]
ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q [email protected]"'
pingtest.yml:
---
- hosts: Private
tasks:
- name: test connection
ping:
register: ping1
- debug: var=ping1
面臨的問題:
fatal: [10.32.32.190]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh.", "unreachable": true}
所以我懷疑ansible_ssh_common_args庫存file.i支持不希望使用ssh.config文件。
日誌:
[[email protected] ansible]# ansible-playbook -i inventory pingtest.yml -e "user=root" --ask-pass -vvvv
Using /etc/ansible/ansible.cfg as config file
SSH password:
Loaded callback default of type stdout, v2.0
PLAYBOOK: pingtest.yml *********************************************************
1 plays in pingtest.yml
PLAY [Private] *****************************************************************
TASK [setup] *******************************************************************
<10.32.32.190> ESTABLISH SSH CONNECTION FOR USER: None
<10.32.32.190> SSH: EXEC sshpass -d12 ssh -C -vvv -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r 10.32.32.190 '/bin/sh -c '"'"'(umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1469788026.71-124524328003439 `" && echo ansible-tmp-1469788026.71-124524328003439="` echo $HOME/.ansible/tmp/ansible-tmp-1469788026.71-124524328003439 `") && sleep 0'"'"''
fatal: [10.32.32.190]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh.", "unreachable": true}
to retry, use: --limit @pingtest.retry
PLAY RECAP *********************************************************************
10.32.32.190 : ok=0 changed=0 unreachable=1 failed=0
請檢查'用於特定的ssh錯誤-vvvv'輸出。 'ansible_ssh_common_args'應該在庫存中正常工作。我在./group_vars/all.yml中使用它沒有問題。 –
任務[設置] ********************************************* ********************** <10.32.32.183>爲用戶建立SSH連接:無 – samir
'[Private.vars]中存在拼寫錯誤'Private:vars' –