Managing multiple clusters using bastions

52 views
Skip to first unread message

Slim Slam

unread,
May 23, 2014, 2:11:50 PM5/23/14
to ansible...@googlegroups.com
Suppose your inventory file looks like the following.
You have three clusters of machines (clusterONE, clusterTWO, clusterTHREE). Each cluster has
a bastion host (bastionONE, bastionTWO, bastionTHREE) that you must SSH into in order to access other machines
in the cluster. 

What are you options as far as configuring Ansible and SSH to manage these three clusters? Is it possible
to keep all of the SSH configuration in source code control?

Sample inventory file:

[clusterONE]
bastionONE
158.235.223.213
198.107.146.229
176.13.38.205
175.254.141.60
85.59.14.45
176.20.118.235

[clusterTWO]
bastionTWO
c2mach1
c2mach2
c2mach3
187.77.198.80
4.120.171.38
186.236.248.11

[clusterTHREE]
bastionTHREE
24.2.218.10
60.167.213.218
148.182.176.91
34.67.66.210
102.47.60.38
182.26.160.12
85.174.57.108

============================


Michael DeHaan

unread,
May 25, 2014, 8:42:50 PM5/25/14
to ansible...@googlegroups.com
Ansible when using the openssh connection plugin (-c ssh, the default on everything but RHEL/CentOS) will use your ~/.ssh/config automatically, and follow any ProxyCommand directives you have setup therein.

This would be your best option.

To keep everything in source control, consider checking in an ansible.cfg that specifies the SSH config file in the SSH options section, and also check in that SSH config file.



--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/ecf0d8aa-3515-400c-b50b-faadc9a93089%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply all
Reply to author
Forward
0 new messages